diff options
| author | orivej <[email protected]> | 2022-02-10 16:44:49 +0300 |
|---|---|---|
| committer | Daniil Cherednik <[email protected]> | 2022-02-10 16:44:49 +0300 |
| commit | 718c552901d703c502ccbefdfc3c9028d608b947 (patch) | |
| tree | 46534a98bbefcd7b1f3faa5b52c138ab27db75b7 /contrib/libs/poco/Crypto | |
| parent | e9656aae26e0358d5378e5b63dcac5c8dbe0e4d0 (diff) | |
Restoring authorship annotation for <[email protected]>. Commit 1 of 2.
Diffstat (limited to 'contrib/libs/poco/Crypto')
46 files changed, 7124 insertions, 7124 deletions
diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/Cipher.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/Cipher.h index fbe0c30ae8c..0815f3dc30f 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/Cipher.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/Cipher.h @@ -1,138 +1,138 @@ -// -// Cipher.h -// -// Library: Crypto -// Package: Cipher -// Module: Cipher -// -// Definition of the Cipher class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_Cipher_INCLUDED -#define Crypto_Cipher_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/RefCountedObject.h" -#include "Poco/AutoPtr.h" -#include <istream> -#include <ostream> -#include <vector> - - -namespace Poco { -namespace Crypto { - - -class CryptoTransform; - - -class Crypto_API Cipher: public Poco::RefCountedObject - /// Represents the abstract base class from which all implementations of - /// symmetric/asymmetric encryption algorithms must inherit. Use the CipherFactory - /// class to obtain an instance of this class: - /// - /// CipherFactory& factory = CipherFactory::defaultFactory(); - /// // Creates a 256-bit AES cipher - /// Cipher* pCipher = factory.createCipher(CipherKey("aes-256")); - /// Cipher* pRSACipher = factory.createCipher(RSAKey(RSAKey::KL_1024, RSAKey::EXP_SMALL)); - /// - /// Check the different Key constructors on how to initialize/create - /// a key. The above example auto-generates random keys. - /// - /// Note that you won't be able to decrypt data encrypted with a random key - /// once the Cipher is destroyed unless you persist the generated key and IV. - /// An example usage for random keys is to encrypt data saved in a temporary - /// file. - /// - /// Once your key is set up, you can use the Cipher object to encrypt or - /// decrypt strings or, in conjunction with a CryptoInputStream or a - /// CryptoOutputStream, to encrypt streams of data. - /// - /// Since encrypted strings will contain arbitrary binary data that will cause - /// problems in applications that are not binary-safe (eg., when sending - /// encrypted data in e-mails), the encryptString() and decryptString() can - /// encode (or decode, respectively) encrypted data using a "transport encoding". - /// Supported encodings are Base64 and BinHex. - /// - /// The following example encrypts and decrypts a string utilizing Base64 - /// encoding: - /// - /// std::string plainText = "This is my secret information"; - /// std::string encrypted = pCipher->encryptString(plainText, Cipher::ENC_BASE64); - /// std::string decrypted = pCipher->decryptString(encrypted, Cipher::ENC_BASE64); - /// - /// In order to encrypt a stream of data (eg. to encrypt files), you can use - /// a CryptoStream: - /// - /// // Create an output stream that will encrypt all data going through it - /// // and write pass it to the underlying file stream. - /// Poco::FileOutputStream sink("encrypted.dat"); - /// CryptoOutputStream encryptor(sink, pCipher->createEncryptor()); - /// - /// Poco::FileInputStream source("source.txt"); - /// Poco::StreamCopier::copyStream(source, encryptor); - /// - /// // Always close output streams to flush all internal buffers - /// encryptor.close(); - /// sink.close(); -{ -public: - typedef Poco::AutoPtr<Cipher> Ptr; - typedef std::vector<unsigned char> ByteVec; - - enum Encoding - /// Transport encoding to use for encryptString() and decryptString(). - { - ENC_NONE = 0x00, /// Plain binary output - ENC_BASE64 = 0x01, /// Base64-encoded output - ENC_BINHEX = 0x02, /// BinHex-encoded output - ENC_BASE64_NO_LF = 0x81, /// Base64-encoded output, no linefeeds - ENC_BINHEX_NO_LF = 0x82 /// BinHex-encoded output, no linefeeds - - }; - - virtual ~Cipher(); - /// Destroys the Cipher. - - virtual const std::string& name() const = 0; - /// Returns the name of the Cipher. - - virtual CryptoTransform* createEncryptor() = 0; - /// Creates an encryptor object to be used with a CryptoStream. - - virtual CryptoTransform* createDecryptor() = 0; - /// Creates a decryptor object to be used with a CryptoStream. - - virtual std::string encryptString(const std::string& str, Encoding encoding = ENC_NONE); - /// Directly encrypt a string and encode it using the given encoding. - - virtual std::string decryptString(const std::string& str, Encoding encoding = ENC_NONE); - /// Directly decrypt a string that is encoded with the given encoding. - - virtual void encrypt(std::istream& source, std::ostream& sink, Encoding encoding = ENC_NONE); - /// Directly encrypts an input stream and encodes it using the given encoding. - - virtual void decrypt(std::istream& source, std::ostream& sink, Encoding encoding = ENC_NONE); - /// Directly decrypt an input stream that is encoded with the given encoding. - -protected: - Cipher(); - /// Creates a new Cipher object. - -private: - Cipher(const Cipher&); - Cipher& operator = (const Cipher&); -}; - - -} } // namespace Poco::Crypto - - -#endif // Crypto_Cipher_INCLUDED +// +// Cipher.h +// +// Library: Crypto +// Package: Cipher +// Module: Cipher +// +// Definition of the Cipher class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_Cipher_INCLUDED +#define Crypto_Cipher_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/RefCountedObject.h" +#include "Poco/AutoPtr.h" +#include <istream> +#include <ostream> +#include <vector> + + +namespace Poco { +namespace Crypto { + + +class CryptoTransform; + + +class Crypto_API Cipher: public Poco::RefCountedObject + /// Represents the abstract base class from which all implementations of + /// symmetric/asymmetric encryption algorithms must inherit. Use the CipherFactory + /// class to obtain an instance of this class: + /// + /// CipherFactory& factory = CipherFactory::defaultFactory(); + /// // Creates a 256-bit AES cipher + /// Cipher* pCipher = factory.createCipher(CipherKey("aes-256")); + /// Cipher* pRSACipher = factory.createCipher(RSAKey(RSAKey::KL_1024, RSAKey::EXP_SMALL)); + /// + /// Check the different Key constructors on how to initialize/create + /// a key. The above example auto-generates random keys. + /// + /// Note that you won't be able to decrypt data encrypted with a random key + /// once the Cipher is destroyed unless you persist the generated key and IV. + /// An example usage for random keys is to encrypt data saved in a temporary + /// file. + /// + /// Once your key is set up, you can use the Cipher object to encrypt or + /// decrypt strings or, in conjunction with a CryptoInputStream or a + /// CryptoOutputStream, to encrypt streams of data. + /// + /// Since encrypted strings will contain arbitrary binary data that will cause + /// problems in applications that are not binary-safe (eg., when sending + /// encrypted data in e-mails), the encryptString() and decryptString() can + /// encode (or decode, respectively) encrypted data using a "transport encoding". + /// Supported encodings are Base64 and BinHex. + /// + /// The following example encrypts and decrypts a string utilizing Base64 + /// encoding: + /// + /// std::string plainText = "This is my secret information"; + /// std::string encrypted = pCipher->encryptString(plainText, Cipher::ENC_BASE64); + /// std::string decrypted = pCipher->decryptString(encrypted, Cipher::ENC_BASE64); + /// + /// In order to encrypt a stream of data (eg. to encrypt files), you can use + /// a CryptoStream: + /// + /// // Create an output stream that will encrypt all data going through it + /// // and write pass it to the underlying file stream. + /// Poco::FileOutputStream sink("encrypted.dat"); + /// CryptoOutputStream encryptor(sink, pCipher->createEncryptor()); + /// + /// Poco::FileInputStream source("source.txt"); + /// Poco::StreamCopier::copyStream(source, encryptor); + /// + /// // Always close output streams to flush all internal buffers + /// encryptor.close(); + /// sink.close(); +{ +public: + typedef Poco::AutoPtr<Cipher> Ptr; + typedef std::vector<unsigned char> ByteVec; + + enum Encoding + /// Transport encoding to use for encryptString() and decryptString(). + { + ENC_NONE = 0x00, /// Plain binary output + ENC_BASE64 = 0x01, /// Base64-encoded output + ENC_BINHEX = 0x02, /// BinHex-encoded output + ENC_BASE64_NO_LF = 0x81, /// Base64-encoded output, no linefeeds + ENC_BINHEX_NO_LF = 0x82 /// BinHex-encoded output, no linefeeds + + }; + + virtual ~Cipher(); + /// Destroys the Cipher. + + virtual const std::string& name() const = 0; + /// Returns the name of the Cipher. + + virtual CryptoTransform* createEncryptor() = 0; + /// Creates an encryptor object to be used with a CryptoStream. + + virtual CryptoTransform* createDecryptor() = 0; + /// Creates a decryptor object to be used with a CryptoStream. + + virtual std::string encryptString(const std::string& str, Encoding encoding = ENC_NONE); + /// Directly encrypt a string and encode it using the given encoding. + + virtual std::string decryptString(const std::string& str, Encoding encoding = ENC_NONE); + /// Directly decrypt a string that is encoded with the given encoding. + + virtual void encrypt(std::istream& source, std::ostream& sink, Encoding encoding = ENC_NONE); + /// Directly encrypts an input stream and encodes it using the given encoding. + + virtual void decrypt(std::istream& source, std::ostream& sink, Encoding encoding = ENC_NONE); + /// Directly decrypt an input stream that is encoded with the given encoding. + +protected: + Cipher(); + /// Creates a new Cipher object. + +private: + Cipher(const Cipher&); + Cipher& operator = (const Cipher&); +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_Cipher_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherFactory.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherFactory.h index 36aa964a1e6..12254843183 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherFactory.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherFactory.h @@ -1,75 +1,75 @@ -// -// CipherFactory.h -// -// Library: Crypto -// Package: Cipher -// Module: CipherFactory -// -// Definition of the CipherFactory class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_CipherFactory_INCLUDED -#define Crypto_CipherFactory_INCLUDED - - -#include "Poco/Crypto/Crypto.h" - - -namespace Poco { -namespace Crypto { - - -class Cipher; -class CipherKey; -class RSAKey; - - -class Crypto_API CipherFactory - /// A factory for Cipher objects. See the Cipher class for examples on how to - /// use the CipherFactory. -{ -public: - CipherFactory(); - /// Creates a new CipherFactory object. - - virtual ~CipherFactory(); - /// Destroys the CipherFactory. - - Cipher* createCipher(const CipherKey& key); - /// Creates a Cipher object for the given Cipher name. Valid cipher - /// names depend on the OpenSSL version the library is linked with; - /// see the output of - /// - /// openssl enc --help - /// - /// for a list of supported block and stream ciphers. - /// - /// Common examples are: - /// - /// * AES: "aes-128", "aes-256" - /// * DES: "des", "des3" - /// * Blowfish: "bf" - - Cipher* createCipher(const RSAKey& key, RSAPaddingMode paddingMode = RSA_PADDING_PKCS1); - /// Creates a RSACipher using the given RSA key and padding mode - /// for public key encryption/private key decryption. - - static CipherFactory& defaultFactory(); - /// Returns the default CipherFactory. - -private: - CipherFactory(const CipherFactory&); - CipherFactory& operator = (const CipherFactory&); -}; - - -} } // namespace Poco::Crypto - - -#endif // Crypto_CipherFactory_INCLUDED +// +// CipherFactory.h +// +// Library: Crypto +// Package: Cipher +// Module: CipherFactory +// +// Definition of the CipherFactory class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CipherFactory_INCLUDED +#define Crypto_CipherFactory_INCLUDED + + +#include "Poco/Crypto/Crypto.h" + + +namespace Poco { +namespace Crypto { + + +class Cipher; +class CipherKey; +class RSAKey; + + +class Crypto_API CipherFactory + /// A factory for Cipher objects. See the Cipher class for examples on how to + /// use the CipherFactory. +{ +public: + CipherFactory(); + /// Creates a new CipherFactory object. + + virtual ~CipherFactory(); + /// Destroys the CipherFactory. + + Cipher* createCipher(const CipherKey& key); + /// Creates a Cipher object for the given Cipher name. Valid cipher + /// names depend on the OpenSSL version the library is linked with; + /// see the output of + /// + /// openssl enc --help + /// + /// for a list of supported block and stream ciphers. + /// + /// Common examples are: + /// + /// * AES: "aes-128", "aes-256" + /// * DES: "des", "des3" + /// * Blowfish: "bf" + + Cipher* createCipher(const RSAKey& key, RSAPaddingMode paddingMode = RSA_PADDING_PKCS1); + /// Creates a RSACipher using the given RSA key and padding mode + /// for public key encryption/private key decryption. + + static CipherFactory& defaultFactory(); + /// Returns the default CipherFactory. + +private: + CipherFactory(const CipherFactory&); + CipherFactory& operator = (const CipherFactory&); +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CipherFactory_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherImpl.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherImpl.h index d6e8e0e79b2..5c000f3c5d2 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherImpl.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherImpl.h @@ -1,69 +1,69 @@ -// -// CipherImpl.h -// -// Library: Crypto -// Package: Cipher -// Module: CipherImpl -// -// Definition of the CipherImpl class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_CipherImpl_INCLUDED -#define Crypto_CipherImpl_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/Cipher.h" -#include "Poco/Crypto/CipherKey.h" -#include "Poco/Crypto/OpenSSLInitializer.h" -#include <openssl/evp.h> - - -namespace Poco { -namespace Crypto { - - -class CipherImpl: public Cipher - /// An implementation of the Cipher class for OpenSSL's crypto library. -{ -public: - CipherImpl(const CipherKey& key); - /// Creates a new CipherImpl object for the given CipherKey. - - virtual ~CipherImpl(); - /// Destroys the CipherImpl. - - const std::string& name() const; - /// Returns the name of the cipher. - - CryptoTransform* createEncryptor(); - /// Creates an encryptor object. - - CryptoTransform* createDecryptor(); - /// Creates a decryptor object. - -private: - CipherKey _key; - OpenSSLInitializer _openSSLInitializer; -}; - - -// -// Inlines -// -inline const std::string& CipherImpl::name() const -{ - return _key.name(); -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_CipherImpl_INCLUDED +// +// CipherImpl.h +// +// Library: Crypto +// Package: Cipher +// Module: CipherImpl +// +// Definition of the CipherImpl class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CipherImpl_INCLUDED +#define Crypto_CipherImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/Cipher.h" +#include "Poco/Crypto/CipherKey.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include <openssl/evp.h> + + +namespace Poco { +namespace Crypto { + + +class CipherImpl: public Cipher + /// An implementation of the Cipher class for OpenSSL's crypto library. +{ +public: + CipherImpl(const CipherKey& key); + /// Creates a new CipherImpl object for the given CipherKey. + + virtual ~CipherImpl(); + /// Destroys the CipherImpl. + + const std::string& name() const; + /// Returns the name of the cipher. + + CryptoTransform* createEncryptor(); + /// Creates an encryptor object. + + CryptoTransform* createDecryptor(); + /// Creates a decryptor object. + +private: + CipherKey _key; + OpenSSLInitializer _openSSLInitializer; +}; + + +// +// Inlines +// +inline const std::string& CipherImpl::name() const +{ + return _key.name(); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CipherImpl_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherKey.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherKey.h index b102cc2310b..984cc7b5b02 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherKey.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherKey.h @@ -1,201 +1,201 @@ -// -// CipherKey.h -// -// Library: Crypto -// Package: Cipher -// Module: CipherKey -// -// Definition of the CipherKey class. -// -// Copyright (c) 2007, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_CipherKey_INCLUDED -#define Crypto_CipherKey_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/CipherKeyImpl.h" - - -namespace Poco { -namespace Crypto { - - -class Crypto_API CipherKey - /// CipherKey stores the key information for decryption/encryption of data. - /// To create a random key, using the following code: - /// - /// CipherKey key("aes-256"); - /// - /// Note that you won't be able to decrypt data encrypted with a random key - /// once the Cipher is destroyed unless you persist the generated key and IV. - /// An example usage for random keys is to encrypt data saved in a temporary - /// file. - /// - /// To create a key using a human-readable password - /// string, use the following code. We create a AES Cipher and - /// use a salt value to make the key more robust: - /// - /// std::string password = "secret"; - /// std::string salt("asdff8723lasdf(**923412"); - /// CipherKey key("aes-256", password, salt); - /// - /// You may also control the digest and the number of iterations used to generate the key - /// by specifying the specific values. Here we create a key with the same data as before, - /// except that we use 100 iterations instead of DEFAULT_ITERATION_COUNT, and sha1 instead of - /// the default md5: - /// - /// std::string password = "secret"; - /// std::string salt("asdff8723lasdf(**923412"); - /// std::string digest ("sha1"); - /// CipherKey key("aes-256", password, salt, 100, digest); - /// -{ -public: - typedef CipherKeyImpl::Mode Mode; - typedef CipherKeyImpl::ByteVec ByteVec; - - enum - { - DEFAULT_ITERATION_COUNT = 2000 - /// Default iteration count to use with - /// generateKey(). RSA security recommends - /// an iteration count of at least 1000. - }; - - CipherKey(const std::string& name, - const std::string& passphrase, - const std::string& salt = "", - int iterationCount = DEFAULT_ITERATION_COUNT, - const std::string& digest = "md5"); - /// Creates a new CipherKeyImpl object using the given - /// cipher name, passphrase, salt value, iteration count and digest. - - CipherKey(const std::string& name, - const ByteVec& key, - const ByteVec& iv); - /// Creates a new CipherKeyImpl object using the given cipher - /// name, key and initialization vector (IV). - /// - /// The size of the IV must match the cipher's expected - /// IV size (see ivSize()), except for GCM mode, which allows - /// a custom IV size. - - CipherKey(const std::string& name); - /// Creates a new CipherKeyImpl object. Autoinitializes key and - /// initialization vector. - - ~CipherKey(); - /// Destroys the CipherKeyImpl. - - const std::string& name() const; - /// Returns the name of the Cipher. - - int keySize() const; - /// Returns the key size of the Cipher. - - int blockSize() const; - /// Returns the block size of the Cipher. - - int ivSize() const; - /// Returns the IV size of the Cipher. - - Mode mode() const; - /// Returns the Cipher's mode of operation. - - const ByteVec& getKey() const; - /// Returns the key for the Cipher. - - void setKey(const ByteVec& key); - /// Sets the key for the Cipher. - - const ByteVec& getIV() const; - /// Returns the initialization vector (IV) for the Cipher. - - void setIV(const ByteVec& iv); - /// Sets the initialization vector (IV) for the Cipher. - /// - /// The size of the vector must match the cipher's expected - /// IV size (see ivSize()), except for GCM mode, which allows - /// a custom IV size. - - CipherKeyImpl::Ptr impl(); - /// Returns the impl object - -private: - CipherKeyImpl::Ptr _pImpl; -}; - - -// -// inlines -// -inline const std::string& CipherKey::name() const -{ - return _pImpl->name(); -} - - -inline int CipherKey::keySize() const -{ - return _pImpl->keySize(); -} - - -inline int CipherKey::blockSize() const -{ - return _pImpl->blockSize(); -} - - -inline int CipherKey::ivSize() const -{ - return _pImpl->ivSize(); -} - - -inline CipherKey::Mode CipherKey::mode() const -{ - return _pImpl->mode(); -} - - -inline const CipherKey::ByteVec& CipherKey::getKey() const -{ - return _pImpl->getKey(); -} - - -inline void CipherKey::setKey(const CipherKey::ByteVec& key) -{ - _pImpl->setKey(key); -} - - -inline const CipherKey::ByteVec& CipherKey::getIV() const -{ - return _pImpl->getIV(); -} - - -inline void CipherKey::setIV(const CipherKey::ByteVec& iv) -{ - _pImpl->setIV(iv); -} - - -inline CipherKeyImpl::Ptr CipherKey::impl() -{ - return _pImpl; -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_CipherKey_INCLUDED +// +// CipherKey.h +// +// Library: Crypto +// Package: Cipher +// Module: CipherKey +// +// Definition of the CipherKey class. +// +// Copyright (c) 2007, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CipherKey_INCLUDED +#define Crypto_CipherKey_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/CipherKeyImpl.h" + + +namespace Poco { +namespace Crypto { + + +class Crypto_API CipherKey + /// CipherKey stores the key information for decryption/encryption of data. + /// To create a random key, using the following code: + /// + /// CipherKey key("aes-256"); + /// + /// Note that you won't be able to decrypt data encrypted with a random key + /// once the Cipher is destroyed unless you persist the generated key and IV. + /// An example usage for random keys is to encrypt data saved in a temporary + /// file. + /// + /// To create a key using a human-readable password + /// string, use the following code. We create a AES Cipher and + /// use a salt value to make the key more robust: + /// + /// std::string password = "secret"; + /// std::string salt("asdff8723lasdf(**923412"); + /// CipherKey key("aes-256", password, salt); + /// + /// You may also control the digest and the number of iterations used to generate the key + /// by specifying the specific values. Here we create a key with the same data as before, + /// except that we use 100 iterations instead of DEFAULT_ITERATION_COUNT, and sha1 instead of + /// the default md5: + /// + /// std::string password = "secret"; + /// std::string salt("asdff8723lasdf(**923412"); + /// std::string digest ("sha1"); + /// CipherKey key("aes-256", password, salt, 100, digest); + /// +{ +public: + typedef CipherKeyImpl::Mode Mode; + typedef CipherKeyImpl::ByteVec ByteVec; + + enum + { + DEFAULT_ITERATION_COUNT = 2000 + /// Default iteration count to use with + /// generateKey(). RSA security recommends + /// an iteration count of at least 1000. + }; + + CipherKey(const std::string& name, + const std::string& passphrase, + const std::string& salt = "", + int iterationCount = DEFAULT_ITERATION_COUNT, + const std::string& digest = "md5"); + /// Creates a new CipherKeyImpl object using the given + /// cipher name, passphrase, salt value, iteration count and digest. + + CipherKey(const std::string& name, + const ByteVec& key, + const ByteVec& iv); + /// Creates a new CipherKeyImpl object using the given cipher + /// name, key and initialization vector (IV). + /// + /// The size of the IV must match the cipher's expected + /// IV size (see ivSize()), except for GCM mode, which allows + /// a custom IV size. + + CipherKey(const std::string& name); + /// Creates a new CipherKeyImpl object. Autoinitializes key and + /// initialization vector. + + ~CipherKey(); + /// Destroys the CipherKeyImpl. + + const std::string& name() const; + /// Returns the name of the Cipher. + + int keySize() const; + /// Returns the key size of the Cipher. + + int blockSize() const; + /// Returns the block size of the Cipher. + + int ivSize() const; + /// Returns the IV size of the Cipher. + + Mode mode() const; + /// Returns the Cipher's mode of operation. + + const ByteVec& getKey() const; + /// Returns the key for the Cipher. + + void setKey(const ByteVec& key); + /// Sets the key for the Cipher. + + const ByteVec& getIV() const; + /// Returns the initialization vector (IV) for the Cipher. + + void setIV(const ByteVec& iv); + /// Sets the initialization vector (IV) for the Cipher. + /// + /// The size of the vector must match the cipher's expected + /// IV size (see ivSize()), except for GCM mode, which allows + /// a custom IV size. + + CipherKeyImpl::Ptr impl(); + /// Returns the impl object + +private: + CipherKeyImpl::Ptr _pImpl; +}; + + +// +// inlines +// +inline const std::string& CipherKey::name() const +{ + return _pImpl->name(); +} + + +inline int CipherKey::keySize() const +{ + return _pImpl->keySize(); +} + + +inline int CipherKey::blockSize() const +{ + return _pImpl->blockSize(); +} + + +inline int CipherKey::ivSize() const +{ + return _pImpl->ivSize(); +} + + +inline CipherKey::Mode CipherKey::mode() const +{ + return _pImpl->mode(); +} + + +inline const CipherKey::ByteVec& CipherKey::getKey() const +{ + return _pImpl->getKey(); +} + + +inline void CipherKey::setKey(const CipherKey::ByteVec& key) +{ + _pImpl->setKey(key); +} + + +inline const CipherKey::ByteVec& CipherKey::getIV() const +{ + return _pImpl->getIV(); +} + + +inline void CipherKey::setIV(const CipherKey::ByteVec& iv) +{ + _pImpl->setIV(iv); +} + + +inline CipherKeyImpl::Ptr CipherKey::impl() +{ + return _pImpl; +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CipherKey_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherKeyImpl.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherKeyImpl.h index f7807aad9f8..d0e66486943 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherKeyImpl.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/CipherKeyImpl.h @@ -1,168 +1,168 @@ -// -// CipherKeyImpl.h -// -// Library: Crypto -// Package: Cipher -// Module: CipherKeyImpl -// -// Definition of the CipherKeyImpl class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_CipherKeyImpl_INCLUDED -#define Crypto_CipherKeyImpl_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/OpenSSLInitializer.h" -#include "Poco/RefCountedObject.h" -#include "Poco/AutoPtr.h" -#include <vector> - - -struct evp_cipher_st; -typedef struct evp_cipher_st EVP_CIPHER; - - -namespace Poco { -namespace Crypto { - - -class CipherKeyImpl: public RefCountedObject - /// An implementation of the CipherKey class for OpenSSL's crypto library. -{ -public: - typedef std::vector<unsigned char> ByteVec; - typedef Poco::AutoPtr<CipherKeyImpl> Ptr; - - enum Mode - /// Cipher mode of operation. This mode determines how multiple blocks - /// are connected; this is essential to improve security. - { - MODE_STREAM_CIPHER, /// Stream cipher - MODE_ECB, /// Electronic codebook (plain concatenation) - MODE_CBC, /// Cipher block chaining (default) - MODE_CFB, /// Cipher feedback - MODE_OFB, /// Output feedback - MODE_CTR, /// Counter mode - MODE_GCM, /// Galois/Counter mode - MODE_CCM /// Counter with CBC-MAC - }; - - CipherKeyImpl(const std::string& name, - const std::string& passphrase, - const std::string& salt, - int iterationCount, - const std::string& digest); - /// Creates a new CipherKeyImpl object, using - /// the given cipher name, passphrase, salt value - /// and iteration count. - - CipherKeyImpl(const std::string& name, - const ByteVec& key, - const ByteVec& iv); - /// Creates a new CipherKeyImpl object, using the - /// given cipher name, key and initialization vector. - - CipherKeyImpl(const std::string& name); - /// Creates a new CipherKeyImpl object. Autoinitializes key - /// and initialization vector. - - virtual ~CipherKeyImpl(); - /// Destroys the CipherKeyImpl. - - const std::string& name() const; - /// Returns the name of the Cipher. - - int keySize() const; - /// Returns the key size of the Cipher. - - int blockSize() const; - /// Returns the block size of the Cipher. - - int ivSize() const; - /// Returns the IV size of the Cipher. - - Mode mode() const; - /// Returns the Cipher's mode of operation. - - const ByteVec& getKey() const; - /// Returns the key for the Cipher. - - void setKey(const ByteVec& key); - /// Sets the key for the Cipher. - - const ByteVec& getIV() const; - /// Returns the initialization vector (IV) for the Cipher. - - void setIV(const ByteVec& iv); - /// Sets the initialization vector (IV) for the Cipher. - - const EVP_CIPHER* cipher(); - /// Returns the cipher object - -private: - void generateKey(const std::string& passphrase, - const std::string& salt, - int iterationCount); - /// Generates key and IV from a password and optional salt string. - - void generateKey(); - /// Generates key and IV from random data. - - void getRandomBytes(ByteVec& vec, std::size_t count); - /// Stores random bytes in vec. - -private: - const EVP_CIPHER* _pCipher; - const EVP_MD* _pDigest; - std::string _name; - ByteVec _key; - ByteVec _iv; - OpenSSLInitializer _openSSLInitializer; -}; - - -// -// Inlines -// -inline const std::string& CipherKeyImpl::name() const -{ - return _name; -} - - -inline const CipherKeyImpl::ByteVec& CipherKeyImpl::getKey() const -{ - return _key; -} - - -inline void CipherKeyImpl::setKey(const ByteVec& key) -{ - poco_assert(key.size() == static_cast<ByteVec::size_type>(keySize())); - _key = key; -} - - -inline const CipherKeyImpl::ByteVec& CipherKeyImpl::getIV() const -{ - return _iv; -} - - -inline const EVP_CIPHER* CipherKeyImpl::cipher() -{ - return _pCipher; -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_CipherKeyImpl_INCLUDED +// +// CipherKeyImpl.h +// +// Library: Crypto +// Package: Cipher +// Module: CipherKeyImpl +// +// Definition of the CipherKeyImpl class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CipherKeyImpl_INCLUDED +#define Crypto_CipherKeyImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/RefCountedObject.h" +#include "Poco/AutoPtr.h" +#include <vector> + + +struct evp_cipher_st; +typedef struct evp_cipher_st EVP_CIPHER; + + +namespace Poco { +namespace Crypto { + + +class CipherKeyImpl: public RefCountedObject + /// An implementation of the CipherKey class for OpenSSL's crypto library. +{ +public: + typedef std::vector<unsigned char> ByteVec; + typedef Poco::AutoPtr<CipherKeyImpl> Ptr; + + enum Mode + /// Cipher mode of operation. This mode determines how multiple blocks + /// are connected; this is essential to improve security. + { + MODE_STREAM_CIPHER, /// Stream cipher + MODE_ECB, /// Electronic codebook (plain concatenation) + MODE_CBC, /// Cipher block chaining (default) + MODE_CFB, /// Cipher feedback + MODE_OFB, /// Output feedback + MODE_CTR, /// Counter mode + MODE_GCM, /// Galois/Counter mode + MODE_CCM /// Counter with CBC-MAC + }; + + CipherKeyImpl(const std::string& name, + const std::string& passphrase, + const std::string& salt, + int iterationCount, + const std::string& digest); + /// Creates a new CipherKeyImpl object, using + /// the given cipher name, passphrase, salt value + /// and iteration count. + + CipherKeyImpl(const std::string& name, + const ByteVec& key, + const ByteVec& iv); + /// Creates a new CipherKeyImpl object, using the + /// given cipher name, key and initialization vector. + + CipherKeyImpl(const std::string& name); + /// Creates a new CipherKeyImpl object. Autoinitializes key + /// and initialization vector. + + virtual ~CipherKeyImpl(); + /// Destroys the CipherKeyImpl. + + const std::string& name() const; + /// Returns the name of the Cipher. + + int keySize() const; + /// Returns the key size of the Cipher. + + int blockSize() const; + /// Returns the block size of the Cipher. + + int ivSize() const; + /// Returns the IV size of the Cipher. + + Mode mode() const; + /// Returns the Cipher's mode of operation. + + const ByteVec& getKey() const; + /// Returns the key for the Cipher. + + void setKey(const ByteVec& key); + /// Sets the key for the Cipher. + + const ByteVec& getIV() const; + /// Returns the initialization vector (IV) for the Cipher. + + void setIV(const ByteVec& iv); + /// Sets the initialization vector (IV) for the Cipher. + + const EVP_CIPHER* cipher(); + /// Returns the cipher object + +private: + void generateKey(const std::string& passphrase, + const std::string& salt, + int iterationCount); + /// Generates key and IV from a password and optional salt string. + + void generateKey(); + /// Generates key and IV from random data. + + void getRandomBytes(ByteVec& vec, std::size_t count); + /// Stores random bytes in vec. + +private: + const EVP_CIPHER* _pCipher; + const EVP_MD* _pDigest; + std::string _name; + ByteVec _key; + ByteVec _iv; + OpenSSLInitializer _openSSLInitializer; +}; + + +// +// Inlines +// +inline const std::string& CipherKeyImpl::name() const +{ + return _name; +} + + +inline const CipherKeyImpl::ByteVec& CipherKeyImpl::getKey() const +{ + return _key; +} + + +inline void CipherKeyImpl::setKey(const ByteVec& key) +{ + poco_assert(key.size() == static_cast<ByteVec::size_type>(keySize())); + _key = key; +} + + +inline const CipherKeyImpl::ByteVec& CipherKeyImpl::getIV() const +{ + return _iv; +} + + +inline const EVP_CIPHER* CipherKeyImpl::cipher() +{ + return _pCipher; +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CipherKeyImpl_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/Crypto.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/Crypto.h index d6b3ede65cb..e4ada0545f7 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/Crypto.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/Crypto.h @@ -1,195 +1,195 @@ -// -// Crypto.h -// -// Library: Crypto -// Package: CryptoCore -// Module: Crypto -// -// Basic definitions for the Poco Crypto library. -// This file must be the first file included by every other Crypto -// header file. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_Crypto_INCLUDED -#define Crypto_Crypto_INCLUDED - - -#define POCO_EXTERNAL_OPENSSL_DEFAULT 1 -#define POCO_EXTERNAL_OPENSSL_SLPRO 2 - - -#include "Poco/Foundation.h" -#include <openssl/opensslv.h> - - -#ifndef OPENSSL_VERSION_PREREQ - #if defined(OPENSSL_VERSION_MAJOR) && defined(OPENSSL_VERSION_MINOR) - #define OPENSSL_VERSION_PREREQ(maj, min) \ - ((OPENSSL_VERSION_MAJOR << 16) + OPENSSL_VERSION_MINOR >= ((maj) << 16) + (min)) - #else - #define OPENSSL_VERSION_PREREQ(maj, min) \ - (OPENSSL_VERSION_NUMBER >= (((maj) << 28) | ((min) << 20))) - #endif -#endif - - -enum RSAPaddingMode - /// The padding mode used for RSA public key encryption. -{ - RSA_PADDING_PKCS1, - /// PKCS #1 v1.5 padding. This currently is the most widely used mode. - - RSA_PADDING_PKCS1_OAEP, - /// EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty - /// encoding parameter. This mode is recommended for all new applications. - - RSA_PADDING_SSLV23, - /// PKCS #1 v1.5 padding with an SSL-specific modification that denotes - /// that the server is SSL3 capable. - - RSA_PADDING_NONE - /// Raw RSA encryption. This mode should only be used to implement cryptographically - /// sound padding modes in the application code. Encrypting user data directly with RSA - /// is insecure. -}; - - -// -// The following block is the standard way of creating macros which make exporting -// from a DLL simpler. All files within this DLL are compiled with the Crypto_EXPORTS -// symbol defined on the command line. this symbol should not be defined on any project -// that uses this DLL. This way any other project whose source files include this file see -// Crypto_API functions as being imported from a DLL, whereas this DLL sees symbols -// defined with this macro as being exported. -// -#if defined(_WIN32) - #if defined(POCO_DLL) - #if defined(Crypto_EXPORTS) - #define Crypto_API __declspec(dllexport) - #else - #define Crypto_API __declspec(dllimport) - #endif - #endif -#endif - - -#if !defined(Crypto_API) - #if !defined(POCO_NO_GCC_API_ATTRIBUTE) && defined (__GNUC__) && (__GNUC__ >= 4) - #define Crypto_API __attribute__ ((visibility ("default"))) - #else - #define Crypto_API - #endif -#endif - - -// -// Automatically link Crypto and OpenSSL libraries. -// -#if defined(_MSC_VER) - #if !defined(POCO_NO_AUTOMATIC_LIBS) - #if defined(POCO_INTERNAL_OPENSSL_MSVC_VER) - #if defined(POCO_EXTERNAL_OPENSSL) - #pragma message("External OpenSSL defined but internal headers used - possible mismatch!") - #endif // POCO_EXTERNAL_OPENSSL - #if !defined(_DEBUG) - #define POCO_DEBUG_SUFFIX "" - #if !defined (_DLL) - #define POCO_STATIC_SUFFIX "mt" - #else // _DLL - #define POCO_STATIC_SUFFIX "" - #endif - #else // _DEBUG - #define POCO_DEBUG_SUFFIX "d" - #if !defined (_DLL) - #define POCO_STATIC_SUFFIX "mt" - #else // _DLL - #define POCO_STATIC_SUFFIX "" - #endif - #endif - #pragma comment(lib, "libcrypto" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") - #pragma comment(lib, "libssl" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") - #if !defined(_WIN64) && !defined (_DLL) && \ - (POCO_INTERNAL_OPENSSL_MSVC_VER == 120) && \ - (POCO_MSVC_VERSION < POCO_INTERNAL_OPENSSL_MSVC_VER) - #pragma comment(lib, "libPreVS2013CRT" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") - #endif - #if !defined (_DLL) && (POCO_MSVS_VERSION >= 2015) - #pragma comment(lib, "legacy_stdio_definitions.lib") - #pragma comment(lib, "legacy_stdio_wide_specifiers.lib") - #endif - #elif defined(POCO_EXTERNAL_OPENSSL) - #if POCO_EXTERNAL_OPENSSL == POCO_EXTERNAL_OPENSSL_SLPRO - #if defined(POCO_DLL) - #if OPENSSL_VERSION_PREREQ(1,1) - #pragma comment(lib, "libcrypto.lib") - #pragma comment(lib, "libssl.lib") - #else - #pragma comment(lib, "libeay32.lib") - #pragma comment(lib, "ssleay32.lib") - #endif - #else - #if OPENSSL_VERSION_PREREQ(1,1) - #if defined(_WIN64) - #pragma comment(lib, "libcrypto64" POCO_LIB_SUFFIX) - #pragma comment(lib, "libssl64" POCO_LIB_SUFFIX) - #else - #pragma comment(lib, "libcrypto32" POCO_LIB_SUFFIX) - #pragma comment(lib, "libssl32" POCO_LIB_SUFFIX) - #endif - #else - #pragma comment(lib, "libeay32" POCO_LIB_SUFFIX) - #pragma comment(lib, "ssleay32" POCO_LIB_SUFFIX) - #endif - #endif - #elif POCO_EXTERNAL_OPENSSL == POCO_EXTERNAL_OPENSSL_DEFAULT - #if OPENSSL_VERSION_PREREQ(1,1) - #pragma comment(lib, "libcrypto.lib") - #pragma comment(lib, "libssl.lib") - #else - #pragma comment(lib, "libeay32.lib") - #pragma comment(lib, "ssleay32.lib") - #endif - #endif - #endif // POCO_INTERNAL_OPENSSL_MSVC_VER - #if !defined(Crypto_EXPORTS) - #pragma comment(lib, "PocoCrypto" POCO_LIB_SUFFIX) - #endif - #endif // POCO_NO_AUTOMATIC_LIBS -#endif - - -namespace Poco { -namespace Crypto { - - -void Crypto_API initializeCrypto(); - /// Initialize the Crypto library, as well as the underlying OpenSSL - /// libraries, by calling OpenSSLInitializer::initialize(). - /// - /// Should be called before using any class from the Crypto library. - /// The Crypto library will be initialized automatically, through - /// OpenSSLInitializer instances held by various Crypto classes - /// (Cipher, CipherKey, RSAKey, X509Certificate). - /// However, it is recommended to call initializeCrypto() - /// in any case at application startup. - /// - /// Can be called multiple times; however, for every call to - /// initializeCrypto(), a matching call to uninitializeCrypto() - /// must be performed. - - -void Crypto_API uninitializeCrypto(); - /// Uninitializes the Crypto library by calling - /// OpenSSLInitializer::uninitialize(). - - -} } // namespace Poco::Crypto - - -#endif // Crypto_Crypto_INCLUDED +// +// Crypto.h +// +// Library: Crypto +// Package: CryptoCore +// Module: Crypto +// +// Basic definitions for the Poco Crypto library. +// This file must be the first file included by every other Crypto +// header file. