add encryption (#1002)

* add encryption

* add doc

* add doc

* fix bug

fastdeploy/encryption/util/include/crypto/aes_gcm.h

@@ -0,0 +1,130 @@
+// Copyright (c) 2021 PaddlePaddle Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+#pragma once
+
+#ifndef PADDLE_MODEL_PROTECT_UTIL_CRYPTO_AES_GCM_H
+#define PADDLE_MODEL_PROTECT_UTIL_CRYPTO_AES_GCM_H
+
+#include <openssl/aes.h>
+#include <openssl/evp.h>
+#include <iostream>
+#include <string>
+
+#include "fastdeploy/encryption/util/include/crypto/basic.h"
+
+namespace fastdeploy {
+namespace util {
+namespace crypto {
+// aes key 32 byte for 256 bit
+#define AES_GCM_KEY_LENGTH 32
+
+// aes tag 16 byte for 128 bit
+#define AES_GCM_TAG_LENGTH 16
+
+// aes iv 12 byte for 96 bit
+#define AES_GCM_IV_LENGTH 16
+
+class AesGcm {
+ public:
+  /**
+   * \brief        initial aes-gcm-256 context use key & iv
+   *
+   * \note         initial aes-gcm-256 context use key & iv. gcm mode
+   *               will generate a tag(16 byte), so the ciphertext's length
+   *               should be longer 16 byte than plaintext.
+   *
+   *
+   * \param plaintext     plain text to be encrypted(in)
+   * \param len      plain text's length(in)
+   * \param key     aes key (in)
+   * \param iv      aes iv (in)
+   * \param ciphertext   encrypted text(out)
+   * \param out_len   encrypted length(out)
+   *
+   * \return         return  0 if successful
+   *                        -1 EVP_CIPHER_CTX_new or aes_gcm_key error
+   *                        -2 EVP_EncryptUpdate error
+   *                        -3 EVP_EncryptFinal_ex error
+   *                        -4 EVP_CIPHER_CTX_ctrl error
+   */
+  static int encrypt_aes_gcm(const unsigned char* plaintext, const int& len,
+                             const unsigned char* key, const unsigned char* iv,
+                             unsigned char* ciphertext,
+                             int& out_len);  // NOLINT
+  /**
+   * \brief        encrypt using aes-gcm-256
+   *
+   * \note         encrypt using aes-gcm-256
+   *
+   * \param ciphertext     cipher text to be decrypted(in)
+   * \param len      plain text's length(in)
+   * \param key     aes key (in)
+   * \param iv      aes iv (in)
+   * \param plaintext   decrypted text(out)
+   * \param out_len   decrypted length(out)
+   *
+   * \return         return  0 if successful
+   *                        -1 EVP_CIPHER_CTX_new or aes_gcm_key error
+   *                        -2 EVP_DecryptUpdate error
+   *                        -3 EVP_CIPHER_CTX_ctrl error
+   *                        -4 EVP_DecryptFinal_ex error
+   */
+  static int decrypt_aes_gcm(const unsigned char* ciphertext, const int& len,
+                             const unsigned char* key, const unsigned char* iv,
+                             unsigned char* plaintext, int& out_len);  // NOLINT
+
+ private:
+  /**
+   * \brief        initial aes-gcm-256 context use key & iv
+   *
+   * \note         initial aes-gcm-256 context use key & iv
+   *
+   * \param key     aes key (in)
+   * \param iv      aes iv (in)
+   * \param e_ctx   encryption context(out)
+   * \param d_ctx   decryption context(out)
+   *
+   * \return         return  0 if successful
+   *                        -1 EVP_xxcryptInit_ex error
+   *                        -2 EVP_CIPHER_CTX_ctrl error
+   *                        -3 EVP_xxcryptInit_ex error
+   */
+  static int aes_gcm_key(const unsigned char* key, const unsigned char* iv,
+                         EVP_CIPHER_CTX* e_ctx, EVP_CIPHER_CTX* d_ctx);
+
+  /**
+   * \brief        initial aes-gcm-256 context use key & iv
+   *
+   * \note         initial aes-gcm-256 context use key & iv
+   *
+   * \param key     aes key (in)
+   * \param iv      aes iv (in)
+   * \param e_ctx   encryption context(out)
+   * \param d_ctx   decryption context(out)
+   *
+   * \return         return  0 if successful
+   *                        -1 EVP_xxcryptInit_ex error
+   *                        -2 EVP_CIPHER_CTX_ctrl error
+   *                        -3 EVP_xxcryptInit_ex error
+   *                        -4 invalid key length or iv length
+   *                        -5 hex_to_byte error
+   */
+  static int aes_gcm_key(const std::string& key_hex, const std::string& iv_hex,
+                         EVP_CIPHER_CTX* e_ctx, EVP_CIPHER_CTX* d_ctx);
+};
+
+}  // namespace crypto
+}  // namespace util
+}  // namespace fastdeploy
+#endif  // PADDLE_MODEL_PROTECT_UTIL_CRYPTO_AES_GCM_H

