diff --git a/.github/workflows/debug.yml b/.github/workflows/debug.yml index ef3cc5f81b6..f8ba6101fcd 100644 --- a/.github/workflows/debug.yml +++ b/.github/workflows/debug.yml @@ -2,7 +2,7 @@ name: Debug 'on': - [push, pull_request, release, workflow_dispatch, workflow_call] + [push, pull_request, pull_request_review, release, workflow_dispatch, workflow_call] jobs: DebugInfo: diff --git a/.github/workflows/pull_request_approved.yml b/.github/workflows/pull_request_approved.yml new file mode 100644 index 00000000000..3de4978ad68 --- /dev/null +++ b/.github/workflows/pull_request_approved.yml @@ -0,0 +1,23 @@ +name: PullRequestApprovedCI + +env: + # Force the stdout and stderr streams to be unbuffered + PYTHONUNBUFFERED: 1 + +on: # yamllint disable-line rule:truthy + pull_request_review: + types: + - submitted + +jobs: + MergeOnApproval: + runs-on: [self-hosted, style-checker] + steps: + - name: Check out repository code + uses: ClickHouse/checkout@v1 + with: + clear-repository: true + - name: Merge approved PR + run: | + cd "$GITHUB_WORKSPACE/tests/ci" + python3 merge_pr.py --check-approved diff --git a/CMakeLists.txt b/CMakeLists.txt index 8f54b0b2236..b422d7d807b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -476,7 +476,12 @@ enable_testing() # Enable for tests without binary option(ENABLE_OPENSSL "This option performs a build with OpenSSL. NOTE! This option is insecure and should never be used. By default, ClickHouse uses and only supports BoringSSL" OFF) -option(ENABLE_OPENSSL_DYNAMIC "This option removes SSL from ClickHouse and will link to the OpenSSL version supplied by OS." OFF) +if (ARCH_S390X) + set(ENABLE_OPENSSL_DYNAMIC_DEFAULT ON) +else () + set(ENABLE_OPENSSL_DYNAMIC_DEFAULT OFF) +endif () +option(ENABLE_OPENSSL_DYNAMIC "This option removes SSL from ClickHouse and will link to the OpenSSL version supplied by OS." ${ENABLE_OPENSSL_DYNAMIC_DEFAULT}) # when installing to /usr - place configs to /etc but for /usr/local place to /usr/local/etc if (CMAKE_INSTALL_PREFIX STREQUAL "/usr") diff --git a/PreLoad.cmake b/PreLoad.cmake index b11ab080430..0e1ee70fc8f 100644 --- a/PreLoad.cmake +++ b/PreLoad.cmake @@ -84,7 +84,10 @@ if (OS MATCHES "Linux" set (CMAKE_TOOLCHAIN_FILE "cmake/linux/toolchain-aarch64.cmake" CACHE INTERNAL "") elseif (ARCH MATCHES "^(ppc64le.*|PPC64LE.*)") set (CMAKE_TOOLCHAIN_FILE "cmake/linux/toolchain-ppc64le.cmake" CACHE INTERNAL "") + elseif (ARCH MATCHES "^(s390x.*|S390X.*)") + set (CMAKE_TOOLCHAIN_FILE "cmake/linux/toolchain-s390x.cmake" CACHE INTERNAL "") else () message (FATAL_ERROR "Unsupported architecture: ${ARCH}") endif () + endif() diff --git a/base/base/defines.h b/base/base/defines.h index 8895bfe76c5..91c35dc28b6 100644 --- a/base/base/defines.h +++ b/base/base/defines.h @@ -28,8 +28,8 @@ #define NO_INLINE __attribute__((__noinline__)) #define MAY_ALIAS __attribute__((__may_alias__)) -#if !defined(__x86_64__) && !defined(__aarch64__) && !defined(__PPC__) && !(defined(__riscv) && (__riscv_xlen == 64)) -# error "The only supported platforms are x86_64 and AArch64, PowerPC (work in progress) and RISC-V 64 (experimental)" +#if !defined(__x86_64__) && !defined(__aarch64__) && !defined(__PPC__) && !defined(__s390x__) && !(defined(__riscv) && (__riscv_xlen == 64)) +# error "The only supported platforms are x86_64 and AArch64, PowerPC (work in progress), s390x (work in progress) and RISC-V 64 (experimental)" #endif /// Check for presence of address sanitizer diff --git a/base/base/wide_integer_impl.h b/base/base/wide_integer_impl.h index f5b30cbab55..4a54c0fb2a4 100644 --- a/base/base/wide_integer_impl.h +++ b/base/base/wide_integer_impl.h @@ -360,7 +360,7 @@ struct integer::_impl constexpr const unsigned to_copy = min_bits / base_bits; for (unsigned i = 0; i < to_copy; ++i) - self.items[little(i)] = rhs.items[little(i)]; + self.items[little(i)] = rhs.items[integer::_impl::little(i)]; if constexpr (Bits > Bits2) { diff --git a/base/poco/Crypto/include/Poco/Crypto/Cipher.h b/base/poco/Crypto/include/Poco/Crypto/Cipher.h index fbe0c30ae8c..ffd993280c1 100644 --- a/base/poco/Crypto/include/Poco/Crypto/Cipher.h +++ b/base/poco/Crypto/include/Poco/Crypto/Cipher.h @@ -18,121 +18,124 @@ #define Crypto_Cipher_INCLUDED -#include "Poco/Crypto/Crypto.h" -#include "Poco/RefCountedObject.h" -#include "Poco/AutoPtr.h" #include #include #include +#include "Poco/AutoPtr.h" +#include "Poco/Crypto/Crypto.h" +#include "Poco/RefCountedObject.h" -namespace Poco { -namespace Crypto { - - -class CryptoTransform; - - -class Crypto_API Cipher: public Poco::RefCountedObject - /// Represents the abstract base class from which all implementations of - /// symmetric/asymmetric encryption algorithms must inherit. Use the CipherFactory - /// class to obtain an instance of this class: - /// - /// CipherFactory& factory = CipherFactory::defaultFactory(); - /// // Creates a 256-bit AES cipher - /// Cipher* pCipher = factory.createCipher(CipherKey("aes-256")); - /// Cipher* pRSACipher = factory.createCipher(RSAKey(RSAKey::KL_1024, RSAKey::EXP_SMALL)); - /// - /// Check the different Key constructors on how to initialize/create - /// a key. The above example auto-generates random keys. - /// - /// Note that you won't be able to decrypt data encrypted with a random key - /// once the Cipher is destroyed unless you persist the generated key and IV. - /// An example usage for random keys is to encrypt data saved in a temporary - /// file. - /// - /// Once your key is set up, you can use the Cipher object to encrypt or - /// decrypt strings or, in conjunction with a CryptoInputStream or a - /// CryptoOutputStream, to encrypt streams of data. - /// - /// Since encrypted strings will contain arbitrary binary data that will cause - /// problems in applications that are not binary-safe (eg., when sending - /// encrypted data in e-mails), the encryptString() and decryptString() can - /// encode (or decode, respectively) encrypted data using a "transport encoding". - /// Supported encodings are Base64 and BinHex. - /// - /// The following example encrypts and decrypts a string utilizing Base64 - /// encoding: - /// - /// std::string plainText = "This is my secret information"; - /// std::string encrypted = pCipher->encryptString(plainText, Cipher::ENC_BASE64); - /// std::string decrypted = pCipher->decryptString(encrypted, Cipher::ENC_BASE64); - /// - /// In order to encrypt a stream of data (eg. to encrypt files), you can use - /// a CryptoStream: - /// - /// // Create an output stream that will encrypt all data going through it - /// // and write pass it to the underlying file stream. - /// Poco::FileOutputStream sink("encrypted.dat"); - /// CryptoOutputStream encryptor(sink, pCipher->createEncryptor()); - /// - /// Poco::FileInputStream source("source.txt"); - /// Poco::StreamCopier::copyStream(source, encryptor); - /// - /// // Always close output streams to flush all internal buffers - /// encryptor.close(); - /// sink.close(); +namespace Poco +{ +namespace Crypto { -public: - typedef Poco::AutoPtr Ptr; - typedef std::vector ByteVec; - - enum Encoding - /// Transport encoding to use for encryptString() and decryptString(). - { - ENC_NONE = 0x00, /// Plain binary output - ENC_BASE64 = 0x01, /// Base64-encoded output - ENC_BINHEX = 0x02, /// BinHex-encoded output - ENC_BASE64_NO_LF = 0x81, /// Base64-encoded output, no linefeeds - ENC_BINHEX_NO_LF = 0x82 /// BinHex-encoded output, no linefeeds - - }; - - virtual ~Cipher(); - /// Destroys the Cipher. - - virtual const std::string& name() const = 0; - /// Returns the name of the Cipher. - - virtual CryptoTransform* createEncryptor() = 0; - /// Creates an encryptor object to be used with a CryptoStream. - - virtual CryptoTransform* createDecryptor() = 0; - /// Creates a decryptor object to be used with a CryptoStream. - - virtual std::string encryptString(const std::string& str, Encoding encoding = ENC_NONE); - /// Directly encrypt a string and encode it using the given encoding. - - virtual std::string decryptString(const std::string& str, Encoding encoding = ENC_NONE); - /// Directly decrypt a string that is encoded with the given encoding. - - virtual void encrypt(std::istream& source, std::ostream& sink, Encoding encoding = ENC_NONE); - /// Directly encrypts an input stream and encodes it using the given encoding. - - virtual void decrypt(std::istream& source, std::ostream& sink, Encoding encoding = ENC_NONE); - /// Directly decrypt an input stream that is encoded with the given encoding. - -protected: - Cipher(); - /// Creates a new Cipher object. - -private: - Cipher(const Cipher&); - Cipher& operator = (const Cipher&); -}; -} } // namespace Poco::Crypto + class CryptoTransform; + + + class Crypto_API Cipher : public Poco::RefCountedObject + /// Represents the abstract base class from which all implementations of + /// symmetric/asymmetric encryption algorithms must inherit. Use the CipherFactory + /// class to obtain an instance of this class: + /// + /// CipherFactory& factory = CipherFactory::defaultFactory(); + /// // Creates a 256-bit AES cipher + /// Cipher* pCipher = factory.createCipher(CipherKey("aes-256")); + /// Cipher* pRSACipher = factory.createCipher(RSAKey(RSAKey::KL_1024, RSAKey::EXP_SMALL)); + /// + /// Check the different Key constructors on how to initialize/create + /// a key. The above example auto-generates random keys. + /// + /// Note that you won't be able to decrypt data encrypted with a random key + /// once the Cipher is destroyed unless you persist the generated key and IV. + /// An example usage for random keys is to encrypt data saved in a temporary + /// file. + /// + /// Once your key is set up, you can use the Cipher object to encrypt or + /// decrypt strings or, in conjunction with a CryptoInputStream or a + /// CryptoOutputStream, to encrypt streams of data. + /// + /// Since encrypted strings will contain arbitrary binary data that will cause + /// problems in applications that are not binary-safe (eg., when sending + /// encrypted data in e-mails), the encryptString() and decryptString() can + /// encode (or decode, respectively) encrypted data using a "transport encoding". + /// Supported encodings are Base64 and BinHex. + /// + /// The following example encrypts and decrypts a string utilizing Base64 + /// encoding: + /// + /// std::string plainText = "This is my secret information"; + /// std::string encrypted = pCipher->encryptString(plainText, Cipher::ENC_BASE64); + /// std::string decrypted = pCipher->decryptString(encrypted, Cipher::ENC_BASE64); + /// + /// In order to encrypt a stream of data (eg. to encrypt files), you can use + /// a CryptoStream: + /// + /// // Create an output stream that will encrypt all data going through it + /// // and write pass it to the underlying file stream. + /// Poco::FileOutputStream sink("encrypted.dat"); + /// CryptoOutputStream encryptor(sink, pCipher->createEncryptor()); + /// + /// Poco::FileInputStream source("source.txt"); + /// Poco::StreamCopier::copyStream(source, encryptor); + /// + /// // Always close output streams to flush all internal buffers + /// encryptor.close(); + /// sink.close(); + { + public: + typedef Poco::AutoPtr Ptr; + typedef std::vector ByteVec; + + enum Encoding + /// Transport encoding to use for encryptString() and decryptString(). + { + ENC_NONE = 0x00, /// Plain binary output + ENC_BASE64 = 0x01, /// Base64-encoded output + ENC_BINHEX = 0x02, /// BinHex-encoded output + ENC_BASE64_NO_LF = 0x81, /// Base64-encoded output, no linefeeds + ENC_BINHEX_NO_LF = 0x82 /// BinHex-encoded output, no linefeeds + + }; + + virtual ~Cipher(); + /// Destroys the Cipher. + + virtual const std::string & name() const = 0; + /// Returns the name of the Cipher. + + virtual CryptoTransform * createEncryptor() = 0; + /// Creates an encryptor object to be used with a CryptoStream. + + virtual CryptoTransform * createDecryptor() = 0; + /// Creates a decryptor object to be used with a CryptoStream. + + virtual std::string encryptString(const std::string & str, Encoding encoding = ENC_NONE); + /// Directly encrypt a string and encode it using the given encoding. + + virtual std::string decryptString(const std::string & str, Encoding encoding = ENC_NONE); + /// Directly decrypt a string that is encoded with the given encoding. + + virtual void encrypt(std::istream & source, std::ostream & sink, Encoding encoding = ENC_NONE); + /// Directly encrypts an input stream and encodes it using the given encoding. + + virtual void decrypt(std::istream & source, std::ostream & sink, Encoding encoding = ENC_NONE); + /// Directly decrypt an input stream that is encoded with the given encoding. + + protected: + Cipher(); + /// Creates a new Cipher object. + + private: + Cipher(const Cipher &); + Cipher & operator=(const Cipher &); + }; + + +} +} // namespace Poco::Crypto #endif // Crypto_Cipher_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CipherFactory.h b/base/poco/Crypto/include/Poco/Crypto/CipherFactory.h index 36aa964a1e6..f32865e3461 100644 --- a/base/poco/Crypto/include/Poco/Crypto/CipherFactory.h +++ b/base/poco/Crypto/include/Poco/Crypto/CipherFactory.h @@ -21,55 +21,58 @@ #include "Poco/Crypto/Crypto.h" -namespace Poco { -namespace Crypto { - - -class Cipher; -class CipherKey; -class RSAKey; - - -class Crypto_API CipherFactory - /// A factory for Cipher objects. See the Cipher class for examples on how to - /// use the CipherFactory. +namespace Poco +{ +namespace Crypto { -public: - CipherFactory(); - /// Creates a new CipherFactory object. - - virtual ~CipherFactory(); - /// Destroys the CipherFactory. - - Cipher* createCipher(const CipherKey& key); - /// Creates a Cipher object for the given Cipher name. Valid cipher - /// names depend on the OpenSSL version the library is linked with; - /// see the output of - /// - /// openssl enc --help - /// - /// for a list of supported block and stream ciphers. - /// - /// Common examples are: - /// - /// * AES: "aes-128", "aes-256" - /// * DES: "des", "des3" - /// * Blowfish: "bf" - - Cipher* createCipher(const RSAKey& key, RSAPaddingMode paddingMode = RSA_PADDING_PKCS1); - /// Creates a RSACipher