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_Crypto_INCLUDED +#define Crypto_Crypto_INCLUDED + + +#define POCO_EXTERNAL_OPENSSL_DEFAULT 1 +#define POCO_EXTERNAL_OPENSSL_SLPRO 2 + + +#include "Poco/Foundation.h" +#include <openssl/opensslv.h> + + +#ifndef OPENSSL_VERSION_PREREQ + #if defined(OPENSSL_VERSION_MAJOR) && defined(OPENSSL_VERSION_MINOR) + #define OPENSSL_VERSION_PREREQ(maj, min) \ + ((OPENSSL_VERSION_MAJOR << 16) + OPENSSL_VERSION_MINOR >= ((maj) << 16) + (min)) + #else + #define OPENSSL_VERSION_PREREQ(maj, min) \ + (OPENSSL_VERSION_NUMBER >= (((maj) << 28) | ((min) << 20))) + #endif +#endif + + +enum RSAPaddingMode + /// The padding mode used for RSA public key encryption. +{ + RSA_PADDING_PKCS1, + /// PKCS #1 v1.5 padding. This currently is the most widely used mode. + + RSA_PADDING_PKCS1_OAEP, + /// EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty + /// encoding parameter. This mode is recommended for all new applications. + + RSA_PADDING_SSLV23, + /// PKCS #1 v1.5 padding with an SSL-specific modification that denotes + /// that the server is SSL3 capable. + + RSA_PADDING_NONE + /// Raw RSA encryption. This mode should only be used to implement cryptographically + /// sound padding modes in the application code. Encrypting user data directly with RSA + /// is insecure. +}; + + +// +// The following block is the standard way of creating macros which make exporting +// from a DLL simpler. All files within this DLL are compiled with the Crypto_EXPORTS +// symbol defined on the command line. this symbol should not be defined on any project +// that uses this DLL. This way any other project whose source files include this file see +// Crypto_API functions as being imported from a DLL, whereas this DLL sees symbols +// defined with this macro as being exported. +// +#if defined(_WIN32) + #if defined(POCO_DLL) + #if defined(Crypto_EXPORTS) + #define Crypto_API __declspec(dllexport) + #else + #define Crypto_API __declspec(dllimport) + #endif + #endif +#endif + + +#if !defined(Crypto_API) + #if !defined(POCO_NO_GCC_API_ATTRIBUTE) && defined (__GNUC__) && (__GNUC__ >= 4) + #define Crypto_API __attribute__ ((visibility ("default"))) + #else + #define Crypto_API + #endif +#endif + + +// +// Automatically link Crypto and OpenSSL libraries. +// +#if defined(_MSC_VER) + #if !defined(POCO_NO_AUTOMATIC_LIBS) + #if defined(POCO_INTERNAL_OPENSSL_MSVC_VER) + #if defined(POCO_EXTERNAL_OPENSSL) + #pragma message("External OpenSSL defined but internal headers used - possible mismatch!") + #endif // POCO_EXTERNAL_OPENSSL + #if !defined(_DEBUG) + #define POCO_DEBUG_SUFFIX "" + #if !defined (_DLL) + #define POCO_STATIC_SUFFIX "mt" + #else // _DLL + #define POCO_STATIC_SUFFIX "" + #endif + #else // _DEBUG + #define POCO_DEBUG_SUFFIX "d" + #if !defined (_DLL) + #define POCO_STATIC_SUFFIX "mt" + #else // _DLL + #define POCO_STATIC_SUFFIX "" + #endif + #endif + #pragma comment(lib, "libcrypto" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") + #pragma comment(lib, "libssl" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") + #if !defined(_WIN64) && !defined (_DLL) && \ + (POCO_INTERNAL_OPENSSL_MSVC_VER == 120) && \ + (POCO_MSVC_VERSION < POCO_INTERNAL_OPENSSL_MSVC_VER) + #pragma comment(lib, "libPreVS2013CRT" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") + #endif + #if !defined (_DLL) && (POCO_MSVS_VERSION >= 2015) + #pragma comment(lib, "legacy_stdio_definitions.lib") + #pragma comment(lib, "legacy_stdio_wide_specifiers.lib") + #endif + #elif defined(POCO_EXTERNAL_OPENSSL) + #if POCO_EXTERNAL_OPENSSL == POCO_EXTERNAL_OPENSSL_SLPRO + #if defined(POCO_DLL) + #if OPENSSL_VERSION_PREREQ(1,1) + #pragma comment(lib, "libcrypto.lib") + #pragma comment(lib, "libssl.lib") + #else + #pragma comment(lib, "libeay32.lib") + #pragma comment(lib, "ssleay32.lib") + #endif + #else + #if OPENSSL_VERSION_PREREQ(1,1) + #if defined(_WIN64) + #pragma comment(lib, "libcrypto64" POCO_LIB_SUFFIX) + #pragma comment(lib, "libssl64" POCO_LIB_SUFFIX) + #else + #pragma comment(lib, "libcrypto32" POCO_LIB_SUFFIX) + #pragma comment(lib, "libssl32" POCO_LIB_SUFFIX) + #endif + #else + #pragma comment(lib, "libeay32" POCO_LIB_SUFFIX) + #pragma comment(lib, "ssleay32" POCO_LIB_SUFFIX) + #endif + #endif + #elif POCO_EXTERNAL_OPENSSL == POCO_EXTERNAL_OPENSSL_DEFAULT + #if OPENSSL_VERSION_PREREQ(1,1) + #pragma comment(lib, "libcrypto.lib") + #pragma comment(lib, "libssl.lib") + #else + #pragma comment(lib, "libeay32.lib") + #pragma comment(lib, "ssleay32.lib") + #endif + #endif + #endif // POCO_INTERNAL_OPENSSL_MSVC_VER + #if !defined(Crypto_EXPORTS) + #pragma comment(lib, "PocoCrypto" POCO_LIB_SUFFIX) + #endif + #endif // POCO_NO_AUTOMATIC_LIBS +#endif + + +namespace Poco { +namespace Crypto { + + +void Crypto_API initializeCrypto(); + /// Initialize the Crypto library, as well as the underlying OpenSSL + /// libraries, by calling OpenSSLInitializer::initialize(). + /// + /// Should be called before using any class from the Crypto library. + /// The Crypto library will be initialized automatically, through + /// OpenSSLInitializer instances held by various Crypto classes + /// (Cipher, CipherKey, RSAKey, X509Certificate). + /// However, it is recommended to call initializeCrypto() + /// in any case at application startup. + /// + /// Can be called multiple times; however, for every call to + /// initializeCrypto(), a matching call to uninitializeCrypto() + /// must be performed. + + +void Crypto_API uninitializeCrypto(); + /// Uninitializes the Crypto library by calling + /// OpenSSLInitializer::uninitialize(). + + +} } // namespace Poco::Crypto + + +#endif // Crypto_Crypto_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/CryptoException.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/CryptoException.h index 8bd5b011c42..7bd0170ddec 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/CryptoException.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/CryptoException.h @@ -1,56 +1,56 @@ -// -// CryptoException.h -// -// -// Library: Crypto -// Package: Crypto -// Module: CryptoException -// -// Definition of the CryptoException class. -// -// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_CryptoException_INCLUDED -#define Crypto_CryptoException_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Exception.h" - - -namespace Poco { -namespace Crypto { - - -POCO_DECLARE_EXCEPTION(Crypto_API, CryptoException, Poco::Exception) - - -class Crypto_API OpenSSLException : public CryptoException -{ -public: - OpenSSLException(int code = 0); - OpenSSLException(const std::string& msg, int code = 0); - OpenSSLException(const std::string& msg, const std::string& arg, int code = 0); - OpenSSLException(const std::string& msg, const Poco::Exception& exc, int code = 0); - OpenSSLException(const OpenSSLException& exc); - ~OpenSSLException() noexcept; - OpenSSLException& operator = (const OpenSSLException& exc); +// +// CryptoException.h +// +// +// Library: Crypto +// Package: Crypto +// Module: CryptoException +// +// Definition of the CryptoException class. +// +// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CryptoException_INCLUDED +#define Crypto_CryptoException_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Exception.h" + + +namespace Poco { +namespace Crypto { + + +POCO_DECLARE_EXCEPTION(Crypto_API, CryptoException, Poco::Exception) + + +class Crypto_API OpenSSLException : public CryptoException +{ +public: + OpenSSLException(int code = 0); + OpenSSLException(const std::string& msg, int code = 0); + OpenSSLException(const std::string& msg, const std::string& arg, int code = 0); + OpenSSLException(const std::string& msg, const Poco::Exception& exc, int code = 0); + OpenSSLException(const OpenSSLException& exc); + ~OpenSSLException() noexcept; + OpenSSLException& operator = (const OpenSSLException& exc); const char* name() const noexcept; const char* className() const noexcept; - Poco::Exception* clone() const; - void rethrow() const; - -private: - void setExtMessage(); -}; - - -} } // namespace Poco::Crypto - - -#endif // Crypto_CryptoException_INCLUDED + Poco::Exception* clone() const; + void rethrow() const; + +private: + void setExtMessage(); +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CryptoException_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/CryptoStream.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/CryptoStream.h index 25a99a4ae58..f18e33d46dd 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/CryptoStream.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/CryptoStream.h @@ -1,192 +1,192 @@ -// -// CryptoStream.h -// -// Library: Crypto -// Package: Cipher -// Module: CryptoStream -// -// Definition of the CryptoStreamBuf, CryptoInputStream and CryptoOutputStream -// classes. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_CryptoStream_INCLUDED -#define Crypto_CryptoStream_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/BufferedStreamBuf.h" -#include "Poco/Buffer.h" -#include <iostream> - - -namespace Poco { -namespace Crypto { - - -class CryptoTransform; -class Cipher; - - -class Crypto_API CryptoStreamBuf: public Poco::BufferedStreamBuf - /// This stream buffer performs cryptographic transformation on the data - /// going through it. -{ -public: - CryptoStreamBuf(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); - CryptoStreamBuf(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); - - virtual ~CryptoStreamBuf(); - - void close(); - /// Flushes all buffers and finishes the encryption. - -protected: - int readFromDevice(char* buffer, std::streamsize length); - int writeToDevice(const char* buffer, std::streamsize length); - -private: - CryptoTransform* _pTransform; - std::istream* _pIstr; - std::ostream* _pOstr; - bool _eof; - - Poco::Buffer<unsigned char> _buffer; - - CryptoStreamBuf(const CryptoStreamBuf&); - CryptoStreamBuf& operator = (const CryptoStreamBuf&); -}; - - -class Crypto_API CryptoIOS: public virtual std::ios - /// The base class for CryptoInputStream and CryptoOutputStream. - /// - /// This class is needed to ensure correct initialization order of the - /// stream buffer and base classes. -{ -public: - CryptoIOS(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); - CryptoIOS(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); - ~CryptoIOS(); - CryptoStreamBuf* rdbuf(); - -protected: - CryptoStreamBuf _buf; -}; - - -class Crypto_API CryptoInputStream: public CryptoIOS, public std::istream - /// This stream transforms all data passing through it using the given - /// CryptoTransform. - /// - /// Use a CryptoTransform object provided by Cipher::createEncrytor() or - /// Cipher::createDecryptor() to create an encrypting or decrypting stream, - /// respectively. -{ -public: - CryptoInputStream(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); - /// Create a new CryptoInputStream object. The CryptoInputStream takes the - /// ownership of the given CryptoTransform object. - - CryptoInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize = 8192); - /// Create a new encrypting CryptoInputStream object using the given cipher. - - ~CryptoInputStream(); - /// Destroys the CryptoInputStream. -}; - - -class Crypto_API CryptoOutputStream: public CryptoIOS, public std::ostream - /// This stream transforms all data passing through it using the given - /// CryptoTransform. - /// - /// Use a CryptoTransform object provided by Cipher::createEncrytor() or - /// Cipher::createDecryptor() to create an encrypting or decrypting stream, - /// respectively. - /// - /// After all data has been passed through the stream, close() must be called - /// to ensure completion of cryptographic transformation. -{ -public: - CryptoOutputStream(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); - /// Create a new CryptoOutputStream object. The CryptoOutputStream takes the - /// ownership of the given CryptoTransform object. - - CryptoOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize = 8192); - /// Create a new decrypting CryptoOutputStream object using the given cipher. - - ~CryptoOutputStream(); - /// Destroys the CryptoOutputStream. - - void close(); - /// Flushes all buffers and finishes the encryption. -}; - - -class Crypto_API DecryptingInputStream: public CryptoIOS, public std::istream - /// This stream decrypts all data passing through it using the given - /// Cipher. -{ -public: - DecryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize = 8192); - /// Create a new DecryptingInputStream object using the given cipher. - - ~DecryptingInputStream(); - /// Destroys the DecryptingInputStream. -}; - - -class Crypto_API DecryptingOutputStream: public CryptoIOS, public std::ostream - /// This stream decrypts all data passing through it using the given - /// Cipher. -{ -public: - DecryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize = 8192); - /// Create a new DecryptingOutputStream object using the given cipher. - - ~DecryptingOutputStream(); - /// Destroys the DecryptingOutputStream. - - void close(); - /// Flushes all buffers and finishes the decryption. -}; - - -class Crypto_API EncryptingInputStream: public CryptoIOS, public std::istream - /// This stream encrypts all data passing through it using the given - /// Cipher. -{ -public: - EncryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize = 8192); - /// Create a new EncryptingInputStream object using the given cipher. - - ~EncryptingInputStream(); - /// Destroys the EncryptingInputStream. -}; - - -class Crypto_API EncryptingOutputStream: public CryptoIOS, public std::ostream - /// This stream encrypts all data passing through it using the given - /// Cipher. -{ -public: - EncryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize = 8192); - /// Create a new EncryptingOutputStream object using the given cipher. - - ~EncryptingOutputStream(); - /// Destroys the EncryptingOutputStream. - - void close(); - /// Flushes all buffers and finishes the encryption. -}; - - -} } // namespace Poco::Crypto - - -#endif // Crypto_CryptoStream_INCLUDED +// +// CryptoStream.h +// +// Library: Crypto +// Package: Cipher +// Module: CryptoStream +// +// Definition of the CryptoStreamBuf, CryptoInputStream and CryptoOutputStream +// classes. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CryptoStream_INCLUDED +#define Crypto_CryptoStream_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/BufferedStreamBuf.h" +#include "Poco/Buffer.h" +#include <iostream> + + +namespace Poco { +namespace Crypto { + + +class CryptoTransform; +class Cipher; + + +class Crypto_API CryptoStreamBuf: public Poco::BufferedStreamBuf + /// This stream buffer performs cryptographic transformation on the data + /// going through it. +{ +public: + CryptoStreamBuf(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); + CryptoStreamBuf(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); + + virtual ~CryptoStreamBuf(); + + void close(); + /// Flushes all buffers and finishes the encryption. + +protected: + int readFromDevice(char* buffer, std::streamsize length); + int writeToDevice(const char* buffer, std::streamsize length); + +private: + CryptoTransform* _pTransform; + std::istream* _pIstr; + std::ostream* _pOstr; + bool _eof; + + Poco::Buffer<unsigned char> _buffer; + + CryptoStreamBuf(const CryptoStreamBuf&); + CryptoStreamBuf& operator = (const CryptoStreamBuf&); +}; + + +class Crypto_API CryptoIOS: public virtual std::ios + /// The base class for CryptoInputStream and CryptoOutputStream. + /// + /// This class is needed to ensure correct initialization order of the + /// stream buffer and base classes. +{ +public: + CryptoIOS(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); + CryptoIOS(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); + ~CryptoIOS(); + CryptoStreamBuf* rdbuf(); + +protected: + CryptoStreamBuf _buf; +}; + + +class Crypto_API CryptoInputStream: public CryptoIOS, public std::istream + /// This stream transforms all data passing through it using the given + /// CryptoTransform. + /// + /// Use a CryptoTransform object provided by Cipher::createEncrytor() or + /// Cipher::createDecryptor() to create an encrypting or decrypting stream, + /// respectively. +{ +public: + CryptoInputStream(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); + /// Create a new CryptoInputStream object. The CryptoInputStream takes the + /// ownership of the given CryptoTransform object. + + CryptoInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize = 8192); + /// Create a new encrypting CryptoInputStream object using the given cipher. + + ~CryptoInputStream(); + /// Destroys the CryptoInputStream. +}; + + +class Crypto_API CryptoOutputStream: public CryptoIOS, public std::ostream + /// This stream transforms all data passing through it using the given + /// CryptoTransform. + /// + /// Use a CryptoTransform object provided by Cipher::createEncrytor() or + /// Cipher::createDecryptor() to create an encrypting or decrypting stream, + /// respectively. + /// + /// After all data has been passed through the stream, close() must be called + /// to ensure completion of cryptographic transformation. +{ +public: + CryptoOutputStream(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); + /// Create a new CryptoOutputStream object. The CryptoOutputStream takes the + /// ownership of the given CryptoTransform object. + + CryptoOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize = 8192); + /// Create a new decrypting CryptoOutputStream object using the given cipher. + + ~CryptoOutputStream(); + /// Destroys the CryptoOutputStream. + + void close(); + /// Flushes all buffers and finishes the encryption. +}; + + +class Crypto_API DecryptingInputStream: public CryptoIOS, public std::istream + /// This stream decrypts all data passing through it using the given + /// Cipher. +{ +public: + DecryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize = 8192); + /// Create a new DecryptingInputStream object using the given cipher. + + ~DecryptingInputStream(); + /// Destroys the DecryptingInputStream. +}; + + +class Crypto_API DecryptingOutputStream: public CryptoIOS, public std::ostream + /// This stream decrypts all data passing through it using the given + /// Cipher. +{ +public: + DecryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize = 8192); + /// Create a new DecryptingOutputStream object using the given cipher. + + ~DecryptingOutputStream(); + /// Destroys the DecryptingOutputStream. + + void close(); + /// Flushes all buffers and finishes the decryption. +}; + + +class Crypto_API EncryptingInputStream: public CryptoIOS, public std::istream + /// This stream encrypts all data passing through it using the given + /// Cipher. +{ +public: + EncryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize = 8192); + /// Create a new EncryptingInputStream object using the given cipher. + + ~EncryptingInputStream(); + /// Destroys the EncryptingInputStream. +}; + + +class Crypto_API EncryptingOutputStream: public CryptoIOS, public std::ostream + /// This stream encrypts all data passing through it using the given + /// Cipher. +{ +public: + EncryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize = 8192); + /// Create a new EncryptingOutputStream object using the given cipher. + + ~EncryptingOutputStream(); + /// Destroys the EncryptingOutputStream. + + void close(); + /// Flushes all buffers and finishes the encryption. +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CryptoStream_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/CryptoTransform.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/CryptoTransform.h index 9fa3806c653..ee56bf83a35 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/CryptoTransform.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/CryptoTransform.h @@ -1,87 +1,87 @@ -// -// CryptoTransform.h -// -// Library: Crypto -// Package: Cipher -// Module: CryptoTransform -// -// Definition of the CryptoTransform class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_CryptoTransform_INCLUDED -#define Crypto_CryptoTransform_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include <ios> - - -namespace Poco { -namespace Crypto { - - -class Crypto_API CryptoTransform - /// This interface represents the basic operations for cryptographic - /// transformations to be used with a CryptoInputStream or a - /// CryptoOutputStream. - /// - /// Implementations of this class are returned by the Cipher class to - /// perform encryption or decryption of data. -{ -public: - CryptoTransform(); - /// Creates a new CryptoTransform object. - - virtual ~CryptoTransform(); - /// Destroys the CryptoTransform. - - virtual std::size_t blockSize() const = 0; - /// Returns the block size for this CryptoTransform. - - virtual int setPadding(int padding); - /// Enables or disables padding. By default encryption operations are padded using standard block - /// padding and the padding is checked and removed when decrypting. If the padding parameter is zero then - /// no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of - /// the block size or an error will occur. - - virtual std::string getTag(std::size_t tagSize = 16) = 0; - /// Returns the GCM tag after encrypting using GCM mode. - /// - /// Must be called after finalize(). - - virtual void setTag(const std::string& tag) = 0; - /// Sets the GCM tag for authenticated decryption using GCM mode. - /// - /// Must be set before finalize() is called, otherwise - /// decryption will fail. - - virtual std::streamsize transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength) = 0; - /// Transforms a chunk of data. The inputLength is arbitrary and does not - /// need to be a multiple of the block size. The output buffer has a maximum - /// capacity of the given outputLength that must be at least - /// inputLength + blockSize() - 1 - /// Returns the number of bytes written to the output buffer. - - virtual std::streamsize finalize(unsigned char* output, std::streamsize length) = 0; - /// Finalizes the transformation. The output buffer must contain enough - /// space for at least two blocks, ie. - /// length >= 2*blockSize() - /// must be true. Returns the number of bytes written to the output - /// buffer. -}; - - -} } // namespace Poco::Crypto - - -#endif // Crypto_CryptoTransform_INCLUDED +// +// CryptoTransform.h +// +// Library: Crypto +// Package: Cipher +// Module: CryptoTransform +// +// Definition of the CryptoTransform class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CryptoTransform_INCLUDED +#define Crypto_CryptoTransform_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include <ios> + + +namespace Poco { +namespace Crypto { + + +class Crypto_API CryptoTransform + /// This interface represents the basic operations for cryptographic + /// transformations to be used with a CryptoInputStream or a + /// CryptoOutputStream. + /// + /// Implementations of this class are returned by the Cipher class to + /// perform encryption or decryption of data. +{ +public: + CryptoTransform(); + /// Creates a new CryptoTransform object. + + virtual ~CryptoTransform(); + /// Destroys the CryptoTransform. + + virtual std::size_t blockSize() const = 0; + /// Returns the block size for this CryptoTransform. + + virtual int setPadding(int padding); + /// Enables or disables padding. By default encryption operations are padded using standard block + /// padding and the padding is checked and removed when decrypting. If the padding parameter is zero then + /// no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of + /// the block size or an error will occur. + + virtual std::string getTag(std::size_t tagSize = 16) = 0; + /// Returns the GCM tag after encrypting using GCM mode. + /// + /// Must be called after finalize(). + + virtual void setTag(const std::string& tag) = 0; + /// Sets the GCM tag for authenticated decryption using GCM mode. + /// + /// Must be set before finalize() is called, otherwise + /// decryption will fail. + + virtual std::streamsize transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength) = 0; + /// Transforms a chunk of data. The inputLength is arbitrary and does not + /// need to be a multiple of the block size. The output buffer has a maximum + /// capacity of the given outputLength that must be at least + /// inputLength + blockSize() - 1 + /// Returns the number of bytes written to the output buffer. + + virtual std::streamsize finalize(unsigned char* output, std::streamsize length) = 0; + /// Finalizes the transformation. The output buffer must contain enough + /// space for at least two blocks, ie. + /// length >= 2*blockSize() + /// must be true. Returns the number of bytes written to the output + /// buffer. +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CryptoTransform_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/DigestEngine.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/DigestEngine.h index 8244a6ea8c5..fb9e4d7012b 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/DigestEngine.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/DigestEngine.h @@ -1,80 +1,80 @@ -// -// DigestEngine.h -// -// Library: Crypto -// Package: Digest -// Module: DigestEngine -// -// Definition of the DigestEngine class. -// -// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_DigestEngine_INCLUDED -#define Crypto_DigestEngine_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/OpenSSLInitializer.h" -#include "Poco/DigestEngine.h" -#include <openssl/evp.h> - - -namespace Poco { -namespace Crypto { - - -class Crypto_API DigestEngine: public Poco::DigestEngine - /// This class implements a Poco::DigestEngine for all - /// digest algorithms supported by OpenSSL. -{ -public: - DigestEngine(const std::string& name); - /// Creates a DigestEngine using the digest with the given name - /// (e.g., "MD5", "SHA1", "SHA256", "SHA512", etc.). - /// See the OpenSSL documentation for a list of supported digest algorithms. - /// - /// Throws a Poco::NotFoundException if no algorithm with the given name exists. - - ~DigestEngine(); - /// Destroys the DigestEngine. - - const std::string& algorithm() const; - /// Returns the name of the digest algorithm. - - int nid() const; - /// Returns the NID (OpenSSL object identifier) of the digest algorithm. - - // DigestEngine - std::size_t digestLength() const; - void reset(); - const Poco::DigestEngine::Digest& digest(); - -protected: - void updateImpl(const void* data, std::size_t length); - -private: - std::string _name; - EVP_MD_CTX* _pContext; - Poco::DigestEngine::Digest _digest; - OpenSSLInitializer _openSSLInitializer; -}; - - -// -// inlines -// -inline const std::string& DigestEngine::algorithm() const -{ - return _name; -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_DigestEngine_INCLUDED +// +// DigestEngine.h +// +// Library: Crypto +// Package: Digest +// Module: DigestEngine +// +// Definition of the DigestEngine class. +// +// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_DigestEngine_INCLUDED +#define Crypto_DigestEngine_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/DigestEngine.h" +#include <openssl/evp.h> + + +namespace Poco { +namespace Crypto { + + +class Crypto_API DigestEngine: public Poco::DigestEngine + /// This class implements a Poco::DigestEngine for all + /// digest algorithms supported by OpenSSL. +{ +public: + DigestEngine(const std::string& name); + /// Creates a DigestEngine using the digest with the given name + /// (e.g., "MD5", "SHA1", "SHA256", "SHA512", etc.). + /// See the OpenSSL documentation for a list of supported digest algorithms. + /// + /// Throws a Poco::NotFoundException if no algorithm with the given name exists. + + ~DigestEngine(); + /// Destroys the DigestEngine. + + const std::string& algorithm() const; + /// Returns the name of the digest algorithm. + + int nid() const; + /// Returns the NID (OpenSSL object identifier) of the digest algorithm. + + // DigestEngine + std::size_t digestLength() const; + void reset(); + const Poco::DigestEngine::Digest& digest(); + +protected: + void updateImpl(const void* data, std::size_t length); + +private: + std::string _name; + EVP_MD_CTX* _pContext; + Poco::DigestEngine::Digest _digest; + OpenSSLInitializer _openSSLInitializer; +}; + + +// +// inlines +// +inline const std::string& DigestEngine::algorithm() const +{ + return _name; +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_DigestEngine_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/ECDSADigestEngine.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/ECDSADigestEngine.h index ed6fab442f6..973723f76b7 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/ECDSADigestEngine.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/ECDSADigestEngine.h @@ -1,101 +1,101 @@ -// -// ECDSADigestEngine.h -// -// -// Library: Crypto -// Package: ECDSA -// Module: ECDSADigestEngine -// -// Definition of the ECDSADigestEngine class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_ECDSADigestEngine_INCLUDED -#define Crypto_ECDSADigestEngine_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/ECKey.h" -#include "Poco/DigestEngine.h" -#include "Poco/Crypto/DigestEngine.h" -#include <istream> -#include <ostream> - - -namespace Poco { -namespace Crypto { - - -class Crypto_API ECDSADigestEngine: public Poco::DigestEngine - /// This class implements a Poco::DigestEngine that can be - /// used to compute a secure digital signature. - /// - /// First another Poco::Crypto::DigestEngine is created and - /// used to compute a cryptographic hash of the data to be - /// signed. Then, the hash value is encrypted, using - /// the ECDSA private key. - /// - /// To verify a signature, pass it to the verify() - /// member function. It will decrypt the signature - /// using the ECDSA public key and compare the resulting - /// hash with the actual hash of the data. -{ -public: - - ECDSADigestEngine(const ECKey& key, const std::string &name); - /// Creates the ECDSADigestEngine with the given ECDSA key, - /// using the hash algorithm with the given name - /// (e.g., "SHA1", "SHA256", "SHA512", etc.). - /// See the OpenSSL documentation for a list of supported digest algorithms. - /// - /// Throws a Poco::NotFoundException if no algorithm with the given name exists. - - ~ECDSADigestEngine(); - /// Destroys the ECDSADigestEngine. - - std::size_t digestLength() const; - /// Returns the length of the digest in bytes. - - void reset(); - /// Resets the engine so that a new - /// digest can be computed. - - const DigestEngine::Digest& digest(); - /// Finishes the computation of the digest - /// (the first time it's called) and - /// returns the message digest. - /// - /// Can be called multiple times. - - const DigestEngine::Digest& signature(); - /// Signs the digest using the ECDSADSA algorithm - /// and the private key (the first time it's - /// called) and returns the result. - /// - /// Can be called multiple times. - - bool verify(const DigestEngine::Digest& signature); - /// Verifies the data against the signature. - /// - /// Returns true if the signature can be verified, false otherwise. - -protected: - void updateImpl(const void* data, std::size_t length); - -private: - ECKey _key; - Poco::Crypto::DigestEngine _engine; - Poco::DigestEngine::Digest _digest; - Poco::DigestEngine::Digest _signature; -}; - - -} } // namespace Poco::Crypto - - -#endif // Crypto_ECDSADigestEngine_INCLUDED +// +// ECDSADigestEngine.h +// +// +// Library: Crypto +// Package: ECDSA +// Module: ECDSADigestEngine +// +// Definition of the ECDSADigestEngine class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_ECDSADigestEngine_INCLUDED +#define Crypto_ECDSADigestEngine_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/ECKey.h" +#include "Poco/DigestEngine.h" +#include "Poco/Crypto/DigestEngine.h" +#include <istream> +#include <ostream> + + +namespace Poco { +namespace Crypto { + + +class Crypto_API ECDSADigestEngine: public Poco::DigestEngine + /// This class implements a Poco::DigestEngine that can be + /// used to compute a secure digital signature. + /// + /// First another Poco::Crypto::DigestEngine is created and + /// used to compute a cryptographic hash of the data to be + /// signed. Then, the hash value is encrypted, using + /// the ECDSA private key. + /// + /// To verify a signature, pass it to the verify() + /// member function. It will decrypt the signature + /// using the ECDSA public key and compare the resulting + /// hash with the actual hash of the data. +{ +public: + + ECDSADigestEngine(const ECKey& key, const std::string &name); + /// Creates the ECDSADigestEngine with the given ECDSA key, + /// using the hash algorithm with the given name + /// (e.g., "SHA1", "SHA256", "SHA512", etc.). + /// See the OpenSSL documentation for a list of supported digest algorithms. + /// + /// Throws a Poco::NotFoundException if no algorithm with the given name exists. + + ~ECDSADigestEngine(); + /// Destroys the ECDSADigestEngine. + + std::size_t digestLength() const; + /// Returns the length of the digest in bytes. + + void reset(); + /// Resets the engine so that a new + /// digest can be computed. + + const DigestEngine::Digest& digest(); + /// Finishes the computation of the digest + /// (the first time it's called) and + /// returns the message digest. + /// + /// Can be called multiple times. + + const DigestEngine::Digest& signature(); + /// Signs the digest using the ECDSADSA algorithm + /// and the private key (the first time it's + /// called) and returns the result. + /// + /// Can be called multiple times. + + bool verify(const DigestEngine::Digest& signature); + /// Verifies the data against the signature. + /// + /// Returns true if the signature can be verified, false otherwise. + +protected: + void updateImpl(const void* data, std::size_t length); + +private: + ECKey _key; + Poco::Crypto::DigestEngine _engine; + Poco::DigestEngine::Digest _digest; + Poco::DigestEngine::Digest _signature; +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_ECDSADigestEngine_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/ECKey.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/ECKey.h index 14f2ac0a189..3767ead9eb3 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/ECKey.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/ECKey.h @@ -1,136 +1,136 @@ -// -// ECKey.h -// -// -// Library: Crypto -// Package: EC -// Module: ECKey -// -// Definition of the ECKey class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_ECKey_INCLUDED -#define Crypto_ECKey_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/KeyPair.h" -#include "Poco/Crypto/ECKeyImpl.h" - - -namespace Poco { -namespace Crypto { - - -class X509Certificate; -class PKCS12Container; - - -class Crypto_API ECKey : public KeyPair - /// This class stores an EC key pair, consisting - /// of private and public key. Storage of the private - /// key is optional. - /// - /// If a private key is available, the ECKey can be - /// used for decrypting data (encrypted with the public key) - /// or computing secure digital signatures. -{ -public: - ECKey(const EVPPKey& key); - /// Constructs ECKeyImpl by extracting the EC key. - - ECKey(const X509Certificate& cert); - /// Extracts the EC public key from the given certificate. - - ECKey(const PKCS12Container& cert); - /// Extracts the EC private key from the given certificate. - - ECKey(const std::string& eccGroup); - /// Creates the ECKey. Creates a new public/private keypair using the given parameters. - /// Can be used to sign data and verify signatures. - - ECKey(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase = ""); - /// Creates the ECKey, by reading public and private key from the given files and - /// using the given passphrase for the private key. - /// - /// Cannot be used for signing or decryption unless a private key is available. - /// - /// If a private key is specified, you don't need to specify a public key file. - /// OpenSSL will auto-create the public key from the private key. - - ECKey(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream = 0, const std::string& privateKeyPassphrase = ""); - /// Creates the ECKey, by reading public and private key from the given streams and - /// using the given passphrase for the private key. - /// - /// Cannot be used for signing or decryption unless a private key is available. - /// - /// If a private key is specified, you don't need to specify a public key file. - /// OpenSSL will auto-create the public key from the private key. - - ~ECKey(); - /// Destroys the ECKey. - - ECKeyImpl::Ptr impl() const; - /// Returns the impl object. - - static std::string getCurveName(int nid = -1); - /// Returns elliptical curve name corresponding to - /// the given nid; if nid is not found, returns - /// empty string. - /// - /// If nid is -1, returns first curve name. - /// - /// If no curves are found, returns empty string; - - static int getCurveNID(std::string& name); - /// Returns the NID of the specified curve. - /// - /// If name is empty, returns the first curve NID - /// and updates the name accordingly. - - static bool hasCurve(const std::string& name); - /// Returns true if the named curve is found, - /// false otherwise. - -private: - ECKeyImpl::Ptr _pImpl; -}; - - -// -// inlines -// -inline ECKeyImpl::Ptr ECKey::impl() const -{ - return _pImpl; -} - - -inline std::string ECKey::getCurveName(int nid) -{ - return ECKeyImpl::getCurveName(nid); -} - - -inline int ECKey::getCurveNID(std::string& name) -{ - return ECKeyImpl::getCurveNID(name); -} - - -inline bool ECKey::hasCurve(const std::string& name) -{ - return ECKeyImpl::hasCurve(name); -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_ECKey_INCLUDED +// +// ECKey.h +// +// +// Library: Crypto +// Package: EC +// Module: ECKey +// +// Definition of the ECKey class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_ECKey_INCLUDED +#define Crypto_ECKey_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/KeyPair.h" +#include "Poco/Crypto/ECKeyImpl.h" + + +namespace Poco { +namespace Crypto { + + +class X509Certificate; +class PKCS12Container; + + +class Crypto_API ECKey : public KeyPair + /// This class stores an EC key pair, consisting + /// of private and public key. Storage of the private + /// key is optional. + /// + /// If a private key is available, the ECKey can be + /// used for decrypting data (encrypted with the public key) + /// or computing secure digital signatures. +{ +public: + ECKey(const EVPPKey& key); + /// Constructs ECKeyImpl by extracting the EC key. + + ECKey(const X509Certificate& cert); + /// Extracts the EC public key from the given certificate. + + ECKey(const PKCS12Container& cert); + /// Extracts the EC private key from the given certificate. + + ECKey(const std::string& eccGroup); + /// Creates the ECKey. Creates a new public/private keypair using the given parameters. + /// Can be used to sign data and verify signatures. + + ECKey(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase = ""); + /// Creates the ECKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. + /// + /// Cannot be used for signing or decryption unless a private key is available. + /// + /// If a private key is specified, you don't need to specify a public key file. + /// OpenSSL will auto-create the public key from the private key. + + ECKey(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream = 0, const std::string& privateKeyPassphrase = ""); + /// Creates the ECKey, by reading public and private key from the given streams and + /// using the given passphrase for the private key. + /// + /// Cannot be used for signing or decryption unless a private key is available. + /// + /// If a private key is specified, you don't need to specify a public key file. + /// OpenSSL will auto-create the public key from the private key. + + ~ECKey(); + /// Destroys the ECKey. + + ECKeyImpl::Ptr impl() const; + /// Returns the impl object. + + static std::string getCurveName(int nid = -1); + /// Returns elliptical curve name corresponding to + /// the given nid; if nid is not found, returns + /// empty string. + /// + /// If nid is -1, returns first curve name. + /// + /// If no curves are found, returns empty string; + + static int getCurveNID(std::string& name); + /// Returns the NID of the specified curve. + /// + /// If name is empty, returns the first curve NID + /// and updates the name accordingly. + + static bool hasCurve(const std::string& name); + /// Returns true if the named curve is found, + /// false otherwise. + +private: + ECKeyImpl::Ptr _pImpl; +}; + + +// +// inlines +// +inline ECKeyImpl::Ptr ECKey::impl() const +{ + return _pImpl; +} + + +inline std::string ECKey::getCurveName(int nid) +{ + return ECKeyImpl::getCurveName(nid); +} + + +inline int ECKey::getCurveNID(std::string& name) +{ + return ECKeyImpl::getCurveNID(name); +} + + +inline bool ECKey::hasCurve(const std::string& name) +{ + return ECKeyImpl::hasCurve(name); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_ECKey_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/ECKeyImpl.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/ECKeyImpl.h index 840764304d1..5ef51101d8f 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/ECKeyImpl.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/ECKeyImpl.h @@ -1,174 +1,174 @@ -// -// ECKeyImpl.h -// -// -// Library: Crypto -// Package: EC -// Module: ECKeyImpl -// -// Definition of the ECKeyImpl class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_ECKeyImplImpl_INCLUDED -#define Crypto_ECKeyImplImpl_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/EVPPKey.h" -#include "Poco/Crypto/KeyPairImpl.h" -#include "Poco/Crypto/OpenSSLInitializer.h" -#include "Poco/RefCountedObject.h" -#include "Poco/AutoPtr.h" -#include <istream> -#include <ostream> -#include <vector> -#include <openssl/objects.h> -#include <openssl/ec.h> - - -namespace Poco { -namespace Crypto { - - -class X509Certificate; -class PKCS12Container; - - -class ECKeyImpl: public KeyPairImpl - /// Elliptic Curve key clas implementation. -{ -public: - typedef Poco::AutoPtr<ECKeyImpl> Ptr; - typedef std::vector<unsigned char> ByteVec; - - ECKeyImpl(const EVPPKey& key); - /// Constructs ECKeyImpl by extracting the EC key. - - ECKeyImpl(const X509Certificate& cert); - /// Constructs ECKeyImpl by extracting the EC public key from the given certificate. - - ECKeyImpl(const PKCS12Container& cert); - /// Constructs ECKeyImpl by extracting the EC private key from the given certificate. - - ECKeyImpl(int eccGroup); - /// Creates the ECKey of the specified group. Creates a new public/private keypair using the given parameters. - /// Can be used to sign data and verify signatures. - - ECKeyImpl(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase); - /// Creates the ECKey, by reading public and private key from the given files and - /// using the given passphrase for the private key. Can only by used for signing if - /// a private key is available. - - ECKeyImpl(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase); - /// Creates the ECKey. Can only by used for signing if pPrivKey - /// is not null. If a private key file is specified, you don't need to - /// specify a public key file. OpenSSL will auto-create it from the private key. - - ~ECKeyImpl(); - /// Destroys the ECKeyImpl. - - EC_KEY* getECKey(); - /// Returns the OpenSSL EC key. - - const EC_KEY* getECKey() const; - /// Returns the OpenSSL EC key. - - int size() const; - /// Returns the EC key length in bits. - - int groupId() const; - /// Returns the EC key group integer Id. - - std::string groupName() const; - /// Returns the EC key group name. - - void save(const std::string& publicKeyFile, - const std::string& privateKeyFile = "", - const std::string& privateKeyPassphrase = "") const; - /// Exports the public and private keys to the given files. - /// - /// If an empty filename is specified, the corresponding key - /// is not exported. - - void save(std::ostream* pPublicKeyStream, - std::ostream* pPrivateKeyStream = 0, - const std::string& privateKeyPassphrase = "") const; - /// Exports the public and private key to the given streams. - /// - /// If a null pointer is passed for a stream, the corresponding - /// key is not exported. - - static std::string getCurveName(int nid = -1); - /// Returns elliptical curve name corresponding to - /// the given nid; if nid is not found, returns - /// empty string. - /// - /// If nid is -1, returns first curve name. - /// - /// If no curves are found, returns empty string; - - static int getCurveNID(std::string& name); - /// Returns the NID of the specified curve. - /// - /// If name is empty, returns the first curve NID - /// and updates the name accordingly. - - static bool hasCurve(const std::string& name); - /// Returns true if the named curve is found, - /// false otherwise. - -private: - void checkEC(const std::string& method, const std::string& func) const; - void freeEC(); - - EC_KEY* _pEC; -}; - - -// -// inlines -// -inline EC_KEY* ECKeyImpl::getECKey() -{ - return _pEC; -} - - -inline const EC_KEY* ECKeyImpl::getECKey() const -{ - return _pEC; -} - - -inline std::string ECKeyImpl::groupName() const -{ - return OBJ_nid2sn(groupId()); -} - - -inline void ECKeyImpl::save(const std::string& publicKeyFile, - const std::string& privateKeyFile, - const std::string& privateKeyPassphrase) const -{ - EVPPKey(_pEC).save(publicKeyFile, privateKeyFile, privateKeyPassphrase); -} - - -inline void ECKeyImpl::save(std::ostream* pPublicKeyStream, - std::ostream* pPrivateKeyStream, - const std::string& privateKeyPassphrase) const -{ - EVPPKey(_pEC).save(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase); -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_ECKeyImplImpl_INCLUDED +// +// ECKeyImpl.h +// +// +// Library: Crypto +// Package: EC +// Module: ECKeyImpl +// +// Definition of the ECKeyImpl class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_ECKeyImplImpl_INCLUDED +#define Crypto_ECKeyImplImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/EVPPKey.h" +#include "Poco/Crypto/KeyPairImpl.