userver: crypto Namespace Reference
Loading...
Searching...
No Matches
Namespaces | Classes | Typedefs | Enumerations | Functions
crypto Namespace Reference

Detailed Description

Cryptography support.

Namespaces

namespace  algorithm
 Miscellaneous cryptographic routines.
 
namespace  base64
 Cryptographic hashing.
 
namespace  hash
 Cryptographic hashing.
 

Classes

class  Certificate
 
class  CmsSigner
 
class  CmsVerifier
 
class  CryptoException
 Base exception. More...
 
class  DsaSigner
 Generic signer for asymmetric cryptography. More...
 
class  DsaVerifier
 Generic verifier for asymmetric cryptography. More...
 
class  HmacShaSigner
 HMAC-SHA signer. More...
 
class  HmacShaVerifier
 HMAC-SHA verifier. More...
 
class  KeyParseError
 Signing key parse error. More...
 
class  NamedAlgo
 Base class for a crypto algorithm implementation. More...
 
class  Openssl
 Class to initialize OpenSSL with mutexes. More...
 
class  PrivateKey
 
class  PublicKey
 
class  SerializationError
 Serialization error. More...
 
class  Signer
 Base signer class. More...
 
class  SignerNone
 "none" algorithm signer More...
 
class  SignError
 Signature generation error. More...
 
class  VerificationError
 Signature verification error. More...
 
class  Verifier
 Base verifier class. More...
 
class  VerifierNone
 "none" algorithm verifier More...
 

Typedefs

using CertificatesChain = std::list<Certificate>
 
Outputs HMAC SHA MAC.
using SignerHs1 = HmacShaSigner<DigestSize::k160>
 
using SignerHs256 = HmacShaSigner<DigestSize::k256>
 
using SignerHs384 = HmacShaSigner<DigestSize::k384>
 
using SignerHs512 = HmacShaSigner<DigestSize::k512>
 
Outputs RSASSA signature using SHA-2 and PKCS1 padding.
using SignerRs256 = DsaSigner<DsaType::kRsa, DigestSize::k256>
 
using SignerRs384 = DsaSigner<DsaType::kRsa, DigestSize::k384>
 
using SignerRs512 = DsaSigner<DsaType::kRsa, DigestSize::k512>
 
Outputs ECDSA as per RFC7518.

OpenSSL generates ECDSA signatures in ASN.1/DER format, RFC7518 specifies signature as a concatenation of zero-padded big-endian (R, S) values.

using SignerEs256 = DsaSigner<DsaType::kEc, DigestSize::k256>
 
using SignerEs384 = DsaSigner<DsaType::kEc, DigestSize::k384>
 
using SignerEs512 = DsaSigner<DsaType::kEc, DigestSize::k512>
 
Outputs RSASSA signature using SHA-2 and PSS padding as per RFC7518.

JWA specifications require using MGF1 function with the same hash function as for the digest and salt length to be the same size as the hash output.

using SignerPs256 = DsaSigner<DsaType::kRsaPss, DigestSize::k256>
 
using SignerPs384 = DsaSigner<DsaType::kRsaPss, DigestSize::k384>
 
using SignerPs512 = DsaSigner<DsaType::kRsaPss, DigestSize::k512>
 
Verifies HMAC SHA MAC.
using VerifierHs1 = HmacShaVerifier<DigestSize::k160>
 
using VerifierHs256 = HmacShaVerifier<DigestSize::k256>
 
using VerifierHs384 = HmacShaVerifier<DigestSize::k384>
 
using VerifierHs512 = HmacShaVerifier<DigestSize::k512>
 
Verifies RSASSA signature using SHA-2 and PKCS1 padding.
using VerifierRs256 = DsaVerifier<DsaType::kRsa, DigestSize::k256>
 
using VerifierRs384 = DsaVerifier<DsaType::kRsa, DigestSize::k384>
 
using VerifierRs512 = DsaVerifier<DsaType::kRsa, DigestSize::k512>
 
Verifies ECDSA as per RFC7518.

OpenSSL generates ECDSA signatures in ASN.1/DER format, RFC7518 specifies signature as a concatenation of zero-padded big-endian (R, S) values.

using VerifierEs256 = DsaVerifier<DsaType::kEc, DigestSize::k256>
 
using VerifierEs384 = DsaVerifier<DsaType::kEc, DigestSize::k384>
 
using VerifierEs512 = DsaVerifier<DsaType::kEc, DigestSize::k512>
 
Verifies RSASSA signature using SHA-2 and PSS padding as per RFC7518.

JWA specifications require using MGF1 function with the same hash function as for the digest and salt length to be the same size as the hash output.

using VerifierPs256 = DsaVerifier<DsaType::kRsaPss, DigestSize::k256>
 
using VerifierPs384 = DsaVerifier<DsaType::kRsaPss, DigestSize::k384>
 
using VerifierPs512 = DsaVerifier<DsaType::kRsaPss, DigestSize::k512>
 

Enumerations

enum class  DigestSize {
  k160 ,
  k256 ,
  k384 ,
  k512
}
 SHA digest size in bits. More...
 
enum class  DsaType {
  kRsa ,
  kEc ,
  kRsaPss
}
 Digital signature type. More...
 

Functions

CertificatesChain LoadCertificatesChainFromString (std::string_view chain)
 
void GenerateRandomBlock (utils::span< char > buffer)
 Generate a block of randomness using a cryptographically secure RNG.
 
template<typename T>
void GenerateRandomBlock (utils::span< T > buffer)
 This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts.
 
std::string GenerateRandomBlock (std::size_t size)
 This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts.
 

