1 #ifndef ENCRYPTION_TENTACLE_CLASS
2 #define ENCRYPTION_TENTACLE_CLASS
4 /*****************************************************************************\
6 * Name : encryption_tentacle *
7 * Author : Chris Koeritz *
9 *******************************************************************************
10 * Copyright (c) 2004-$now By Author. This program is free software; you can *
11 * redistribute it and/or modify it under the terms of the GNU General Public *
12 * License as published by the Free Software Foundation; either version 2 of *
13 * the License or (at your option) any later version. This is online at: *
14 * http://www.fsf.org/copyleft/gpl.html *
15 * Please send any updates to: fred@gruntose.com *
16 \*****************************************************************************/
18 #include "encryption_infoton.h"
20 #include <octopus/tentacle_helper.h>
27 //! Processes the encryption_infoton object for setting up an encrypted channel.
31 to use encryption, both the client and the server need to have an
32 encryption_tentacle added as a filter. it should be the first filter
33 added by users and it must be before any security tentacles (otherwise,
34 the security info would not be encrypted).
35 further, an unwrapping_tentacle (see encryption_wrapper.h) must also
36 be added. it must *not* be added as a filter. this is what allows the
37 octopus to reconstitute the encoded infotons when encryption is active.
40 class encryption_tentacle
41 : public tentacle_helper<encryption_infoton>
44 encryption_tentacle();
45 //!< this tentacle will implement the server side.
46 /*!< it will expect only to see public keys from clients and to respond
47 with encrypted blowfish keys. */
49 encryption_tentacle(const basis::byte_array &rsa_key);
50 //!< this is the client side tentacle.
51 /*!< it will only deal with unwrapping a server's response with the
52 encrypted blowfish key. the "rsa_key" is the private key that will be
53 used for decrypting the key response. */
55 encryption_tentacle(int key_size);
56 //!< automatically creates a private key of the "key_size".
57 /*!< this is for use by the client side's encryption needs. */
59 virtual ~encryption_tentacle();
61 DEFINE_CLASS_NAME("encryption_tentacle");
63 virtual basis::outcome reconstitute(const structures::string_array &classifier,
64 basis::byte_array &packed_form, infoton * &reformed);
65 //!< recreates a "reformed" infoton from a packed form.
66 /*!< the "classifier" is provided as well as the packed infoton data
67 in "packed_form". this will only succeed if the classifier's first name
68 is understood here. */
70 virtual basis::outcome consume(infoton &to_chow, const octopus_request_id &item_id,
71 basis::byte_array &transformed);
72 //!< the base class handles the processing of the request in "to_chow".
73 /*!< it will generally perform all the services needed to start
74 the encrypted connection up. the "transformed" array will be filled
75 with the actual infoton if decryption is successful. if the outcome
76 is ENCRYPTION_MISMATCH, then the infoton is not encrypted but was
79 virtual void expunge(const octopus_entity &to_remove);
80 //!< throws out any keys we were maintaining for this entity.
82 key_repository &keys() const;
83 //!< provides access to our list of keys.
84 /*!< this is very private info, but it's needed for encrypting items
85 going back to the client. */
87 const crypto::rsa_crypto &private_key() const;
88 //!< provides access to the key held here.
89 /*!< this is an important object; do not expose it externally. */
92 bool _server_side; //!< true if we're acting as a server.
93 key_repository *_keys; //!< our table of keys that we've agreed on.
94 crypto::rsa_crypto *_rsa_private; //!< the private key for a client side.
99 #endif // outer guard.
projects / feisty_meow.git / blob