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/RefCountedObject.h" +#include "Poco/AutoPtr.h" +#include <istream> +#include <ostream> +#include <vector> +#include <openssl/objects.h> +#include <openssl/ec.h> + + +namespace Poco { +namespace Crypto { + + +class X509Certificate; +class PKCS12Container; + + +class ECKeyImpl: public KeyPairImpl + /// Elliptic Curve key clas implementation. +{ +public: + typedef Poco::AutoPtr<ECKeyImpl> Ptr; + typedef std::vector<unsigned char> ByteVec; + + ECKeyImpl(const EVPPKey& key); + /// Constructs ECKeyImpl by extracting the EC key. + + ECKeyImpl(const X509Certificate& cert); + /// Constructs ECKeyImpl by extracting the EC public key from the given certificate. + + ECKeyImpl(const PKCS12Container& cert); + /// Constructs ECKeyImpl by extracting the EC private key from the given certificate. + + ECKeyImpl(int eccGroup); + /// Creates the ECKey of the specified group. Creates a new public/private keypair using the given parameters. + /// Can be used to sign data and verify signatures. + + ECKeyImpl(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase); + /// Creates the ECKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. Can only by used for signing if + /// a private key is available. + + ECKeyImpl(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase); + /// Creates the ECKey. Can only by used for signing if pPrivKey + /// is not null. If a private key file is specified, you don't need to + /// specify a public key file. OpenSSL will auto-create it from the private key. + + ~ECKeyImpl(); + /// Destroys the ECKeyImpl. + + EC_KEY* getECKey(); + /// Returns the OpenSSL EC key. + + const EC_KEY* getECKey() const; + /// Returns the OpenSSL EC key. + + int size() const; + /// Returns the EC key length in bits. + + int groupId() const; + /// Returns the EC key group integer Id. + + std::string groupName() const; + /// Returns the EC key group name. + + void save(const std::string& publicKeyFile, + const std::string& privateKeyFile = "", + const std::string& privateKeyPassphrase = "") const; + /// Exports the public and private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + void save(std::ostream* pPublicKeyStream, + std::ostream* pPrivateKeyStream = 0, + const std::string& privateKeyPassphrase = "") const; + /// Exports the public and private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + + static std::string getCurveName(int nid = -1); + /// Returns elliptical curve name corresponding to + /// the given nid; if nid is not found, returns + /// empty string. + /// + /// If nid is -1, returns first curve name. + /// + /// If no curves are found, returns empty string; + + static int getCurveNID(std::string& name); + /// Returns the NID of the specified curve. + /// + /// If name is empty, returns the first curve NID + /// and updates the name accordingly. + + static bool hasCurve(const std::string& name); + /// Returns true if the named curve is found, + /// false otherwise. + +private: + void checkEC(const std::string& method, const std::string& func) const; + void freeEC(); + + EC_KEY* _pEC; +}; + + +// +// inlines +// +inline EC_KEY* ECKeyImpl::getECKey() +{ + return _pEC; +} + + +inline const EC_KEY* ECKeyImpl::getECKey() const +{ + return _pEC; +} + + +inline std::string ECKeyImpl::groupName() const +{ + return OBJ_nid2sn(groupId()); +} + + +inline void ECKeyImpl::save(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase) const +{ + EVPPKey(_pEC).save(publicKeyFile, privateKeyFile, privateKeyPassphrase); +} + + +inline void ECKeyImpl::save(std::ostream* pPublicKeyStream, + std::ostream* pPrivateKeyStream, + const std::string& privateKeyPassphrase) const +{ + EVPPKey(_pEC).save(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_ECKeyImplImpl_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/EVPPKey.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/EVPPKey.h index fbcdad5b19c..78c34828d88 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/EVPPKey.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/EVPPKey.h @@ -1,354 +1,354 @@ -// -// EVPPKey.h -// -// -// Library: Crypto -// Package: CryptoCore -// Module: EVPPKey -// -// Definition of the EVPPKey class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_EVPPKeyImpl_INCLUDED -#define Crypto_EVPPKeyImpl_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/CryptoException.h" -#include "Poco/StreamCopier.h" -#include <openssl/ec.h> -#include <openssl/rsa.h> -#include <openssl/evp.h> -#include <openssl/pem.h> -#include <sstream> -#include <typeinfo> - - -namespace Poco { -namespace Crypto { - - -class ECKey; -class RSAKey; - - -class Crypto_API EVPPKey - /// Utility class for conversion of native keys to EVP. - /// Currently, only RSA and EC keys are supported. -{ -public: - explicit EVPPKey(const std::string& ecCurveName); - /// Constructs EVPPKey from ECC curve name. - /// - /// Only EC keys can be wrapped by an EVPPKey - /// created using this constructor. - - explicit EVPPKey(const char* ecCurveName); - /// Constructs EVPPKey from ECC curve name. - /// - /// Only EC keys can be wrapped by an EVPPKey - /// created using this constructor. - - explicit EVPPKey(EVP_PKEY* pEVPPKey); - /// Constructs EVPPKey from EVP_PKEY pointer. - /// The content behind the supplied pointer is internally duplicated. - - template<typename K> - explicit EVPPKey(K* pKey): _pEVPPKey(EVP_PKEY_new()) - /// Constructs EVPPKey from a "native" OpenSSL (RSA or EC_KEY), - /// or a Poco wrapper (RSAKey, ECKey) key pointer. - { - if (!_pEVPPKey) throw OpenSSLException(); - setKey(pKey); - } - - EVPPKey(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase = ""); - /// Creates the EVPPKey, by reading public and private key from the given files and - /// using the given passphrase for the private key. Can only by used for signing if - /// a private key is available. - - EVPPKey(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase = ""); - /// Creates the EVPPKey. Can only by used for signing if pPrivKey - /// is not null. If a private key file is specified, you don't need to - /// specify a public key file. OpenSSL will auto-create it from the private key. - - EVPPKey(const EVPPKey& other); - /// Copy constructor. - - EVPPKey& operator=(const EVPPKey& other); - /// Assignment operator. - -#ifdef POCO_ENABLE_CPP11 - - EVPPKey(EVPPKey&& other); - /// Move constructor. - - EVPPKey& operator=(EVPPKey&& other); - /// Assignment move operator. - -#endif // POCO_ENABLE_CPP11 - - ~EVPPKey(); - /// Destroys the EVPPKey. - - bool operator == (const EVPPKey& other) const; - /// Comparison operator. - /// Returns true if public key components and parameters - /// of the other key are equal to this key. - /// - /// Works as expected when one key contains only public key, - /// while the other one contains private (thus also public) key. - - bool operator != (const EVPPKey& other) const; - /// Comparison operator. - /// Returns true if public key components and parameters - /// of the other key are different from this key. - /// - /// Works as expected when one key contains only public key, - /// while the other one contains private (thus also public) key. - - void save(const std::string& publicKeyFile, const std::string& privateKeyFile = "", const std::string& privateKeyPassphrase = "") const; - /// Exports the public and/or private keys to the given files. - /// - /// If an empty filename is specified, the corresponding key - /// is not exported. - - void save(std::ostream* pPublicKeyStream, std::ostream* pPrivateKeyStream = 0, const std::string& privateKeyPassphrase = "") const; - /// Exports the public and/or private key to the given streams. - /// - /// If a null pointer is passed for a stream, the corresponding - /// key is not exported. - - int type() const; - /// Retuns the EVPPKey type NID. - - bool isSupported(int type) const; - /// Returns true if OpenSSL type is supported - - operator const EVP_PKEY*() const; - /// Returns const pointer to the OpenSSL EVP_PKEY structure. - - operator EVP_PKEY*(); - /// Returns pointer to the OpenSSL EVP_PKEY structure. - - static EVP_PKEY* duplicate(const EVP_PKEY* pFromKey, EVP_PKEY** pToKey); - /// Duplicates pFromKey into *pToKey and returns - // the pointer to duplicated EVP_PKEY. - -private: - EVPPKey(); - - static int type(const EVP_PKEY* pEVPPKey); - void newECKey(const char* group); - void duplicate(EVP_PKEY* pEVPPKey); - - void setKey(ECKey* pKey); - void setKey(RSAKey* pKey); - void setKey(EC_KEY* pKey); - void setKey(RSA* pKey); - static int passCB(char* buf, int size, int, void* pass); - - typedef EVP_PKEY* (*PEM_read_FILE_Key_fn)(FILE*, EVP_PKEY**, pem_password_cb*, void*); - typedef EVP_PKEY* (*PEM_read_BIO_Key_fn)(BIO*, EVP_PKEY**, pem_password_cb*, void*); - typedef void* (*EVP_PKEY_get_Key_fn)(EVP_PKEY*); - - // The following load*() functions are used by both native and EVP_PKEY type key - // loading from BIO/FILE. - // When used for EVP key loading, getFunc is null (ie. native key is not extracted - // from the loaded EVP_PKEY). - template <typename K, typename F> - static bool loadKey(K** ppKey, - PEM_read_FILE_Key_fn readFunc, - F getFunc, - const std::string& keyFile, - const std::string& pass = "") - { - poco_assert_dbg (((typeid(K*) == typeid(RSA*) || typeid(K*) == typeid(EC_KEY*)) && getFunc) || - ((typeid(K*) == typeid(EVP_PKEY*)) && !getFunc)); - poco_check_ptr (ppKey); - poco_assert_dbg (!*ppKey); - - FILE* pFile = 0; - if (!keyFile.empty()) - { - if (!getFunc) *ppKey = (K*)EVP_PKEY_new(); - EVP_PKEY* pKey = getFunc ? EVP_PKEY_new() : (EVP_PKEY*)*ppKey; - if (pKey) - { - pFile = fopen(keyFile.c_str(), "r"); - if (pFile) - { - pem_password_cb* pCB = pass.empty() ? (pem_password_cb*)0 : &passCB; - void* pPassword = pass.empty() ? (void*)0 : (void*)pass.c_str(); - if (readFunc(pFile, &pKey, pCB, pPassword)) - { - fclose(pFile); pFile = 0; - if(getFunc) - { - *ppKey = (K*)getFunc(pKey); - EVP_PKEY_free(pKey); - } - else - { - poco_assert_dbg (typeid(K*) == typeid(EVP_PKEY*)); - *ppKey = (K*)pKey; - } - if(!*ppKey) goto error; - return true; - } - goto error; - } - else - { - if (getFunc) EVP_PKEY_free(pKey); - throw IOException("ECKeyImpl, cannot open file", keyFile); - } - } - else goto error; - } - return false; - - error: - if (pFile) fclose(pFile); - throw OpenSSLException("EVPKey::loadKey(string)"); - } - - template <typename K, typename F> - static bool loadKey(K** ppKey, - PEM_read_BIO_Key_fn readFunc, - F getFunc, - std::istream* pIstr, - const std::string& pass = "") - { - poco_assert_dbg (((typeid(K*) == typeid(RSA*) || typeid(K*) == typeid(EC_KEY*)) && getFunc) || - ((typeid(K*) == typeid(EVP_PKEY*)) && !getFunc)); - poco_check_ptr(ppKey); - poco_assert_dbg(!*ppKey); - - BIO* pBIO = 0; - if (pIstr) - { - std::ostringstream ostr; - Poco::StreamCopier::copyStream(*pIstr, ostr); - std::string key = ostr.str(); - pBIO = BIO_new_mem_buf(const_cast<char*>(key.data()), static_cast<int>(key.size())); - if (pBIO) - { - if (!getFunc) *ppKey = (K*)EVP_PKEY_new(); - EVP_PKEY* pKey = getFunc ? EVP_PKEY_new() : (EVP_PKEY*)*ppKey; - if (pKey) - { - pem_password_cb* pCB = pass.empty() ? (pem_password_cb*)0 : &passCB; - void* pPassword = pass.empty() ? (void*)0 : (void*)pass.c_str(); - if (readFunc(pBIO, &pKey, pCB, pPassword)) - { - BIO_free(pBIO); pBIO = 0; - if (getFunc) - { - *ppKey = (K*)getFunc(pKey); - EVP_PKEY_free(pKey); - } - else - { - poco_assert_dbg (typeid(K*) == typeid(EVP_PKEY*)); - *ppKey = (K*)pKey; - } - if (!*ppKey) goto error; - return true; - } - if (getFunc) EVP_PKEY_free(pKey); - goto error; - } - else goto error; - } - else goto error; - } - return false; - - error: - if (pBIO) BIO_free(pBIO); - throw OpenSSLException("EVPKey::loadKey(stream)"); - } - - EVP_PKEY* _pEVPPKey; - - friend class ECKeyImpl; - friend class RSAKeyImpl; -}; - - -// -// inlines -// - - -inline bool EVPPKey::operator == (const EVPPKey& other) const -{ - poco_check_ptr (other._pEVPPKey); - poco_check_ptr (_pEVPPKey); - return (1 == EVP_PKEY_cmp(_pEVPPKey, other._pEVPPKey)); -} - - -inline bool EVPPKey::operator != (const EVPPKey& other) const -{ - return !(other == *this); -} - - -inline int EVPPKey::type(const EVP_PKEY* pEVPPKey) -{ - if (!pEVPPKey) return NID_undef; - - return EVP_PKEY_type(EVP_PKEY_id(pEVPPKey)); -} - - -inline int EVPPKey::type() const -{ - return type(_pEVPPKey); -} - - -inline bool EVPPKey::isSupported(int type) const -{ - return type == EVP_PKEY_EC || type == EVP_PKEY_RSA; -} - - -inline EVPPKey::operator const EVP_PKEY*() const -{ - return _pEVPPKey; -} - - -inline EVPPKey::operator EVP_PKEY*() -{ - return _pEVPPKey; -} - - -inline void EVPPKey::setKey(EC_KEY* pKey) -{ - if (!EVP_PKEY_set1_EC_KEY(_pEVPPKey, pKey)) - throw OpenSSLException(); -} - - -inline void EVPPKey::setKey(RSA* pKey) -{ - if (!EVP_PKEY_set1_RSA(_pEVPPKey, pKey)) - throw OpenSSLException(); -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_EVPPKeyImpl_INCLUDED +// +// EVPPKey.h +// +// +// Library: Crypto +// Package: CryptoCore +// Module: EVPPKey +// +// Definition of the EVPPKey class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_EVPPKeyImpl_INCLUDED +#define Crypto_EVPPKeyImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/CryptoException.h" +#include "Poco/StreamCopier.h" +#include <openssl/ec.h> +#include <openssl/rsa.h> +#include <openssl/evp.h> +#include <openssl/pem.h> +#include <sstream> +#include <typeinfo> + + +namespace Poco { +namespace Crypto { + + +class ECKey; +class RSAKey; + + +class Crypto_API EVPPKey + /// Utility class for conversion of native keys to EVP. + /// Currently, only RSA and EC keys are supported. +{ +public: + explicit EVPPKey(const std::string& ecCurveName); + /// Constructs EVPPKey from ECC curve name. + /// + /// Only EC keys can be wrapped by an EVPPKey + /// created using this constructor. + + explicit EVPPKey(const char* ecCurveName); + /// Constructs EVPPKey from ECC curve name. + /// + /// Only EC keys can be wrapped by an EVPPKey + /// created using this constructor. + + explicit EVPPKey(EVP_PKEY* pEVPPKey); + /// Constructs EVPPKey from EVP_PKEY pointer. + /// The content behind the supplied pointer is internally duplicated. + + template<typename K> + explicit EVPPKey(K* pKey): _pEVPPKey(EVP_PKEY_new()) + /// Constructs EVPPKey from a "native" OpenSSL (RSA or EC_KEY), + /// or a Poco wrapper (RSAKey, ECKey) key pointer. + { + if (!_pEVPPKey) throw OpenSSLException(); + setKey(pKey); + } + + EVPPKey(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase = ""); + /// Creates the EVPPKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. Can only by used for signing if + /// a private key is available. + + EVPPKey(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase = ""); + /// Creates the EVPPKey. Can only by used for signing if pPrivKey + /// is not null. If a private key file is specified, you don't need to + /// specify a public key file. OpenSSL will auto-create it from the private key. + + EVPPKey(const EVPPKey& other); + /// Copy constructor. + + EVPPKey& operator=(const EVPPKey& other); + /// Assignment operator. + +#ifdef POCO_ENABLE_CPP11 + + EVPPKey(EVPPKey&& other); + /// Move constructor. + + EVPPKey& operator=(EVPPKey&& other); + /// Assignment move operator. + +#endif // POCO_ENABLE_CPP11 + + ~EVPPKey(); + /// Destroys the EVPPKey. + + bool operator == (const EVPPKey& other) const; + /// Comparison operator. + /// Returns true if public key components and parameters + /// of the other key are equal to this key. + /// + /// Works as expected when one key contains only public key, + /// while the other one contains private (thus also public) key. + + bool operator != (const EVPPKey& other) const; + /// Comparison operator. + /// Returns true if public key components and parameters + /// of the other key are different from this key. + /// + /// Works as expected when one key contains only public key, + /// while the other one contains private (thus also public) key. + + void save(const std::string& publicKeyFile, const std::string& privateKeyFile = "", const std::string& privateKeyPassphrase = "") const; + /// Exports the public and/or private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + void save(std::ostream* pPublicKeyStream, std::ostream* pPrivateKeyStream = 0, const std::string& privateKeyPassphrase = "") const; + /// Exports the public and/or private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + + int type() const; + /// Retuns the EVPPKey type NID. + + bool isSupported(int type) const; + /// Returns true if OpenSSL type is supported + + operator const EVP_PKEY*() const; + /// Returns const pointer to the OpenSSL EVP_PKEY structure. + + operator EVP_PKEY*(); + /// Returns pointer to the OpenSSL EVP_PKEY structure. + + static EVP_PKEY* duplicate(const EVP_PKEY* pFromKey, EVP_PKEY** pToKey); + /// Duplicates pFromKey into *pToKey and returns + // the pointer to duplicated EVP_PKEY. + +private: + EVPPKey(); + + static int type(const EVP_PKEY* pEVPPKey); + void newECKey(const char* group); + void duplicate(EVP_PKEY* pEVPPKey); + + void setKey(ECKey* pKey); + void setKey(RSAKey* pKey); + void setKey(EC_KEY* pKey); + void setKey(RSA* pKey); + static int passCB(char* buf, int size, int, void* pass); + + typedef EVP_PKEY* (*PEM_read_FILE_Key_fn)(FILE*, EVP_PKEY**, pem_password_cb*, void*); + typedef EVP_PKEY* (*PEM_read_BIO_Key_fn)(BIO*, EVP_PKEY**, pem_password_cb*, void*); + typedef void* (*EVP_PKEY_get_Key_fn)(EVP_PKEY*); + + // The following load*() functions are used by both native and EVP_PKEY type key + // loading from BIO/FILE. + // When used for EVP key loading, getFunc is null (ie. native key is not extracted + // from the loaded EVP_PKEY). + template <typename K, typename F> + static bool loadKey(K** ppKey, + PEM_read_FILE_Key_fn readFunc, + F getFunc, + const std::string& keyFile, + const std::string& pass = "") + { + poco_assert_dbg (((typeid(K*) == typeid(RSA*) || typeid(K*) == typeid(EC_KEY*)) && getFunc) || + ((typeid(K*) == typeid(EVP_PKEY*)) && !getFunc)); + poco_check_ptr (ppKey); + poco_assert_dbg (!*ppKey); + + FILE* pFile = 0; + if (!keyFile.empty()) + { + if (!getFunc) *ppKey = (K*)EVP_PKEY_new(); + EVP_PKEY* pKey = getFunc ? EVP_PKEY_new() : (EVP_PKEY*)*ppKey; + if (pKey) + { + pFile = fopen(keyFile.c_str(), "r"); + if (pFile) + { + pem_password_cb* pCB = pass.empty() ? (pem_password_cb*)0 : &passCB; + void* pPassword = pass.empty() ? (void*)0 : (void*)pass.c_str(); + if (readFunc(pFile, &pKey, pCB, pPassword)) + { + fclose(pFile); pFile = 0; + if(getFunc) + { + *ppKey = (K*)getFunc(pKey); + EVP_PKEY_free(pKey); + } + else + { + poco_assert_dbg (typeid(K*) == typeid(EVP_PKEY*)); + *ppKey = (K*)pKey; + } + if(!*ppKey) goto error; + return true; + } + goto error; + } + else + { + if (getFunc) EVP_PKEY_free(pKey); + throw IOException("ECKeyImpl, cannot open file", keyFile); + } + } + else goto error; + } + return false; + + error: + if (pFile) fclose(pFile); + throw OpenSSLException("EVPKey::loadKey(string)"); + } + + template <typename K, typename F> + static bool loadKey(K** ppKey, + PEM_read_BIO_Key_fn readFunc, + F getFunc, + std::istream* pIstr, + const std::string& pass = "") + { + poco_assert_dbg (((typeid(K*) == typeid(RSA*) || typeid(K*) == typeid(EC_KEY*)) && getFunc) || + ((typeid(K*) == typeid(EVP_PKEY*)) && !getFunc)); + poco_check_ptr(ppKey); + poco_assert_dbg(!*ppKey); + + BIO* pBIO = 0; + if (pIstr) + { + std::ostringstream ostr; + Poco::StreamCopier::copyStream(*pIstr, ostr); + std::string key = ostr.str(); + pBIO = BIO_new_mem_buf(const_cast<char*>(key.data()), static_cast<int>(key.size())); + if (pBIO) + { + if (!getFunc) *ppKey = (K*)EVP_PKEY_new(); + EVP_PKEY* pKey = getFunc ? EVP_PKEY_new() : (EVP_PKEY*)*ppKey; + if (pKey) + { + pem_password_cb* pCB = pass.empty() ? (pem_password_cb*)0 : &passCB; + void* pPassword = pass.empty() ? (void*)0 : (void*)pass.c_str(); + if (readFunc(pBIO, &pKey, pCB, pPassword)) + { + BIO_free(pBIO); pBIO = 0; + if (getFunc) + { + *ppKey = (K*)getFunc(pKey); + EVP_PKEY_free(pKey); + } + else + { + poco_assert_dbg (typeid(K*) == typeid(EVP_PKEY*)); + *ppKey = (K*)pKey; + } + if (!*ppKey) goto error; + return true; + } + if (getFunc) EVP_PKEY_free(pKey); + goto error; + } + else goto error; + } + else goto error; + } + return false; + + error: + if (pBIO) BIO_free(pBIO); + throw OpenSSLException("EVPKey::loadKey(stream)"); + } + + EVP_PKEY* _pEVPPKey; + + friend class ECKeyImpl; + friend class RSAKeyImpl; +}; + + +// +// inlines +// + + +inline bool EVPPKey::operator == (const EVPPKey& other) const +{ + poco_check_ptr (other._pEVPPKey); + poco_check_ptr (_pEVPPKey); + return (1 == EVP_PKEY_cmp(_pEVPPKey, other._pEVPPKey)); +} + + +inline bool EVPPKey::operator != (const EVPPKey& other) const +{ + return !(other == *this); +} + + +inline int EVPPKey::type(const EVP_PKEY* pEVPPKey) +{ + if (!pEVPPKey) return NID_undef; + + return EVP_PKEY_type(EVP_PKEY_id(pEVPPKey)); +} + + +inline int EVPPKey::type() const +{ + return type(_pEVPPKey); +} + + +inline bool EVPPKey::isSupported(int type) const +{ + return type == EVP_PKEY_EC || type == EVP_PKEY_RSA; +} + + +inline EVPPKey::operator const EVP_PKEY*() const +{ + return _pEVPPKey; +} + + +inline EVPPKey::operator EVP_PKEY*() +{ + return _pEVPPKey; +} + + +inline void EVPPKey::setKey(EC_KEY* pKey) +{ + if (!EVP_PKEY_set1_EC_KEY(_pEVPPKey, pKey)) + throw OpenSSLException(); +} + + +inline void EVPPKey::setKey(RSA* pKey) +{ + if (!EVP_PKEY_set1_RSA(_pEVPPKey, pKey)) + throw OpenSSLException(); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_EVPPKeyImpl_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/KeyPair.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/KeyPair.h index b9a705f8f1b..feb14f84549 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/KeyPair.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/KeyPair.h @@ -1,133 +1,133 @@ -// -// KeyPair.h -// -// -// Library: Crypto -// Package: CryptoCore -// Module: KeyPair -// -// Definition of the KeyPair class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_KeyPair_INCLUDED -#define Crypto_KeyPair_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/KeyPairImpl.h" - - -namespace Poco { -namespace Crypto { - - -class X509Certificate; - - -class Crypto_API KeyPair - /// This is a parent class for classes storing a key pair, consisting - /// of private and public key. Storage of the private key is optional. - /// - /// If a private key is available, the KeyPair can be - /// used for decrypting data (encrypted with the public key) - /// or computing secure digital signatures. -{ -public: - enum Type - { - KT_RSA = KeyPairImpl::KT_RSA_IMPL, - KT_EC = KeyPairImpl::KT_EC_IMPL - }; - - explicit KeyPair(KeyPairImpl::Ptr pKeyPairImpl = 0); - /// Extracts the RSA public key from the given certificate. - - virtual ~KeyPair(); - /// Destroys the KeyPair. - - virtual int size() const; - /// Returns the RSA modulus size. - - virtual void save(const std::string& publicKeyPairFile, - const std::string& privateKeyPairFile = "", - const std::string& privateKeyPairPassphrase = "") const; - /// Exports the public and private keys to the given files. - /// - /// If an empty filename is specified, the corresponding key - /// is not exported. - - virtual void save(std::ostream* pPublicKeyPairStream, - std::ostream* pPrivateKeyPairStream = 0, - const std::string& privateKeyPairPassphrase = "") const; - /// Exports the public and private key to the given streams. - /// - /// If a null pointer is passed for a stream, the corresponding - /// key is not exported. - - KeyPairImpl::Ptr impl() const; - /// Returns the impl object. - - const std::string& name() const; - /// Returns key pair name - - Type type() const; - /// Returns key pair type - -private: - KeyPairImpl::Ptr _pImpl; -}; - - -// -// inlines -// - -inline int KeyPair::size() const -{ - return _pImpl->size(); -} - - -inline void KeyPair::save(const std::string& publicKeyFile, - const std::string& privateKeyFile, - const std::string& privateKeyPassphrase) const -{ - _pImpl->save(publicKeyFile, privateKeyFile, privateKeyPassphrase); -} - - -inline void KeyPair::save(std::ostream* pPublicKeyStream, - std::ostream* pPrivateKeyStream, - const std::string& privateKeyPassphrase) const -{ - _pImpl->save(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase); -} - - -inline const std::string& KeyPair::name() const -{ - return _pImpl->name(); -} - -inline KeyPairImpl::Ptr KeyPair::impl() const -{ - return _pImpl; -} - - -inline KeyPair::Type KeyPair::type() const -{ - return (KeyPair::Type)impl()->type(); -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_KeyPair_INCLUDED +// +// KeyPair.h +// +// +// Library: Crypto +// Package: CryptoCore +// Module: KeyPair +// +// Definition of the KeyPair class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_KeyPair_INCLUDED +#define Crypto_KeyPair_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/KeyPairImpl.h" + + +namespace Poco { +namespace Crypto { + + +class X509Certificate; + + +class Crypto_API KeyPair + /// This is a parent class for classes storing a key pair, consisting + /// of private and public key. Storage of the private key is optional. + /// + /// If a private key is available, the KeyPair can be + /// used for decrypting data (encrypted with the public key) + /// or computing secure digital signatures. +{ +public: + enum Type + { + KT_RSA = KeyPairImpl::KT_RSA_IMPL, + KT_EC = KeyPairImpl::KT_EC_IMPL + }; + + explicit KeyPair(KeyPairImpl::Ptr pKeyPairImpl = 0); + /// Extracts the RSA public key from the given certificate. + + virtual ~KeyPair(); + /// Destroys the KeyPair. + + virtual int size() const; + /// Returns the RSA modulus size. + + virtual void save(const std::string& publicKeyPairFile, + const std::string& privateKeyPairFile = "", + const std::string& privateKeyPairPassphrase = "") const; + /// Exports the public and private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + virtual void save(std::ostream* pPublicKeyPairStream, + std::ostream* pPrivateKeyPairStream = 0, + const std::string& privateKeyPairPassphrase = "") const; + /// Exports the public and private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + + KeyPairImpl::Ptr impl() const; + /// Returns the impl object. + + const std::string& name() const; + /// Returns key pair name + + Type type() const; + /// Returns key pair type + +private: + KeyPairImpl::Ptr _pImpl; +}; + + +// +// inlines +// + +inline int KeyPair::size() const +{ + return _pImpl->size(); +} + + +inline void KeyPair::save(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase) const +{ + _pImpl->save(publicKeyFile, privateKeyFile, privateKeyPassphrase); +} + + +inline void KeyPair::save(std::ostream* pPublicKeyStream, + std::ostream* pPrivateKeyStream, + const std::string& privateKeyPassphrase) const +{ + _pImpl->save(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase); +} + + +inline const std::string& KeyPair::name() const +{ + return _pImpl->name(); +} + +inline KeyPairImpl::Ptr KeyPair::impl() const +{ + return _pImpl; +} + + +inline KeyPair::Type KeyPair::type() const +{ + return (KeyPair::Type)impl()->type(); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_KeyPair_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/KeyPairImpl.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/KeyPairImpl.h index e6320df044b..7793fd38d5b 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/KeyPairImpl.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/KeyPairImpl.h @@ -1,107 +1,107 @@ -// -// KeyPairImpl.h -// -// -// Library: Crypto -// Package: CryptoCore -// Module: KeyPairImpl -// -// Definition of the KeyPairImpl class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_KeyPairImplImpl_INCLUDED -#define Crypto_KeyPairImplImpl_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/OpenSSLInitializer.h" -#include "Poco/RefCountedObject.h" -#include "Poco/AutoPtr.h" -#include <string> -#include <vector> - - -namespace Poco { -namespace Crypto { - - -class KeyPairImpl: public Poco::RefCountedObject - /// Class KeyPairImpl -{ -public: - enum Type - { - KT_RSA_IMPL = 0, - KT_EC_IMPL - }; - - typedef Poco::AutoPtr<KeyPairImpl> Ptr; - typedef std::vector<unsigned char> ByteVec; - - KeyPairImpl(const std::string& name, Type type); - /// Create KeyPairImpl with specified type and name. - - virtual ~KeyPairImpl(); - /// Destroys the KeyPairImpl. - - virtual int size() const = 0; - /// Returns the key size. - - virtual void save(const std::string& publicKeyFile, - const std::string& privateKeyFile = "", - const std::string& privateKeyPassphrase = "") const = 0; - /// Exports the public and private keys to the given files. - /// - /// If an empty filename is specified, the corresponding key - /// is not exported. - - virtual void save(std::ostream* pPublicKeyStream, - std::ostream* pPrivateKeyStream = 0, - const std::string& privateKeyPassphrase = "") const = 0; - /// Exports the public and private key to the given streams. - /// - /// If a null pointer is passed for a stream, the corresponding - /// key is not exported. - - const std::string& name() const; - /// Returns key pair name - - Type type() const; - /// Returns key pair type - -private: - KeyPairImpl(); - - std::string _name; - Type _type; - OpenSSLInitializer _openSSLInitializer; -}; - - -// -// inlines -// - - -inline const std::string& KeyPairImpl::name() const -{ - return _name; -} - - -inline KeyPairImpl::Type KeyPairImpl::type() const -{ - return _type; -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_KeyPairImplImpl_INCLUDED +// +// KeyPairImpl.h +// +// +// Library: Crypto +// Package: CryptoCore +// Module: KeyPairImpl +// +// Definition of the KeyPairImpl class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_KeyPairImplImpl_INCLUDED +#define Crypto_KeyPairImplImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/RefCountedObject.h" +#include "Poco/AutoPtr.h" +#include <string> +#include <vector> + + +namespace Poco { +namespace Crypto { + + +class KeyPairImpl: public Poco::RefCountedObject + /// Class KeyPairImpl +{ +public: + enum Type + { + KT_RSA_IMPL = 0, + KT_EC_IMPL + }; + + typedef Poco::AutoPtr<KeyPairImpl> Ptr; + typedef std::vector<unsigned char> ByteVec; + + KeyPairImpl(const std::string& name, Type type); + /// Create KeyPairImpl with specified type and name. + + virtual ~KeyPairImpl(); + /// Destroys the KeyPairImpl. + + virtual int size() const = 0; + /// Returns the key size. + + virtual void save(const std::string& publicKeyFile, + const std::string& privateKeyFile = "", + const std::string& privateKeyPassphrase = "") const = 0; + /// Exports the public and private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + virtual void save(std::ostream* pPublicKeyStream, + std::ostream* pPrivateKeyStream = 0, + const std::string& privateKeyPassphrase = "") const = 0; + /// Exports the public and private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + + const std::string& name() const; + /// Returns key pair name + + Type type() const; + /// Returns key pair type + +private: + KeyPairImpl(); + + std::string _name; + Type _type; + OpenSSLInitializer _openSSLInitializer; +}; + + +// +// inlines +// + + +inline const std::string& KeyPairImpl::name() const +{ + return _name; +} + + +inline KeyPairImpl::Type KeyPairImpl::type() const +{ + return _type; +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_KeyPairImplImpl_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/OpenSSLInitializer.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/OpenSSLInitializer.h index 42c97ae465d..13e8af89c8a 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/OpenSSLInitializer.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/OpenSSLInitializer.h @@ -1,115 +1,115 @@ -// -// OpenSSLInitializer.h -// -// Library: Crypto -// Package: CryptoCore -// Module: OpenSSLInitializer -// -// Definition of the OpenSSLInitializer class. -// -// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_OpenSSLInitializer_INCLUDED -#define Crypto_OpenSSLInitializer_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Mutex.h" -#include "Poco/AtomicCounter.h" -#include <openssl/crypto.h> - -#if defined(OPENSSL_FIPS) && OPENSSL_VERSION_NUMBER < 0x010001000L -#include <openssl/fips.h> -#endif - - -extern "C" -{ - struct CRYPTO_dynlock_value - { - Poco::FastMutex _mutex; - }; -} - - -namespace Poco { -namespace Crypto { - - -class Crypto_API OpenSSLInitializer - /// Initalizes the OpenSSL library. - /// - /// The class ensures the earliest initialization and the - /// latest shutdown of the OpenSSL library. -{ -public: - OpenSSLInitializer(); - /// Automatically initialize OpenSSL on startup. - - ~OpenSSLInitializer(); - /// Automatically shut down OpenSSL on exit. - - static void initialize(); - /// Initializes the OpenSSL machinery. - - static void uninitialize(); - /// Shuts down the OpenSSL machinery. - - static bool isFIPSEnabled(); - // Returns true if FIPS mode is enabled, false otherwise. - - static void enableFIPSMode(bool enabled); - // Enable or disable FIPS mode. If FIPS is not available, this method doesn't do anything. - -protected: - enum - { - SEEDSIZE = 256 - }; - - // OpenSSL multithreading support - static void lock(int mode, int n, const char* file, int line); - static unsigned long id(); - static struct CRYPTO_dynlock_value* dynlockCreate(const char* file, int line); - static void dynlock(int mode, struct CRYPTO_dynlock_value* lock, const char* file, int line); - static void dynlockDestroy(struct CRYPTO_dynlock_value* lock, const char* file, int line); - -private: - static Poco::FastMutex* _mutexes; - static Poco::AtomicCounter _rc; -}; - - -// -// inlines -// -inline bool OpenSSLInitializer::isFIPSEnabled() -{ -#ifdef OPENSSL_FIPS - return FIPS_mode() ? true : false; -#else - return false; -#endif -} - -#ifdef OPENSSL_FIPS -inline void OpenSSLInitializer::enableFIPSMode(bool enabled) -{ - FIPS_mode_set(enabled); -} -#else -inline void OpenSSLInitializer::enableFIPSMode(bool /*enabled*/) -{ -} -#endif - - -} } // namespace Poco::Crypto - - -#endif // Crypto_OpenSSLInitializer_INCLUDED +// +// OpenSSLInitializer.h +// +// Library: Crypto +// Package: CryptoCore +// Module: OpenSSLInitializer +// +// Definition of the OpenSSLInitializer class. +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_OpenSSLInitializer_INCLUDED +#define Crypto_OpenSSLInitializer_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Mutex.h" +#include "Poco/AtomicCounter.h" +#include <openssl/crypto.h> + +#if defined(OPENSSL_FIPS) && OPENSSL_VERSION_NUMBER < 0x010001000L +#include <openssl/fips.h> +#endif + + +extern "C" +{ + struct CRYPTO_dynlock_value + { + Poco::FastMutex _mutex; + }; +} + + +namespace Poco { +namespace Crypto { + + +class Crypto_API OpenSSLInitializer + /// Initalizes the OpenSSL library. + /// + /// The class ensures the earliest initialization and the + /// latest shutdown of the OpenSSL library. +{ +public: + OpenSSLInitializer(); + /// Automatically initialize OpenSSL on startup. + + ~OpenSSLInitializer(); + /// Automatically shut down OpenSSL on exit. + + static void initialize(); + /// Initializes the OpenSSL machinery. + + static void uninitialize(); + /// Shuts down the OpenSSL machinery. + + static bool isFIPSEnabled(); + // Returns true if FIPS mode is enabled, false otherwise. + + static void enableFIPSMode(bool enabled); + // Enable or disable FIPS mode. If FIPS is not available, this method doesn't do anything. + +protected: + enum + { + SEEDSIZE = 256 + }; + + // OpenSSL multithreading support + static void lock(int mode, int n, const char* file, int line); + static unsigned long id(); + static struct CRYPTO_dynlock_value* dynlockCreate(const char* file, int line); + static void dynlock(int mode, struct CRYPTO_dynlock_value* lock, const char* file, int line); + static void dynlockDestroy(struct CRYPTO_dynlock_value* lock, const char* file, int line); + +private: + static Poco::FastMutex* _mutexes; + static Poco::AtomicCounter _rc; +}; + + +// +// inlines +// +inline bool OpenSSLInitializer::isFIPSEnabled() +{ +#ifdef OPENSSL_FIPS + return FIPS_mode() ? true : false; +#else + return false; +#endif +} + +#ifdef OPENSSL_FIPS +inline void OpenSSLInitializer::enableFIPSMode(bool enabled) +{ + FIPS_mode_set(enabled); +} +#else +inline void OpenSSLInitializer::enableFIPSMode(bool /*enabled*/) +{ +} +#endif + + +} } // namespace Poco::Crypto + + +#endif // Crypto_OpenSSLInitializer_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/PKCS12Container.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/PKCS12Container.h index 63cc224d8cc..1a796d79bd5 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/PKCS12Container.