using the given RSA key and padding mode - /// for public key encryption/private key decryption. - - static CipherFactory& defaultFactory(); - /// Returns the default CipherFactory. - -private: - CipherFactory(const CipherFactory&); - CipherFactory& operator = (const CipherFactory&); -}; -} } // namespace Poco::Crypto + class Cipher; + class CipherKey; + class RSAKey; + + + class Crypto_API CipherFactory + /// A factory for Cipher objects. See the Cipher class for examples on how to + /// use the CipherFactory. + { + public: + CipherFactory(); + /// Creates a new CipherFactory object. + + virtual ~CipherFactory(); + /// Destroys the CipherFactory. + + Cipher * createCipher(const CipherKey & key); + /// Creates a Cipher object for the given Cipher name. Valid cipher + /// names depend on the OpenSSL version the library is linked with; + /// see the output of + /// + /// openssl enc --help + /// + /// for a list of supported block and stream ciphers. + /// + /// Common examples are: + /// + /// * AES: "aes-128", "aes-256" + /// * DES: "des", "des3" + /// * Blowfish: "bf" + + Cipher * createCipher(const RSAKey & key, RSAPaddingMode paddingMode = RSA_PADDING_PKCS1); + /// Creates a RSACipher using the given RSA key and padding mode + /// for public key encryption/private key decryption. + + static CipherFactory & defaultFactory(); + /// Returns the default CipherFactory. + + private: + CipherFactory(const CipherFactory &); + CipherFactory & operator=(const CipherFactory &); + }; + + +} +} // namespace Poco::Crypto #endif // Crypto_CipherFactory_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CipherImpl.h b/base/poco/Crypto/include/Poco/Crypto/CipherImpl.h index d6e8e0e79b2..057e77a4cd9 100644 --- a/base/poco/Crypto/include/Poco/Crypto/CipherImpl.h +++ b/base/poco/Crypto/include/Poco/Crypto/CipherImpl.h @@ -18,52 +18,55 @@ #define Crypto_CipherImpl_INCLUDED -#include "Poco/Crypto/Crypto.h" +#include #include "Poco/Crypto/Cipher.h" #include "Poco/Crypto/CipherKey.h" +#include "Poco/Crypto/Crypto.h" #include "Poco/Crypto/OpenSSLInitializer.h" -#include -namespace Poco { -namespace Crypto { - - -class CipherImpl: public Cipher - /// An implementation of the Cipher class for OpenSSL's crypto library. +namespace Poco { -public: - CipherImpl(const CipherKey& key); - /// Creates a new CipherImpl object for the given CipherKey. - - virtual ~CipherImpl(); - /// Destroys the CipherImpl. - - const std::string& name() const; - /// Returns the name of the cipher. - - CryptoTransform* createEncryptor(); - /// Creates an encryptor object. - - CryptoTransform* createDecryptor(); - /// Creates a decryptor object. - -private: - CipherKey _key; - OpenSSLInitializer _openSSLInitializer; -}; - - -// -// Inlines -// -inline const std::string& CipherImpl::name() const +namespace Crypto { - return _key.name(); + + + class CipherImpl : public Cipher + /// An implementation of the Cipher class for OpenSSL's crypto library. + { + public: + CipherImpl(const CipherKey & key); + /// Creates a new CipherImpl object for the given CipherKey. + + virtual ~CipherImpl(); + /// Destroys the CipherImpl. + + const std::string & name() const; + /// Returns the name of the cipher. + + CryptoTransform * createEncryptor(); + /// Creates an encryptor object. + + CryptoTransform * createDecryptor(); + /// Creates a decryptor object. + + private: + CipherKey _key; + OpenSSLInitializer _openSSLInitializer; + }; + + + // + // Inlines + // + inline const std::string & CipherImpl::name() const + { + return _key.name(); + } + + } - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_CipherImpl_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CipherKey.h b/base/poco/Crypto/include/Poco/Crypto/CipherKey.h index b102cc2310b..b39cb1a9294 100644 --- a/base/poco/Crypto/include/Poco/Crypto/CipherKey.h +++ b/base/poco/Crypto/include/Poco/Crypto/CipherKey.h @@ -18,184 +18,186 @@ #define Crypto_CipherKey_INCLUDED -#include "Poco/Crypto/Crypto.h" #include "Poco/Crypto/CipherKeyImpl.h" +#include "Poco/Crypto/Crypto.h" -namespace Poco { -namespace Crypto { - - -class Crypto_API CipherKey - /// CipherKey stores the key information for decryption/encryption of data. - /// To create a random key, using the following code: - /// - /// CipherKey key("aes-256"); - /// - /// Note that you won't be able to decrypt data encrypted with a random key - /// once the Cipher is destroyed unless you persist the generated key and IV. - /// An example usage for random keys is to encrypt data saved in a temporary - /// file. - /// - /// To create a key using a human-readable password - /// string, use the following code. We create a AES Cipher and - /// use a salt value to make the key more robust: - /// - /// std::string password = "secret"; - /// std::string salt("asdff8723lasdf(**923412"); - /// CipherKey key("aes-256", password, salt); - /// - /// You may also control the digest and the number of iterations used to generate the key - /// by specifying the specific values. Here we create a key with the same data as before, - /// except that we use 100 iterations instead of DEFAULT_ITERATION_COUNT, and sha1 instead of - /// the default md5: - /// - /// std::string password = "secret"; - /// std::string salt("asdff8723lasdf(**923412"); - /// std::string digest ("sha1"); - /// CipherKey key("aes-256", password, salt, 100, digest); - /// +namespace Poco { -public: - typedef CipherKeyImpl::Mode Mode; - typedef CipherKeyImpl::ByteVec ByteVec; - - enum - { - DEFAULT_ITERATION_COUNT = 2000 - /// Default iteration count to use with - /// generateKey(). RSA security recommends - /// an iteration count of at least 1000. - }; - - CipherKey(const std::string& name, - const std::string& passphrase, - const std::string& salt = "", - int iterationCount = DEFAULT_ITERATION_COUNT, - const std::string& digest = "md5"); - /// Creates a new CipherKeyImpl object using the given - /// cipher name, passphrase, salt value, iteration count and digest. - - CipherKey(const std::string& name, - const ByteVec& key, - const ByteVec& iv); - /// Creates a new CipherKeyImpl object using the given cipher - /// name, key and initialization vector (IV). - /// - /// The size of the IV must match the cipher's expected - /// IV size (see ivSize()), except for GCM mode, which allows - /// a custom IV size. - - CipherKey(const std::string& name); - /// Creates a new CipherKeyImpl object. Autoinitializes key and - /// initialization vector. - - ~CipherKey(); - /// Destroys the CipherKeyImpl. - - const std::string& name() const; - /// Returns the name of the Cipher. - - int keySize() const; - /// Returns the key size of the Cipher. - - int blockSize() const; - /// Returns the block size of the Cipher. - - int ivSize() const; - /// Returns the IV size of the Cipher. - - Mode mode() const; - /// Returns the Cipher's mode of operation. - - const ByteVec& getKey() const; - /// Returns the key for the Cipher. - - void setKey(const ByteVec& key); - /// Sets the key for the Cipher. - - const ByteVec& getIV() const; - /// Returns the initialization vector (IV) for the Cipher. - - void setIV(const ByteVec& iv); - /// Sets the initialization vector (IV) for the Cipher. - /// - /// The size of the vector must match the cipher's expected - /// IV size (see ivSize()), except for GCM mode, which allows - /// a custom IV size. - - CipherKeyImpl::Ptr impl(); - /// Returns the impl object - -private: - CipherKeyImpl::Ptr _pImpl; -}; - - -// -// inlines -// -inline const std::string& CipherKey::name() const +namespace Crypto { - return _pImpl->name(); + + + class Crypto_API CipherKey + /// CipherKey stores the key information for decryption/encryption of data. + /// To create a random key, using the following code: + /// + /// CipherKey key("aes-256"); + /// + /// Note that you won't be able to decrypt data encrypted with a random key + /// once the Cipher is destroyed unless you persist the generated key and IV. + /// An example usage for random keys is to encrypt data saved in a temporary + /// file. + /// + /// To create a key using a human-readable password + /// string, use the following code. We create a AES Cipher and + /// use a salt value to make the key more robust: + /// + /// std::string password = "secret"; + /// std::string salt("asdff8723lasdf(**923412"); + /// CipherKey key("aes-256", password, salt); + /// + /// You may also control the digest and the number of iterations used to generate the key + /// by specifying the specific values. Here we create a key with the same data as before, + /// except that we use 100 iterations instead of DEFAULT_ITERATION_COUNT, and sha1 instead of + /// the default md5: + /// + /// std::string password = "secret"; + /// std::string salt("asdff8723lasdf(**923412"); + /// std::string digest ("sha1"); + /// CipherKey key("aes-256", password, salt, 100, digest); + /// + { + public: + typedef CipherKeyImpl::Mode Mode; + typedef CipherKeyImpl::ByteVec ByteVec; + + enum + { + DEFAULT_ITERATION_COUNT = 2000 + /// Default iteration count to use with + /// generateKey(). RSA security recommends + /// an iteration count of at least 1000. + }; + + CipherKey( + const std::string & name, + const std::string & passphrase, + const std::string & salt = "", + int iterationCount = DEFAULT_ITERATION_COUNT, + const std::string & digest = "md5"); + /// Creates a new CipherKeyImpl object using the given + /// cipher name, passphrase, salt value, iteration count and digest. + + CipherKey(const std::string & name, const ByteVec & key, const ByteVec & iv); + /// Creates a new CipherKeyImpl object using the given cipher + /// name, key and initialization vector (IV). + /// + /// The size of the IV must match the cipher's expected + /// IV size (see ivSize()), except for GCM mode, which allows + /// a custom IV size. + + CipherKey(const std::string & name); + /// Creates a new CipherKeyImpl object. Autoinitializes key and + /// initialization vector. + + ~CipherKey(); + /// Destroys the CipherKeyImpl. + + const std::string & name() const; + /// Returns the name of the Cipher. + + int keySize() const; + /// Returns the key size of the Cipher. + + int blockSize() const; + /// Returns the block size of the Cipher. + + int ivSize() const; + /// Returns the IV size of the Cipher. + + Mode mode() const; + /// Returns the Cipher's mode of operation. + + const ByteVec & getKey() const; + /// Returns the key for the Cipher. + + void setKey(const ByteVec & key); + /// Sets the key for the Cipher. + + const ByteVec & getIV() const; + /// Returns the initialization vector (IV) for the Cipher. + + void setIV(const ByteVec & iv); + /// Sets the initialization vector (IV) for the Cipher. + /// + /// The size of the vector must match the cipher's expected + /// IV size (see ivSize()), except for GCM mode, which allows + /// a custom IV size. + + CipherKeyImpl::Ptr impl(); + /// Returns the impl object + + private: + CipherKeyImpl::Ptr _pImpl; + }; + + + // + // inlines + // + inline const std::string & CipherKey::name() const + { + return _pImpl->name(); + } + + + inline int CipherKey::keySize() const + { + return _pImpl->keySize(); + } + + + inline int CipherKey::blockSize() const + { + return _pImpl->blockSize(); + } + + + inline int CipherKey::ivSize() const + { + return _pImpl->ivSize(); + } + + + inline CipherKey::Mode CipherKey::mode() const + { + return _pImpl->mode(); + } + + + inline const CipherKey::ByteVec & CipherKey::getKey() const + { + return _pImpl->getKey(); + } + + + inline void CipherKey::setKey(const CipherKey::ByteVec & key) + { + _pImpl->setKey(key); + } + + + inline const CipherKey::ByteVec & CipherKey::getIV() const + { + return _pImpl->getIV(); + } + + + inline void CipherKey::setIV(const CipherKey::ByteVec & iv) + { + _pImpl->setIV(iv); + } + + + inline CipherKeyImpl::Ptr CipherKey::impl() + { + return _pImpl; + } + + } - - -inline int CipherKey::keySize() const -{ - return _pImpl->keySize(); -} - - -inline int CipherKey::blockSize() const -{ - return _pImpl->blockSize(); -} - - -inline int CipherKey::ivSize() const -{ - return _pImpl->ivSize(); -} - - -inline CipherKey::Mode CipherKey::mode() const -{ - return _pImpl->mode(); -} - - -inline const CipherKey::ByteVec& CipherKey::getKey() const -{ - return _pImpl->getKey(); -} - - -inline void CipherKey::setKey(const CipherKey::ByteVec& key) -{ - _pImpl->setKey(key); -} - - -inline const CipherKey::ByteVec& CipherKey::getIV() const -{ - return _pImpl->getIV(); -} - - -inline void CipherKey::setIV(const CipherKey::ByteVec& iv) -{ - _pImpl->setIV(iv); -} - - -inline CipherKeyImpl::Ptr CipherKey::impl() -{ - return _pImpl; -} - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_CipherKey_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CipherKeyImpl.h b/base/poco/Crypto/include/Poco/Crypto/CipherKeyImpl.h index f7807aad9f8..700ae95c892 100644 --- a/base/poco/Crypto/include/Poco/Crypto/CipherKeyImpl.h +++ b/base/poco/Crypto/include/Poco/Crypto/CipherKeyImpl.h @@ -18,151 +18,151 @@ #define Crypto_CipherKeyImpl_INCLUDED +#include +#include "Poco/AutoPtr.h" #include "Poco/Crypto/Crypto.h" #include "Poco/Crypto/OpenSSLInitializer.h" #include "Poco/RefCountedObject.h" -#include "Poco/AutoPtr.h" -#include struct evp_cipher_st; typedef struct evp_cipher_st EVP_CIPHER; -namespace Poco { -namespace Crypto { - - -class CipherKeyImpl: public RefCountedObject - /// An implementation of the CipherKey class for OpenSSL's crypto library. +namespace Poco { -public: - typedef std::vector ByteVec; - typedef Poco::AutoPtr Ptr; - - enum Mode - /// Cipher mode of operation. This mode determines how multiple blocks - /// are connected; this is essential to improve security. - { - MODE_STREAM_CIPHER, /// Stream cipher - MODE_ECB, /// Electronic codebook (plain concatenation) - MODE_CBC, /// Cipher block chaining (default) - MODE_CFB, /// Cipher feedback - MODE_OFB, /// Output feedback - MODE_CTR, /// Counter mode - MODE_GCM, /// Galois/Counter mode - MODE_CCM /// Counter with CBC-MAC - }; - - CipherKeyImpl(const std::string& name, - const std::string& passphrase, - const std::string& salt, - int iterationCount, - const std::string& digest); - /// Creates