diff options
| author | orivej <orivej@yandex-team.ru> | 2022-02-10 16:45:01 +0300 |
|---|---|---|
| committer | Daniil Cherednik <dcherednik@yandex-team.ru> | 2022-02-10 16:45:01 +0300 |
| commit | 2d37894b1b037cf24231090eda8589bbb44fb6fc (patch) | |
| tree | be835aa92c6248212e705f25388ebafcf84bc7a1 /contrib/libs/poco/Crypto/src | |
| parent | 718c552901d703c502ccbefdfc3c9028d608b947 (diff) | |
| download | ydb-2d37894b1b037cf24231090eda8589bbb44fb6fc.tar.gz | |
Restoring authorship annotation for <orivej@yandex-team.ru>. Commit 2 of 2.
Diffstat (limited to 'contrib/libs/poco/Crypto/src')
22 files changed, 3842 insertions, 3842 deletions
diff --git a/contrib/libs/poco/Crypto/src/Cipher.cpp b/contrib/libs/poco/Crypto/src/Cipher.cpp index b3cba611d3..8b4d57964f 100644 --- a/contrib/libs/poco/Crypto/src/Cipher.cpp +++ b/contrib/libs/poco/Crypto/src/Cipher.cpp @@ -1,140 +1,140 @@ -// -// Cipher.cpp -// -// Library: Crypto -// Package: Cipher -// Module: Cipher -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/Cipher.h" -#include "Poco/Crypto/CryptoStream.h" -#include "Poco/Crypto/CryptoTransform.h" -#include "Poco/Base64Encoder.h" -#include "Poco/Base64Decoder.h" -#include "Poco/HexBinaryEncoder.h" -#include "Poco/HexBinaryDecoder.h" -#include "Poco/StreamCopier.h" -#include "Poco/Exception.h" -#include <sstream> -#include <memory> - - -namespace Poco { -namespace Crypto { - - -Cipher::Cipher() -{ -} - - -Cipher::~Cipher() -{ -} - - -std::string Cipher::encryptString(const std::string& str, Encoding encoding) -{ - std::istringstream source(str); - std::ostringstream sink; - - encrypt(source, sink, encoding); - - return sink.str(); -} - - -std::string Cipher::decryptString(const std::string& str, Encoding encoding) -{ - std::istringstream source(str); - std::ostringstream sink; - - decrypt(source, sink, encoding); - return sink.str(); -} - - -void Cipher::encrypt(std::istream& source, std::ostream& sink, Encoding encoding) -{ - CryptoInputStream encryptor(source, createEncryptor()); - - switch (encoding) - { - case ENC_NONE: - StreamCopier::copyStream(encryptor, sink); - break; - - case ENC_BASE64: - case ENC_BASE64_NO_LF: - { - Poco::Base64Encoder encoder(sink); - if (encoding == ENC_BASE64_NO_LF) - { - encoder.rdbuf()->setLineLength(0); - } - StreamCopier::copyStream(encryptor, encoder); - encoder.close(); - } - break; - - case ENC_BINHEX: - case ENC_BINHEX_NO_LF: - { - Poco::HexBinaryEncoder encoder(sink); - if (encoding == ENC_BINHEX_NO_LF) - { - encoder.rdbuf()->setLineLength(0); - } - StreamCopier::copyStream(encryptor, encoder); - encoder.close(); - } - break; - - default: - throw Poco::InvalidArgumentException("Invalid argument", "encoding"); - } -} - - -void Cipher::decrypt(std::istream& source, std::ostream& sink, Encoding encoding) -{ - CryptoOutputStream decryptor(sink, createDecryptor()); - - switch (encoding) - { - case ENC_NONE: - StreamCopier::copyStream(source, decryptor); - decryptor.close(); - break; - - case ENC_BASE64: - case ENC_BASE64_NO_LF: - { - Poco::Base64Decoder decoder(source); - StreamCopier::copyStream(decoder, decryptor); - decryptor.close(); - } - break; - - case ENC_BINHEX: - case ENC_BINHEX_NO_LF: - { - Poco::HexBinaryDecoder decoder(source); - StreamCopier::copyStream(decoder, decryptor); - decryptor.close(); - } - break; - - default: - throw Poco::InvalidArgumentException("Invalid argument", "encoding"); - } -} - - -} } // namespace Poco::Crypto +// +// Cipher.cpp +// +// Library: Crypto +// Package: Cipher +// Module: Cipher +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/Cipher.h" +#include "Poco/Crypto/CryptoStream.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Base64Encoder.h" +#include "Poco/Base64Decoder.h" +#include "Poco/HexBinaryEncoder.h" +#include "Poco/HexBinaryDecoder.h" +#include "Poco/StreamCopier.h" +#include "Poco/Exception.h" +#include <sstream> +#include <memory> + + +namespace Poco { +namespace Crypto { + + +Cipher::Cipher() +{ +} + + +Cipher::~Cipher() +{ +} + + +std::string Cipher::encryptString(const std::string& str, Encoding encoding) +{ + std::istringstream source(str); + std::ostringstream sink; + + encrypt(source, sink, encoding); + + return sink.str(); +} + + +std::string Cipher::decryptString(const std::string& str, Encoding encoding) +{ + std::istringstream source(str); + std::ostringstream sink; + + decrypt(source, sink, encoding); + return sink.str(); +} + + +void Cipher::encrypt(std::istream& source, std::ostream& sink, Encoding encoding) +{ + CryptoInputStream encryptor(source, createEncryptor()); + + switch (encoding) + { + case ENC_NONE: + StreamCopier::copyStream(encryptor, sink); + break; + + case ENC_BASE64: + case ENC_BASE64_NO_LF: + { + Poco::Base64Encoder encoder(sink); + if (encoding == ENC_BASE64_NO_LF) + { + encoder.rdbuf()->setLineLength(0); + } + StreamCopier::copyStream(encryptor, encoder); + encoder.close(); + } + break; + + case ENC_BINHEX: + case ENC_BINHEX_NO_LF: + { + Poco::HexBinaryEncoder encoder(sink); + if (encoding == ENC_BINHEX_NO_LF) + { + encoder.rdbuf()->setLineLength(0); + } + StreamCopier::copyStream(encryptor, encoder); + encoder.close(); + } + break; + + default: + throw Poco::InvalidArgumentException("Invalid argument", "encoding"); + } +} + + +void Cipher::decrypt(std::istream& source, std::ostream& sink, Encoding encoding) +{ + CryptoOutputStream decryptor(sink, createDecryptor()); + + switch (encoding) + { + case ENC_NONE: + StreamCopier::copyStream(source, decryptor); + decryptor.close(); + break; + + case ENC_BASE64: + case ENC_BASE64_NO_LF: + { + Poco::Base64Decoder decoder(source); + StreamCopier::copyStream(decoder, decryptor); + decryptor.close(); + } + break; + + case ENC_BINHEX: + case ENC_BINHEX_NO_LF: + { + Poco::HexBinaryDecoder decoder(source); + StreamCopier::copyStream(decoder, decryptor); + decryptor.close(); + } + break; + + default: + throw Poco::InvalidArgumentException("Invalid argument", "encoding"); + } +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CipherFactory.cpp b/contrib/libs/poco/Crypto/src/CipherFactory.cpp index 01dfad4cf6..28ba374864 100644 --- a/contrib/libs/poco/Crypto/src/CipherFactory.cpp +++ b/contrib/libs/poco/Crypto/src/CipherFactory.cpp @@ -1,65 +1,65 @@ -// -// CipherFactory.cpp -// -// Library: Crypto -// Package: Cipher -// Module: CipherFactory -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CipherFactory.h" -#include "Poco/Crypto/Cipher.h" -#include "Poco/Crypto/CipherKey.h" -#include "Poco/Crypto/RSAKey.h" -#include "Poco/Crypto/CipherImpl.h" -#include "Poco/Crypto/RSACipherImpl.h" -#include "Poco/Exception.h" -#include "Poco/SingletonHolder.h" -#include <openssl/evp.h> -#include <openssl/err.h> - - -namespace Poco { -namespace Crypto { - - -CipherFactory::CipherFactory() -{ -} - - -CipherFactory::~CipherFactory() -{ -} - - -namespace -{ - static Poco::SingletonHolder<CipherFactory> holder; -} - - -CipherFactory& CipherFactory::defaultFactory() -{ - return *holder.get(); -} - - -Cipher* CipherFactory::createCipher(const CipherKey& key) -{ - return new CipherImpl(key); -} - - -Cipher* CipherFactory::createCipher(const RSAKey& key, RSAPaddingMode paddingMode) -{ - return new RSACipherImpl(key, paddingMode); -} - - -} } // namespace Poco::Crypto +// +// CipherFactory.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CipherFactory +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CipherFactory.h" +#include "Poco/Crypto/Cipher.h" +#include "Poco/Crypto/CipherKey.h" +#include "Poco/Crypto/RSAKey.h" +#include "Poco/Crypto/CipherImpl.h" +#include "Poco/Crypto/RSACipherImpl.h" +#include "Poco/Exception.h" +#include "Poco/SingletonHolder.h" +#include <openssl/evp.h> +#include <openssl/err.h> + + +namespace Poco { +namespace Crypto { + + +CipherFactory::CipherFactory() +{ +} + + +CipherFactory::~CipherFactory() +{ +} + + +namespace +{ + static Poco::SingletonHolder<CipherFactory> holder; +} + + +CipherFactory& CipherFactory::defaultFactory() +{ + return *holder.get(); +} + + +Cipher* CipherFactory::createCipher(const CipherKey& key) +{ + return new CipherImpl(key); +} + + +Cipher* CipherFactory::createCipher(const RSAKey& key, RSAPaddingMode paddingMode) +{ + return new RSACipherImpl(key, paddingMode); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CipherImpl.cpp b/contrib/libs/poco/Crypto/src/CipherImpl.cpp index 926fc0def7..ae57477595 100644 --- a/contrib/libs/poco/Crypto/src/CipherImpl.cpp +++ b/contrib/libs/poco/Crypto/src/CipherImpl.cpp @@ -1,272 +1,272 @@ -// -// CipherImpl.cpp -// -// Library: Crypto -// Package: Cipher -// Module: CipherImpl -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CipherImpl.h" -#include "Poco/Crypto/CryptoTransform.h" -#include "Poco/Exception.h" -#include "Poco/Buffer.h" -#include <openssl/err.h> - - -namespace Poco { -namespace Crypto { - - -namespace -{ - void throwError() - { - unsigned long err; - std::string msg; - - while ((err = ERR_get_error())) - { - if (!msg.empty()) - msg.append("; "); - msg.append(ERR_error_string(err, 0)); - } - - throw Poco::IOException(msg); - } - - - class CryptoTransformImpl: public CryptoTransform - { - public: - typedef Cipher::ByteVec ByteVec; - - enum Direction - { - DIR_ENCRYPT, - DIR_DECRYPT - }; - - CryptoTransformImpl( - const EVP_CIPHER* pCipher, - const ByteVec& key, - const ByteVec& iv, - Direction dir); - - ~CryptoTransformImpl(); - - std::size_t blockSize() const; - int setPadding(int padding); - std::string getTag(std::size_t tagSize); - void setTag(const std::string& tag); - - std::streamsize transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength); - - std::streamsize finalize( - unsigned char* output, - std::streamsize length); - - private: - const EVP_CIPHER* _pCipher; -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - EVP_CIPHER_CTX* _pContext; -#else - EVP_CIPHER_CTX _context; -#endif - ByteVec _key; - ByteVec _iv; - }; - - - CryptoTransformImpl::CryptoTransformImpl( - const EVP_CIPHER* pCipher, - const ByteVec& key, - const ByteVec& iv, - Direction dir): - _pCipher(pCipher), - _key(key), - _iv(iv) - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - _pContext = EVP_CIPHER_CTX_new(); - EVP_CipherInit( - _pContext, - _pCipher, - &_key[0], - _iv.empty() ? 0 : &_iv[0], - (dir == DIR_ENCRYPT) ? 1 : 0); -#else - EVP_CipherInit( - &_context, - _pCipher, - &_key[0], - _iv.empty() ? 0 : &_iv[0], - (dir == DIR_ENCRYPT) ? 1 : 0); -#endif - -#if OPENSSL_VERSION_NUMBER >= 0x10001000L - if (_iv.size() != EVP_CIPHER_iv_length(_pCipher) && EVP_CIPHER_mode(_pCipher) == EVP_CIPH_GCM_MODE) - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_SET_IVLEN, _iv.size(), NULL); -#else - int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_SET_IVLEN, _iv.size(), NULL); -#endif - if (rc == 0) throwError(); - } -#endif - } - - - CryptoTransformImpl::~CryptoTransformImpl() - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - EVP_CIPHER_CTX_cleanup(_pContext); - EVP_CIPHER_CTX_free(_pContext); -#else - EVP_CIPHER_CTX_cleanup(&_context); -#endif - } - - - std::size_t CryptoTransformImpl::blockSize() const - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - return EVP_CIPHER_CTX_block_size(_pContext); -#else - return EVP_CIPHER_CTX_block_size(&_context); -#endif - } - - - int CryptoTransformImpl::setPadding(int padding) - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - return EVP_CIPHER_CTX_block_size(_pContext); -#else - return EVP_CIPHER_CTX_set_padding(&_context, padding); -#endif - } - - - std::string CryptoTransformImpl::getTag(std::size_t tagSize) - { - std::string tag; -#if OPENSSL_VERSION_NUMBER >= 0x10001000L - Poco::Buffer<char> buffer(tagSize); -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_GET_TAG, tagSize, buffer.begin()); -#else - int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_GET_TAG, tagSize, buffer.begin()); -#endif - if (rc == 0) throwError(); - tag.assign(buffer.begin(), tagSize); -#endif - return tag; - } - - - void CryptoTransformImpl::setTag(const std::string& tag) - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_SET_TAG, tag.size(), const_cast<char*>(tag.data())); -#elif OPENSSL_VERSION_NUMBER >= 0x10001000L - int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_SET_TAG, tag.size(), const_cast<char*>(tag.data())); -#else - int rc = 0; -#endif - if (rc == 0) throwError(); - } - - - std::streamsize CryptoTransformImpl::transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength) - { - poco_assert (outputLength >= (inputLength + blockSize() - 1)); - - int outLen = static_cast<int>(outputLength); -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - int rc = EVP_CipherUpdate( - _pContext, - output, - &outLen, - input, - static_cast<int>(inputLength)); -#else - int rc = EVP_CipherUpdate( - &_context, - output, - &outLen, - input, - static_cast<int>(inputLength)); -#endif - if (rc == 0) - throwError(); - - return static_cast<std::streamsize>(outLen); - } - - - std::streamsize CryptoTransformImpl::finalize( - unsigned char* output, - std::streamsize length) - { - poco_assert (length >= blockSize()); - - int len = static_cast<int>(length); - - // Use the '_ex' version that does not perform implicit cleanup since we - // will call EVP_CIPHER_CTX_cleanup() from the dtor as there is no - // guarantee that finalize() will be called if an error occurred. -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - int rc = EVP_CipherFinal_ex(_pContext, output, &len); -#else - int rc = EVP_CipherFinal_ex(&_context, output, &len); -#endif - - if (rc == 0) - throwError(); - - return static_cast<std::streamsize>(len); - } -} - - -CipherImpl::CipherImpl(const CipherKey& key): - _key(key) -{ -} - - -CipherImpl::~CipherImpl() -{ -} - - -CryptoTransform* CipherImpl::createEncryptor() -{ - CipherKeyImpl::Ptr p = _key.impl(); - return new CryptoTransformImpl(p->cipher(), p->getKey(), p->getIV(), CryptoTransformImpl::DIR_ENCRYPT); -} - - -CryptoTransform* CipherImpl::createDecryptor() -{ - CipherKeyImpl::Ptr p = _key.impl(); - return new CryptoTransformImpl(p->cipher(), p->getKey(), p->getIV(), CryptoTransformImpl::DIR_DECRYPT); -} - - -} } // namespace Poco::Crypto +// +// CipherImpl.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CipherImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CipherImpl.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Exception.h" +#include "Poco/Buffer.h" +#include <openssl/err.h> + + +namespace Poco { +namespace Crypto { + + +namespace +{ + void throwError() + { + unsigned long err; + std::string msg; + + while ((err = ERR_get_error())) + { + if (!msg.empty()) + msg.append("; "); + msg.append(ERR_error_string(err, 0)); + } + + throw Poco::IOException(msg); + } + + + class CryptoTransformImpl: public CryptoTransform + { + public: + typedef Cipher::ByteVec ByteVec; + + enum Direction + { + DIR_ENCRYPT, + DIR_DECRYPT + }; + + CryptoTransformImpl( + const EVP_CIPHER* pCipher, + const ByteVec& key, + const ByteVec& iv, + Direction dir); + + ~CryptoTransformImpl(); + + std::size_t blockSize() const; + int setPadding(int padding); + std::string getTag(std::size_t tagSize); + void setTag(const std::string& tag); + + std::streamsize transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength); + + std::streamsize finalize( + unsigned char* output, + std::streamsize length); + + private: + const EVP_CIPHER* _pCipher; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_CIPHER_CTX* _pContext; +#else + EVP_CIPHER_CTX _context; +#endif + ByteVec _key; + ByteVec _iv; + }; + + + CryptoTransformImpl::CryptoTransformImpl( + const EVP_CIPHER* pCipher, + const ByteVec& key, + const ByteVec& iv, + Direction dir): + _pCipher(pCipher), + _key(key), + _iv(iv) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + _pContext = EVP_CIPHER_CTX_new(); + EVP_CipherInit( + _pContext, + _pCipher, + &_key[0], + _iv.empty() ? 0 : &_iv[0], + (dir == DIR_ENCRYPT) ? 1 : 0); +#else + EVP_CipherInit( + &_context, + _pCipher, + &_key[0], + _iv.empty() ? 0 : &_iv[0], + (dir == DIR_ENCRYPT) ? 1 : 0); +#endif + +#if OPENSSL_VERSION_NUMBER >= 0x10001000L + if (_iv.size() != EVP_CIPHER_iv_length(_pCipher) && EVP_CIPHER_mode(_pCipher) == EVP_CIPH_GCM_MODE) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_SET_IVLEN, _iv.size(), NULL); +#else + int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_SET_IVLEN, _iv.size(), NULL); +#endif + if (rc == 0) throwError(); + } +#endif + } + + + CryptoTransformImpl::~CryptoTransformImpl() + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_CIPHER_CTX_cleanup(_pContext); + EVP_CIPHER_CTX_free(_pContext); +#else + EVP_CIPHER_CTX_cleanup(&_context); +#endif + } + + + std::size_t CryptoTransformImpl::blockSize() const + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + return EVP_CIPHER_CTX_block_size(_pContext); +#else + return EVP_CIPHER_CTX_block_size(&_context); +#endif + } + + + int CryptoTransformImpl::setPadding(int padding) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + return EVP_CIPHER_CTX_block_size(_pContext); +#else + return EVP_CIPHER_CTX_set_padding(&_context, padding); +#endif + } + + + std::string CryptoTransformImpl::getTag(std::size_t tagSize) + { + std::string tag; +#if OPENSSL_VERSION_NUMBER >= 0x10001000L + Poco::Buffer<char> buffer(tagSize); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_GET_TAG, tagSize, buffer.begin()); +#else + int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_GET_TAG, tagSize, buffer.begin()); +#endif + if (rc == 0) throwError(); + tag.assign(buffer.begin(), tagSize); +#endif + return tag; + } + + + void CryptoTransformImpl::setTag(const std::string& tag) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_SET_TAG, tag.size(), const_cast<char*>(tag.data())); +#elif OPENSSL_VERSION_NUMBER >= 0x10001000L + int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_SET_TAG, tag.size(), const_cast<char*>(tag.data())); +#else + int rc = 0; +#endif + if (rc == 0) throwError(); + } + + + std::streamsize CryptoTransformImpl::transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength) + { + poco_assert (outputLength >= (inputLength + blockSize() - 1)); + + int outLen = static_cast<int>(outputLength); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CipherUpdate( + _pContext, + output, + &outLen, + input, + static_cast<int>(inputLength)); +#else + int rc = EVP_CipherUpdate( + &_context, + output, + &outLen, + input, + static_cast<int>(inputLength)); +#endif + if (rc == 0) + throwError(); + + return static_cast<std::streamsize>(outLen); + } + + + std::streamsize CryptoTransformImpl::finalize( + unsigned char* output, + std::streamsize length) + { + poco_assert (length >= blockSize()); + + int len = static_cast<int>(length); + + // Use the '_ex' version that does not perform implicit cleanup since we + // will call EVP_CIPHER_CTX_cleanup() from the dtor as there is no + // guarantee that finalize() will be called if an error occurred. +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CipherFinal_ex(_pContext, output, &len); +#else + int rc = EVP_CipherFinal_ex(&_context, output, &len); +#endif + + if (rc == 0) + throwError(); + + return static_cast<std::streamsize>(len); + } +} + + +CipherImpl::CipherImpl(const CipherKey& key): + _key(key) +{ +} + + +CipherImpl::~CipherImpl() +{ +} + + +CryptoTransform* CipherImpl::createEncryptor() +{ + CipherKeyImpl::Ptr p = _key.impl(); + return new CryptoTransformImpl(p->cipher(), p->getKey(), p->getIV(), CryptoTransformImpl::DIR_ENCRYPT); +} + + +CryptoTransform* CipherImpl::createDecryptor() +{ + CipherKeyImpl::Ptr p = _key.impl(); + return new CryptoTransformImpl(p->cipher(), p->getKey(), p->getIV(), CryptoTransformImpl::DIR_DECRYPT); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CipherKey.cpp b/contrib/libs/poco/Crypto/src/CipherKey.cpp index 5efa63a460..275edd1c88 100644 --- a/contrib/libs/poco/Crypto/src/CipherKey.cpp +++ b/contrib/libs/poco/Crypto/src/CipherKey.cpp @@ -1,49 +1,49 @@ -// -// CipherKey.cpp -// -// Library: Crypto -// Package: Cipher -// Module: CipherKey -// -// Copyright (c) 2007, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CipherKey.h" - - -namespace Poco { -namespace Crypto { - - -CipherKey::CipherKey(const std::string& name, - const std::string& passphrase, - const std::string& salt, - int iterationCount, - const std::string &digest): - _pImpl(new CipherKeyImpl(name, passphrase, salt, iterationCount, digest)) -{ -} - - -CipherKey::CipherKey(const std::string& name, const ByteVec& key, const ByteVec& iv): - _pImpl(new CipherKeyImpl(name, key, iv)) -{ -} - - -CipherKey::CipherKey(const std::string& name): - _pImpl(new CipherKeyImpl(name)) -{ -} - - -CipherKey::~CipherKey() -{ -} - - -} } // namespace Poco::Crypto +// +// CipherKey.