Typedef Documentation

◆ CertificatesChain

using crypto::CertificatesChain = std::list<Certificate>

Definition at line 51 of file certificate.hpp.

◆ SignerEs256

using crypto::SignerEs256 = DsaSigner<DsaType::kEc, DigestSize::k256>

Definition at line 96 of file signers.hpp.

◆ SignerEs384

using crypto::SignerEs384 = DsaSigner<DsaType::kEc, DigestSize::k384>

Definition at line 97 of file signers.hpp.

◆ SignerEs512

using crypto::SignerEs512 = DsaSigner<DsaType::kEc, DigestSize::k512>

Definition at line 98 of file signers.hpp.

◆ SignerHs1

using crypto::SignerHs1 = HmacShaSigner<DigestSize::k160>

Definition at line 59 of file signers.hpp.

◆ SignerHs256

using crypto::SignerHs256 = HmacShaSigner<DigestSize::k256>

Definition at line 60 of file signers.hpp.

◆ SignerHs384

using crypto::SignerHs384 = HmacShaSigner<DigestSize::k384>

Definition at line 61 of file signers.hpp.

◆ SignerHs512

using crypto::SignerHs512 = HmacShaSigner<DigestSize::k512>

Definition at line 62 of file signers.hpp.

◆ SignerPs256

using crypto::SignerPs256 = DsaSigner<DsaType::kRsaPss, DigestSize::k256>

Definition at line 106 of file signers.hpp.

◆ SignerPs384

using crypto::SignerPs384 = DsaSigner<DsaType::kRsaPss, DigestSize::k384>

Definition at line 107 of file signers.hpp.

◆ SignerPs512

using crypto::SignerPs512 = DsaSigner<DsaType::kRsaPss, DigestSize::k512>

Definition at line 108 of file signers.hpp.

◆ SignerRs256

using crypto::SignerRs256 = DsaSigner<DsaType::kRsa, DigestSize::k256>

Definition at line 86 of file signers.hpp.

◆ SignerRs384

using crypto::SignerRs384 = DsaSigner<DsaType::kRsa, DigestSize::k384>

Definition at line 87 of file signers.hpp.

◆ SignerRs512

using crypto::SignerRs512 = DsaSigner<DsaType::kRsa, DigestSize::k512>

Definition at line 88 of file signers.hpp.

◆ VerifierEs256

using crypto::VerifierEs256 = DsaVerifier<DsaType::kEc, DigestSize::k256>

Definition at line 99 of file verifiers.hpp.

◆ VerifierEs384

using crypto::VerifierEs384 = DsaVerifier<DsaType::kEc, DigestSize::k384>

Definition at line 100 of file verifiers.hpp.

◆ VerifierEs512

using crypto::VerifierEs512 = DsaVerifier<DsaType::kEc, DigestSize::k512>

Definition at line 101 of file verifiers.hpp.

◆ VerifierHs1

using crypto::VerifierHs1 = HmacShaVerifier<DigestSize::k160>

Definition at line 58 of file verifiers.hpp.

◆ VerifierHs256

using crypto::VerifierHs256 = HmacShaVerifier<DigestSize::k256>

Definition at line 59 of file verifiers.hpp.

◆ VerifierHs384

using crypto::VerifierHs384 = HmacShaVerifier<DigestSize::k384>

Definition at line 60 of file verifiers.hpp.

◆ VerifierHs512

using crypto::VerifierHs512 = HmacShaVerifier<DigestSize::k512>

Definition at line 61 of file verifiers.hpp.

◆ VerifierPs256

using crypto::VerifierPs256 = DsaVerifier<DsaType::kRsaPss, DigestSize::k256>

Definition at line 109 of file verifiers.hpp.

◆ VerifierPs384

using crypto::VerifierPs384 = DsaVerifier<DsaType::kRsaPss, DigestSize::k384>

Definition at line 110 of file verifiers.hpp.

◆ VerifierPs512

using crypto::VerifierPs512 = DsaVerifier<DsaType::kRsaPss, DigestSize::k512>

Definition at line 111 of file verifiers.hpp.

◆ VerifierRs256

using crypto::VerifierRs256 = DsaVerifier<DsaType::kRsa, DigestSize::k256>

Definition at line 89 of file verifiers.hpp.

◆ VerifierRs384

using crypto::VerifierRs384 = DsaVerifier<DsaType::kRsa, DigestSize::k384>

Definition at line 90 of file verifiers.hpp.

◆ VerifierRs512

using crypto::VerifierRs512 = DsaVerifier<DsaType::kRsa, DigestSize::k512>

Definition at line 91 of file verifiers.hpp.

Enumeration Type Documentation

◆ DigestSize

enum class crypto::DigestSize
strong

SHA digest size in bits.

Definition at line 25 of file basic_types.hpp.

◆ DsaType

enum class crypto::DsaType
strong

Digital signature type.

Definition at line 28 of file basic_types.hpp.

Function Documentation

◆ GenerateRandomBlock() [1/2]

void crypto::GenerateRandomBlock ( utils::span< char > buffer)

Generate a block of randomness using a cryptographically secure RNG.

Uses a thread-local CryptoPP::AutoSeededRandomPool.

◆ GenerateRandomBlock() [2/2]

template<typename T>
void crypto::GenerateRandomBlock ( utils::span< T > buffer)

This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts.

Definition at line 29 of file random.hpp.

◆ LoadCertificatesChainFromString()

CertificatesChain crypto::LoadCertificatesChainFromString ( std::string_view chain)

Accepts a string that contains a chain of certificates (primary and intermediate), checks that it's correct, loads it into OpenSSL structures and returns as a list of 'Certificate's.

Exceptions
crypto::KeyParseErrorif failed to load the certificate.