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/PKCS12Container.h @@ -1,159 +1,159 @@ -// -// PKCS12Container.h -// -// Library: Crypto -// Package: Certificate -// Module: PKCS12Container -// -// Definition of the PKCS12Container class. -// -// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_PKCS12Container_INCLUDED -#define Crypto_PKCS12Container_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/OpenSSLInitializer.h" -#include "Poco/Crypto/X509Certificate.h" -#include "Poco/Crypto/EVPPKey.h" -#include "Poco/Path.h" -#include <memory> -#include <istream> -#include <openssl/pkcs12.h> - - -namespace Poco { -namespace Crypto { - - -class Crypto_API PKCS12Container - /// This class implements PKCS#12 container functionality. -{ -public: - typedef X509Certificate::List CAList; - typedef std::vector<std::string> CANameList; - - explicit PKCS12Container(std::istream& istr, const std::string& password = ""); - /// Creates the PKCS12Container object from a stream. - - explicit PKCS12Container(const std::string& path, const std::string& password = ""); - /// Creates the PKCS12Container object from a file. - - PKCS12Container(const PKCS12Container& cont); - /// Copy constructor. - - PKCS12Container& operator = (const PKCS12Container& cont); - /// Assignment operator. - -#ifdef POCO_ENABLE_CPP11 - - PKCS12Container(PKCS12Container&& cont); - /// Move constructor. - - PKCS12Container& operator = (PKCS12Container&& cont); - /// Move assignment operator. - -#endif // POCO_ENABLE_CPP11 - - ~PKCS12Container(); - /// Destroys the PKCS12Container. - - bool hasKey() const; - /// Returns true if container contains the key. - - EVPPKey getKey() const; - /// Return key as openssl EVP_PKEY wrapper object. - - bool hasX509Certificate() const; - /// Returns true if container has X509 certificate. - - const X509Certificate& getX509Certificate() const; - /// Returns the X509 certificate. - /// Throws NotFoundException if there is no certificate. - - const CAList& getCACerts() const; - /// Returns the list of CA certificates in this container. - - const std::string& getFriendlyName() const; - /// Returns the friendly name of the certificate bag. - - const CANameList& getFriendlyNamesCA() const; - /// Returns a list of CA certificates friendly names. - -private: - void load(PKCS12* pPKCS12, const std::string& password = ""); - std::string extractFriendlyName(X509* pCert); - -#ifdef POCO_ENABLE_CPP11 - typedef std::unique_ptr<X509Certificate> CertPtr; -#else - typedef std::auto_ptr<X509Certificate> CertPtr; -#endif // #ifdef POCO_ENABLE_CPP11 - - OpenSSLInitializer _openSSLInitializer; - EVP_PKEY* _pKey; - CertPtr _pX509Cert; - CAList _caCertList; - CANameList _caCertNames; - std::string _pkcsFriendlyName; -}; - - -// -// inlines -// - -inline bool PKCS12Container::hasX509Certificate() const -{ - return _pX509Cert.get() != 0; -} - - -inline const X509Certificate& PKCS12Container::getX509Certificate() const -{ - if (!hasX509Certificate()) - throw NotFoundException("PKCS12Container X509 certificate"); - return *_pX509Cert; -} - - -inline const std::string& PKCS12Container::getFriendlyName() const -{ - return _pkcsFriendlyName; -} - - -inline const PKCS12Container::CAList& PKCS12Container::getCACerts() const -{ - return _caCertList; -} - - -inline const PKCS12Container::CANameList& PKCS12Container::getFriendlyNamesCA() const -{ - return _caCertNames; -} - - -inline bool PKCS12Container::hasKey() const -{ - return _pKey != 0; -} - - -inline EVPPKey PKCS12Container::getKey() const -{ - return EVPPKey(_pKey); -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_PKCS12Container_INCLUDED +// +// PKCS12Container.h +// +// Library: Crypto +// Package: Certificate +// Module: PKCS12Container +// +// Definition of the PKCS12Container class. +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_PKCS12Container_INCLUDED +#define Crypto_PKCS12Container_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/Crypto/X509Certificate.h" +#include "Poco/Crypto/EVPPKey.h" +#include "Poco/Path.h" +#include <memory> +#include <istream> +#include <openssl/pkcs12.h> + + +namespace Poco { +namespace Crypto { + + +class Crypto_API PKCS12Container + /// This class implements PKCS#12 container functionality. +{ +public: + typedef X509Certificate::List CAList; + typedef std::vector<std::string> CANameList; + + explicit PKCS12Container(std::istream& istr, const std::string& password = ""); + /// Creates the PKCS12Container object from a stream. + + explicit PKCS12Container(const std::string& path, const std::string& password = ""); + /// Creates the PKCS12Container object from a file. + + PKCS12Container(const PKCS12Container& cont); + /// Copy constructor. + + PKCS12Container& operator = (const PKCS12Container& cont); + /// Assignment operator. + +#ifdef POCO_ENABLE_CPP11 + + PKCS12Container(PKCS12Container&& cont); + /// Move constructor. + + PKCS12Container& operator = (PKCS12Container&& cont); + /// Move assignment operator. + +#endif // POCO_ENABLE_CPP11 + + ~PKCS12Container(); + /// Destroys the PKCS12Container. + + bool hasKey() const; + /// Returns true if container contains the key. + + EVPPKey getKey() const; + /// Return key as openssl EVP_PKEY wrapper object. + + bool hasX509Certificate() const; + /// Returns true if container has X509 certificate. + + const X509Certificate& getX509Certificate() const; + /// Returns the X509 certificate. + /// Throws NotFoundException if there is no certificate. + + const CAList& getCACerts() const; + /// Returns the list of CA certificates in this container. + + const std::string& getFriendlyName() const; + /// Returns the friendly name of the certificate bag. + + const CANameList& getFriendlyNamesCA() const; + /// Returns a list of CA certificates friendly names. + +private: + void load(PKCS12* pPKCS12, const std::string& password = ""); + std::string extractFriendlyName(X509* pCert); + +#ifdef POCO_ENABLE_CPP11 + typedef std::unique_ptr<X509Certificate> CertPtr; +#else + typedef std::auto_ptr<X509Certificate> CertPtr; +#endif // #ifdef POCO_ENABLE_CPP11 + + OpenSSLInitializer _openSSLInitializer; + EVP_PKEY* _pKey; + CertPtr _pX509Cert; + CAList _caCertList; + CANameList _caCertNames; + std::string _pkcsFriendlyName; +}; + + +// +// inlines +// + +inline bool PKCS12Container::hasX509Certificate() const +{ + return _pX509Cert.get() != 0; +} + + +inline const X509Certificate& PKCS12Container::getX509Certificate() const +{ + if (!hasX509Certificate()) + throw NotFoundException("PKCS12Container X509 certificate"); + return *_pX509Cert; +} + + +inline const std::string& PKCS12Container::getFriendlyName() const +{ + return _pkcsFriendlyName; +} + + +inline const PKCS12Container::CAList& PKCS12Container::getCACerts() const +{ + return _caCertList; +} + + +inline const PKCS12Container::CANameList& PKCS12Container::getFriendlyNamesCA() const +{ + return _caCertNames; +} + + +inline bool PKCS12Container::hasKey() const +{ + return _pKey != 0; +} + + +inline EVPPKey PKCS12Container::getKey() const +{ + return EVPPKey(_pKey); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_PKCS12Container_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/RSACipherImpl.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/RSACipherImpl.h index 2ebc38e3b55..7641d9187c7 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/RSACipherImpl.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/RSACipherImpl.h @@ -1,77 +1,77 @@ -// -// RSACipherImpl.h -// -// Library: Crypto -// Package: RSA -// Module: RSACipherImpl -// -// Definition of the RSACipherImpl class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_RSACipherImpl_INCLUDED -#define Crypto_RSACipherImpl_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/Cipher.h" -#include "Poco/Crypto/RSAKey.h" -#include "Poco/Crypto/OpenSSLInitializer.h" -#include <openssl/evp.h> - - -namespace Poco { -namespace Crypto { - - -class RSACipherImpl: public Cipher - /// An implementation of the Cipher class for - /// asymmetric (public-private key) encryption - /// based on the the RSA algorithm in OpenSSL's - /// crypto library. - /// - /// Encryption is using the public key, decryption - /// requires the private key. -{ -public: - RSACipherImpl(const RSAKey& key, RSAPaddingMode paddingMode); - /// Creates a new RSACipherImpl object for the given RSAKey - /// and using the given padding mode. - - virtual ~RSACipherImpl(); - /// Destroys the RSACipherImpl. - - const std::string& name() const; - /// Returns the name of the Cipher. - - CryptoTransform* createEncryptor(); - /// Creates an encryptor object. - - CryptoTransform* createDecryptor(); - /// Creates a decryptor object. - -private: - RSAKey _key; - RSAPaddingMode _paddingMode; - OpenSSLInitializer _openSSLInitializer; -}; - - -// -// Inlines -// -inline const std::string& RSACipherImpl::name() const -{ - return _key.name(); -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_RSACipherImpl_INCLUDED +// +// RSACipherImpl.h +// +// Library: Crypto +// Package: RSA +// Module: RSACipherImpl +// +// Definition of the RSACipherImpl class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_RSACipherImpl_INCLUDED +#define Crypto_RSACipherImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/Cipher.h" +#include "Poco/Crypto/RSAKey.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include <openssl/evp.h> + + +namespace Poco { +namespace Crypto { + + +class RSACipherImpl: public Cipher + /// An implementation of the Cipher class for + /// asymmetric (public-private key) encryption + /// based on the the RSA algorithm in OpenSSL's + /// crypto library. + /// + /// Encryption is using the public key, decryption + /// requires the private key. +{ +public: + RSACipherImpl(const RSAKey& key, RSAPaddingMode paddingMode); + /// Creates a new RSACipherImpl object for the given RSAKey + /// and using the given padding mode. + + virtual ~RSACipherImpl(); + /// Destroys the RSACipherImpl. + + const std::string& name() const; + /// Returns the name of the Cipher. + + CryptoTransform* createEncryptor(); + /// Creates an encryptor object. + + CryptoTransform* createDecryptor(); + /// Creates a decryptor object. + +private: + RSAKey _key; + RSAPaddingMode _paddingMode; + OpenSSLInitializer _openSSLInitializer; +}; + + +// +// Inlines +// +inline const std::string& RSACipherImpl::name() const +{ + return _key.name(); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_RSACipherImpl_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/RSADigestEngine.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/RSADigestEngine.h index 7c4d3860508..2dfb28dd2c1 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/RSADigestEngine.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/RSADigestEngine.h @@ -1,111 +1,111 @@ -// -// RSADigestEngine.h -// -// Library: Crypto -// Package: RSA -// Module: RSADigestEngine -// -// Definition of the RSADigestEngine class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_RSADigestEngine_INCLUDED -#define Crypto_RSADigestEngine_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/RSAKey.h" -#include "Poco/DigestEngine.h" -#include "Poco/Crypto/DigestEngine.h" -#include <istream> -#include <ostream> - - -namespace Poco { -namespace Crypto { - - -class Crypto_API RSADigestEngine: public Poco::DigestEngine - /// This class implements a Poco::DigestEngine that can be - /// used to compute a secure digital signature. - /// - /// First another Poco::Crypto::DigestEngine is created and - /// used to compute a cryptographic hash of the data to be - /// signed. Then, the hash value is encrypted, using - /// the RSA private key. - /// - /// To verify a signature, pass it to the verify() - /// member function. It will decrypt the signature - /// using the RSA public key and compare the resulting - /// hash with the actual hash of the data. -{ -public: - enum DigestType - { - DIGEST_MD5, - DIGEST_SHA1 - }; - - //@ deprecated - RSADigestEngine(const RSAKey& key, DigestType digestType = DIGEST_SHA1); - /// Creates the RSADigestEngine with the given RSA key, - /// using the MD5 or SHA-1 hash algorithm. - /// Kept for backward compatibility - - RSADigestEngine(const RSAKey& key, const std::string &name); - /// Creates the RSADigestEngine with the given RSA key, - /// using the hash algorithm with the given name - /// (e.g., "MD5", "SHA1", "SHA256", "SHA512", etc.). - /// See the OpenSSL documentation for a list of supported digest algorithms. - /// - /// Throws a Poco::NotFoundException if no algorithm with the given name exists. - - ~RSADigestEngine(); - /// Destroys the RSADigestEngine. - - std::size_t digestLength() const; - /// Returns the length of the digest in bytes. - - void reset(); - /// Resets the engine so that a new - /// digest can be computed. - - const DigestEngine::Digest& digest(); - /// Finishes the computation of the digest - /// (the first time it's called) and - /// returns the message digest. - /// - /// Can be called multiple times. - - const DigestEngine::Digest& signature(); - /// Signs the digest using the RSA algorithm - /// and the private key (the first time it's - /// called) and returns the result. - /// - /// Can be called multiple times. - - bool verify(const DigestEngine::Digest& signature); - /// Verifies the data against the signature. - /// - /// Returns true if the signature can be verified, false otherwise. - -protected: - void updateImpl(const void* data, std::size_t length); - -private: - RSAKey _key; - Poco::Crypto::DigestEngine _engine; - Poco::DigestEngine::Digest _digest; - Poco::DigestEngine::Digest _signature; -}; - - -} } // namespace Poco::Crypto - - -#endif // Crypto_RSADigestEngine_INCLUDED +// +// RSADigestEngine.h +// +// Library: Crypto +// Package: RSA +// Module: RSADigestEngine +// +// Definition of the RSADigestEngine class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_RSADigestEngine_INCLUDED +#define Crypto_RSADigestEngine_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/RSAKey.h" +#include "Poco/DigestEngine.h" +#include "Poco/Crypto/DigestEngine.h" +#include <istream> +#include <ostream> + + +namespace Poco { +namespace Crypto { + + +class Crypto_API RSADigestEngine: public Poco::DigestEngine + /// This class implements a Poco::DigestEngine that can be + /// used to compute a secure digital signature. + /// + /// First another Poco::Crypto::DigestEngine is created and + /// used to compute a cryptographic hash of the data to be + /// signed. Then, the hash value is encrypted, using + /// the RSA private key. + /// + /// To verify a signature, pass it to the verify() + /// member function. It will decrypt the signature + /// using the RSA public key and compare the resulting + /// hash with the actual hash of the data. +{ +public: + enum DigestType + { + DIGEST_MD5, + DIGEST_SHA1 + }; + + //@ deprecated + RSADigestEngine(const RSAKey& key, DigestType digestType = DIGEST_SHA1); + /// Creates the RSADigestEngine with the given RSA key, + /// using the MD5 or SHA-1 hash algorithm. + /// Kept for backward compatibility + + RSADigestEngine(const RSAKey& key, const std::string &name); + /// Creates the RSADigestEngine with the given RSA key, + /// using the hash algorithm with the given name + /// (e.g., "MD5", "SHA1", "SHA256", "SHA512", etc.). + /// See the OpenSSL documentation for a list of supported digest algorithms. + /// + /// Throws a Poco::NotFoundException if no algorithm with the given name exists. + + ~RSADigestEngine(); + /// Destroys the RSADigestEngine. + + std::size_t digestLength() const; + /// Returns the length of the digest in bytes. + + void reset(); + /// Resets the engine so that a new + /// digest can be computed. + + const DigestEngine::Digest& digest(); + /// Finishes the computation of the digest + /// (the first time it's called) and + /// returns the message digest. + /// + /// Can be called multiple times. + + const DigestEngine::Digest& signature(); + /// Signs the digest using the RSA algorithm + /// and the private key (the first time it's + /// called) and returns the result. + /// + /// Can be called multiple times. + + bool verify(const DigestEngine::Digest& signature); + /// Verifies the data against the signature. + /// + /// Returns true if the signature can be verified, false otherwise. + +protected: + void updateImpl(const void* data, std::size_t length); + +private: + RSAKey _key; + Poco::Crypto::DigestEngine _engine; + Poco::DigestEngine::Digest _digest; + Poco::DigestEngine::Digest _signature; +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_RSADigestEngine_INCLUDED diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/RSAKey.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/RSAKey.h index ad9163ed42f..cf0c593b412 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/RSAKey.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/RSAKey.h @@ -1,125 +1,125 @@ -// -// RSAKey.h -// -// Library: Crypto -// Package: RSA -// Module: RSAKey -// -// Definition of the RSAKey class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_RSAKey_INCLUDED -#define Crypto_RSAKey_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/KeyPair.h" -#include "Poco/Crypto/RSAKeyImpl.h" - - -namespace Poco { -namespace Crypto { - - -class X509Certificate; -class PKCS12Container; - - -class Crypto_API RSAKey : public KeyPair - /// This class stores an RSA key pair, consisting - /// of private and public key. Storage of the private - /// key is optional. - /// - /// If a private key is available, the RSAKey can be - /// used for decrypting data (encrypted with the public key) - /// or computing secure digital signatures. -{ -public: - enum KeyLength - { - KL_512 = 512, - KL_1024 = 1024, - KL_2048 = 2048, - KL_4096 = 4096 - }; - - enum Exponent - { - EXP_SMALL = 0, - EXP_LARGE - }; - - RSAKey(const EVPPKey& key); - /// Constructs ECKeyImpl by extracting the EC key. - - RSAKey(const X509Certificate& cert); - /// Extracts the RSA public key from the given certificate. - - RSAKey(const PKCS12Container& cert); - /// Extracts the RSA private key from the given certificate. - - RSAKey(KeyLength keyLength, Exponent exp); - /// Creates the RSAKey. Creates a new public/private keypair using the given parameters. - /// Can be used to sign data and verify signatures. - - RSAKey(const std::string& publicKeyFile, - const std::string& privateKeyFile = "", - const std::string& privateKeyPassphrase = ""); - /// Creates the RSAKey, by reading public and private key from the given files and - /// using the given passphrase for the private key. - /// - /// Cannot be used for signing or decryption unless a private key is available. - /// - /// If a private key is specified, you don't need to specify a public key file. - /// OpenSSL will auto-create the public key from the private key. - - RSAKey(std::istream* pPublicKeyStream, - std::istream* pPrivateKeyStream = 0, - const std::string& privateKeyPassphrase = ""); - /// Creates the RSAKey, by reading public and private key from the given streams and - /// using the given passphrase for the private key. - /// - /// Cannot be used for signing or decryption unless a private key is available. - /// - /// If a private key is specified, you don't need to specify a public key file. - /// OpenSSL will auto-create the public key from the private key. - - ~RSAKey(); - /// Destroys the RSAKey. - - RSAKeyImpl::ByteVec modulus() const; - /// Returns the RSA modulus. - - RSAKeyImpl::ByteVec encryptionExponent() const; - /// Returns the RSA encryption exponent. - - RSAKeyImpl::ByteVec decryptionExponent() const; - /// Returns the RSA decryption exponent. - - RSAKeyImpl::Ptr impl() const; - /// Returns the impl object. - -private: - RSAKeyImpl::Ptr _pImpl; -}; - - -// -// inlines -// -inline RSAKeyImpl::Ptr RSAKey::impl() const -{ - return _pImpl; -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_RSAKey_INCLUDED
\ No newline at end of file +// +// RSAKey.h +// +// Library: Crypto +// Package: RSA +// Module: RSAKey +// +// Definition of the RSAKey class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_RSAKey_INCLUDED +#define Crypto_RSAKey_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/KeyPair.h" +#include "Poco/Crypto/RSAKeyImpl.h" + + +namespace Poco { +namespace Crypto { + + +class X509Certificate; +class PKCS12Container; + + +class Crypto_API RSAKey : public KeyPair + /// This class stores an RSA key pair, consisting + /// of private and public key. Storage of the private + /// key is optional. + /// + /// If a private key is available, the RSAKey can be + /// used for decrypting data (encrypted with the public key) + /// or computing secure digital signatures. +{ +public: + enum KeyLength + { + KL_512 = 512, + KL_1024 = 1024, + KL_2048 = 2048, + KL_4096 = 4096 + }; + + enum Exponent + { + EXP_SMALL = 0, + EXP_LARGE + }; + + RSAKey(const EVPPKey& key); + /// Constructs ECKeyImpl by extracting the EC key. + + RSAKey(const X509Certificate& cert); + /// Extracts the RSA public key from the given certificate. + + RSAKey(const PKCS12Container& cert); + /// Extracts the RSA private key from the given certificate. + + RSAKey(KeyLength keyLength, Exponent exp); + /// Creates the RSAKey. Creates a new public/private keypair using the given parameters. + /// Can be used to sign data and verify signatures. + + RSAKey(const std::string& publicKeyFile, + const std::string& privateKeyFile = "", + const std::string& privateKeyPassphrase = ""); + /// Creates the RSAKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. + /// + /// Cannot be used for signing or decryption unless a private key is available. + /// + /// If a private key is specified, you don't need to specify a public key file. + /// OpenSSL will auto-create the public key from the private key. + + RSAKey(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream = 0, + const std::string& privateKeyPassphrase = ""); + /// Creates the RSAKey, by reading public and private key from the given streams and + /// using the given passphrase for the private key. + /// + /// Cannot be used for signing or decryption unless a private key is available. + /// + /// If a private key is specified, you don't need to specify a public key file. + /// OpenSSL will auto-create the public key from the private key. + + ~RSAKey(); + /// Destroys the RSAKey. + + RSAKeyImpl::ByteVec modulus() const; + /// Returns the RSA modulus. + + RSAKeyImpl::ByteVec encryptionExponent() const; + /// Returns the RSA encryption exponent. + + RSAKeyImpl::ByteVec decryptionExponent() const; + /// Returns the RSA decryption exponent. + + RSAKeyImpl::Ptr impl() const; + /// Returns the impl object. + +private: + RSAKeyImpl::Ptr _pImpl; +}; + + +// +// inlines +// +inline RSAKeyImpl::Ptr RSAKey::impl() const +{ + return _pImpl; +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_RSAKey_INCLUDED
\ No newline at end of file diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/RSAKeyImpl.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/RSAKeyImpl.h index 035881636b2..4228b9aa30a 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/RSAKeyImpl.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/RSAKeyImpl.h @@ -1,141 +1,141 @@ -// -// RSAKeyImpl.h -// -// Library: Crypto -// Package: RSA -// Module: RSAKeyImpl -// -// Definition of the RSAKeyImpl class. -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_RSAKeyImplImpl_INCLUDED -#define Crypto_RSAKeyImplImpl_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/EVPPKey.h" -#include "Poco/Crypto/KeyPairImpl.h" -#include "Poco/Crypto/OpenSSLInitializer.h" -#include "Poco/RefCountedObject.h" -#include "Poco/AutoPtr.h" -#include <istream> -#include <ostream> -#include <vector> - - -struct bignum_st; -struct rsa_st; -typedef struct bignum_st BIGNUM; -typedef struct rsa_st RSA; - - -namespace Poco { -namespace Crypto { - - -class X509Certificate; -class PKCS12Container; - - -class RSAKeyImpl: public KeyPairImpl - /// class RSAKeyImpl -{ -public: - typedef Poco::AutoPtr<RSAKeyImpl> Ptr; - typedef std::vector<unsigned char> ByteVec; - - RSAKeyImpl(const EVPPKey& key); - /// Constructs ECKeyImpl by extracting the EC key. - - RSAKeyImpl(const X509Certificate& cert); - /// Extracts the RSA public key from the given certificate. - - RSAKeyImpl(const PKCS12Container& cert); - /// Extracts the EC private key from the given certificate. - - RSAKeyImpl(int keyLength, unsigned long exponent); - /// Creates the RSAKey. Creates a new public/private keypair using the given parameters. - /// Can be used to sign data and verify signatures. - - RSAKeyImpl(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase); - /// Creates the RSAKey, by reading public and private key from the given files and - /// using the given passphrase for the private key. Can only by used for signing if - /// a private key is available. - - RSAKeyImpl(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase); - /// Creates the RSAKey. Can only by used for signing if pPrivKey - /// is not null. If a private key file is specified, you don't need to - /// specify a public key file. OpenSSL will auto-create it from the private key. - - ~RSAKeyImpl(); - /// Destroys the RSAKeyImpl. - - RSA* getRSA(); - /// Returns the OpenSSL RSA object. - - const RSA* getRSA() const; - /// Returns the OpenSSL RSA object. - - int size() const; - /// Returns the RSA modulus size. - - ByteVec modulus() const; - /// Returns the RSA modulus. - - ByteVec encryptionExponent() const; - /// Returns the RSA encryption exponent. - - ByteVec decryptionExponent() const; - /// Returns the RSA decryption exponent. - - void save(const std::string& publicKeyFile, - const std::string& privateKeyFile = "", - const std::string& privateKeyPassphrase = "") const; - /// Exports the public and private keys to the given files. - /// - /// If an empty filename is specified, the corresponding key - /// is not exported. - - void save(std::ostream* pPublicKeyStream, - std::ostream* pPrivateKeyStream = 0, - const std::string& privateKeyPassphrase = "") const; - /// Exports the public and private key to the given streams. - /// - /// If a null pointer is passed for a stream, the corresponding - /// key is not exported. - -private: - RSAKeyImpl(); - - void freeRSA(); - static ByteVec convertToByteVec(const BIGNUM* bn); - - RSA* _pRSA; -}; - - -// -// inlines -// -inline RSA* RSAKeyImpl::getRSA() -{ - return _pRSA; -} - - -inline const RSA* RSAKeyImpl::getRSA() const -{ - return _pRSA; -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_RSAKeyImplImpl_INCLUDED
\ No newline at end of file +// +// RSAKeyImpl.h +// +// Library: Crypto +// Package: RSA +// Module: RSAKeyImpl +// +// Definition of the RSAKeyImpl class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_RSAKeyImplImpl_INCLUDED +#define Crypto_RSAKeyImplImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/EVPPKey.h" +#include "Poco/Crypto/KeyPairImpl.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/RefCountedObject.h" +#include "Poco/AutoPtr.h" +#include <istream> +#include <ostream> +#include <vector> + + +struct bignum_st; +struct rsa_st; +typedef struct bignum_st BIGNUM; +typedef struct rsa_st RSA; + + +namespace Poco { +namespace Crypto { + + +class X509Certificate; +class PKCS12Container; + + +class RSAKeyImpl: public KeyPairImpl + /// class RSAKeyImpl +{ +public: + typedef Poco::AutoPtr<RSAKeyImpl> Ptr; + typedef std::vector<unsigned char> ByteVec; + + RSAKeyImpl(const EVPPKey& key); + /// Constructs ECKeyImpl by extracting the EC key. + + RSAKeyImpl(const X509Certificate& cert); + /// Extracts the RSA public key from the given certificate. + + RSAKeyImpl(const PKCS12Container& cert); + /// Extracts the EC private key from the given certificate. + + RSAKeyImpl(int keyLength, unsigned long exponent); + /// Creates the RSAKey. Creates a new public/private keypair using the given parameters. + /// Can be used to sign data and verify signatures. + + RSAKeyImpl(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase); + /// Creates the RSAKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. Can only by used for signing if + /// a private key is available. + + RSAKeyImpl(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase); + /// Creates the RSAKey. Can only by used for signing if pPrivKey + /// is not null. If a private key file is specified, you don't need to + /// specify a public key file. OpenSSL will auto-create it from the private key. + + ~RSAKeyImpl(); + /// Destroys the RSAKeyImpl. + + RSA* getRSA(); + /// Returns the OpenSSL RSA object. + + const RSA* getRSA() const; + /// Returns the OpenSSL RSA object. + + int size() const; + /// Returns the RSA modulus size. + + ByteVec modulus() const; + /// Returns the RSA modulus. + + ByteVec encryptionExponent() const; + /// Returns the RSA encryption exponent. + + ByteVec decryptionExponent() const; + /// Returns the RSA decryption exponent. + + void save(const std::string& publicKeyFile, + const std::string& privateKeyFile = "", + const std::string& privateKeyPassphrase = "") const; + /// Exports the public and private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + void save(std::ostream* pPublicKeyStream, + std::ostream* pPrivateKeyStream = 0, + const std::string& privateKeyPassphrase = "") const; + /// Exports the public and private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + +private: + RSAKeyImpl(); + + void freeRSA(); + static ByteVec convertToByteVec(const BIGNUM* bn); + + RSA* _pRSA; +}; + + +// +// inlines +// +inline RSA* RSAKeyImpl::getRSA() +{ + return _pRSA; +} + + +inline const RSA* RSAKeyImpl::getRSA() const +{ + return _pRSA; +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_RSAKeyImplImpl_INCLUDED
\ No newline at end of file diff --git a/contrib/libs/poco/Crypto/include/Poco/Crypto/X509Certificate.h b/contrib/libs/poco/Crypto/include/Poco/Crypto/X509Certificate.h index ccdab1ce37e..673a3159d4c 100644 --- a/contrib/libs/poco/Crypto/include/Poco/Crypto/X509Certificate.h +++ b/contrib/libs/poco/Crypto/include/Poco/Crypto/X509Certificate.h @@ -1,245 +1,245 @@ -// -// X509Certificate.h -// -// Library: Crypto -// Package: Certificate -// Module: X509Certificate -// -// Definition of the X509Certificate class. -// -// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#ifndef Crypto_X509Certificate_INCLUDED -#define Crypto_X509Certificate_INCLUDED - - -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/OpenSSLInitializer.h" -#include "Poco/DateTime.h" -#include "Poco/SharedPtr.h" -#include <vector> -#include <set> -#include <istream> -#include <openssl/ssl.h> - - -namespace Poco { -namespace Crypto { - - -class Crypto_API X509Certificate - /// This class represents a X509 Certificate. -{ -public: - typedef std::vector<X509Certificate> List; - - enum NID - /// Name identifier for extracting information from - /// a certificate subject's or issuer's distinguished name. - { - NID_COMMON_NAME = 13, - NID_COUNTRY = 14, - NID_LOCALITY_NAME = 15, - NID_STATE_OR_PROVINCE = 16, - NID_ORGANIZATION_NAME = 17, - NID_ORGANIZATION_UNIT_NAME = 18, - NID_PKCS9_EMAIL_ADDRESS = 48, - NID_SERIAL_NUMBER = 105 - }; - - explicit X509Certificate(std::istream& istr); - /// Creates the X509Certificate object by reading - /// a certificate in PEM format from a stream. - - explicit X509Certificate(const std::string& path); - /// Creates the X509Certificate object by reading - /// a certificate in PEM format from a file. - - explicit X509Certificate(X509* pCert); - /// Creates the X509Certificate from an existing - /// OpenSSL certificate. Ownership is taken of - /// the certificate. - - X509Certificate(X509* pCert, bool shared); - /// Creates the X509Certificate from an existing - /// OpenSSL certificate. Ownership is taken of - /// the certificate. If shared is true, the - /// certificate's reference count is incremented. - - X509Certificate(const X509Certificate& cert); - /// Creates the certificate by copying another one. - - X509Certificate& operator = (const X509Certificate& cert); - /// Assigns a certificate. - - void swap(X509Certificate& cert); - /// Exchanges the certificate with another one. - - ~X509Certificate(); - /// Destroys the X509Certificate. - - long version() const; - /// Returns the version of the certificate. - - const std::string& serialNumber() const; - /// Returns the certificate serial number as a - /// string in decimal encoding. - - const std::string& issuerName() const; - /// Returns the certificate issuer's distinguished name. - - std::string issuerName(NID nid) const; - /// Extracts the information specified by the given - /// NID (name identifier) from the certificate issuer's - /// distinguished name. - - const std::string& subjectName() const; - /// Returns the certificate subject's distinguished name. - - std::string subjectName(NID nid) const; - /// Extracts the information specified by the given - /// NID (name identifier) from the certificate subject's - /// distinguished name. - - std::string commonName() const; - /// Returns the common name stored in the certificate - /// subject's distinguished name. - - void extractNames(std::string& commonName, std::set<std::string>& domainNames) const; - /// Extracts the common name and the alias domain names from the - /// certificate. - - Poco::DateTime validFrom() const; - /// Returns the date and time the certificate is valid from. - - Poco::DateTime expiresOn() const; - /// Returns the date and time the certificate expires. - - void save(std::ostream& stream) const; - /// Writes the certificate to the given stream. - /// The certificate is written in PEM format. - - void save(const std::string& path) const; - /// Writes the certificate to the file given by path. - /// The certificate is written in PEM format. - - bool issuedBy(const X509Certificate& issuerCertificate) const; - /// Checks whether the certificate has been issued by - /// the issuer given by issuerCertificate. This can be - /// used to validate a certificate chain. - /// - /// Verifies if the certificate has been signed with the - /// issuer's private key, using the public key from the issuer - /// certificate. - /// - /// Returns true if verification against the issuer certificate - /// was successful, false otherwise. - - bool equals(const X509Certificate& otherCertificate) const; - /// Checks whether the certificate is equal to - /// the other certificate, by comparing the hashes - /// of both certificates. - /// - /// Returns true if both certificates are identical, - /// otherwise false. - - const X509* certificate() const; - /// Returns the underlying OpenSSL certificate. - - X509* dup() const; - /// Duplicates and returns the underlying OpenSSL certificate. Note that - /// the caller assumes responsibility for the lifecycle of the created - /// certificate. - - std::string signatureAlgorithm() const; - /// Returns the certificate signature algorithm long name. - - void print(std::ostream& out) const; - /// Prints the certificate information to ostream. - - static List readPEM(const std::string& pemFileName); - /// Reads and returns a list of certificates from - /// the specified PEM file. - - static void writePEM(const std::string& pemFileName, const List& list); - /// Writes the list of certificates to the specified PEM file. - -protected: - void load(std::istream& stream); - /// Loads the certificate from the given stream. The - /// certificate must be in PEM format. - - void load(const std::string& path); - /// Loads the certificate from the given file. The - /// certificate must be in PEM format. - - void init(); - /// Extracts issuer and subject name from the certificate. - -private: - enum - { - NAME_BUFFER_SIZE = 256 - }; - - std::string _issuerName; - std::string _subjectName; - std::string _serialNumber; - X509* _pCert; - OpenSSLInitializer _openSSLInitializer; -}; - - -// -// inlines -// - - -inline long X509Certificate::version() const -{ - // This is defined by standards (X.509 et al) to be - // one less than the certificate version. - // So, eg. a version 3 certificate will return 2. - return X509_get_version(_pCert) + 1; -} - - -inline const std::string& X509Certificate::serialNumber() const -{ - return _serialNumber; -} - - -inline const std::string& X509Certificate::issuerName() const -{ - return _issuerName; -} - - -inline const std::string& X509Certificate::subjectName() const -{ - return _subjectName; -} - - -inline const X509* X509Certificate::certificate() const -{ - return _pCert; -} - - -inline X509* X509Certificate::dup() const -{ - return X509_dup(_pCert); -} - - -} } // namespace Poco::Crypto - - -#endif // Crypto_X509Certificate_INCLUDED +// +// X509Certificate.h +// +// Library: Crypto +// Package: Certificate +// Module: X509Certificate +// +// Definition of the X509Certificate class. +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_X509Certificate_INCLUDED +#define Crypto_X509Certificate_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/DateTime.h" +#include "Poco/SharedPtr.h" +#include <vector> +#include <set> +#include <istream> +#include <openssl/ssl.h> + + +namespace Poco { +namespace Crypto { + + +class Crypto_API X509Certificate + /// This class represents a X509 Certificate. +{ +public: + typedef std::vector<X509Certificate> List; + + enum NID + /// Name identifier for extracting information from + /// a certificate subject's or issuer's distinguished name. + { + NID_COMMON_NAME = 13, + NID_COUNTRY = 14, + NID_LOCALITY_NAME = 15, + NID_STATE_OR_PROVINCE = 16, + NID_ORGANIZATION_NAME = 17, + NID_ORGANIZATION_UNIT_NAME = 18, + NID_PKCS9_EMAIL_ADDRESS = 48, + NID_SERIAL_NUMBER = 105 + }; + + explicit X509Certificate(std::istream& istr); + /// Creates the X509Certificate object by reading + /// a certificate in PEM format from a stream. + + explicit X509Certificate(const std::string& path); + /// Creates the X509Certificate object by reading + /// a certificate in PEM format from a file. + + explicit X509Certificate(X509* pCert); + /// Creates the X509Certificate from an existing + /// OpenSSL certificate. Ownership is taken of + /// the certificate. + + X509Certificate(X509* pCert, bool shared); + /// Creates the X509Certificate from an existing + /// OpenSSL certificate. Ownership is taken of + /// the certificate. If shared is true, the + /// certificate's reference count is incremented. + + X509Certificate(const X509Certificate& cert); + /// Creates the certificate by copying another one. + + X509Certificate& operator = (const X509Certificate& cert); + /// Assigns a certificate. + + void swap(X509Certificate& cert); + /// Exchanges the certificate with another one. + + ~X509Certificate(); + /// Destroys the X509Certificate. + + long version() const; + /// Returns the version of the certificate. + + const std::string& serialNumber() const; + /// Returns the certificate serial number as a + /// string in decimal encoding. + + const std::string& issuerName() const; + /// Returns the certificate issuer's distinguished name. + + std::string issuerName(NID nid) const; + /// Extracts the information specified by the given + /// NID (name identifier) from the certificate issuer's + /// distinguished name. + + const std::string& subjectName() const; + /// Returns the certificate subject's distinguished name. + + std::string subjectName(NID nid) const; + /// Extracts the information specified by the given + /// NID (name identifier) from the certificate subject's + /// distinguished name. + + std::string commonName() const; + /// Returns the common name stored in the certificate + /// subject's distinguished name. + + void extractNames(std::string& commonName, std::set<std::string>& domainNames) const; + /// Extracts the common name and the alias domain names from the + /// certificate. + + Poco::DateTime validFrom() const; + /// Returns the date and time the certificate is valid from. + + Poco::DateTime expiresOn() const; + /// Returns the date and time the certificate expires. + + void save(std::ostream& stream) const; + /// Writes the certificate to the given stream. + /// The certificate is written in PEM format. + + void save(const std::string& path) const; + /// Writes the certificate to the file given by path. + /// The certificate is written in PEM format. + + bool issuedBy(const X509Certificate& issuerCertificate) const; + /// Checks whether the certificate has been issued by + /// the issuer given by issuerCertificate. This can be + /// used to validate a certificate chain. + /// + /// Verifies if the certificate has been signed with the + /// issuer's private key, using the public key from the issuer + /// certificate. + /// + /// Returns true if verification against the issuer certificate + /// was successful, false otherwise. + + bool equals(const X509Certificate& otherCertificate) const; + /// Checks whether the certificate is equal to + /// the other certificate, by comparing the hashes + /// of both certificates. + /// + /// Returns true if both certificates are identical, + /// otherwise false. + + const X509* certificate() const; + /// Returns the underlying OpenSSL certificate. + + X509* dup() const; + /// Duplicates and returns the underlying OpenSSL certificate. Note that + /// the caller assumes responsibility for the lifecycle of the created + /// certificate. + + std::string signatureAlgorithm() const; + /// Returns the certificate signature algorithm long name. + + void print(std::ostream& out) const; + /// Prints the certificate information to ostream. + + static List readPEM(const std::string& pemFileName); + /// Reads and returns a list of certificates from + /// the specified PEM file. + + static void writePEM(const std::string& pemFileName, const List& list); + /// Writes the list of certificates to the specified PEM file. + +protected: + void load(std::istream& stream); + /// Loads the certificate from the given stream. The + /// certificate must be in PEM format. + + void load(const std::string& path); + /// Loads the certificate from the given file. The + /// certificate must be in PEM format. + + void init(); + /// Extracts issuer and subject name from the certificate. + +private: + enum + { + NAME_BUFFER_SIZE = 256 + }; + + std::string _issuerName; + std::string _subjectName; + std::string _serialNumber; + X509* _pCert; + OpenSSLInitializer _openSSLInitializer; +}; + + +// +// inlines +// + + +inline long X509Certificate::version() const +{ + // This is defined by standards (X.509 et al) to be + // one less than the certificate version. + // So, eg. a version 3 certificate will return 2. + return X509_get_version(_pCert) + 1; +} + + +inline const std::string& X509Certificate::serialNumber() const +{ + return _serialNumber; +} + + +inline const std::string& X509Certificate::issuerName() const +{ + return _issuerName; +} + + +inline const std::string& X509Certificate::subjectName() const +{ + return _subjectName; +} + + +inline const X509* X509Certificate::certificate() const +{ + return _pCert; +} + + +inline X509* X509Certificate::dup() const +{ + return X509_dup(_pCert); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_X509Certificate_INCLUDED diff --git a/contrib/libs/poco/Crypto/src/Cipher.cpp b/contrib/libs/poco/Crypto/src/Cipher.cpp index 8b4d57964f5..b3cba611d39 100644 --- a/contrib/libs/poco/Crypto/src/Cipher.cpp +++ b/contrib/libs/poco/Crypto/src/Cipher.cpp @@ -1,140 +1,140 @@ -// -// Cipher.cpp -// -// Library: Crypto -// Package: Cipher -// Module: Cipher -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/Cipher.h" -#include "Poco/Crypto/CryptoStream.h" -#include "Poco/Crypto/CryptoTransform.h" -#include "Poco/Base64Encoder.h" -#include "Poco/Base64Decoder.h" -#include "Poco/HexBinaryEncoder.h" -#include "Poco/HexBinaryDecoder.h" -#include "Poco/StreamCopier.h" -#include "Poco/Exception.h" -#include <sstream> -#include <memory> - - -namespace Poco { -namespace Crypto { - - -Cipher::Cipher() -{ -} - - -Cipher::~Cipher() -{ -} - - -std::string Cipher::encryptString(const std::string& str, Encoding encoding) -{ - std::istringstream source(str); - std::ostringstream sink; - - encrypt(source, sink, encoding); - - return sink.str(); -} - - -std::string Cipher::decryptString(const std::string& str, Encoding encoding) -{ - std::istringstream source(str); - std::ostringstream sink; - - decrypt(source, sink, encoding); - return sink.str(); -} - - -void Cipher::encrypt(std::istream& source, std::ostream& sink, Encoding encoding) -{ - CryptoInputStream encryptor(source, createEncryptor()); - - switch (encoding) - { - case ENC_NONE: - StreamCopier::copyStream(encryptor, sink); - break; - - case ENC_BASE64: - case ENC_BASE64_NO_LF: - { - Poco::Base64Encoder encoder(sink); - if (encoding == ENC_BASE64_NO_LF) - { - encoder.rdbuf()->setLineLength(0); - } - StreamCopier::copyStream(encryptor, encoder); - encoder.close(); - } - break; - - case ENC_BINHEX: - case ENC_BINHEX_NO_LF: - { - Poco::HexBinaryEncoder encoder(sink); - if (encoding == ENC_BINHEX_NO_LF) - { - encoder.rdbuf()->setLineLength(0); - } - StreamCopier::copyStream(encryptor, encoder); - encoder.close(); - } - break; - - default: - throw Poco::InvalidArgumentException("Invalid argument", "encoding"); - } -} - - -void Cipher::decrypt(std::istream& source, std::ostream& sink, Encoding encoding) -{ - CryptoOutputStream decryptor(sink, createDecryptor()); - - switch (encoding) - { - case ENC_NONE: - StreamCopier::copyStream(source, decryptor); - decryptor.close(); - break; - - case ENC_BASE64: - case ENC_BASE64_NO_LF: - { - Poco::Base64Decoder decoder(source); - StreamCopier::copyStream(decoder, decryptor); - decryptor.close(); - } - break; - - case ENC_BINHEX: - case ENC_BINHEX_NO_LF: - { - Poco::HexBinaryDecoder decoder(source); - StreamCopier::copyStream(decoder, decryptor); - decryptor.close(); - } - break; - - default: - throw Poco::InvalidArgumentException("Invalid argument", "encoding"); - } -} - - -} } // namespace Poco::Crypto +// +// Cipher.cpp +// +// Library: Crypto +// Package: Cipher +// Module: Cipher +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/Cipher.h" +#include "Poco/Crypto/CryptoStream.