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CipherKey +// +// Copyright (c) 2007, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CipherKey.h" + + +namespace Poco { +namespace Crypto { + + +CipherKey::CipherKey(const std::string& name, + const std::string& passphrase, + const std::string& salt, + int iterationCount, + const std::string &digest): + _pImpl(new CipherKeyImpl(name, passphrase, salt, iterationCount, digest)) +{ +} + + +CipherKey::CipherKey(const std::string& name, const ByteVec& key, const ByteVec& iv): + _pImpl(new CipherKeyImpl(name, key, iv)) +{ +} + + +CipherKey::CipherKey(const std::string& name): + _pImpl(new CipherKeyImpl(name)) +{ +} + + +CipherKey::~CipherKey() +{ +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CipherKeyImpl.cpp b/contrib/libs/poco/Crypto/src/CipherKeyImpl.cpp index f793082ba0..2af173bce8 100644 --- a/contrib/libs/poco/Crypto/src/CipherKeyImpl.cpp +++ b/contrib/libs/poco/Crypto/src/CipherKeyImpl.cpp @@ -1,224 +1,224 @@ -// -// CipherKeyImpl.cpp -// -// Library: Crypto -// Package: Cipher -// Module: CipherKeyImpl -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CipherKeyImpl.h" -#include "Poco/Crypto/CryptoTransform.h" -#include "Poco/Crypto/CipherFactory.h" -#include "Poco/Exception.h" -#include "Poco/RandomStream.h" -#include <openssl/err.h> -#include <openssl/evp.h> - - -namespace Poco { -namespace Crypto { - - -CipherKeyImpl::CipherKeyImpl(const std::string& name, - const std::string& passphrase, - const std::string& salt, - int iterationCount, - const std::string& digest): - _pCipher(0), - _pDigest(0), - _name(name), - _key(), - _iv() -{ - // dummy access to Cipherfactory so that the EVP lib is initilaized - CipherFactory::defaultFactory(); - _pCipher = EVP_get_cipherbyname(name.c_str()); - - if (!_pCipher) - throw Poco::NotFoundException("Cipher " + name + " was not found"); - - _pDigest = EVP_get_digestbyname(digest.c_str()); - - if (!_pDigest) - throw Poco::NotFoundException("Digest " + name + " was not found"); - - _key = ByteVec(keySize()); - _iv = ByteVec(ivSize()); - generateKey(passphrase, salt, iterationCount); -} - - -CipherKeyImpl::CipherKeyImpl(const std::string& name, - const ByteVec& key, - const ByteVec& iv): - _pCipher(0), - _pDigest(0), - _name(name), - _key(key), - _iv(iv) -{ - // dummy access to Cipherfactory so that the EVP lib is initialized - CipherFactory::defaultFactory(); - _pCipher = EVP_get_cipherbyname(name.c_str()); - - if (!_pCipher) - throw Poco::NotFoundException("Cipher " + name + " was not found"); -} - - -CipherKeyImpl::CipherKeyImpl(const std::string& name): - _pCipher(0), - _pDigest(0), - _name(name), - _key(), - _iv() -{ - // dummy access to Cipherfactory so that the EVP lib is initilaized - CipherFactory::defaultFactory(); - _pCipher = EVP_get_cipherbyname(name.c_str()); - - if (!_pCipher) - throw Poco::NotFoundException("Cipher " + name + " was not found"); - _key = ByteVec(keySize()); - _iv = ByteVec(ivSize()); - generateKey(); -} - - -CipherKeyImpl::~CipherKeyImpl() -{ -} - - -CipherKeyImpl::Mode CipherKeyImpl::mode() const -{ - switch (EVP_CIPHER_mode(_pCipher)) - { - case EVP_CIPH_STREAM_CIPHER: - return MODE_STREAM_CIPHER; - - case EVP_CIPH_ECB_MODE: - return MODE_ECB; - - case EVP_CIPH_CBC_MODE: - return MODE_CBC; - - case EVP_CIPH_CFB_MODE: - return MODE_CFB; - - case EVP_CIPH_OFB_MODE: - return MODE_OFB; - -#if OPENSSL_VERSION_NUMBER >= 0x10001000L - case EVP_CIPH_CTR_MODE: - return MODE_CTR; - - case EVP_CIPH_GCM_MODE: - return MODE_GCM; - - case EVP_CIPH_CCM_MODE: - return MODE_CCM; -#endif - } - throw Poco::IllegalStateException("Unexpected value of EVP_CIPHER_mode()"); -} - - -void CipherKeyImpl::generateKey() -{ - ByteVec vec; - - getRandomBytes(vec, keySize()); - setKey(vec); - - getRandomBytes(vec, ivSize()); - setIV(vec); -} - - -void CipherKeyImpl::getRandomBytes(ByteVec& vec, std::size_t count) -{ - Poco::RandomInputStream random; - - vec.clear(); - vec.reserve(count); - - for (int i = 0; i < count; ++i) - vec.push_back(static_cast<unsigned char>(random.get())); -} - - -void CipherKeyImpl::generateKey( - const std::string& password, - const std::string& salt, - int iterationCount) -{ - unsigned char keyBytes[EVP_MAX_KEY_LENGTH]; - unsigned char ivBytes[EVP_MAX_IV_LENGTH]; - - // OpenSSL documentation specifies that the salt must be an 8-byte array. - unsigned char saltBytes[8]; - - if (!salt.empty()) - { - int len = static_cast<int>(salt.size()); - // Create the salt array from the salt string - for (int i = 0; i < 8; ++i) - saltBytes[i] = salt.at(i % len); - for (int i = 8; i < len; ++i) - saltBytes[i % 8] ^= salt.at(i); - } - - // Now create the key and IV, using the MD5 digest algorithm. - int keySize = EVP_BytesToKey( - _pCipher, - _pDigest ? _pDigest : EVP_md5(), - (salt.empty() ? 0 : saltBytes), - reinterpret_cast<const unsigned char*>(password.data()), - static_cast<int>(password.size()), - iterationCount, - keyBytes, - ivBytes); - - // Copy the buffers to our member byte vectors. - _key.assign(keyBytes, keyBytes + keySize); - - if (ivSize() == 0) - _iv.clear(); - else - _iv.assign(ivBytes, ivBytes + ivSize()); -} - - -int CipherKeyImpl::keySize() const -{ - return EVP_CIPHER_key_length(_pCipher); -} - - -int CipherKeyImpl::blockSize() const -{ - return EVP_CIPHER_block_size(_pCipher); -} - - -int CipherKeyImpl::ivSize() const -{ - return EVP_CIPHER_iv_length(_pCipher); -} - - -void CipherKeyImpl::setIV(const ByteVec& iv) -{ - poco_assert(mode() == MODE_GCM || iv.size() == static_cast<ByteVec::size_type>(ivSize())); - _iv = iv; -} - - -} } // namespace Poco::Crypto +// +// CipherKeyImpl.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CipherKeyImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CipherKeyImpl.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Crypto/CipherFactory.h" +#include "Poco/Exception.h" +#include "Poco/RandomStream.h" +#include <openssl/err.h> +#include <openssl/evp.h> + + +namespace Poco { +namespace Crypto { + + +CipherKeyImpl::CipherKeyImpl(const std::string& name, + const std::string& passphrase, + const std::string& salt, + int iterationCount, + const std::string& digest): + _pCipher(0), + _pDigest(0), + _name(name), + _key(), + _iv() +{ + // dummy access to Cipherfactory so that the EVP lib is initilaized + CipherFactory::defaultFactory(); + _pCipher = EVP_get_cipherbyname(name.c_str()); + + if (!_pCipher) + throw Poco::NotFoundException("Cipher " + name + " was not found"); + + _pDigest = EVP_get_digestbyname(digest.c_str()); + + if (!_pDigest) + throw Poco::NotFoundException("Digest " + name + " was not found"); + + _key = ByteVec(keySize()); + _iv = ByteVec(ivSize()); + generateKey(passphrase, salt, iterationCount); +} + + +CipherKeyImpl::CipherKeyImpl(const std::string& name, + const ByteVec& key, + const ByteVec& iv): + _pCipher(0), + _pDigest(0), + _name(name), + _key(key), + _iv(iv) +{ + // dummy access to Cipherfactory so that the EVP lib is initialized + CipherFactory::defaultFactory(); + _pCipher = EVP_get_cipherbyname(name.c_str()); + + if (!_pCipher) + throw Poco::NotFoundException("Cipher " + name + " was not found"); +} + + +CipherKeyImpl::CipherKeyImpl(const std::string& name): + _pCipher(0), + _pDigest(0), + _name(name), + _key(), + _iv() +{ + // dummy access to Cipherfactory so that the EVP lib is initilaized + CipherFactory::defaultFactory(); + _pCipher = EVP_get_cipherbyname(name.c_str()); + + if (!_pCipher) + throw Poco::NotFoundException("Cipher " + name + " was not found"); + _key = ByteVec(keySize()); + _iv = ByteVec(ivSize()); + generateKey(); +} + + +CipherKeyImpl::~CipherKeyImpl() +{ +} + + +CipherKeyImpl::Mode CipherKeyImpl::mode() const +{ + switch (EVP_CIPHER_mode(_pCipher)) + { + case EVP_CIPH_STREAM_CIPHER: + return MODE_STREAM_CIPHER; + + case EVP_CIPH_ECB_MODE: + return MODE_ECB; + + case EVP_CIPH_CBC_MODE: + return MODE_CBC; + + case EVP_CIPH_CFB_MODE: + return MODE_CFB; + + case EVP_CIPH_OFB_MODE: + return MODE_OFB; + +#if OPENSSL_VERSION_NUMBER >= 0x10001000L + case EVP_CIPH_CTR_MODE: + return MODE_CTR; + + case EVP_CIPH_GCM_MODE: + return MODE_GCM; + + case EVP_CIPH_CCM_MODE: + return MODE_CCM; +#endif + } + throw Poco::IllegalStateException("Unexpected value of EVP_CIPHER_mode()"); +} + + +void CipherKeyImpl::generateKey() +{ + ByteVec vec; + + getRandomBytes(vec, keySize()); + setKey(vec); + + getRandomBytes(vec, ivSize()); + setIV(vec); +} + + +void CipherKeyImpl::getRandomBytes(ByteVec& vec, std::size_t count) +{ + Poco::RandomInputStream random; + + vec.clear(); + vec.reserve(count); + + for (int i = 0; i < count; ++i) + vec.push_back(static_cast<unsigned char>(random.get())); +} + + +void CipherKeyImpl::generateKey( + const std::string& password, + const std::string& salt, + int iterationCount) +{ + unsigned char keyBytes[EVP_MAX_KEY_LENGTH]; + unsigned char ivBytes[EVP_MAX_IV_LENGTH]; + + // OpenSSL documentation specifies that the salt must be an 8-byte array. + unsigned char saltBytes[8]; + + if (!salt.empty()) + { + int len = static_cast<int>(salt.size()); + // Create the salt array from the salt string + for (int i = 0; i < 8; ++i) + saltBytes[i] = salt.at(i % len); + for (int i = 8; i < len; ++i) + saltBytes[i % 8] ^= salt.at(i); + } + + // Now create the key and IV, using the MD5 digest algorithm. + int keySize = EVP_BytesToKey( + _pCipher, + _pDigest ? _pDigest : EVP_md5(), + (salt.empty() ? 0 : saltBytes), + reinterpret_cast<const unsigned char*>(password.data()), + static_cast<int>(password.size()), + iterationCount, + keyBytes, + ivBytes); + + // Copy the buffers to our member byte vectors. + _key.assign(keyBytes, keyBytes + keySize); + + if (ivSize() == 0) + _iv.clear(); + else + _iv.assign(ivBytes, ivBytes + ivSize()); +} + + +int CipherKeyImpl::keySize() const +{ + return EVP_CIPHER_key_length(_pCipher); +} + + +int CipherKeyImpl::blockSize() const +{ + return EVP_CIPHER_block_size(_pCipher); +} + + +int CipherKeyImpl::ivSize() const +{ + return EVP_CIPHER_iv_length(_pCipher); +} + + +void CipherKeyImpl::setIV(const ByteVec& iv) +{ + poco_assert(mode() == MODE_GCM || iv.size() == static_cast<ByteVec::size_type>(ivSize())); + _iv = iv; +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CryptoException.cpp b/contrib/libs/poco/Crypto/src/CryptoException.cpp index 7a3ec11874..e30940d229 100644 --- a/contrib/libs/poco/Crypto/src/CryptoException.cpp +++ b/contrib/libs/poco/Crypto/src/CryptoException.cpp @@ -1,108 +1,108 @@ -// -// CryptoException.cpp -// -// -// Library: Crypto -// Package: Crypto -// Module: CryptoException -// -// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CryptoException.h" -#include "Poco/NumberFormatter.h" -#include <typeinfo> -#include <openssl/err.h> - - -namespace Poco { -namespace Crypto { - - -POCO_IMPLEMENT_EXCEPTION(CryptoException, Exception, "Crypto Exception") - - -OpenSSLException::OpenSSLException(int otherCode): CryptoException(otherCode) -{ - setExtMessage(); -} - - -OpenSSLException::OpenSSLException(const std::string& msg, int otherCode): CryptoException(msg, otherCode) -{ - setExtMessage(); -} - - -OpenSSLException::OpenSSLException(const std::string& msg, const std::string& arg, int otherCode): CryptoException(msg, arg, otherCode) -{ - setExtMessage(); -} - - -OpenSSLException::OpenSSLException(const std::string& msg, const Poco::Exception& exc, int otherCode): CryptoException(msg, exc, otherCode) -{ - setExtMessage(); -} - - -OpenSSLException::OpenSSLException(const OpenSSLException& exc): CryptoException(exc) -{ - setExtMessage(); -} - - -OpenSSLException::~OpenSSLException() noexcept -{ -} - - -OpenSSLException& OpenSSLException::operator = (const OpenSSLException& exc) -{ - CryptoException::operator = (exc); - return *this; -} - - +// +// CryptoException.cpp +// +// +// Library: Crypto +// Package: Crypto +// Module: CryptoException +// +// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CryptoException.h" +#include "Poco/NumberFormatter.h" +#include <typeinfo> +#include <openssl/err.h> + + +namespace Poco { +namespace Crypto { + + +POCO_IMPLEMENT_EXCEPTION(CryptoException, Exception, "Crypto Exception") + + +OpenSSLException::OpenSSLException(int otherCode): CryptoException(otherCode) +{ + setExtMessage(); +} + + +OpenSSLException::OpenSSLException(const std::string& msg, int otherCode): CryptoException(msg, otherCode) +{ + setExtMessage(); +} + + +OpenSSLException::OpenSSLException(const std::string& msg, const std::string& arg, int otherCode): CryptoException(msg, arg, otherCode) +{ + setExtMessage(); +} + + +OpenSSLException::OpenSSLException(const std::string& msg, const Poco::Exception& exc, int otherCode): CryptoException(msg, exc, otherCode) +{ + setExtMessage(); +} + + +OpenSSLException::OpenSSLException(const OpenSSLException& exc): CryptoException(exc) +{ + setExtMessage(); +} + + +OpenSSLException::~OpenSSLException() noexcept +{ +} + + +OpenSSLException& OpenSSLException::operator = (const OpenSSLException& exc) +{ + CryptoException::operator = (exc); + return *this; +} + + const char* OpenSSLException::name() const noexcept -{ - return "OpenSSLException"; -} - - +{ + return "OpenSSLException"; +} + + const char* OpenSSLException::className() const noexcept -{ - return typeid(*this).name(); -} - - -Poco::Exception* OpenSSLException::clone() const -{ - return new OpenSSLException(*this); -} - - -void OpenSSLException::setExtMessage() -{ - Poco::UInt64 e = static_cast<Poco::UInt64>(ERR_get_error()); - char buf[128] = { 0 }; - char* pErr = ERR_error_string(static_cast<unsigned long>(e), buf); - std::string err; - if (pErr) err = pErr; - else err = NumberFormatter::format(e); - - extendedMessage(err); -} - - -void OpenSSLException::rethrow() const -{ - throw *this; -} - - -} } // namespace Poco::Crypto +{ + return typeid(*this).name(); +} + + +Poco::Exception* OpenSSLException::clone() const +{ + return new OpenSSLException(*this); +} + + +void OpenSSLException::setExtMessage() +{ + Poco::UInt64 e = static_cast<Poco::UInt64>(ERR_get_error()); + char buf[128] = { 0 }; + char* pErr = ERR_error_string(static_cast<unsigned long>(e), buf); + std::string err; + if (pErr) err = pErr; + else err = NumberFormatter::format(e); + + extendedMessage(err); +} + + +void OpenSSLException::rethrow() const +{ + throw *this; +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CryptoStream.cpp b/contrib/libs/poco/Crypto/src/CryptoStream.cpp index a0427686b2..6b29b7f077 100644 --- a/contrib/libs/poco/Crypto/src/CryptoStream.cpp +++ b/contrib/libs/poco/Crypto/src/CryptoStream.cpp @@ -1,355 +1,355 @@ -// -// CryptoStream.cpp -// -// Library: Crypto -// Package: Cipher -// Module: CryptoStream -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CryptoStream.h" -#include "Poco/Crypto/CryptoTransform.h" -#include "Poco/Crypto/Cipher.h" -#include "Poco/Exception.h" -#include <algorithm> - - -#undef min -#undef max - - -namespace Poco { -namespace Crypto { - - -// -// CryptoStreamBuf -// - - -CryptoStreamBuf::CryptoStreamBuf(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): - Poco::BufferedStreamBuf(bufferSize, std::ios::in), - _pTransform(pTransform), - _pIstr(&istr), - _pOstr(0), - _eof(false), - _buffer(static_cast<std::size_t>(bufferSize)) -{ - poco_check_ptr (pTransform); - poco_assert (bufferSize > 2 * pTransform->blockSize()); -} - - -CryptoStreamBuf::CryptoStreamBuf(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): - Poco::BufferedStreamBuf(bufferSize, std::ios::out), - _pTransform(pTransform), - _pIstr(0), - _pOstr(&ostr), - _eof(false), - _buffer(static_cast<std::size_t>(bufferSize)) -{ - poco_check_ptr (pTransform); - poco_assert (bufferSize > 2 * pTransform->blockSize()); -} - - -CryptoStreamBuf::~CryptoStreamBuf() -{ - try - { - close(); - } - catch (...) - { - } - delete _pTransform; -} - - -void CryptoStreamBuf::close() -{ - sync(); - - if (_pIstr) - { - _pIstr = 0; - } - else if (_pOstr) - { - // Close can be called multiple times. By zeroing the pointer we make - // sure that we call finalize() only once, even if an exception is - // thrown. - std::ostream* pOstr = _pOstr; - _pOstr = 0; - - // Finalize transformation. - std::streamsize n = _pTransform->finalize(_buffer.begin(), static_cast<std::streamsize>(_buffer.size())); - - if (n > 0) - { - pOstr->write(reinterpret_cast<char*>(_buffer.begin()), n); - if (!pOstr->good()) - throw Poco::IOException("Output stream failure"); - } - } -} - - -int CryptoStreamBuf::readFromDevice(char* buffer, std::streamsize length) -{ - if (!_pIstr) - return 0; - - int count = 0; - - while (!_eof) - { - int m = (static_cast<int>(length) - count)/2 - static_cast<int>(_pTransform->blockSize()); - - // Make sure we can read at least one more block. Explicitely check - // for m < 0 since blockSize() returns an unsigned int and the - // comparison might give false results for m < 0. - if (m <= 0) - break; - - int n = 0; - - if (_pIstr->good()) - { - _pIstr->read(reinterpret_cast<char*>(_buffer.begin()), m); - n = static_cast<int>(_pIstr->gcount()); - } - - if (n == 0) - { - _eof = true; - - // No more data, finalize transformation - count += static_cast<int>(_pTransform->finalize( - reinterpret_cast<unsigned char*>(buffer + count), - static_cast<int>(length) - count)); - } - else - { - // Transform next chunk of data - count += static_cast<int>(_pTransform->transform( - _buffer.begin(), - n, - reinterpret_cast<unsigned char*>(buffer + count), - static_cast<int>(length) - count)); - } - } - - return count; -} - - -int CryptoStreamBuf::writeToDevice(const char* buffer, std::streamsize length) -{ - if (!_pOstr) - return 0; - - std::size_t maxChunkSize = _buffer.size()/2; - std::size_t count = 0; - - while (count < length) - { - // Truncate chunk size so that the maximum output fits into _buffer. - std::size_t n = static_cast<std::size_t>(length) - count; - if (n > maxChunkSize) - n = maxChunkSize; - - // Transform next chunk of data - std::streamsize k = _pTransform->transform( - reinterpret_cast<const unsigned char*>(buffer + count), - static_cast<std::streamsize>(n), - _buffer.begin(), - static_cast<std::streamsize>(_buffer.size())); - - // Attention: (n != k) might be true. In count, we have to track how - // many bytes from buffer have been consumed, not how many bytes have - // been written to _pOstr! - count += n; - - if (k > 0) - { - _pOstr->write(reinterpret_cast<const char*>(_buffer.begin()), k); - if (!_pOstr->good()) - throw Poco::IOException("Output stream failure"); - } - } - - return static_cast<int>(count); -} - - -// -// CryptoIOS -// - - -CryptoIOS::CryptoIOS(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): - _buf(istr, pTransform, bufferSize) -{ - poco_ios_init(&_buf); -} - - -CryptoIOS::CryptoIOS(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): - _buf(ostr, pTransform, bufferSize) -{ - poco_ios_init(&_buf); -} - - -CryptoIOS::~CryptoIOS() -{ -} - - -CryptoStreamBuf* CryptoIOS::rdbuf() -{ - return &_buf; -} - - -// -// CryptoInputStream -// - - -CryptoInputStream::CryptoInputStream(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): - CryptoIOS(istr, pTransform, bufferSize), - std::istream(&_buf) -{ -} - - -CryptoInputStream::CryptoInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): - CryptoIOS(istr, cipher.createEncryptor(), bufferSize), - std::istream(&_buf) -{ -} - - -CryptoInputStream::~CryptoInputStream() -{ -} - - -// -// CryptoOutputStream -// - - -CryptoOutputStream::CryptoOutputStream(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): - CryptoIOS(ostr, pTransform, bufferSize), - std::ostream(&_buf) -{ -} - - -CryptoOutputStream::CryptoOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): - CryptoIOS(ostr, cipher.createDecryptor(), bufferSize), - std::ostream(&_buf) -{ -} - - -CryptoOutputStream::~CryptoOutputStream() -{ -} - - -void CryptoOutputStream::close() -{ - _buf.close(); -} - - -// -// EncryptingInputStream -// - - -EncryptingInputStream::EncryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): - CryptoIOS(istr, cipher.createEncryptor(), bufferSize), - std::istream(&_buf) -{ -} - - -EncryptingInputStream::~EncryptingInputStream() -{ -} - - -// -// EncryptingOuputStream -// - - -EncryptingOutputStream::EncryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): - CryptoIOS(ostr, cipher.createEncryptor(), bufferSize), - std::ostream(&_buf) -{ -} - - -EncryptingOutputStream::~EncryptingOutputStream() -{ -} - - -void EncryptingOutputStream::close() -{ - _buf.close(); -} - - -// -// DecryptingInputStream -// - - -DecryptingInputStream::DecryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): - CryptoIOS(istr, cipher.createDecryptor(), bufferSize), - std::istream(&_buf) -{ -} - - -DecryptingInputStream::~DecryptingInputStream() -{ -} - - -// -// DecryptingOuputStream -// - - -DecryptingOutputStream::DecryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): - CryptoIOS(ostr, cipher.createDecryptor(), bufferSize), - std::ostream(&_buf) -{ -} - - -DecryptingOutputStream::~DecryptingOutputStream() -{ -} - - -void DecryptingOutputStream::close() -{ - _buf.close(); -} - - -} } // namespace Poco::Crypto +// +// CryptoStream.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CryptoStream +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CryptoStream.