a new CipherKeyImpl object, using - /// the given cipher name, passphrase, salt value - /// and iteration count. - - CipherKeyImpl(const std::string& name, - const ByteVec& key, - const ByteVec& iv); - /// Creates a new CipherKeyImpl object, using the - /// given cipher name, key and initialization vector. - - CipherKeyImpl(const std::string& name); - /// Creates a new CipherKeyImpl object. Autoinitializes key - /// and initialization vector. - - virtual ~CipherKeyImpl(); - /// Destroys the CipherKeyImpl. - - const std::string& name() const; - /// Returns the name of the Cipher. - - int keySize() const; - /// Returns the key size of the Cipher. - - int blockSize() const; - /// Returns the block size of the Cipher. - - int ivSize() const; - /// Returns the IV size of the Cipher. - - Mode mode() const; - /// Returns the Cipher's mode of operation. - - const ByteVec& getKey() const; - /// Returns the key for the Cipher. - - void setKey(const ByteVec& key); - /// Sets the key for the Cipher. - - const ByteVec& getIV() const; - /// Returns the initialization vector (IV) for the Cipher. - - void setIV(const ByteVec& iv); - /// Sets the initialization vector (IV) for the Cipher. - - const EVP_CIPHER* cipher(); - /// Returns the cipher object - -private: - void generateKey(const std::string& passphrase, - const std::string& salt, - int iterationCount); - /// Generates key and IV from a password and optional salt string. - - void generateKey(); - /// Generates key and IV from random data. - - void getRandomBytes(ByteVec& vec, std::size_t count); - /// Stores random bytes in vec. - -private: - const EVP_CIPHER* _pCipher; - const EVP_MD* _pDigest; - std::string _name; - ByteVec _key; - ByteVec _iv; - OpenSSLInitializer _openSSLInitializer; -}; - - -// -// Inlines -// -inline const std::string& CipherKeyImpl::name() const +namespace Crypto { - return _name; + + + class CipherKeyImpl : public RefCountedObject + /// An implementation of the CipherKey class for OpenSSL's crypto library. + { + public: + typedef std::vector ByteVec; + typedef Poco::AutoPtr Ptr; + + enum Mode + /// Cipher mode of operation. This mode determines how multiple blocks + /// are connected; this is essential to improve security. + { + MODE_STREAM_CIPHER, /// Stream cipher + MODE_ECB, /// Electronic codebook (plain concatenation) + MODE_CBC, /// Cipher block chaining (default) + MODE_CFB, /// Cipher feedback + MODE_OFB, /// Output feedback + MODE_CTR, /// Counter mode + MODE_GCM, /// Galois/Counter mode + MODE_CCM /// Counter with CBC-MAC + }; + + CipherKeyImpl( + const std::string & name, + const std::string & passphrase, + const std::string & salt, + int iterationCount, + const std::string & digest); + /// Creates a new CipherKeyImpl object, using + /// the given cipher name, passphrase, salt value + /// and iteration count. + + CipherKeyImpl(const std::string & name, const ByteVec & key, const ByteVec & iv); + /// Creates a new CipherKeyImpl object, using the + /// given cipher name, key and initialization vector. + + CipherKeyImpl(const std::string & name); + /// Creates a new CipherKeyImpl object. Autoinitializes key + /// and initialization vector. + + virtual ~CipherKeyImpl(); + /// Destroys the CipherKeyImpl. + + const std::string & name() const; + /// Returns the name of the Cipher. + + int keySize() const; + /// Returns the key size of the Cipher. + + int blockSize() const; + /// Returns the block size of the Cipher. + + int ivSize() const; + /// Returns the IV size of the Cipher. + + Mode mode() const; + /// Returns the Cipher's mode of operation. + + const ByteVec & getKey() const; + /// Returns the key for the Cipher. + + void setKey(const ByteVec & key); + /// Sets the key for the Cipher. + + const ByteVec & getIV() const; + /// Returns the initialization vector (IV) for the Cipher. + + void setIV(const ByteVec & iv); + /// Sets the initialization vector (IV) for the Cipher. + + const EVP_CIPHER * cipher(); + /// Returns the cipher object + + private: + void generateKey(const std::string & passphrase, const std::string & salt, int iterationCount); + /// Generates key and IV from a password and optional salt string. + + void generateKey(); + /// Generates key and IV from random data. + + void getRandomBytes(ByteVec & vec, std::size_t count); + /// Stores random bytes in vec. + + private: + const EVP_CIPHER * _pCipher; + const EVP_MD * _pDigest; + std::string _name; + ByteVec _key; + ByteVec _iv; + OpenSSLInitializer _openSSLInitializer; + }; + + + // + // Inlines + // + inline const std::string & CipherKeyImpl::name() const + { + return _name; + } + + + inline const CipherKeyImpl::ByteVec & CipherKeyImpl::getKey() const + { + return _key; + } + + + inline void CipherKeyImpl::setKey(const ByteVec & key) + { + poco_assert(key.size() == static_cast(keySize())); + _key = key; + } + + + inline const CipherKeyImpl::ByteVec & CipherKeyImpl::getIV() const + { + return _iv; + } + + + inline const EVP_CIPHER * CipherKeyImpl::cipher() + { + return _pCipher; + } + + } - - -inline const CipherKeyImpl::ByteVec& CipherKeyImpl::getKey() const -{ - return _key; -} - - -inline void CipherKeyImpl::setKey(const ByteVec& key) -{ - poco_assert(key.size() == static_cast(keySize())); - _key = key; -} - - -inline const CipherKeyImpl::ByteVec& CipherKeyImpl::getIV() const -{ - return _iv; -} - - -inline const EVP_CIPHER* CipherKeyImpl::cipher() -{ - return _pCipher; -} - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_CipherKeyImpl_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/Crypto.h b/base/poco/Crypto/include/Poco/Crypto/Crypto.h index d6b3ede65cb..a6b8a5cf22f 100644 --- a/base/poco/Crypto/include/Poco/Crypto/Crypto.h +++ b/base/poco/Crypto/include/Poco/Crypto/Crypto.h @@ -24,39 +24,37 @@ #define POCO_EXTERNAL_OPENSSL_SLPRO 2 -#include "Poco/Foundation.h" #include +#include "Poco/Foundation.h" #ifndef OPENSSL_VERSION_PREREQ - #if defined(OPENSSL_VERSION_MAJOR) && defined(OPENSSL_VERSION_MINOR) - #define OPENSSL_VERSION_PREREQ(maj, min) \ - ((OPENSSL_VERSION_MAJOR << 16) + OPENSSL_VERSION_MINOR >= ((maj) << 16) + (min)) - #else - #define OPENSSL_VERSION_PREREQ(maj, min) \ - (OPENSSL_VERSION_NUMBER >= (((maj) << 28) | ((min) << 20))) - #endif +# if defined(OPENSSL_VERSION_MAJOR) && defined(OPENSSL_VERSION_MINOR) +# define OPENSSL_VERSION_PREREQ(maj, min) ((OPENSSL_VERSION_MAJOR << 16) + OPENSSL_VERSION_MINOR >= ((maj) << 16) + (min)) +# else +# define OPENSSL_VERSION_PREREQ(maj, min) (OPENSSL_VERSION_NUMBER >= (((maj) << 28) | ((min) << 20))) +# endif #endif enum RSAPaddingMode - /// The padding mode used for RSA public key encryption. +/// The padding mode used for RSA public key encryption. { - RSA_PADDING_PKCS1, - /// PKCS #1 v1.5 padding. This currently is the most widely used mode. - - RSA_PADDING_PKCS1_OAEP, - /// EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty - /// encoding parameter. This mode is recommended for all new applications. - - RSA_PADDING_SSLV23, - /// PKCS #1 v1.5 padding with an SSL-specific modification that denotes - /// that the server is SSL3 capable. - - RSA_PADDING_NONE - /// Raw RSA encryption. This mode should only be used to implement cryptographically - /// sound padding modes in the application code. Encrypting user data directly with RSA - /// is insecure. + RSA_PADDING_PKCS1, + /// PKCS #1 v1.5 padding. This currently is the most widely used mode. + + RSA_PADDING_PKCS1_OAEP, + /// EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty + /// encoding parameter. This mode is recommended for all new applications. + + RSA_PADDING_SSLV23, + /// PKCS #1 v1.5 padding with an SSL-specific modification that denotes + /// that the server is SSL3 capable. + + RSA_PADDING_NONE + /// Raw RSA encryption. This mode should only be used to implement cryptographically + /// sound padding modes in the application code. Encrypting user data directly with RSA + /// is insecure. }; @@ -69,22 +67,22 @@ enum RSAPaddingMode // defined with this macro as being exported. // #if defined(_WIN32) - #if defined(POCO_DLL) - #if defined(Crypto_EXPORTS) - #define Crypto_API __declspec(dllexport) - #else - #define Crypto_API __declspec(dllimport) - #endif - #endif +# if defined(POCO_DLL) +# if defined(Crypto_EXPORTS) +# define Crypto_API __declspec(dllexport) +# else +# define Crypto_API __declspec(dllimport) +# endif +# endif #endif #if !defined(Crypto_API) - #if !defined(POCO_NO_GCC_API_ATTRIBUTE) && defined (__GNUC__) && (__GNUC__ >= 4) - #define Crypto_API __attribute__ ((visibility ("default"))) - #else - #define Crypto_API - #endif +# if !defined(POCO_NO_GCC_API_ATTRIBUTE) && defined(__GNUC__) && (__GNUC__ >= 4) +# define Crypto_API __attribute__((visibility("default"))) +# else +# define Crypto_API +# endif #endif @@ -92,104 +90,106 @@ enum RSAPaddingMode // Automatically link Crypto and OpenSSL libraries. // #if defined(_MSC_VER) - #if !defined(POCO_NO_AUTOMATIC_LIBS) - #if defined(POCO_INTERNAL_OPENSSL_MSVC_VER) - #if defined(POCO_EXTERNAL_OPENSSL) - #pragma message("External OpenSSL defined but internal headers used - possible mismatch!") - #endif // POCO_EXTERNAL_OPENSSL - #if !defined(_DEBUG) - #define POCO_DEBUG_SUFFIX "" - #if !defined (_DLL) - #define POCO_STATIC_SUFFIX "mt" - #else // _DLL - #define POCO_STATIC_SUFFIX "" - #endif - #else // _DEBUG - #define POCO_DEBUG_SUFFIX "d" - #if !defined (_DLL) - #define POCO_STATIC_SUFFIX "mt" - #else // _DLL - #define POCO_STATIC_SUFFIX "" - #endif - #endif - #pragma comment(lib, "libcrypto" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") - #pragma comment(lib, "libssl" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") - #if !defined(_WIN64) && !defined (_DLL) && \ - (POCO_INTERNAL_OPENSSL_MSVC_VER == 120) && \ - (POCO_MSVC_VERSION < POCO_INTERNAL_OPENSSL_MSVC_VER) - #pragma comment(lib, "libPreVS2013CRT" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") - #endif - #if !defined (_DLL) && (POCO_MSVS_VERSION >= 2015) - #pragma comment(lib, "legacy_stdio_definitions.lib") - #pragma comment(lib, "legacy_stdio_wide_specifiers.lib") - #endif - #elif defined(POCO_EXTERNAL_OPENSSL) - #if POCO_EXTERNAL_OPENSSL == POCO_EXTERNAL_OPENSSL_SLPRO - #if defined(POCO_DLL) - #if OPENSSL_VERSION_PREREQ(1,1) - #pragma comment(lib, "libcrypto.lib") - #pragma comment(lib, "libssl.lib") - #else - #pragma comment(lib, "libeay32.lib") - #pragma comment(lib, "ssleay32.lib") - #endif - #else - #if OPENSSL_VERSION_PREREQ(1,1) - #if defined(_WIN64) - #pragma comment(lib, "libcrypto64" POCO_LIB_SUFFIX) - #pragma comment(lib, "libssl64" POCO_LIB_SUFFIX) - #else - #pragma comment(lib, "libcrypto32" POCO_LIB_SUFFIX) - #pragma comment(lib, "libssl32" POCO_LIB_SUFFIX) - #endif - #else - #pragma comment(lib, "libeay32" POCO_LIB_SUFFIX) - #pragma comment(lib, "ssleay32" POCO_LIB_SUFFIX) - #endif - #endif - #elif POCO_EXTERNAL_OPENSSL == POCO_EXTERNAL_OPENSSL_DEFAULT - #if OPENSSL_VERSION_PREREQ(1,1) - #pragma comment(lib, "libcrypto.lib") - #pragma comment(lib, "libssl.lib") - #else - #pragma comment(lib, "libeay32.lib") - #pragma comment(lib, "ssleay32.lib") - #endif - #endif - #endif // POCO_INTERNAL_OPENSSL_MSVC_VER - #if !defined(Crypto_EXPORTS) - #pragma comment(lib, "PocoCrypto" POCO_LIB_SUFFIX) - #endif - #endif // POCO_NO_AUTOMATIC_LIBS +# if !defined(POCO_NO_AUTOMATIC_LIBS) +# if defined(POCO_INTERNAL_OPENSSL_MSVC_VER) +# if defined(POCO_EXTERNAL_OPENSSL) +# pragma message("External OpenSSL defined but internal headers used - possible mismatch!") +# endif // POCO_EXTERNAL_OPENSSL +# if !defined(_DEBUG) +# define POCO_DEBUG_SUFFIX "" +# if !defined(_DLL) +# define POCO_STATIC_SUFFIX "mt" +# else // _DLL +# define POCO_STATIC_SUFFIX "" +# endif +# else // _DEBUG +# define POCO_DEBUG_SUFFIX "d" +# if !defined(_DLL) +# define POCO_STATIC_SUFFIX "mt" +# else // _DLL +# define POCO_STATIC_SUFFIX "" +# endif +# endif +# pragma comment(lib, "libcrypto" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") +# pragma comment(lib, "libssl" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") +# if !defined(_WIN64) && !defined(_DLL) && (POCO_INTERNAL_OPENSSL_MSVC_VER == 120) \ + && (POCO_MSVC_VERSION < POCO_INTERNAL_OPENSSL_MSVC_VER) +# pragma comment(lib, "libPreVS2013CRT" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") +# endif +# if !defined(_DLL) && (POCO_MSVS_VERSION >= 2015) +# pragma comment(lib, "legacy_stdio_definitions.lib") +# pragma comment(lib, "legacy_stdio_wide_specifiers.lib") +# endif +# elif defined(POCO_EXTERNAL_OPENSSL) +# if POCO_EXTERNAL_OPENSSL == POCO_EXTERNAL_OPENSSL_SLPRO +# if defined(POCO_DLL) +# if OPENSSL_VERSION_PREREQ(1, 1) +# pragma comment(lib, "libcrypto.lib") +# pragma comment(lib, "libssl.lib") +# else +# pragma comment(lib, "libeay32.lib") +# pragma comment(lib, "ssleay32.lib") +# endif +# else +# if OPENSSL_VERSION_PREREQ(1, 1) +# if defined(_WIN64) +# pragma comment(lib, "libcrypto64" POCO_LIB_SUFFIX) +# pragma comment(lib, "libssl64" POCO_LIB_SUFFIX) +# else +# pragma comment(lib, "libcrypto32" POCO_LIB_SUFFIX) +# pragma comment(lib, "libssl32" POCO_LIB_SUFFIX) +# endif +# else +# pragma comment(lib, "libeay32" POCO_LIB_SUFFIX) +# pragma comment(lib, "ssleay32" POCO_LIB_SUFFIX) +# endif +# endif +# elif POCO_EXTERNAL_OPENSSL == POCO_EXTERNAL_OPENSSL_DEFAULT +# if OPENSSL_VERSION_PREREQ(1, 1) +# pragma comment(lib, "libcrypto.lib") +# pragma comment(lib, "libssl.lib") +# else +# pragma comment(lib, "libeay32.lib") +# pragma comment(lib, "ssleay32.lib") +# endif +# endif +# endif // POCO_INTERNAL_OPENSSL_MSVC_VER +# if !defined(Crypto_EXPORTS) +# pragma comment(lib, "PocoCrypto" POCO_LIB_SUFFIX) +# endif +# endif // POCO_NO_AUTOMATIC_LIBS #endif -namespace Poco { -namespace Crypto { +namespace Poco +{ +namespace Crypto +{ -void Crypto_API initializeCrypto(); - /// Initialize the Crypto library, as well as the underlying OpenSSL - /// libraries, by calling OpenSSLInitializer::initialize(). - /// - /// Should be called before using any class from the Crypto library. - /// The Crypto library will be initialized automatically, through - /// OpenSSLInitializer instances held by various Crypto classes - /// (Cipher, CipherKey, RSAKey, X509Certificate). - /// However, it is recommended to call initializeCrypto() - /// in any case at application startup. - /// - /// Can be called multiple times; however, for every call to - /// initializeCrypto(), a matching call to uninitializeCrypto() - /// must be performed. + void Crypto_API initializeCrypto(); + /// Initialize the Crypto library, as well as the underlying OpenSSL + /// libraries, by calling OpenSSLInitializer::initialize(). + /// + /// Should be called before using any class from the Crypto library. + /// The Crypto library will be initialized automatically, through + /// OpenSSLInitializer instances held by various Crypto classes + /// (Cipher, CipherKey, RSAKey, X509Certificate). + /// However, it is recommended to call initializeCrypto() + /// in any case at application startup. + /// + /// Can be called multiple times; however, for every call to + /// initializeCrypto(), a matching call to uninitializeCrypto() + /// must be performed. -void Crypto_API uninitializeCrypto(); - /// Uninitializes the Crypto library by calling - /// OpenSSLInitializer::uninitialize(). + void Crypto_API uninitializeCrypto(); + /// Uninitializes the Crypto library by calling + /// OpenSSLInitializer::uninitialize(). -} } // namespace Poco::Crypto +} +} // namespace Poco::Crypto #endif // Crypto_Crypto_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CryptoException.h b/base/poco/Crypto/include/Poco/Crypto/CryptoException.h index 34c15111e6a..8a2ddd27405 100644 --- a/base/poco/Crypto/include/Poco/Crypto/CryptoException.h +++ b/base/poco/Crypto/include/Poco/Crypto/CryptoException.h @@ -23,34 +23,37 @@ #include "Poco/Exception.h" -namespace Poco { -namespace Crypto { - - -POCO_DECLARE_EXCEPTION(Crypto_API, CryptoException, Poco::Exception) - - -class Crypto_API OpenSSLException : public CryptoException +namespace Poco +{ +namespace Crypto { -public: - OpenSSLException(int code = 0); - OpenSSLException(const std::string& msg, int code = 0); - OpenSSLException(const std::string& msg, const std::string& arg, int code = 0); - OpenSSLException(const std::string& msg, const Poco::Exception& exc, int code = 0); - OpenSSLException(const OpenSSLException& exc); - ~OpenSSLException() throw(); - OpenSSLException& operator = (const OpenSSLException& exc); - const char* name() const throw(); - const char* className() const throw(); - Poco::Exception* clone() const; - void rethrow() const; - -private: - void setExtMessage(); -}; -} } // namespace Poco::Crypto + POCO_DECLARE_EXCEPTION(Crypto_API, CryptoException, Poco::Exception) + + + class Crypto_API OpenSSLException : public CryptoException + { + public: + OpenSSLException(int code = 0); + OpenSSLException(const std::string & msg, int code = 0); + OpenSSLException(const std::string & msg, const std::string & arg, int code = 0); + OpenSSLException(const std::string & msg, const Poco::Exception & exc, int code = 0); + OpenSSLException(const OpenSSLException & exc); + ~OpenSSLException() throw(); + OpenSSLException & operator=(const OpenSSLException & exc); + const char * name() const throw(); + const char * className() const throw(); + Poco::Exception * clone() const; + void rethrow() const; + + private: + void setExtMessage(); + }; + + +} +} // namespace Poco::Crypto #endif // Crypto_CryptoException_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CryptoStream.h b/base/poco/Crypto/include/Poco/Crypto/CryptoStream.h index 25a99a4ae58..788b0ab57ce 100644 --- a/base/poco/Crypto/include/Poco/Crypto/CryptoStream.h +++ b/base/poco/Crypto/include/Poco/Crypto/CryptoStream.h @@ -19,174 +19,177 @@ #define Crypto_CryptoStream_INCLUDED -#include "Poco/Crypto/Crypto.h" -#include "Poco/BufferedStreamBuf.h" -#include "Poco/Buffer.h" #include +#include "Poco/Buffer.h" +#include "Poco/BufferedStreamBuf.h" +#include "Poco/Crypto/Crypto.h" -namespace Poco { -namespace Crypto { - - -class CryptoTransform; -class Cipher; - - -class Crypto_API CryptoStreamBuf: public Poco::BufferedStreamBuf - /// This stream buffer performs cryptographic transformation on the data - /// going through it. +namespace Poco { -public: - CryptoStreamBuf(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); - CryptoStreamBuf(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); - - virtual ~CryptoStreamBuf(); - - void close(); - /// Flushes all buffers and finishes the encryption. - -protected: - int readFromDevice(char* buffer, std::streamsize length); - int writeToDevice(const char* buffer, std::streamsize length); - -private: - CryptoTransform* _pTransform; - std::istream* _pIstr; - std::ostream* _pOstr; - bool _eof; - - Poco::Buffer _buffer; - - CryptoStreamBuf(const CryptoStreamBuf&); - CryptoStreamBuf& operator = (const CryptoStreamBuf&); -}; - - -class Crypto_API CryptoIOS: public virtual std::ios - /// The base class for CryptoInputStream and CryptoOutputStream. - /// - /// This class is needed to ensure correct initialization order of the - /// stream buffer and base classes. +namespace Crypto { -public: - CryptoIOS(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); - CryptoIOS(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); - ~CryptoIOS(); - CryptoStreamBuf* rdbuf(); - -protected: - CryptoStreamBuf _buf; -}; -class Crypto_API CryptoInputStream: public CryptoIOS, public std::istream - /// This stream transforms all data passing through it using the given - /// CryptoTransform. - /// - /// Use a CryptoTransform object provided by Cipher::createEncrytor() or - /// Cipher::createDecryptor() to create an encrypting or decrypting stream, - /// respectively. -{ -public: - CryptoInputStream(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); - /// Create a new CryptoInputStream object. The CryptoInputStream takes the - /// ownership of the given CryptoTransform object. - - CryptoInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize = 8192); - /// Create a new encrypting CryptoInputStream object using the given cipher. - - ~CryptoInputStream(); - /// Destroys the CryptoInputStream. -}; + class CryptoTransform; + class Cipher; -class Crypto_API CryptoOutputStream: public CryptoIOS, public std::ostream - /// This stream transforms all data passing through it using the given - /// CryptoTransform. - /// - /// Use a CryptoTransform object provided by Cipher::createEncrytor() or - /// Cipher::createDecryptor() to create an encrypting or decrypting stream, - /// respectively. - /// - /// After all data has been passed through the stream, close() must be called - /// to ensure completion of cryptographic transformation. -{ -public: - CryptoOutputStream(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); - /// Create a new CryptoOutputStream object. The CryptoOutputStream takes the - /// ownership of the given CryptoTransform object. + class Crypto_API CryptoStreamBuf : public Poco::BufferedStreamBuf + /// This stream buffer performs cryptographic transformation on the data + /// going through it. + { + public: + CryptoStreamBuf(std::istream & istr, CryptoTransform * pTransform, std::streamsize bufferSize = 8192); + CryptoStreamBuf(std::ostream & ostr, CryptoTransform * pTransform, std::streamsize bufferSize = 8192); - CryptoOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize = 8192); - /// Create a new decrypting CryptoOutputStream object using the given cipher. + virtual ~CryptoStreamBuf(); - ~CryptoOutputStream(); - /// Destroys the CryptoOutputStream. + void close(); + /// Flushes all buffers and finishes the encryption. - void close(); - /// Flushes all buffers and finishes the encryption. -}; + protected: + int readFromDevice(char * buffer, std::streamsize length); + int writeToDevice(const char * buffer, std::streamsize length); + + private: + CryptoTransform * _pTransform; + std::istream * _pIstr; + std::ostream * _pOstr; + bool _eof; + + Poco::Buffer _buffer; + + CryptoStreamBuf(const CryptoStreamBuf &); + CryptoStreamBuf & operator=(const CryptoStreamBuf &); + }; -class Crypto_API DecryptingInputStream: public CryptoIOS, public std::istream - /// This stream decrypts all data passing through it using the given - /// Cipher. -{ -public: - DecryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize = 8192); - /// Create a new DecryptingInputStream object using the given cipher. + class Crypto_API CryptoIOS : public virtual std::ios + /// The base class for CryptoInputStream and CryptoOutputStream. + /// + /// This class is needed to ensure correct initialization order of the + /// stream buffer and base classes. + { + public: + CryptoIOS(std::istream & istr, CryptoTransform * pTransform, std::streamsize bufferSize = 8192); + CryptoIOS(std::ostream & ostr, CryptoTransform * pTransform, std::streamsize bufferSize = 8192); + ~CryptoIOS(); + CryptoStreamBuf * rdbuf(); - ~DecryptingInputStream(); - /// Destroys the DecryptingInputStream. -}; + protected: + CryptoStreamBuf _buf; + }; -class Crypto_API DecryptingOutputStream: public CryptoIOS, public std::ostream - /// This stream decrypts all data passing through it using the given - /// Cipher. -{ -public: - DecryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize = 8192); - /// Create a new DecryptingOutputStream object using the given cipher. + class Crypto_API CryptoInputStream : public CryptoIOS, public std::istream + /// This stream transforms all data passing through it using the given + /// CryptoTransform. + /// + /// Use a CryptoTransform object provided by Cipher::createEncrytor() or + /// Cipher::createDecryptor() to create an encrypting or decrypting stream, + /// respectively. + { + public: + CryptoInputStream(std::istream & istr, CryptoTransform * pTransform, std::streamsize bufferSize = 8192); + /// Create a new CryptoInputStream object. The CryptoInputStream takes the + /// ownership of the given CryptoTransform object. - ~DecryptingOutputStream(); - /// Destroys the DecryptingOutputStream. + CryptoInputStream(std::istream & istr, Cipher & cipher, std::streamsize bufferSize = 8192); + /// Create a new encrypting CryptoInputStream object using the given cipher. - void close(); - /// Flushes all buffers and finishes the decryption. -}; + ~CryptoInputStream(); + /// Destroys the CryptoInputStream. + }; -class Crypto_API EncryptingInputStream: public CryptoIOS, public std::istream - /// This stream encrypts all data passing through it using the given - /// Cipher. -{ -public: - EncryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize = 8192); - /// Create a new EncryptingInputStream object using the given cipher. + class Crypto_API CryptoOutputStream : public CryptoIOS, public std::ostream + /// This stream transforms all data passing through it using the given + /// CryptoTransform. + /// + /// Use a CryptoTransform object provided by Cipher::createEncrytor() or + /// Cipher::createDecryptor() to create an encrypting or decrypting stream, + /// respectively. + /// + /// After all data has been passed through the stream, close() must be called + /// to ensure completion of cryptographic transformation. + { + public: + CryptoOutputStream(std::ostream & ostr, CryptoTransform * pTransform, std::streamsize bufferSize = 8192); + /// Create a new CryptoOutputStream object. The CryptoOutputStream takes the + /// ownership of the given CryptoTransform object. - ~EncryptingInputStream(); - /// Destroys the EncryptingInputStream. -}; + CryptoOutputStream(std::ostream & ostr, Cipher & cipher, std::streamsize bufferSize = 8192); + /// Create a new decrypting CryptoOutputStream object using the given cipher. + + ~CryptoOutputStream(); + /// Destroys the CryptoOutputStream. + + void close(); + /// Flushes all buffers and finishes the encryption. + }; -class Crypto_API EncryptingOutputStream: public CryptoIOS, public std::ostream - /// This stream encrypts all data passing through it using the given - /// Cipher. -{ -public: - EncryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize = 8192); - /// Create a new EncryptingOutputStream object using the given cipher. + class Crypto_API DecryptingInputStream : public CryptoIOS, public std::istream + /// This stream decrypts all data passing through it using the given + /// Cipher. + { + public: + DecryptingInputStream(std::istream & istr, Cipher & cipher, std::streamsize bufferSize = 8192); + /// Create a new DecryptingInputStream object using the given cipher. - ~EncryptingOutputStream(); - /// Destroys the EncryptingOutputStream. - - void close(); - /// Flushes all buffers and finishes the encryption. -}; + ~DecryptingInputStream(); + /// Destroys the DecryptingInputStream. + }; -} } // namespace Poco::Crypto + class Crypto_API DecryptingOutputStream : public CryptoIOS, public std::ostream + /// This stream decrypts all data passing through it using the given + /// Cipher. + { + public: + DecryptingOutputStream(std::ostream & ostr, Cipher & cipher, std::streamsize bufferSize = 8192); + /// Create a new DecryptingOutputStream object using the given cipher. + + ~DecryptingOutputStream(); + /// Destroys the DecryptingOutputStream. + + void close(); + /// Flushes all buffers and finishes the decryption. + }; + + + class Crypto_API EncryptingInputStream : public CryptoIOS, public std::istream + /// This stream encrypts all data passing through it using the given + /// Cipher. + { + public: + EncryptingInputStream(std::istream & istr, Cipher & cipher, std::streamsize bufferSize = 8192); + /// Create a new EncryptingInputStream object using the given cipher. + + ~EncryptingInputStream(); + /// Destroys the EncryptingInputStream. + }; + + + class Crypto_API EncryptingOutputStream : public CryptoIOS, public std::ostream + /// This stream encrypts all data passing through it using the given + /// Cipher. + { + public: + EncryptingOutputStream(std::ostream & ostr, Cipher & cipher, std::streamsize bufferSize = 8192); + /// Create a new EncryptingOutputStream object using the given cipher. + + ~EncryptingOutputStream(); + /// Destroys the EncryptingOutputStream. + + void close(); + /// Flushes all buffers and finishes the encryption. + }; + + +} +} // namespace Poco::Crypto #endif // Crypto_CryptoStream_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CryptoTransform.h