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Base64Encoder.h" +#include "Poco/Base64Decoder.h" +#include "Poco/HexBinaryEncoder.h" +#include "Poco/HexBinaryDecoder.h" +#include "Poco/StreamCopier.h" +#include "Poco/Exception.h" +#include <sstream> +#include <memory> + + +namespace Poco { +namespace Crypto { + + +Cipher::Cipher() +{ +} + + +Cipher::~Cipher() +{ +} + + +std::string Cipher::encryptString(const std::string& str, Encoding encoding) +{ + std::istringstream source(str); + std::ostringstream sink; + + encrypt(source, sink, encoding); + + return sink.str(); +} + + +std::string Cipher::decryptString(const std::string& str, Encoding encoding) +{ + std::istringstream source(str); + std::ostringstream sink; + + decrypt(source, sink, encoding); + return sink.str(); +} + + +void Cipher::encrypt(std::istream& source, std::ostream& sink, Encoding encoding) +{ + CryptoInputStream encryptor(source, createEncryptor()); + + switch (encoding) + { + case ENC_NONE: + StreamCopier::copyStream(encryptor, sink); + break; + + case ENC_BASE64: + case ENC_BASE64_NO_LF: + { + Poco::Base64Encoder encoder(sink); + if (encoding == ENC_BASE64_NO_LF) + { + encoder.rdbuf()->setLineLength(0); + } + StreamCopier::copyStream(encryptor, encoder); + encoder.close(); + } + break; + + case ENC_BINHEX: + case ENC_BINHEX_NO_LF: + { + Poco::HexBinaryEncoder encoder(sink); + if (encoding == ENC_BINHEX_NO_LF) + { + encoder.rdbuf()->setLineLength(0); + } + StreamCopier::copyStream(encryptor, encoder); + encoder.close(); + } + break; + + default: + throw Poco::InvalidArgumentException("Invalid argument", "encoding"); + } +} + + +void Cipher::decrypt(std::istream& source, std::ostream& sink, Encoding encoding) +{ + CryptoOutputStream decryptor(sink, createDecryptor()); + + switch (encoding) + { + case ENC_NONE: + StreamCopier::copyStream(source, decryptor); + decryptor.close(); + break; + + case ENC_BASE64: + case ENC_BASE64_NO_LF: + { + Poco::Base64Decoder decoder(source); + StreamCopier::copyStream(decoder, decryptor); + decryptor.close(); + } + break; + + case ENC_BINHEX: + case ENC_BINHEX_NO_LF: + { + Poco::HexBinaryDecoder decoder(source); + StreamCopier::copyStream(decoder, decryptor); + decryptor.close(); + } + break; + + default: + throw Poco::InvalidArgumentException("Invalid argument", "encoding"); + } +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CipherFactory.cpp b/contrib/libs/poco/Crypto/src/CipherFactory.cpp index 28ba3748643..01dfad4cf61 100644 --- a/contrib/libs/poco/Crypto/src/CipherFactory.cpp +++ b/contrib/libs/poco/Crypto/src/CipherFactory.cpp @@ -1,65 +1,65 @@ -// -// CipherFactory.cpp -// -// Library: Crypto -// Package: Cipher -// Module: CipherFactory -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CipherFactory.h" -#include "Poco/Crypto/Cipher.h" -#include "Poco/Crypto/CipherKey.h" -#include "Poco/Crypto/RSAKey.h" -#include "Poco/Crypto/CipherImpl.h" -#include "Poco/Crypto/RSACipherImpl.h" -#include "Poco/Exception.h" -#include "Poco/SingletonHolder.h" -#include <openssl/evp.h> -#include <openssl/err.h> - - -namespace Poco { -namespace Crypto { - - -CipherFactory::CipherFactory() -{ -} - - -CipherFactory::~CipherFactory() -{ -} - - -namespace -{ - static Poco::SingletonHolder<CipherFactory> holder; -} - - -CipherFactory& CipherFactory::defaultFactory() -{ - return *holder.get(); -} - - -Cipher* CipherFactory::createCipher(const CipherKey& key) -{ - return new CipherImpl(key); -} - - -Cipher* CipherFactory::createCipher(const RSAKey& key, RSAPaddingMode paddingMode) -{ - return new RSACipherImpl(key, paddingMode); -} - - -} } // namespace Poco::Crypto +// +// CipherFactory.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CipherFactory +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CipherFactory.h" +#include "Poco/Crypto/Cipher.h" +#include "Poco/Crypto/CipherKey.h" +#include "Poco/Crypto/RSAKey.h" +#include "Poco/Crypto/CipherImpl.h" +#include "Poco/Crypto/RSACipherImpl.h" +#include "Poco/Exception.h" +#include "Poco/SingletonHolder.h" +#include <openssl/evp.h> +#include <openssl/err.h> + + +namespace Poco { +namespace Crypto { + + +CipherFactory::CipherFactory() +{ +} + + +CipherFactory::~CipherFactory() +{ +} + + +namespace +{ + static Poco::SingletonHolder<CipherFactory> holder; +} + + +CipherFactory& CipherFactory::defaultFactory() +{ + return *holder.get(); +} + + +Cipher* CipherFactory::createCipher(const CipherKey& key) +{ + return new CipherImpl(key); +} + + +Cipher* CipherFactory::createCipher(const RSAKey& key, RSAPaddingMode paddingMode) +{ + return new RSACipherImpl(key, paddingMode); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CipherImpl.cpp b/contrib/libs/poco/Crypto/src/CipherImpl.cpp index ae574775957..926fc0def72 100644 --- a/contrib/libs/poco/Crypto/src/CipherImpl.cpp +++ b/contrib/libs/poco/Crypto/src/CipherImpl.cpp @@ -1,272 +1,272 @@ -// -// CipherImpl.cpp -// -// Library: Crypto -// Package: Cipher -// Module: CipherImpl -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CipherImpl.h" -#include "Poco/Crypto/CryptoTransform.h" -#include "Poco/Exception.h" -#include "Poco/Buffer.h" -#include <openssl/err.h> - - -namespace Poco { -namespace Crypto { - - -namespace -{ - void throwError() - { - unsigned long err; - std::string msg; - - while ((err = ERR_get_error())) - { - if (!msg.empty()) - msg.append("; "); - msg.append(ERR_error_string(err, 0)); - } - - throw Poco::IOException(msg); - } - - - class CryptoTransformImpl: public CryptoTransform - { - public: - typedef Cipher::ByteVec ByteVec; - - enum Direction - { - DIR_ENCRYPT, - DIR_DECRYPT - }; - - CryptoTransformImpl( - const EVP_CIPHER* pCipher, - const ByteVec& key, - const ByteVec& iv, - Direction dir); - - ~CryptoTransformImpl(); - - std::size_t blockSize() const; - int setPadding(int padding); - std::string getTag(std::size_t tagSize); - void setTag(const std::string& tag); - - std::streamsize transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength); - - std::streamsize finalize( - unsigned char* output, - std::streamsize length); - - private: - const EVP_CIPHER* _pCipher; -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - EVP_CIPHER_CTX* _pContext; -#else - EVP_CIPHER_CTX _context; -#endif - ByteVec _key; - ByteVec _iv; - }; - - - CryptoTransformImpl::CryptoTransformImpl( - const EVP_CIPHER* pCipher, - const ByteVec& key, - const ByteVec& iv, - Direction dir): - _pCipher(pCipher), - _key(key), - _iv(iv) - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - _pContext = EVP_CIPHER_CTX_new(); - EVP_CipherInit( - _pContext, - _pCipher, - &_key[0], - _iv.empty() ? 0 : &_iv[0], - (dir == DIR_ENCRYPT) ? 1 : 0); -#else - EVP_CipherInit( - &_context, - _pCipher, - &_key[0], - _iv.empty() ? 0 : &_iv[0], - (dir == DIR_ENCRYPT) ? 1 : 0); -#endif - -#if OPENSSL_VERSION_NUMBER >= 0x10001000L - if (_iv.size() != EVP_CIPHER_iv_length(_pCipher) && EVP_CIPHER_mode(_pCipher) == EVP_CIPH_GCM_MODE) - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_SET_IVLEN, _iv.size(), NULL); -#else - int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_SET_IVLEN, _iv.size(), NULL); -#endif - if (rc == 0) throwError(); - } -#endif - } - - - CryptoTransformImpl::~CryptoTransformImpl() - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - EVP_CIPHER_CTX_cleanup(_pContext); - EVP_CIPHER_CTX_free(_pContext); -#else - EVP_CIPHER_CTX_cleanup(&_context); -#endif - } - - - std::size_t CryptoTransformImpl::blockSize() const - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - return EVP_CIPHER_CTX_block_size(_pContext); -#else - return EVP_CIPHER_CTX_block_size(&_context); -#endif - } - - - int CryptoTransformImpl::setPadding(int padding) - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - return EVP_CIPHER_CTX_block_size(_pContext); -#else - return EVP_CIPHER_CTX_set_padding(&_context, padding); -#endif - } - - - std::string CryptoTransformImpl::getTag(std::size_t tagSize) - { - std::string tag; -#if OPENSSL_VERSION_NUMBER >= 0x10001000L - Poco::Buffer<char> buffer(tagSize); -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_GET_TAG, tagSize, buffer.begin()); -#else - int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_GET_TAG, tagSize, buffer.begin()); -#endif - if (rc == 0) throwError(); - tag.assign(buffer.begin(), tagSize); -#endif - return tag; - } - - - void CryptoTransformImpl::setTag(const std::string& tag) - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_SET_TAG, tag.size(), const_cast<char*>(tag.data())); -#elif OPENSSL_VERSION_NUMBER >= 0x10001000L - int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_SET_TAG, tag.size(), const_cast<char*>(tag.data())); -#else - int rc = 0; -#endif - if (rc == 0) throwError(); - } - - - std::streamsize CryptoTransformImpl::transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength) - { - poco_assert (outputLength >= (inputLength + blockSize() - 1)); - - int outLen = static_cast<int>(outputLength); -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - int rc = EVP_CipherUpdate( - _pContext, - output, - &outLen, - input, - static_cast<int>(inputLength)); -#else - int rc = EVP_CipherUpdate( - &_context, - output, - &outLen, - input, - static_cast<int>(inputLength)); -#endif - if (rc == 0) - throwError(); - - return static_cast<std::streamsize>(outLen); - } - - - std::streamsize CryptoTransformImpl::finalize( - unsigned char* output, - std::streamsize length) - { - poco_assert (length >= blockSize()); - - int len = static_cast<int>(length); - - // Use the '_ex' version that does not perform implicit cleanup since we - // will call EVP_CIPHER_CTX_cleanup() from the dtor as there is no - // guarantee that finalize() will be called if an error occurred. -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - int rc = EVP_CipherFinal_ex(_pContext, output, &len); -#else - int rc = EVP_CipherFinal_ex(&_context, output, &len); -#endif - - if (rc == 0) - throwError(); - - return static_cast<std::streamsize>(len); - } -} - - -CipherImpl::CipherImpl(const CipherKey& key): - _key(key) -{ -} - - -CipherImpl::~CipherImpl() -{ -} - - -CryptoTransform* CipherImpl::createEncryptor() -{ - CipherKeyImpl::Ptr p = _key.impl(); - return new CryptoTransformImpl(p->cipher(), p->getKey(), p->getIV(), CryptoTransformImpl::DIR_ENCRYPT); -} - - -CryptoTransform* CipherImpl::createDecryptor() -{ - CipherKeyImpl::Ptr p = _key.impl(); - return new CryptoTransformImpl(p->cipher(), p->getKey(), p->getIV(), CryptoTransformImpl::DIR_DECRYPT); -} - - -} } // namespace Poco::Crypto +// +// CipherImpl.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CipherImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CipherImpl.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Exception.h" +#include "Poco/Buffer.h" +#include <openssl/err.h> + + +namespace Poco { +namespace Crypto { + + +namespace +{ + void throwError() + { + unsigned long err; + std::string msg; + + while ((err = ERR_get_error())) + { + if (!msg.empty()) + msg.append("; "); + msg.append(ERR_error_string(err, 0)); + } + + throw Poco::IOException(msg); + } + + + class CryptoTransformImpl: public CryptoTransform + { + public: + typedef Cipher::ByteVec ByteVec; + + enum Direction + { + DIR_ENCRYPT, + DIR_DECRYPT + }; + + CryptoTransformImpl( + const EVP_CIPHER* pCipher, + const ByteVec& key, + const ByteVec& iv, + Direction dir); + + ~CryptoTransformImpl(); + + std::size_t blockSize() const; + int setPadding(int padding); + std::string getTag(std::size_t tagSize); + void setTag(const std::string& tag); + + std::streamsize transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength); + + std::streamsize finalize( + unsigned char* output, + std::streamsize length); + + private: + const EVP_CIPHER* _pCipher; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_CIPHER_CTX* _pContext; +#else + EVP_CIPHER_CTX _context; +#endif + ByteVec _key; + ByteVec _iv; + }; + + + CryptoTransformImpl::CryptoTransformImpl( + const EVP_CIPHER* pCipher, + const ByteVec& key, + const ByteVec& iv, + Direction dir): + _pCipher(pCipher), + _key(key), + _iv(iv) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + _pContext = EVP_CIPHER_CTX_new(); + EVP_CipherInit( + _pContext, + _pCipher, + &_key[0], + _iv.empty() ? 0 : &_iv[0], + (dir == DIR_ENCRYPT) ? 1 : 0); +#else + EVP_CipherInit( + &_context, + _pCipher, + &_key[0], + _iv.empty() ? 0 : &_iv[0], + (dir == DIR_ENCRYPT) ? 1 : 0); +#endif + +#if OPENSSL_VERSION_NUMBER >= 0x10001000L + if (_iv.size() != EVP_CIPHER_iv_length(_pCipher) && EVP_CIPHER_mode(_pCipher) == EVP_CIPH_GCM_MODE) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_SET_IVLEN, _iv.size(), NULL); +#else + int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_SET_IVLEN, _iv.size(), NULL); +#endif + if (rc == 0) throwError(); + } +#endif + } + + + CryptoTransformImpl::~CryptoTransformImpl() + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_CIPHER_CTX_cleanup(_pContext); + EVP_CIPHER_CTX_free(_pContext); +#else + EVP_CIPHER_CTX_cleanup(&_context); +#endif + } + + + std::size_t CryptoTransformImpl::blockSize() const + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + return EVP_CIPHER_CTX_block_size(_pContext); +#else + return EVP_CIPHER_CTX_block_size(&_context); +#endif + } + + + int CryptoTransformImpl::setPadding(int padding) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + return EVP_CIPHER_CTX_block_size(_pContext); +#else + return EVP_CIPHER_CTX_set_padding(&_context, padding); +#endif + } + + + std::string CryptoTransformImpl::getTag(std::size_t tagSize) + { + std::string tag; +#if OPENSSL_VERSION_NUMBER >= 0x10001000L + Poco::Buffer<char> buffer(tagSize); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_GET_TAG, tagSize, buffer.begin()); +#else + int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_GET_TAG, tagSize, buffer.begin()); +#endif + if (rc == 0) throwError(); + tag.assign(buffer.begin(), tagSize); +#endif + return tag; + } + + + void CryptoTransformImpl::setTag(const std::string& tag) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_SET_TAG, tag.size(), const_cast<char*>(tag.data())); +#elif OPENSSL_VERSION_NUMBER >= 0x10001000L + int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_SET_TAG, tag.size(), const_cast<char*>(tag.data())); +#else + int rc = 0; +#endif + if (rc == 0) throwError(); + } + + + std::streamsize CryptoTransformImpl::transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength) + { + poco_assert (outputLength >= (inputLength + blockSize() - 1)); + + int outLen = static_cast<int>(outputLength); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CipherUpdate( + _pContext, + output, + &outLen, + input, + static_cast<int>(inputLength)); +#else + int rc = EVP_CipherUpdate( + &_context, + output, + &outLen, + input, + static_cast<int>(inputLength)); +#endif + if (rc == 0) + throwError(); + + return static_cast<std::streamsize>(outLen); + } + + + std::streamsize CryptoTransformImpl::finalize( + unsigned char* output, + std::streamsize length) + { + poco_assert (length >= blockSize()); + + int len = static_cast<int>(length); + + // Use the '_ex' version that does not perform implicit cleanup since we + // will call EVP_CIPHER_CTX_cleanup() from the dtor as there is no + // guarantee that finalize() will be called if an error occurred. +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CipherFinal_ex(_pContext, output, &len); +#else + int rc = EVP_CipherFinal_ex(&_context, output, &len); +#endif + + if (rc == 0) + throwError(); + + return static_cast<std::streamsize>(len); + } +} + + +CipherImpl::CipherImpl(const CipherKey& key): + _key(key) +{ +} + + +CipherImpl::~CipherImpl() +{ +} + + +CryptoTransform* CipherImpl::createEncryptor() +{ + CipherKeyImpl::Ptr p = _key.impl(); + return new CryptoTransformImpl(p->cipher(), p->getKey(), p->getIV(), CryptoTransformImpl::DIR_ENCRYPT); +} + + +CryptoTransform* CipherImpl::createDecryptor() +{ + CipherKeyImpl::Ptr p = _key.impl(); + return new CryptoTransformImpl(p->cipher(), p->getKey(), p->getIV(), CryptoTransformImpl::DIR_DECRYPT); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CipherKey.cpp b/contrib/libs/poco/Crypto/src/CipherKey.cpp index 275edd1c883..5efa63a4601 100644 --- a/contrib/libs/poco/Crypto/src/CipherKey.cpp +++ b/contrib/libs/poco/Crypto/src/CipherKey.cpp @@ -1,49 +1,49 @@ -// -// CipherKey.cpp -// -// Library: Crypto -// Package: Cipher -// Module: CipherKey -// -// Copyright (c) 2007, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CipherKey.h" - - -namespace Poco { -namespace Crypto { - - -CipherKey::CipherKey(const std::string& name, - const std::string& passphrase, - const std::string& salt, - int iterationCount, - const std::string &digest): - _pImpl(new CipherKeyImpl(name, passphrase, salt, iterationCount, digest)) -{ -} - - -CipherKey::CipherKey(const std::string& name, const ByteVec& key, const ByteVec& iv): - _pImpl(new CipherKeyImpl(name, key, iv)) -{ -} - - -CipherKey::CipherKey(const std::string& name): - _pImpl(new CipherKeyImpl(name)) -{ -} - - -CipherKey::~CipherKey() -{ -} - - -} } // namespace Poco::Crypto +// +// CipherKey.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CipherKey +// +// Copyright (c) 2007, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CipherKey.h" + + +namespace Poco { +namespace Crypto { + + +CipherKey::CipherKey(const std::string& name, + const std::string& passphrase, + const std::string& salt, + int iterationCount, + const std::string &digest): + _pImpl(new CipherKeyImpl(name, passphrase, salt, iterationCount, digest)) +{ +} + + +CipherKey::CipherKey(const std::string& name, const ByteVec& key, const ByteVec& iv): + _pImpl(new CipherKeyImpl(name, key, iv)) +{ +} + + +CipherKey::CipherKey(const std::string& name): + _pImpl(new CipherKeyImpl(name)) +{ +} + + +CipherKey::~CipherKey() +{ +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CipherKeyImpl.cpp b/contrib/libs/poco/Crypto/src/CipherKeyImpl.cpp index 2af173bce85..f793082ba03 100644 --- a/contrib/libs/poco/Crypto/src/CipherKeyImpl.cpp +++ b/contrib/libs/poco/Crypto/src/CipherKeyImpl.cpp @@ -1,224 +1,224 @@ -// -// CipherKeyImpl.cpp -// -// Library: Crypto -// Package: Cipher -// Module: CipherKeyImpl -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CipherKeyImpl.h" -#include "Poco/Crypto/CryptoTransform.h" -#include "Poco/Crypto/CipherFactory.h" -#include "Poco/Exception.h" -#include "Poco/RandomStream.h" -#include <openssl/err.h> -#include <openssl/evp.h> - - -namespace Poco { -namespace Crypto { - - -CipherKeyImpl::CipherKeyImpl(const std::string& name, - const std::string& passphrase, - const std::string& salt, - int iterationCount, - const std::string& digest): - _pCipher(0), - _pDigest(0), - _name(name), - _key(), - _iv() -{ - // dummy access to Cipherfactory so that the EVP lib is initilaized - CipherFactory::defaultFactory(); - _pCipher = EVP_get_cipherbyname(name.c_str()); - - if (!_pCipher) - throw Poco::NotFoundException("Cipher " + name + " was not found"); - - _pDigest = EVP_get_digestbyname(digest.c_str()); - - if (!_pDigest) - throw Poco::NotFoundException("Digest " + name + " was not found"); - - _key = ByteVec(keySize()); - _iv = ByteVec(ivSize()); - generateKey(passphrase, salt, iterationCount); -} - - -CipherKeyImpl::CipherKeyImpl(const std::string& name, - const ByteVec& key, - const ByteVec& iv): - _pCipher(0), - _pDigest(0), - _name(name), - _key(key), - _iv(iv) -{ - // dummy access to Cipherfactory so that the EVP lib is initialized - CipherFactory::defaultFactory(); - _pCipher = EVP_get_cipherbyname(name.c_str()); - - if (!_pCipher) - throw Poco::NotFoundException("Cipher " + name + " was not found"); -} - - -CipherKeyImpl::CipherKeyImpl(const std::string& name): - _pCipher(0), - _pDigest(0), - _name(name), - _key(), - _iv() -{ - // dummy access to Cipherfactory so that the EVP lib is initilaized - CipherFactory::defaultFactory(); - _pCipher = EVP_get_cipherbyname(name.c_str()); - - if (!_pCipher) - throw Poco::NotFoundException("Cipher " + name + " was not found"); - _key = ByteVec(keySize()); - _iv = ByteVec(ivSize()); - generateKey(); -} - - -CipherKeyImpl::~CipherKeyImpl() -{ -} - - -CipherKeyImpl::Mode CipherKeyImpl::mode() const -{ - switch (EVP_CIPHER_mode(_pCipher)) - { - case EVP_CIPH_STREAM_CIPHER: - return MODE_STREAM_CIPHER; - - case EVP_CIPH_ECB_MODE: - return MODE_ECB; - - case EVP_CIPH_CBC_MODE: - return MODE_CBC; - - case EVP_CIPH_CFB_MODE: - return MODE_CFB; - - case EVP_CIPH_OFB_MODE: - return MODE_OFB; - -#if OPENSSL_VERSION_NUMBER >= 0x10001000L - case EVP_CIPH_CTR_MODE: - return MODE_CTR; - - case EVP_CIPH_GCM_MODE: - return MODE_GCM; - - case EVP_CIPH_CCM_MODE: - return MODE_CCM; -#endif - } - throw Poco::IllegalStateException("Unexpected value of EVP_CIPHER_mode()"); -} - - -void CipherKeyImpl::generateKey() -{ - ByteVec vec; - - getRandomBytes(vec, keySize()); - setKey(vec); - - getRandomBytes(vec, ivSize()); - setIV(vec); -} - - -void CipherKeyImpl::getRandomBytes(ByteVec& vec, std::size_t count) -{ - Poco::RandomInputStream random; - - vec.clear(); - vec.reserve(count); - - for (int i = 0; i < count; ++i) - vec.push_back(static_cast<unsigned char>(random.get())); -} - - -void CipherKeyImpl::generateKey( - const std::string& password, - const std::string& salt, - int iterationCount) -{ - unsigned char keyBytes[EVP_MAX_KEY_LENGTH]; - unsigned char ivBytes[EVP_MAX_IV_LENGTH]; - - // OpenSSL documentation specifies that the salt must be an 8-byte array. - unsigned char saltBytes[8]; - - if (!salt.empty()) - { - int len = static_cast<int>(salt.size()); - // Create the salt array from the salt string - for (int i = 0; i < 8; ++i) - saltBytes[i] = salt.at(i % len); - for (int i = 8; i < len; ++i) - saltBytes[i % 8] ^= salt.at(i); - } - - // Now create the key and IV, using the MD5 digest algorithm. - int keySize = EVP_BytesToKey( - _pCipher, - _pDigest ? _pDigest : EVP_md5(), - (salt.empty() ? 0 : saltBytes), - reinterpret_cast<const unsigned char*>(password.data()), - static_cast<int>(password.size()), - iterationCount, - keyBytes, - ivBytes); - - // Copy the buffers to our member byte vectors. - _key.assign(keyBytes, keyBytes + keySize); - - if (ivSize() == 0) - _iv.clear(); - else - _iv.assign(ivBytes, ivBytes + ivSize()); -} - - -int CipherKeyImpl::keySize() const -{ - return EVP_CIPHER_key_length(_pCipher); -} - - -int CipherKeyImpl::blockSize() const -{ - return EVP_CIPHER_block_size(_pCipher); -} - - -int CipherKeyImpl::ivSize() const -{ - return EVP_CIPHER_iv_length(_pCipher); -} - - -void CipherKeyImpl::setIV(const ByteVec& iv) -{ - poco_assert(mode() == MODE_GCM || iv.size() == static_cast<ByteVec::size_type>(ivSize())); - _iv = iv; -} - - -} } // namespace Poco::Crypto +// +// CipherKeyImpl.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CipherKeyImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CipherKeyImpl.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Crypto/CipherFactory.h" +#include "Poco/Exception.h" +#include "Poco/RandomStream.h" +#include <openssl/err.h> +#include <openssl/evp.h> + + +namespace Poco { +namespace Crypto { + + +CipherKeyImpl::CipherKeyImpl(const std::string& name, + const std::string& passphrase, + const std::string& salt, + int iterationCount, + const std::string& digest): + _pCipher(0), + _pDigest(0), + _name(name), + _key(), + _iv() +{ + // dummy access to Cipherfactory so that the EVP lib is initilaized + CipherFactory::defaultFactory(); + _pCipher = EVP_get_cipherbyname(name.c_str()); + + if (!_pCipher) + throw Poco::NotFoundException("Cipher " + name + " was not found"); + + _pDigest = EVP_get_digestbyname(digest.c_str()); + + if (!_pDigest) + throw Poco::NotFoundException("Digest " + name + " was not found"); + + _key = ByteVec(keySize()); + _iv = ByteVec(ivSize()); + generateKey(passphrase, salt, iterationCount); +} + + +CipherKeyImpl::CipherKeyImpl(const std::string& name, + const ByteVec& key, + const ByteVec& iv): + _pCipher(0), + _pDigest(0), + _name(name), + _key(key), + _iv(iv) +{ + // dummy access to Cipherfactory so that the EVP lib is initialized + CipherFactory::defaultFactory(); + _pCipher = EVP_get_cipherbyname(name.c_str()); + + if (!_pCipher) + throw Poco::NotFoundException("Cipher " + name + " was not found"); +} + + +CipherKeyImpl::CipherKeyImpl(const std::string& name): + _pCipher(0), + _pDigest(0), + _name(name), + _key(), + _iv() +{ + // dummy access to Cipherfactory so that the EVP lib is initilaized + CipherFactory::defaultFactory(); + _pCipher = EVP_get_cipherbyname(name.c_str()); + + if (!_pCipher) + throw Poco::NotFoundException("Cipher " + name + " was not found"); + _key = ByteVec(keySize()); + _iv = ByteVec(ivSize()); + generateKey(); +} + + +CipherKeyImpl::~CipherKeyImpl() +{ +} + + +CipherKeyImpl::Mode CipherKeyImpl::mode() const +{ + switch (EVP_CIPHER_mode(_pCipher)) + { + case EVP_CIPH_STREAM_CIPHER: + return MODE_STREAM_CIPHER; + + case EVP_CIPH_ECB_MODE: + return MODE_ECB; + + case EVP_CIPH_CBC_MODE: + return MODE_CBC; + + case EVP_CIPH_CFB_MODE: + return MODE_CFB; + + case EVP_CIPH_OFB_MODE: + return MODE_OFB; + +#if OPENSSL_VERSION_NUMBER >= 0x10001000L + case EVP_CIPH_CTR_MODE: + return MODE_CTR; + + case EVP_CIPH_GCM_MODE: + return MODE_GCM; + + case EVP_CIPH_CCM_MODE: + return MODE_CCM; +#endif + } + throw Poco::IllegalStateException("Unexpected value of EVP_CIPHER_mode()"); +} + + +void CipherKeyImpl::generateKey() +{ + ByteVec vec; + + getRandomBytes(vec, keySize()); + setKey(vec); + + getRandomBytes(vec, ivSize()); + setIV(vec); +} + + +void CipherKeyImpl::getRandomBytes(ByteVec& vec, std::size_t count) +{ + Poco::RandomInputStream random; + + vec.clear(); + vec.reserve(count); + + for (int i = 0; i < count; ++i) + vec.push_back(static_cast<unsigned char>(random.get())); +} + + +void CipherKeyImpl::generateKey( + const std::string& password, + const std::string& salt, + int iterationCount) +{ + unsigned char keyBytes[EVP_MAX_KEY_LENGTH]; + unsigned char ivBytes[EVP_MAX_IV_LENGTH]; + + // OpenSSL documentation specifies that the salt must be an 8-byte array. + unsigned char saltBytes[8]; + + if (!salt.empty()) + { + int len = static_cast<int>(salt.size()); + // Create the salt array from the salt string + for (int i = 0; i < 8; ++i) + saltBytes[i] = salt.at(i % len); + for (int i = 8; i < len; ++i) + saltBytes[i % 8] ^= salt.at(i); + } + + // Now create the key and IV, using the MD5 digest algorithm. + int keySize = EVP_BytesToKey( + _pCipher, + _pDigest ? _pDigest : EVP_md5(), + (salt.empty() ? 0 : saltBytes), + reinterpret_cast<const unsigned char*>(password.data()), + static_cast<int>(password.size()), + iterationCount, + keyBytes, + ivBytes); + + // Copy the buffers to our member byte vectors. + _key.assign(keyBytes, keyBytes + keySize); + + if (ivSize() == 0) + _iv.clear(); + else + _iv.assign(ivBytes, ivBytes + ivSize()); +} + + +int CipherKeyImpl::keySize() const +{ + return EVP_CIPHER_key_length(_pCipher); +} + + +int CipherKeyImpl::blockSize() const +{ + return EVP_CIPHER_block_size(_pCipher); +} + + +int CipherKeyImpl::ivSize() const +{ + return EVP_CIPHER_iv_length(_pCipher); +} + + +void CipherKeyImpl::setIV(const ByteVec& iv) +{ + poco_assert(mode() == MODE_GCM || iv.size() == static_cast<ByteVec::size_type>(ivSize())); + _iv = iv; +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CryptoException.cpp b/contrib/libs/poco/Crypto/src/CryptoException.cpp index e30940d2294..7a3ec118740 100644 --- a/contrib/libs/poco/Crypto/src/CryptoException.cpp +++ b/contrib/libs/poco/Crypto/src/CryptoException.cpp @@ -1,108 +1,108 @@ -// -// CryptoException.cpp -// -// -// Library: Crypto -// Package: Crypto -// Module: CryptoException -// -// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CryptoException.h" -#include "Poco/NumberFormatter.h" -#include <typeinfo> -#include <openssl/err.h> - - -namespace Poco { -namespace Crypto { - - -POCO_IMPLEMENT_EXCEPTION(CryptoException, Exception, "Crypto Exception") - - -OpenSSLException::OpenSSLException(int otherCode): CryptoException(otherCode) -{ - setExtMessage(); -} - - -OpenSSLException::OpenSSLException(const std::string& msg, int otherCode): CryptoException(msg, otherCode) -{ - setExtMessage(); -} - - -OpenSSLException::OpenSSLException(const std::string& msg, const std::string& arg, int otherCode): CryptoException(msg, arg, otherCode) -{ - setExtMessage(); -} - - -OpenSSLException::OpenSSLException(const std::string& msg, const Poco::Exception& exc, int otherCode): CryptoException(msg, exc, otherCode) -{ - setExtMessage(); -} - - -OpenSSLException::OpenSSLException(const OpenSSLException& exc): CryptoException(exc) -{ - setExtMessage(); -} - - -OpenSSLException::~OpenSSLException() noexcept -{ -} - - -OpenSSLException& OpenSSLException::operator = (const OpenSSLException& exc) -{ - CryptoException::operator = (exc); - return *this; -} - - +// +// CryptoException.cpp +// +// +// Library: Crypto +// Package: Crypto +// Module: CryptoException +// +// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CryptoException.h" +#include "Poco/NumberFormatter.h" +#include <typeinfo> +#include <openssl/err.h> + + +namespace Poco { +namespace Crypto { + + +POCO_IMPLEMENT_EXCEPTION(CryptoException, Exception, "Crypto Exception") + + +OpenSSLException::OpenSSLException(int otherCode): CryptoException(otherCode) +{ + setExtMessage(); +} + + +OpenSSLException::OpenSSLException(const std::string& msg, int otherCode): CryptoException(msg, otherCode) +{ + setExtMessage(); +} + + +OpenSSLException::OpenSSLException(const std::string& msg, const std::string& arg, int otherCode): CryptoException(msg, arg, otherCode) +{ + setExtMessage(); +} + + +OpenSSLException::OpenSSLException(const std::string& msg, const Poco::Exception& exc, int otherCode): CryptoException(msg, exc, otherCode) +{ + setExtMessage(); +} + + +OpenSSLException::OpenSSLException(const OpenSSLException& exc): CryptoException(exc) +{ + setExtMessage(); +} + + +OpenSSLException::~OpenSSLException() noexcept +{ +} + + +OpenSSLException& OpenSSLException::operator = (const OpenSSLException& exc) +{ + CryptoException::operator = (exc); + return *this; +} + + const char* OpenSSLException::name() const noexcept -{ - return "OpenSSLException"; -} - - +{ + return "OpenSSLException"; +} + + const char* OpenSSLException::className() const noexcept -{ - return typeid(*this).name(); -} - - -Poco::Exception* OpenSSLException::clone() const -{ - return new OpenSSLException(*this); -} - - -void OpenSSLException::setExtMessage() -{ - Poco::UInt64 e = static_cast<Poco::UInt64>(ERR_get_error()); - char buf[128] = { 0 }; - char* pErr = ERR_error_string(static_cast<unsigned long>(e), buf); - std::string err; - if (pErr) err = pErr; - else err = NumberFormatter::format(e); - - extendedMessage(err); -} - - -void OpenSSLException::rethrow() const -{ - throw *this; -} - - -} } // namespace Poco::Crypto +{ + return typeid(*this).name(); +} + + +Poco::Exception* OpenSSLException::clone() const +{ + return new OpenSSLException(*this); +} + + +void OpenSSLException::setExtMessage() +{ + Poco::UInt64 e = static_cast<Poco::UInt64>(ERR_get_error()); + char buf[128] = { 0 }; + char* pErr = ERR_error_string(static_cast<unsigned long>(e), buf); + std::string err; + if (pErr) err = pErr; + else err = NumberFormatter::format(e); + + extendedMessage(err); +} + + +void OpenSSLException::rethrow() const +{ + throw *this; +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CryptoStream.cpp b/contrib/libs/poco/Crypto/src/CryptoStream.cpp index 6b29b7f0775..a0427686b26 100644 --- a/contrib/libs/poco/Crypto/src/CryptoStream.cpp +++ b/contrib/libs/poco/Crypto/src/CryptoStream.cpp @@ -1,355 +1,355 @@ -// -// CryptoStream.cpp -// -// Library: Crypto -// Package: Cipher -// Module: CryptoStream -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CryptoStream.h" -#include "Poco/Crypto/CryptoTransform.h" -#include "Poco/Crypto/Cipher.h" -#include "Poco/Exception.h" -#include <algorithm> - - -#undef min -#undef max - - -namespace Poco { -namespace Crypto { - - -// -// CryptoStreamBuf -// - - -CryptoStreamBuf::CryptoStreamBuf(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): - Poco::BufferedStreamBuf(bufferSize, std::ios::in), - _pTransform(pTransform), - _pIstr(&istr), - _pOstr(0), - _eof(false), - _buffer(static_cast<std::size_t>(bufferSize)) -{ - poco_check_ptr (pTransform); - poco_assert (bufferSize > 2 * pTransform->blockSize()); -} - - -CryptoStreamBuf::CryptoStreamBuf(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): - Poco::BufferedStreamBuf(bufferSize, std::ios::out), - _pTransform(pTransform), - _pIstr(0), - _pOstr(&ostr), - _eof(false), - _buffer(static_cast<std::size_t>(bufferSize)) -{ - poco_check_ptr (pTransform); - poco_assert (bufferSize > 2 * pTransform->blockSize()); -} - - -CryptoStreamBuf::~CryptoStreamBuf() -{ - try - { - close(); - } - catch (...) - { - } - delete _pTransform; -} - - -void CryptoStreamBuf::close() -{ - sync(); - - if (_pIstr) - { - _pIstr = 0; - } - else if (_pOstr) - { - // Close can be called multiple times. By zeroing the pointer we make - // sure that we call finalize() only once, even if an exception is - // thrown. - std::ostream* pOstr = _pOstr; - _pOstr = 0; - - // Finalize transformation. - std::streamsize n = _pTransform->finalize(_buffer.begin(), static_cast<std::streamsize>(_buffer.size())); - - if (n > 0) - { - pOstr->write(reinterpret_cast<char*>(_buffer.begin()), n); - if (!pOstr->good()) - throw Poco::IOException("Output stream failure"); - } - } -} - - -int CryptoStreamBuf::readFromDevice(char* buffer, std::streamsize length) -{ - if (!_pIstr) - return 0; - - int count = 0; - - while (!_eof) - { - int m = (static_cast<int>(length) - count)/2 - static_cast<int>(_pTransform->blockSize()); - - // Make sure we can read at least one more block. Explicitely check - // for m < 0 since blockSize() returns an unsigned int and the - // comparison might give false results for m < 0. - if (m <= 0) - break; - - int n = 0; - - if (_pIstr->good()) - { - _pIstr->read(reinterpret_cast<char*>(_buffer.begin()), m); - n = static_cast<int>(_pIstr->gcount()); - } - - if (n == 0) - { - _eof = true; - - // No more data, finalize transformation - count += static_cast<int>(_pTransform->finalize( - reinterpret_cast<unsigned char*>(buffer + count), - static_cast<int>(length) - count)); - } - else - { - // Transform next chunk of data - count += static_cast<int>(_pTransform->transform( - _buffer.begin(), - n, - reinterpret_cast<unsigned char*>(buffer + count), - static_cast<int>(length) - count)); - } - } - - return count; -} - - -int CryptoStreamBuf::writeToDevice(const char* buffer, std::streamsize length) -{ - if (!_pOstr) - return 0; - - std::size_t maxChunkSize = _buffer.size()/2; - std::size_t count = 0; - - while (count < length) - { - // Truncate chunk size so that the maximum output fits into _buffer. - std::size_t n = static_cast<std::size_t>(length) - count; - if (n > maxChunkSize) - n = maxChunkSize; - - // Transform next chunk of data - std::streamsize k = _pTransform->transform( - reinterpret_cast<const unsigned char*>(buffer + count), - static_cast<std::streamsize>(n), - _buffer.begin(), - static_cast<std::streamsize>(_buffer.size())); - - // Attention: (n != k) might be true. In count, we have to track how - // many bytes from buffer have been consumed, not how many bytes have - // been written to _pOstr! - count += n; - - if (k > 0) - { - _pOstr->write(reinterpret_cast<const char*>(_buffer.begin()), k); - if (!_pOstr->good()) - throw Poco::IOException("Output stream failure"); - } - } - - return static_cast<int>(count); -} - - -// -// CryptoIOS -// - - -CryptoIOS::CryptoIOS(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): - _buf(istr, pTransform, bufferSize) -{ - poco_ios_init(&_buf); -} - - -CryptoIOS::CryptoIOS(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): - _buf(ostr, pTransform, bufferSize) -{ - poco_ios_init(&_buf); -} - - -CryptoIOS::~CryptoIOS() -{ -} - - -CryptoStreamBuf* CryptoIOS::rdbuf() -{ - return &_buf; -} - - -// -// CryptoInputStream -// - - -CryptoInputStream::CryptoInputStream(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): - CryptoIOS(istr, pTransform, bufferSize), - std::istream(&_buf) -{ -} - - -CryptoInputStream::CryptoInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): - CryptoIOS(istr, cipher.createEncryptor(), bufferSize), - std::istream(&_buf) -{ -} - - -CryptoInputStream::~CryptoInputStream() -{ -} - - -// -// CryptoOutputStream -// - - -CryptoOutputStream::CryptoOutputStream(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): - CryptoIOS(ostr, pTransform, bufferSize), - std::ostream(&_buf) -{ -} - - -CryptoOutputStream::CryptoOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): - CryptoIOS(ostr, cipher.createDecryptor(), bufferSize), - std::ostream(&_buf) -{ -} - - -CryptoOutputStream::~CryptoOutputStream() -{ -} - - -void CryptoOutputStream::close() -{ - _buf.close(); -} - - -// -// EncryptingInputStream -// - - -EncryptingInputStream::EncryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): - CryptoIOS(istr, cipher.createEncryptor(), bufferSize), - std::istream(&_buf) -{ -} - - -EncryptingInputStream::~EncryptingInputStream() -{ -} - - -// -// EncryptingOuputStream -// - - -EncryptingOutputStream::EncryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): - CryptoIOS(ostr, cipher.createEncryptor(), bufferSize), - std::ostream(&_buf) -{ -} - - -EncryptingOutputStream::~EncryptingOutputStream() -{ -} - - -void EncryptingOutputStream::close() -{ - _buf.close(); -} - - -// -// DecryptingInputStream -// - - -DecryptingInputStream::DecryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): - CryptoIOS(istr, cipher.createDecryptor(), bufferSize), - std::istream(&_buf) -{ -} - - -DecryptingInputStream::~DecryptingInputStream() -{ -} - - -// -// DecryptingOuputStream -// - - -DecryptingOutputStream::DecryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): - CryptoIOS(ostr, cipher.createDecryptor(), bufferSize), - std::ostream(&_buf) -{ -} - - -DecryptingOutputStream::~DecryptingOutputStream() -{ -} - - -void DecryptingOutputStream::close() -{ - _buf.close(); -} - - -} } // namespace Poco::Crypto +// +// CryptoStream.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CryptoStream +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CryptoStream.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Crypto/Cipher.h" +#include "Poco/Exception.h" +#include <algorithm> + + +#undef min +#undef max + + +namespace Poco { +namespace Crypto { + + +// +// CryptoStreamBuf +// + + +CryptoStreamBuf::CryptoStreamBuf(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): + Poco::BufferedStreamBuf(bufferSize, std::ios::in), + _pTransform(pTransform), + _pIstr(&istr), + _pOstr(0), + _eof(false), + _buffer(static_cast<std::size_t>(bufferSize)) +{ + poco_check_ptr (pTransform); + poco_assert (bufferSize > 2 * pTransform->blockSize()); +} + + +CryptoStreamBuf::CryptoStreamBuf(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): + Poco::BufferedStreamBuf(bufferSize, std::ios::out), + _pTransform(pTransform), + _pIstr(0), + _pOstr(&ostr), + _eof(false), + _buffer(static_cast<std::size_t>(bufferSize)) +{ + poco_check_ptr (pTransform); + poco_assert (bufferSize > 2 * pTransform->blockSize()); +} + + +CryptoStreamBuf::~CryptoStreamBuf() +{ + try + { + close(); + } + catch (...) + { + } + delete _pTransform; +} + + +void CryptoStreamBuf::close() +{ + sync(); + + if (_pIstr) + { + _pIstr = 0; + } + else if (_pOstr) + { + // Close can be called multiple times. By zeroing the pointer we make + // sure that we call finalize() only once, even if an exception is + // thrown. + std::ostream* pOstr = _pOstr; + _pOstr = 0; + + // Finalize transformation. + std::streamsize n = _pTransform->finalize(_buffer.begin(), static_cast<std::streamsize>(_buffer.size())); + + if (n > 0) + { + pOstr->write(reinterpret_cast<char*>(_buffer.begin()), n); + if (!pOstr->good()) + throw Poco::IOException("Output stream failure"); + } + } +} + + +int CryptoStreamBuf::readFromDevice(char* buffer, std::streamsize length) +{ + if (!_pIstr) + return 0; + + int count = 0; + + while (!