The Cryptography library allows for performing a variety of cryptographic operations from key generation, encryption, decryption, signature, verification to higher-level mechanisms.
Note that the Cryptography library is mostly buffer-oriented even though some operations are allowed on streams such a symmetric encryption, hashing and more.
Cryptoraphy is part of the Elle set of libraries.
Cryptography is built on top of OpenSSL library which provides the fundamental cryptographic operations. Motivation behind Cryptography is to wrap OpenSSL (written in C), in order to ease integration in a C++ project. It provides an elegant and object-oriented API and follows the RAII idiom to lazily simplify initialization and cleanup.
// Sign/verify with DSA.
{
auto data = std::string("Data to sign...");
// Generate a random dsa KeyPair.
auto keypair = infinit::cryptography::dsa::keypair::generate(2048);
// Create a signature for data (with k: the private key).
auto signature = keypair.k().sign(data);
// Ensure verify the signature (with K: the public key).
assert(keypair.K().verify(signature, data) == true));
}
Please refer to the sample.cc file which contains several examples related to different cryptographic operations allowed by the library.
The Cryptography library can be configured through the following environment variables:
- ELLE_CRYPTOGRAPHY_RANDOM_SOURCE defines the path to the source file from which data will be read in order to initialize the pseudo-random generator. The default value for this variable is: /dev/random.
- ELLE_CRYPTOGRAPHY_ROTATION activates the key rotation mechanism allowing one to derive RSA keys from a seed in a deterministic way.
The Cryptography library relies upon the following libraries:
- OpenSSL provides the fundamental cryptographic operations.
- dOpenSSL allows for deterministic cryptographic operations.
- Website: https://infinit.sh/open-source
- Email: [email protected]