b/base/poco/Crypto/include/Poco/Crypto/CryptoTransform.h index 9fa3806c653..7fbcff2b5c3 100644 --- a/base/poco/Crypto/include/Poco/Crypto/CryptoTransform.h +++ b/base/poco/Crypto/include/Poco/Crypto/CryptoTransform.h @@ -18,70 +18,71 @@ #define Crypto_CryptoTransform_INCLUDED -#include "Poco/Crypto/Crypto.h" #include +#include "Poco/Crypto/Crypto.h" -namespace Poco { -namespace Crypto { - - -class Crypto_API CryptoTransform - /// This interface represents the basic operations for cryptographic - /// transformations to be used with a CryptoInputStream or a - /// CryptoOutputStream. - /// - /// Implementations of this class are returned by the Cipher class to - /// perform encryption or decryption of data. +namespace Poco +{ +namespace Crypto { -public: - CryptoTransform(); - /// Creates a new CryptoTransform object. - - virtual ~CryptoTransform(); - /// Destroys the CryptoTransform. - - virtual std::size_t blockSize() const = 0; - /// Returns the block size for this CryptoTransform. - - virtual int setPadding(int padding); - /// Enables or disables padding. By default encryption operations are padded using standard block - /// padding and the padding is checked and removed when decrypting. If the padding parameter is zero then - /// no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of - /// the block size or an error will occur. - - virtual std::string getTag(std::size_t tagSize = 16) = 0; - /// Returns the GCM tag after encrypting using GCM mode. - /// - /// Must be called after finalize(). - - virtual void setTag(const std::string& tag) = 0; - /// Sets the GCM tag for authenticated decryption using GCM mode. - /// - /// Must be set before finalize() is called, otherwise - /// decryption will fail. - - virtual std::streamsize transform( - const unsigned char* input, - std::streamsize inputLength, - unsigned char* output, - std::streamsize outputLength) = 0; - /// Transforms a chunk of data. The inputLength is arbitrary and does not - /// need to be a multiple of the block size. The output buffer has a maximum - /// capacity of the given outputLength that must be at least - /// inputLength + blockSize() - 1 - /// Returns the number of bytes written to the output buffer. - - virtual std::streamsize finalize(unsigned char* output, std::streamsize length) = 0; - /// Finalizes the transformation. The output buffer must contain enough - /// space for at least two blocks, ie. - /// length >= 2*blockSize() - /// must be true. Returns the number of bytes written to the output - /// buffer. -}; -} } // namespace Poco::Crypto + class Crypto_API CryptoTransform + /// This interface represents the basic operations for cryptographic + /// transformations to be used with a CryptoInputStream or a + /// CryptoOutputStream. + /// + /// Implementations of this class are returned by the Cipher class to + /// perform encryption or decryption of data. + { + public: + CryptoTransform(); + /// Creates a new CryptoTransform object. + + virtual ~CryptoTransform(); + /// Destroys the CryptoTransform. + + virtual std::size_t blockSize() const = 0; + /// Returns the block size for this CryptoTransform. + + virtual int setPadding(int padding); + /// Enables or disables padding. By default encryption operations are padded using standard block + /// padding and the padding is checked and removed when decrypting. If the padding parameter is zero then + /// no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of + /// the block size or an error will occur. + + virtual std::string getTag(std::size_t tagSize = 16) = 0; + /// Returns the GCM tag after encrypting using GCM mode. + /// + /// Must be called after finalize(). + + virtual void setTag(const std::string & tag) = 0; + /// Sets the GCM tag for authenticated decryption using GCM mode. + /// + /// Must be set before finalize() is called, otherwise + /// decryption will fail. + + virtual std::streamsize + transform(const unsigned char * input, std::streamsize inputLength, unsigned char * output, std::streamsize outputLength) + = 0; + /// Transforms a chunk of data. The inputLength is arbitrary and does not + /// need to be a multiple of the block size. The output buffer has a maximum + /// capacity of the given outputLength that must be at least + /// inputLength + blockSize() - 1 + /// Returns the number of bytes written to the output buffer. + + virtual std::streamsize finalize(unsigned char * output, std::streamsize length) = 0; + /// Finalizes the transformation. The output buffer must contain enough + /// space for at least two blocks, ie. + /// length >= 2*blockSize() + /// must be true. Returns the number of bytes written to the output + /// buffer. + }; + + +} +} // namespace Poco::Crypto #endif // Crypto_CryptoTransform_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/DigestEngine.h b/base/poco/Crypto/include/Poco/Crypto/DigestEngine.h index 1c30e769d5f..77a1349f8e2 100644 --- a/base/poco/Crypto/include/Poco/Crypto/DigestEngine.h +++ b/base/poco/Crypto/include/Poco/Crypto/DigestEngine.h @@ -18,63 +18,66 @@ #define Crypto_DigestEngine_INCLUDED +#include #include "Poco/Crypto/Crypto.h" #include "Poco/Crypto/OpenSSLInitializer.h" #include "Poco/DigestEngine.h" -#include -namespace Poco { -namespace Crypto { - - -class Crypto_API DigestEngine: public Poco::DigestEngine - /// This class implements a Poco::DigestEngine for all - /// digest algorithms supported by OpenSSL. +namespace Poco { -public: - DigestEngine(const std::string& name); - /// Creates a DigestEngine using the digest with the given name - /// (e.g., "MD5", "SHA1", "SHA256", "SHA512", etc.). - /// See the OpenSSL documentation for a list of supported digest algorithms. - /// - /// Throws a Poco::NotFoundException if no algorithm with the given name exists. - - ~DigestEngine(); - /// Destroys the DigestEngine. - - const std::string& algorithm() const; - /// Returns the name of the digest algorithm. - - int nid() const; - /// Returns the NID (OpenSSL object identifier) of the digest algorithm. - - // DigestEngine - std::size_t digestLength() const; - void reset(); - const Poco::DigestEngine::Digest& digest(); - -protected: - void updateImpl(const void* data, std::size_t length); - -private: - std::string _name; - EVP_MD_CTX* _pContext; - Poco::DigestEngine::Digest _digest; - OpenSSLInitializer _openSSLInitializer; -}; - - -// -// inlines -// -inline const std::string& DigestEngine::algorithm() const +namespace Crypto { - return _name; + + + class Crypto_API DigestEngine : public Poco::DigestEngine + /// This class implements a Poco::DigestEngine for all + /// digest algorithms supported by OpenSSL. + { + public: + DigestEngine(const std::string & name); + /// Creates a DigestEngine using the digest with the given name + /// (e.g., "MD5", "SHA1", "SHA256", "SHA512", etc.). + /// See the OpenSSL documentation for a list of supported digest algorithms. + /// + /// Throws a Poco::NotFoundException if no algorithm with the given name exists. + + ~DigestEngine(); + /// Destroys the DigestEngine. + + const std::string & algorithm() const; + /// Returns the name of the digest algorithm. + + int nid() const; + /// Returns the NID (OpenSSL object identifier) of the digest algorithm. + + // DigestEngine + std::size_t digestLength() const; + void reset(); + const Poco::DigestEngine::Digest & digest(); + + protected: + void updateImpl(const void * data, std::size_t length); + + private: + std::string _name; + EVP_MD_CTX * _pContext; + Poco::DigestEngine::Digest _digest; + OpenSSLInitializer _openSSLInitializer; + }; + + + // + // inlines + // + inline const std::string & DigestEngine::algorithm() const + { + return _name; + } + + } - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_DigestEngine_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/ECDSADigestEngine.h b/base/poco/Crypto/include/Poco/Crypto/ECDSADigestEngine.h index ed6fab442f6..2d0c31ba09c 100644 --- a/base/poco/Crypto/include/Poco/Crypto/ECDSADigestEngine.h +++ b/base/poco/Crypto/include/Poco/Crypto/ECDSADigestEngine.h @@ -19,83 +19,85 @@ #define Crypto_ECDSADigestEngine_INCLUDED -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/ECKey.h" -#include "Poco/DigestEngine.h" -#include "Poco/Crypto/DigestEngine.h" #include #include +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/DigestEngine.h" +#include "Poco/Crypto/ECKey.h" +#include "Poco/DigestEngine.h" -namespace Poco { -namespace Crypto { - - -class Crypto_API ECDSADigestEngine: public Poco::DigestEngine - /// This class implements a Poco::DigestEngine that can be - /// used to compute a secure digital signature. - /// - /// First another Poco::Crypto::DigestEngine is created and - /// used to compute a cryptographic hash of the data to be - /// signed. Then, the hash value is encrypted, using - /// the ECDSA private key. - /// - /// To verify a signature, pass it to the verify() - /// member function. It will decrypt the signature - /// using the ECDSA public key and compare the resulting - /// hash with the actual hash of the data. +namespace Poco +{ +namespace Crypto { -public: - - ECDSADigestEngine(const ECKey& key, const std::string &name); - /// Creates the ECDSADigestEngine with the given ECDSA key, - /// using the hash algorithm with the given name - /// (e.g., "SHA1", "SHA256", "SHA512", etc.). - /// See the OpenSSL documentation for a list of supported digest algorithms. - /// - /// Throws a Poco::NotFoundException if no algorithm with the given name exists. - - ~ECDSADigestEngine(); - /// Destroys the ECDSADigestEngine. - - std::size_t digestLength() const; - /// Returns the length of the digest in bytes. - - void reset(); - /// Resets the engine so that a new - /// digest can be computed. - - const DigestEngine::Digest& digest(); - /// Finishes the computation of the digest - /// (the first time it's called) and - /// returns the message digest. - /// - /// Can be called multiple times. - - const DigestEngine::Digest& signature(); - /// Signs the digest using the ECDSADSA algorithm - /// and the private key (the first time it's - /// called) and returns the result. - /// - /// Can be called multiple times. - - bool verify(const DigestEngine::Digest& signature); - /// Verifies the data against the signature. - /// - /// Returns true if the signature can be verified, false otherwise. - -protected: - void updateImpl(const void* data, std::size_t length); - -private: - ECKey _key; - Poco::Crypto::DigestEngine _engine; - Poco::DigestEngine::Digest _digest; - Poco::DigestEngine::Digest _signature; -}; -} } // namespace Poco::Crypto + class Crypto_API ECDSADigestEngine : public Poco::DigestEngine + /// This class implements a Poco::DigestEngine that can be + /// used to compute a secure digital signature. + /// + /// First another Poco::Crypto::DigestEngine is created and + /// used to compute a cryptographic hash of the data to be + /// signed. Then, the hash value is encrypted, using + /// the ECDSA private key. + /// + /// To verify a signature, pass it to the verify() + /// member function. It will decrypt the signature + /// using the ECDSA public key and compare the resulting + /// hash with the actual hash of the data. + { + public: + ECDSADigestEngine(const ECKey & key, const std::string & name); + /// Creates the ECDSADigestEngine with the given ECDSA key, + /// using the hash algorithm with the given name + /// (e.g., "SHA1", "SHA256", "SHA512", etc.). + /// See the OpenSSL documentation for a list of supported digest algorithms. + /// + /// Throws a Poco::NotFoundException if no algorithm with the given name exists. + + ~ECDSADigestEngine(); + /// Destroys the ECDSADigestEngine. + + std::size_t digestLength() const; + /// Returns the length of the digest in bytes. + + void reset(); + /// Resets the engine so that a new + /// digest can be computed. + + const DigestEngine::Digest & digest(); + /// Finishes the computation of the digest + /// (the first time it's called) and + /// returns the message digest. + /// + /// Can be called multiple times. + + const DigestEngine::Digest & signature(); + /// Signs the digest using the ECDSADSA algorithm + /// and the private key (the first time it's + /// called) and returns the result. + /// + /// Can be called multiple times. + + bool verify(const DigestEngine::Digest & signature); + /// Verifies the data against the signature. + /// + /// Returns true if the signature can be verified, false otherwise. + + protected: + void updateImpl(const void * data, std::size_t length); + + private: + ECKey _key; + Poco::Crypto::DigestEngine _engine; + Poco::DigestEngine::Digest _digest; + Poco::DigestEngine::Digest _signature; + }; + + +} +} // namespace Poco::Crypto #endif // Crypto_ECDSADigestEngine_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/ECKey.h b/base/poco/Crypto/include/Poco/Crypto/ECKey.h index 15d5401cbcd..babcd814ec9 100644 --- a/base/poco/Crypto/include/Poco/Crypto/ECKey.h +++ b/base/poco/Crypto/include/Poco/Crypto/ECKey.h @@ -20,116 +20,119 @@ #include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/KeyPair.h" #include "Poco/Crypto/ECKeyImpl.h" +#include "Poco/Crypto/KeyPair.h" -namespace Poco { -namespace Crypto { - - -class X509Certificate; -class PKCS12Container; - - -class Crypto_API ECKey : public KeyPair - /// This class stores an EC key pair, consisting - /// of private and public key. Storage of the private - /// key is optional. - /// - /// If a private key is available, the ECKey can be - /// used for decrypting data (encrypted with the public key) - /// or computing secure digital signatures. +namespace Poco { -public: - ECKey(const EVPPKey& key); - /// Constructs ECKeyImpl by extracting the EC key. - - ECKey(const X509Certificate& cert); - /// Extracts the EC public key from the given certificate. - - ECKey(const PKCS12Container& cert); - /// Extracts the EC private key from the given certificate. - - ECKey(const std::string& eccGroup); - /// Creates the ECKey. Creates a new public/private key pair using the given parameters. - /// Can be used to sign data and verify signatures. - - ECKey(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase = ""); - /// Creates the ECKey, by reading public and private key from the given files and - /// using the given passphrase for the private key. - /// - /// Cannot be used for signing or decryption unless a private key is available. - /// - /// If a private key is specified, you don't need to specify a public key file. - /// OpenSSL will auto-create the public key from the private key. - - ECKey(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream = 0, const std::string& privateKeyPassphrase = ""); - /// Creates the ECKey, by reading public and private key from the given streams and - /// using the given passphrase for the private key. - /// - /// Cannot be used for signing or decryption unless a private key is available. - /// - /// If a private key is specified, you don't need to specify a public key file. - /// OpenSSL will auto-create the public key from the private key. - - ~ECKey(); - /// Destroys the ECKey. - - ECKeyImpl::Ptr impl() const; - /// Returns the impl object. - - static std::string getCurveName(int nid = -1); - /// Returns elliptical curve name corresponding to - /// the given nid; if nid is not found, returns - /// empty string. - /// - /// If nid is -1, returns first curve name. - /// - /// If no curves are found, returns empty string; - - static int getCurveNID(std::string& name); - /// Returns the NID of the specified curve. - /// - /// If name is empty, returns the first curve NID - /// and updates the name accordingly. - - static bool hasCurve(const std::string& name); - /// Returns true if the named curve is found, - /// false otherwise. - -private: - ECKeyImpl::Ptr _pImpl; -}; - - -// -// inlines -// -inline ECKeyImpl::Ptr ECKey::impl() const +namespace Crypto { - return _pImpl; + + + class X509Certificate; + class PKCS12Container; + + + class Crypto_API ECKey : public KeyPair + /// This class stores an EC key pair, consisting + /// of private and public key. Storage of the private + /// key is optional. + /// + /// If a private key is available, the ECKey can be + /// used for decrypting data (encrypted with the public key) + /// or computing secure digital signatures. + { + public: + ECKey(const EVPPKey & key); + /// Constructs ECKeyImpl by extracting the EC key. + + ECKey(const X509Certificate & cert); + /// Extracts the EC public key from the given certificate. + + ECKey(const PKCS12Container & cert); + /// Extracts the EC private key from the given certificate. + + ECKey(const std::string & eccGroup); + /// Creates the ECKey. Creates a new public/private key pair using the given parameters. + /// Can be used to sign data and verify signatures. + + ECKey(const std::string & publicKeyFile, const std::string & privateKeyFile, const std::string & privateKeyPassphrase = ""); + /// Creates the ECKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. + /// + /// Cannot be used for signing or decryption unless a private key is available. + /// + /// If a private key is specified, you don't need to specify a public key file. + /// OpenSSL will auto-create the public key from the private key. + + ECKey(std::istream * pPublicKeyStream, std::istream * pPrivateKeyStream = 0, const std::string & privateKeyPassphrase = ""); + /// Creates the ECKey, by reading public and private key from the given streams and + /// using the given passphrase for the private key. + /// + /// Cannot be used for signing or decryption unless a private key is available. + /// + /// If a private key is specified, you don't need to specify a public key file. + /// OpenSSL will auto-create the public key from the private key. + + ~ECKey(); + /// Destroys the ECKey. + + ECKeyImpl::Ptr impl() const; + /// Returns the impl object. + + static std::string getCurveName(int nid = -1); + /// Returns elliptical curve name corresponding to + /// the given nid; if nid is not found, returns + /// empty string. + /// + /// If nid is -1, returns first curve name. + /// + /// If no curves are found, returns empty string; + + static int getCurveNID(std::string & name); + /// Returns the NID of the specified curve. + /// + /// If name is empty, returns the first curve NID + /// and updates the name accordingly. + + static bool hasCurve(const std::string & name); + /// Returns true if the named curve is found, + /// false otherwise. + + private: + ECKeyImpl::Ptr _pImpl; + }; + + + // + // inlines + // + inline ECKeyImpl::Ptr ECKey::impl() const + { + return _pImpl; + } + + + inline std::string ECKey::getCurveName(int nid) + { + return ECKeyImpl::getCurveName(nid); + } + + + inline int ECKey::getCurveNID(std::string & name) + { + return ECKeyImpl::getCurveNID(name); + } + + + inline bool ECKey::hasCurve(const std::string & name) + { + return ECKeyImpl::hasCurve(name); + } + + } - - -inline std::string ECKey::getCurveName(int nid) -{ - return ECKeyImpl::getCurveName(nid); -} - - -inline int ECKey::getCurveNID(std::string& name) -{ - return ECKeyImpl::getCurveNID(name); -} - - -inline bool ECKey::hasCurve(const std::string& name) -{ - return ECKeyImpl::hasCurve(name); -} - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_ECKey_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/ECKeyImpl.h b/base/poco/Crypto/include/Poco/Crypto/ECKeyImpl.h index 840764304d1..2a72861a84e 100644 --- a/base/poco/Crypto/include/Poco/Crypto/ECKeyImpl.h +++ b/base/poco/Crypto/include/Poco/Crypto/ECKeyImpl.h @@ -19,156 +19,155 @@ #define Crypto_ECKeyImplImpl_INCLUDED +#include +#include +#include +#include +#include +#include "Poco/AutoPtr.h" #include "Poco/Crypto/Crypto.h" #include "Poco/Crypto/EVPPKey.h" #include "Poco/Crypto/KeyPairImpl.h" #include "Poco/Crypto/OpenSSLInitializer.h" #include "Poco/RefCountedObject.h" -#include "Poco/AutoPtr.h" -#include -#include -#include -#include -#include -namespace Poco { -namespace Crypto { - - -class X509Certificate; -class PKCS12Container; - - -class ECKeyImpl: public KeyPairImpl - /// Elliptic Curve key clas implementation. +namespace Poco { -public: - typedef Poco::AutoPtr Ptr; - typedef std::vector ByteVec; - - ECKeyImpl(const EVPPKey& key); - /// Constructs ECKeyImpl by extracting the EC key. - - ECKeyImpl(const X509Certificate& cert); - /// Constructs ECKeyImpl by extracting the EC public key from the given certificate. - - ECKeyImpl(const PKCS12Container& cert); - /// Constructs ECKeyImpl by extracting the EC private key from the given certificate. - - ECKeyImpl(int eccGroup); - /// Creates the ECKey of the specified group. Creates a new public/private keypair using the given parameters. - /// Can be used to sign data and verify signatures. - - ECKeyImpl(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase); - /// Creates the ECKey, by reading public and private key from the given files and - /// using the given passphrase for the private key. Can only by used for signing if - /// a private key is available. - - ECKeyImpl(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase); - /// Creates the ECKey. Can only by used for signing if pPrivKey - /// is not null. If a private key file is specified, you don't need to - /// specify a public key file. OpenSSL will auto-create it from the private key. - - ~ECKeyImpl(); - /// Destroys the ECKeyImpl. - - EC_KEY* getECKey(); - /// Returns the OpenSSL EC key. - - const EC_KEY* getECKey() const; - /// Returns the OpenSSL EC key. - - int size() const; - /// Returns the EC key length in bits. - - int groupId() const; - /// Returns the EC key group integer Id. - - std::string groupName() const; - /// Returns the EC key group name. - - void save(const std::string& publicKeyFile, - const std::string& privateKeyFile = "", - const std::string& privateKeyPassphrase = "") const; - /// Exports the public and private keys to the given files. - /// - /// If an empty filename is specified, the corresponding key - /// is not exported. - - void save(std::ostream* pPublicKeyStream, - std::ostream* pPrivateKeyStream = 0, - const std::string& privateKeyPassphrase = "") const; - /// Exports the public and private key to the given streams. - /// - /// If a null pointer is passed for a stream, the corresponding - /// key is not exported. - - static std::string getCurveName(int nid = -1); - /// Returns elliptical curve name corresponding to - /// the given nid; if nid is not found, returns - /// empty string. - /// - /// If nid is -1, returns first curve name. - /// - /// If no curves are found, returns empty string; - - static int getCurveNID(std::string& name); - /// Returns the NID of the specified curve. - /// - /// If name is empty, returns the first curve NID - /// and updates the name accordingly. - - static bool hasCurve(const std::string& name); - /// Returns true if the named curve is found, - /// false otherwise. - -private: - void checkEC(const std::string& method, const std::string& func) const; - void freeEC(); - - EC_KEY* _pEC; -}; - - -// -// inlines -// -inline EC_KEY* ECKeyImpl::getECKey() +namespace Crypto { - return _pEC; + + + class X509Certificate; + class PKCS12Container; + + + class ECKeyImpl : public KeyPairImpl + /// Elliptic Curve key clas implementation. + { + public: + typedef Poco::AutoPtr Ptr; + typedef std::vector ByteVec; + + ECKeyImpl(const EVPPKey & key); + /// Constructs ECKeyImpl by extracting the EC key. + + ECKeyImpl(const X509Certificate & cert); + /// Constructs ECKeyImpl by extracting the EC public key from the given certificate. + + ECKeyImpl(const PKCS12Container & cert); + /// Constructs ECKeyImpl by extracting the EC private key from the given certificate. + + ECKeyImpl(int eccGroup); + /// Creates the ECKey of the specified group. Creates a new public/private keypair using the given parameters. + /// Can be used to sign data and verify signatures. + + ECKeyImpl(const std::string & publicKeyFile, const std::string & privateKeyFile, const std::string & privateKeyPassphrase); + /// Creates the ECKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. Can only by used for signing if + /// a private key is available. + + ECKeyImpl(std::istream * pPublicKeyStream, std::istream * pPrivateKeyStream, const std::string & privateKeyPassphrase); + /// Creates the ECKey. Can only by used for signing if pPrivKey + /// is not null. If a private key file is specified, you don't need to + /// specify a public key file. OpenSSL will auto-create it from the private key. + + ~ECKeyImpl(); + /// Destroys the ECKeyImpl. + + EC_KEY * getECKey(); + /// Returns the OpenSSL EC key. + + const EC_KEY * getECKey() const; + /// Returns the OpenSSL EC key. + + int size() const; + /// Returns the EC key length in bits. + + int groupId() const; + /// Returns the EC key group integer Id. + + std::string groupName() const; + /// Returns the EC key group name. + + void save(const std::string & publicKeyFile, const std::string & privateKeyFile = "", const std::string & privateKeyPassphrase = "") + const; + /// Exports the public and private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + void + save(std::ostream * pPublicKeyStream, std::ostream * pPrivateKeyStream = 0, const std::string & privateKeyPassphrase = "") const; + /// Exports the public and private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + + static std::string getCurveName(int nid = -1); + /// Returns elliptical curve name corresponding to + /// the given nid; if nid is not found, returns + /// empty string. + /// + /// If nid is -1, returns first curve name. + /// + /// If no curves are found, returns empty string; + + static int getCurveNID(std::string & name); + /// Returns the NID of the specified curve. + /// + /// If name is empty, returns the first curve NID + /// and updates the name accordingly. + + static bool hasCurve(const std::string & name); + /// Returns true if the named curve is found, + /// false otherwise. + + private: + void checkEC(const std::string & method, const std::string & func) const; + void freeEC(); + + EC_KEY * _pEC; + }; + + + // + // inlines + // + inline EC_KEY * ECKeyImpl::getECKey() + { + return _pEC; + } + + + inline const EC_KEY * ECKeyImpl::getECKey() const + { + return _pEC; + } + + + inline std::string ECKeyImpl::groupName() const + { + return OBJ_nid2sn(groupId()); + } + + + inline void + ECKeyImpl::save(const std::string & publicKeyFile, const std::string & privateKeyFile, const std::string & privateKeyPassphrase) const + { + EVPPKey(_pEC).save(publicKeyFile, privateKeyFile, privateKeyPassphrase); + } + + + inline void + ECKeyImpl::save(std::ostream * pPublicKeyStream, std::ostream * pPrivateKeyStream, const std::string & privateKeyPassphrase) const + { + EVPPKey(_pEC).save(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase); + } + + } - - -inline const EC_KEY* ECKeyImpl::getECKey() const -{ - return _pEC; -} - - -inline std::string ECKeyImpl::groupName() const -{ - return OBJ_nid2sn(groupId()); -} - - -inline void ECKeyImpl::save(const std::string& publicKeyFile, - const std::string& privateKeyFile, - const std::string& privateKeyPassphrase) const -{ - EVPPKey(_pEC).save(publicKeyFile, privateKeyFile, privateKeyPassphrase); -} - - -inline void ECKeyImpl::save(std::ostream* pPublicKeyStream, - std::ostream* pPrivateKeyStream, - const std::string& privateKeyPassphrase) const -{ - EVPPKey(_pEC).save(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase); -} - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_ECKeyImplImpl_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/EVPPKey.h b/base/poco/Crypto/include/Poco/Crypto/EVPPKey.h index 2b0062a3e13..acc79ec92b2 100644 --- a/base/poco/Crypto/include/Poco/Crypto/EVPPKey.h +++ b/base/poco/Crypto/include/Poco/Crypto/EVPPKey.h @@ -19,336 +19,351 @@ #define Crypto_EVPPKeyImpl_INCLUDED +#include +#include +#include +#include +#include +#include #include "Poco/Crypto/Crypto.h" #include "Poco/Crypto/CryptoException.h" #include "Poco/StreamCopier.h" -#include -#include -#include -#include -#include -#include -namespace Poco { -namespace Crypto { - - -class ECKey; -class RSAKey; - - -class Crypto_API EVPPKey - /// Utility class for conversion of native keys to EVP. - /// Currently, only RSA and EC keys are supported. +namespace Poco +{ +namespace Crypto { -public: - explicit EVPPKey(const std::string& ecCurveName); - /// Constructs EVPPKey from ECC curve name. - /// - /// Only EC keys can be wrapped by an EVPPKey - /// created using this constructor. - explicit EVPPKey(const char* ecCurveName); - /// Constructs EVPPKey from ECC curve name. - /// - /// Only EC keys can be wrapped by an EVPPKey - /// created using this constructor. - explicit EVPPKey(EVP_PKEY* pEVPPKey); - /// Constructs EVPPKey from EVP_PKEY pointer. - /// The content behind the supplied pointer is internally duplicated. + class ECKey; + class RSAKey; - template - explicit EVPPKey(K* pKey): _pEVPPKey(EVP_PKEY_new()) - /// Constructs EVPPKey from a "native" OpenSSL (RSA or EC_KEY), - /// or a Poco wrapper (RSAKey, ECKey) key pointer. - { - if (!