_eof) + { + int m = (static_cast<int>(length) - count)/2 - static_cast<int>(_pTransform->blockSize()); + + // Make sure we can read at least one more block. Explicitely check + // for m < 0 since blockSize() returns an unsigned int and the + // comparison might give false results for m < 0. + if (m <= 0) + break; + + int n = 0; + + if (_pIstr->good()) + { + _pIstr->read(reinterpret_cast<char*>(_buffer.begin()), m); + n = static_cast<int>(_pIstr->gcount()); + } + + if (n == 0) + { + _eof = true; + + // No more data, finalize transformation + count += static_cast<int>(_pTransform->finalize( + reinterpret_cast<unsigned char*>(buffer + count), + static_cast<int>(length) - count)); + } + else + { + // Transform next chunk of data + count += static_cast<int>(_pTransform->transform( + _buffer.begin(), + n, + reinterpret_cast<unsigned char*>(buffer + count), + static_cast<int>(length) - count)); + } + } + + return count; +} + + +int CryptoStreamBuf::writeToDevice(const char* buffer, std::streamsize length) +{ + if (!_pOstr) + return 0; + + std::size_t maxChunkSize = _buffer.size()/2; + std::size_t count = 0; + + while (count < length) + { + // Truncate chunk size so that the maximum output fits into _buffer. + std::size_t n = static_cast<std::size_t>(length) - count; + if (n > maxChunkSize) + n = maxChunkSize; + + // Transform next chunk of data + std::streamsize k = _pTransform->transform( + reinterpret_cast<const unsigned char*>(buffer + count), + static_cast<std::streamsize>(n), + _buffer.begin(), + static_cast<std::streamsize>(_buffer.size())); + + // Attention: (n != k) might be true. In count, we have to track how + // many bytes from buffer have been consumed, not how many bytes have + // been written to _pOstr! + count += n; + + if (k > 0) + { + _pOstr->write(reinterpret_cast<const char*>(_buffer.begin()), k); + if (!_pOstr->good()) + throw Poco::IOException("Output stream failure"); + } + } + + return static_cast<int>(count); +} + + +// +// CryptoIOS +// + + +CryptoIOS::CryptoIOS(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): + _buf(istr, pTransform, bufferSize) +{ + poco_ios_init(&_buf); +} + + +CryptoIOS::CryptoIOS(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): + _buf(ostr, pTransform, bufferSize) +{ + poco_ios_init(&_buf); +} + + +CryptoIOS::~CryptoIOS() +{ +} + + +CryptoStreamBuf* CryptoIOS::rdbuf() +{ + return &_buf; +} + + +// +// CryptoInputStream +// + + +CryptoInputStream::CryptoInputStream(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): + CryptoIOS(istr, pTransform, bufferSize), + std::istream(&_buf) +{ +} + + +CryptoInputStream::CryptoInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(istr, cipher.createEncryptor(), bufferSize), + std::istream(&_buf) +{ +} + + +CryptoInputStream::~CryptoInputStream() +{ +} + + +// +// CryptoOutputStream +// + + +CryptoOutputStream::CryptoOutputStream(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): + CryptoIOS(ostr, pTransform, bufferSize), + std::ostream(&_buf) +{ +} + + +CryptoOutputStream::CryptoOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(ostr, cipher.createDecryptor(), bufferSize), + std::ostream(&_buf) +{ +} + + +CryptoOutputStream::~CryptoOutputStream() +{ +} + + +void CryptoOutputStream::close() +{ + _buf.close(); +} + + +// +// EncryptingInputStream +// + + +EncryptingInputStream::EncryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(istr, cipher.createEncryptor(), bufferSize), + std::istream(&_buf) +{ +} + + +EncryptingInputStream::~EncryptingInputStream() +{ +} + + +// +// EncryptingOuputStream +// + + +EncryptingOutputStream::EncryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(ostr, cipher.createEncryptor(), bufferSize), + std::ostream(&_buf) +{ +} + + +EncryptingOutputStream::~EncryptingOutputStream() +{ +} + + +void EncryptingOutputStream::close() +{ + _buf.close(); +} + + +// +// DecryptingInputStream +// + + +DecryptingInputStream::DecryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(istr, cipher.createDecryptor(), bufferSize), + std::istream(&_buf) +{ +} + + +DecryptingInputStream::~DecryptingInputStream() +{ +} + + +// +// DecryptingOuputStream +// + + +DecryptingOutputStream::DecryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(ostr, cipher.createDecryptor(), bufferSize), + std::ostream(&_buf) +{ +} + + +DecryptingOutputStream::~DecryptingOutputStream() +{ +} + + +void DecryptingOutputStream::close() +{ + _buf.close(); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/CryptoTransform.cpp b/contrib/libs/poco/Crypto/src/CryptoTransform.cpp index e4e58fd6e64..750028656bb 100644 --- a/contrib/libs/poco/Crypto/src/CryptoTransform.cpp +++ b/contrib/libs/poco/Crypto/src/CryptoTransform.cpp @@ -1,38 +1,38 @@ -// -// CryptoTransform.cpp -// -// Library: Crypto -// Package: Cipher -// Module: CryptoTransform -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/CryptoTransform.h" - - -namespace Poco { -namespace Crypto { - - -CryptoTransform::CryptoTransform() -{ -} - - -CryptoTransform::~CryptoTransform() -{ -} - - -int CryptoTransform::setPadding(int padding) -{ - return 1; -} - - -} } // namespace Poco::Crypto +// +// CryptoTransform.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CryptoTransform +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CryptoTransform.h" + + +namespace Poco { +namespace Crypto { + + +CryptoTransform::CryptoTransform() +{ +} + + +CryptoTransform::~CryptoTransform() +{ +} + + +int CryptoTransform::setPadding(int padding) +{ + return 1; +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/DigestEngine.cpp b/contrib/libs/poco/Crypto/src/DigestEngine.cpp index bac2d44e072..984261e1b2b 100644 --- a/contrib/libs/poco/Crypto/src/DigestEngine.cpp +++ b/contrib/libs/poco/Crypto/src/DigestEngine.cpp @@ -1,80 +1,80 @@ -// -// DigestEngine.cpp -// -// Library: Crypto -// Package: Digest -// Module: DigestEngine -// -// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/DigestEngine.h" -#include "Poco/Exception.h" - - -namespace Poco { -namespace Crypto { - - -DigestEngine::DigestEngine(const std::string& name): - _name(name), - _pContext(EVP_MD_CTX_create()) -{ - const EVP_MD* md = EVP_get_digestbyname(_name.c_str()); - if (!md) throw Poco::NotFoundException(_name); - EVP_DigestInit_ex(_pContext, md, NULL); -} - - -DigestEngine::~DigestEngine() -{ - EVP_MD_CTX_destroy(_pContext); -} - -int DigestEngine::nid() const -{ - return EVP_MD_nid(EVP_MD_CTX_md(_pContext)); -} - -std::size_t DigestEngine::digestLength() const -{ - return EVP_MD_CTX_size(_pContext); -} - - -void DigestEngine::reset() -{ -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - EVP_MD_CTX_free(_pContext); - _pContext = EVP_MD_CTX_create(); -#else - EVP_MD_CTX_cleanup(_pContext); -#endif - const EVP_MD* md = EVP_get_digestbyname(_name.c_str()); - if (!md) throw Poco::NotFoundException(_name); - EVP_DigestInit_ex(_pContext, md, NULL); -} - - -const Poco::DigestEngine::Digest& DigestEngine::digest() -{ - _digest.clear(); - unsigned len = EVP_MD_CTX_size(_pContext); - _digest.resize(len); - EVP_DigestFinal_ex(_pContext, &_digest[0], &len); - reset(); - return _digest; -} - - -void DigestEngine::updateImpl(const void* data, std::size_t length) -{ - EVP_DigestUpdate(_pContext, data, length); -} - - -} } // namespace Poco::Crypto +// +// DigestEngine.cpp +// +// Library: Crypto +// Package: Digest +// Module: DigestEngine +// +// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/DigestEngine.h" +#include "Poco/Exception.h" + + +namespace Poco { +namespace Crypto { + + +DigestEngine::DigestEngine(const std::string& name): + _name(name), + _pContext(EVP_MD_CTX_create()) +{ + const EVP_MD* md = EVP_get_digestbyname(_name.c_str()); + if (!md) throw Poco::NotFoundException(_name); + EVP_DigestInit_ex(_pContext, md, NULL); +} + + +DigestEngine::~DigestEngine() +{ + EVP_MD_CTX_destroy(_pContext); +} + +int DigestEngine::nid() const +{ + return EVP_MD_nid(EVP_MD_CTX_md(_pContext)); +} + +std::size_t DigestEngine::digestLength() const +{ + return EVP_MD_CTX_size(_pContext); +} + + +void DigestEngine::reset() +{ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_MD_CTX_free(_pContext); + _pContext = EVP_MD_CTX_create(); +#else + EVP_MD_CTX_cleanup(_pContext); +#endif + const EVP_MD* md = EVP_get_digestbyname(_name.c_str()); + if (!md) throw Poco::NotFoundException(_name); + EVP_DigestInit_ex(_pContext, md, NULL); +} + + +const Poco::DigestEngine::Digest& DigestEngine::digest() +{ + _digest.clear(); + unsigned len = EVP_MD_CTX_size(_pContext); + _digest.resize(len); + EVP_DigestFinal_ex(_pContext, &_digest[0], &len); + reset(); + return _digest; +} + + +void DigestEngine::updateImpl(const void* data, std::size_t length) +{ + EVP_DigestUpdate(_pContext, data, length); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/ECDSADigestEngine.cpp b/contrib/libs/poco/Crypto/src/ECDSADigestEngine.cpp index 59512770cd1..e5bcf2e0882 100644 --- a/contrib/libs/poco/Crypto/src/ECDSADigestEngine.cpp +++ b/contrib/libs/poco/Crypto/src/ECDSADigestEngine.cpp @@ -1,100 +1,100 @@ -// -// ECDSADigestEngine.cpp -// -// -// Library: Crypto -// Package: ECDSA -// Module: ECDSADigestEngine -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/ECDSADigestEngine.h" -#include <openssl/ecdsa.h> - - -namespace Poco { -namespace Crypto { - - -ECDSADigestEngine::ECDSADigestEngine(const ECKey& key, const std::string &name): - _key(key), - _engine(name) -{ -} - - -ECDSADigestEngine::~ECDSADigestEngine() -{ -} - - -std::size_t ECDSADigestEngine::digestLength() const -{ - return _engine.digestLength(); -} - - -void ECDSADigestEngine::reset() -{ - _engine.reset(); - _digest.clear(); - _signature.clear(); -} - - -const DigestEngine::Digest& ECDSADigestEngine::digest() -{ - if (_digest.empty()) - { - _digest = _engine.digest(); - } - return _digest; -} - - -const DigestEngine::Digest& ECDSADigestEngine::signature() -{ - if (_signature.empty()) - { - digest(); - _signature.resize(_key.size()); - unsigned sigLen = static_cast<unsigned>(_signature.size()); - if (!ECDSA_sign(0, &_digest[0], static_cast<unsigned>(_digest.size()), - &_signature[0], &sigLen, _key.impl()->getECKey())) - { - throw OpenSSLException(); - } - if (sigLen < _signature.size()) _signature.resize(sigLen); - } - return _signature; -} - - -bool ECDSADigestEngine::verify(const DigestEngine::Digest& sig) -{ - digest(); - EC_KEY* pKey = _key.impl()->getECKey(); - if (pKey) - { - int ret = ECDSA_verify(0, &_digest[0], static_cast<unsigned>(_digest.size()), - &sig[0], static_cast<unsigned>(sig.size()), - pKey); - if (1 == ret) return true; - else if (0 == ret) return false; - } - throw OpenSSLException(); -} - - -void ECDSADigestEngine::updateImpl(const void* data, std::size_t length) -{ - _engine.update(data, length); -} - - -} } // namespace Poco::Crypto +// +// ECDSADigestEngine.cpp +// +// +// Library: Crypto +// Package: ECDSA +// Module: ECDSADigestEngine +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/ECDSADigestEngine.h" +#include <openssl/ecdsa.h> + + +namespace Poco { +namespace Crypto { + + +ECDSADigestEngine::ECDSADigestEngine(const ECKey& key, const std::string &name): + _key(key), + _engine(name) +{ +} + + +ECDSADigestEngine::~ECDSADigestEngine() +{ +} + + +std::size_t ECDSADigestEngine::digestLength() const +{ + return _engine.digestLength(); +} + + +void ECDSADigestEngine::reset() +{ + _engine.reset(); + _digest.clear(); + _signature.clear(); +} + + +const DigestEngine::Digest& ECDSADigestEngine::digest() +{ + if (_digest.empty()) + { + _digest = _engine.digest(); + } + return _digest; +} + + +const DigestEngine::Digest& ECDSADigestEngine::signature() +{ + if (_signature.empty()) + { + digest(); + _signature.resize(_key.size()); + unsigned sigLen = static_cast<unsigned>(_signature.size()); + if (!ECDSA_sign(0, &_digest[0], static_cast<unsigned>(_digest.size()), + &_signature[0], &sigLen, _key.impl()->getECKey())) + { + throw OpenSSLException(); + } + if (sigLen < _signature.size()) _signature.resize(sigLen); + } + return _signature; +} + + +bool ECDSADigestEngine::verify(const DigestEngine::Digest& sig) +{ + digest(); + EC_KEY* pKey = _key.impl()->getECKey(); + if (pKey) + { + int ret = ECDSA_verify(0, &_digest[0], static_cast<unsigned>(_digest.size()), + &sig[0], static_cast<unsigned>(sig.size()), + pKey); + if (1 == ret) return true; + else if (0 == ret) return false; + } + throw OpenSSLException(); +} + + +void ECDSADigestEngine::updateImpl(const void* data, std::size_t length) +{ + _engine.update(data, length); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/ECKey.cpp b/contrib/libs/poco/Crypto/src/ECKey.cpp index 56b8663776e..1e7e1692e83 100644 --- a/contrib/libs/poco/Crypto/src/ECKey.cpp +++ b/contrib/libs/poco/Crypto/src/ECKey.cpp @@ -1,75 +1,75 @@ -// -// ECKey.cpp -// -// -// Library: Crypto -// Package: EC -// Module: ECKey -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/ECKey.h" -#include <openssl/rsa.h> - - -namespace Poco { -namespace Crypto { - - -ECKey::ECKey(const EVPPKey& key): - KeyPair(new ECKeyImpl(key)), - _pImpl(KeyPair::impl().cast<ECKeyImpl>()) -{ -} - - -ECKey::ECKey(const X509Certificate& cert): - KeyPair(new ECKeyImpl(cert)), - _pImpl(KeyPair::impl().cast<ECKeyImpl>()) -{ -} - - -ECKey::ECKey(const PKCS12Container& cont): - KeyPair(new ECKeyImpl(cont)), - _pImpl(KeyPair::impl().cast<ECKeyImpl>()) -{ -} - - -ECKey::ECKey(const std::string& eccGroup): - KeyPair(new ECKeyImpl(OBJ_txt2nid(eccGroup.c_str()))), - _pImpl(KeyPair::impl().cast<ECKeyImpl>()) -{ -} - - -ECKey::ECKey(const std::string& publicKeyFile, - const std::string& privateKeyFile, - const std::string& privateKeyPassphrase): - KeyPair(new ECKeyImpl(publicKeyFile, privateKeyFile, privateKeyPassphrase)), - _pImpl(KeyPair::impl().cast<ECKeyImpl>()) -{ -} - - -ECKey::ECKey(std::istream* pPublicKeyStream, - std::istream* pPrivateKeyStream, - const std::string& privateKeyPassphrase): - KeyPair(new ECKeyImpl(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase)), - _pImpl(KeyPair::impl().cast<ECKeyImpl>()) -{ -} - - -ECKey::~ECKey() -{ -} - - -} } // namespace Poco::Crypto +// +// ECKey.cpp +// +// +// Library: Crypto +// Package: EC +// Module: ECKey +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/ECKey.h" +#include <openssl/rsa.h> + + +namespace Poco { +namespace Crypto { + + +ECKey::ECKey(const EVPPKey& key): + KeyPair(new ECKeyImpl(key)), + _pImpl(KeyPair::impl().cast<ECKeyImpl>()) +{ +} + + +ECKey::ECKey(const X509Certificate& cert): + KeyPair(new ECKeyImpl(cert)), + _pImpl(KeyPair::impl().cast<ECKeyImpl>()) +{ +} + + +ECKey::ECKey(const PKCS12Container& cont): + KeyPair(new ECKeyImpl(cont)), + _pImpl(KeyPair::impl().cast<ECKeyImpl>()) +{ +} + + +ECKey::ECKey(const std::string& eccGroup): + KeyPair(new ECKeyImpl(OBJ_txt2nid(eccGroup.c_str()))), + _pImpl(KeyPair::impl().cast<ECKeyImpl>()) +{ +} + + +ECKey::ECKey(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase): + KeyPair(new ECKeyImpl(publicKeyFile, privateKeyFile, privateKeyPassphrase)), + _pImpl(KeyPair::impl().cast<ECKeyImpl>()) +{ +} + + +ECKey::ECKey(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream, + const std::string& privateKeyPassphrase): + KeyPair(new ECKeyImpl(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase)), + _pImpl(KeyPair::impl().cast<ECKeyImpl>()) +{ +} + + +ECKey::~ECKey() +{ +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/ECKeyImpl.cpp b/contrib/libs/poco/Crypto/src/ECKeyImpl.cpp index 99ffae76067..a13428ddc29 100644 --- a/contrib/libs/poco/Crypto/src/ECKeyImpl.cpp +++ b/contrib/libs/poco/Crypto/src/ECKeyImpl.cpp @@ -1,258 +1,258 @@ -// -// ECKeyImpl.cpp -// -// -// Library: Crypto -// Package: EC -// Module: ECKeyImpl -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/ECKeyImpl.h" -#include "Poco/Crypto/X509Certificate.h" -#include "Poco/Crypto/PKCS12Container.h" -#include "Poco/FileStream.h" -#include "Poco/Format.h" -#include "Poco/StreamCopier.h" -#include <sstream> -#include <openssl/evp.h> -#if OPENSSL_VERSION_NUMBER >= 0x00908000L -#include <openssl/bn.h> -#endif - - -namespace Poco { -namespace Crypto { - - -ECKeyImpl::ECKeyImpl(const EVPPKey& key): - KeyPairImpl("ec", KT_EC_IMPL), - _pEC(EVP_PKEY_get1_EC_KEY(const_cast<EVP_PKEY*>((const EVP_PKEY*)key))) -{ - checkEC("ECKeyImpl(const EVPPKey&)", "EVP_PKEY_get1_EC_KEY()"); -} - - -ECKeyImpl::ECKeyImpl(const X509Certificate& cert): - KeyPairImpl("ec", KT_EC_IMPL), - _pEC(0) -{ - const X509* pCert = cert.certificate(); - if (pCert) - { - EVP_PKEY* pKey = X509_get_pubkey(const_cast<X509*>(pCert)); - if (pKey) - { - _pEC = EVP_PKEY_get1_EC_KEY(pKey); - EVP_PKEY_free(pKey); - checkEC("ECKeyImpl(const const X509Certificate&)", "EVP_PKEY_get1_EC_KEY()"); - return; - } - } - throw OpenSSLException("ECKeyImpl(const X509Certificate&)"); -} - - -ECKeyImpl::ECKeyImpl(const PKCS12Container& cont): - KeyPairImpl("ec", KT_EC_IMPL), - _pEC(EVP_PKEY_get1_EC_KEY(cont.getKey())) -{ - checkEC("ECKeyImpl(const PKCS12Container&)", "EVP_PKEY_get1_EC_KEY()"); -} - - -ECKeyImpl::ECKeyImpl(int curve): - KeyPairImpl("ec", KT_EC_IMPL), - _pEC(EC_KEY_new_by_curve_name(curve)) -{ - poco_check_ptr(_pEC); - EC_KEY_set_asn1_flag(_pEC, OPENSSL_EC_NAMED_CURVE); - if (!(EC_KEY_generate_key(_pEC))) - throw OpenSSLException("ECKeyImpl(int curve): EC_KEY_generate_key()"); - checkEC("ECKeyImpl(int curve)", "EC_KEY_generate_key()"); -} - - -ECKeyImpl::ECKeyImpl(const std::string& publicKeyFile, - const std::string& privateKeyFile, - const std::string& privateKeyPassphrase): KeyPairImpl("ec", KT_EC_IMPL), _pEC(0) -{ - if (EVPPKey::loadKey(&_pEC, PEM_read_PrivateKey, EVP_PKEY_get1_EC_KEY, privateKeyFile, privateKeyPassphrase)) - { - checkEC(Poco::format("ECKeyImpl(%s, %s, %s)", - publicKeyFile, privateKeyFile, privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), - "PEM_read_PrivateKey() or EVP_PKEY_get1_EC_KEY()"); - return; // private key is enough - } - - // no private key, this must be public key only, otherwise throw - if (!EVPPKey::loadKey(&_pEC, PEM_read_PUBKEY, EVP_PKEY_get1_EC_KEY, publicKeyFile)) - { - throw OpenSSLException("ECKeyImpl(const string&, const string&, const string&"); - } - checkEC(Poco::format("ECKeyImpl(%s, %s, %s)", - publicKeyFile, privateKeyFile, privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), - "PEM_read_PUBKEY() or EVP_PKEY_get1_EC_KEY()"); -} - - -ECKeyImpl::ECKeyImpl(std::istream* pPublicKeyStream, - std::istream* pPrivateKeyStream, - const std::string& privateKeyPassphrase): KeyPairImpl("ec", KT_EC_IMPL), _pEC(0) -{ - if (EVPPKey::loadKey(&_pEC, PEM_read_bio_PrivateKey, EVP_PKEY_get1_EC_KEY, pPrivateKeyStream, privateKeyPassphrase)) - { - checkEC(Poco::format("ECKeyImpl(stream, stream, %s)", - privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), - "PEM_read_bio_PrivateKey() or EVP_PKEY_get1_EC_KEY()"); - return; // private key is enough - } - - // no private key, this must be public key only, otherwise throw - if (!EVPPKey::loadKey(&_pEC, PEM_read_bio_PUBKEY, EVP_PKEY_get1_EC_KEY, pPublicKeyStream)) - { - throw OpenSSLException("ECKeyImpl(istream*, istream*, const string&"); - } - checkEC(Poco::format("ECKeyImpl(stream, stream, %s)", - privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), - "PEM_read_bio_PUBKEY() or EVP_PKEY_get1_EC_KEY()"); -} - - -ECKeyImpl::~ECKeyImpl() -{ - freeEC(); -} - - -void ECKeyImpl::checkEC(const std::string& method, const std::string& func) const -{ - if (!_pEC) throw OpenSSLException(Poco::format("%s: %s", method, func)); - if (!EC_KEY_check_key(_pEC)) - throw OpenSSLException(Poco::format("%s: EC_KEY_check_key()", method)); -} - - -void ECKeyImpl::freeEC() -{ - if (_pEC) - { - EC_KEY_free(_pEC); - _pEC = 0; - } -} - - -int ECKeyImpl::size() const -{ - int sz = -1; - EVP_PKEY* pKey = EVP_PKEY_new(); - if (pKey && EVP_PKEY_set1_EC_KEY(pKey, _pEC)) - { - sz = EVP_PKEY_bits(pKey); - EVP_PKEY_free(pKey); - return sz; - } - throw OpenSSLException("ECKeyImpl::size()"); -} - - -int ECKeyImpl::groupId() const -{ - if (_pEC) - { - const EC_GROUP* ecGroup = EC_KEY_get0_group(_pEC); - if (ecGroup) - { - return EC_GROUP_get_curve_name(ecGroup); - } - else - { - throw OpenSSLException("ECKeyImpl::groupName()"); - } - } - throw NullPointerException("ECKeyImpl::groupName() => _pEC"); -} - - -std::string ECKeyImpl::getCurveName(int nid) -{ - std::string curveName; - size_t len = EC_get_builtin_curves(NULL, 0); - EC_builtin_curve* pCurves = - (EC_builtin_curve*) OPENSSL_malloc(sizeof(EC_builtin_curve) * len); - if (!pCurves) return curveName; - - if (!EC_get_builtin_curves(pCurves, len)) - { - OPENSSL_free(pCurves); - return curveName; - } - - if (-1 == nid) nid = pCurves[0].nid; - const int bufLen = 128; - char buf[bufLen]; - std::memset(buf, 0, bufLen); - OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(nid), 0); - curveName = buf; - OPENSSL_free(pCurves); - return curveName; -} - - -int ECKeyImpl::getCurveNID(std::string& name) -{ - std::string curveName; - size_t len = EC_get_builtin_curves(NULL, 0); - EC_builtin_curve* pCurves = - (EC_builtin_curve*)OPENSSL_malloc(static_cast<int>(sizeof(EC_builtin_curve) * len)); - if (!pCurves) return -1; - - if (!EC_get_builtin_curves(pCurves, len)) - { - OPENSSL_free(pCurves); - return -1; - } - - int nid = -1; - const int bufLen = 128; - char buf[bufLen]; - if (name.empty()) - { - std::memset(buf, 0, bufLen); - OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(nid), 0); - name = buf; - nid = pCurves[0].nid; - } - else - { - for (int i = 0; i < len; ++i) - { - std::memset(buf, 0, bufLen); - OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(pCurves[i].nid), 0); - if (strncmp(name.c_str(), buf, name.size() > bufLen ? bufLen : name.size()) == 0) - { - nid = pCurves[i].nid; - break; - } - } - } - - OPENSSL_free(pCurves); - return nid; -} - - -bool ECKeyImpl::hasCurve(const std::string& name) -{ - std::string tmp(name); - return (-1 != getCurveNID(tmp)); -} - - -} } // namespace Poco::Crypto +// +// ECKeyImpl.cpp +// +// +// Library: Crypto +// Package: EC +// Module: ECKeyImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/ECKeyImpl.h" +#include "Poco/Crypto/X509Certificate.h" +#include "Poco/Crypto/PKCS12Container.h" +#include "Poco/FileStream.h" +#include "Poco/Format.h" +#include "Poco/StreamCopier.h" +#include <sstream> +#include <openssl/evp.h> +#if OPENSSL_VERSION_NUMBER >= 0x00908000L +#include <openssl/bn.h> +#endif + + +namespace Poco { +namespace Crypto { + + +ECKeyImpl::ECKeyImpl(const EVPPKey& key): + KeyPairImpl("ec", KT_EC_IMPL), + _pEC(EVP_PKEY_get1_EC_KEY(const_cast<EVP_PKEY*>((const EVP_PKEY*)key))) +{ + checkEC("ECKeyImpl(const EVPPKey&)", "EVP_PKEY_get1_EC_KEY()"); +} + + +ECKeyImpl::ECKeyImpl(const X509Certificate& cert): + KeyPairImpl("ec", KT_EC_IMPL), + _pEC(0) +{ + const X509* pCert = cert.certificate(); + if (pCert) + { + EVP_PKEY* pKey = X509_get_pubkey(const_cast<X509*>(pCert)); + if (pKey) + { + _pEC = EVP_PKEY_get1_EC_KEY(pKey); + EVP_PKEY_free(pKey); + checkEC("ECKeyImpl(const const X509Certificate&)", "EVP_PKEY_get1_EC_KEY()"); + return; + } + } + throw OpenSSLException("ECKeyImpl(const X509Certificate&)"); +} + + +ECKeyImpl::ECKeyImpl(const PKCS12Container& cont): + KeyPairImpl("ec", KT_EC_IMPL), + _pEC(EVP_PKEY_get1_EC_KEY(cont.getKey())) +{ + checkEC("ECKeyImpl(const PKCS12Container&)", "EVP_PKEY_get1_EC_KEY()"); +} + + +ECKeyImpl::ECKeyImpl(int curve): + KeyPairImpl("ec", KT_EC_IMPL), + _pEC(EC_KEY_new_by_curve_name(curve)) +{ + poco_check_ptr(_pEC); + EC_KEY_set_asn1_flag(_pEC, OPENSSL_EC_NAMED_CURVE); + if (!(EC_KEY_generate_key(_pEC))) + throw OpenSSLException("ECKeyImpl(int curve): EC_KEY_generate_key()"); + checkEC("ECKeyImpl(int curve)", "EC_KEY_generate_key()"); +} + + +ECKeyImpl::ECKeyImpl(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase): KeyPairImpl("ec", KT_EC_IMPL), _pEC(0) +{ + if (EVPPKey::loadKey(&_pEC, PEM_read_PrivateKey, EVP_PKEY_get1_EC_KEY, privateKeyFile, privateKeyPassphrase)) + { + checkEC(Poco::format("ECKeyImpl(%s, %s, %s)", + publicKeyFile, privateKeyFile, privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), + "PEM_read_PrivateKey() or EVP_PKEY_get1_EC_KEY()"); + return; // private key is enough + } + + // no private key, this must be public key only, otherwise throw + if (!EVPPKey::loadKey(&_pEC, PEM_read_PUBKEY, EVP_PKEY_get1_EC_KEY, publicKeyFile)) + { + throw OpenSSLException("ECKeyImpl(const string&, const string&, const string&"); + } + checkEC(Poco::format("ECKeyImpl(%s, %s, %s)", + publicKeyFile, privateKeyFile, privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), + "PEM_read_PUBKEY() or EVP_PKEY_get1_EC_KEY()"); +} + + +ECKeyImpl::ECKeyImpl(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream, + const std::string& privateKeyPassphrase): KeyPairImpl("ec", KT_EC_IMPL), _pEC(0) +{ + if (EVPPKey::loadKey(&_pEC, PEM_read_bio_PrivateKey, EVP_PKEY_get1_EC_KEY, pPrivateKeyStream, privateKeyPassphrase)) + { + checkEC(Poco::format("ECKeyImpl(stream, stream, %s)", + privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), + "PEM_read_bio_PrivateKey() or EVP_PKEY_get1_EC_KEY()"); + return; // private key is enough + } + + // no private key, this must be public key only, otherwise throw + if (!EVPPKey::loadKey(&_pEC, PEM_read_bio_PUBKEY, EVP_PKEY_get1_EC_KEY, pPublicKeyStream)) + { + throw OpenSSLException("ECKeyImpl(istream*, istream*, const string&"); + } + checkEC(Poco::format("ECKeyImpl(stream, stream, %s)", + privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), + "PEM_read_bio_PUBKEY() or EVP_PKEY_get1_EC_KEY()"); +} + + +ECKeyImpl::~ECKeyImpl() +{ + freeEC(); +} + + +void ECKeyImpl::checkEC(const std::string& method, const std::string& func) const +{ + if (!_pEC) throw OpenSSLException(Poco::format("%s: %s", method, func)); + if (!EC_KEY_check_key(_pEC)) + throw OpenSSLException(Poco::format("%s: EC_KEY_check_key()", method)); +} + + +void ECKeyImpl::freeEC() +{ + if (_pEC) + { + EC_KEY_free(_pEC); + _pEC = 0; + } +} + + +int ECKeyImpl::size() const +{ + int sz = -1; + EVP_PKEY* pKey = EVP_PKEY_new(); + if (pKey && EVP_PKEY_set1_EC_KEY(pKey, _pEC)) + { + sz = EVP_PKEY_bits(pKey); + EVP_PKEY_free(pKey); + return sz; + } + throw OpenSSLException("ECKeyImpl::size()"); +} + + +int ECKeyImpl::groupId() const +{ + if (_pEC) + { + const EC_GROUP* ecGroup = EC_KEY_get0_group(_pEC); + if (ecGroup) + { + return EC_GROUP_get_curve_name(ecGroup); + } + else + { + throw OpenSSLException("ECKeyImpl::groupName()"); + } + } + throw NullPointerException("ECKeyImpl::groupName() => _pEC"); +} + + +std::string ECKeyImpl::getCurveName(int nid) +{ + std::string curveName; + size_t len = EC_get_builtin_curves(NULL, 0); + EC_builtin_curve* pCurves = + (EC_builtin_curve*) OPENSSL_malloc(sizeof(EC_builtin_curve) * len); + if (!pCurves) return curveName; + + if (!EC_get_builtin_curves(pCurves, len)) + { + OPENSSL_free(pCurves); + return curveName; + } + + if (-1 == nid) nid = pCurves[0].nid; + const int bufLen = 128; + char buf[bufLen]; + std::memset(buf, 0, bufLen); + OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(nid), 0); + curveName = buf; + OPENSSL_free(pCurves); + return curveName; +} + + +int ECKeyImpl::getCurveNID(std::string& name) +{ + std::string curveName; + size_t len = EC_get_builtin_curves(NULL, 0); + EC_builtin_curve* pCurves = + (EC_builtin_curve*)OPENSSL_malloc(static_cast<int>(sizeof(EC_builtin_curve) * len)); + if (!pCurves) return -1; + + if (!EC_get_builtin_curves(pCurves, len)) + { + OPENSSL_free(pCurves); + return -1; + } + + int nid = -1; + const int bufLen = 128; + char buf[bufLen]; + if (name.empty()) + { + std::memset(buf, 0, bufLen); + OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(nid), 0); + name = buf; + nid = pCurves[0].nid; + } + else + { + for (int i = 0; i < len; ++i) + { + std::memset(buf, 0, bufLen); + OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(pCurves[i].nid), 0); + if (strncmp(name.c_str(), buf, name.size() > bufLen ? bufLen : name.size()) == 0) + { + nid = pCurves[i].nid; + break; + } + } + } + + OPENSSL_free(pCurves); + return nid; +} + + +bool ECKeyImpl::hasCurve(const std::string& name) +{ + std::string tmp(name); + return (-1 != getCurveNID(tmp)); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/EVPPKey.cpp b/contrib/libs/poco/Crypto/src/EVPPKey.cpp index ffa0a78c070..6b43aa04057 100644 --- a/contrib/libs/poco/Crypto/src/EVPPKey.cpp +++ b/contrib/libs/poco/Crypto/src/EVPPKey.cpp @@ -1,321 +1,321 @@ -// -// EVPPKey.cpp -// -// -// Library: Crypto -// Package: CryptoCore -// Module: EVPPKey -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/EVPPKey.h" -#include "Poco/Crypto/ECKey.h" -#include "Poco/Crypto/RSAKey.h" -#include "Poco/NumberFormatter.h" - - -namespace Poco { -namespace Crypto { - - -EVPPKey::EVPPKey(const std::string& ecCurveName): _pEVPPKey(0) -{ - newECKey(ecCurveName.c_str()); - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey::EVPPKey(const char* ecCurveName): _pEVPPKey(0) -{ - newECKey(ecCurveName); - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey::EVPPKey(EVP_PKEY* pEVPPKey): _pEVPPKey(0) -{ - duplicate(pEVPPKey, &_pEVPPKey); - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey::EVPPKey(const std::string& publicKeyFile, - const std::string& privateKeyFile, - const std::string& privateKeyPassphrase): _pEVPPKey(0) -{ - if (loadKey(&_pEVPPKey, PEM_read_PrivateKey, (EVP_PKEY_get_Key_fn)0, privateKeyFile, privateKeyPassphrase)) - { - poco_check_ptr(_pEVPPKey); - return; // private key is enough - } - - // no private key, this must be public key only, otherwise throw - if (!loadKey(&_pEVPPKey, PEM_read_PUBKEY, (EVP_PKEY_get_Key_fn)0, publicKeyFile)) - { - throw OpenSSLException("ECKeyImpl(const string&, const string&, const string&"); - } - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey::EVPPKey(std::istream* pPublicKeyStream, - std::istream* pPrivateKeyStream, - const std::string& privateKeyPassphrase): _pEVPPKey(0) -{ - if (loadKey(&_pEVPPKey, PEM_read_bio_PrivateKey, (EVP_PKEY_get_Key_fn)0, pPrivateKeyStream, privateKeyPassphrase)) - { - poco_check_ptr(_pEVPPKey); - return; // private key is enough - } - - // no private key, this must be public key only, otherwise throw - if (!loadKey(&_pEVPPKey, PEM_read_bio_PUBKEY, (EVP_PKEY_get_Key_fn)0, pPublicKeyStream)) - { - throw OpenSSLException("ECKeyImpl(istream*, istream*, const string&"); - } - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey::EVPPKey(const EVPPKey& other) -{ - duplicate(other._pEVPPKey, &_pEVPPKey); - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey& EVPPKey::operator=(const EVPPKey& other) -{ - duplicate(other._pEVPPKey, &_pEVPPKey); - poco_check_ptr(_pEVPPKey); - return *this; -} - - -#ifdef POCO_ENABLE_CPP11 - -EVPPKey::EVPPKey(EVPPKey&& other): _pEVPPKey(other._pEVPPKey) -{ - other._pEVPPKey = nullptr; - poco_check_ptr(_pEVPPKey); -} - - -EVPPKey& EVPPKey::operator=(EVPPKey&& other) -{ - _pEVPPKey = other._pEVPPKey; - other._pEVPPKey = nullptr; - poco_check_ptr(_pEVPPKey); - return *this; -} - -#endif // POCO_ENABLE_CPP11 - -EVPPKey::~EVPPKey() -{ - if (_pEVPPKey) EVP_PKEY_free(_pEVPPKey); -} - - -void EVPPKey::save(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase) const -{ - if (!publicKeyFile.empty() && (publicKeyFile != privateKeyFile)) - { - BIO* bio = BIO_new(BIO_s_file()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing public key file", publicKeyFile); - try - { - if (BIO_write_filename(bio, const_cast<char*>(publicKeyFile.c_str()))) - { - if (!PEM_write_bio_PUBKEY(bio, _pEVPPKey)) - { - throw Poco::WriteFileException("Failed to write public key to file", publicKeyFile); - } - } - else throw Poco::CreateFileException("Cannot create public key file"); - } - catch (...) - { - BIO_free(bio); - throw; - } - BIO_free(bio); - } - - if (!privateKeyFile.empty()) - { - BIO* bio = BIO_new(BIO_s_file()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing private key file", privateKeyFile); - try - { - if (BIO_write_filename(bio, const_cast<char*>(privateKeyFile.c_str()))) - { - int rc = 0; - if (privateKeyPassphrase.empty()) - { - rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, 0, 0, 0, 0, 0); - } - else - { - rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, EVP_des_ede3_cbc(), - reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), - static_cast<int>(privateKeyPassphrase.length()), 0, 0); - } - if (!rc) - throw Poco::FileException("Failed to write private key to file", privateKeyFile); - } - else throw Poco::CreateFileException("Cannot create private key file", privateKeyFile); - } - catch (...) - { - BIO_free(bio); - throw; - } - BIO_free(bio); - } -} - - -void EVPPKey::save(std::ostream* pPublicKeyStream, std::ostream* pPrivateKeyStream, const std::string& privateKeyPassphrase) const -{ - if (pPublicKeyStream && (pPublicKeyStream != pPrivateKeyStream)) - { - BIO* bio = BIO_new(BIO_s_mem()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); - if (!PEM_write_bio_PUBKEY(bio, _pEVPPKey)) - { - BIO_free(bio); - throw Poco::WriteFileException("Failed to write public key to stream"); - } - char* pData; - long size = BIO_get_mem_data(bio, &pData); - pPublicKeyStream->write(pData, static_cast<std::streamsize>(size)); - BIO_free(bio); - } - - if (pPrivateKeyStream) - { - BIO* bio = BIO_new(BIO_s_mem()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); - int rc = 0; - if (privateKeyPassphrase.empty()) - rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, 0, 0, 0, 0, 0); - else - rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, EVP_des_ede3_cbc(), - reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), - static_cast<int>(privateKeyPassphrase.length()), 0, 0); - if (!rc) - { - BIO_free(bio); - throw Poco::FileException("Failed to write private key to stream"); - } - char* pData; - long size = BIO_get_mem_data(bio, &pData); - pPrivateKeyStream->write(pData, static_cast<std::streamsize>(size)); - BIO_free(bio); - } -} - - -EVP_PKEY* EVPPKey::duplicate(const EVP_PKEY* pFromKey, EVP_PKEY** pToKey) -{ - if (!pFromKey) throw NullPointerException("EVPPKey::duplicate(): " - "provided key pointer is null."); - - *pToKey = EVP_PKEY_new(); - if (!*pToKey) throw NullPointerException("EVPPKey::duplicate(): " - "EVP_PKEY_new() returned null."); - - int keyType = type(pFromKey); - switch (keyType) - { - case EVP_PKEY_RSA: - { - RSA* pRSA = EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>(pFromKey)); - if (pRSA) - { - EVP_PKEY_set1_RSA(*pToKey, pRSA); - RSA_free(pRSA); - } - else throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_get1_RSA()"); - break; - } - case EVP_PKEY_EC: - { - EC_KEY* pEC = EVP_PKEY_get1_EC_KEY(const_cast<EVP_PKEY*>(pFromKey)); - if (pEC) - { - EVP_PKEY_set1_EC_KEY(*pToKey, pEC); - EC_KEY_free(pEC); - int cmp = EVP_PKEY_cmp_parameters(*pToKey, pFromKey); - if (cmp < 0) - throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_cmp_parameters()"); - if (0 == cmp) - { - if(!EVP_PKEY_copy_parameters(*pToKey, pFromKey)) - throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_copy_parameters()"); - } - } - else throw OpenSSLException(); - break; - } - default: - throw NotImplementedException("EVPPKey:duplicate(); Key type: " + - NumberFormatter::format(keyType)); - } - - return *pToKey; -} - - -void EVPPKey::newECKey(const char* ecCurveName) -{ - int curveID = OBJ_txt2nid(ecCurveName); - EC_KEY* pEC = EC_KEY_new_by_curve_name(curveID); - if (!pEC) goto err; - if (!EC_KEY_generate_key(pEC)) goto err; - _pEVPPKey = EVP_PKEY_new(); - if (!_pEVPPKey) goto err; - if (!EVP_PKEY_set1_EC_KEY(_pEVPPKey, pEC)) goto err; - EC_KEY_free(pEC); - return; -err: - throw OpenSSLException("EVPPKey:newECKey()"); -} - - -void EVPPKey::setKey(ECKey* pKey) -{ - poco_check_ptr(pKey); - poco_check_ptr(pKey->impl()); - setKey(pKey->impl()->getECKey()); -} - - -void EVPPKey::setKey(RSAKey* pKey) -{ - poco_check_ptr(pKey); - poco_check_ptr(pKey->impl()); - setKey(pKey->impl()->getRSA()); -} - - -int EVPPKey::passCB(char* buf, int size, int, void* pass) -{ - if (pass) - { - int len = (int)std::strlen((char*)pass); - if(len > size) len = size; - std::memcpy(buf, pass, len); - return len; - } - return 0; -} - - -} } // namespace Poco::Crypto +// +// EVPPKey.cpp +// +// +// Library: Crypto +// Package: CryptoCore +// Module: EVPPKey +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/EVPPKey.h" +#include "Poco/Crypto/ECKey.h" +#include "Poco/Crypto/RSAKey.h" +#include "Poco/NumberFormatter.h" + + +namespace Poco { +namespace Crypto { + + +EVPPKey::EVPPKey(const std::string& ecCurveName): _pEVPPKey(0) +{ + newECKey(ecCurveName.c_str()); + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(const char* ecCurveName): _pEVPPKey(0) +{ + newECKey(ecCurveName); + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(EVP_PKEY* pEVPPKey): _pEVPPKey(0) +{ + duplicate(pEVPPKey, &_pEVPPKey); + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase): _pEVPPKey(0) +{ + if (loadKey(&_pEVPPKey, PEM_read_PrivateKey, (EVP_PKEY_get_Key_fn)0, privateKeyFile, privateKeyPassphrase)) + { + poco_check_ptr(_pEVPPKey); + return; // private key is enough + } + + // no private key, this must be public key only, otherwise throw + if (!loadKey(&_pEVPPKey, PEM_read_PUBKEY, (EVP_PKEY_get_Key_fn)0, publicKeyFile)) + { + throw OpenSSLException("ECKeyImpl(const string&, const string&, const string&"); + } + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream, + const std::string& privateKeyPassphrase): _pEVPPKey(0) +{ + if (loadKey(&_pEVPPKey, PEM_read_bio_PrivateKey, (EVP_PKEY_get_Key_fn)0, pPrivateKeyStream, privateKeyPassphrase)) + { + poco_check_ptr(_pEVPPKey); + return; // private key is enough + } + + // no private key, this must be public key only, otherwise throw + if (!loadKey(&_pEVPPKey, PEM_read_bio_PUBKEY, (EVP_PKEY_get_Key_fn)0, pPublicKeyStream)) + { + throw OpenSSLException("ECKeyImpl(istream*, istream*, const string&"); + } + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(const EVPPKey& other) +{ + duplicate(other._pEVPPKey, &_pEVPPKey); + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey& EVPPKey::operator=(const EVPPKey& other) +{ + duplicate(other._pEVPPKey, &_pEVPPKey); + poco_check_ptr(_pEVPPKey); + return *this; +} + + +#ifdef POCO_ENABLE_CPP11 + +EVPPKey::EVPPKey(EVPPKey&& other): _pEVPPKey(other._pEVPPKey) +{ + other._pEVPPKey = nullptr; + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey& EVPPKey::operator=(EVPPKey&& other) +{ + _pEVPPKey = other._pEVPPKey; + other._pEVPPKey = nullptr; + poco_check_ptr(_pEVPPKey); + return *this; +} + +#endif // POCO_ENABLE_CPP11 + +EVPPKey::~EVPPKey() +{ + if (_pEVPPKey) EVP_PKEY_free(_pEVPPKey); +} + + +void EVPPKey::save(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase) const +{ + if (!publicKeyFile.empty() && (publicKeyFile != privateKeyFile)) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key file", publicKeyFile); + try + { + if (BIO_write_filename(bio, const_cast<char*>(publicKeyFile.c_str()))) + { + if (!PEM_write_bio_PUBKEY(bio, _pEVPPKey)) + { + throw Poco::WriteFileException("Failed to write public key to file", publicKeyFile); + } + } + else throw Poco::CreateFileException("Cannot create public key file"); + } + catch (...) + { + BIO_free(bio); + throw; + } + BIO_free(bio); + } + + if (!privateKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing private key file", privateKeyFile); + try + { + if (BIO_write_filename(bio, const_cast<char*>(privateKeyFile.c_str()))) + { + int rc = 0; + if (privateKeyPassphrase.empty()) + { + rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, 0, 0, 0, 0, 0); + } + else + { + rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, EVP_des_ede3_cbc(), + reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), + static_cast<int>(privateKeyPassphrase.length()), 0, 0); + } + if (!rc) + throw Poco::FileException("Failed to write private key to file", privateKeyFile); + } + else throw Poco::CreateFileException("Cannot create private key file", privateKeyFile); + } + catch (...) + { + BIO_free(bio); + throw; + } + BIO_free(bio); + } +} + + +void EVPPKey::save(std::ostream* pPublicKeyStream, std::ostream* pPrivateKeyStream, const std::string& privateKeyPassphrase) const +{ + if (pPublicKeyStream && (pPublicKeyStream != pPrivateKeyStream)) + { + BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); + if (!PEM_write_bio_PUBKEY(bio, _pEVPPKey)) + { + BIO_free(bio); + throw Poco::WriteFileException("Failed to write public key to stream"); + } + char* pData; + long size = BIO_get_mem_data(bio, &pData); + pPublicKeyStream->write(pData, static_cast<std::streamsize>(size)); + BIO_free(bio); + } + + if (pPrivateKeyStream) + { + BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); + int rc = 0; + if (privateKeyPassphrase.empty()) + rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, 0, 0, 0, 0, 0); + else + rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, EVP_des_ede3_cbc(), + reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), + static_cast<int>(privateKeyPassphrase.length()), 0, 0); + if (!rc) + { + BIO_free(bio); + throw Poco::FileException("Failed to write private key to stream"); + } + char* pData; + long size = BIO_get_mem_data(bio, &pData); + pPrivateKeyStream->write(pData, static_cast<std::streamsize>(size)); + BIO_free(bio); + } +} + + +EVP_PKEY* EVPPKey::duplicate(const EVP_PKEY* pFromKey, EVP_PKEY** pToKey) +{ + if (!pFromKey) throw NullPointerException("EVPPKey::duplicate(): " + "provided key pointer is null."); + + *pToKey = EVP_PKEY_new(); + if (!