fastdeploy/encryption/util/include/crypto/base64.h

@@ -0,0 +1,33 @@
+// Copyright (c) 2021 PaddlePaddle Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+#pragma once
+
+#include <vector>
+#include <string>
+
+#ifndef PADDLE_MODEL_PROTECT_UTIL_CRYPTO_BASE64_UTILS_H
+#define PADDLE_MODEL_PROTECT_UTIL_CRYPTO_BASE64_UTILS_H
+namespace fastdeploy {
+namespace baidu {
+namespace base {
+namespace base64 {
+
+std::string base64_encode(const std::string& input);
+std::string base64_decode(const std::string& input);
+
+}  // namespace base64
+}  // namespace base
+}  // namespace baidu
+}  // namespace fastdeploy
+#endif  // PADDLE_MODEL_PROTECT_BASE64_UTILS_H

fastdeploy/encryption/util/include/crypto/basic.h

@@ -0,0 +1,78 @@
+// Copyright (c) 2021 PaddlePaddle Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+#pragma once
+
+#ifndef PADDLE_MODEL_PROTECT_UTIL_BASIC_H
+#define PADDLE_MODEL_PROTECT_UTIL_BASIC_H
+
+#include <iomanip>
+#include <iostream>
+#include <random>
+#include <string>
+#include <sstream>
+namespace fastdeploy {
+namespace util {
+namespace crypto {
+
+class Basic {
+ public:
+  /**
+   * \brief        byte to hex
+   *
+   * \note         byte to hex.
+   *
+   *
+   * \param in_byte  byte array(in)
+   * \param len      byte array length(in)
+   * \param out_hex  the hex string(in)
+   *
+   *
+   * \return         return  0 if successful
+   */
+  static int byte_to_hex(const unsigned char* in_byte, int len,
+                         std::string& out_hex);  // NOLINT
+
+  /**
+   * \brief        hex to byte
+   *
+   * \note         hex to byte.
+   *
+   *
+   * \param in_hex    the hex string(in)
+   * \param out_byte  byte array(out)
+   *
+   * \return         return  0 if successful
+   *                        -1 invalid in_hex
+   */
+  static int hex_to_byte(const std::string& in_hex, unsigned char* out_byte);
+
+  /**
+   * \brief        get random char for length
+   *
+   * \note         get random char for length
+   *
+   *
+   * \param array     to be random(out)
+   * \param len       array length(in)
+   *
+   * \return         return  0 if successful
+   *                        -1 invalid parameters
+   */
+  static int random(unsigned char* random, int len);
+};
+
+}  // namespace crypto
+}  // namespace util
+}  // namespace fastdeploy
+#endif  // PADDLE_MODEL_PROTECT_UTIL_BASIC_H

fastdeploy/encryption/util/include/crypto/sha256_utils.h

@@ -0,0 +1,40 @@
+// Copyright (c) 2021 PaddlePaddle Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+#pragma once
+
+#include <vector>
+#include <string>
+
+#ifndef PADDLE_MODEL_PROTECT_UTIL_CRYPTO_SHA256_UTILS_H
+#define PADDLE_MODEL_PROTECT_UTIL_CRYPTO_SHA256_UTILS_H
+namespace fastdeploy {
+namespace util {
+namespace crypto {
+
+class SHA256Utils {
+ public:
+  static void sha256(const void* data, size_t len, unsigned char* md);
+  static std::vector<unsigned char> sha256(const void* data, size_t len);
+  static std::vector<unsigned char> sha256(
+      const std::vector<unsigned char>& data);
+  static std::string sha256_string(const void* data, size_t len);
+  static std::string sha256_string(const std::vector<unsigned char>& data);
+  static std::string sha256_string(const std::string& string);
+  static std::string sha256_file(const std::string& path);
+};
+
+}  // namespace crypto
+}  // namespace util
+}  // namespace fastdeploy
+#endif  // PADDLE_MODEL_PROTECT_UTIL_CRYPTO_SHA256_UTILS_H