1 /*
2 BAREOS® - Backup Archiving REcovery Open Sourced
3
4 Copyright (C) 2013-2013 Bareos GmbH & Co. KG
5
6 This program is Free Software; you can redistribute it and/or
7 modify it under the terms of version three of the GNU Affero General Public
8 License as published by the Free Software Foundation and included
9 in the file LICENSE.
10
11 This program is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Affero General Public License for more details.
15
16 You should have received a copy of the GNU Affero General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19 02110-1301, USA.
20 */
21 /*
22 * crypto_nss.c Encryption support functions when Mozilla NSS backend.
23 *
24 * Author: Marco van Wieringen <marco.van.wieringen@bareos.com>
25 */
26
27 #include "include/bareos.h"
28
29 #if defined(HAVE_NSS)
30
31 #if defined(HAVE_CRYPTO)
32
33 #include "jcr.h"
34 #include <assert.h>
35
36 /* Message Digest Structure */
37 struct Digest {
38 crypto_digest_t type;
39 JobControlRecord *jcr;
40 union {
41 SHA1_CTX sha1;
42 MD5_CTX md5;
43 };
44 };
45
46 /* Dummy Signature Structure */
47 struct Signature {
48 JobControlRecord *jcr;
49 };
50
crypto_digest_new(JobControlRecord * jcr,crypto_digest_t type)51 DIGEST *crypto_digest_new(JobControlRecord *jcr, crypto_digest_t type)
52 {
53 DIGEST *digest;
54
55 digest = (DIGEST *)malloc(sizeof(DIGEST));
56 digest->type = type;
57 digest->jcr = jcr;
58
59 switch (type) {
60 case CRYPTO_DIGEST_MD5:
61 MD5_Init(&digest->md5);
62 break;
63 case CRYPTO_DIGEST_SHA1:
64 SHA1Init(&digest->sha1);
65 break;
66 default:
67 Jmsg1(jcr, M_ERROR, 0, _("Unsupported digest type=%d specified\n"), type);
68 free(digest);
69 return NULL;
70 }
71
72 return (digest);
73 }
74
CryptoDigestUpdate(DIGEST * digest,const uint8_t * data,uint32_t length)75 bool CryptoDigestUpdate(DIGEST *digest, const uint8_t *data, uint32_t length)
76 {
77 switch (digest->type) {
78 case CRYPTO_DIGEST_MD5:
79 /* Doesn't return anything ... */
80 MD5_Update(&digest->md5, (unsigned char *) data, length);
81 return true;
82 case CRYPTO_DIGEST_SHA1:
83 /* Doesn't return anything ... */
84 SHA1Update(&digest->sha1, (const u_int8_t *) data, (unsigned int)length);
85 return true;
86 default:
87 return false;
88 }
89 }
90
CryptoDigestFinalize(DIGEST * digest,uint8_t * dest,uint32_t * length)91 bool CryptoDigestFinalize(DIGEST *digest, uint8_t *dest, uint32_t *length)
92 {
93 switch (digest->type) {
94 case CRYPTO_DIGEST_MD5:
95 /* Guard against programmer error by either the API client or
96 * an out-of-sync CRYPTO_DIGEST_MAX_SIZE */
97 assert(*length >= CRYPTO_DIGEST_MD5_SIZE);
98 *length = CRYPTO_DIGEST_MD5_SIZE;
99 /* Doesn't return anything ... */
100 MD5_Final((unsigned char *)dest, &digest->md5);
101 return true;
102 case CRYPTO_DIGEST_SHA1:
103 /* Guard against programmer error by either the API client or
104 * an out-of-sync CRYPTO_DIGEST_MAX_SIZE */
105 assert(*length >= CRYPTO_DIGEST_SHA1_SIZE);
106 *length = CRYPTO_DIGEST_SHA1_SIZE;
107 SHA1Final((u_int8_t *) dest, &digest->sha1);
108 return true;
109 default:
110 return false;
111 }
112
113 return false;
114 }
115
CryptoDigestFree(DIGEST * digest)116 void CryptoDigestFree(DIGEST *digest)
117 {
118 free(digest);
119 }
120
crypto_sign_new(JobControlRecord * jcr)121 SIGNATURE *crypto_sign_new(JobControlRecord *jcr)
122 {
123 return NULL;
124 }
125
CryptoSignGetDigest(SIGNATURE * sig,X509_KEYPAIR * keypair,crypto_digest_t & type,DIGEST ** digest)126 crypto_error_t CryptoSignGetDigest(SIGNATURE *sig, X509_KEYPAIR *keypair,
127 crypto_digest_t &type, DIGEST **digest)
128 {
129 return CRYPTO_ERROR_INTERNAL;
130 }
131