*pToKey) throw NullPointerException("EVPPKey::duplicate(): " + "EVP_PKEY_new() returned null."); + + int keyType = type(pFromKey); + switch (keyType) + { + case EVP_PKEY_RSA: + { + RSA* pRSA = EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>(pFromKey)); + if (pRSA) + { + EVP_PKEY_set1_RSA(*pToKey, pRSA); + RSA_free(pRSA); + } + else throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_get1_RSA()"); + break; + } + case EVP_PKEY_EC: + { + EC_KEY* pEC = EVP_PKEY_get1_EC_KEY(const_cast<EVP_PKEY*>(pFromKey)); + if (pEC) + { + EVP_PKEY_set1_EC_KEY(*pToKey, pEC); + EC_KEY_free(pEC); + int cmp = EVP_PKEY_cmp_parameters(*pToKey, pFromKey); + if (cmp < 0) + throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_cmp_parameters()"); + if (0 == cmp) + { + if(!EVP_PKEY_copy_parameters(*pToKey, pFromKey)) + throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_copy_parameters()"); + } + } + else throw OpenSSLException(); + break; + } + default: + throw NotImplementedException("EVPPKey:duplicate(); Key type: " + + NumberFormatter::format(keyType)); + } + + return *pToKey; +} + + +void EVPPKey::newECKey(const char* ecCurveName) +{ + int curveID = OBJ_txt2nid(ecCurveName); + EC_KEY* pEC = EC_KEY_new_by_curve_name(curveID); + if (!pEC) goto err; + if (!EC_KEY_generate_key(pEC)) goto err; + _pEVPPKey = EVP_PKEY_new(); + if (!_pEVPPKey) goto err; + if (!EVP_PKEY_set1_EC_KEY(_pEVPPKey, pEC)) goto err; + EC_KEY_free(pEC); + return; +err: + throw OpenSSLException("EVPPKey:newECKey()"); +} + + +void EVPPKey::setKey(ECKey* pKey) +{ + poco_check_ptr(pKey); + poco_check_ptr(pKey->impl()); + setKey(pKey->impl()->getECKey()); +} + + +void EVPPKey::setKey(RSAKey* pKey) +{ + poco_check_ptr(pKey); + poco_check_ptr(pKey->impl()); + setKey(pKey->impl()->getRSA()); +} + + +int EVPPKey::passCB(char* buf, int size, int, void* pass) +{ + if (pass) + { + int len = (int)std::strlen((char*)pass); + if(len > size) len = size; + std::memcpy(buf, pass, len); + return len; + } + return 0; +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/KeyPair.cpp b/contrib/libs/poco/Crypto/src/KeyPair.cpp index 1c650806b37..b2bb160c506 100644 --- a/contrib/libs/poco/Crypto/src/KeyPair.cpp +++ b/contrib/libs/poco/Crypto/src/KeyPair.cpp @@ -1,34 +1,34 @@ -// -// KeyPair.cpp -// -// -// Library: Crypto -// Package: CryptoCore -// Module: KeyPair -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/KeyPair.h" -#include <openssl/rsa.h> - - -namespace Poco { -namespace Crypto { - - -KeyPair::KeyPair(KeyPairImpl::Ptr pKeyPairImpl): _pImpl(pKeyPairImpl) -{ -} - - -KeyPair::~KeyPair() -{ -} - - -} } // namespace Poco::Crypto +// +// KeyPair.cpp +// +// +// Library: Crypto +// Package: CryptoCore +// Module: KeyPair +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/KeyPair.h" +#include <openssl/rsa.h> + + +namespace Poco { +namespace Crypto { + + +KeyPair::KeyPair(KeyPairImpl::Ptr pKeyPairImpl): _pImpl(pKeyPairImpl) +{ +} + + +KeyPair::~KeyPair() +{ +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/KeyPairImpl.cpp b/contrib/libs/poco/Crypto/src/KeyPairImpl.cpp index c782f04270d..bfa823be286 100644 --- a/contrib/libs/poco/Crypto/src/KeyPairImpl.cpp +++ b/contrib/libs/poco/Crypto/src/KeyPairImpl.cpp @@ -1,35 +1,35 @@ -// -// KeyPairImpl.cpp -// -// -// Library: Crypto -// Package: CryptoCore -// Module: KeyPairImpl -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/KeyPairImpl.h" - - -namespace Poco { -namespace Crypto { - - -KeyPairImpl::KeyPairImpl(const std::string& name, Type type): - _name(name), - _type(type) -{ -} - - -KeyPairImpl::~KeyPairImpl() -{ -} - - -} } // namespace Poco::Crypto +// +// KeyPairImpl.cpp +// +// +// Library: Crypto +// Package: CryptoCore +// Module: KeyPairImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/KeyPairImpl.h" + + +namespace Poco { +namespace Crypto { + + +KeyPairImpl::KeyPairImpl(const std::string& name, Type type): + _name(name), + _type(type) +{ +} + + +KeyPairImpl::~KeyPairImpl() +{ +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/OpenSSLInitializer.cpp b/contrib/libs/poco/Crypto/src/OpenSSLInitializer.cpp index a3bc1d01431..fa735f14ddc 100644 --- a/contrib/libs/poco/Crypto/src/OpenSSLInitializer.cpp +++ b/contrib/libs/poco/Crypto/src/OpenSSLInitializer.cpp @@ -1,190 +1,190 @@ -// -// OpenSSLInitializer.cpp -// -// Library: Crypto -// Package: CryptoCore -// Module: OpenSSLInitializer -// -// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/OpenSSLInitializer.h" -#include "Poco/RandomStream.h" -#include "Poco/Thread.h" -#include <openssl/ssl.h> -#include <openssl/rand.h> -#include <openssl/crypto.h> -#include <openssl/err.h> -#if OPENSSL_VERSION_NUMBER >= 0x0907000L -#include <openssl/conf.h> -#endif -#if defined(POCO_OS_FAMILY_WINDOWS) - #define POCO_STR_HELPER(x) #x - #define POCO_STR(x) POCO_STR_HELPER(x) - #if defined POCO_INTERNAL_OPENSSL_MSVC_VER - #define POCO_INTERNAL_OPENSSL_BUILD \ - " (POCO internal build, MSVC version " \ - POCO_STR(POCO_INTERNAL_OPENSSL_MSVC_VER) ")" - #else - #define POCO_INTERNAL_OPENSSL_BUILD "" - #endif - #pragma message (OPENSSL_VERSION_TEXT POCO_INTERNAL_OPENSSL_BUILD) -#endif - - -using Poco::RandomInputStream; -using Poco::Thread; - - -#if defined(_MSC_VER) && !defined(_DLL) && defined(POCO_INTERNAL_OPENSSL_MSVC_VER) - - #if (POCO_MSVS_VERSION >= 2015) - FILE _iob[] = { *stdin, *stdout, *stderr }; - extern "C" FILE * __cdecl __iob_func(void) { return _iob; } - #endif // (POCO_MSVS_VERSION >= 2015) - - #if (POCO_MSVS_VERSION < 2012) - extern "C" __declspec(noreturn) void __cdecl __report_rangecheckfailure(void) { ::ExitProcess(1); } - #endif // (POCO_MSVS_VERSION < 2012) - -#endif // _MSC_VER && _MT && !POCO_EXTERNAL_OPENSSL && (POCO_MSVS_VERSION < 2013) - - -namespace Poco { -namespace Crypto { - - -Poco::FastMutex* OpenSSLInitializer::_mutexes(0); -Poco::AtomicCounter OpenSSLInitializer::_rc; - - -OpenSSLInitializer::OpenSSLInitializer() -{ - initialize(); -} - - -OpenSSLInitializer::~OpenSSLInitializer() -{ - try - { - uninitialize(); - } - catch (...) - { - poco_unexpected(); - } -} - - -void OpenSSLInitializer::initialize() -{ - if (++_rc == 1) - { -#if OPENSSL_VERSION_NUMBER >= 0x0907000L - OPENSSL_config(NULL); -#endif - SSL_library_init(); - SSL_load_error_strings(); - OpenSSL_add_all_algorithms(); - - char seed[SEEDSIZE]; - RandomInputStream rnd; - rnd.read(seed, sizeof(seed)); - RAND_seed(seed, SEEDSIZE); - - int nMutexes = CRYPTO_num_locks(); - _mutexes = new Poco::FastMutex[nMutexes]; - CRYPTO_set_locking_callback(&OpenSSLInitializer::lock); -#ifndef POCO_OS_FAMILY_WINDOWS -// Not needed on Windows (see SF #110: random unhandled exceptions when linking with ssl). -// https://sourceforge.net/p/poco/bugs/110/ -// -// From http://www.openssl.org/docs/crypto/threads.html : -// "If the application does not register such a callback using CRYPTO_THREADID_set_callback(), -// then a default implementation is used - on Windows and BeOS this uses the system's -// default thread identifying APIs" - CRYPTO_set_id_callback(&OpenSSLInitializer::id); -#endif - CRYPTO_set_dynlock_create_callback(&OpenSSLInitializer::dynlockCreate); - CRYPTO_set_dynlock_lock_callback(&OpenSSLInitializer::dynlock); - CRYPTO_set_dynlock_destroy_callback(&OpenSSLInitializer::dynlockDestroy); - } -} - - -void OpenSSLInitializer::uninitialize() -{ - if (--_rc == 0) - { - EVP_cleanup(); - ERR_free_strings(); - CRYPTO_set_locking_callback(0); -#ifndef POCO_OS_FAMILY_WINDOWS - CRYPTO_set_id_callback(0); -#endif - delete [] _mutexes; - - CONF_modules_free(); - } -} - - -void OpenSSLInitializer::lock(int mode, int n, const char* file, int line) -{ - if (mode & CRYPTO_LOCK) - _mutexes[n].lock(); - else - _mutexes[n].unlock(); -} - - -unsigned long OpenSSLInitializer::id() -{ - // Note: we use an old-style C cast here because - // neither static_cast<> nor reinterpret_cast<> - // work uniformly across all platforms. - return (unsigned long) Poco::Thread::currentTid(); -} - - -struct CRYPTO_dynlock_value* OpenSSLInitializer::dynlockCreate(const char* file, int line) -{ - return new CRYPTO_dynlock_value; -} - - -void OpenSSLInitializer::dynlock(int mode, struct CRYPTO_dynlock_value* lock, const char* file, int line) -{ - poco_check_ptr (lock); - - if (mode & CRYPTO_LOCK) - lock->_mutex.lock(); - else - lock->_mutex.unlock(); -} - - -void OpenSSLInitializer::dynlockDestroy(struct CRYPTO_dynlock_value* lock, const char* file, int line) -{ - delete lock; -} - - -void initializeCrypto() -{ - OpenSSLInitializer::initialize(); -} - - -void uninitializeCrypto() -{ - OpenSSLInitializer::uninitialize(); -} - - -} } // namespace Poco::Crypto +// +// OpenSSLInitializer.cpp +// +// Library: Crypto +// Package: CryptoCore +// Module: OpenSSLInitializer +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/RandomStream.h" +#include "Poco/Thread.h" +#include <openssl/ssl.h> +#include <openssl/rand.h> +#include <openssl/crypto.h> +#include <openssl/err.h> +#if OPENSSL_VERSION_NUMBER >= 0x0907000L +#include <openssl/conf.h> +#endif +#if defined(POCO_OS_FAMILY_WINDOWS) + #define POCO_STR_HELPER(x) #x + #define POCO_STR(x) POCO_STR_HELPER(x) + #if defined POCO_INTERNAL_OPENSSL_MSVC_VER + #define POCO_INTERNAL_OPENSSL_BUILD \ + " (POCO internal build, MSVC version " \ + POCO_STR(POCO_INTERNAL_OPENSSL_MSVC_VER) ")" + #else + #define POCO_INTERNAL_OPENSSL_BUILD "" + #endif + #pragma message (OPENSSL_VERSION_TEXT POCO_INTERNAL_OPENSSL_BUILD) +#endif + + +using Poco::RandomInputStream; +using Poco::Thread; + + +#if defined(_MSC_VER) && !defined(_DLL) && defined(POCO_INTERNAL_OPENSSL_MSVC_VER) + + #if (POCO_MSVS_VERSION >= 2015) + FILE _iob[] = { *stdin, *stdout, *stderr }; + extern "C" FILE * __cdecl __iob_func(void) { return _iob; } + #endif // (POCO_MSVS_VERSION >= 2015) + + #if (POCO_MSVS_VERSION < 2012) + extern "C" __declspec(noreturn) void __cdecl __report_rangecheckfailure(void) { ::ExitProcess(1); } + #endif // (POCO_MSVS_VERSION < 2012) + +#endif // _MSC_VER && _MT && !POCO_EXTERNAL_OPENSSL && (POCO_MSVS_VERSION < 2013) + + +namespace Poco { +namespace Crypto { + + +Poco::FastMutex* OpenSSLInitializer::_mutexes(0); +Poco::AtomicCounter OpenSSLInitializer::_rc; + + +OpenSSLInitializer::OpenSSLInitializer() +{ + initialize(); +} + + +OpenSSLInitializer::~OpenSSLInitializer() +{ + try + { + uninitialize(); + } + catch (...) + { + poco_unexpected(); + } +} + + +void OpenSSLInitializer::initialize() +{ + if (++_rc == 1) + { +#if OPENSSL_VERSION_NUMBER >= 0x0907000L + OPENSSL_config(NULL); +#endif + SSL_library_init(); + SSL_load_error_strings(); + OpenSSL_add_all_algorithms(); + + char seed[SEEDSIZE]; + RandomInputStream rnd; + rnd.read(seed, sizeof(seed)); + RAND_seed(seed, SEEDSIZE); + + int nMutexes = CRYPTO_num_locks(); + _mutexes = new Poco::FastMutex[nMutexes]; + CRYPTO_set_locking_callback(&OpenSSLInitializer::lock); +#ifndef POCO_OS_FAMILY_WINDOWS +// Not needed on Windows (see SF #110: random unhandled exceptions when linking with ssl). +// https://sourceforge.net/p/poco/bugs/110/ +// +// From http://www.openssl.org/docs/crypto/threads.html : +// "If the application does not register such a callback using CRYPTO_THREADID_set_callback(), +// then a default implementation is used - on Windows and BeOS this uses the system's +// default thread identifying APIs" + CRYPTO_set_id_callback(&OpenSSLInitializer::id); +#endif + CRYPTO_set_dynlock_create_callback(&OpenSSLInitializer::dynlockCreate); + CRYPTO_set_dynlock_lock_callback(&OpenSSLInitializer::dynlock); + CRYPTO_set_dynlock_destroy_callback(&OpenSSLInitializer::dynlockDestroy); + } +} + + +void OpenSSLInitializer::uninitialize() +{ + if (--_rc == 0) + { + EVP_cleanup(); + ERR_free_strings(); + CRYPTO_set_locking_callback(0); +#ifndef POCO_OS_FAMILY_WINDOWS + CRYPTO_set_id_callback(0); +#endif + delete [] _mutexes; + + CONF_modules_free(); + } +} + + +void OpenSSLInitializer::lock(int mode, int n, const char* file, int line) +{ + if (mode & CRYPTO_LOCK) + _mutexes[n].lock(); + else + _mutexes[n].unlock(); +} + + +unsigned long OpenSSLInitializer::id() +{ + // Note: we use an old-style C cast here because + // neither static_cast<> nor reinterpret_cast<> + // work uniformly across all platforms. + return (unsigned long) Poco::Thread::currentTid(); +} + + +struct CRYPTO_dynlock_value* OpenSSLInitializer::dynlockCreate(const char* file, int line) +{ + return new CRYPTO_dynlock_value; +} + + +void OpenSSLInitializer::dynlock(int mode, struct CRYPTO_dynlock_value* lock, const char* file, int line) +{ + poco_check_ptr (lock); + + if (mode & CRYPTO_LOCK) + lock->_mutex.lock(); + else + lock->_mutex.unlock(); +} + + +void OpenSSLInitializer::dynlockDestroy(struct CRYPTO_dynlock_value* lock, const char* file, int line) +{ + delete lock; +} + + +void initializeCrypto() +{ + OpenSSLInitializer::initialize(); +} + + +void uninitializeCrypto() +{ + OpenSSLInitializer::uninitialize(); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/PKCS12Container.cpp b/contrib/libs/poco/Crypto/src/PKCS12Container.cpp index 5c03a9ff855..b4b14ccc349 100644 --- a/contrib/libs/poco/Crypto/src/PKCS12Container.cpp +++ b/contrib/libs/poco/Crypto/src/PKCS12Container.cpp @@ -1,202 +1,202 @@ -// -// PKCS12Container.cpp -// -// -// Library: Crypto -// Package: Certificate -// Module: PKCS12Container -// -// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/PKCS12Container.h" -#include "Poco/NumberFormatter.h" -#include "Poco/StreamCopier.h" -#include <sstream> -#include <openssl/err.h> - - -namespace Poco { -namespace Crypto { - - -PKCS12Container::PKCS12Container(std::istream& istr, const std::string& password): _pKey(0) -{ - std::ostringstream ostr; - Poco::StreamCopier::copyStream(istr, ostr); - const std::string& cont = ostr.str(); - - BIO *pBIO = BIO_new_mem_buf(const_cast<char*>(cont.data()), static_cast<int>(cont.size())); - if (pBIO) - { - PKCS12* pPKCS12 = 0; - d2i_PKCS12_bio(pBIO, &pPKCS12); - BIO_free(pBIO); - if (!pPKCS12) throw OpenSSLException("PKCS12Container(istream&, const string&)"); - load(pPKCS12, password); - } - else - { - throw Poco::NullPointerException("PKCS12Container(istream&, const string&)"); - } -} - - -PKCS12Container::PKCS12Container(const std::string& path, const std::string& password): _pKey(0) -{ - FILE* pFile = fopen(path.c_str(), "rb"); - if (pFile) - { - PKCS12* pPKCS12 = d2i_PKCS12_fp(pFile, NULL); - fclose (pFile); - if (!pPKCS12) throw OpenSSLException("PKCS12Container(const string&, const string&)"); - load(pPKCS12, password); - } - else - { - throw Poco::OpenFileException("PKCS12Container: " + path); - } -} - - -PKCS12Container::PKCS12Container(const PKCS12Container& other): - _pKey(EVPPKey::duplicate(other._pKey, &_pKey)), - _pX509Cert(new X509Certificate(*other._pX509Cert)), - _caCertList(other._caCertList), - _caCertNames(other._caCertNames), - _pkcsFriendlyName(other._pkcsFriendlyName) -{ -} - - -PKCS12Container& PKCS12Container::operator = (const PKCS12Container& other) -{ - if (&other != this) - { - if (_pKey) EVP_PKEY_free(_pKey); - _pKey = EVPPKey::duplicate(other._pKey, &_pKey); - _pX509Cert.reset(new X509Certificate(*other._pX509Cert)); - _caCertList = other._caCertList; - _caCertNames = other._caCertNames; - _pkcsFriendlyName = other._pkcsFriendlyName; - } - return *this; -} - - -#ifdef POCO_ENABLE_CPP11 - - -PKCS12Container::PKCS12Container(PKCS12Container&& other): - _pKey(other._pKey), - _pX509Cert(std::move(other._pX509Cert)), - _caCertList(std::move(other._caCertList)), - _caCertNames(std::move(other._caCertNames)), - _pkcsFriendlyName(std::move(other._pkcsFriendlyName)) -{ - other._pKey = 0; -} - - -PKCS12Container& PKCS12Container::operator = (PKCS12Container&& other) -{ - if (&other != this) - { - if (_pKey) EVP_PKEY_free(_pKey); - _pKey = other._pKey; other._pKey = 0; - _pX509Cert = std::move(other._pX509Cert); - _caCertList = std::move(other._caCertList); - _caCertNames = std::move(other._caCertNames); - _pkcsFriendlyName = std::move(other._pkcsFriendlyName); - } - return *this; -} - - -#endif // POCO_ENABLE_CPP11 - - -PKCS12Container::~PKCS12Container() -{ - if (_pKey) EVP_PKEY_free(_pKey); -} - - -std::string PKCS12Container::extractFriendlyName(X509* pCert) -{ - std::string friendlyName; - if(pCert) - { - STACK_OF(PKCS12_SAFEBAG)*pBags = 0; - PKCS12_SAFEBAG*pBag = PKCS12_add_cert(&pBags, pCert); - if(pBag) - { - char* pBuffer = PKCS12_get_friendlyname(pBag); - if(pBuffer) - { - friendlyName = pBuffer; - OPENSSL_free(pBuffer); - } - if(pBags) sk_PKCS12_SAFEBAG_pop_free(pBags, PKCS12_SAFEBAG_free); - } - else throw OpenSSLException("PKCS12Container::extractFriendlyName()"); - } - else throw NullPointerException("PKCS12Container::extractFriendlyName()"); - - return friendlyName; -} - - -void PKCS12Container::load(PKCS12* pPKCS12, const std::string& password) -{ - if (pPKCS12) - { - X509* pCert = 0; - STACK_OF(X509)* pCA = 0; - if (PKCS12_parse(pPKCS12, password.c_str(), &_pKey, &pCert, &pCA)) - { - if (pCert) - { - _pX509Cert.reset(new X509Certificate(pCert, true)); - _pkcsFriendlyName = extractFriendlyName(pCert); - } - else _pX509Cert.reset(); - - _caCertList.clear(); - _caCertNames.clear(); - if (pCA) - { - int certCount = sk_X509_num(pCA); - for (int i = 0; i < certCount; ++i) - { - X509* pX509 = sk_X509_value(pCA, i); - if (pX509) - { - _caCertList.push_back(X509Certificate(pX509, true)); - _caCertNames.push_back(extractFriendlyName(pX509)); - } - else throw OpenSSLException("PKCS12Container::load()"); - } - } - } - else - { - throw OpenSSLException(); - } - PKCS12_free(pPKCS12); - sk_X509_pop_free(pCA, X509_free); - if (pCert) X509_free(pCert); - poco_assert_dbg (_caCertList.size() == _caCertNames.size()); - } - else - { - throw NullPointerException("PKCS12Container: struct PKCS12"); - } -} - - -} } // namespace Poco::Crypto +// +// PKCS12Container.cpp +// +// +// Library: Crypto +// Package: Certificate +// Module: PKCS12Container +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/PKCS12Container.h" +#include "Poco/NumberFormatter.h" +#include "Poco/StreamCopier.h" +#include <sstream> +#include <openssl/err.h> + + +namespace Poco { +namespace Crypto { + + +PKCS12Container::PKCS12Container(std::istream& istr, const std::string& password): _pKey(0) +{ + std::ostringstream ostr; + Poco::StreamCopier::copyStream(istr, ostr); + const std::string& cont = ostr.str(); + + BIO *pBIO = BIO_new_mem_buf(const_cast<char*>(cont.data()), static_cast<int>(cont.size())); + if (pBIO) + { + PKCS12* pPKCS12 = 0; + d2i_PKCS12_bio(pBIO, &pPKCS12); + BIO_free(pBIO); + if (!pPKCS12) throw OpenSSLException("PKCS12Container(istream&, const string&)"); + load(pPKCS12, password); + } + else + { + throw Poco::NullPointerException("PKCS12Container(istream&, const string&)"); + } +} + + +PKCS12Container::PKCS12Container(const std::string& path, const std::string& password): _pKey(0) +{ + FILE* pFile = fopen(path.c_str(), "rb"); + if (pFile) + { + PKCS12* pPKCS12 = d2i_PKCS12_fp(pFile, NULL); + fclose (pFile); + if (!pPKCS12) throw OpenSSLException("PKCS12Container(const string&, const string&)"); + load(pPKCS12, password); + } + else + { + throw Poco::OpenFileException("PKCS12Container: " + path); + } +} + + +PKCS12Container::PKCS12Container(const PKCS12Container& other): + _pKey(EVPPKey::duplicate(other._pKey, &_pKey)), + _pX509Cert(new X509Certificate(*other._pX509Cert)), + _caCertList(other._caCertList), + _caCertNames(other._caCertNames), + _pkcsFriendlyName(other._pkcsFriendlyName) +{ +} + + +PKCS12Container& PKCS12Container::operator = (const PKCS12Container& other) +{ + if (&other != this) + { + if (_pKey) EVP_PKEY_free(_pKey); + _pKey = EVPPKey::duplicate(other._pKey, &_pKey); + _pX509Cert.reset(new X509Certificate(*other._pX509Cert)); + _caCertList = other._caCertList; + _caCertNames = other._caCertNames; + _pkcsFriendlyName = other._pkcsFriendlyName; + } + return *this; +} + + +#ifdef POCO_ENABLE_CPP11 + + +PKCS12Container::PKCS12Container(PKCS12Container&& other): + _pKey(other._pKey), + _pX509Cert(std::move(other._pX509Cert)), + _caCertList(std::move(other._caCertList)), + _caCertNames(std::move(other._caCertNames)), + _pkcsFriendlyName(std::move(other._pkcsFriendlyName)) +{ + other._pKey = 0; +} + + +PKCS12Container& PKCS12Container::operator = (PKCS12Container&& other) +{ + if (&other != this) + { + if (_pKey) EVP_PKEY_free(_pKey); + _pKey = other._pKey; other._pKey = 0; + _pX509Cert = std::move(other._pX509Cert); + _caCertList = std::move(other._caCertList); + _caCertNames = std::move(other._caCertNames); + _pkcsFriendlyName = std::move(other._pkcsFriendlyName); + } + return *this; +} + + +#endif // POCO_ENABLE_CPP11 + + +PKCS12Container::~PKCS12Container() +{ + if (_pKey) EVP_PKEY_free(_pKey); +} + + +std::string PKCS12Container::extractFriendlyName(X509* pCert) +{ + std::string friendlyName; + if(pCert) + { + STACK_OF(PKCS12_SAFEBAG)*pBags = 0; + PKCS12_SAFEBAG*pBag = PKCS12_add_cert(&pBags, pCert); + if(pBag) + { + char* pBuffer = PKCS12_get_friendlyname(pBag); + if(pBuffer) + { + friendlyName = pBuffer; + OPENSSL_free(pBuffer); + } + if(pBags) sk_PKCS12_SAFEBAG_pop_free(pBags, PKCS12_SAFEBAG_free); + } + else throw OpenSSLException("PKCS12Container::extractFriendlyName()"); + } + else throw NullPointerException("PKCS12Container::extractFriendlyName()"); + + return friendlyName; +} + + +void PKCS12Container::load(PKCS12* pPKCS12, const std::string& password) +{ + if (pPKCS12) + { + X509* pCert = 0; + STACK_OF(X509)* pCA = 0; + if (PKCS12_parse(pPKCS12, password.c_str(), &_pKey, &pCert, &pCA)) + { + if (pCert) + { + _pX509Cert.reset(new X509Certificate(pCert, true)); + _pkcsFriendlyName = extractFriendlyName(pCert); + } + else _pX509Cert.reset(); + + _caCertList.clear(); + _caCertNames.clear(); + if (pCA) + { + int certCount = sk_X509_num(pCA); + for (int i = 0; i < certCount; ++i) + { + X509* pX509 = sk_X509_value(pCA, i); + if (pX509) + { + _caCertList.push_back(X509Certificate(pX509, true)); + _caCertNames.push_back(extractFriendlyName(pX509)); + } + else throw OpenSSLException("PKCS12Container::load()"); + } + } + } + else + { + throw OpenSSLException(); + } + PKCS12_free(pPKCS12); + sk_X509_pop_free(pCA, X509_free); + if (pCert) X509_free(pCert); + poco_assert_dbg (_caCertList.size() == _caCertNames.size()); + } + else + { + throw NullPointerException("PKCS12Container: struct PKCS12"); + } +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/RSACipherImpl.cpp b/contrib/libs/poco/Crypto/src/RSACipherImpl.cpp index 5c2e493ed0b..d6eae53c067 100644 --- a/contrib/libs/poco/Crypto/src/RSACipherImpl.cpp +++ b/contrib/libs/poco/Crypto/src/RSACipherImpl.cpp @@ -1,344 +1,344 @@ -// -// RSACipherImpl.cpp -// -// Library: Crypto -// Package: RSA -// Module: RSACipherImpl -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/RSACipherImpl.h" -#include "Poco/Crypto/CryptoTransform.h" -#include "Poco/Exception.h" -#include <openssl/err.h> -#include <openssl/rsa.h> -#include <cstring> - - -namespace Poco { -namespace Crypto { - - -namespace -{ - void throwError() - { - unsigned long err; - std::string msg; - - while ((err = ERR_get_error())) - { - if (!msg.empty()) - msg.append("; "); - msg.append(ERR_error_string(err, 0)); - } - - throw Poco::IOException(msg); - } - - - int mapPaddingMode(RSAPaddingMode paddingMode) - { - switch (paddingMode) - { - case RSA_PADDING_PKCS1: - return RSA_PKCS1_PADDING; - case RSA_PADDING_PKCS1_OAEP: - return RSA_PKCS1_OAEP_PADDING; - case RSA_PADDING_SSLV23: - return RSA_SSLV23_PADDING; - case RSA_PADDING_NONE: - return RSA_NO_PADDING; - default: - poco_bugcheck(); - return RSA_NO_PADDING; - } - } - - - class RSAEncryptImpl: public CryptoTransform - { - public: - RSAEncryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode); - ~RSAEncryptImpl(); - - std::size_t blockSize() const; - std::size_t maxDataSize() const; - std::string getTag(std::size_t); - void setTag(const std::string&); - - std::streamsize transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength); - - std::streamsize finalize(unsigned char* output, std::streamsize length); - - private: - const RSA* _pRSA; - RSAPaddingMode _paddingMode; - std::streamsize _pos; - unsigned char* _pBuf; - }; - - - RSAEncryptImpl::RSAEncryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode): - _pRSA(pRSA), - _paddingMode(paddingMode), - _pos(0), - _pBuf(0) - { - _pBuf = new unsigned char[blockSize()]; - } - - - RSAEncryptImpl::~RSAEncryptImpl() - { - delete [] _pBuf; - } - - - std::size_t RSAEncryptImpl::blockSize() const - { - return RSA_size(_pRSA); - } - - - std::size_t RSAEncryptImpl::maxDataSize() const - { - std::size_t size = blockSize(); - switch (_paddingMode) - { - case RSA_PADDING_PKCS1: - case RSA_PADDING_SSLV23: - size -= 11; - break; - case RSA_PADDING_PKCS1_OAEP: - size -= 41; - break; - default: - break; - } - return size; - } - - - std::string RSAEncryptImpl::getTag(std::size_t) - { - return std::string(); - } - - - void RSAEncryptImpl::setTag(const std::string&) - { - } - - - std::streamsize RSAEncryptImpl::transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength) - { - // always fill up the buffer before writing! - std::streamsize maxSize = static_cast<std::streamsize>(maxDataSize()); - std::streamsize rsaSize = static_cast<std::streamsize>(blockSize()); - poco_assert_dbg(_pos <= maxSize); - poco_assert (outputLength >= rsaSize); - int rc = 0; - while (inputLength > 0) - { - // check how many data bytes we are missing to get the buffer full - poco_assert_dbg (maxSize >= _pos); - std::streamsize missing = maxSize - _pos; - if (missing == 0) - { - poco_assert (outputLength >= rsaSize); - int n = RSA_public_encrypt(static_cast<int>(maxSize), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); - if (n == -1) - throwError(); - rc += n; - output += n; - outputLength -= n; - _pos = 0; - - } - else - { - if (missing > inputLength) - missing = inputLength; - - std::memcpy(_pBuf + _pos, input, static_cast<std::size_t>(missing)); - input += missing; - _pos += missing; - inputLength -= missing; - } - } - return rc; - } - - - std::streamsize RSAEncryptImpl::finalize(unsigned char* output, std::streamsize length) - { - poco_assert (length >= blockSize()); - poco_assert (_pos <= maxDataSize()); - int rc = 0; - if (_pos > 0) - { - rc = RSA_public_encrypt(static_cast<int>(_pos), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); - if (rc == -1) throwError(); - } - return rc; - } - - - class RSADecryptImpl: public CryptoTransform - { - public: - RSADecryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode); - ~RSADecryptImpl(); - - std::size_t blockSize() const; - std::string getTag(std::size_t); - void setTag(const std::string&); - - std::streamsize transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength); - - std::streamsize finalize( - unsigned char* output, - std::streamsize length); - - private: - const RSA* _pRSA; - RSAPaddingMode _paddingMode; - std::streamsize _pos; - unsigned char* _pBuf; - }; - - - RSADecryptImpl::RSADecryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode): - _pRSA(pRSA), - _paddingMode(paddingMode), - _pos(0), - _pBuf(0) - { - _pBuf = new unsigned char[blockSize()]; - } - - - RSADecryptImpl::~RSADecryptImpl() - { - delete [] _pBuf; - } - - - std::size_t RSADecryptImpl::blockSize() const - { - return RSA_size(_pRSA); - } - - - std::string RSADecryptImpl::getTag(std::size_t) - { - return std::string(); - } - - - void RSADecryptImpl::setTag(const std::string&) - { - } - - - std::streamsize RSADecryptImpl::transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength) - { - - // always fill up the buffer before decrypting! - std::streamsize rsaSize = static_cast<std::streamsize>(blockSize()); - poco_assert_dbg(_pos <= rsaSize); - poco_assert (outputLength >= rsaSize); - int rc = 0; - while (inputLength > 0) - { - // check how many data bytes we are missing to get the buffer full - poco_assert_dbg (rsaSize >= _pos); - std::streamsize missing = rsaSize - _pos; - if (missing == 0) - { - int tmp = RSA_private_decrypt(static_cast<int>(rsaSize), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); - if (tmp == -1) - throwError(); - rc += tmp; - output += tmp; - outputLength -= tmp; - _pos = 0; - - } - else - { - if (missing > inputLength) - missing = inputLength; - - std::memcpy(_pBuf + _pos, input, static_cast<std::size_t>(missing)); - input += missing; - _pos += missing; - inputLength -= missing; - } - } - return rc; - } - - - std::streamsize RSADecryptImpl::finalize(unsigned char* output, std::streamsize length) - { - poco_assert (length >= blockSize()); - int rc = 0; - if (_pos > 0) - { - rc = RSA_private_decrypt(static_cast<int>(_pos), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); - if (rc == -1) - throwError(); - } - return rc; - } -} - - -RSACipherImpl::RSACipherImpl(const RSAKey& key, RSAPaddingMode paddingMode): - _key(key), - _paddingMode(paddingMode) -{ -} - - -RSACipherImpl::~RSACipherImpl() -{ -} - - -CryptoTransform* RSACipherImpl::createEncryptor() -{ - return new RSAEncryptImpl(_key.impl()->getRSA(), _paddingMode); -} - - -CryptoTransform* RSACipherImpl::createDecryptor() -{ - return new RSADecryptImpl(_key.impl()->getRSA(), _paddingMode); -} - - -} } // namespace Poco::Crypto +// +// RSACipherImpl.cpp +// +// Library: Crypto +// Package: RSA +// Module: RSACipherImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/RSACipherImpl.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Exception.h" +#include <openssl/err.h> +#include <openssl/rsa.h> +#include <cstring> + + +namespace Poco { +namespace Crypto { + + +namespace +{ + void throwError() + { + unsigned long err; + std::string msg; + + while ((err = ERR_get_error())) + { + if (!msg.empty()) + msg.append("; "); + msg.append(ERR_error_string(err, 0)); + } + + throw Poco::IOException(msg); + } + + + int mapPaddingMode(RSAPaddingMode paddingMode) + { + switch (paddingMode) + { + case RSA_PADDING_PKCS1: + return RSA_PKCS1_PADDING; + case RSA_PADDING_PKCS1_OAEP: + return RSA_PKCS1_OAEP_PADDING; + case RSA_PADDING_SSLV23: + return RSA_SSLV23_PADDING; + case RSA_PADDING_NONE: + return RSA_NO_PADDING; + default: + poco_bugcheck(); + return RSA_NO_PADDING; + } + } + + + class RSAEncryptImpl: public CryptoTransform + { + public: + RSAEncryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode); + ~RSAEncryptImpl(); + + std::size_t blockSize() const; + std::size_t maxDataSize() const; + std::string getTag(std::size_t); + void setTag(const std::string&); + + std::streamsize transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength); + + std::streamsize finalize(unsigned char* output, std::streamsize length); + + private: + const RSA* _pRSA; + RSAPaddingMode _paddingMode; + std::streamsize _pos; + unsigned char* _pBuf; + }; + + + RSAEncryptImpl::RSAEncryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode): + _pRSA(pRSA), + _paddingMode(paddingMode), + _pos(0), + _pBuf(0) + { + _pBuf = new unsigned char[blockSize()]; + } + + + RSAEncryptImpl::~RSAEncryptImpl() + { + delete [] _pBuf; + } + + + std::size_t RSAEncryptImpl::blockSize() const + { + return RSA_size(_pRSA); + } + + + std::size_t RSAEncryptImpl::maxDataSize() const + { + std::size_t size = blockSize(); + switch (_paddingMode) + { + case RSA_PADDING_PKCS1: + case RSA_PADDING_SSLV23: + size -= 11; + break; + case RSA_PADDING_PKCS1_OAEP: + size -= 41; + break; + default: + break; + } + return size; + } + + + std::string RSAEncryptImpl::getTag(std::size_t) + { + return std::string(); + } + + + void RSAEncryptImpl::setTag(const std::string&) + { + } + + + std::streamsize RSAEncryptImpl::transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength) + { + // always fill up the buffer before writing! + std::streamsize maxSize = static_cast<std::streamsize>(maxDataSize()); + std::streamsize rsaSize = static_cast<std::streamsize>(blockSize()); + poco_assert_dbg(_pos <= maxSize); + poco_assert (outputLength >= rsaSize); + int rc = 0; + while (inputLength > 0) + { + // check how many data bytes we are missing to get the buffer full + poco_assert_dbg (maxSize >= _pos); + std::streamsize missing = maxSize - _pos; + if (missing == 0) + { + poco_assert (outputLength >= rsaSize); + int n = RSA_public_encrypt(static_cast<int>(maxSize), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); + if (n == -1) + throwError(); + rc += n; + output += n; + outputLength -= n; + _pos = 0; + + } + else + { + if (missing > inputLength) + missing = inputLength; + + std::memcpy(_pBuf + _pos, input, static_cast<std::size_t>(missing)); + input += missing; + _pos += missing; + inputLength -= missing; + } + } + return rc; + } + + + std::streamsize RSAEncryptImpl::finalize(unsigned char* output, std::streamsize length) + { + poco_assert (length >= blockSize()); + poco_assert (_pos <= maxDataSize()); + int rc = 0; + if (_pos > 0) + { + rc = RSA_public_encrypt(static_cast<int>(_pos), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); + if (rc == -1) throwError(); + } + return rc; + } + + + class RSADecryptImpl: public CryptoTransform + { + public: + RSADecryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode); + ~RSADecryptImpl(); + + std::size_t blockSize() const; + std::string getTag(std::size_t); + void setTag(const std::string&); + + std::streamsize transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength); + + std::streamsize finalize( + unsigned char* output, + std::streamsize length); + + private: + const RSA* _pRSA; + RSAPaddingMode _paddingMode; + std::streamsize _pos; + unsigned char* _pBuf; + }; + + + RSADecryptImpl::RSADecryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode): + _pRSA(pRSA), + _paddingMode(paddingMode), + _pos(0), + _pBuf(0) + { + _pBuf = new unsigned char[blockSize()]; + } + + + RSADecryptImpl::~RSADecryptImpl() + { + delete [] _pBuf; + } + + + std::size_t RSADecryptImpl::blockSize() const + { + return RSA_size(_pRSA); + } + + + std::string RSADecryptImpl::getTag(std::size_t) + { + return std::string(); + } + + + void RSADecryptImpl::setTag(const std::string&) + { + } + + + std::streamsize RSADecryptImpl::transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength) + { + + // always fill up the buffer before decrypting! + std::streamsize rsaSize = static_cast<std::streamsize>(blockSize()); + poco_assert_dbg(_pos <= rsaSize); + poco_assert (outputLength >= rsaSize); + int rc = 0; + while (inputLength > 0) + { + // check how many data bytes we are missing to get the buffer full + poco_assert_dbg (rsaSize >= _pos); + std::streamsize missing = rsaSize - _pos; + if (missing == 0) + { + int tmp = RSA_private_decrypt(static_cast<int>(rsaSize), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); + if (tmp == -1) + throwError(); + rc += tmp; + output += tmp; + outputLength -= tmp; + _pos = 0; + + } + else + { + if (missing > inputLength) + missing = inputLength; + + std::memcpy(_pBuf + _pos, input, static_cast<std::size_t>(missing)); + input += missing; + _pos += missing; + inputLength -= missing; + } + } + return rc; + } + + + std::streamsize RSADecryptImpl::finalize(unsigned char* output, std::streamsize length) + { + poco_assert (length >= blockSize()); + int rc = 0; + if (_pos > 0) + { + rc = RSA_private_decrypt(static_cast<int>(_pos), _pBuf, output, const_cast<RSA*>(_pRSA), mapPaddingMode(_paddingMode)); + if (rc == -1) + throwError(); + } + return rc; + } +} + + +RSACipherImpl::RSACipherImpl(const RSAKey& key, RSAPaddingMode paddingMode): + _key(key), + _paddingMode(paddingMode) +{ +} + + +RSACipherImpl::~RSACipherImpl() +{ +} + + +CryptoTransform* RSACipherImpl::createEncryptor() +{ + return new RSAEncryptImpl(_key.impl()->getRSA(), _paddingMode); +} + + +CryptoTransform* RSACipherImpl::createDecryptor() +{ + return new RSADecryptImpl(_key.impl()->getRSA(), _paddingMode); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/RSADigestEngine.cpp b/contrib/libs/poco/Crypto/src/RSADigestEngine.cpp index 948aa25ac6c..aa2cbdf523a 100644 --- a/contrib/libs/poco/Crypto/src/RSADigestEngine.cpp +++ b/contrib/libs/poco/Crypto/src/RSADigestEngine.cpp @@ -1,96 +1,96 @@ -// -// RSADigestEngine.cpp -// -// Library: Crypto -// Package: RSA -// Module: RSADigestEngine -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/RSADigestEngine.h" -#include <openssl/rsa.h> - - -namespace Poco { -namespace Crypto { - - -RSADigestEngine::RSADigestEngine(const RSAKey& key, DigestType digestType): - _key(key), - _engine(digestType == DIGEST_MD5 ? "MD5" : "SHA1") -{ -} - -RSADigestEngine::RSADigestEngine(const RSAKey& key, const std::string &name): - _key(key), - _engine(name) -{ -} - - -RSADigestEngine::~RSADigestEngine() -{ -} - - -std::size_t RSADigestEngine::digestLength() const -{ - return _engine.digestLength(); -} - - -void RSADigestEngine::reset() -{ - _engine.reset(); - _digest.clear(); - _signature.clear(); -} - - -const DigestEngine::Digest& RSADigestEngine::digest() -{ - if (_digest.empty()) - { - _digest = _engine.digest(); - } - return _digest; -} - - -const DigestEngine::Digest& RSADigestEngine::signature() -{ - if (_signature.empty()) - { - digest(); - _signature.resize(_key.size()); - unsigned sigLen = static_cast<unsigned>(_signature.size()); - RSA_sign(_engine.nid(), &_digest[0], static_cast<unsigned>(_digest.size()), &_signature[0], &sigLen, _key.impl()->getRSA()); - // truncate _sig to sigLen - if (sigLen < _signature.size()) - _signature.resize(sigLen); - } - return _signature; -} - - -bool RSADigestEngine::verify(const DigestEngine::Digest& sig) -{ - digest(); - DigestEngine::Digest sigCpy = sig; // copy becausse RSA_verify can modify sigCpy - int ret = RSA_verify(_engine.nid(), &_digest[0], static_cast<unsigned>(_digest.size()), &sigCpy[0], static_cast<unsigned>(sigCpy.size()), _key.impl()->getRSA()); - return ret != 0; -} - - -void RSADigestEngine::updateImpl(const void* data, std::size_t length) -{ - _engine.update(data, length); -} - - -} } // namespace Poco::Crypto +// +// RSADigestEngine.cpp +// +// Library: Crypto +// Package: RSA +// Module: RSADigestEngine +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/RSADigestEngine.h" +#include <openssl/rsa.h> + + +namespace Poco { +namespace Crypto { + + +RSADigestEngine::RSADigestEngine(const RSAKey& key, DigestType digestType): + _key(key), + _engine(digestType == DIGEST_MD5 ? "MD5" : "SHA1") +{ +} + +RSADigestEngine::RSADigestEngine(const RSAKey& key, const std::string &name): + _key(key), + _engine(name) +{ +} + + +RSADigestEngine::~RSADigestEngine() +{ +} + + +std::size_t RSADigestEngine::digestLength() const +{ + return _engine.digestLength(); +} + + +void RSADigestEngine::reset() +{ + _engine.reset(); + _digest.clear(); + _signature.clear(); +} + + +const DigestEngine::Digest& RSADigestEngine::digest() +{ + if (_digest.empty()) + { + _digest = _engine.digest(); + } + return _digest; +} + + +const DigestEngine::Digest& RSADigestEngine::signature() +{ + if (_signature.empty()) + { + digest(); + _signature.resize(_key.size()); + unsigned sigLen = static_cast<unsigned>(_signature.size()); + RSA_sign(_engine.nid(), &_digest[0], static_cast<unsigned>(_digest.size()), &_signature[0], &sigLen, _key.impl()->getRSA()); + // truncate _sig to sigLen + if (sigLen < _signature.size()) + _signature.resize(sigLen); + } + return _signature; +} + + +bool RSADigestEngine::verify(const DigestEngine::Digest& sig) +{ + digest(); + DigestEngine::Digest sigCpy = sig; // copy becausse RSA_verify can modify sigCpy + int ret = RSA_verify(_engine.nid(), &_digest[0], static_cast<unsigned>(_digest.size()), &sigCpy[0], static_cast<unsigned>(sigCpy.size()), _key.impl()->getRSA()); + return ret != 0; +} + + +void RSADigestEngine::updateImpl(const void* data, std::size_t length) +{ + _engine.update(data, length); +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/src/RSAKey.cpp b/contrib/libs/poco/Crypto/src/RSAKey.cpp index b81a0281bf5..363c894a768 100644 --- a/contrib/libs/poco/Crypto/src/RSAKey.cpp +++ b/contrib/libs/poco/Crypto/src/RSAKey.cpp @@ -1,87 +1,87 @@ -// -// RSAKey.cpp -// -// Library: Crypto -// Package: RSA -// Module: RSAKey -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/RSAKey.h" -#include <openssl/rsa.h> - - -namespace Poco { -namespace Crypto { - - -RSAKey::RSAKey(const EVPPKey& key): - KeyPair(new RSAKeyImpl(key)), - _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) -{ -} - - -RSAKey::RSAKey(const X509Certificate& cert): - KeyPair(new RSAKeyImpl(cert)), - _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) -{ -} - - -RSAKey::RSAKey(const PKCS12Container& cont): - KeyPair(new RSAKeyImpl(cont)), - _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) -{ -} - - -RSAKey::RSAKey(KeyLength keyLength, Exponent exp): - KeyPair(new RSAKeyImpl(keyLength, (exp == EXP_LARGE) ? RSA_F4 : RSA_3)), - _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) -{ -} - - -RSAKey::RSAKey(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase): - KeyPair(new RSAKeyImpl(publicKeyFile, privateKeyFile, privateKeyPassphrase)), - _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) -{ -} - - -RSAKey::RSAKey(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase): - KeyPair(new RSAKeyImpl(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase)), - _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) -{ -} - - -RSAKey::~RSAKey() -{ -} - -RSAKeyImpl::ByteVec RSAKey::modulus() const -{ - return _pImpl->modulus(); -} - - -RSAKeyImpl::ByteVec RSAKey::encryptionExponent() const -{ - return _pImpl->encryptionExponent(); -} - - -RSAKeyImpl::ByteVec RSAKey::decryptionExponent() const -{ - return _pImpl->decryptionExponent(); -} - - -} } // namespace Poco::Crypto
\ No newline at end of file +// +// RSAKey.cpp +// +// Library: Crypto +// Package: RSA +// Module: RSAKey +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/RSAKey.h" +#include <openssl/rsa.h> + + +namespace Poco { +namespace Crypto { + + +RSAKey::RSAKey(const EVPPKey& key): + KeyPair(new RSAKeyImpl(key)), + _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) +{ +} + + +RSAKey::RSAKey(const X509Certificate& cert): + KeyPair(new RSAKeyImpl(cert)), + _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) +{ +} + + +RSAKey::RSAKey(const PKCS12Container& cont): + KeyPair(new RSAKeyImpl(cont)), + _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) +{ +} + + +RSAKey::RSAKey(KeyLength keyLength, Exponent exp): + KeyPair(new RSAKeyImpl(keyLength, (exp == EXP_LARGE) ? RSA_F4 : RSA_3)), + _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) +{ +} + + +RSAKey::RSAKey(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase): + KeyPair(new RSAKeyImpl(publicKeyFile, privateKeyFile, privateKeyPassphrase)), + _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) +{ +} + + +RSAKey::RSAKey(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase): + KeyPair(new RSAKeyImpl(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase)), + _pImpl(KeyPair::impl().cast<RSAKeyImpl>()) +{ +} + + +RSAKey::~RSAKey() +{ +} + +RSAKeyImpl::ByteVec RSAKey::modulus() const +{ + return _pImpl->modulus(); +} + + +RSAKeyImpl::ByteVec RSAKey::encryptionExponent() const +{ + return _pImpl->encryptionExponent(); +} + + +RSAKeyImpl::ByteVec RSAKey::decryptionExponent() const +{ + return _pImpl->decryptionExponent(); +} + + +} } // namespace Poco::Crypto