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Crypto/Cipher.h" +#include "Poco/Exception.h" +#include <algorithm> + + +#undef min +#undef max + + +namespace Poco { +namespace Crypto { + + +// +// CryptoStreamBuf +// + + +CryptoStreamBuf::CryptoStreamBuf(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): + Poco::BufferedStreamBuf(bufferSize, std::ios::in), + _pTransform(pTransform), + _pIstr(&istr), + _pOstr(0), + _eof(false), + _buffer(static_cast<std::size_t>(bufferSize)) +{ + poco_check_ptr (pTransform); + poco_assert (bufferSize > 2 * pTransform->blockSize()); +} + + +CryptoStreamBuf::CryptoStreamBuf(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): + Poco::BufferedStreamBuf(bufferSize, std::ios::out), + _pTransform(pTransform), + _pIstr(0), + _pOstr(&ostr), + _eof(false), + _buffer(static_cast<std::size_t>(bufferSize)) +{ + poco_check_ptr (pTransform); + poco_assert (bufferSize > 2 * pTransform->blockSize()); +} + + +CryptoStreamBuf::~CryptoStreamBuf() +{ + try + { + close(); + } + catch (...) + { + } + delete _pTransform; +} + + +void CryptoStreamBuf::close() +{ + sync(); + + if (_pIstr) + { + _pIstr = 0; + } + else if (_pOstr) + { + // Close can be called multiple times. By zeroing the pointer we make + // sure that we call finalize() only once, even if an exception is + // thrown. + std::ostream* pOstr = _pOstr; + _pOstr = 0; + + // Finalize transformation. + std::streamsize n = _pTransform->finalize(_buffer.begin(), static_cast<std::streamsize>(_buffer.size())); + + if (n > 0) + { + pOstr->write(reinterpret_cast<char*>(_buffer.begin()), n); + if (!pOstr->good()) + throw Poco::IOException("Output stream failure"); + } + } +} + + +int CryptoStreamBuf::readFromDevice(char* buffer, std::streamsize length) +{ + if (!_pIstr) + return 0; + + int count = 0; + + while (!_eof) + { + int m = (static_cast<int>(length) - count)/2 - static_cast<int>(_pTransform->blockSize()); + + // Make sure we can read at least one more block. Explicitely check + // for m < 0 since blockSize() returns an unsigned int and the + // comparison might give false results for m < 0. + if (m <= 0) + break; + + int n = 0; + + if (_pIstr->good()) + { + _pIstr->read(reinterpret_cast<char*>(_buffer.begin()), m); + n = static_cast<int>(_pIstr->gcount()); + } + + if (n == 0) + { + _eof = true; + + // No more data, finalize transformation + count += static_cast<int>(_pTransform->finalize( + reinterpret_cast<unsigned char*>(buffer + count), + static_cast<int>(length) - count)); + } + else + { + // Transform next chunk of data + count += static_cast<int>(_pTransform->transform( + _buffer.begin(), + n, + reinterpret_cast<unsigned char*>(buffer + count), + static_cast<int>(length) - count)); + } + } + + return count; +} + + +int CryptoStreamBuf::writeToDevice(const char* buffer, std::streamsize length) +{ + if (!_pOstr) + return 0; + + std::size_t maxChunkSize = _buffer.size()/2; + std::size_t count = 0; + + while (count < length) + { + // Truncate chunk size so that the maximum output fits into _buffer. + std::size_t n = static_cast<std::size_t>(length) - count; + if (n > maxChunkSize) + n = maxChunkSize; + + // Transform next chunk of data + std::streamsize k = _pTransform->transform( + reinterpret_cast<const unsigned char*>(buffer + count), + static_cast<std::streamsize>(n), + _buffer.begin(), + static_cast<std::streamsize>(_buffer.size())); + + // Attention: (n != k) might be true. In count, we have to track how + // many bytes from buffer have been consumed, not how many bytes have + // been written to _pOstr! + count += n; + + if (k > 0) + { + _pOstr->write(reinterpret_cast<const char*>(_buffer.begin()), k); + if (!_pOstr->good()) + throw Poco::IOException("Output stream failure"); + } + } + + return static_cast<int>(count); +} + + +// +// CryptoIOS +// + + +CryptoIOS::CryptoIOS(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): + _buf(istr, pTransform, bufferSize) +{ + poco_ios_init(&_buf); +} + + +CryptoIOS::CryptoIOS(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): + _buf(ostr, pTransform, bufferSize) +{ + poco_ios_init(&_buf); +} + + +CryptoIOS::~CryptoIOS() +{ +} + + +CryptoStreamBuf* CryptoIOS::rdbuf() +{ + return &_buf; +} + + +// +// CryptoInputStream +// + + +CryptoInputStream::CryptoInputStream(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): + CryptoIOS(istr, pTransform, bufferSize), + std::istream(&_buf) +{ +} + + +CryptoInputStream::CryptoInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(istr, cipher.createEncryptor(), bufferSize), + std::istream(&_buf) +{ +} + + +CryptoInputStream::~CryptoInputStream() +{ +} + + +// +// CryptoOutputStream +// + + +CryptoOutputStream::CryptoOutputStream(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): + CryptoIOS(ostr, pTransform, bufferSize), + std::ostream(&_buf) +{ +} + + +CryptoOutputStream::CryptoOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(ostr, cipher.createDecryptor(), bufferSize), + std::ostream(&_buf) +{ +} + + +CryptoOutputStream::~CryptoOutputStream() +{ +} + + +void CryptoOutputStream::close() +{ + _buf.close(); +} + + +// +// EncryptingInputStream +// + + +EncryptingInputStream::EncryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(istr, cipher.createEncryptor(), bufferSize), + std::istream(&_buf) +{ +} + + +EncryptingInputStream::~EncryptingInputStream() +{ +} + + +// +// EncryptingOuputStream +// + + +EncryptingOutputStream::EncryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(ostr, cipher.createEncryptor(), bufferSize), + std::ostream(&_buf) +{ +} + + +EncryptingOutputStream::~EncryptingOutputStream() +{ +} + + +void EncryptingOutputStream::close() +{ + _buf.close(); +} + + +// +// DecryptingInputStream +// + + +DecryptingInputStream::DecryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(istr, cipher.createDecryptor(), bufferSize), + std::istream(&_buf) +{ +} + + +DecryptingInputStream::~DecryptingInputStream() +{ +} + + +// +// DecryptingOuputStream +// + + +DecryptingOutputStream::DecryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(ostr, cipher.createDecryptor(), bufferSize), + std::ostream(&_buf) +{ +} + + +DecryptingOutputStream::~DecryptingOutputStream() +{ +} + + +void DecryptingOutputStream::close() +{ + _buf.close(); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CryptoTransform.cpp b/contrib/libs/poco/Crypto/src/CryptoTransform.cpp index 750028656b..e4e58fd6e6 100644 --- a/contrib/libs/poco/Crypto/src/CryptoTransform.cpp +++ b/contrib/libs/poco/Crypto/src/CryptoTransform.cpp @@ -1,38 +1,38 @@ -// -// CryptoTransform.cpp -// -// Library: Crypto -// Package: Cipher -// Module: CryptoTransform -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CryptoTransform.h" - - -namespace Poco { -namespace Crypto { - - -CryptoTransform::CryptoTransform() -{ -} - - -CryptoTransform::~CryptoTransform() -{ -} - - -int CryptoTransform::setPadding(int padding) -{ - return 1; -} - - -} } // namespace Poco::Crypto +// +// CryptoTransform.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CryptoTransform +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CryptoTransform.h" + + +namespace Poco { +namespace Crypto { + + +CryptoTransform::CryptoTransform() +{ +} + + +CryptoTransform::~CryptoTransform() +{ +} + + +int CryptoTransform::setPadding(int padding) +{ + return 1; +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/DigestEngine.cpp b/contrib/libs/poco/Crypto/src/DigestEngine.cpp index 984261e1b2..bac2d44e07 100644 --- a/contrib/libs/poco/Crypto/src/DigestEngine.cpp +++ b/contrib/libs/poco/Crypto/src/DigestEngine.cpp @@ -1,80 +1,80 @@ -// -// DigestEngine.cpp -// -// Library: Crypto -// Package: Digest -// Module: DigestEngine -// -// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/DigestEngine.h" -#include "Poco/Exception.h" - - -namespace Poco { -namespace Crypto { - - -DigestEngine::DigestEngine(const std::string& name): - _name(name), - _pContext(EVP_MD_CTX_create()) -{ - const EVP_MD* md = EVP_get_digestbyname(_name.c_str()); - if (!md) throw Poco::NotFoundException(_name); - EVP_DigestInit_ex(_pContext, md, NULL); -} - - -DigestEngine::~DigestEngine() -{ - EVP_MD_CTX_destroy(_pContext); -} - -int DigestEngine::nid() const -{ - return EVP_MD_nid(EVP_MD_CTX_md(_pContext)); -} - -std::size_t DigestEngine::digestLength() const -{ - return EVP_MD_CTX_size(_pContext); -} - - -void DigestEngine::reset() -{ -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - EVP_MD_CTX_free(_pContext); - _pContext = EVP_MD_CTX_create(); -#else - EVP_MD_CTX_cleanup(_pContext); -#endif - const EVP_MD* md = EVP_get_digestbyname(_name.c_str()); - if (!md) throw Poco::NotFoundException(_name); - EVP_DigestInit_ex(_pContext, md, NULL); -} - - -const Poco::DigestEngine::Digest& DigestEngine::digest() -{ - _digest.clear(); - unsigned len = EVP_MD_CTX_size(_pContext); - _digest.resize(len); - EVP_DigestFinal_ex(_pContext, &_digest[0], &len); - reset(); - return _digest; -} - - -void DigestEngine::updateImpl(const void* data, std::size_t length) -{ - EVP_DigestUpdate(_pContext, data, length); -} - - -} } // namespace Poco::Crypto +// +// DigestEngine.cpp +// +// Library: Crypto +// Package: Digest +// Module: DigestEngine +// +// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/DigestEngine.h" +#include "Poco/Exception.h" + + +namespace Poco { +namespace Crypto { + + +DigestEngine::DigestEngine(const std::string& name): + _name(name), + _pContext(EVP_MD_CTX_create()) +{ + const EVP_MD* md = EVP_get_digestbyname(_name.c_str()); + if (!md) throw Poco::NotFoundException(_name); + EVP_DigestInit_ex(_pContext, md, NULL); +} + + +DigestEngine::~DigestEngine() +{ + EVP_MD_CTX_destroy(_pContext); +} + +int DigestEngine::nid() const +{ + return EVP_MD_nid(EVP_MD_CTX_md(_pContext)); +} + +std::size_t DigestEngine::digestLength() const +{ + return EVP_MD_CTX_size(_pContext); +} + + +void DigestEngine::reset() +{ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_MD_CTX_free(_pContext); + _pContext = EVP_MD_CTX_create(); +#else + EVP_MD_CTX_cleanup(_pContext); +#endif + const EVP_MD* md = EVP_get_digestbyname(_name.c_str()); + if (!md) throw Poco::NotFoundException(_name); + EVP_DigestInit_ex(_pContext, md, NULL); +} + + +const Poco::DigestEngine::Digest& DigestEngine::digest() +{ + _digest.clear(); + unsigned len = EVP_MD_CTX_size(_pContext); + _digest.resize(len); + EVP_DigestFinal_ex(_pContext, &_digest[0], &len); + reset(); + return _digest; +} + + +void DigestEngine::updateImpl(const void* data, std::size_t length) +{ + EVP_DigestUpdate(_pContext, data, length); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/ECDSADigestEngine.cpp b/contrib/libs/poco/Crypto/src/ECDSADigestEngine.cpp index e5bcf2e088..59512770cd 100644 --- a/contrib/libs/poco/Crypto/src/ECDSADigestEngine.cpp +++ b/contrib/libs/poco/Crypto/src/ECDSADigestEngine.cpp @@ -1,100 +1,100 @@ -// -// ECDSADigestEngine.cpp -// -// -// Library: Crypto -// Package: ECDSA -// Module: ECDSADigestEngine -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/ECDSADigestEngine.h" -#include <openssl/ecdsa.h> - - -namespace Poco { -namespace Crypto { - - -ECDSADigestEngine::ECDSADigestEngine(const ECKey& key, const std::string &name): - _key(key), - _engine(name) -{ -} - - -ECDSADigestEngine::~ECDSADigestEngine() -{ -} - - -std::size_t ECDSADigestEngine::digestLength() const -{ - return _engine.digestLength(); -} - - -void ECDSADigestEngine::reset() -{ - _engine.reset(); - _digest.clear(); - _signature.clear(); -} - - -const DigestEngine::Digest& ECDSADigestEngine::digest() -{ - if (_digest.empty()) - { - _digest = _engine.digest(); - } - return _digest; -} - - -const DigestEngine::Digest& ECDSADigestEngine::signature() -{ - if (_signature.empty()) - { - digest(); - _signature.resize(_key.size()); - unsigned sigLen = static_cast<unsigned>(_signature.size()); - if (!ECDSA_sign(0, &_digest[0], static_cast<unsigned>(_digest.size()), - &_signature[0], &sigLen, _key.impl()->getECKey())) - { - throw OpenSSLException(); - } - if (sigLen < _signature.size()) _signature.resize(sigLen); - } - return _signature; -} - - -bool ECDSADigestEngine::verify(const DigestEngine::Digest& sig) -{ - digest(); - EC_KEY* pKey = _key.impl()->getECKey(); - if (pKey) - { - int ret = ECDSA_verify(0, &_digest[0], static_cast<unsigned>(_digest.size()), - &sig[0], static_cast<unsigned>(sig.size()), - pKey); - if (1 == ret) return true; - else if (0 == ret) return false; - } - throw OpenSSLException(); -} - - -void ECDSADigestEngine::updateImpl(const void* data, std::size_t length) -{ - _engine.update(data, length); -} - - -} } // namespace Poco::Crypto +// +// ECDSADigestEngine.cpp +// +// +// Library: Crypto +// Package: ECDSA +// Module: ECDSADigestEngine +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/ECDSADigestEngine.h" +#include <openssl/ecdsa.h> + + +namespace Poco { +namespace Crypto { + + +ECDSADigestEngine::ECDSADigestEngine(const ECKey& key, const std::string &name): + _key(key), + _engine(name) +{ +} + + +ECDSADigestEngine::~ECDSADigestEngine() +{ +} + + +std::size_t ECDSADigestEngine::digestLength() const +{ + return _engine.digestLength(); +} + + +void ECDSADigestEngine::reset() +{ + _engine.reset(); + _digest.clear(); + _signature.clear(); +} + + +const DigestEngine::Digest& ECDSADigestEngine::digest() +{ + if (_digest.empty()) + { + _digest = _engine.digest(); + } + return _digest; +} + + +const DigestEngine::Digest& ECDSADigestEngine::signature() +{ + if (_signature.empty()) + { + digest(); + _signature.resize(_key.size()); + unsigned sigLen = static_cast<unsigned>(_signature.size()); + if (!ECDSA_sign(0, &_digest[0], static_cast<unsigned>(_digest.size()), + &_signature[0], &sigLen, _key.impl()->getECKey())) + { + throw OpenSSLException(); + } + if (sigLen < _signature.size()) _signature.resize(sigLen); + } + return _signature; +} + + +bool ECDSADigestEngine::verify(const DigestEngine::Digest& sig) +{ + digest(); + EC_KEY* pKey = _key.impl()->getECKey(); + if (pKey) + { + int ret = ECDSA_verify(0, &_digest[0], static_cast<unsigned>(_digest.size()), + &sig[0], static_cast<unsigned>(sig.size()), + pKey); + if (1 == ret) return true; + else if (0 == ret) return false; + } + throw OpenSSLException(); +} + + +void ECDSADigestEngine::updateImpl(const void* data, std::size_t length) +{ + _engine.update(data, length); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/ECKey.cpp b/contrib/libs/poco/Crypto/src/ECKey.cpp index 1e7e1692e8..56b8663776 100644 --- a/contrib/libs/poco/Crypto/src/ECKey.cpp +++ b/contrib/libs/poco/Crypto/src/ECKey.cpp @@ -1,75 +1,75 @@ -// -// ECKey.cpp -// -// -// Library: Crypto -// Package: EC -// Module: ECKey -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/ECKey.h" -#include <openssl/rsa.h> - - -namespace Poco { -namespace Crypto { - - -ECKey::ECKey(const EVPPKey& key): - KeyPair(new ECKeyImpl(key)), - _pImpl(KeyPair::impl().cast<ECKeyImpl>()) -{ -} - - -ECKey::ECKey(const X509Certificate& cert): - KeyPair(new ECKeyImpl(cert)), - _pImpl(KeyPair::impl().cast<ECKeyImpl>()) -{ -} - - -ECKey::ECKey(const PKCS12Container& cont): - KeyPair(new ECKeyImpl(cont)), - _pImpl(KeyPair::impl().cast<ECKeyImpl>()) -{ -} - - -ECKey::ECKey(const std::string& eccGroup): - KeyPair(new ECKeyImpl(OBJ_txt2nid(eccGroup.c_str()))), - _pImpl(KeyPair::impl().cast<ECKeyImpl>()) -{ -} - - -ECKey::ECKey(const std::string& publicKeyFile, - const std::string& privateKeyFile, - const std::string& privateKeyPassphrase): - KeyPair(new ECKeyImpl(publicKeyFile, privateKeyFile, privateKeyPassphrase)), - _pImpl(KeyPair::impl().cast<ECKeyImpl>()) -{ -} - - -ECKey::ECKey(std::istream* pPublicKeyStream, - std::istream* pPrivateKeyStream, - const std::string& privateKeyPassphrase): - KeyPair(new ECKeyImpl(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase)), - _pImpl(KeyPair::impl().cast<ECKeyImpl>()) -{ -} - - -ECKey::~ECKey() -{ -} - - -} } // namespace Poco::Crypto +// +// ECKey.cpp +// +// +// Library: Crypto +// Package: EC +// Module: ECKey +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/ECKey.h" +#include <openssl/rsa.h> + + +namespace Poco { +namespace Crypto { + + +ECKey::ECKey(const EVPPKey& key): + KeyPair(new ECKeyImpl(key)), + _pImpl(KeyPair::impl().cast<ECKeyImpl>()) +{ +} + + +ECKey::ECKey(const X509Certificate& cert): + KeyPair(new ECKeyImpl(cert)), + _pImpl(KeyPair::impl().cast<ECKeyImpl>()) +{ +} + + +ECKey::ECKey(const PKCS12Container& cont): + KeyPair(new ECKeyImpl(cont)), + _pImpl(KeyPair::impl().cast<ECKeyImpl>()) +{ +} + + +ECKey::ECKey(const std::string& eccGroup): + KeyPair(new ECKeyImpl(OBJ_txt2nid(eccGroup.c_str()))), + _pImpl(KeyPair::impl().cast<ECKeyImpl>()) +{ +} + + +ECKey::ECKey(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase): + KeyPair(new ECKeyImpl(publicKeyFile, privateKeyFile, privateKeyPassphrase)), + _pImpl(KeyPair::impl().cast<ECKeyImpl>()) +{ +} + + +ECKey::ECKey(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream, + const std::string& privateKeyPassphrase): + KeyPair(new ECKeyImpl(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase)), + _pImpl(KeyPair::impl().cast<ECKeyImpl>()) +{ +} + + +ECKey::~ECKey() +{ +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/ECKeyImpl.cpp b/contrib/libs/poco/Crypto/src/ECKeyImpl.cpp index a13428ddc2..99ffae7606 100644 --- a/contrib/libs/poco/Crypto/src/ECKeyImpl.cpp +++ b/contrib/libs/poco/Crypto/src/ECKeyImpl.cpp @@ -1,258 +1,258 @@ -// -// ECKeyImpl.cpp -// -// -// Library: Crypto -// Package: EC -// Module: ECKeyImpl -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/ECKeyImpl.h" -#include "Poco/Crypto/X509Certificate.h" -#include "Poco/Crypto/PKCS12Container.h" -#include "Poco/FileStream.h" -#include "Poco/Format.h" -#include "Poco/StreamCopier.h" -#include <sstream> -#include <openssl/evp.h> -#if OPENSSL_VERSION_NUMBER >= 0x00908000L -#include <openssl/bn.h> -#endif - - -namespace Poco { -namespace Crypto { - - -ECKeyImpl::ECKeyImpl(const EVPPKey& key): - KeyPairImpl("ec", KT_EC_IMPL), - _pEC(EVP_PKEY_get1_EC_KEY(const_cast<EVP_PKEY*>((const EVP_PKEY*)key))) -{ - checkEC("ECKeyImpl(const EVPPKey&)", "EVP_PKEY_get1_EC_KEY()"); -} - - -ECKeyImpl::ECKeyImpl(const X509Certificate& cert): - KeyPairImpl("ec", KT_EC_IMPL), - _pEC(0) -{ - const X509* pCert = cert.certificate(); - if (pCert) - { - EVP_PKEY* pKey = X509_get_pubkey(const_cast<X509*>(pCert)); - if (pKey) - { - _pEC = EVP_PKEY_get1_EC_KEY(pKey); - EVP_PKEY_free(pKey); - checkEC("ECKeyImpl(const const X509Certificate&)", "EVP_PKEY_get1_EC_KEY()"); - return; - } - } - throw OpenSSLException("ECKeyImpl(const X509Certificate&)"); -} - - -ECKeyImpl::ECKeyImpl(const PKCS12Container& cont): - KeyPairImpl("ec", KT_EC_IMPL), - _pEC(EVP_PKEY_get1_EC_KEY(cont.getKey())) -{ - checkEC("ECKeyImpl(const PKCS12Container&)", "EVP_PKEY_get1_EC_KEY()"); -} - - -ECKeyImpl::ECKeyImpl(int curve): - KeyPairImpl("ec", KT_EC_IMPL), - _pEC(EC_KEY_new_by_curve_name(curve)) -{ - poco_check_ptr(_pEC); - EC_KEY_set_asn1_flag(_pEC, OPENSSL_EC_NAMED_CURVE); - if (!(EC_KEY_generate_key(_pEC))) - throw OpenSSLException("ECKeyImpl(int curve): EC_KEY_generate_key()"); - checkEC("ECKeyImpl(int curve)", "EC_KEY_generate_key()"); -} - - -ECKeyImpl::ECKeyImpl(const std::string& publicKeyFile, - const std::string& privateKeyFile, - const std::string& privateKeyPassphrase): KeyPairImpl("ec", KT_EC_IMPL), _pEC(0) -{ - if (EVPPKey::loadKey(&_pEC, PEM_read_PrivateKey, EVP_PKEY_get1_EC_KEY, privateKeyFile, privateKeyPassphrase)) - { - checkEC(Poco::format("ECKeyImpl(%s, %s, %s)", - publicKeyFile, privateKeyFile, privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), - "PEM_read_PrivateKey() or EVP_PKEY_get1_EC_KEY()"); - return; // private key is enough - } - - // no private key, this must be public key only, otherwise throw - if (!EVPPKey::loadKey(&_pEC, PEM_read_PUBKEY, EVP_PKEY_get1_EC_KEY, publicKeyFile)) - { - throw OpenSSLException("ECKeyImpl(const string&, const string&, const string&"); - } - checkEC(Poco::format("ECKeyImpl(%s, %s, %s)", - publicKeyFile, privateKeyFile, privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), - "PEM_read_PUBKEY() or EVP_PKEY_get1_EC_KEY()"); -} - - -ECKeyImpl::ECKeyImpl(std::istream* pPublicKeyStream, - std::istream* pPrivateKeyStream, - const std::string& privateKeyPassphrase): KeyPairImpl("ec", KT_EC_IMPL), _pEC(0) -{ - if (EVPPKey::loadKey(&_pEC, PEM_read_bio_PrivateKey, EVP_PKEY_get1_EC_KEY, pPrivateKeyStream, privateKeyPassphrase)) - { - checkEC(Poco::format("ECKeyImpl(stream, stream, %s)", - privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), - "PEM_read_bio_PrivateKey() or EVP_PKEY_get1_EC_KEY()"); - return; // private key is enough - } - - // no private key, this must be public key only, otherwise throw - if (!EVPPKey::loadKey(&_pEC, PEM_read_bio_PUBKEY, EVP_PKEY_get1_EC_KEY, pPublicKeyStream)) - { - throw OpenSSLException("ECKeyImpl(istream*, istream*, const string&"); - } - checkEC(Poco::format("ECKeyImpl(stream, stream, %s)", - privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), - "PEM_read_bio_PUBKEY() or EVP_PKEY_get1_EC_KEY()"); -} - - -ECKeyImpl::~ECKeyImpl() -{ - freeEC(); -} - - -void ECKeyImpl::checkEC(const std::string& method, const std::string& func) const -{ - if (!