_pEVPPKey) throw OpenSSLException(); - setKey(pKey); - } - EVPPKey(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase = ""); - /// Creates the EVPPKey, by reading public and private key from the given files and - /// using the given passphrase for the private key. Can only by used for signing if - /// a private key is available. + class Crypto_API EVPPKey + /// Utility class for conversion of native keys to EVP. + /// Currently, only RSA and EC keys are supported. + { + public: + explicit EVPPKey(const std::string & ecCurveName); + /// Constructs EVPPKey from ECC curve name. + /// + /// Only EC keys can be wrapped by an EVPPKey + /// created using this constructor. - EVPPKey(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase = ""); - /// Creates the EVPPKey. Can only by used for signing if pPrivKey - /// is not null. If a private key file is specified, you don't need to - /// specify a public key file. OpenSSL will auto-create it from the private key. + explicit EVPPKey(const char * ecCurveName); + /// Constructs EVPPKey from ECC curve name. + /// + /// Only EC keys can be wrapped by an EVPPKey + /// created using this constructor. - EVPPKey(const EVPPKey& other); - /// Copy constructor. + explicit EVPPKey(EVP_PKEY * pEVPPKey); + /// Constructs EVPPKey from EVP_PKEY pointer. + /// The content behind the supplied pointer is internally duplicated. - EVPPKey& operator=(const EVPPKey& other); - /// Assignment operator. + template + explicit EVPPKey(K * pKey) : _pEVPPKey(EVP_PKEY_new()) + /// Constructs EVPPKey from a "native" OpenSSL (RSA or EC_KEY), + /// or a Poco wrapper (RSAKey, ECKey) key pointer. + { + if (!_pEVPPKey) + throw OpenSSLException(); + setKey(pKey); + } + + EVPPKey(const std::string & publicKeyFile, const std::string & privateKeyFile, const std::string & privateKeyPassphrase = ""); + /// Creates the EVPPKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. Can only by used for signing if + /// a private key is available. + + EVPPKey(std::istream * pPublicKeyStream, std::istream * pPrivateKeyStream, const std::string & privateKeyPassphrase = ""); + /// Creates the EVPPKey. Can only by used for signing if pPrivKey + /// is not null. If a private key file is specified, you don't need to + /// specify a public key file. OpenSSL will auto-create it from the private key. + + EVPPKey(const EVPPKey & other); + /// Copy constructor. + + EVPPKey & operator=(const EVPPKey & other); + /// Assignment operator. #ifdef POCO_ENABLE_CPP11 - EVPPKey(EVPPKey&& other); - /// Move constructor. + EVPPKey(EVPPKey && other); + /// Move constructor. - EVPPKey& operator=(EVPPKey&& other); - /// Assignment move operator. + EVPPKey & operator=(EVPPKey && other); + /// Assignment move operator. #endif // POCO_ENABLE_CPP11 - ~EVPPKey(); - /// Destroys the EVPPKey. + ~EVPPKey(); + /// Destroys the EVPPKey. - bool operator == (const EVPPKey& other) const; - /// Comparison operator. - /// Returns true if public key components and parameters - /// of the other key are equal to this key. - /// - /// Works as expected when one key contains only public key, - /// while the other one contains private (thus also public) key. + bool operator==(const EVPPKey & other) const; + /// Comparison operator. + /// Returns true if public key components and parameters + /// of the other key are equal to this key. + /// + /// Works as expected when one key contains only public key, + /// while the other one contains private (thus also public) key. - bool operator != (const EVPPKey& other) const; - /// Comparison operator. - /// Returns true if public key components and parameters - /// of the other key are different from this key. - /// - /// Works as expected when one key contains only public key, - /// while the other one contains private (thus also public) key. + bool operator!=(const EVPPKey & other) const; + /// Comparison operator. + /// Returns true if public key components and parameters + /// of the other key are different from this key. + /// + /// Works as expected when one key contains only public key, + /// while the other one contains private (thus also public) key. - void save(const std::string& publicKeyFile, const std::string& privateKeyFile = "", const std::string& privateKeyPassphrase = "") const; - /// Exports the public and/or private keys to the given files. - /// - /// If an empty filename is specified, the corresponding key - /// is not exported. + void save(const std::string & publicKeyFile, const std::string & privateKeyFile = "", const std::string & privateKeyPassphrase = "") + const; + /// Exports the public and/or private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. - void save(std::ostream* pPublicKeyStream, std::ostream* pPrivateKeyStream = 0, const std::string& privateKeyPassphrase = "") const; - /// Exports the public and/or private key to the given streams. - /// - /// If a null pointer is passed for a stream, the corresponding - /// key is not exported. + void + save(std::ostream * pPublicKeyStream, std::ostream * pPrivateKeyStream = 0, const std::string & privateKeyPassphrase = "") const; + /// Exports the public and/or private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. - int type() const; - /// Returns the EVPPKey type NID. + int type() const; + /// Returns the EVPPKey type NID. - bool isSupported(int type) const; - /// Returns true if OpenSSL type is supported + bool isSupported(int type) const; + /// Returns true if OpenSSL type is supported - operator const EVP_PKEY*() const; - /// Returns const pointer to the OpenSSL EVP_PKEY structure. + operator const EVP_PKEY *() const; + /// Returns const pointer to the OpenSSL EVP_PKEY structure. - operator EVP_PKEY*(); - /// Returns pointer to the OpenSSL EVP_PKEY structure. + operator EVP_PKEY *(); + /// Returns pointer to the OpenSSL EVP_PKEY structure. - static EVP_PKEY* duplicate(const EVP_PKEY* pFromKey, EVP_PKEY** pToKey); - /// Duplicates pFromKey into *pToKey and returns - // the pointer to duplicated EVP_PKEY. + static EVP_PKEY * duplicate(const EVP_PKEY * pFromKey, EVP_PKEY ** pToKey); + /// Duplicates pFromKey into *pToKey and returns + // the pointer to duplicated EVP_PKEY. -private: - EVPPKey(); + private: + EVPPKey(); - static int type(const EVP_PKEY* pEVPPKey); - void newECKey(const char* group); - void duplicate(EVP_PKEY* pEVPPKey); + static int type(const EVP_PKEY * pEVPPKey); + void newECKey(const char * group); + void duplicate(EVP_PKEY * pEVPPKey); - void setKey(ECKey* pKey); - void setKey(RSAKey* pKey); - void setKey(EC_KEY* pKey); - void setKey(RSA* pKey); - static int passCB(char* buf, int size, int, void* pass); + void setKey(ECKey * pKey); + void setKey(RSAKey * pKey); + void setKey(EC_KEY * pKey); + void setKey(RSA * pKey); + static int passCB(char * buf, int size, int, void * pass); - typedef EVP_PKEY* (*PEM_read_FILE_Key_fn)(FILE*, EVP_PKEY**, pem_password_cb*, void*); - typedef EVP_PKEY* (*PEM_read_BIO_Key_fn)(BIO*, EVP_PKEY**, pem_password_cb*, void*); - typedef void* (*EVP_PKEY_get_Key_fn)(EVP_PKEY*); + typedef EVP_PKEY * (*PEM_read_FILE_Key_fn)(FILE *, EVP_PKEY **, pem_password_cb *, void *); + typedef EVP_PKEY * (*PEM_read_BIO_Key_fn)(BIO *, EVP_PKEY **, pem_password_cb *, void *); + typedef void * (*EVP_PKEY_get_Key_fn)(EVP_PKEY *); - // The following load*() functions are used by both native and EVP_PKEY type key - // loading from BIO/FILE. - // When used for EVP key loading, getFunc is null (ie. native key is not extracted - // from the loaded EVP_PKEY). - template - static bool loadKey(K** ppKey, - PEM_read_FILE_Key_fn readFunc, - F getFunc, - const std::string& keyFile, - const std::string& pass = "") - { - poco_assert_dbg (((typeid(K*) == typeid(RSA*) || typeid(K*) == typeid(EC_KEY*)) && getFunc) || - ((typeid(K*) == typeid(EVP_PKEY*)) && !getFunc)); - poco_check_ptr (ppKey); - poco_assert_dbg (!*ppKey); + // The following load*() functions are used by both native and EVP_PKEY type key + // loading from BIO/FILE. + // When used for EVP key loading, getFunc is null (ie. native key is not extracted + // from the loaded EVP_PKEY). + template + static bool + loadKey(K ** ppKey, PEM_read_FILE_Key_fn readFunc, F getFunc, const std::string & keyFile, const std::string & pass = "") + { + poco_assert_dbg( + ((typeid(K *) == typeid(RSA *) || typeid(K *) == typeid(EC_KEY *)) && getFunc) + || ((typeid(K *) == typeid(EVP_PKEY *)) && !getFunc)); + poco_check_ptr(ppKey); + poco_assert_dbg(!*ppKey); - FILE* pFile = 0; - if (!keyFile.empty()) - { - if (!getFunc) *ppKey = (K*)EVP_PKEY_new(); - EVP_PKEY* pKey = getFunc ? EVP_PKEY_new() : (EVP_PKEY*)*ppKey; - if (pKey) - { - pFile = fopen(keyFile.c_str(), "r"); - if (pFile) - { - pem_password_cb* pCB = pass.empty() ? (pem_password_cb*)0 : &passCB; - void* pPassword = pass.empty() ? (void*)0 : (void*)pass.c_str(); - if (readFunc(pFile, &pKey, pCB, pPassword)) - { - fclose(pFile); pFile = 0; - if(getFunc) - { - *ppKey = (K*)getFunc(pKey); - EVP_PKEY_free(pKey); - } - else - { - poco_assert_dbg (typeid(K*) == typeid(EVP_PKEY*)); - *ppKey = (K*)pKey; - } - if(!*ppKey) goto error; - return true; - } - goto error; - } - else - { - if (getFunc) EVP_PKEY_free(pKey); - throw IOException("ECKeyImpl, cannot open file", keyFile); - } - } - else goto error; - } - return false; + FILE * pFile = 0; + if (!keyFile.empty()) + { + if (!getFunc) + *ppKey = (K *)EVP_PKEY_new(); + EVP_PKEY * pKey = getFunc ? EVP_PKEY_new() : (EVP_PKEY *)*ppKey; + if (pKey) + { + pFile = fopen(keyFile.c_str(), "r"); + if (pFile) + { + pem_password_cb * pCB = pass.empty() ? (pem_password_cb *)0 : &passCB; + void * pPassword = pass.empty() ? (void *)0 : (void *)pass.c_str(); + if (readFunc(pFile, &pKey, pCB, pPassword)) + { + fclose(pFile); + pFile = 0; + if (getFunc) + { + *ppKey = (K *)getFunc(pKey); + EVP_PKEY_free(pKey); + } + else + { + poco_assert_dbg(typeid(K *) == typeid(EVP_PKEY *)); + *ppKey = (K *)pKey; + } + if (!*ppKey) + goto error; + return true; + } + goto error; + } + else + { + if (getFunc) + EVP_PKEY_free(pKey); + throw IOException("ECKeyImpl, cannot open file", keyFile); + } + } + else + goto error; + } + return false; - error: - if (pFile) fclose(pFile); - throw OpenSSLException("EVPKey::loadKey(string)"); - } + error: + if (pFile) + fclose(pFile); + throw OpenSSLException("EVPKey::loadKey(string)"); + } - template - static bool loadKey(K** ppKey, - PEM_read_BIO_Key_fn readFunc, - F getFunc, - std::istream* pIstr, - const std::string& pass = "") - { - poco_assert_dbg (((typeid(K*) == typeid(RSA*) || typeid(K*) == typeid(EC_KEY*)) && getFunc) || - ((typeid(K*) == typeid(EVP_PKEY*)) && !getFunc)); - poco_check_ptr(ppKey); - poco_assert_dbg(!*ppKey); + template + static bool loadKey(K ** ppKey, PEM_read_BIO_Key_fn readFunc, F getFunc, std::istream * pIstr, const std::string & pass = "") + { + poco_assert_dbg( + ((typeid(K *) == typeid(RSA *) || typeid(K *) == typeid(EC_KEY *)) && getFunc) + || ((typeid(K *) == typeid(EVP_PKEY *)) && !getFunc)); + poco_check_ptr(ppKey); + poco_assert_dbg(!*ppKey); - BIO* pBIO = 0; - if (pIstr) - { - std::ostringstream ostr; - Poco::StreamCopier::copyStream(*pIstr, ostr); - std::string key = ostr.str(); - pBIO = BIO_new_mem_buf(const_cast(key.data()), static_cast(key.size())); - if (pBIO) - { - if (!getFunc) *ppKey = (K*)EVP_PKEY_new(); - EVP_PKEY* pKey = getFunc ? EVP_PKEY_new() : (EVP_PKEY*)*ppKey; - if (pKey) - { - pem_password_cb* pCB = pass.empty() ? (pem_password_cb*)0 : &passCB; - void* pPassword = pass.empty() ? (void*)0 : (void*)pass.c_str(); - if (readFunc(pBIO, &pKey, pCB, pPassword)) - { - BIO_free(pBIO); pBIO = 0; - if (getFunc) - { - *ppKey = (K*)getFunc(pKey); - EVP_PKEY_free(pKey); - } - else - { - poco_assert_dbg (typeid(K*) == typeid(EVP_PKEY*)); - *ppKey = (K*)pKey; - } - if (!*ppKey) goto error; - return true; - } - if (getFunc) EVP_PKEY_free(pKey); - goto error; - } - else goto error; - } - else goto error; - } - return false; + BIO * pBIO = 0; + if (pIstr) + { + std::ostringstream ostr; + Poco::StreamCopier::copyStream(*pIstr, ostr); + std::string key = ostr.str(); + pBIO = BIO_new_mem_buf(const_cast(key.data()), static_cast(key.size())); + if (pBIO) + { + if (!getFunc) + *ppKey = (K *)EVP_PKEY_new(); + EVP_PKEY * pKey = getFunc ? EVP_PKEY_new() : (EVP_PKEY *)*ppKey; + if (pKey) + { + pem_password_cb * pCB = pass.empty() ? (pem_password_cb *)0 : &passCB; + void * pPassword = pass.empty() ? (void *)0 : (void *)pass.c_str(); + if (readFunc(pBIO, &pKey, pCB, pPassword)) + { + BIO_free(pBIO); + pBIO = 0; + if (getFunc) + { + *ppKey = (K *)getFunc(pKey); + EVP_PKEY_free(pKey); + } + else + { + poco_assert_dbg(typeid(K *) == typeid(EVP_PKEY *)); + *ppKey = (K *)pKey; + } + if (!*ppKey) + goto error; + return true; + } + if (getFunc) + EVP_PKEY_free(pKey); + goto error; + } + else + goto error; + } + else + goto error; + } + return false; - error: - if (pBIO) BIO_free(pBIO); - throw OpenSSLException("EVPKey::loadKey(stream)"); - } + error: + if (pBIO) + BIO_free(pBIO); + throw OpenSSLException("EVPKey::loadKey(stream)"); + } - EVP_PKEY* _pEVPPKey; + EVP_PKEY * _pEVPPKey; - friend class ECKeyImpl; - friend class RSAKeyImpl; -}; + friend class ECKeyImpl; + friend class RSAKeyImpl; + }; -// -// inlines -// + // + // inlines + // + + + inline bool EVPPKey::operator==(const EVPPKey & other) const + { + poco_check_ptr(other._pEVPPKey); + poco_check_ptr(_pEVPPKey); + return (1 == EVP_PKEY_cmp(_pEVPPKey, other._pEVPPKey)); + } + + + inline bool EVPPKey::operator!