CryptoSignVerify(SIGNATURE * sig,X509_KEYPAIR * keypair,DIGEST * digest)132 crypto_error_t CryptoSignVerify(SIGNATURE *sig, X509_KEYPAIR *keypair, DIGEST *digest)
133 {
134 return CRYPTO_ERROR_INTERNAL;
135 }
136
CryptoSignAddSigner(SIGNATURE * sig,DIGEST * digest,X509_KEYPAIR * keypair)137 int CryptoSignAddSigner(SIGNATURE *sig, DIGEST *digest, X509_KEYPAIR *keypair)
138 {
139 return false;
140 }
141
CryptoSignEncode(SIGNATURE * sig,uint8_t * dest,uint32_t * length)142 int CryptoSignEncode(SIGNATURE *sig, uint8_t *dest, uint32_t *length)
143 {
144 return false;
145 }
146
crypto_sign_decode(JobControlRecord * jcr,const uint8_t * sigData,uint32_t length)147 SIGNATURE *crypto_sign_decode(JobControlRecord *jcr, const uint8_t *sigData, uint32_t length)
148 {
149 return NULL;
150 }
151
CryptoSignFree(SIGNATURE * sig)152 void CryptoSignFree(SIGNATURE *sig)
153 {
154 }
155
crypto_keypair_new(void)156 X509_KEYPAIR *crypto_keypair_new(void)
157 {
158 return NULL;
159 }
160
crypto_keypair_dup(X509_KEYPAIR * keypair)161 X509_KEYPAIR *crypto_keypair_dup(X509_KEYPAIR *keypair)
162 {
163 return NULL;
164 }
165
CryptoKeypairLoadCert(X509_KEYPAIR * keypair,const char * file)166 int CryptoKeypairLoadCert(X509_KEYPAIR *keypair, const char *file)
167 {
168 return false;
169 }
170
CryptoKeypairHasKey(const char * file)171 bool CryptoKeypairHasKey(const char *file)
172 {
173 return false;
174 }
175
CryptoKeypairLoadKey(X509_KEYPAIR * keypair,const char * file,CRYPTO_PEM_PASSWD_CB * pem_callback,const void * pem_userdata)176 int CryptoKeypairLoadKey(X509_KEYPAIR *keypair, const char *file, CRYPTO_PEM_PASSWD_CB *pem_callback, const void *pem_userdata)
177 {
178 return false;
179 }
180
CryptoKeypairFree(X509_KEYPAIR * keypair)181 void CryptoKeypairFree(X509_KEYPAIR *keypair)
182 {
183 }
184
crypto_session_new(crypto_cipher_t cipher,alist * pubkeys)185 CRYPTO_SESSION *crypto_session_new(crypto_cipher_t cipher, alist *pubkeys)
186 {
187 return NULL;
188 }
189
CryptoSessionFree(CRYPTO_SESSION * cs)190 void CryptoSessionFree(CRYPTO_SESSION *cs)
191 {
192 }
193
CryptoSessionEncode(CRYPTO_SESSION * cs,uint8_t * dest,uint32_t * length)194 bool CryptoSessionEncode(CRYPTO_SESSION *cs, uint8_t *dest, uint32_t *length)
195 {
196 return false;
197 }
198
CryptoSessionDecode(const uint8_t * data,uint32_t length,alist * keypairs,CRYPTO_SESSION ** session)199 crypto_error_t CryptoSessionDecode(const uint8_t *data, uint32_t length, alist *keypairs, CRYPTO_SESSION **session)
200 {
201 return CRYPTO_ERROR_INTERNAL;
202 }
203
crypto_cipher_new(CRYPTO_SESSION * cs,bool encrypt,uint32_t * blocksize)204 CIPHER_CONTEXT *crypto_cipher_new(CRYPTO_SESSION *cs, bool encrypt, uint32_t *blocksize)
205 {
206 return NULL;
207 }
208
CryptoCipherUpdate(CIPHER_CONTEXT * cipher_ctx,const uint8_t * data,uint32_t length,const uint8_t * dest,uint32_t * written)209 bool CryptoCipherUpdate(CIPHER_CONTEXT *cipher_ctx, const uint8_t *data, uint32_t length, const uint8_t *dest, uint32_t *written)
210 {
211 return false;
212 }
213
CryptoCipherFinalize(CIPHER_CONTEXT * cipher_ctx,uint8_t * dest,uint32_t * written)214 bool CryptoCipherFinalize(CIPHER_CONTEXT *cipher_ctx, uint8_t *dest, uint32_t *written)
215 {
216 return false;
217 }
218
CryptoCipherFree(CIPHER_CONTEXT * cipher_ctx)219 void CryptoCipherFree(CIPHER_CONTEXT *cipher_ctx)
220 {
221 }
222
crypto_digest_name(DIGEST * digest)223 const char *crypto_digest_name(DIGEST *digest)
224 {
225 return crypto_digest_name(digest->type);
226 }
227 #endif /* HAVE_CRYPTO */
228
InitCrypto(void)229 int InitCrypto(void)
230 {
231 return 0;
232 }
233
CleanupCrypto(void)234 int CleanupCrypto(void)
235 {
236 return 0;
237 }
238 #endif /* HAVE_NSS */
239