_pEC) throw OpenSSLException(Poco::format("%s: %s", method, func)); - if (!EC_KEY_check_key(_pEC)) - throw OpenSSLException(Poco::format("%s: EC_KEY_check_key()", method)); -} - - -void ECKeyImpl::freeEC() -{ - if (_pEC) - { - EC_KEY_free(_pEC); - _pEC = 0; - } -} - - -int ECKeyImpl::size() const -{ - int sz = -1; - EVP_PKEY* pKey = EVP_PKEY_new(); - if (pKey && EVP_PKEY_set1_EC_KEY(pKey, _pEC)) - { - sz = EVP_PKEY_bits(pKey); - EVP_PKEY_free(pKey); - return sz; - } - throw OpenSSLException("ECKeyImpl::size()"); -} - - -int ECKeyImpl::groupId() const -{ - if (_pEC) - { - const EC_GROUP* ecGroup = EC_KEY_get0_group(_pEC); - if (ecGroup) - { - return EC_GROUP_get_curve_name(ecGroup); - } - else - { - throw OpenSSLException("ECKeyImpl::groupName()"); - } - } - throw NullPointerException("ECKeyImpl::groupName() => _pEC"); -} - - -std::string ECKeyImpl::getCurveName(int nid) -{ - std::string curveName; - size_t len = EC_get_builtin_curves(NULL, 0); - EC_builtin_curve* pCurves = - (EC_builtin_curve*) OPENSSL_malloc(sizeof(EC_builtin_curve) * len); - if (!pCurves) return curveName; - - if (!EC_get_builtin_curves(pCurves, len)) - { - OPENSSL_free(pCurves); - return curveName; - } - - if (-1 == nid) nid = pCurves[0].nid; - const int bufLen = 128; - char buf[bufLen]; - std::memset(buf, 0, bufLen); - OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(nid), 0); - curveName = buf; - OPENSSL_free(pCurves); - return curveName; -} - - -int ECKeyImpl::getCurveNID(std::string& name) -{ - std::string curveName; - size_t len = EC_get_builtin_curves(NULL, 0); - EC_builtin_curve* pCurves = - (EC_builtin_curve*)OPENSSL_malloc(static_cast<int>(sizeof(EC_builtin_curve) * len)); - if (!pCurves) return -1; - - if (!EC_get_builtin_curves(pCurves, len)) - { - OPENSSL_free(pCurves); - return -1; - } - - int nid = -1; - const int bufLen = 128; - char buf[bufLen]; - if (name.empty()) - { - std::memset(buf, 0, bufLen); - OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(nid), 0); - name = buf; - nid = pCurves[0].nid; - } - else - { - for (int i = 0; i < len; ++i) - { - std::memset(buf, 0, bufLen); - OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(pCurves[i].nid), 0); - if (strncmp(name.c_str(), buf, name.size() > bufLen ? bufLen : name.size()) == 0) - { - nid = pCurves[i].nid; - break; - } - } - } - - OPENSSL_free(pCurves); - return nid; -} - - -bool ECKeyImpl::hasCurve(const std::string& name) -{ - std::string tmp(name); - return (-1 != getCurveNID(tmp)); -} - - -} } // namespace Poco::Crypto +// +// ECKeyImpl.cpp +// +// +// Library: Crypto +// Package: EC +// Module: ECKeyImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/ECKeyImpl.h" +#include "Poco/Crypto/X509Certificate.h" +#include "Poco/Crypto/PKCS12Container.h" +#include "Poco/FileStream.h" +#include "Poco/Format.h" +#include "Poco/StreamCopier.h" +#include <sstream> +#include <openssl/evp.h> +#if OPENSSL_VERSION_NUMBER >= 0x00908000L +#include <openssl/bn.h> +#endif + + +namespace Poco { +namespace Crypto { + + +ECKeyImpl::ECKeyImpl(const EVPPKey& key): + KeyPairImpl("ec", KT_EC_IMPL), + _pEC(EVP_PKEY_get1_EC_KEY(const_cast<EVP_PKEY*>((const EVP_PKEY*)key))) +{ + checkEC("ECKeyImpl(const EVPPKey&)", "EVP_PKEY_get1_EC_KEY()"); +} + + +ECKeyImpl::ECKeyImpl(const X509Certificate& cert): + KeyPairImpl("ec", KT_EC_IMPL), + _pEC(0) +{ + const X509* pCert = cert.certificate(); + if (pCert) + { + EVP_PKEY* pKey = X509_get_pubkey(const_cast<X509*>(pCert)); + if (pKey) + { + _pEC = EVP_PKEY_get1_EC_KEY(pKey); + EVP_PKEY_free(pKey); + checkEC("ECKeyImpl(const const X509Certificate&)", "EVP_PKEY_get1_EC_KEY()"); + return; + } + } + throw OpenSSLException("ECKeyImpl(const X509Certificate&)"); +} + + +ECKeyImpl::ECKeyImpl(const PKCS12Container& cont): + KeyPairImpl("ec", KT_EC_IMPL), + _pEC(EVP_PKEY_get1_EC_KEY(cont.getKey())) +{ + checkEC("ECKeyImpl(const PKCS12Container&)", "EVP_PKEY_get1_EC_KEY()"); +} + + +ECKeyImpl::ECKeyImpl(int curve): + KeyPairImpl("ec", KT_EC_IMPL), + _pEC(EC_KEY_new_by_curve_name(curve)) +{ + poco_check_ptr(_pEC); + EC_KEY_set_asn1_flag(_pEC, OPENSSL_EC_NAMED_CURVE); + if (!(EC_KEY_generate_key(_pEC))) + throw OpenSSLException("ECKeyImpl(int curve): EC_KEY_generate_key()"); + checkEC("ECKeyImpl(int curve)", "EC_KEY_generate_key()"); +} + + +ECKeyImpl::ECKeyImpl(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase): KeyPairImpl("ec", KT_EC_IMPL), _pEC(0) +{ + if (EVPPKey::loadKey(&_pEC, PEM_read_PrivateKey, EVP_PKEY_get1_EC_KEY, privateKeyFile, privateKeyPassphrase)) + { + checkEC(Poco::format("ECKeyImpl(%s, %s, %s)", + publicKeyFile, privateKeyFile, privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), + "PEM_read_PrivateKey() or EVP_PKEY_get1_EC_KEY()"); + return; // private key is enough + } + + // no private key, this must be public key only, otherwise throw + if (!EVPPKey::loadKey(&_pEC, PEM_read_PUBKEY, EVP_PKEY_get1_EC_KEY, publicKeyFile)) + { + throw OpenSSLException("ECKeyImpl(const string&, const string&, const string&"); + } + checkEC(Poco::format("ECKeyImpl(%s, %s, %s)", + publicKeyFile, privateKeyFile, privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), + "PEM_read_PUBKEY() or EVP_PKEY_get1_EC_KEY()"); +} + + +ECKeyImpl::ECKeyImpl(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream, + const std::string& privateKeyPassphrase): KeyPairImpl("ec", KT_EC_IMPL), _pEC(0) +{ + if (EVPPKey::loadKey(&_pEC, PEM_read_bio_PrivateKey, EVP_PKEY_get1_EC_KEY, pPrivateKeyStream, privateKeyPassphrase)) + { + checkEC(Poco::format("ECKeyImpl(stream, stream, %s)", + privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), + "PEM_read_bio_PrivateKey() or EVP_PKEY_get1_EC_KEY()"); + return; // private key is enough + } + + // no private key, this must be public key only, otherwise throw + if (!EVPPKey::loadKey(&_pEC, PEM_read_bio_PUBKEY, EVP_PKEY_get1_EC_KEY, pPublicKeyStream)) + { + throw OpenSSLException("ECKeyImpl(istream*, istream*, const string&"); + } + checkEC(Poco::format("ECKeyImpl(stream, stream, %s)", + privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), + "PEM_read_bio_PUBKEY() or EVP_PKEY_get1_EC_KEY()"); +} + + +ECKeyImpl::~ECKeyImpl() +{ + freeEC(); +} + + +void ECKeyImpl::checkEC(const std::string& method, const std::string& func) const +{ + if (!_pEC) throw OpenSSLException(Poco::format("%s: %s", method, func)); + if (!EC_KEY_check_key(_pEC)) + throw OpenSSLException(Poco::format("%s: EC_KEY_check_key()", method)); +} + + +void ECKeyImpl::freeEC() +{ + if (_pEC) + { + EC_KEY_free(_pEC); + _pEC = 0; + } +} + + +int ECKeyImpl::size() const +{ + int sz = -1; + EVP_PKEY* pKey = EVP_PKEY_new(); + if (pKey && EVP_PKEY_set1_EC_KEY(pKey, _pEC)) + { + sz = EVP_PKEY_bits(pKey); + EVP_PKEY_free(pKey); + return sz; + } + throw OpenSSLException("ECKeyImpl::size()"); +} + + +int ECKeyImpl::groupId() const +{ + if (_pEC) + { + const EC_GROUP* ecGroup = EC_KEY_get0_group(_pEC); + if (ecGroup) + { + return EC_GROUP_get_curve_name(ecGroup); + } + else + { + throw OpenSSLException("ECKeyImpl::groupName()"); + } + } + throw NullPointerException("ECKeyImpl::groupName() => _pEC"); +} + + +std::string ECKeyImpl::getCurveName(int nid) +{ + std::string curveName; + size_t len = EC_get_builtin_curves(NULL, 0); + EC_builtin_curve* pCurves = + (EC_builtin_curve*) OPENSSL_malloc(sizeof(EC_builtin_curve) * len); + if (!pCurves) return curveName; + + if (!EC_get_builtin_curves(pCurves, len)) + { + OPENSSL_free(pCurves); + return curveName; + } + + if (-1 == nid) nid = pCurves[0].nid; + const int bufLen = 128; + char buf[bufLen]; + std::memset(buf, 0, bufLen); + OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(nid), 0); + curveName = buf; + OPENSSL_free(pCurves); + return curveName; +} + + +int ECKeyImpl::getCurveNID(std::string& name) +{ + std::string curveName; + size_t len = EC_get_builtin_curves(NULL, 0); + EC_builtin_curve* pCurves = + (EC_builtin_curve*)OPENSSL_malloc(static_cast<int>(sizeof(EC_builtin_curve) * len)); + if (!pCurves) return -1; + + if (!EC_get_builtin_curves(pCurves, len)) + { + OPENSSL_free(pCurves); + return -1; + } + + int nid = -1; + const int bufLen = 128; + char buf[bufLen]; + if (name.empty()) + { + std::memset(buf, 0, bufLen); + OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(nid), 0); + name = buf; + nid = pCurves[0].nid; + } + else + { + for (int i = 0; i < len; ++i) + { + std::memset(buf, 0, bufLen); + OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(pCurves[i].nid), 0); + if (strncmp(name.c_str(), buf, name.size() > bufLen ? bufLen : name.size()) == 0) + { + nid = pCurves[i].nid; + break; + } + } + } + + OPENSSL_free(pCurves); + return nid; +} + + +bool ECKeyImpl::hasCurve(const std::string& name) +{ + std::string tmp(name); + return (-1 != getCurveNID(tmp)); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/EVPPKey.cpp b/contrib/libs/poco/Crypto/src/EVPPKey.cpp index 6b43aa0405..ffa0a78c07 100644 --- a/contrib/libs/poco/Crypto/src/EVPPKey.cpp +++ b/contrib/libs/poco/Crypto/src/EVPPKey.cpp @@ -1,321 +1,321 @@ -// -// EVPPKey.cpp -// -// -// Library: Crypto -// Package: CryptoCore -// Module: EVPPKey -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/EVPPKey.h" -#include "Poco/Crypto/ECKey.h" -#include "Poco/Crypto/RSAKey.h" -#include "Poco/NumberFormatter.h" - - -namespace Poco { -namespace Crypto { - - -EVPPKey::EVPPKey(const std::string& ecCurveName): _pEVPPKey(0) -{ - newECKey(ecCurveName.c_str()); - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey::EVPPKey(const char* ecCurveName): _pEVPPKey(0) -{ - newECKey(ecCurveName); - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey::EVPPKey(EVP_PKEY* pEVPPKey): _pEVPPKey(0) -{ - duplicate(pEVPPKey, &_pEVPPKey); - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey::EVPPKey(const std::string& publicKeyFile, - const std::string& privateKeyFile, - const std::string& privateKeyPassphrase): _pEVPPKey(0) -{ - if (loadKey(&_pEVPPKey, PEM_read_PrivateKey, (EVP_PKEY_get_Key_fn)0, privateKeyFile, privateKeyPassphrase)) - { - poco_check_ptr(_pEVPPKey); - return; // private key is enough - } - - // no private key, this must be public key only, otherwise throw - if (!loadKey(&_pEVPPKey, PEM_read_PUBKEY, (EVP_PKEY_get_Key_fn)0, publicKeyFile)) - { - throw OpenSSLException("ECKeyImpl(const string&, const string&, const string&"); - } - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey::EVPPKey(std::istream* pPublicKeyStream, - std::istream* pPrivateKeyStream, - const std::string& privateKeyPassphrase): _pEVPPKey(0) -{ - if (loadKey(&_pEVPPKey, PEM_read_bio_PrivateKey, (EVP_PKEY_get_Key_fn)0, pPrivateKeyStream, privateKeyPassphrase)) - { - poco_check_ptr(_pEVPPKey); - return; // private key is enough - } - - // no private key, this must be public key only, otherwise throw - if (!loadKey(&_pEVPPKey, PEM_read_bio_PUBKEY, (EVP_PKEY_get_Key_fn)0, pPublicKeyStream)) - { - throw OpenSSLException("ECKeyImpl(istream*, istream*, const string&"); - } - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey::EVPPKey(const EVPPKey& other) -{ - duplicate(other._pEVPPKey, &_pEVPPKey); - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey& EVPPKey::operator=(const EVPPKey& other) -{ - duplicate(other._pEVPPKey, &_pEVPPKey); - poco_check_ptr(_pEVPPKey); - return *this; -} - - -#ifdef POCO_ENABLE_CPP11 - -EVPPKey::EVPPKey(EVPPKey&& other): _pEVPPKey(other._pEVPPKey) -{ - other._pEVPPKey = nullptr; - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey& EVPPKey::operator=(EVPPKey&& other) -{ - _pEVPPKey = other._pEVPPKey; - other._pEVPPKey = nullptr; - poco_check_ptr(_pEVPPKey); - return *this; -} - -#endif // POCO_ENABLE_CPP11 - -EVPPKey::~EVPPKey() -{ - if (_pEVPPKey) EVP_PKEY_free(_pEVPPKey); -} - - -void EVPPKey::save(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase) const -{ - if (!publicKeyFile.empty() && (publicKeyFile != privateKeyFile)) - { - BIO* bio = BIO_new(BIO_s_file()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing public key file", publicKeyFile); - try - { - if (BIO_write_filename(bio, const_cast<char*>(publicKeyFile.c_str()))) - { - if (!PEM_write_bio_PUBKEY(bio, _pEVPPKey)) - { - throw Poco::WriteFileException("Failed to write public key to file", publicKeyFile); - } - } - else throw Poco::CreateFileException("Cannot create public key file"); - } - catch (...) - { - BIO_free(bio); - throw; - } - BIO_free(bio); - } - - if (!privateKeyFile.empty()) - { - BIO* bio = BIO_new(BIO_s_file()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing private key file", privateKeyFile); - try - { - if (BIO_write_filename(bio, const_cast<char*>(privateKeyFile.c_str()))) - { - int rc = 0; - if (privateKeyPassphrase.empty()) - { - rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, 0, 0, 0, 0, 0); - } - else - { - rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, EVP_des_ede3_cbc(), - reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), - static_cast<int>(privateKeyPassphrase.length()), 0, 0); - } - if (!rc) - throw Poco::FileException("Failed to write private key to file", privateKeyFile); - } - else throw Poco::CreateFileException("Cannot create private key file", privateKeyFile); - } - catch (...) - { - BIO_free(bio); - throw; - } - BIO_free(bio); - } -} - - -void EVPPKey::save(std::ostream* pPublicKeyStream, std::ostream* pPrivateKeyStream, const std::string& privateKeyPassphrase) const -{ - if (pPublicKeyStream && (pPublicKeyStream != pPrivateKeyStream)) - { - BIO* bio = BIO_new(BIO_s_mem()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); - if (!PEM_write_bio_PUBKEY(bio, _pEVPPKey)) - { - BIO_free(bio); - throw Poco::WriteFileException("Failed to write public key to stream"); - } - char* pData; - long size = BIO_get_mem_data(bio, &pData); - pPublicKeyStream->write(pData, static_cast<std::streamsize>(size)); - BIO_free(bio); - } - - if (pPrivateKeyStream) - { - BIO* bio = BIO_new(BIO_s_mem()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); - int rc = 0; - if (privateKeyPassphrase.empty()) - rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, 0, 0, 0, 0, 0); - else - rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, EVP_des_ede3_cbc(), - reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), - static_cast<int>(privateKeyPassphrase.length()), 0, 0); - if (!rc) - { - BIO_free(bio); - throw Poco::FileException("Failed to write private key to stream"); - } - char* pData; - long size = BIO_get_mem_data(bio, &pData); - pPrivateKeyStream->write(pData, static_cast<std::streamsize>(size)); - BIO_free(bio); - } -} - - -EVP_PKEY* EVPPKey::duplicate(const EVP_PKEY* pFromKey, EVP_PKEY** pToKey) -{ - if (!pFromKey) throw NullPointerException("EVPPKey::duplicate(): " - "provided key pointer is null."); - - *pToKey = EVP_PKEY_new(); - if (!*pToKey) throw NullPointerException("EVPPKey::duplicate(): " - "EVP_PKEY_new() returned null."); - - int keyType = type(pFromKey); - switch (keyType) - { - case EVP_PKEY_RSA: - { - RSA* pRSA = EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>(pFromKey)); - if (pRSA) - { - EVP_PKEY_set1_RSA(*pToKey, pRSA); - RSA_free(pRSA); - } - else throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_get1_RSA()"); - break; - } - case EVP_PKEY_EC: - { - EC_KEY* pEC = EVP_PKEY_get1_EC_KEY(const_cast<EVP_PKEY*>(pFromKey)); - if (pEC) - { - EVP_PKEY_set1_EC_KEY(*pToKey, pEC); - EC_KEY_free(pEC); - int cmp = EVP_PKEY_cmp_parameters(*pToKey, pFromKey); - if (cmp < 0) - throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_cmp_parameters()"); - if (0 == cmp) - { - if(!EVP_PKEY_copy_parameters(*pToKey, pFromKey)) - throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_copy_parameters()"); - } - } - else throw OpenSSLException(); - break; - } - default: - throw NotImplementedException("EVPPKey:duplicate(); Key type: " + - NumberFormatter::format(keyType)); - } - - return *pToKey; -} - - -void EVPPKey::newECKey(const char* ecCurveName) -{ - int curveID = OBJ_txt2nid(ecCurveName); - EC_KEY* pEC = EC_KEY_new_by_curve_name(curveID); - if (!pEC) goto err; - if (!EC_KEY_generate_key(pEC)) goto err; - _pEVPPKey = EVP_PKEY_new(); - if (!_pEVPPKey) goto err; - if (!EVP_PKEY_set1_EC_KEY(_pEVPPKey, pEC)) goto err; - EC_KEY_free(pEC); - return; -err: - throw OpenSSLException("EVPPKey:newECKey()"); -} - - -void EVPPKey::setKey(ECKey* pKey) -{ - poco_check_ptr(pKey); - poco_check_ptr(pKey->impl()); - setKey(pKey->impl()->getECKey()); -} - - -void EVPPKey::setKey(RSAKey* pKey) -{ - poco_check_ptr(pKey); - poco_check_ptr(pKey->impl()); - setKey(pKey->impl()->getRSA()); -} - - -int EVPPKey::passCB(char* buf, int size, int, void* pass) -{ - if (pass) - { - int len = (int)std::strlen((char*)pass); - if(len > size) len = size; - std::memcpy(buf, pass, len); - return len; - } - return 0; -} - - -} } // namespace Poco::Crypto +// +// EVPPKey.cpp +// +// +// Library: Crypto +// Package: CryptoCore +// Module: EVPPKey +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/EVPPKey.h" +#include "Poco/Crypto/ECKey.h" +#include "Poco/Crypto/RSAKey.h" +#include "Poco/NumberFormatter.h" + + +namespace Poco { +namespace Crypto { + + +EVPPKey::EVPPKey(const std::string& ecCurveName): _pEVPPKey(0) +{ + newECKey(ecCurveName.c_str()); + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(const char* ecCurveName): _pEVPPKey(0) +{ + newECKey(ecCurveName); + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(EVP_PKEY* pEVPPKey): _pEVPPKey(0) +{ + duplicate(pEVPPKey, &_pEVPPKey); + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase): _pEVPPKey(0) +{ + if (loadKey(&_pEVPPKey, PEM_read_PrivateKey, (EVP_PKEY_get_Key_fn)0, privateKeyFile, privateKeyPassphrase)) + { + poco_check_ptr(_pEVPPKey); + return; // private key is enough + } + + // no private key, this must be public key only, otherwise throw + if (!loadKey(&_pEVPPKey, PEM_read_PUBKEY, (EVP_PKEY_get_Key_fn)0, publicKeyFile)) + { + throw OpenSSLException("ECKeyImpl(const string&, const string&, const string&"); + } + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream, + const std::string& privateKeyPassphrase): _pEVPPKey(0) +{ + if (loadKey(&_pEVPPKey, PEM_read_bio_PrivateKey, (EVP_PKEY_get_Key_fn)0, pPrivateKeyStream, privateKeyPassphrase)) + { + poco_check_ptr(_pEVPPKey); + return; // private key is enough + } + + // no private key, this must be public key only, otherwise throw + if (!loadKey(&_pEVPPKey, PEM_read_bio_PUBKEY, (EVP_PKEY_get_Key_fn)0, pPublicKeyStream)) + { + throw OpenSSLException("ECKeyImpl(istream*, istream*, const string&"); + } + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(const EVPPKey& other) +{ + duplicate(other._pEVPPKey, &_pEVPPKey); + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey& EVPPKey::operator=(const EVPPKey& other) +{ + duplicate(other._pEVPPKey, &_pEVPPKey); + poco_check_ptr(_pEVPPKey); + return *this; +} + + +#ifdef POCO_ENABLE_CPP11 + +EVPPKey::EVPPKey(EVPPKey&& other): _pEVPPKey(other._pEVPPKey) +{ + other._pEVPPKey = nullptr; + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey& EVPPKey::operator=(EVPPKey&& other) +{ + _pEVPPKey = other._pEVPPKey; + other._pEVPPKey = nullptr; + poco_check_ptr(_pEVPPKey); + return *this; +} + +#endif // POCO_ENABLE_CPP11 + +EVPPKey::~EVPPKey() +{ + if (_pEVPPKey) EVP_PKEY_free(_pEVPPKey); +} + + +void EVPPKey::save(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase) const +{ + if (!publicKeyFile.empty() && (publicKeyFile != privateKeyFile)) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key file", publicKeyFile); + try + { + if (BIO_write_filename(bio, const_cast<char*>(publicKeyFile.c_str()))) + { + if (!PEM_write_bio_PUBKEY(bio, _pEVPPKey)) + { + throw Poco::WriteFileException("Failed to write public key to file", publicKeyFile); + } + } + else throw Poco::CreateFileException("Cannot create public key file"); + } + catch (...) + { + BIO_free(bio); + throw; + } + BIO_free(bio); + } + + if (!privateKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing private key file", privateKeyFile); + try + { + if (BIO_write_filename(bio, const_cast<char*>(privateKeyFile.c_str()))) + { + int rc = 0; + if (privateKeyPassphrase.empty()) + { + rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, 0, 0, 0, 0, 0); + } + else + { + rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, EVP_des_ede3_cbc(), + reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), + static_cast<int>(privateKeyPassphrase.length()), 0, 0); + } + if (!rc) + throw Poco::FileException("Failed to write private key to file", privateKeyFile); + } + else throw Poco::CreateFileException("Cannot create private key file", privateKeyFile); + } + catch (...) + { + BIO_free(bio); + throw; + } + BIO_free(bio); + } +} + + +void EVPPKey::save(std::ostream* pPublicKeyStream, std::ostream* pPrivateKeyStream, const std::string& privateKeyPassphrase) const +{ + if (pPublicKeyStream && (pPublicKeyStream != pPrivateKeyStream)) + { + BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); + if (!PEM_write_bio_PUBKEY(bio, _pEVPPKey)) + { + BIO_free(bio); + throw Poco::WriteFileException("Failed to write public key to stream"); + } + char* pData; + long size = BIO_get_mem_data(bio, &pData); + pPublicKeyStream->write(pData, static_cast<std::streamsize>(size)); + BIO_free(bio); + } + + if (pPrivateKeyStream) + { + BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); + int rc = 0; + if (privateKeyPassphrase.empty()) + rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, 0, 0, 0, 0, 0); + else + rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, EVP_des_ede3_cbc(), + reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), + static_cast<int>(privateKeyPassphrase.length()), 0, 0); + if (!rc) + { + BIO_free(bio); + throw Poco::FileException("Failed to write private key to stream"); + } + char* pData; + long size = BIO_get_mem_data(bio, &pData); + pPrivateKeyStream->write(pData, static_cast<std::streamsize>(size)); + BIO_free(bio); + } +} + + +EVP_PKEY* EVPPKey::duplicate(const EVP_PKEY* pFromKey, EVP_PKEY** pToKey) +{ + if (!pFromKey) throw NullPointerException("EVPPKey::duplicate(): " + "provided key pointer is null."); + + *pToKey = EVP_PKEY_new(); + if (!