Es netssl #1
Es netssl #1
Conversation
Added example showing encrypt- decrypt using aes gcm 256 based on OpenSSL example.
Added test case gcm decrypt
Merge openssl.ecf and test into openssl.ecf. Splitted the APPLICATION.make feature. Removed a few warnings.
Made BYTE_ARRAY_CONVERTER as hidden (implementation) class.
… low level code wrapping C code. Initial commit gcm encrypt (work in progress).
Added new interfaces to represent the different modes and algorithm supported by OpenSSL and a generic way to encrypt/decrypt.
Added ERROR abstractions to handle OpenSSL errors. Updated low level api to handle errors at the moment using Exceptions. Added test cases to show AES with GCM mode encrypt/decrypt.
SSL_CIPHER_CONTEXT interface.
… into es_openssl_crypto # Please enter a commit message to explain why this merge is necessary, # especially if it merges an updated upstream into a topic branch. # # Lines starting with '#' will be ignored, and an empty message aborts # the commit.
SSL class Added `ssl_get_error` to get the result code of for a preceding call to SSL_connect(), SSL_accept(), SSL_do_handshake(), SSL_read(), SSL_peek(), or SSL_write() on ssl. Added externals features to get the value of different error codes: SSL_ERROR_WANT_READ, SSL_ERROR_NONE, SSL_ERROR_ZERO_RETURN, SSL_ERROR_WANT_WRITE Added external feature `ssl_pending` to return the number of bytes with are available inside SSL for inmediate read. Updated NetSSL library to support non-blocking reads and writes. Added a non blocking client/server example.
| @@ -1,7 +1,7 @@ | |||
| <?xml version="1.0" encoding="ISO-8859-1"?> | |||
| <system xmlns="http://www.eiffel.com/developers/xml/configuration-1-17-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-17-0 http://www.eiffel.com/developers/xml/configuration-1-17-0.xsd" name="openssl" uuid="22EE78DC-1AC1-4EBC-8AA9-9E8D6B8C3989" library_target="openssl"> | |||
| <target name="openssl"> | |||
| <description>Eiffel OpenSSL Wrap library. | |||
| <description>Eiffel OpenSSL Wrap library. | |||
| Copyright (c) 1984-2006, Eiffel Software and others. | |||
There was a problem hiding this comment.
copyright year should be updated
| verify_key_size: BOOLEAN | ||
| -- has the current algorithm a valid key size? | ||
| do | ||
| if key_sizes.has (key_size) then |
There was a problem hiding this comment.
Result := key_sizes.has (key_size)
| Result := ctx.update (a_data) | ||
| end | ||
|
|
||
| update_into(a_data, a_buf: MANAGED_POINTER): INTEGER |
There was a problem hiding this comment.
bad indentation, and missing space before (
| else | ||
| updated := True | ||
| bytes_processed := bytes_processed + a_data_size | ||
| -- if bytes_processed > ctx.mode.MAX_ENCRYPTED_BYTES then |
There was a problem hiding this comment.
either add a comment related to the commented lines, or remove those lines
|
|
||
| feature -- Access | ||
|
|
||
| ctx: SSL_CIPHER_CONTEXT_EXTERNALS |
There was a problem hiding this comment.
should ctx be protected (export NONE) and renamed implementation or externals ?
There was a problem hiding this comment.
yes, I will export it to {NONE}, but I like the name ctx or context since it's more natural in this domain.
| "return SSL_pending((const SSL *)$a_ssl);" | ||
| end | ||
|
|
||
|
|
||
| note | ||
| copyright: "Copyright (c) 1984-2016, Eiffel Software and others" |
|
|
||
| feature -- Errors | ||
|
|
||
| retrieve_errors: detachable LIST [SSL_ERROR] |
| do | ||
|
|
||
| -- Create and initialise the context | ||
| l_ctx := {SSL_EVP}.c_evp_cipher_ctx_new |
There was a problem hiding this comment.
SSL_EVP is in folder "to_remove" ... please also move related tests to a folder "to_remove".
As I guess this is useless to review code that is about to be removed.
| create l_mode.make ("8b23299fde174053f3d652ba", Void) | ||
| create cipher.make (l_algo, l_mode) | ||
| l_encryptor := cipher.encryptor | ||
| l_computed_ct := l_encryptor.update (create {MANAGED_POINTER}.make_from_array ((create {BYTE_ARRAY_CONVERTER}.make_from_hex_string ("28286a321293253c3e0aa2704a278032")).to_natural_8_array)) |
There was a problem hiding this comment.
Note that BYTE_ARRAY_CONVERTER is for now hidden (as implementation).
So user won't be able to use it directly.
then, the interface should have several version of update ... update_with_string, update_with_hexadecimal_string and so on ...
There was a problem hiding this comment.
I am not sure if l_computed_ct as a MANAGED_POINTER is really user friendly.
Could we have higher abstraction?
maybe the l_encryptor should keep an attribute with the internal computed result after update ...
I think this is what we have in crypto lib for HMAC_SHA256 and related.
| @@ -0,0 +1,6 @@ | |||
| #include <windows.h> | |||
There was a problem hiding this comment.
do not commit generated .rc files
Clean Code. Updated SSL_CIPHER_INTERFACE's to follow Eiffel Style. Refactor rename features to follow Eiffel Style.
…tion Clean code. Remove obsolete cluster: to_remove.
Updated OpenSSL dynamic ecf to use the latest dynamic library. Updated OpenSSL readme with information about how to compile it (generate static and dynamic library) and how to install it on Ubuntu (Debian) Linux. Updated Delivery with the latest OpenSSL libraries for Visual Studio C++ win64 and win32
for review