security.cpp

伯克利做的SFTP安全文件传输协议

// security.cc
// code for security.h
// copyright SafeTP Development Group, Inc., 2000  Terms of use are as specified in license.txt

#include "security.h"      // this module


// -------------- xSecurity ---------------------------------
void xsecurity(char const *msg)
{
  xSecurity tmp(msg);
  THROW(tmp);
}


// ------------------ SecureEndpoint ---------------------
bool SecureEndpoint::testWithEndpoint(SecureEndpoint &other,
                                      int iters, bool echo)
{
  for (int i=0; i<2; i++) {
    // i==0: 'this' encodes and 'other' decodes
    // i==1: 'other' encodes and 'this' decodes
    EndpointAsTrans encoder(i==0? *this : other, true /*encode*/);
    EndpointAsTrans decoder(i==0? other : *this, false /*encode*/);
    TransPair pair(encoder, decoder);
    if (!pair.test(iters, echo)) {
      return false;
    }
  }
  
  return true;
}


// ---------------- EndpointAsTrans -----------------
int EndpointAsTrans::minOutputSize(int /*inputSize*/) const
{
  // a decoding transformation can arbitrarily
  // reduce the size
  return 0;
}

int EndpointAsTrans::maxOutputSize(int inputSize) const
{
  if (encode) {
    return endpoint.maximumEncodedSize(inputSize);
  }
  else {
    return endpoint.maximumDecodedSize(inputSize);
  }
}

void EndpointAsTrans::trans(DataBlock &data)
{
  if (encode) {
    endpoint.encode(data);
  }
  else {
    endpoint.decode(data);
  }
}


// ------------------ DataSecurity ----------------------
char const *getDSLString(DataSecurityLevel level)
{
  switch (level) {
    case DSL_CLEAR: 
      return "cleartext (no protection)";
    case DSL_INTEGRITY:
      return "integrity (protection from tampering)";
    case DSL_CONFIDENTIAL:
      return "confidential (protection from eavesdropping)";
    case DSL_PRIVATE:
      return "private (integrity and confidentiality)";

    default:
      xfailure("invalid 1-bit DataSecurityLevel");
      return NULL;     // silence warning
  }
}


DataSecurityLevel DataSecurity::getSupportedProtLevels() const
{
  // absent any other knowledge, we can't claim to support anything
  return DSL_NONE;
}

void DataSecurity::newFile(DataSecurityLevel level)
{
  xassert(level & getSupportedProtLevels());
}


char DataSecurity::getCodeForLevel(DataSecurityLevel level) const
{
  xfailure("there are no supported levels");
  return '!';    // silence warning
}

DataSecurityLevel DataSecurity::getLevelForCode(char code) const
{
  // unsupported code
  return DSL_NONE;
}


// maximum x, such that there is no size s <= x such that
// maximumEncodedSize(s) > maxBlockSize
int DataSecurity::maximumCleartextSizeForBlock(int maxBlockSize) const
{
  // this is the largest possible return value, because any larger
  // cannot be encoded in 'maxBlockSize'
  int x = maximumDecodedSize(maxBlockSize);

  // now work backwards, testing the primary condition
  for (; x>0; x--) {
    int y = maximumEncodedSize(x);
    if (y <= maxBlockSize) {
      // we haven't actually tested the complete condition above,
      // because there could still exist some s < x for which
      // maximumEncodedSize(s) > maxBlockSize; however, for the
      // functions I expect to appear here, that won't happen; if
      // it does, this fn will have to be overridden
      break;
    }
  }

  xassert(x > 0);
    // otherwise, we will not be able to encode any cleartext

  return x;
}


int DataSecurity::minimumPBSZ() const
{
  return maximumEncodedSize(1);
}


// ------------------- ControlSecurity --------------------
bool ControlSecurity::hasOutgoingAdat() const
{
  return false;
}

void ControlSecurity::getNextOutgoingAdat(DataBlock &)
{
  xfailure("can't call ControlSecurity::getNextOutgoingAdat");
}

bool ControlSecurity::expectingIncomingAdat() const
{
  return false;
}

void ControlSecurity::incomingAdat(DataBlock &)
{
  xfailure("can't call ControlSecurity::incomingAdat");
}