*pToKey) throw NullPointerException("EVPPKey::duplicate(): " + "EVP_PKEY_new() returned null."); + + int keyType = type(pFromKey); + switch (keyType) + { + case EVP_PKEY_RSA: + { + RSA* pRSA = EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>(pFromKey)); + if (pRSA) + { + EVP_PKEY_set1_RSA(*pToKey, pRSA); + RSA_free(pRSA); + } + else throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_get1_RSA()"); + break; + } + case EVP_PKEY_EC: + { + EC_KEY* pEC = EVP_PKEY_get1_EC_KEY(const_cast<EVP_PKEY*>(pFromKey)); + if (pEC) + { + EVP_PKEY_set1_EC_KEY(*pToKey, pEC); + EC_KEY_free(pEC); + int cmp = EVP_PKEY_cmp_parameters(*pToKey, pFromKey); + if (cmp < 0) + throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_cmp_parameters()"); + if (0 == cmp) + { + if(!EVP_PKEY_copy_parameters(*pToKey, pFromKey)) + throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_copy_parameters()"); + } + } + else throw OpenSSLException(); + break; + } + default: + throw NotImplementedException("EVPPKey:duplicate(); Key type: " + + NumberFormatter::format(keyType)); + } + + return *pToKey; +} + + +void EVPPKey::newECKey(const char* ecCurveName) +{ + int curveID = OBJ_txt2nid(ecCurveName); + EC_KEY* pEC = EC_KEY_new_by_curve_name(curveID); + if (!pEC) goto err; + if (!EC_KEY_generate_key(pEC)) goto err; + _pEVPPKey = EVP_PKEY_new(); + if (!_pEVPPKey) goto err; + if (!EVP_PKEY_set1_EC_KEY(_pEVPPKey, pEC)) goto err; + EC_KEY_free(pEC); + return; +err: + throw OpenSSLException("EVPPKey:newECKey()"); +} + + +void EVPPKey::setKey(ECKey* pKey) +{ + poco_check_ptr(pKey); + poco_check_ptr(pKey->impl()); + setKey(pKey->impl()->getECKey()); +} + + +void EVPPKey::setKey(RSAKey* pKey) +{ + poco_check_ptr(pKey); + poco_check_ptr(pKey->impl()); + setKey(pKey->impl()->getRSA()); +} + + +int EVPPKey::passCB(char* buf, int size, int, void* pass) +{ + if (pass) + { + int len = (int)std::strlen((char*)pass); + if(len > size) len = size; + std::memcpy(buf, pass, len); + return len; + } + return 0; +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/KeyPair.cpp b/contrib/libs/poco/Crypto/src/KeyPair.cpp index b2bb160c50..1c650806b3 100644 --- a/contrib/libs/poco/Crypto/src/KeyPair.cpp +++ b/contrib/libs/poco/Crypto/src/KeyPair.cpp @@ -1,34 +1,34 @@ -// -// KeyPair.cpp -// -// -// Library: Crypto -// Package: CryptoCore -// Module: KeyPair -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/KeyPair.h" -#include <openssl/rsa.h> - - -namespace Poco { -namespace Crypto { - - -KeyPair::KeyPair(KeyPairImpl::Ptr pKeyPairImpl): _pImpl(pKeyPairImpl) -{ -} - - -KeyPair::~KeyPair() -{ -} - - -} } // namespace Poco::Crypto +// +// KeyPair.cpp +// +// +// Library: Crypto +// Package: CryptoCore +// Module: KeyPair +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/KeyPair.h" +#include <openssl/rsa.h> + + +namespace Poco { +namespace Crypto { + + +KeyPair::KeyPair(KeyPairImpl::Ptr pKeyPairImpl): _pImpl(pKeyPairImpl) +{ +} + + +KeyPair::~KeyPair() +{ +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/KeyPairImpl.cpp b/contrib/libs/poco/Crypto/src/KeyPairImpl.cpp index bfa823be28..c782f04270 100644 --- a/contrib/libs/poco/Crypto/src/KeyPairImpl.cpp +++ b/contrib/libs/poco/Crypto/src/KeyPairImpl.cpp @@ -1,35 +1,35 @@ -// -// KeyPairImpl.cpp -// -// -// Library: Crypto -// Package: CryptoCore -// Module: KeyPairImpl -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/KeyPairImpl.h" - - -namespace Poco { -namespace Crypto { - - -KeyPairImpl::KeyPairImpl(const std::string& name, Type type): - _name(name), - _type(type) -{ -} - - -KeyPairImpl::~KeyPairImpl() -{ -} - - -} } // namespace Poco::Crypto +// +// KeyPairImpl.cpp +// +// +// Library: Crypto +// Package: CryptoCore +// Module: KeyPairImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/KeyPairImpl.h" + + +namespace Poco { +namespace Crypto { + + +KeyPairImpl::KeyPairImpl(const std::string& name, Type type): + _name(name), + _type(type) +{ +} + + +KeyPairImpl::~KeyPairImpl() +{ +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/OpenSSLInitializer.cpp b/contrib/libs/poco/Crypto/src/OpenSSLInitializer.cpp index fa735f14dd..a3bc1d0143 100644 --- a/contrib/libs/poco/Crypto/src/OpenSSLInitializer.cpp +++ b/contrib/libs/poco/Crypto/src/OpenSSLInitializer.cpp @@ -1,190 +1,190 @@ -// -// OpenSSLInitializer.cpp -// -// Library: Crypto -// Package: CryptoCore -// Module: OpenSSLInitializer -// -// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/OpenSSLInitializer.h" -#include "Poco/RandomStream.h" -#include "Poco/Thread.h" -#include <openssl/ssl.h> -#include <openssl/rand.h> -#include <openssl/crypto.h> -#include <openssl/err.h> -#if OPENSSL_VERSION_NUMBER >= 0x0907000L -#include <openssl/conf.h> -#endif -#if defined(POCO_OS_FAMILY_WINDOWS) - #define POCO_STR_HELPER(x) #x - #define POCO_STR(x) POCO_STR_HELPER(x) - #if defined POCO_INTERNAL_OPENSSL_MSVC_VER - #define POCO_INTERNAL_OPENSSL_BUILD \ - " (POCO internal build, MSVC version " \ - POCO_STR(POCO_INTERNAL_OPENSSL_MSVC_VER) ")" - #else - #define POCO_INTERNAL_OPENSSL_BUILD "" - #endif - #pragma message (OPENSSL_VERSION_TEXT POCO_INTERNAL_OPENSSL_BUILD) -#endif - - -using Poco::RandomInputStream; -using Poco::Thread; - - -#if defined(_MSC_VER) && !defined(_DLL) && defined(POCO_INTERNAL_OPENSSL_MSVC_VER) - - #if (POCO_MSVS_VERSION >= 2015) - FILE _iob[] = { *stdin, *stdout, *stderr }; - extern "C" FILE * __cdecl __iob_func(void) { return _iob; } - #endif // (POCO_MSVS_VERSION >= 2015) - - #if (POCO_MSVS_VERSION < 2012) - extern "C" __declspec(noreturn) void __cdecl __report_rangecheckfailure(void) { ::ExitProcess(1); } - #endif // (POCO_MSVS_VERSION < 2012) - -#endif // _MSC_VER && _MT && !POCO_EXTERNAL_OPENSSL && (POCO_MSVS_VERSION < 2013) - - -namespace Poco { -namespace Crypto { - - -Poco::FastMutex* OpenSSLInitializer::_mutexes(0); -Poco::AtomicCounter OpenSSLInitializer::_rc; - - -OpenSSLInitializer::OpenSSLInitializer() -{ - initialize(); -} - - -OpenSSLInitializer::~OpenSSLInitializer() -{ - try - { - uninitialize(); - } - catch (...) - { - poco_unexpected(); - } -} - - -void OpenSSLInitializer::initialize() -{ - if (++_rc == 1) - { -#if OPENSSL_VERSION_NUMBER >= 0x0907000L - OPENSSL_config(NULL); -#endif - SSL_library_init(); - SSL_load_error_strings(); - OpenSSL_add_all_algorithms(); - - char seed[SEEDSIZE]; - RandomInputStream rnd; - rnd.read(seed, sizeof(seed)); - RAND_seed(seed, SEEDSIZE); - - int nMutexes = CRYPTO_num_locks(); - _mutexes = new Poco::FastMutex[nMutexes]; - CRYPTO_set_locking_callback(&OpenSSLInitializer::lock); -#ifndef POCO_OS_FAMILY_WINDOWS -// Not needed on Windows (see SF #110: random unhandled exceptions when linking with ssl). -// https://sourceforge.net/p/poco/bugs/110/ -// -// From http://www.openssl.org/docs/crypto/threads.html : -// "If the application does not register such a callback using CRYPTO_THREADID_set_callback(), -// then a default implementation is used - on Windows and BeOS this uses the system's -// default thread identifying APIs" - CRYPTO_set_id_callback(&OpenSSLInitializer::id); -#endif - CRYPTO_set_dynlock_create_callback(&OpenSSLInitializer::dynlockCreate); - CRYPTO_set_dynlock_lock_callback(&OpenSSLInitializer::dynlock); - CRYPTO_set_dynlock_destroy_callback(&OpenSSLInitializer::dynlockDestroy); - } -} - - -void OpenSSLInitializer::uninitialize() -{ - if (--_rc == 0) - { - EVP_cleanup(); - ERR_free_strings(); - CRYPTO_set_locking_callback(0); -#ifndef POCO_OS_FAMILY_WINDOWS - CRYPTO_set_id_callback(0); -#endif - delete [] _mutexes; - - CONF_modules_free(); - } -} - - -void OpenSSLInitializer::lock(int mode, int n, const char* file, int line) -{ - if (mode & CRYPTO_LOCK) - _mutexes[n].lock(); - else - _mutexes[n].unlock(); -} - - -unsigned long OpenSSLInitializer::id() -{ - // Note: we use an old-style C cast here because - // neither static_cast<> nor reinterpret_cast<> - // work uniformly across all platforms. - return (unsigned long) Poco::Thread::currentTid(); -} - - -struct CRYPTO_dynlock_value* OpenSSLInitializer::dynlockCreate(const char* file, int line) -{ - return new CRYPTO_dynlock_value; -} - - -void OpenSSLInitializer::dynlock(int mode, struct CRYPTO_dynlock_value* lock, const char* file, int line) -{ - poco_check_ptr (lock); - - if (mode & CRYPTO_LOCK) - lock->_mutex.lock(); - else - lock->_mutex.unlock(); -} - - -void OpenSSLInitializer::dynlockDestroy(struct CRYPTO_dynlock_value* lock, const char* file, int line) -{ - delete lock; -} - - -void initializeCrypto() -{ - OpenSSLInitializer::initialize(); -} - - -void uninitializeCrypto() -{ - OpenSSLInitializer::uninitialize(); -} - - -} } // namespace Poco::Crypto +// +// OpenSSLInitializer.cpp +// +// Library: Crypto +// Package: CryptoCore +// Module: OpenSSLInitializer +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/RandomStream.h" +#include "Poco/Thread.h" +#include <openssl/ssl.h> +#include <openssl/rand.h> +#include <openssl/crypto.h> +#include <openssl/err.h> +#if OPENSSL_VERSION_NUMBER >= 0x0907000L +#include <openssl/conf.h> +#endif +#if defined(POCO_OS_FAMILY_WINDOWS) + #define POCO_STR_HELPER(x) #x + #define POCO_STR(x) POCO_STR_HELPER(x) + #if defined POCO_INTERNAL_OPENSSL_MSVC_VER + #define POCO_INTERNAL_OPENSSL_BUILD \ + " (POCO internal build, MSVC version " \ + POCO_STR(POCO_INTERNAL_OPENSSL_MSVC_VER) ")" + #else + #define POCO_INTERNAL_OPENSSL_BUILD "" + #endif + #pragma message (OPENSSL_VERSION_TEXT POCO_INTERNAL_OPENSSL_BUILD) +#endif + + +using Poco::RandomInputStream; +using Poco::Thread; + + +#if defined(_MSC_VER) && !defined(_DLL) && defined(POCO_INTERNAL_OPENSSL_MSVC_VER) + + #if (POCO_MSVS_VERSION >= 2015) + FILE _iob[] = { *stdin, *stdout, *stderr }; + extern "C" FILE * __cdecl __iob_func(void) { return _iob; } + #endif // (POCO_MSVS_VERSION >= 2015) + + #if (POCO_MSVS_VERSION < 2012) + extern "C" __declspec(noreturn) void __cdecl __report_rangecheckfailure(void) { ::ExitProcess(1); } + #endif // (POCO_MSVS_VERSION < 2012) + +#endif // _MSC_VER && _MT && !POCO_EXTERNAL_OPENSSL && (POCO_MSVS_VERSION < 2013) + + +namespace Poco { +namespace Crypto { + + +Poco::FastMutex* OpenSSLInitializer::_mutexes(0); +Poco::AtomicCounter OpenSSLInitializer::_rc; + + +OpenSSLInitializer::OpenSSLInitializer() +{ + initialize(); +} + + +OpenSSLInitializer::~OpenSSLInitializer() +{ + try + { + uninitialize(); + } + catch (...) + { + poco_unexpected(); + } +} + + +void OpenSSLInitializer::initialize() +{ + if (++_rc == 1) + { +#if OPENSSL_VERSION_NUMBER >= 0x0907000L + OPENSSL_config(NULL); +#endif + SSL_library_init(); + SSL_load_error_strings(); + OpenSSL_add_all_algorithms(); + + char seed[SEEDSIZE]; + RandomInputStream rnd; + rnd.read(seed, sizeof(seed)); + RAND_seed(seed, SEEDSIZE); + + int nMutexes = CRYPTO_num_locks(); + _mutexes = new Poco::FastMutex[nMutexes]; + CRYPTO_set_locking_callback(&OpenSSLInitializer::lock); +#ifndef POCO_OS_FAMILY_WINDOWS +// Not needed on Windows (see SF #110: random unhandled exceptions when linking with ssl). +// https://sourceforge.net/p/poco/bugs/110/ +// +// From http://www.openssl.org/docs/crypto/threads.html : +// "If the application does not register such a callback using CRYPTO_THREADID_set_callback(), +// then a default implementation is used - on Windows and BeOS this uses the system's +// default thread identifying APIs" + CRYPTO_set_id_callback(&OpenSSLInitializer::id); +#endif + CRYPTO_set_dynlock_create_callback(&OpenSSLInitializer::dynlockCreate); + CRYPTO_set_dynlock_lock_callback(&OpenSSLInitializer::dynlock); + CRYPTO_set_dynlock_destroy_callback(&OpenSSLInitializer::dynlockDestroy); + } +} + + +void OpenSSLInitializer::uninitialize() +{ + if (--_rc == 0) + { + EVP_cleanup(); + ERR_free_strings(); + CRYPTO_set_locking_callback(0); +#ifndef POCO_OS_FAMILY_WINDOWS + CRYPTO_set_id_callback(0); +#endif + delete [] _mutexes; + + CONF_modules_free(); + } +} + + +void OpenSSLInitializer::lock(int mode, int n, const char* file, int line) +{ + if (mode & CRYPTO_LOCK) + _mutexes[n].lock(); + else + _mutexes[n].unlock(); +} + + +unsigned long OpenSSLInitializer::id() +{ + // Note: we use an old-style C cast here because + // neither static_cast<> nor reinterpret_cast<> + // work uniformly across all platforms. + return (unsigned long) Poco::Thread::currentTid(); +} + + +struct CRYPTO_dynlock_value* OpenSSLInitializer::dynlockCreate(const char* file, int line) +{ + return new CRYPTO_dynlock_value; +} + + +void OpenSSLInitializer::dynlock(int mode, struct CRYPTO_dynlock_value* lock, const char* file, int line) +{ + poco_check_ptr (lock); + + if (mode & CRYPTO_LOCK) + lock->_mutex.lock(); + else + lock->_mutex.unlock(); +} + + +void OpenSSLInitializer::dynlockDestroy(struct CRYPTO_dynlock_value* lock, const char* file, int line) +{ + delete lock; +} + + +void initializeCrypto() +{ + OpenSSLInitializer::initialize(); +} + + +void uninitializeCrypto() +{ + OpenSSLInitializer::uninitialize(); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/PKCS12Container.cpp b/contrib/libs/poco/Crypto/src/PKCS12Container.cpp index b4b14ccc34..5c03a9ff85 100644 --- a/contrib/libs/poco/Crypto/src/PKCS12Container.cpp +++ b/contrib/libs/poco/Crypto/src/PKCS12Container.cpp @@ -1,202 +1,202 @@ -// -// PKCS12Container.cpp -// -// -// Library: Crypto -// Package: Certificate -// Module: PKCS12Container -// -// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/PKCS12Container.h" -#include "Poco/NumberFormatter.h" -#include "Poco/StreamCopier.h" -#include <sstream> -#include <openssl/err.h> - - -namespace Poco { -namespace Crypto { - - -PKCS12Container::PKCS12Container(std::istream& istr, const std::string& password): _pKey(0) -{ - std::ostringstream ostr; - Poco::StreamCopier::copyStream(istr, ostr); - const std::string& cont = ostr.str(); - - BIO *pBIO = BIO_new_mem_buf(const_cast<char*>(cont.data()), static_cast<int>(cont.size())); - if (pBIO) - { - PKCS12* pPKCS12 = 0; - d2i_PKCS12_bio(pBIO, &pPKCS12); - BIO_free(pBIO); - if (!pPKCS12) throw OpenSSLException("PKCS12Container(istream&, const string&)"); - load(pPKCS12, password); - } - else - { - throw Poco::NullPointerException("PKCS12Container(istream&, const string&)"); - } -} - - -PKCS12Container::PKCS12Container(const std::string& path, const std::string& password): _pKey(0) -{ - FILE* pFile = fopen(path.c_str(), "rb"); - if (pFile) - { - PKCS12* pPKCS12 = d2i_PKCS12_fp(pFile, NULL); - fclose (pFile); - if (!pPKCS12) throw OpenSSLException("PKCS12Container(const string&, const string&)"); - load(pPKCS12, password); - } - else - { - throw Poco::OpenFileException("PKCS12Container: " + path); - } -} - - -PKCS12Container::PKCS12Container(const PKCS12Container& other): - _pKey(EVPPKey::duplicate(other._pKey, &_pKey)), - _pX509Cert(new X509Certificate(*other._pX509Cert)), - _caCertList(other._caCertList), - _caCertNames(other._caCertNames), - _pkcsFriendlyName(other._pkcsFriendlyName) -{ -} - - -PKCS12Container& PKCS12Container::operator = (const PKCS12Container& other) -{ - if (&other != this) - { - if (_pKey) EVP_PKEY_free(_pKey); - _pKey = EVPPKey::duplicate(other._pKey, &_pKey); - _pX509Cert.reset(new X509Certificate(*other._pX509Cert)); - _caCertList = other._caCertList; - _caCertNames = other._caCertNames; - _pkcsFriendlyName = other._pkcsFriendlyName; - } - return *this; -} - - -#ifdef POCO_ENABLE_CPP11 - - -PKCS12Container::PKCS12Container(PKCS12Container&& other): - _pKey(other._pKey), - _pX509Cert(std::move(other._pX509Cert)), - _caCertList(std::move(other._caCertList)), - _caCertNames(std::move(other._caCertNames)), - _pkcsFriendlyName(std::move(other._pkcsFriendlyName)) -{ - other._pKey = 0; -} - - -PKCS12Container& PKCS12Container::operator = (PKCS12Container&& other) -{ - if (&other != this) - { - if (_pKey) EVP_PKEY_free(_pKey); - _pKey = other._pKey; other._pKey = 0; - _pX509Cert = std::move(other._pX509Cert); - _caCertList = std::move(other._caCertList); - _caCertNames = std::move(other._caCertNames); - _pkcsFriendlyName = std::move(other._pkcsFriendlyName); - } - return *this; -} - - -#endif // POCO_ENABLE_CPP11 - - -PKCS12Container::~PKCS12Container() -{ - if (_pKey) EVP_PKEY_free(_pKey); -} - - -std::string PKCS12Container::extractFriendlyName(X509* pCert) -{ - std::string friendlyName; - if(pCert) - { - STACK_OF(PKCS12_SAFEBAG)*pBags = 0; - PKCS12_SAFEBAG*pBag = PKCS12_add_cert(&pBags, pCert); - if(pBag) - { - char* pBuffer = PKCS12_get_friendlyname(pBag); - if(pBuffer) - { - friendlyName = pBuffer; - OPENSSL_free(pBuffer); - } - if(pBags) sk_PKCS12_SAFEBAG_pop_free(pBags, PKCS12_SAFEBAG_free); - } - else throw OpenSSLException("PKCS12Container::extractFriendlyName()"); - } - else throw NullPointerException("PKCS12Container::extractFriendlyName()"); - - return friendlyName; -} - - -void PKCS12Container::load(PKCS12* pPKCS12, const std::string& password) -{ - if (pPKCS12) - { - X509* pCert = 0; - STACK_OF(X509)* pCA = 0; - if (PKCS12_parse(pPKCS12, password.c_str(), &_pKey, &pCert, &pCA)) - { - if (pCert) - { - _pX509Cert.reset(new X509Certificate(pCert, true)); - _pkcsFriendlyName = extractFriendlyName(pCert); - } - else _pX509Cert.reset(); - - _caCertList.clear(); - _caCertNames.clear(); - if (pCA) - { - int certCount = sk_X509_num(pCA); - for (int i = 0; i < certCount; ++i) - { - X509* pX509 = sk_X509_value(pCA, i); - if (pX509) - { - _caCertList.push_back(X509Certificate(pX509, true)); - _caCertNames.push_back(extractFriendlyName(pX509)); - } - else throw OpenSSLException("PKCS12Container::load()"); - } - } - } - else - { - throw OpenSSLException(); - } - PKCS12_free(pPKCS12); - sk_X509_pop_free(pCA, X509_free); - if (pCert) X509_free(pCert); - poco_assert_dbg (_caCertList.size() == _caCertNames.size()); - } - else - { - throw NullPointerException("PKCS12Container: struct PKCS12"); - } -} - - -} } // namespace Poco::Crypto +// +// PKCS12Container.cpp +// +// +// Library: Crypto +// Package: Certificate +// Module: PKCS12Container +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/PKCS12Container.h" +#include "Poco/NumberFormatter.h" +#include "Poco/StreamCopier.h" +#include <sstream> +#include <openssl/err.h> + + +namespace Poco { +namespace Crypto { + + +PKCS12Container::PKCS12Container(std::istream& istr, const std::string& password): _pKey(0) +{ + std::ostringstream ostr; + Poco::StreamCopier::copyStream(istr, ostr); + const std::string& cont = ostr.str(); + + BIO *pBIO = BIO_new_mem_buf(const_cast<char*>(cont.data()), static_cast<int>(cont.size())); + if (pBIO) + { + PKCS12* pPKCS12 = 0; + d2i_PKCS12_bio(pBIO, &pPKCS12); + BIO_free(pBIO); + if (!pPKCS12) throw OpenSSLException("PKCS12Container(istream&, const string&)"); + load(pPKCS12, password); + } + else + { + throw Poco::NullPointerException("PKCS12Container(istream&, const string&)"); + } +} + + +PKCS12Container::PKCS12Container(const std::string& path, const std::string& password): _pKey(0) +{ + FILE* pFile = fopen(path.c_str(), "rb"); + if (pFile) + { + PKCS12* pPKCS12 = d2i_PKCS12_fp(pFile, NULL); + fclose (pFile); + if (!pPKCS12) throw OpenSSLException("PKCS12Container(const string&, const string&)"); + load(pPKCS12, password); + } + else + { + throw Poco::OpenFileException("PKCS12Container: " + path); + } +} + + +PKCS12Container::PKCS12Container(const PKCS12Container& other): + _pKey(EVPPKey::duplicate(other._pKey, &_pKey)), + _pX509Cert(new X509Certificate(*other._pX509Cert)), + _caCertList(other._caCertList), + _caCertNames(other._caCertNames), + _pkcsFriendlyName(other._pkcsFriendlyName) +{ +} + + +PKCS12Container& PKCS12Container::operator = (const PKCS12Container& other) +{ + if (&other != this) + { + if (_pKey) EVP_PKEY_free(_pKey); + _pKey = EVPPKey::duplicate(other._pKey, &_pKey); + _pX509Cert.reset(new X509Certificate(*other._pX509Cert)); + _caCertList = other._caCertList; + _caCertNames = other._caCertNames; + _pkcsFriendlyName = other._pkcsFriendlyName; + } + return *this; +} + + +#ifdef POCO_ENABLE_CPP11 + + +PKCS12Container::PKCS12Container(PKCS12Container&& other): + _pKey(other._pKey), + _pX509Cert(std::move(other._pX509Cert)), + _caCertList(std::move(other._caCertList)), + _caCertNames(std::move(other._caCertNames)), + _pkcsFriendlyName(std::move(other._pkcsFriendlyName)) +{ + other._pKey = 0; +} + + +PKCS12Container& PKCS12Container::operator = (PKCS12Container&& other) +{ + if (&other != this) + { + if (_pKey) EVP_PKEY_free(_pKey); + _pKey = other._pKey; other._pKey = 0; + _pX509Cert = std::move(other._pX509Cert); + _caCertList = std::move(other._caCertList); + _caCertNames = std::move(other._caCertNames); + _pkcsFriendlyName = std::move(other._pkcsFriendlyName); + } + return *this; +} + + +#endif // POCO_ENABLE_CPP11 + + +PKCS12Container::~PKCS12Container() +{ + if (_pKey) EVP_PKEY_free(_pKey); +} + + +std::string PKCS12Container::extractFriendlyName(X509* pCert) +{ + std::string friendlyName; + if(pCert) + { + STACK_OF(PKCS12_SAFEBAG)*pBags = 0; + PKCS12_SAFEBAG*pBag = PKCS12_add_cert(&pBags, pCert); + if(pBag) + { + char* pBuffer = PKCS12_get_friendlyname(pBag); + if(pBuffer) + { + friendlyName = pBuffer; + OPENSSL_free(pBuffer); + } + if(pBags) sk_PKCS12_SAFEBAG_pop_free(pBags, PKCS12_SAFEBAG_free); + } + else throw OpenSSLException("PKCS12Container::extractFriendlyName()"); + } + else throw NullPointerException("PKCS12Container::extractFriendlyName()"); + + return friendlyName; +} + + +void PKCS12Container::load(PKCS12* pPKCS12, const std::string& password) +{ + if (pPKCS12) + { + X509* pCert = 0; + STACK_OF(X509)* pCA = 0; + if (PKCS12_parse(pPKCS12, password.c_str(), &_pKey, &pCert, &pCA)) + { + if (pCert) + { + _pX509Cert.reset(new X509Certificate(pCert, true)); + _pkcsFriendlyName = extractFriendlyName(pCert); + } + else _pX509Cert.reset(); + + _caCertList.clear(); + _caCertNames.clear(); + if (pCA) + { + int certCount = sk_X509_num(pCA); + for (int i = 0; i < certCount; ++i) + { + X509* pX509 = sk_X509_value(pCA, i); + if (pX509) + { + _caCertList.push_back(X509Certificate(pX509, true)); + _caCertNames.push_back(extractFriendlyName(pX509)); + } + else throw OpenSSLException("PKCS12Container::load()"); + } + } + } + else + { + throw OpenSSLException(); + } + PKCS12_free(pPKCS12); + sk_X509_pop_free(pCA, X509_free); + if (pCert) X509_free(pCert); + poco_assert_dbg (_caCertList.size() == _caCertNames.size()); + } + else + { + throw NullPointerException("PKCS12Container: struct PKCS12"); + } +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/RSACipherImpl.cpp b/contrib/libs/poco/Crypto/src/RSACipherImpl.cpp index d6eae53c06..5c2e493ed0 100644 --- a/contrib/libs/poco/Crypto/src/RSACipherImpl.cpp +++ b/contrib/libs/poco/Crypto/src/RSACipherImpl.cpp @@ -1,344 +1,344 @@ -// -// RSACipherImpl.cpp -// -// Library: Crypto -// Package: RSA -// Module: RSACipherImpl -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/RSACipherImpl.h" -#include "Poco/Crypto/CryptoTransform.h" -#include "Poco/Exception.h" -#include <openssl/err.h> -#include <openssl/rsa.h> -#include <cstring> - - -namespace Poco { -namespace Crypto { - - -namespace -{ - void throwError() - { - unsigned long err; - std::string msg; - - while ((err = ERR_get_error())) - { - if (!msg.empty()) - msg.append("; "); - msg.append(ERR_error_string(err, 0)); - } - - throw Poco::IOException(msg); - } - - - int mapPaddingMode(RSAPaddingMode paddingMode) - { - switch (paddingMode) - { - case RSA_PADDING_PKCS1: - return RSA_PKCS1_PADDING; - case RSA_PADDING_PKCS1_OAEP: - return RSA_PKCS1_OAEP_PADDING; - case RSA_PADDING_SSLV23: - return RSA_SSLV23_PADDING; - case RSA_PADDING_NONE: - return RSA_NO_PADDING; - default: - poco_bugcheck(); - return RSA_NO_PADDING; - } - } - - - class RSAEncryptImpl: public CryptoTransform - { - public: - RSAEncryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode); - ~RSAEncryptImpl(); - - std::size_t blockSize() const; - std::size_t maxDataSize() const; - std::string getTag(std::size_t); - void setTag(const std::string&); - - std::streamsize transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength); - - std::streamsize finalize(unsigned char* output, std::streamsize length); - - private: - const RSA* _pRSA; - RSAPaddingMode _paddingMode; - std::streamsize _pos; - unsigned char* _pBuf; - }; - - - RSAEncryptImpl::RSAEncryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode): - _pRSA(pRSA), - _paddingMode(paddingMode), - _pos(0), - _pBuf(0) - { - _pBuf = new unsigned char[blockSize()]; - } - - - RSAEncryptImpl::~RSAEncryptImpl() - { - delete [] _pBuf; - } - - - std::size_t RSAEncryptImpl::blockSize() const - { - return RSA_size(_pRSA); - } - - - std::size_t RSAEncryptImpl::maxDataSize() const - { - std::size_t size = blockSize(); - switch (_paddingMode) - { - case RSA_PADDING_PKCS1: - case RSA_PADDING_SSLV23: - size -= 11; - break; - case RSA_PADDING_PKCS1_OAEP: - size -= 41; - break; - default: - break; - } - return size; - } - - - std::string RSAEncryptImpl::getTag(std::size_t) - { - return std::string(); - } - - - void RSAEncryptImpl::setTag(const std::string&) - { - } - - - std::streamsize RSAEncryptImpl::transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength) - { - // always fill up the buffer before writing! - std::streamsize maxSize = static_cast<std::streamsize>(maxDataSize()); - std::streamsize rsaSize = static_cast<std::streamsize>(blockSize()); - poco_assert_dbg(_pos <= maxSize); - poco_assert (outputLength >= rsaSize); - int rc = 0; - while (inputLength > 0) - { - // check how many data bytes we are missing to get the buffer full - poco_assert_dbg (maxSize >= _pos); - std::streamsize missing = maxSize - _pos; - if (missing == 0) - { - poco_assert (outputLength >= rsaSize); - int n = RSA_public_encrypt(static_cast<int>(maxSize), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); - if (n == -1) - throwError(); - rc += n; - output += n; - outputLength -= n; - _pos = 0; - - } - else - { - if (missing > inputLength) - missing = inputLength; - - std::memcpy(_pBuf + _pos, input, static_cast<std::size_t>(missing)); - input += missing; - _pos += missing; - inputLength -= missing; - } - } - return rc; - } - - - std::streamsize RSAEncryptImpl::finalize(unsigned char* output, std::streamsize length) - { - poco_assert (length >= blockSize()); - poco_assert (_pos <= maxDataSize()); - int rc = 0; - if (_pos > 0) - { - rc = RSA_public_encrypt(static_cast<int>(_pos), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); - if (rc == -1) throwError(); - } - return rc; - } - - - class RSADecryptImpl: public CryptoTransform - { - public: - RSADecryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode); - ~RSADecryptImpl(); - - std::size_t blockSize() const; - std::string getTag(std::size_t); - void setTag(const std::string&); - - std::streamsize transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength); - - std::streamsize finalize( - unsigned char* output, - std::streamsize length); - - private: - const RSA* _pRSA; - RSAPaddingMode _paddingMode; - std::streamsize _pos; - unsigned char* _pBuf; - }; - - - RSADecryptImpl::RSADecryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode): - _pRSA(pRSA), - _paddingMode(paddingMode), - _pos(0), - _pBuf(0) - { - _pBuf = new unsigned char[blockSize()]; - } - - - RSADecryptImpl::~RSADecryptImpl() - { - delete [] _pBuf; - } - - - std::size_t RSADecryptImpl::blockSize() const - { - return RSA_size(_pRSA); - } - - - std::string RSADecryptImpl::getTag(std::size_t) - { - return std::string(); - } - - - void RSADecryptImpl::setTag(const std::string&) - { - } - - - std::streamsize RSADecryptImpl::transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength) - { - - // always fill up the buffer before decrypting! - std::streamsize rsaSize = static_cast<std::streamsize>(blockSize()); - poco_assert_dbg(_pos <= rsaSize); - poco_assert (outputLength >= rsaSize); - int rc = 0; - while (inputLength > 0) - { - // check how many data bytes we are missing to get the buffer full - poco_assert_dbg (rsaSize >= _pos); - std::streamsize missing = rsaSize - _pos; - if (missing == 0) - { - int tmp = RSA_private_decrypt(static_cast<int>(rsaSize), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); - if (tmp == -1) - throwError(); - rc += tmp; - output += tmp; - outputLength -= tmp; - _pos = 0; - - } - else - { - if (missing > inputLength) - missing = inputLength; - - std::memcpy(_pBuf + _pos, input, static_cast<std::size_t>(missing)); - input += missing; - _pos += missing; - inputLength -= missing; - } - } - return rc; - } - - - std::streamsize RSADecryptImpl::finalize(unsigned char* output, std::streamsize length) - { - poco_assert (length >= blockSize()); - int rc = 0; - if (_pos > 0) - { - rc = RSA_private_decrypt(static_cast<int>(_pos), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); - if (rc == -1) - throwError(); - } - return rc; - } -} - - -RSACipherImpl::RSACipherImpl(const RSAKey& key, RSAPaddingMode paddingMode): - _key(key), - _paddingMode(paddingMode) -{ -} - - -RSACipherImpl::~RSACipherImpl() -{ -} - - -CryptoTransform* RSACipherImpl::createEncryptor() -{ - return new RSAEncryptImpl(_key.impl()->getRSA(), _paddingMode); -} - - -CryptoTransform* RSACipherImpl::createDecryptor() -{ - return new RSADecryptImpl(_key.impl()->getRSA(), _paddingMode); -} - - -} } // namespace Poco::Crypto +// +// RSACipherImpl.cpp +// +// Library: Crypto +// Package: RSA +// Module: RSACipherImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/RSACipherImpl.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Exception.h" +#include <openssl/err.h> +#include <openssl/rsa.h> +#include <cstring> + + +namespace Poco { +namespace Crypto { + + +namespace +{ + void throwError() + { + unsigned long err; + std::string msg; + + while ((err = ERR_get_error())) + { + if (!msg.empty()) + msg.append("; "); + msg.append(ERR_error_string(err, 0)); + } + + throw Poco::IOException(msg); + } + + + int mapPaddingMode(RSAPaddingMode paddingMode) + { + switch (paddingMode) + { + case RSA_PADDING_PKCS1: + return RSA_PKCS1_PADDING; + case RSA_PADDING_PKCS1_OAEP: + return RSA_PKCS1_OAEP_PADDING; + case RSA_PADDING_SSLV23: + return RSA_SSLV23_PADDING; + case RSA_PADDING_NONE: + return RSA_NO_PADDING; + default: + poco_bugcheck(); + return RSA_NO_PADDING; + } + } + + + class RSAEncryptImpl: public CryptoTransform + { + public: + RSAEncryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode); + ~RSAEncryptImpl(); + + std::size_t blockSize() const; + std::size_t maxDataSize() const; + std::string getTag(std::size_t); + void setTag(const std::string&); + + std::streamsize transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength); + + std::streamsize finalize(unsigned char* output, std::streamsize length); + + private: + const RSA* _pRSA; + RSAPaddingMode _paddingMode; + std::streamsize _pos; + unsigned char* _pBuf; + }; + + + RSAEncryptImpl::RSAEncryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode): + _pRSA(pRSA), + _paddingMode(paddingMode), + _pos(0), + _pBuf(0) + { + _pBuf = new unsigned char[blockSize()]; + } + + + RSAEncryptImpl::~RSAEncryptImpl() + { + delete [] _pBuf; + } + + + std::size_t RSAEncryptImpl::blockSize() const + { + return RSA_size(_pRSA); + } + + + std::size_t RSAEncryptImpl::maxDataSize() const + { + std::size_t size = blockSize(); + switch (_paddingMode) + { + case RSA_PADDING_PKCS1: + case RSA_PADDING_SSLV23: + size -= 11; + break; + case RSA_PADDING_PKCS1_OAEP: + size -= 41; + break; + default: + break; + } + return size; + } + + + std::string RSAEncryptImpl::getTag(std::size_t) + { + return std::string(); + } + + + void RSAEncryptImpl::setTag(const std::string&) + { + } + + + std::streamsize RSAEncryptImpl::transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength) + { + // always fill up the buffer before writing! + std::streamsize maxSize = static_cast<std::streamsize>(maxDataSize()); + std::streamsize rsaSize = static_cast<std::streamsize>(blockSize()); + poco_assert_dbg(_pos <= maxSize); + poco_assert (outputLength >= rsaSize); + int rc = 0; + while (inputLength > 0) + { + // check how many data bytes we are missing to get the buffer full + poco_assert_dbg (maxSize >= _pos); + std::streamsize missing = maxSize - _pos; + if (missing == 0) + { + poco_assert (outputLength >= rsaSize); + int n = RSA_public_encrypt(static_cast<int>(maxSize), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); + if (n == -1) + throwError(); + rc += n; + output += n; + outputLength -= n; + _pos = 0; + + } + else + { + if (missing > inputLength) + missing = inputLength; + + std::memcpy(_pBuf + _pos, input, static_cast<std::size_t>(missing)); + input += missing; + _pos += missing; + inputLength -= missing; + } + } + return rc; + } + + + std::streamsize RSAEncryptImpl::finalize(unsigned char* output, std::streamsize length) + { + poco_assert (length >= blockSize()); + poco_assert (_pos <= maxDataSize()); + int rc = 0; + if (_pos > 0) + { + rc = RSA_public_encrypt(static_cast<int>(_pos), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); + if (rc == -1) throwError(); + } + return rc; + } + + + class RSADecryptImpl: public CryptoTransform + { + public: + RSADecryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode); + ~RSADecryptImpl(); + + std::size_t blockSize() const; + std::string getTag(std::size_t); + void setTag(const std::string&); + + std::streamsize transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength); + + std::streamsize finalize( + unsigned char* output, + std::streamsize length); + + private: + const RSA* _pRSA; + RSAPaddingMode _paddingMode; + std::streamsize _pos; + unsigned char* _pBuf; + }; + + + RSADecryptImpl::RSADecryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode): + _pRSA(pRSA), + _paddingMode(paddingMode), + _pos(0), + _pBuf(0) + { + _pBuf = new unsigned char[blockSize()]; + } + + + RSADecryptImpl::~RSADecryptImpl() + { + delete [] _pBuf; + } + + + std::size_t RSADecryptImpl::blockSize() const + { + return RSA_size(_pRSA); + } + + + std::string RSADecryptImpl::getTag(std::size_t) + { + return std::string(); + } + + + void RSADecryptImpl::setTag(const std::string&) + { + } + + + std::streamsize RSADecryptImpl::transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength) + { + + // always fill up the buffer before decrypting! + std::streamsize rsaSize = static_cast<std::streamsize>(blockSize()); + poco_assert_dbg(_pos <= rsaSize); + poco_assert (outputLength >= rsaSize); + int rc = 0; + while (inputLength > 0) + { + // check how many data bytes we are missing to get the buffer full + poco_assert_dbg (rsaSize >= _pos); + std::streamsize missing = rsaSize - _pos; + if (missing == 0) + { + int tmp = RSA_private_decrypt(static_cast<int>(rsaSize), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); + if (tmp == -1) + throwError(); + rc += tmp; + output += tmp; + outputLength -= tmp; + _pos = 0; + + } + else + { + if (missing > inputLength) + missing = inputLength; + + std::memcpy(_pBuf + _pos, input, static_cast<std::size_t>(missing)); + input += missing; + _pos += missing; + inputLength -= missing; + } + } + return rc; + } + + + std::streamsize RSADecryptImpl::finalize(unsigned char* output, std::streamsize length) + { + poco_assert (length >= blockSize()); + int rc = 0; + if (_pos > 0) + { + rc = RSA_private_decrypt(static_cast<int>(_pos), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); + if (rc == -1) + throwError(); + } + return rc; + } +} + + +RSACipherImpl::RSACipherImpl(const RSAKey& key, RSAPaddingMode paddingMode): + _key(key), + _paddingMode(paddingMode) +{ +} + + +RSACipherImpl::~RSACipherImpl() +{ +} + + +CryptoTransform* RSACipherImpl::createEncryptor() +{ + return new RSAEncryptImpl(_key.impl()->getRSA(), _paddingMode); +} + + +CryptoTransform* RSACipherImpl::createDecryptor() +{ + return new RSADecryptImpl(_key.impl()->getRSA(), _paddingMode); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/RSADigestEngine.cpp b/contrib/libs/poco/Crypto/src/RSADigestEngine.cpp index aa2cbdf523..948aa25ac6 100644 --- a/contrib/libs/poco/Crypto/src/RSADigestEngine.cpp +++ b/contrib/libs/poco/Crypto/src/RSADigestEngine.cpp @@ -1,96 +1,96 @@ -// -// RSADigestEngine.cpp -// -// Library: Crypto -// Package: RSA -// Module: RSADigestEngine -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/RSADigestEngine.h" -#include <openssl/rsa.h> - - -namespace Poco { -namespace Crypto { - - -RSADigestEngine::RSADigestEngine(const RSAKey& key, DigestType digestType): - _key(key), - _engine(digestType == DIGEST_MD5 ? "MD5" : "SHA1") -{ -} - -RSADigestEngine::RSADigestEngine(const RSAKey& key, const std::string &name): - _key(key), - _engine(name) -{ -} - - -RSADigestEngine::~RSADigestEngine() -{ -} - - -std::size_t RSADigestEngine::digestLength() const -{ - return _engine.digestLength(); -} - - -void RSADigestEngine::reset() -{ - _engine.reset(); - _digest.clear(); - _signature.clear(); -} - - -const DigestEngine::Digest& RSADigestEngine::digest() -{ - if (_digest.empty()) - { - _digest = _engine.digest(); - } - return _digest; -} - - -const DigestEngine::Digest& RSADigestEngine::signature() -{ - if (_signature.empty()) - { - digest(); - _signature.resize(_key.size()); - unsigned sigLen = static_cast<unsigned>(_signature.size()); - RSA_sign(_engine.nid(), &_digest[0], static_cast<unsigned>(_digest.size()), &_signature[0], &sigLen, _key.impl()->getRSA()); - // truncate _sig to sigLen - if (sigLen < _signature.size()) - _signature.resize(sigLen); - } - return _signature; -} - - -bool RSADigestEngine::verify(const DigestEngine::Digest& sig) -{ - digest(); - DigestEngine::Digest sigCpy = sig; // copy becausse RSA_verify can modify sigCpy - int ret = RSA_verify(_engine.nid(), &_digest[0], static_cast<unsigned>(_digest.size()), &sigCpy[0], static_cast<unsigned>(sigCpy.size()), _key.impl()->getRSA()); - return ret != 0; -} - - -void RSADigestEngine::updateImpl(const void* data, std::size_t length) -{ - _engine.update(data, length); -} - - -} } // namespace Poco::Crypto +// +// RSADigestEngine.cpp +// +// Library: Crypto +// Package: RSA +// Module: RSADigestEngine +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/RSADigestEngine.h" +#include <openssl/rsa.h> + + +namespace Poco { +namespace Crypto { + + +RSADigestEngine::RSADigestEngine(const RSAKey& key, DigestType digestType): + _key(key), + _engine(digestType == DIGEST_MD5 ? "MD5" : "SHA1") +{ +} + +RSADigestEngine::RSADigestEngine(const RSAKey& key, const std::string &name): + _key(key), + _engine(name) +{ +} + + +RSADigestEngine::~RSADigestEngine() +{ +} + + +std::size_t RSADigestEngine::digestLength() const +{ + return _engine.digestLength(); +} + + +void RSADigestEngine::reset() +{ + _engine.reset(); + _digest.clear(); + _signature.clear(); +} + + +const DigestEngine::Digest& RSADigestEngine::digest() +{ + if (_digest.empty()) + { + _digest = _engine.digest(); + } + return _digest; +} + + +const DigestEngine::Digest& RSADigestEngine::signature() +{ + if (_signature.empty()) + { + digest(); + _signature.resize(_key.size()); + unsigned sigLen = static_cast<unsigned>(_signature.size()); + RSA_sign(_engine.nid(), &_digest[0], static_cast<unsigned>(_digest.size()), &_signature[0], &sigLen, _key.impl()->getRSA()); + // truncate _sig to sigLen + if (sigLen < _signature.size()) + _signature.resize(sigLen); + } + return _signature; +} + + +bool RSADigestEngine::verify(const DigestEngine::Digest& sig) +{ + digest(); + DigestEngine::Digest sigCpy = sig; // copy becausse RSA_verify can modify sigCpy + int ret = RSA_verify(_engine.nid(), &_digest[0], static_cast<unsigned>(_digest.size()), &sigCpy[0], static_cast<unsigned>(sigCpy.size()), _key.impl()->getRSA()); + return ret != 0; +} + + +void RSADigestEngine::updateImpl(const void* data, std::size_t length) +{ + _engine.update(data, length); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/RSAKey.cpp b/contrib/libs/poco/Crypto/src/RSAKey.cpp index 363c894a76..b81a0281bf 100644 --- a/contrib/libs/poco/Crypto/src/RSAKey.cpp +++ b/contrib/libs/poco/Crypto/src/RSAKey.cpp @@ -1,87 +1,87 @@ -// -// RSAKey.cpp -// -// Library: Crypto -// Package: RSA -// Module: RSAKey -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/RSAKey.h" -#include <openssl/rsa.h> - - -namespace Poco { -namespace Crypto { - - -RSAKey::RSAKey(const EVPPKey& key): - KeyPair(new RSAKeyImpl(key)), - _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) -{ -} - - -RSAKey::RSAKey(const X509Certificate& cert): - KeyPair(new RSAKeyImpl(cert)), - _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) -{ -} - - -RSAKey::RSAKey(const PKCS12Container& cont): - KeyPair(new RSAKeyImpl(cont)), - _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) -{ -} - - -RSAKey::RSAKey(KeyLength keyLength, Exponent exp): - KeyPair(new RSAKeyImpl(keyLength, (exp == EXP_LARGE) ? RSA_F4 : RSA_3)), - _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) -{ -} - - -RSAKey::RSAKey(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase): - KeyPair(new RSAKeyImpl(publicKeyFile, privateKeyFile, privateKeyPassphrase)), - _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) -{ -} - - -RSAKey::RSAKey(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase): - KeyPair(new RSAKeyImpl(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase)), - _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) -{ -} - - -RSAKey::~RSAKey() -{ -} - -RSAKeyImpl::ByteVec RSAKey::modulus() const -{ - return _pImpl->modulus(); -} - - -RSAKeyImpl::ByteVec RSAKey::encryptionExponent() const -{ - return _pImpl->encryptionExponent(); -} - - -RSAKeyImpl::ByteVec RSAKey::decryptionExponent() const -{ - return _pImpl->decryptionExponent(); -} - - -} } // namespace Poco::Crypto