\ No newline at end of file diff --git a/contrib/libs/poco/Crypto/src/RSAKeyImpl.cpp b/contrib/libs/poco/Crypto/src/RSAKeyImpl.cpp index 8aa3890b91c..baeb0a206b3 100644 --- a/contrib/libs/poco/Crypto/src/RSAKeyImpl.cpp +++ b/contrib/libs/poco/Crypto/src/RSAKeyImpl.cpp @@ -1,386 +1,386 @@ -// -// RSAKeyImpl.cpp -// -// Library: Crypto -// Package: RSA -// Module: RSAKeyImpl -// -// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/RSAKeyImpl.h" -#include "Poco/Crypto/X509Certificate.h" -#include "Poco/Crypto/PKCS12Container.h" -#include "Poco/FileStream.h" -#include "Poco/StreamCopier.h" -#include <sstream> -#include <openssl/pem.h> -#include <openssl/rsa.h> -#include <openssl/evp.h> -#if OPENSSL_VERSION_NUMBER >= 0x00908000L -#include <openssl/bn.h> -#endif - - -namespace Poco { -namespace Crypto { - - -RSAKeyImpl::RSAKeyImpl(const EVPPKey& key): - KeyPairImpl("rsa", KT_RSA_IMPL), - _pRSA(EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>((const EVP_PKEY*)key))) -{ - if (!_pRSA) throw OpenSSLException(); -} - - -RSAKeyImpl::RSAKeyImpl(const X509Certificate& cert): - KeyPairImpl("rsa", KT_RSA_IMPL), - _pRSA(0) -{ - const X509* pCert = cert.certificate(); - EVP_PKEY* pKey = X509_get_pubkey(const_cast<X509*>(pCert)); - if (pKey) - { - _pRSA = EVP_PKEY_get1_RSA(pKey); - EVP_PKEY_free(pKey); - } - else - throw OpenSSLException("RSAKeyImpl(const X509Certificate&)"); -} - - -RSAKeyImpl::RSAKeyImpl(const PKCS12Container& cont): - KeyPairImpl("rsa", KT_RSA_IMPL), - _pRSA(0) -{ - EVPPKey key = cont.getKey(); - _pRSA = EVP_PKEY_get1_RSA(key); -} - - -RSAKeyImpl::RSAKeyImpl(int keyLength, unsigned long exponent): KeyPairImpl("rsa", KT_RSA_IMPL), - _pRSA(0) -{ -#if OPENSSL_VERSION_NUMBER >= 0x00908000L - _pRSA = RSA_new(); - int ret = 0; - BIGNUM* bn = 0; - try - { - bn = BN_new(); - BN_set_word(bn, exponent); - ret = RSA_generate_key_ex(_pRSA, keyLength, bn, 0); - BN_free(bn); - } - catch (...) - { - BN_free(bn); - throw; - } - if (!ret) throw Poco::InvalidArgumentException("Failed to create RSA context"); -#else - _pRSA = RSA_generate_key(keyLength, exponent, 0, 0); - if (!_pRSA) throw Poco::InvalidArgumentException("Failed to create RSA context"); -#endif -} - - -RSAKeyImpl::RSAKeyImpl(const std::string& publicKeyFile, +// +// RSAKeyImpl.cpp +// +// Library: Crypto +// Package: RSA +// Module: RSAKeyImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/RSAKeyImpl.h" +#include "Poco/Crypto/X509Certificate.h" +#include "Poco/Crypto/PKCS12Container.h" +#include "Poco/FileStream.h" +#include "Poco/StreamCopier.h" +#include <sstream> +#include <openssl/pem.h> +#include <openssl/rsa.h> +#include <openssl/evp.h> +#if OPENSSL_VERSION_NUMBER >= 0x00908000L +#include <openssl/bn.h> +#endif + + +namespace Poco { +namespace Crypto { + + +RSAKeyImpl::RSAKeyImpl(const EVPPKey& key): + KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>((const EVP_PKEY*)key))) +{ + if (!_pRSA) throw OpenSSLException(); +} + + +RSAKeyImpl::RSAKeyImpl(const X509Certificate& cert): + KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ + const X509* pCert = cert.certificate(); + EVP_PKEY* pKey = X509_get_pubkey(const_cast<X509*>(pCert)); + if (pKey) + { + _pRSA = EVP_PKEY_get1_RSA(pKey); + EVP_PKEY_free(pKey); + } + else + throw OpenSSLException("RSAKeyImpl(const X509Certificate&)"); +} + + +RSAKeyImpl::RSAKeyImpl(const PKCS12Container& cont): + KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ + EVPPKey key = cont.getKey(); + _pRSA = EVP_PKEY_get1_RSA(key); +} + + +RSAKeyImpl::RSAKeyImpl(int keyLength, unsigned long exponent): KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ +#if OPENSSL_VERSION_NUMBER >= 0x00908000L + _pRSA = RSA_new(); + int ret = 0; + BIGNUM* bn = 0; + try + { + bn = BN_new(); + BN_set_word(bn, exponent); + ret = RSA_generate_key_ex(_pRSA, keyLength, bn, 0); + BN_free(bn); + } + catch (...) + { + BN_free(bn); + throw; + } + if (!ret) throw Poco::InvalidArgumentException("Failed to create RSA context"); +#else + _pRSA = RSA_generate_key(keyLength, exponent, 0, 0); + if (!_pRSA) throw Poco::InvalidArgumentException("Failed to create RSA context"); +#endif +} + + +RSAKeyImpl::RSAKeyImpl(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase): KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ + poco_assert_dbg(_pRSA == 0); + + _pRSA = RSA_new(); + if (!publicKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for reading public key", publicKeyFile); + int rc = BIO_read_filename(bio, publicKeyFile.c_str()); + if (rc) + { + RSA* pubKey = PEM_read_bio_RSAPublicKey(bio, &_pRSA, 0, 0); + if (!pubKey) + { + int rc = BIO_reset(bio); + // BIO_reset() normally returns 1 for success and 0 or -1 for failure. + // File BIOs are an exception, they return 0 for success and -1 for failure. + if (rc != 0) throw Poco::FileException("Failed to load public key", publicKeyFile); + pubKey = PEM_read_bio_RSA_PUBKEY(bio, &_pRSA, 0, 0); + } + BIO_free(bio); + if (!pubKey) + { + freeRSA(); + throw Poco::FileException("Failed to load public key", publicKeyFile); + } + } + else + { + freeRSA(); + throw Poco::FileNotFoundException("Public key file", publicKeyFile); + } + } + + if (!privateKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for reading private key", privateKeyFile); + int rc = BIO_read_filename(bio, privateKeyFile.c_str()); + if (rc) + { + RSA* privKey = 0; + if (privateKeyPassphrase.empty()) + privKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, 0); + else + privKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, const_cast<char*>(privateKeyPassphrase.c_str())); + BIO_free(bio); + if (!privKey) + { + freeRSA(); + throw Poco::FileException("Failed to load private key", privateKeyFile); + } + } + else + { + freeRSA(); + throw Poco::FileNotFoundException("Private key file", privateKeyFile); + } + } +} + + +RSAKeyImpl::RSAKeyImpl(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream, + const std::string& privateKeyPassphrase): KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ + poco_assert_dbg(_pRSA == 0); + + _pRSA = RSA_new(); + if (pPublicKeyStream) + { + std::string publicKeyData; + Poco::StreamCopier::copyToString(*pPublicKeyStream, publicKeyData); + BIO* bio = BIO_new_mem_buf(const_cast<char*>(publicKeyData.data()), static_cast<int>(publicKeyData.size())); + if (!bio) throw Poco::IOException("Cannot create BIO for reading public key"); + RSA* publicKey = PEM_read_bio_RSAPublicKey(bio, &_pRSA, 0, 0); + if (!publicKey) + { + int rc = BIO_reset(bio); + // BIO_reset() normally returns 1 for success and 0 or -1 for failure. + // File BIOs are an exception, they return 0 for success and -1 for failure. + if (rc != 1) throw Poco::FileException("Failed to load public key"); + publicKey = PEM_read_bio_RSA_PUBKEY(bio, &_pRSA, 0, 0); + } + BIO_free(bio); + if (!publicKey) + { + freeRSA(); + throw Poco::FileException("Failed to load public key"); + } + } + + if (pPrivateKeyStream) + { + std::string privateKeyData; + Poco::StreamCopier::copyToString(*pPrivateKeyStream, privateKeyData); + BIO* bio = BIO_new_mem_buf(const_cast<char*>(privateKeyData.data()), static_cast<int>(privateKeyData.size())); + if (!bio) throw Poco::IOException("Cannot create BIO for reading private key"); + RSA* privateKey = 0; + if (privateKeyPassphrase.empty()) + privateKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, 0); + else + privateKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, const_cast<char*>(privateKeyPassphrase.c_str())); + BIO_free(bio); + if (!privateKey) + { + freeRSA(); + throw Poco::FileException("Failed to load private key"); + } + } +} + + +RSAKeyImpl::~RSAKeyImpl() +{ + freeRSA(); +} + + +void RSAKeyImpl::freeRSA() +{ + if (_pRSA) RSA_free(_pRSA); + _pRSA = 0; +} + + +int RSAKeyImpl::size() const +{ + return RSA_size(_pRSA); +} + + +RSAKeyImpl::ByteVec RSAKeyImpl::modulus() const +{ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + const BIGNUM* n = 0; + const BIGNUM* e = 0; + const BIGNUM* d = 0; + RSA_get0_key(_pRSA, &n, &e, &d); + return convertToByteVec(n); +#else + return convertToByteVec(_pRSA->n); +#endif +} + + +RSAKeyImpl::ByteVec RSAKeyImpl::encryptionExponent() const +{ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + const BIGNUM* n = 0; + const BIGNUM* e = 0; + const BIGNUM* d = 0; + RSA_get0_key(_pRSA, &n, &e, &d); + return convertToByteVec(e); +#else + return convertToByteVec(_pRSA->e); +#endif +} + + +RSAKeyImpl::ByteVec RSAKeyImpl::decryptionExponent() const +{ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + const BIGNUM* n = 0; + const BIGNUM* e = 0; + const BIGNUM* d = 0; + RSA_get0_key(_pRSA, &n, &e, &d); + return convertToByteVec(d); +#else + return convertToByteVec(_pRSA->d); +#endif +} + + +void RSAKeyImpl::save(const std::string& publicKeyFile, const std::string& privateKeyFile, - const std::string& privateKeyPassphrase): KeyPairImpl("rsa", KT_RSA_IMPL), - _pRSA(0) -{ - poco_assert_dbg(_pRSA == 0); - - _pRSA = RSA_new(); - if (!publicKeyFile.empty()) - { - BIO* bio = BIO_new(BIO_s_file()); - if (!bio) throw Poco::IOException("Cannot create BIO for reading public key", publicKeyFile); - int rc = BIO_read_filename(bio, publicKeyFile.c_str()); - if (rc) - { - RSA* pubKey = PEM_read_bio_RSAPublicKey(bio, &_pRSA, 0, 0); - if (!pubKey) - { - int rc = BIO_reset(bio); - // BIO_reset() normally returns 1 for success and 0 or -1 for failure. - // File BIOs are an exception, they return 0 for success and -1 for failure. - if (rc != 0) throw Poco::FileException("Failed to load public key", publicKeyFile); - pubKey = PEM_read_bio_RSA_PUBKEY(bio, &_pRSA, 0, 0); - } - BIO_free(bio); - if (!pubKey) - { - freeRSA(); - throw Poco::FileException("Failed to load public key", publicKeyFile); - } - } - else - { - freeRSA(); - throw Poco::FileNotFoundException("Public key file", publicKeyFile); - } - } - - if (!privateKeyFile.empty()) - { - BIO* bio = BIO_new(BIO_s_file()); - if (!bio) throw Poco::IOException("Cannot create BIO for reading private key", privateKeyFile); - int rc = BIO_read_filename(bio, privateKeyFile.c_str()); - if (rc) - { - RSA* privKey = 0; - if (privateKeyPassphrase.empty()) - privKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, 0); - else - privKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, const_cast<char*>(privateKeyPassphrase.c_str())); - BIO_free(bio); - if (!privKey) - { - freeRSA(); - throw Poco::FileException("Failed to load private key", privateKeyFile); - } - } - else - { - freeRSA(); - throw Poco::FileNotFoundException("Private key file", privateKeyFile); - } - } -} - - -RSAKeyImpl::RSAKeyImpl(std::istream* pPublicKeyStream, - std::istream* pPrivateKeyStream, - const std::string& privateKeyPassphrase): KeyPairImpl("rsa", KT_RSA_IMPL), - _pRSA(0) -{ - poco_assert_dbg(_pRSA == 0); - - _pRSA = RSA_new(); - if (pPublicKeyStream) - { - std::string publicKeyData; - Poco::StreamCopier::copyToString(*pPublicKeyStream, publicKeyData); - BIO* bio = BIO_new_mem_buf(const_cast<char*>(publicKeyData.data()), static_cast<int>(publicKeyData.size())); - if (!bio) throw Poco::IOException("Cannot create BIO for reading public key"); - RSA* publicKey = PEM_read_bio_RSAPublicKey(bio, &_pRSA, 0, 0); - if (!publicKey) - { - int rc = BIO_reset(bio); - // BIO_reset() normally returns 1 for success and 0 or -1 for failure. - // File BIOs are an exception, they return 0 for success and -1 for failure. - if (rc != 1) throw Poco::FileException("Failed to load public key"); - publicKey = PEM_read_bio_RSA_PUBKEY(bio, &_pRSA, 0, 0); - } - BIO_free(bio); - if (!publicKey) - { - freeRSA(); - throw Poco::FileException("Failed to load public key"); - } - } - - if (pPrivateKeyStream) - { - std::string privateKeyData; - Poco::StreamCopier::copyToString(*pPrivateKeyStream, privateKeyData); - BIO* bio = BIO_new_mem_buf(const_cast<char*>(privateKeyData.data()), static_cast<int>(privateKeyData.size())); - if (!bio) throw Poco::IOException("Cannot create BIO for reading private key"); - RSA* privateKey = 0; - if (privateKeyPassphrase.empty()) - privateKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, 0); - else - privateKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, const_cast<char*>(privateKeyPassphrase.c_str())); - BIO_free(bio); - if (!privateKey) - { - freeRSA(); - throw Poco::FileException("Failed to load private key"); - } - } -} - - -RSAKeyImpl::~RSAKeyImpl() -{ - freeRSA(); -} - - -void RSAKeyImpl::freeRSA() -{ - if (_pRSA) RSA_free(_pRSA); - _pRSA = 0; -} - - -int RSAKeyImpl::size() const -{ - return RSA_size(_pRSA); -} - - -RSAKeyImpl::ByteVec RSAKeyImpl::modulus() const -{ -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - const BIGNUM* n = 0; - const BIGNUM* e = 0; - const BIGNUM* d = 0; - RSA_get0_key(_pRSA, &n, &e, &d); - return convertToByteVec(n); -#else - return convertToByteVec(_pRSA->n); -#endif -} - - -RSAKeyImpl::ByteVec RSAKeyImpl::encryptionExponent() const -{ -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - const BIGNUM* n = 0; - const BIGNUM* e = 0; - const BIGNUM* d = 0; - RSA_get0_key(_pRSA, &n, &e, &d); - return convertToByteVec(e); -#else - return convertToByteVec(_pRSA->e); -#endif -} - - -RSAKeyImpl::ByteVec RSAKeyImpl::decryptionExponent() const -{ -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - const BIGNUM* n = 0; - const BIGNUM* e = 0; - const BIGNUM* d = 0; - RSA_get0_key(_pRSA, &n, &e, &d); - return convertToByteVec(d); -#else - return convertToByteVec(_pRSA->d); -#endif -} - - -void RSAKeyImpl::save(const std::string& publicKeyFile, - const std::string& privateKeyFile, - const std::string& privateKeyPassphrase) const -{ - if (!publicKeyFile.empty()) - { - BIO* bio = BIO_new(BIO_s_file()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing public key file", publicKeyFile); - try - { - if (BIO_write_filename(bio, const_cast<char*>(publicKeyFile.c_str()))) - { - if (!PEM_write_bio_RSAPublicKey(bio, _pRSA)) - throw Poco::WriteFileException("Failed to write public key to file", publicKeyFile); - } - else throw Poco::CreateFileException("Cannot create public key file"); - } - catch (...) - { - BIO_free(bio); - throw; - } - BIO_free(bio); - } - - if (!privateKeyFile.empty()) - { - BIO* bio = BIO_new(BIO_s_file()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing private key file", privateKeyFile); - try - { - if (BIO_write_filename(bio, const_cast<char*>(privateKeyFile.c_str()))) - { - int rc = 0; - if (privateKeyPassphrase.empty()) - rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, 0, 0, 0, 0, 0); - else - rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, EVP_des_ede3_cbc(), - reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), - static_cast<int>(privateKeyPassphrase.length()), 0, 0); - if (!rc) throw Poco::FileException("Failed to write private key to file", privateKeyFile); - } - else throw Poco::CreateFileException("Cannot create private key file", privateKeyFile); - } - catch (...) - { - BIO_free(bio); - throw; - } - BIO_free(bio); - } -} - - -void RSAKeyImpl::save(std::ostream* pPublicKeyStream, - std::ostream* pPrivateKeyStream, - const std::string& privateKeyPassphrase) const -{ - if (pPublicKeyStream) - { - BIO* bio = BIO_new(BIO_s_mem()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); - if (!PEM_write_bio_RSAPublicKey(bio, _pRSA)) - { - BIO_free(bio); - throw Poco::WriteFileException("Failed to write public key to stream"); - } - char* pData; - long size = BIO_get_mem_data(bio, &pData); - pPublicKeyStream->write(pData, static_cast<std::streamsize>(size)); - BIO_free(bio); - } - - if (pPrivateKeyStream) - { - BIO* bio = BIO_new(BIO_s_mem()); - if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); - int rc = 0; - if (privateKeyPassphrase.empty()) - rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, 0, 0, 0, 0, 0); - else - rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, EVP_des_ede3_cbc(), - reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), - static_cast<int>(privateKeyPassphrase.length()), 0, 0); - if (!rc) - { - BIO_free(bio); - throw Poco::FileException("Failed to write private key to stream"); - } - char* pData; - long size = BIO_get_mem_data(bio, &pData); - pPrivateKeyStream->write(pData, static_cast<std::streamsize>(size)); - BIO_free(bio); - } -} - - -RSAKeyImpl::ByteVec RSAKeyImpl::convertToByteVec(const BIGNUM* bn) -{ - int numBytes = BN_num_bytes(bn); - ByteVec byteVector(numBytes); - - ByteVec::value_type* buffer = new ByteVec::value_type[numBytes]; - BN_bn2bin(bn, buffer); - - for (int i = 0; i < numBytes; ++i) - byteVector[i] = buffer[i]; - - delete [] buffer; - - return byteVector; -} - - -} } // namespace Poco::Crypto
\ No newline at end of file + const std::string& privateKeyPassphrase) const +{ + if (!publicKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key file", publicKeyFile); + try + { + if (BIO_write_filename(bio, const_cast<char*>(publicKeyFile.c_str()))) + { + if (!PEM_write_bio_RSAPublicKey(bio, _pRSA)) + throw Poco::WriteFileException("Failed to write public key to file", publicKeyFile); + } + else throw Poco::CreateFileException("Cannot create public key file"); + } + catch (...) + { + BIO_free(bio); + throw; + } + BIO_free(bio); + } + + if (!privateKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing private key file", privateKeyFile); + try + { + if (BIO_write_filename(bio, const_cast<char*>(privateKeyFile.c_str()))) + { + int rc = 0; + if (privateKeyPassphrase.empty()) + rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, 0, 0, 0, 0, 0); + else + rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, EVP_des_ede3_cbc(), + reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), + static_cast<int>(privateKeyPassphrase.length()), 0, 0); + if (!rc) throw Poco::FileException("Failed to write private key to file", privateKeyFile); + } + else throw Poco::CreateFileException("Cannot create private key file", privateKeyFile); + } + catch (...) + { + BIO_free(bio); + throw; + } + BIO_free(bio); + } +} + + +void RSAKeyImpl::save(std::ostream* pPublicKeyStream, + std::ostream* pPrivateKeyStream, + const std::string& privateKeyPassphrase) const +{ + if (pPublicKeyStream) + { + BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); + if (!PEM_write_bio_RSAPublicKey(bio, _pRSA)) + { + BIO_free(bio); + throw Poco::WriteFileException("Failed to write public key to stream"); + } + char* pData; + long size = BIO_get_mem_data(bio, &pData); + pPublicKeyStream->write(pData, static_cast<std::streamsize>(size)); + BIO_free(bio); + } + + if (pPrivateKeyStream) + { + BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); + int rc = 0; + if (privateKeyPassphrase.empty()) + rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, 0, 0, 0, 0, 0); + else + rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, EVP_des_ede3_cbc(), + reinterpret_cast<unsigned char*>(const_cast<char*>(privateKeyPassphrase.c_str())), + static_cast<int>(privateKeyPassphrase.length()), 0, 0); + if (!rc) + { + BIO_free(bio); + throw Poco::FileException("Failed to write private key to stream"); + } + char* pData; + long size = BIO_get_mem_data(bio, &pData); + pPrivateKeyStream->write(pData, static_cast<std::streamsize>(size)); + BIO_free(bio); + } +} + + +RSAKeyImpl::ByteVec RSAKeyImpl::convertToByteVec(const BIGNUM* bn) +{ + int numBytes = BN_num_bytes(bn); + ByteVec byteVector(numBytes); + + ByteVec::value_type* buffer = new ByteVec::value_type[numBytes]; + BN_bn2bin(bn, buffer); + + for (int i = 0; i < numBytes; ++i) + byteVector[i] = buffer[i]; + + delete [] buffer; + + return byteVector; +} + + +} } // namespace Poco::Crypto
\ No newline at end of file diff --git a/contrib/libs/poco/Crypto/src/X509Certificate.cpp b/contrib/libs/poco/Crypto/src/X509Certificate.cpp index bea1e459ea9..b2e60145399 100644 --- a/contrib/libs/poco/Crypto/src/X509Certificate.cpp +++ b/contrib/libs/poco/Crypto/src/X509Certificate.cpp @@ -1,386 +1,386 @@ -// -// X509Certificate.cpp -// -// Library: Crypto -// Package: Certificate -// Module: X509Certificate -// -// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. -// and Contributors. -// -// SPDX-License-Identifier: BSL-1.0 -// - - -#include "Poco/Crypto/X509Certificate.h" -#include "Poco/Crypto/CryptoException.h" -#include "Poco/StreamCopier.h" -#include "Poco/String.h" -#include "Poco/DateTimeParser.h" -#include "Poco/Format.h" -#include <sstream> -#include <openssl/pem.h> -#ifdef _WIN32 -// fix for WIN32 header conflict -#undef X509_NAME -#endif -#include <openssl/x509v3.h> -#include <openssl/err.h> -#include <openssl/evp.h> - - -namespace Poco { -namespace Crypto { - - -X509Certificate::X509Certificate(std::istream& istr): - _pCert(0) -{ - load(istr); -} - - -X509Certificate::X509Certificate(const std::string& path): - _pCert(0) -{ - load(path); -} - - -X509Certificate::X509Certificate(X509* pCert): - _pCert(pCert) -{ - poco_check_ptr(_pCert); - - init(); -} - - -X509Certificate::X509Certificate(X509* pCert, bool shared): - _pCert(pCert) -{ - poco_check_ptr(_pCert); - - if (shared) - { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L - X509_up_ref(_pCert); -#else - _pCert->references++; -#endif - } - - init(); -} - - -X509Certificate::X509Certificate(const X509Certificate& cert): - _issuerName(cert._issuerName), - _subjectName(cert._subjectName), - _serialNumber(cert._serialNumber), - _pCert(cert._pCert) -{ - _pCert = X509_dup(_pCert); -} - - -X509Certificate& X509Certificate::operator = (const X509Certificate& cert) -{ - X509Certificate tmp(cert); - swap(tmp); - return *this; -} - - -void X509Certificate::swap(X509Certificate& cert) -{ - using std::swap; - swap(cert._issuerName, _issuerName); - swap(cert._subjectName, _subjectName); - swap(cert._serialNumber, _serialNumber); - swap(cert._pCert, _pCert); -} - - -X509Certificate::~X509Certificate() -{ - X509_free(_pCert); -} - - -void X509Certificate::load(std::istream& istr) -{ - poco_assert (!_pCert); - - std::stringstream certStream; - Poco::StreamCopier::copyStream(istr, certStream); - std::string cert = certStream.str(); - - BIO *pBIO = BIO_new_mem_buf(const_cast<char*>(cert.data()), static_cast<int>(cert.size())); - if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate"); - _pCert = PEM_read_bio_X509(pBIO, 0, 0, 0); - BIO_free(pBIO); - - if (!_pCert) throw Poco::IOException("Failed to load certificate from stream"); - - init(); -} - - -void X509Certificate::load(const std::string& path) -{ - poco_assert (!_pCert); - - BIO *pBIO = BIO_new(BIO_s_file()); - if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate file", path); - if (!BIO_read_filename(pBIO, path.c_str())) - { - BIO_free(pBIO); - throw Poco::OpenFileException("Cannot open certificate file for reading", path); - } - - _pCert = PEM_read_bio_X509(pBIO, 0, 0, 0); - BIO_free(pBIO); - - if (!_pCert) throw Poco::ReadFileException("Faild to load certificate from", path); - - init(); -} - - -void X509Certificate::save(std::ostream& stream) const -{ - BIO *pBIO = BIO_new(BIO_s_mem()); - if (!pBIO) throw Poco::IOException("Cannot create BIO for writing certificate"); - try - { - if (!PEM_write_bio_X509(pBIO, _pCert)) - throw Poco::IOException("Failed to write certificate to stream"); - - char *pData; - long size; - size = BIO_get_mem_data(pBIO, &pData); - stream.write(pData, size); - } - catch (...) - { - BIO_free(pBIO); - throw; - } - BIO_free(pBIO); -} - - -void X509Certificate::save(const std::string& path) const -{ - BIO *pBIO = BIO_new(BIO_s_file()); - if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate file", path); - if (!BIO_write_filename(pBIO, const_cast<char*>(path.c_str()))) - { - BIO_free(pBIO); - throw Poco::CreateFileException("Cannot create certificate file", path); - } - try - { - if (!PEM_write_bio_X509(pBIO, _pCert)) - throw Poco::WriteFileException("Failed to write certificate to file", path); - } - catch (...) - { - BIO_free(pBIO); - throw; - } - BIO_free(pBIO); -} - - -void X509Certificate::init() -{ - char buffer[NAME_BUFFER_SIZE]; - X509_NAME_oneline(X509_get_issuer_name(_pCert), buffer, sizeof(buffer)); - _issuerName = buffer; - X509_NAME_oneline(X509_get_subject_name(_pCert), buffer, sizeof(buffer)); - _subjectName = buffer; - BIGNUM* pBN = ASN1_INTEGER_to_BN(X509_get_serialNumber(const_cast<X509*>(_pCert)), 0); - if (pBN) - { - char* pSN = BN_bn2hex(pBN); - if (pSN) - { - _serialNumber = pSN; - OPENSSL_free(pSN); - } - BN_free(pBN); - } -} - - -std::string X509Certificate::commonName() const -{ - return subjectName(NID_COMMON_NAME); -} - - -std::string X509Certificate::issuerName(NID nid) const -{ - if (X509_NAME* issuer = X509_get_issuer_name(_pCert)) - { - char buffer[NAME_BUFFER_SIZE]; - if (X509_NAME_get_text_by_NID(issuer, nid, buffer, sizeof(buffer)) >= 0) - return std::string(buffer); - } - return std::string(); -} - - -std::string X509Certificate::subjectName(NID nid) const -{ - if (X509_NAME* subj = X509_get_subject_name(_pCert)) - { - char buffer[NAME_BUFFER_SIZE]; - if (X509_NAME_get_text_by_NID(subj, nid, buffer, sizeof(buffer)) >= 0) - return std::string(buffer); - } - return std::string(); -} - - -void X509Certificate::extractNames(std::string& cmnName, std::set<std::string>& domainNames) const -{ - domainNames.clear(); - if (STACK_OF(GENERAL_NAME)* names = static_cast<STACK_OF(GENERAL_NAME)*>(X509_get_ext_d2i(_pCert, NID_subject_alt_name, 0, 0))) - { - for (int i = 0; i < sk_GENERAL_NAME_num(names); ++i) - { - const GENERAL_NAME* name = sk_GENERAL_NAME_value(names, i); - if (name->type == GEN_DNS) - { - const char* data = reinterpret_cast<char*>(ASN1_STRING_data(name->d.ia5)); - std::size_t len = ASN1_STRING_length(name->d.ia5); - domainNames.insert(std::string(data, len)); - } - } - GENERAL_NAMES_free(names); - } - - cmnName = commonName(); - if (!cmnName.empty() && domainNames.empty()) - { - domainNames.insert(cmnName); - } -} - - -Poco::DateTime X509Certificate::validFrom() const -{ - ASN1_TIME* certTime = X509_get_notBefore(_pCert); - std::string dateTime(reinterpret_cast<char*>(certTime->data)); - int tzd; - return DateTimeParser::parse("%y%m%d%H%M%S", dateTime, tzd); -} - - -Poco::DateTime X509Certificate::expiresOn() const -{ - ASN1_TIME* certTime = X509_get_notAfter(_pCert); - std::string dateTime(reinterpret_cast<char*>(certTime->data)); - int tzd; - return DateTimeParser::parse("%y%m%d%H%M%S", dateTime, tzd); -} - - -bool X509Certificate::issuedBy(const X509Certificate& issuerCertificate) const -{ - X509* pCert = const_cast<X509*>(_pCert); - X509* pIssuerCert = const_cast<X509*>(issuerCertificate.certificate()); - EVP_PKEY* pIssuerPublicKey = X509_get_pubkey(pIssuerCert); - if (!pIssuerPublicKey) throw Poco::InvalidArgumentException("Issuer certificate has no public key"); - int rc = X509_verify(pCert, pIssuerPublicKey); - EVP_PKEY_free(pIssuerPublicKey); - return rc == 1; -} - - -bool X509Certificate::equals(const X509Certificate& otherCertificate) const -{ - X509* pCert = const_cast<X509*>(_pCert); - X509* pOtherCert = const_cast<X509*>(otherCertificate.certificate()); - return X509_cmp(pCert, pOtherCert) == 0; -} - - -std::string X509Certificate::signatureAlgorithm() const -{ - int sigNID = NID_undef; - -#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) - sigNID = X509_get_signature_nid(_pCert); -#else - poco_check_ptr(_pCert->sig_alg); - sigNID = OBJ_obj2nid(_pCert->sig_alg->algorithm); -#endif - - if (sigNID != NID_undef) - { - const char* pAlgName = OBJ_nid2ln(sigNID); - if (pAlgName) return std::string(pAlgName); - else throw OpenSSLException(Poco::format("X509Certificate::" - "signatureAlgorithm(): OBJ_nid2ln(%d)", sigNID)); - } - else - throw NotFoundException("X509Certificate::signatureAlgorithm()"); - - return ""; -} - - -X509Certificate::List X509Certificate::readPEM(const std::string& pemFileName) -{ - List caCertList; - BIO* pBIO = BIO_new_file(pemFileName.c_str(), "r"); - if (pBIO == NULL) throw OpenFileException("X509Certificate::readPEM()"); - X509* x = PEM_read_bio_X509(pBIO, NULL, 0, NULL); - if (!x) throw OpenSSLException(Poco::format("X509Certificate::readPEM(%s)", pemFileName)); - while(x) - { - caCertList.push_back(X509Certificate(x)); - x = PEM_read_bio_X509(pBIO, NULL, 0, NULL); - } - BIO_free(pBIO); - return caCertList; -} - - -void X509Certificate::writePEM(const std::string& pemFileName, const List& list) -{ - BIO* pBIO = BIO_new_file(pemFileName.c_str(), "a"); - if (pBIO == NULL) throw OpenFileException("X509Certificate::writePEM()"); - List::const_iterator it = list.begin(); - List::const_iterator end = list.end(); - for (; it != end; ++it) - { - if (!PEM_write_bio_X509(pBIO, const_cast<X509*>(it->certificate()))) - { - throw OpenSSLException("X509Certificate::writePEM()"); - } - } - BIO_free(pBIO); -} - - -void X509Certificate::print(std::ostream& out) const -{ - out << "subjectName: " << subjectName() << std::endl; - out << "issuerName: " << issuerName() << std::endl; - out << "commonName: " << commonName() << std::endl; - out << "country: " << subjectName(X509Certificate::NID_COUNTRY) << std::endl; - out << "localityName: " << subjectName(X509Certificate::NID_LOCALITY_NAME) << std::endl; - out << "stateOrProvince: " << subjectName(X509Certificate::NID_STATE_OR_PROVINCE) << std::endl; - out << "organizationName: " << subjectName(X509Certificate::NID_ORGANIZATION_NAME) << std::endl; - out << "organizationUnitName: " << subjectName(X509Certificate::NID_ORGANIZATION_UNIT_NAME) << std::endl; - out << "emailAddress: " << subjectName(X509Certificate::NID_PKCS9_EMAIL_ADDRESS) << std::endl; - out << "serialNumber: " << subjectName(X509Certificate::NID_SERIAL_NUMBER) << std::endl; -} - - -} } // namespace Poco::Crypto +// +// X509Certificate.cpp +// +// Library: Crypto +// Package: Certificate +// Module: X509Certificate +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/X509Certificate.h" +#include "Poco/Crypto/CryptoException.h" +#include "Poco/StreamCopier.h" +#include "Poco/String.h" +#include "Poco/DateTimeParser.h" +#include "Poco/Format.h" +#include <sstream> +#include <openssl/pem.h> +#ifdef _WIN32 +// fix for WIN32 header conflict +#undef X509_NAME +#endif +#include <openssl/x509v3.h> +#include <openssl/err.h> +#include <openssl/evp.h> + + +namespace Poco { +namespace Crypto { + + +X509Certificate::X509Certificate(std::istream& istr): + _pCert(0) +{ + load(istr); +} + + +X509Certificate::X509Certificate(const std::string& path): + _pCert(0) +{ + load(path); +} + + +X509Certificate::X509Certificate(X509* pCert): + _pCert(pCert) +{ + poco_check_ptr(_pCert); + + init(); +} + + +X509Certificate::X509Certificate(X509* pCert, bool shared): + _pCert(pCert) +{ + poco_check_ptr(_pCert); + + if (shared) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + X509_up_ref(_pCert); +#else + _pCert->references++; +#endif + } + + init(); +} + + +X509Certificate::X509Certificate(const X509Certificate& cert): + _issuerName(cert._issuerName), + _subjectName(cert._subjectName), + _serialNumber(cert._serialNumber), + _pCert(cert._pCert) +{ + _pCert = X509_dup(_pCert); +} + + +X509Certificate& X509Certificate::operator = (const X509Certificate& cert) +{ + X509Certificate tmp(cert); + swap(tmp); + return *this; +} + + +void X509Certificate::swap(X509Certificate& cert) +{ + using std::swap; + swap(cert._issuerName, _issuerName); + swap(cert._subjectName, _subjectName); + swap(cert._serialNumber, _serialNumber); + swap(cert._pCert, _pCert); +} + + +X509Certificate::~X509Certificate() +{ + X509_free(_pCert); +} + + +void X509Certificate::load(std::istream& istr) +{ + poco_assert (!_pCert); + + std::stringstream certStream; + Poco::StreamCopier::copyStream(istr, certStream); + std::string cert = certStream.str(); + + BIO *pBIO = BIO_new_mem_buf(const_cast<char*>(cert.data()), static_cast<int>(cert.size())); + if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate"); + _pCert = PEM_read_bio_X509(pBIO, 0, 0, 0); + BIO_free(pBIO); + + if (!_pCert) throw Poco::IOException("Failed to load certificate from stream"); + + init(); +} + + +void X509Certificate::load(const std::string& path) +{ + poco_assert (!_pCert); + + BIO *pBIO = BIO_new(BIO_s_file()); + if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate file", path); + if (!BIO_read_filename(pBIO, path.c_str())) + { + BIO_free(pBIO); + throw Poco::OpenFileException("Cannot open certificate file for reading", path); + } + + _pCert = PEM_read_bio_X509(pBIO, 0, 0, 0); + BIO_free(pBIO); + + if (!_pCert) throw Poco::ReadFileException("Faild to load certificate from", path); + + init(); +} + + +void X509Certificate::save(std::ostream& stream) const +{ + BIO *pBIO = BIO_new(BIO_s_mem()); + if (!pBIO) throw Poco::IOException("Cannot create BIO for writing certificate"); + try + { + if (!PEM_write_bio_X509(pBIO, _pCert)) + throw Poco::IOException("Failed to write certificate to stream"); + + char *pData; + long size; + size = BIO_get_mem_data(pBIO, &pData); + stream.write(pData, size); + } + catch (...) + { + BIO_free(pBIO); + throw; + } + BIO_free(pBIO); +} + + +void X509Certificate::save(const std::string& path) const +{ + BIO *pBIO = BIO_new(BIO_s_file()); + if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate file", path); + if (!BIO_write_filename(pBIO, const_cast<char*>(path.c_str()))) + { + BIO_free(pBIO); + throw Poco::CreateFileException("Cannot create certificate file", path); + } + try + { + if (!PEM_write_bio_X509(pBIO, _pCert)) + throw Poco::WriteFileException("Failed to write certificate to file", path); + } + catch (...) + { + BIO_free(pBIO); + throw; + } + BIO_free(pBIO); +} + + +void X509Certificate::init() +{ + char buffer[NAME_BUFFER_SIZE]; + X509_NAME_oneline(X509_get_issuer_name(_pCert), buffer, sizeof(buffer)); + _issuerName = buffer; + X509_NAME_oneline(X509_get_subject_name(_pCert), buffer, sizeof(buffer)); + _subjectName = buffer; + BIGNUM* pBN = ASN1_INTEGER_to_BN(X509_get_serialNumber(const_cast<X509*>(_pCert)), 0); + if (pBN) + { + char* pSN = BN_bn2hex(pBN); + if (pSN) + { + _serialNumber = pSN; + OPENSSL_free(pSN); + } + BN_free(pBN); + } +} + + +std::string X509Certificate::commonName() const +{ + return subjectName(NID_COMMON_NAME); +} + + +std::string X509Certificate::issuerName(NID nid) const +{ + if (X509_NAME* issuer = X509_get_issuer_name(_pCert)) + { + char buffer[NAME_BUFFER_SIZE]; + if (X509_NAME_get_text_by_NID(issuer, nid, buffer, sizeof(buffer)) >= 0) + return std::string(buffer); + } + return std::string(); +} + + +std::string X509Certificate::subjectName(NID nid) const +{ + if (X509_NAME* subj = X509_get_subject_name(_pCert)) + { + char buffer[NAME_BUFFER_SIZE]; + if (X509_NAME_get_text_by_NID(subj, nid, buffer, sizeof(buffer)) >= 0) + return std::string(buffer); + } + return std::string(); +} + + +void X509Certificate::extractNames(std::string& cmnName, std::set<std::string>& domainNames) const +{ + domainNames.clear(); + if (STACK_OF(GENERAL_NAME)* names = static_cast<STACK_OF(GENERAL_NAME)*>(X509_get_ext_d2i(_pCert, NID_subject_alt_name, 0, 0))) + { + for (int i = 0; i < sk_GENERAL_NAME_num(names); ++i) + { + const GENERAL_NAME* name = sk_GENERAL_NAME_value(names, i); + if (name->type == GEN_DNS) + { + const char* data = reinterpret_cast<char*>(ASN1_STRING_data(name->d.ia5)); + std::size_t len = ASN1_STRING_length(name->d.ia5); + domainNames.insert(std::string(data, len)); + } + } + GENERAL_NAMES_free(names); + } + + cmnName = commonName(); + if (!cmnName.empty() && domainNames.empty()) + { + domainNames.insert(cmnName); + } +} + + +Poco::DateTime X509Certificate::validFrom() const +{ + ASN1_TIME* certTime = X509_get_notBefore(_pCert); + std::string dateTime(reinterpret_cast<char*>(certTime->data)); + int tzd; + return DateTimeParser::parse("%y%m%d%H%M%S", dateTime, tzd); +} + + +Poco::DateTime X509Certificate::expiresOn() const +{ + ASN1_TIME* certTime = X509_get_notAfter(_pCert); + std::string dateTime(reinterpret_cast<char*>(certTime->data)); + int tzd; + return DateTimeParser::parse("%y%m%d%H%M%S", dateTime, tzd); +} + + +bool X509Certificate::issuedBy(const X509Certificate& issuerCertificate) const +{ + X509* pCert = const_cast<X509*>(_pCert); + X509* pIssuerCert = const_cast<X509*>(issuerCertificate.certificate()); + EVP_PKEY* pIssuerPublicKey = X509_get_pubkey(pIssuerCert); + if (!pIssuerPublicKey) throw Poco::InvalidArgumentException("Issuer certificate has no public key"); + int rc = X509_verify(pCert, pIssuerPublicKey); + EVP_PKEY_free(pIssuerPublicKey); + return rc == 1; +} + + +bool X509Certificate::equals(const X509Certificate& otherCertificate) const +{ + X509* pCert = const_cast<X509*>(_pCert); + X509* pOtherCert = const_cast<X509*>(otherCertificate.certificate()); + return X509_cmp(pCert, pOtherCert) == 0; +} + + +std::string X509Certificate::signatureAlgorithm() const +{ + int sigNID = NID_undef; + +#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) + sigNID = X509_get_signature_nid(_pCert); +#else + poco_check_ptr(_pCert->sig_alg); + sigNID = OBJ_obj2nid(_pCert->sig_alg->algorithm); +#endif + + if (sigNID != NID_undef) + { + const char* pAlgName = OBJ_nid2ln(sigNID); + if (pAlgName) return std::string(pAlgName); + else throw OpenSSLException(Poco::format("X509Certificate::" + "signatureAlgorithm(): OBJ_nid2ln(%d)", sigNID)); + } + else + throw NotFoundException("X509Certificate::signatureAlgorithm()"); + + return ""; +} + + +X509Certificate::List X509Certificate::readPEM(const std::string& pemFileName) +{ + List caCertList; + BIO* pBIO = BIO_new_file(pemFileName.c_str(), "r"); + if (pBIO == NULL) throw OpenFileException("X509Certificate::readPEM()"); + X509* x = PEM_read_bio_X509(pBIO, NULL, 0, NULL); + if (!x) throw OpenSSLException(Poco::format("X509Certificate::readPEM(%s)", pemFileName)); + while(x) + { + caCertList.push_back(X509Certificate(x)); + x = PEM_read_bio_X509(pBIO, NULL, 0, NULL); + } + BIO_free(pBIO); + return caCertList; +} + + +void X509Certificate::writePEM(const std::string& pemFileName, const List& list) +{ + BIO* pBIO = BIO_new_file(pemFileName.c_str(), "a"); + if (pBIO == NULL) throw OpenFileException("X509Certificate::writePEM()"); + List::const_iterator it = list.begin(); + List::const_iterator end = list.end(); + for (; it != end; ++it) + { + if (!PEM_write_bio_X509(pBIO, const_cast<X509*>(it->certificate()))) + { + throw OpenSSLException("X509Certificate::writePEM()"); + } + } + BIO_free(pBIO); +} + + +void X509Certificate::print(std::ostream& out) const +{ + out << "subjectName: " << subjectName() << std::endl; + out << "issuerName: " << issuerName() << std::endl; + out << "commonName: " << commonName() << std::endl; + out << "country: " << subjectName(X509Certificate::NID_COUNTRY) << std::endl; + out << "localityName: " << subjectName(X509Certificate::NID_LOCALITY_NAME) << std::endl; + out << "stateOrProvince: " << subjectName(X509Certificate::NID_STATE_OR_PROVINCE) << std::endl; + out << "organizationName: " << subjectName(X509Certificate::NID_ORGANIZATION_NAME) << std::endl; + out << "organizationUnitName: " << subjectName(X509Certificate::NID_ORGANIZATION_UNIT_NAME) << std::endl; + out << "emailAddress: " << subjectName(X509Certificate::NID_PKCS9_EMAIL_ADDRESS) << std::endl; + out << "serialNumber: " << subjectName(X509Certificate::NID_SERIAL_NUMBER) << std::endl; +} + + +} } // namespace Poco::Crypto diff --git a/contrib/libs/poco/Crypto/ya.make b/contrib/libs/poco/Crypto/ya.make index cf58950785a..d43a72e4f5f 100644 --- a/contrib/libs/poco/Crypto/ya.make +++ b/contrib/libs/poco/Crypto/ya.make @@ -1,7 +1,7 @@ -# Generated by devtools/yamaker. - -LIBRARY() - +# Generated by devtools/yamaker. + +LIBRARY() + OWNER( orivej g:cpp-contrib @@ -14,44 +14,44 @@ LICENSE( LICENSE_TEXTS(.yandex_meta/licenses.list.txt) -PEERDIR( - contrib/libs/openssl - contrib/libs/poco/Foundation -) - -ADDINCL( - GLOBAL contrib/libs/poco/Crypto/include - contrib/libs/poco/Crypto/src - contrib/libs/poco/Foundation/include -) - -NO_COMPILER_WARNINGS() - -NO_UTIL() - -SRCS( - src/Cipher.cpp - src/CipherFactory.cpp - src/CipherImpl.cpp - src/CipherKey.cpp - src/CipherKeyImpl.cpp - src/CryptoException.cpp - src/CryptoStream.cpp - src/CryptoTransform.cpp - src/DigestEngine.cpp - src/ECDSADigestEngine.cpp - src/ECKey.cpp - src/ECKeyImpl.cpp - src/EVPPKey.cpp - src/KeyPair.cpp - src/KeyPairImpl.cpp - src/OpenSSLInitializer.cpp - src/PKCS12Container.cpp - src/RSACipherImpl.cpp - src/RSADigestEngine.cpp - src/RSAKey.cpp - src/RSAKeyImpl.cpp - src/X509Certificate.cpp -) - -END() +PEERDIR( + contrib/libs/openssl + contrib/libs/poco/Foundation +) + +ADDINCL( + GLOBAL contrib/libs/poco/Crypto/include + contrib/libs/poco/Crypto/src + contrib/libs/poco/Foundation/include +) + +NO_COMPILER_WARNINGS() + +NO_UTIL() + +SRCS( + src/Cipher.cpp + src/CipherFactory.cpp + src/CipherImpl.cpp + src/CipherKey.cpp + src/CipherKeyImpl.cpp + src/CryptoException.cpp + src/CryptoStream.cpp + src/CryptoTransform.cpp + src/DigestEngine.cpp + src/ECDSADigestEngine.cpp + src/ECKey.cpp + src/ECKeyImpl.cpp + src/EVPPKey.cpp + src/KeyPair.cpp + src/KeyPairImpl.cpp + src/OpenSSLInitializer.cpp + src/PKCS12Container.cpp + src/RSACipherImpl.cpp + src/RSADigestEngine.cpp + src/RSAKey.cpp + src/RSAKeyImpl.cpp + src/X509Certificate.cpp +) + +END() |