\ No newline at end of file +// +// RSAKey.cpp +// +// Library: Crypto +// Package: RSA +// Module: RSAKey +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/RSAKey.h" +#include <openssl/rsa.h> + + +namespace Poco { +namespace Crypto { + + +RSAKey::RSAKey(const EVPPKey& key): + KeyPair(new RSAKeyImpl(key)), + _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) +{ +} + + +RSAKey::RSAKey(const X509Certificate& cert): + KeyPair(new RSAKeyImpl(cert)), + _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) +{ +} + + +RSAKey::RSAKey(const PKCS12Container& cont): + KeyPair(new RSAKeyImpl(cont)), + _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) +{ +} + + +RSAKey::RSAKey(KeyLength keyLength, Exponent exp): + KeyPair(new RSAKeyImpl(keyLength, (exp == EXP_LARGE) ? RSA_F4 : RSA_3)), + _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) +{ +} + + +RSAKey::RSAKey(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase): + KeyPair(new RSAKeyImpl(publicKeyFile, privateKeyFile, privateKeyPassphrase)), + _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) +{ +} + + +RSAKey::RSAKey(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase): + KeyPair(new RSAKeyImpl(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase)), + _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) +{ +} + + +RSAKey::~RSAKey() +{ +} + +RSAKeyImpl::ByteVec RSAKey::modulus() const +{ + return _pImpl->modulus(); +} + + +RSAKeyImpl::ByteVec RSAKey::encryptionExponent() const +{ + return _pImpl->encryptionExponent(); +} + + +RSAKeyImpl::ByteVec RSAKey::decryptionExponent() const +{ + return _pImpl->decryptionExponent(); +} + + +} } // namespace Poco::Crypto
\ No newline at end of file diff --git a/contrib/libs/poco/Crypto/src/RSAKeyImpl.cpp b/contrib/libs/poco/Crypto/src/RSAKeyImpl.cpp index baeb0a206b..8aa3890b91 100644 --- a/contrib/libs/poco/Crypto/src/RSAKeyImpl.cpp +++ b/contrib/libs/poco/Crypto/src/RSAKeyImpl.cpp @@ -1,386 +1,386 @@ -// -// RSAKeyImpl.cpp -// -// Library: Crypto -// Package: RSA -// Module: RSAKeyImpl -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/RSAKeyImpl.h" -#include "Poco/Crypto/X509Certificate.h" -#include "Poco/Crypto/PKCS12Container.h" -#include "Poco/FileStream.h" -#include "Poco/StreamCopier.h" -#include <sstream> -#include <openssl/pem.h> -#include <openssl/rsa.h> -#include <openssl/evp.h> -#if OPENSSL_VERSION_NUMBER >= 0x00908000L -#include <openssl/bn.h> -#endif - - -namespace Poco { -namespace Crypto { - - -RSAKeyImpl::RSAKeyImpl(const EVPPKey& key): - KeyPairImpl("rsa", KT_RSA_IMPL), - _pRSA(EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>((const EVP_PKEY*)key))) -{ - if (!_pRSA) throw OpenSSLException(); -} - - -RSAKeyImpl::RSAKeyImpl(const X509Certificate& cert): - KeyPairImpl("rsa", KT_RSA_IMPL), - _pRSA(0) -{ - const X509* pCert = cert.certificate(); - EVP_PKEY* pKey = X509_get_pubkey(const_cast<X509*>(pCert)); - if (pKey) - { - _pRSA = EVP_PKEY_get1_RSA(pKey); - EVP_PKEY_free(pKey); - } - else - throw OpenSSLException("RSAKeyImpl(const X509Certificate&)"); -} - - -RSAKeyImpl::RSAKeyImpl(const PKCS12Container& cont): - KeyPairImpl("rsa", KT_RSA_IMPL), - _pRSA(0) -{ - EVPPKey key = cont.getKey(); - _pRSA = EVP_PKEY_get1_RSA(key); -} - - -RSAKeyImpl::RSAKeyImpl(int keyLength, unsigned long exponent): KeyPairImpl("rsa", KT_RSA_IMPL), - _pRSA(0) -{ -#if OPENSSL_VERSION_NUMBER >= 0x00908000L - _pRSA = RSA_new(); - int ret = 0; - BIGNUM* bn = 0; - try - { - bn = BN_new(); - BN_set_word(bn, exponent); - ret = RSA_generate_key_ex(_pRSA, keyLength, bn, 0); - BN_free(bn); - } - catch (...) - { - BN_free(bn); - throw; - } - if (!ret) throw Poco::InvalidArgumentException("Failed to create RSA context"); -#else - _pRSA = RSA_generate_key(keyLength, exponent, 0, 0); - if (!_pRSA) throw Poco::InvalidArgumentException("Failed to create RSA context"); -#endif -} - - -RSAKeyImpl::RSAKeyImpl(const std::string& publicKeyFile, - const std::string& privateKeyFile, - const std::string& privateKeyPassphrase): KeyPairImpl("rsa", KT_RSA_IMPL), - _pRSA(0) -{ - poco_assert_dbg(_pRSA == 0); - - _pRSA = RSA_new(); - if (!publicKeyFile.empty()) - { - BIO* bio = BIO_new(BIO_s_file()); - if (!bio) throw Poco::IOException("Cannot create BIO for reading public key", publicKeyFile); - int rc = BIO_read_filename(bio, publicKeyFile.c_str()); - if (rc) - { - RSA* pubKey = PEM_read_bio_RSAPublicKey(bio, &_pRSA, 0, 0); - if (!pubKey) - { - int rc = BIO_reset(bio); - // BIO_reset() normally returns 1 for success and 0 or -1 for failure. - // File BIOs are an exception, they return 0 for success and -1 for failure. - if (rc != 0) throw Poco::FileException("Failed to load public key", publicKeyFile); - pubKey = PEM_read_bio_RSA_PUBKEY(bio, &_pRSA, 0, 0); - } - BIO_free(bio); - if (!pubKey) - { - freeRSA(); - throw Poco::FileException("Failed to load public key", publicKeyFile); - } - } - else - { - freeRSA(); - throw Poco::FileNotFoundException("Public key file", publicKeyFile); - } - } - - if (!privateKeyFile.empty()) - { - BIO* bio = BIO_new(BIO_s_file()); - if (!bio) throw Poco::IOException("Cannot create BIO for reading private key", privateKeyFile); - int rc = BIO_read_filename(bio, privateKeyFile.c_str()); - if (rc) - { - RSA* privKey = 0; - if (privateKeyPassphrase.empty()) - privKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, 0); - else - privKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, const_cast<char*>(privateKeyPassphrase.c_str())); - BIO_free(bio); - if (!privKey) - { - freeRSA(); - throw Poco::FileException("Failed to load private key", privateKeyFile); - } - } - else - { - freeRSA(); - throw Poco::FileNotFoundException("Private key file", privateKeyFile); - } - } -} - - -RSAKeyImpl::RSAKeyImpl(std::istream* pPublicKeyStream, - std::istream* pPrivateKeyStream, - const std::string& privateKeyPassphrase): KeyPairImpl("rsa", KT_RSA_IMPL), - _pRSA(0) -{ - poco_assert_dbg(_pRSA == 0); - - _pRSA = RSA_new(); - if (pPublicKeyStream) - { - std::string publicKeyData; - Poco::StreamCopier::copyToString(*pPublicKeyStream, publicKeyData); - BIO* bio = BIO_new_mem_buf(const_cast<char*>(publicKeyData.data()), static_cast<int>(publicKeyData.size())); - if (!bio) throw Poco::IOException("Cannot create BIO for reading public key"); - RSA* publicKey = PEM_read_bio_RSAPublicKey(bio, &_pRSA, 0, 0); - if (!publicKey) - { - int rc = BIO_reset(bio); - // BIO_reset() normally returns 1 for success and 0 or -1 for failure. - // File BIOs are an exception, they return 0 for success and -1 for failure. - if (rc != 1) throw Poco::FileException("Failed to load public key"); - publicKey = PEM_read_bio_RSA_PUBKEY(bio, &_pRSA, 0, 0); - } - BIO_free(bio); - if (!publicKey) - { - freeRSA(); - throw Poco::FileException("Failed to load public key"); - } - } - - if (pPrivateKeyStream) - { - std::string privateKeyData; - Poco::StreamCopier::copyToString(*pPrivateKeyStream, privateKeyData); - BIO* bio = BIO_new_mem_buf(const_cast<char*>(privateKeyData.data()), static_cast<int>(privateKeyData.size())); - if (!bio) throw Poco::IOException("Cannot create BIO for reading private key"); - RSA* privateKey = 0; - if (privateKeyPassphrase.empty()) - privateKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, 0); - else - privateKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, const_cast<char*>(privateKeyPassphrase.c_str())); - BIO_free(bio); - if (!privateKey) - { - freeRSA(); - throw Poco::FileException("Failed to load private key"); - } - } -} - - -RSAKeyImpl::~RSAKeyImpl() -{ - freeRSA(); -} - - -void RSAKeyImpl::freeRSA() -{ - if (_pRSA) RSA_free(_pRSA); - _pRSA = 0; -} - - -int RSAKeyImpl::size() const -{ - return RSA_size(_pRSA); -} - - -RSAKeyImpl::ByteVec RSAKeyImpl::modulus() const -{ -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - const BIGNUM* n = 0; - const BIGNUM* e = 0; - const BIGNUM* d = 0; - RSA_get0_key(_pRSA, &n, &e, &d); - return convertToByteVec(n); -#else - return convertToByteVec(_pRSA->n); -#endif -} - - -RSAKeyImpl::ByteVec RSAKeyImpl::encryptionExponent() const -{ -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - const BIGNUM* n = 0; - const BIGNUM* e = 0; - const BIGNUM* d = 0; - RSA_get0_key(_pRSA, &n, &e, &d); - return convertToByteVec(e); -#else - return convertToByteVec(_pRSA->e); -#endif -} - - -RSAKeyImpl::ByteVec RSAKeyImpl::decryptionExponent() const -{ -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - const BIGNUM* n = 0; - const BIGNUM* e = 0; - const BIGNUM* d = 0; - RSA_get0_key(_pRSA, &n, &e, &d); - return convertToByteVec(d); -#else - return convertToByteVec(_pRSA->d); -#endif -} - - -void RSAKeyImpl::save(const std::string& publicKeyFile, +// +// RSAKeyImpl.cpp +// +// Library: Crypto +// Package: RSA +// Module: RSAKeyImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/RSAKeyImpl.h" +#include "Poco/Crypto/X509Certificate.h" +#include "Poco/Crypto/PKCS12Container.h" +#include "Poco/FileStream.h" +#include "Poco/StreamCopier.h" +#include <sstream> +#include <openssl/pem.h> +#include <openssl/rsa.h> +#include <openssl/evp.h> +#if OPENSSL_VERSION_NUMBER >= 0x00908000L +#include <openssl/bn.h> +#endif + + +namespace Poco { +namespace Crypto { + + +RSAKeyImpl::RSAKeyImpl(const EVPPKey& key): + KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>((const EVP_PKEY*)key))) +{ + if (!_pRSA) throw OpenSSLException(); +} + + +RSAKeyImpl::RSAKeyImpl(const X509Certificate& cert): + KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ + const X509* pCert = cert.certificate(); + EVP_PKEY* pKey = X509_get_pubkey(const_cast<X509*>(pCert)); + if (pKey) + { + _pRSA = EVP_PKEY_get1_RSA(pKey); + EVP_PKEY_free(pKey); + } + else + throw OpenSSLException("RSAKeyImpl(const X509Certificate&)"); +} + + +RSAKeyImpl::RSAKeyImpl(const PKCS12Container& cont): + KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ + EVPPKey key = cont.getKey(); + _pRSA = EVP_PKEY_get1_RSA(key); +} + + +RSAKeyImpl::RSAKeyImpl(int keyLength, unsigned long exponent): KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ +#if OPENSSL_VERSION_NUMBER >= 0x00908000L + _pRSA = RSA_new(); + int ret = 0; + BIGNUM* bn = 0; + try + { + bn = BN_new(); + BN_set_word(bn, exponent); + ret = RSA_generate_key_ex(_pRSA, keyLength, bn, 0); + BN_free(bn); + } + catch (...) + { + BN_free(bn); + throw; + } + if (!ret) throw Poco::InvalidArgumentException("Failed to create RSA context"); +#else + _pRSA = RSA_generate_key(keyLength, exponent, 0, 0); + if (!_pRSA) throw Poco::InvalidArgumentException("Failed to create RSA context"); +#endif +} + + +RSAKeyImpl::RSAKeyImpl(const std::string& publicKeyFile, const std::string& privateKeyFile, - const std::string& privateKeyPassphrase) const -{ - if (!publicKeyFile.empty()) - { - BIO* bio = BIO_new(BIO_s_file()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing public key file", publicKeyFile); - try - { - if (BIO_write_filename(bio, const_cast<char*>(publicKeyFile.c_str()))) - { - if (!PEM_write_bio_RSAPublicKey(bio, _pRSA)) - throw Poco::WriteFileException("Failed to write public key to file", publicKeyFile); - } - else throw Poco::CreateFileException("Cannot create public key file"); - } - catch (...) - { - BIO_free(bio); - throw; - } - BIO_free(bio); - } - - if (!privateKeyFile.empty()) - { - BIO* bio = BIO_new(BIO_s_file()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing private key file", privateKeyFile); - try - { - if (BIO_write_filename(bio, const_cast<char*>(privateKeyFile.c_str()))) - { - int rc = 0; - if (privateKeyPassphrase.empty()) - rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, 0, 0, 0, 0, 0); - else - rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, EVP_des_ede3_cbc(), - reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), - static_cast<int>(privateKeyPassphrase.length()), 0, 0); - if (!rc) throw Poco::FileException("Failed to write private key to file", privateKeyFile); - } - else throw Poco::CreateFileException("Cannot create private key file", privateKeyFile); - } - catch (...) - { - BIO_free(bio); - throw; - } - BIO_free(bio); - } -} - - -void RSAKeyImpl::save(std::ostream* pPublicKeyStream, - std::ostream* pPrivateKeyStream, - const std::string& privateKeyPassphrase) const -{ - if (pPublicKeyStream) - { - BIO* bio = BIO_new(BIO_s_mem()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); - if (!PEM_write_bio_RSAPublicKey(bio, _pRSA)) - { - BIO_free(bio); - throw Poco::WriteFileException("Failed to write public key to stream"); - } - char* pData; - long size = BIO_get_mem_data(bio, &pData); - pPublicKeyStream->write(pData, static_cast<std::streamsize>(size)); - BIO_free(bio); - } - - if (pPrivateKeyStream) - { - BIO* bio = BIO_new(BIO_s_mem()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); - int rc = 0; - if (privateKeyPassphrase.empty()) - rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, 0, 0, 0, 0, 0); - else - rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, EVP_des_ede3_cbc(), - reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), - static_cast<int>(privateKeyPassphrase.length()), 0, 0); - if (!rc) - { - BIO_free(bio); - throw Poco::FileException("Failed to write private key to stream"); - } - char* pData; - long size = BIO_get_mem_data(bio, &pData); - pPrivateKeyStream->write(pData, static_cast<std::streamsize>(size)); - BIO_free(bio); - } -} - - -RSAKeyImpl::ByteVec RSAKeyImpl::convertToByteVec(const BIGNUM* bn) -{ - int numBytes = BN_num_bytes(bn); - ByteVec byteVector(numBytes); - - ByteVec::value_type* buffer = new ByteVec::value_type[numBytes]; - BN_bn2bin(bn, buffer); - - for (int i = 0; i < numBytes; ++i) - byteVector[i] = buffer[i]; - - delete [] buffer; - - return byteVector; -} - - -} } // namespace Poco::Crypto
\ No newline at end of file + const std::string& privateKeyPassphrase): KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ + poco_assert_dbg(_pRSA == 0); + + _pRSA = RSA_new(); + if (!publicKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for reading public key", publicKeyFile); + int rc = BIO_read_filename(bio, publicKeyFile.c_str()); + if (rc) + { + RSA* pubKey = PEM_read_bio_RSAPublicKey(bio, &_pRSA, 0, 0); + if (!pubKey) + { + int rc = BIO_reset(bio); + // BIO_reset() normally returns 1 for success and 0 or -1 for failure. + // File BIOs are an exception, they return 0 for success and -1 for failure. + if (rc != 0) throw Poco::FileException("Failed to load public key", publicKeyFile); + pubKey = PEM_read_bio_RSA_PUBKEY(bio, &_pRSA, 0, 0); + } + BIO_free(bio); + if (!pubKey) + { + freeRSA(); + throw Poco::FileException("Failed to load public key", publicKeyFile); + } + } + else + { + freeRSA(); + throw Poco::FileNotFoundException("Public key file", publicKeyFile); + } + } + + if (!privateKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for reading private key", privateKeyFile); + int rc = BIO_read_filename(bio, privateKeyFile.c_str()); + if (rc) + { + RSA* privKey = 0; + if (privateKeyPassphrase.empty()) + privKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, 0); + else + privKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, const_cast<char*>(privateKeyPassphrase.c_str())); + BIO_free(bio); + if (!privKey) + { + freeRSA(); + throw Poco::FileException("Failed to load private key", privateKeyFile); + } + } + else + { + freeRSA(); + throw Poco::FileNotFoundException("Private key file", privateKeyFile); + } + } +} + + +RSAKeyImpl::RSAKeyImpl(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream, + const std::string& privateKeyPassphrase): KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ + poco_assert_dbg(_pRSA == 0); + + _pRSA = RSA_new(); + if (pPublicKeyStream) + { + std::string publicKeyData; + Poco::StreamCopier::copyToString(*pPublicKeyStream, publicKeyData); + BIO* bio = BIO_new_mem_buf(const_cast<char*>(publicKeyData.data()), static_cast<int>(publicKeyData.size())); + if (!bio) throw Poco::IOException("Cannot create BIO for reading public key"); + RSA* publicKey = PEM_read_bio_RSAPublicKey(bio, &_pRSA, 0, 0); + if (!publicKey) + { + int rc = BIO_reset(bio); + // BIO_reset() normally returns 1 for success and 0 or -1 for failure. + // File BIOs are an exception, they return 0 for success and -1 for failure. + if (rc != 1) throw Poco::FileException("Failed to load public key"); + publicKey = PEM_read_bio_RSA_PUBKEY(bio, &_pRSA, 0, 0); + } + BIO_free(bio); + if (!publicKey) + { + freeRSA(); + throw Poco::FileException("Failed to load public key"); + } + } + + if (pPrivateKeyStream) + { + std::string privateKeyData; + Poco::StreamCopier::copyToString(*pPrivateKeyStream, privateKeyData); + BIO* bio = BIO_new_mem_buf(const_cast<char*>(privateKeyData.data()), static_cast<int>(privateKeyData.size())); + if (!bio) throw Poco::IOException("Cannot create BIO for reading private key"); + RSA* privateKey = 0; + if (privateKeyPassphrase.empty()) + privateKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, 0); + else + privateKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, const_cast<char*>(privateKeyPassphrase.c_str())); + BIO_free(bio); + if (!privateKey) + { + freeRSA(); + throw Poco::FileException("Failed to load private key"); + } + } +} + + +RSAKeyImpl::~RSAKeyImpl() +{ + freeRSA(); +} + + +void RSAKeyImpl::freeRSA() +{ + if (_pRSA) RSA_free(_pRSA); + _pRSA = 0; +} + + +int RSAKeyImpl::size() const +{ + return RSA_size(_pRSA); +} + + +RSAKeyImpl::ByteVec RSAKeyImpl::modulus() const +{ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + const BIGNUM* n = 0; + const BIGNUM* e = 0; + const BIGNUM* d = 0; + RSA_get0_key(_pRSA, &n, &e, &d); + return convertToByteVec(n); +#else + return convertToByteVec(_pRSA->n); +#endif +} + + +RSAKeyImpl::ByteVec RSAKeyImpl::encryptionExponent() const +{ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + const BIGNUM* n = 0; + const BIGNUM* e = 0; + const BIGNUM* d = 0; + RSA_get0_key(_pRSA, &n, &e, &d); + return convertToByteVec(e); +#else + return convertToByteVec(_pRSA->e); +#endif +} + + +RSAKeyImpl::ByteVec RSAKeyImpl::decryptionExponent() const +{ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + const BIGNUM* n = 0; + const BIGNUM* e = 0; + const BIGNUM* d = 0; + RSA_get0_key(_pRSA, &n, &e, &d); + return convertToByteVec(d); +#else + return convertToByteVec(_pRSA->d); +#endif +} + + +void RSAKeyImpl::save(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase) const +{ + if (!publicKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key file", publicKeyFile); + try + { + if (BIO_write_filename(bio, const_cast<char*>(publicKeyFile.c_str()))) + { + if (!PEM_write_bio_RSAPublicKey(bio, _pRSA)) + throw Poco::WriteFileException("Failed to write public key to file", publicKeyFile); + } + else throw Poco::CreateFileException("Cannot create public key file"); + } + catch (...) + { + BIO_free(bio); + throw; + } + BIO_free(bio); + } + + if (!privateKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing private key file", privateKeyFile); + try + { + if (BIO_write_filename(bio, const_cast<char*>(privateKeyFile.c_str()))) + { + int rc = 0; + if (privateKeyPassphrase.empty()) + rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, 0, 0, 0, 0, 0); + else + rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, EVP_des_ede3_cbc(), + reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), + static_cast<int>(privateKeyPassphrase.length()), 0, 0); + if (!rc) throw Poco::FileException("Failed to write private key to file", privateKeyFile); + } + else throw Poco::CreateFileException("Cannot create private key file", privateKeyFile); + } + catch (...) + { + BIO_free(bio); + throw; + } + BIO_free(bio); + } +} + + +void RSAKeyImpl::save(std::ostream* pPublicKeyStream, + std::ostream* pPrivateKeyStream, + const std::string& privateKeyPassphrase) const +{ + if (pPublicKeyStream) + { + BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); + if (!PEM_write_bio_RSAPublicKey(bio, _pRSA)) + { + BIO_free(bio); + throw Poco::WriteFileException("Failed to write public key to stream"); + } + char* pData; + long size = BIO_get_mem_data(bio, &pData); + pPublicKeyStream->write(pData, static_cast<std::streamsize>(size)); + BIO_free(bio); + } + + if (pPrivateKeyStream) + { + BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); + int rc = 0; + if (privateKeyPassphrase.empty()) + rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, 0, 0, 0, 0, 0); + else + rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, EVP_des_ede3_cbc(), + reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), + static_cast<int>(privateKeyPassphrase.length()), 0, 0); + if (!rc) + { + BIO_free(bio); + throw Poco::FileException("Failed to write private key to stream"); + } + char* pData; + long size = BIO_get_mem_data(bio, &pData); + pPrivateKeyStream->write(pData, static_cast<std::streamsize>(size)); + BIO_free(bio); + } +} + + +RSAKeyImpl::ByteVec RSAKeyImpl::convertToByteVec(const BIGNUM* bn) +{ + int numBytes = BN_num_bytes(bn); + ByteVec byteVector(numBytes); + + ByteVec::value_type* buffer = new ByteVec::value_type[numBytes]; + BN_bn2bin(bn, buffer); + + for (int i = 0; i < numBytes; ++i) + byteVector[i] = buffer[i]; + + delete [] buffer; + + return byteVector; +} + + +} } // namespace Poco::Crypto
\ No newline at end of file diff --git a/contrib/libs/poco/Crypto/src/X509Certificate.cpp b/contrib/libs/poco/Crypto/src/X509Certificate.cpp index b2e6014539..bea1e459ea 100644 --- a/contrib/libs/poco/Crypto/src/X509Certificate.cpp +++ b/contrib/libs/poco/Crypto/src/X509Certificate.cpp @@ -1,386 +1,386 @@ -// -// X509Certificate.cpp -// -// Library: Crypto -// Package: Certificate -// Module: X509Certificate -// -// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/X509Certificate.h" -#include "Poco/Crypto/CryptoException.h" -#include "Poco/StreamCopier.h" -#include "Poco/String.h" -#include "Poco/DateTimeParser.h" -#include "Poco/Format.h" -#include <sstream> -#include <openssl/pem.h> -#ifdef _WIN32 -// fix for WIN32 header conflict -#undef X509_NAME -#endif -#include <openssl/x509v3.h> -#include <openssl/err.h> -#include <openssl/evp.h> - - -namespace Poco { -namespace Crypto { - - -X509Certificate::X509Certificate(std::istream& istr): - _pCert(0) -{ - load(istr); -} - - -X509Certificate::X509Certificate(const std::string& path): - _pCert(0) -{ - load(path); -} - - -X509Certificate::X509Certificate(X509* pCert): - _pCert(pCert) -{ - poco_check_ptr(_pCert); - - init(); -} - - -X509Certificate::X509Certificate(X509* pCert, bool shared): - _pCert(pCert) -{ - poco_check_ptr(_pCert); - - if (shared) - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - X509_up_ref(_pCert); -#else - _pCert->references++; -#endif - } - - init(); -} - - -X509Certificate::X509Certificate(const X509Certificate& cert): - _issuerName(cert._issuerName), - _subjectName(cert._subjectName), - _serialNumber(cert._serialNumber), - _pCert(cert._pCert) -{ - _pCert = X509_dup(_pCert); -} - - -X509Certificate& X509Certificate::operator = (const X509Certificate& cert) -{ - X509Certificate tmp(cert); - swap(tmp); - return *this; -} - - -void X509Certificate::swap(X509Certificate& cert) -{ - using std::swap; - swap(cert._issuerName, _issuerName); - swap(cert._subjectName, _subjectName); - swap(cert._serialNumber, _serialNumber); - swap(cert._pCert, _pCert); -} - - -X509Certificate::~X509Certificate() -{ - X509_free(_pCert); -} - - -void X509Certificate::load(std::istream& istr) -{ - poco_assert (!_pCert); - - std::stringstream certStream; - Poco::StreamCopier::copyStream(istr, certStream); - std::string cert = certStream.str(); - - BIO *pBIO = BIO_new_mem_buf(const_cast<char*>(cert.data()), static_cast<int>(cert.size())); - if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate"); - _pCert = PEM_read_bio_X509(pBIO, 0, 0, 0); - BIO_free(pBIO); - - if (!_pCert) throw Poco::IOException("Failed to load certificate from stream"); - - init(); -} - - -void X509Certificate::load(const std::string& path) -{ - poco_assert (!_pCert); - - BIO *pBIO = BIO_new(BIO_s_file()); - if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate file", path); - if (!BIO_read_filename(pBIO, path.c_str())) - { - BIO_free(pBIO); - throw Poco::OpenFileException("Cannot open certificate file for reading", path); - } - - _pCert = PEM_read_bio_X509(pBIO, 0, 0, 0); - BIO_free(pBIO); - - if (!_pCert) throw Poco::ReadFileException("Faild to load certificate from", path); - - init(); -} - - -void X509Certificate::save(std::ostream& stream) const -{ - BIO *pBIO = BIO_new(BIO_s_mem()); - if (!pBIO) throw Poco::IOException("Cannot create BIO for writing certificate"); - try - { - if (!PEM_write_bio_X509(pBIO, _pCert)) - throw Poco::IOException("Failed to write certificate to stream"); - - char *pData; - long size; - size = BIO_get_mem_data(pBIO, &pData); - stream.write(pData, size); - } - catch (...) - { - BIO_free(pBIO); - throw; - } - BIO_free(pBIO); -} - - -void X509Certificate::save(const std::string& path) const -{ - BIO *pBIO = BIO_new(BIO_s_file()); - if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate file", path); - if (!BIO_write_filename(pBIO, const_cast<char*>(path.c_str()))) - { - BIO_free(pBIO); - throw Poco::CreateFileException("Cannot create certificate file", path); - } - try - { - if (!PEM_write_bio_X509(pBIO, _pCert)) - throw Poco::WriteFileException("Failed to write certificate to file", path); - } - catch (...) - { - BIO_free(pBIO); - throw; - } - BIO_free(pBIO); -} - - -void X509Certificate::init() -{ - char buffer[NAME_BUFFER_SIZE]; - X509_NAME_oneline(X509_get_issuer_name(_pCert), buffer, sizeof(buffer)); - _issuerName = buffer; - X509_NAME_oneline(X509_get_subject_name(_pCert), buffer, sizeof(buffer)); - _subjectName = buffer; - BIGNUM* pBN = ASN1_INTEGER_to_BN(X509_get_serialNumber(const_cast<X509*>(_pCert)), 0); - if (pBN) - { - char* pSN = BN_bn2hex(pBN); - if (pSN) - { - _serialNumber = pSN; - OPENSSL_free(pSN); - } - BN_free(pBN); - } -} - - -std::string X509Certificate::commonName() const -{ - return subjectName(NID_COMMON_NAME); -} - - -std::string X509Certificate::issuerName(NID nid) const -{ - if (X509_NAME* issuer = X509_get_issuer_name(_pCert)) - { - char buffer[NAME_BUFFER_SIZE]; - if (X509_NAME_get_text_by_NID(issuer, nid, buffer, sizeof(buffer)) >= 0) - return std::string(buffer); - } - return std::string(); -} - - -std::string X509Certificate::subjectName(NID nid) const -{ - if (X509_NAME* subj = X509_get_subject_name(_pCert)) - { - char buffer[NAME_BUFFER_SIZE]; - if (X509_NAME_get_text_by_NID(subj, nid, buffer, sizeof(buffer)) >= 0) - return std::string(buffer); - } - return std::string(); -} - - -void X509Certificate::extractNames(std::string& cmnName, std::set<std::string>& domainNames) const -{ - domainNames.clear(); - if (STACK_OF(GENERAL_NAME)* names = static_cast<STACK_OF(GENERAL_NAME)*>(X509_get_ext_d2i(_pCert, NID_subject_alt_name, 0, 0))) - { - for (int i = 0; i < sk_GENERAL_NAME_num(names); ++i) - { - const GENERAL_NAME* name = sk_GENERAL_NAME_value(names, i); - if (name->type == GEN_DNS) - { - const char* data = reinterpret_cast<char*>(ASN1_STRING_data(name->d.ia5)); - std::size_t len = ASN1_STRING_length(name->d.ia5); - domainNames.insert(std::string(data, len)); - } - } - GENERAL_NAMES_free(names); - } - - cmnName = commonName(); - if (!cmnName.empty() && domainNames.empty()) - { - domainNames.insert(cmnName); - } -} - - -Poco::DateTime X509Certificate::validFrom() const -{ - ASN1_TIME* certTime = X509_get_notBefore(_pCert); - std::string dateTime(reinterpret_cast<char*>(certTime->data)); - int tzd; - return DateTimeParser::parse("%y%m%d%H%M%S", dateTime, tzd); -} - - -Poco::DateTime X509Certificate::expiresOn() const -{ - ASN1_TIME* certTime = X509_get_notAfter(_pCert); - std::string dateTime(reinterpret_cast<char*>(certTime->data)); - int tzd; - return DateTimeParser::parse("%y%m%d%H%M%S", dateTime, tzd); -} - - -bool X509Certificate::issuedBy(const X509Certificate& issuerCertificate) const -{ - X509* pCert = const_cast<X509*>(_pCert); - X509* pIssuerCert = const_cast<X509*>(issuerCertificate.certificate()); - EVP_PKEY* pIssuerPublicKey = X509_get_pubkey(pIssuerCert); - if (!pIssuerPublicKey) throw Poco::InvalidArgumentException("Issuer certificate has no public key"); - int rc = X509_verify(pCert, pIssuerPublicKey); - EVP_PKEY_free(pIssuerPublicKey); - return rc == 1; -} - - -bool X509Certificate::equals(const X509Certificate& otherCertificate) const -{ - X509* pCert = const_cast<X509*>(_pCert); - X509* pOtherCert = const_cast<X509*>(otherCertificate.certificate()); - return X509_cmp(pCert, pOtherCert) == 0; -} - - -std::string X509Certificate::signatureAlgorithm() const -{ - int sigNID = NID_undef; - -#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) - sigNID = X509_get_signature_nid(_pCert); -#else - poco_check_ptr(_pCert->sig_alg); - sigNID = OBJ_obj2nid(_pCert->sig_alg->algorithm); -#endif - - if (sigNID != NID_undef) - { - const char* pAlgName = OBJ_nid2ln(sigNID); - if (pAlgName) return std::string(pAlgName); - else throw OpenSSLException(Poco::format("X509Certificate::" - "signatureAlgorithm(): OBJ_nid2ln(%d)", sigNID)); - } - else - throw NotFoundException("X509Certificate::signatureAlgorithm()"); - - return ""; -} - - -X509Certificate::List X509Certificate::readPEM(const std::string& pemFileName) -{ - List caCertList; - BIO* pBIO = BIO_new_file(pemFileName.c_str(), "r"); - if (pBIO == NULL) throw OpenFileException("X509Certificate::readPEM()"); - X509* x = PEM_read_bio_X509(pBIO, NULL, 0, NULL); - if (!x) throw OpenSSLException(Poco::format("X509Certificate::readPEM(%s)", pemFileName)); - while(x) - { - caCertList.push_back(X509Certificate(x)); - x = PEM_read_bio_X509(pBIO, NULL, 0, NULL); - } - BIO_free(pBIO); - return caCertList; -} - - -void X509Certificate::writePEM(const std::string& pemFileName, const List& list) -{ - BIO* pBIO = BIO_new_file(pemFileName.c_str(), "a"); - if (pBIO == NULL) throw OpenFileException("X509Certificate::writePEM()"); - List::const_iterator it = list.begin(); - List::const_iterator end = list.end(); - for (; it != end; ++it) - { - if (!PEM_write_bio_X509(pBIO, const_cast<X509*>(it->certificate()))) - { - throw OpenSSLException("X509Certificate::writePEM()"); - } - } - BIO_free(pBIO); -} - - -void X509Certificate::print(std::ostream& out) const -{ - out << "subjectName: " << subjectName() << std::endl; - out << "issuerName: " << issuerName() << std::endl; - out << "commonName: " << commonName() << std::endl; - out << "country: " << subjectName(X509Certificate::NID_COUNTRY) << std::endl; - out << "localityName: " << subjectName(X509Certificate::NID_LOCALITY_NAME) << std::endl; - out << "stateOrProvince: " << subjectName(X509Certificate::NID_STATE_OR_PROVINCE) << std::endl; - out << "organizationName: " << subjectName(X509Certificate::NID_ORGANIZATION_NAME) << std::endl; - out << "organizationUnitName: " << subjectName(X509Certificate::NID_ORGANIZATION_UNIT_NAME) << std::endl; - out << "emailAddress: " << subjectName(X509Certificate::NID_PKCS9_EMAIL_ADDRESS) << std::endl; - out << "serialNumber: " << subjectName(X509Certificate::NID_SERIAL_NUMBER) << std::endl; -} - - -} } // namespace Poco::Crypto +// +// X509Certificate.cpp +// +// Library: Crypto +// Package: Certificate +// Module: X509Certificate +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/X509Certificate.h" +#include "Poco/Crypto/CryptoException.h" +#include "Poco/StreamCopier.h" +#include "Poco/String.h" +#include "Poco/DateTimeParser.h" +#include "Poco/Format.h" +#include <sstream> +#include <openssl/pem.h> +#ifdef _WIN32 +// fix for WIN32 header conflict +#undef X509_NAME +#endif +#include <openssl/x509v3.h> +#include <openssl/err.h> +#include <openssl/evp.h> + + +namespace Poco { +namespace Crypto { + + +X509Certificate::X509Certificate(std::istream& istr): + _pCert(0) +{ + load(istr); +} + + +X509Certificate::X509Certificate(const std::string& path): + _pCert(0) +{ + load(path); +} + + +X509Certificate::X509Certificate(X509* pCert): + _pCert(pCert) +{ + poco_check_ptr(_pCert); + + init(); +} + + +X509Certificate::X509Certificate(X509* pCert, bool shared): + _pCert(pCert) +{ + poco_check_ptr(_pCert); + + if (shared) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + X509_up_ref(_pCert); +#else + _pCert->references++; +#endif + } + + init(); +} + + +X509Certificate::X509Certificate(const X509Certificate& cert): + _issuerName(cert._issuerName), + _subjectName(cert._subjectName), + _serialNumber(cert._serialNumber), + _pCert(cert._pCert) +{ + _pCert = X509_dup(_pCert); +} + + +X509Certificate& X509Certificate::operator = (const X509Certificate& cert) +{ + X509Certificate tmp(cert); + swap(tmp); + return *this; +} + + +void X509Certificate::swap(X509Certificate& cert) +{ + using std::swap; + swap(cert._issuerName, _issuerName); + swap(cert._subjectName, _subjectName); + swap(cert._serialNumber, _serialNumber); + swap(cert._pCert, _pCert); +} + + +X509Certificate::~X509Certificate() +{ + X509_free(_pCert); +} + + +void X509Certificate::load(std::istream& istr) +{ + poco_assert (!_pCert); + + std::stringstream certStream; + Poco::StreamCopier::copyStream(istr, certStream); + std::string cert = certStream.str(); + + BIO *pBIO = BIO_new_mem_buf(const_cast<char*>(cert.data()), static_cast<int>(cert.size())); + if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate"); + _pCert = PEM_read_bio_X509(pBIO, 0, 0, 0); + BIO_free(pBIO); + + if (!_pCert) throw Poco::IOException("Failed to load certificate from stream"); + + init(); +} + + +void X509Certificate::load(const std::string& path) +{ + poco_assert (!_pCert); + + BIO *pBIO = BIO_new(BIO_s_file()); + if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate file", path); + if (!BIO_read_filename(pBIO, path.c_str())) + { + BIO_free(pBIO); + throw Poco::OpenFileException("Cannot open certificate file for reading", path); + } + + _pCert = PEM_read_bio_X509(pBIO, 0, 0, 0); + BIO_free(pBIO); + + if (!_pCert) throw Poco::ReadFileException("Faild to load certificate from", path); + + init(); +} + + +void X509Certificate::save(std::ostream& stream) const +{ + BIO *pBIO = BIO_new(BIO_s_mem()); + if (!pBIO) throw Poco::IOException("Cannot create BIO for writing certificate"); + try + { + if (!PEM_write_bio_X509(pBIO, _pCert)) + throw Poco::IOException("Failed to write certificate to stream"); + + char *pData; + long size; + size = BIO_get_mem_data(pBIO, &pData); + stream.write(pData, size); + } + catch (...) + { + BIO_free(pBIO); + throw; + } + BIO_free(pBIO); +} + + +void X509Certificate::save(const std::string& path) const +{ + BIO *pBIO = BIO_new(BIO_s_file()); + if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate file", path); + if (!BIO_write_filename(pBIO, const_cast<char*>(path.c_str()))) + { + BIO_free(pBIO); + throw Poco::CreateFileException("Cannot create certificate file", path); + } + try + { + if (!PEM_write_bio_X509(pBIO, _pCert)) + throw Poco::WriteFileException("Failed to write certificate to file", path); + } + catch (...) + { + BIO_free(pBIO); + throw; + } + BIO_free(pBIO); +} + + +void X509Certificate::init() +{ + char buffer[NAME_BUFFER_SIZE]; + X509_NAME_oneline(X509_get_issuer_name(_pCert), buffer, sizeof(buffer)); + _issuerName = buffer; + X509_NAME_oneline(X509_get_subject_name(_pCert), buffer, sizeof(buffer)); + _subjectName = buffer; + BIGNUM* pBN = ASN1_INTEGER_to_BN(X509_get_serialNumber(const_cast<X509*>(_pCert)), 0); + if (pBN) + { + char* pSN = BN_bn2hex(pBN); + if (pSN) + { + _serialNumber = pSN; + OPENSSL_free(pSN); + } + BN_free(pBN); + } +} + + +std::string X509Certificate::commonName() const +{ + return subjectName(NID_COMMON_NAME); +} + + +std::string X509Certificate::issuerName(NID nid) const +{ + if (X509_NAME* issuer = X509_get_issuer_name(_pCert)) + { + char buffer[NAME_BUFFER_SIZE]; + if (X509_NAME_get_text_by_NID(issuer, nid, buffer, sizeof(buffer)) >= 0) + return std::string(buffer); + } + return std::string(); +} + + +std::string X509Certificate::subjectName(NID nid) const +{ + if (X509_NAME* subj = X509_get_subject_name(_pCert)) + { + char buffer[NAME_BUFFER_SIZE]; + if (X509_NAME_get_text_by_NID(subj, nid, buffer, sizeof(buffer)) >= 0) + return std::string(buffer); + } + return std::string(); +} + + +void X509Certificate::extractNames(std::string& cmnName, std::set<std::string>& domainNames) const +{ + domainNames.clear(); + if (STACK_OF(GENERAL_NAME)* names = static_cast<STACK_OF(GENERAL_NAME)*>(X509_get_ext_d2i(_pCert, NID_subject_alt_name, 0, 0))) + { + for (int i = 0; i < sk_GENERAL_NAME_num(names); ++i) + { + const GENERAL_NAME* name = sk_GENERAL_NAME_value(names, i); + if (name->type == GEN_DNS) + { + const char* data = reinterpret_cast<char*>(ASN1_STRING_data(name->d.ia5)); + std::size_t len = ASN1_STRING_length(name->d.ia5); + domainNames.insert(std::string(data, len)); + } + } + GENERAL_NAMES_free(names); + } + + cmnName = commonName(); + if (!cmnName.empty() && domainNames.empty()) + { + domainNames.insert(cmnName); + } +} + + +Poco::DateTime X509Certificate::validFrom() const +{ + ASN1_TIME* certTime = X509_get_notBefore(_pCert); + std::string dateTime(reinterpret_cast<char*>(certTime->data)); + int tzd; + return DateTimeParser::parse("%y%m%d%H%M%S", dateTime, tzd); +} + + +Poco::DateTime X509Certificate::expiresOn() const +{ + ASN1_TIME* certTime = X509_get_notAfter(_pCert); + std::string dateTime(reinterpret_cast<char*>(certTime->data)); + int tzd; + return DateTimeParser::parse("%y%m%d%H%M%S", dateTime, tzd); +} + + +bool X509Certificate::issuedBy(const X509Certificate& issuerCertificate) const +{ + X509* pCert = const_cast<X509*>(_pCert); + X509* pIssuerCert = const_cast<X509*>(issuerCertificate.certificate()); + EVP_PKEY* pIssuerPublicKey = X509_get_pubkey(pIssuerCert); + if (!pIssuerPublicKey) throw Poco::InvalidArgumentException("Issuer certificate has no public key"); + int rc = X509_verify(pCert, pIssuerPublicKey); + EVP_PKEY_free(pIssuerPublicKey); + return rc == 1; +} + + +bool X509Certificate::equals(const X509Certificate& otherCertificate) const +{ + X509* pCert = const_cast<X509*>(_pCert); + X509* pOtherCert = const_cast<X509*>(otherCertificate.certificate()); + return X509_cmp(pCert, pOtherCert) == 0; +} + + +std::string X509Certificate::signatureAlgorithm() const +{ + int sigNID = NID_undef; + +#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) + sigNID = X509_get_signature_nid(_pCert); +#else + poco_check_ptr(_pCert->sig_alg); + sigNID = OBJ_obj2nid(_pCert->sig_alg->algorithm); +#endif + + if (sigNID != NID_undef) + { + const char* pAlgName = OBJ_nid2ln(sigNID); + if (pAlgName) return std::string(pAlgName); + else throw OpenSSLException(Poco::format("X509Certificate::" + "signatureAlgorithm(): OBJ_nid2ln(%d)", sigNID)); + } + else + throw NotFoundException("X509Certificate::signatureAlgorithm()"); + + return ""; +} + + +X509Certificate::List X509Certificate::readPEM(const std::string& pemFileName) +{ + List caCertList; + BIO* pBIO = BIO_new_file(pemFileName.c_str(), "r"); + if (pBIO == NULL) throw OpenFileException("X509Certificate::readPEM()"); + X509* x = PEM_read_bio_X509(pBIO, NULL, 0, NULL); + if (!x) throw OpenSSLException(Poco::format("X509Certificate::readPEM(%s)", pemFileName)); + while(x) + { + caCertList.push_back(X509Certificate(x)); + x = PEM_read_bio_X509(pBIO, NULL, 0, NULL); + } + BIO_free(pBIO); + return caCertList; +} + + +void X509Certificate::writePEM(const std::string& pemFileName, const List& list) +{ + BIO* pBIO = BIO_new_file(pemFileName.c_str(), "a"); + if (pBIO == NULL) throw OpenFileException("X509Certificate::writePEM()"); + List::const_iterator it = list.begin(); + List::const_iterator end = list.end(); + for (; it != end; ++it) + { + if (!PEM_write_bio_X509(pBIO, const_cast<X509*>(it->certificate()))) + { + throw OpenSSLException("X509Certificate::writePEM()"); + } + } + BIO_free(pBIO); +} + + +void X509Certificate::print(std::ostream& out) const +{ + out << "subjectName: " << subjectName() << std::endl; + out << "issuerName: " << issuerName() << std::endl; + out << "commonName: " << commonName() << std::endl; + out << "country: " << subjectName(X509Certificate::NID_COUNTRY) << std::endl; + out << "localityName: " << subjectName(X509Certificate::NID_LOCALITY_NAME) << std::endl; + out << "stateOrProvince: " << subjectName(X509Certificate::NID_STATE_OR_PROVINCE) << std::endl; + out << "organizationName: " << subjectName(X509Certificate::NID_ORGANIZATION_NAME) << std::endl; + out << "organizationUnitName: " << subjectName(X509Certificate::NID_ORGANIZATION_UNIT_NAME) << std::endl; + out << "emailAddress: " << subjectName(X509Certificate::NID_PKCS9_EMAIL_ADDRESS) << std::endl; + out << "serialNumber: " << subjectName(X509Certificate::NID_SERIAL_NUMBER) << std::endl; +} + + +} } // namespace Poco::Crypto |