=(const EVPPKey & other) const + { + return !(other == *this); + } + + + inline int EVPPKey::type(const EVP_PKEY * pEVPPKey) + { + if (!pEVPPKey) + return NID_undef; + + return EVP_PKEY_type(EVP_PKEY_id(pEVPPKey)); + } + + + inline int EVPPKey::type() const + { + return type(_pEVPPKey); + } + + + inline bool EVPPKey::isSupported(int type) const + { + return type == EVP_PKEY_EC || type == EVP_PKEY_RSA; + } + + + inline EVPPKey::operator const EVP_PKEY *() const + { + return _pEVPPKey; + } + + + inline EVPPKey::operator EVP_PKEY *() + { + return _pEVPPKey; + } + + + inline void EVPPKey::setKey(EC_KEY * pKey) + { + if (!EVP_PKEY_set1_EC_KEY(_pEVPPKey, pKey)) + throw OpenSSLException(); + } + + + inline void EVPPKey::setKey(RSA * pKey) + { + if (!EVP_PKEY_set1_RSA(_pEVPPKey, pKey)) + throw OpenSSLException(); + } -inline bool EVPPKey::operator == (const EVPPKey& other) const -{ - poco_check_ptr (other._pEVPPKey); - poco_check_ptr (_pEVPPKey); - return (1 == EVP_PKEY_cmp(_pEVPPKey, other._pEVPPKey)); } - - -inline bool EVPPKey::operator != (const EVPPKey& other) const -{ - return !(other == *this); -} - - -inline int EVPPKey::type(const EVP_PKEY* pEVPPKey) -{ - if (!pEVPPKey) return NID_undef; - - return EVP_PKEY_type(EVP_PKEY_id(pEVPPKey)); -} - - -inline int EVPPKey::type() const -{ - return type(_pEVPPKey); -} - - -inline bool EVPPKey::isSupported(int type) const -{ - return type == EVP_PKEY_EC || type == EVP_PKEY_RSA; -} - - -inline EVPPKey::operator const EVP_PKEY*() const -{ - return _pEVPPKey; -} - - -inline EVPPKey::operator EVP_PKEY*() -{ - return _pEVPPKey; -} - - -inline void EVPPKey::setKey(EC_KEY* pKey) -{ - if (!EVP_PKEY_set1_EC_KEY(_pEVPPKey, pKey)) - throw OpenSSLException(); -} - - -inline void EVPPKey::setKey(RSA* pKey) -{ - if (!EVP_PKEY_set1_RSA(_pEVPPKey, pKey)) - throw OpenSSLException(); -} - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_EVPPKeyImpl_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/KeyPair.h b/base/poco/Crypto/include/Poco/Crypto/KeyPair.h index b9a705f8f1b..36adbec6a4d 100644 --- a/base/poco/Crypto/include/Poco/Crypto/KeyPair.h +++ b/base/poco/Crypto/include/Poco/Crypto/KeyPair.h @@ -23,111 +23,114 @@ #include "Poco/Crypto/KeyPairImpl.h" -namespace Poco { -namespace Crypto { - - -class X509Certificate; - - -class Crypto_API KeyPair - /// This is a parent class for classes storing a key pair, consisting - /// of private and public key. Storage of the private key is optional. - /// - /// If a private key is available, the KeyPair can be - /// used for decrypting data (encrypted with the public key) - /// or computing secure digital signatures. +namespace Poco { -public: - enum Type - { - KT_RSA = KeyPairImpl::KT_RSA_IMPL, - KT_EC = KeyPairImpl::KT_EC_IMPL - }; - - explicit KeyPair(KeyPairImpl::Ptr pKeyPairImpl = 0); - /// Extracts the RSA public key from the given certificate. - - virtual ~KeyPair(); - /// Destroys the KeyPair. - - virtual int size() const; - /// Returns the RSA modulus size. - - virtual void save(const std::string& publicKeyPairFile, - const std::string& privateKeyPairFile = "", - const std::string& privateKeyPairPassphrase = "") const; - /// Exports the public and private keys to the given files. - /// - /// If an empty filename is specified, the corresponding key - /// is not exported. - - virtual void save(std::ostream* pPublicKeyPairStream, - std::ostream* pPrivateKeyPairStream = 0, - const std::string& privateKeyPairPassphrase = "") const; - /// Exports the public and private key to the given streams. - /// - /// If a null pointer is passed for a stream, the corresponding - /// key is not exported. - - KeyPairImpl::Ptr impl() const; - /// Returns the impl object. - - const std::string& name() const; - /// Returns key pair name - - Type type() const; - /// Returns key pair type - -private: - KeyPairImpl::Ptr _pImpl; -}; - - -// -// inlines -// - -inline int KeyPair::size() const +namespace Crypto { - return _pImpl->size(); + + + class X509Certificate; + + + class Crypto_API KeyPair + /// This is a parent class for classes storing a key pair, consisting + /// of private and public key. Storage of the private key is optional. + /// + /// If a private key is available, the KeyPair can be + /// used for decrypting data (encrypted with the public key) + /// or computing secure digital signatures. + { + public: + enum Type + { + KT_RSA = KeyPairImpl::KT_RSA_IMPL, + KT_EC = KeyPairImpl::KT_EC_IMPL + }; + + explicit KeyPair(KeyPairImpl::Ptr pKeyPairImpl = 0); + /// Extracts the RSA public key from the given certificate. + + virtual ~KeyPair(); + /// Destroys the KeyPair. + + virtual int size() const; + /// Returns the RSA modulus size. + + virtual void save( + const std::string & publicKeyPairFile, + const std::string & privateKeyPairFile = "", + const std::string & privateKeyPairPassphrase = "") const; + /// Exports the public and private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + virtual void save( + std::ostream * pPublicKeyPairStream, + std::ostream * pPrivateKeyPairStream = 0, + const std::string & privateKeyPairPassphrase = "") const; + /// Exports the public and private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + + KeyPairImpl::Ptr impl() const; + /// Returns the impl object. + + const std::string & name() const; + /// Returns key pair name + + Type type() const; + /// Returns key pair type + + private: + KeyPairImpl::Ptr _pImpl; + }; + + + // + // inlines + // + + inline int KeyPair::size() const + { + return _pImpl->size(); + } + + + inline void + KeyPair::save(const std::string & publicKeyFile, const std::string & privateKeyFile, const std::string & privateKeyPassphrase) const + { + _pImpl->save(publicKeyFile, privateKeyFile, privateKeyPassphrase); + } + + + inline void + KeyPair::save(std::ostream * pPublicKeyStream, std::ostream * pPrivateKeyStream, const std::string & privateKeyPassphrase) const + { + _pImpl->save(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase); + } + + + inline const std::string & KeyPair::name() const + { + return _pImpl->name(); + } + + inline KeyPairImpl::Ptr KeyPair::impl() const + { + return _pImpl; + } + + + inline KeyPair::Type KeyPair::type() const + { + return (KeyPair::Type)impl()->type(); + } + + } - - -inline void KeyPair::save(const std::string& publicKeyFile, - const std::string& privateKeyFile, - const std::string& privateKeyPassphrase) const -{ - _pImpl->save(publicKeyFile, privateKeyFile, privateKeyPassphrase); -} - - -inline void KeyPair::save(std::ostream* pPublicKeyStream, - std::ostream* pPrivateKeyStream, - const std::string& privateKeyPassphrase) const -{ - _pImpl->save(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase); -} - - -inline const std::string& KeyPair::name() const -{ - return _pImpl->name(); -} - -inline KeyPairImpl::Ptr KeyPair::impl() const -{ - return _pImpl; -} - - -inline KeyPair::Type KeyPair::type() const -{ - return (KeyPair::Type)impl()->type(); -} - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_KeyPair_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/KeyPairImpl.h b/base/poco/Crypto/include/Poco/Crypto/KeyPairImpl.h index e6320df044b..155efd20b9c 100644 --- a/base/poco/Crypto/include/Poco/Crypto/KeyPairImpl.h +++ b/base/poco/Crypto/include/Poco/Crypto/KeyPairImpl.h @@ -19,89 +19,92 @@ #define Crypto_KeyPairImplImpl_INCLUDED +#include +#include +#include "Poco/AutoPtr.h" #include "Poco/Crypto/Crypto.h" #include "Poco/Crypto/OpenSSLInitializer.h" #include "Poco/RefCountedObject.h" -#include "Poco/AutoPtr.h" -#include -#include -namespace Poco { -namespace Crypto { - - -class KeyPairImpl: public Poco::RefCountedObject - /// Class KeyPairImpl +namespace Poco { -public: - enum Type - { - KT_RSA_IMPL = 0, - KT_EC_IMPL - }; - - typedef Poco::AutoPtr Ptr; - typedef std::vector ByteVec; - - KeyPairImpl(const std::string& name, Type type); - /// Create KeyPairImpl with specified type and name. - - virtual ~KeyPairImpl(); - /// Destroys the KeyPairImpl. - - virtual int size() const = 0; - /// Returns the key size. - - virtual void save(const std::string& publicKeyFile, - const std::string& privateKeyFile = "", - const std::string& privateKeyPassphrase = "") const = 0; - /// Exports the public and private keys to the given files. - /// - /// If an empty filename is specified, the corresponding key - /// is not exported. - - virtual void save(std::ostream* pPublicKeyStream, - std::ostream* pPrivateKeyStream = 0, - const std::string& privateKeyPassphrase = "") const = 0; - /// Exports the public and private key to the given streams. - /// - /// If a null pointer is passed for a stream, the corresponding - /// key is not exported. - - const std::string& name() const; - /// Returns key pair name - - Type type() const; - /// Returns key pair type - -private: - KeyPairImpl(); - - std::string _name; - Type _type; - OpenSSLInitializer _openSSLInitializer; -}; - - -// -// inlines -// - - -inline const std::string& KeyPairImpl::name() const +namespace Crypto { - return _name; + + + class KeyPairImpl : public Poco::RefCountedObject + /// Class KeyPairImpl + { + public: + enum Type + { + KT_RSA_IMPL = 0, + KT_EC_IMPL + }; + + typedef Poco::AutoPtr Ptr; + typedef std::vector ByteVec; + + KeyPairImpl(const std::string & name, Type type); + /// Create KeyPairImpl with specified type and name. + + virtual ~KeyPairImpl(); + /// Destroys the KeyPairImpl. + + virtual int size() const = 0; + /// Returns the key size. + + virtual void save( + const std::string & publicKeyFile, + const std::string & privateKeyFile = "", + const std::string & privateKeyPassphrase = "") const = 0; + /// Exports the public and private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + virtual void save( + std::ostream * pPublicKeyStream, std::ostream * pPrivateKeyStream = 0, const std::string & privateKeyPassphrase = "") const = 0; + /// Exports the public and private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + + const std::string & name() const; + /// Returns key pair name + + Type type() const; + /// Returns key pair type + + private: + KeyPairImpl(); + + std::string _name; + Type _type; + OpenSSLInitializer _openSSLInitializer; + }; + + + // + // inlines + // + + + inline const std::string & KeyPairImpl::name() const + { + return _name; + } + + + inline KeyPairImpl::Type KeyPairImpl::type() const + { + return _type; + } + + } - - -inline KeyPairImpl::Type KeyPairImpl::type() const -{ - return _type; -} - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_KeyPairImplImpl_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/OpenSSLInitializer.h b/base/poco/Crypto/include/Poco/Crypto/OpenSSLInitializer.h index ce822a69710..147cfaeefca 100644 --- a/base/poco/Crypto/include/Poco/Crypto/OpenSSLInitializer.h +++ b/base/poco/Crypto/include/Poco/Crypto/OpenSSLInitializer.h @@ -18,98 +18,100 @@ #define Crypto_OpenSSLInitializer_INCLUDED +#include +#include "Poco/AtomicCounter.h" #include "Poco/Crypto/Crypto.h" #include "Poco/Mutex.h" -#include "Poco/AtomicCounter.h" -#include #if defined(OPENSSL_FIPS) && OPENSSL_VERSION_NUMBER < 0x010001000L -#include +# include #endif -extern "C" +extern "C" { +struct CRYPTO_dynlock_value { - struct CRYPTO_dynlock_value - { - Poco::FastMutex _mutex; - }; -} - - -namespace Poco { -namespace Crypto { - - -class Crypto_API OpenSSLInitializer - /// Initializes the OpenSSL library. - /// - /// The class ensures the earliest initialization and the - /// latest shutdown of the OpenSSL library. -{ -public: - OpenSSLInitializer(); - /// Automatically initialize OpenSSL on startup. - - ~OpenSSLInitializer(); - /// Automatically shut down OpenSSL on exit. - - static void initialize(); - /// Initializes the OpenSSL machinery. - - static void uninitialize(); - /// Shuts down the OpenSSL machinery. - - static bool isFIPSEnabled(); - // Returns true if FIPS mode is enabled, false otherwise. - - static void enableFIPSMode(bool enabled); - // Enable or disable FIPS mode. If FIPS is not available, this method doesn't do anything. - -protected: - enum - { - SEEDSIZE = 256 - }; - - // OpenSSL multithreading support - static void lock(int mode, int n, const char* file, int line); - static unsigned long id(); - static struct CRYPTO_dynlock_value* dynlockCreate(const char* file, int line); - static void dynlock(int mode, struct CRYPTO_dynlock_value* lock, const char* file, int line); - static void dynlockDestroy(struct CRYPTO_dynlock_value* lock, const char* file, int line); - -private: - static Poco::FastMutex* _mutexes; - static Poco::AtomicCounter _rc; + Poco::FastMutex _mutex; }; +} -// -// inlines -// -inline bool OpenSSLInitializer::isFIPSEnabled() +namespace Poco { +namespace Crypto +{ + + + class Crypto_API OpenSSLInitializer + /// Initializes the OpenSSL library. + /// + /// The class ensures the earliest initialization and the + /// latest shutdown of the OpenSSL library. + { + public: + OpenSSLInitializer(); + /// Automatically initialize OpenSSL on startup. + + ~OpenSSLInitializer(); + /// Automatically shut down OpenSSL on exit. + + static void initialize(); + /// Initializes the OpenSSL machinery. + + static void uninitialize(); + /// Shuts down the OpenSSL machinery. + + static bool isFIPSEnabled(); + // Returns true if FIPS mode is enabled, false otherwise. + + static void enableFIPSMode(bool enabled); + // Enable or disable FIPS mode. If FIPS is not available, this method doesn't do anything. + + protected: + enum + { + SEEDSIZE = 256 + }; + + // OpenSSL multithreading support + static void lock(int mode, int n, const char * file, int line); + static unsigned long id(); + static struct CRYPTO_dynlock_value * dynlockCreate(const char * file, int line); + static void dynlock(int mode, struct CRYPTO_dynlock_value * lock, const char * file, int line); + static void dynlockDestroy(struct CRYPTO_dynlock_value * lock, const char * file, int line); + + private: + static Poco::FastMutex * _mutexes; + static Poco::AtomicCounter _rc; + }; + + + // + // inlines + // + inline bool OpenSSLInitializer::isFIPSEnabled() + { #ifdef OPENSSL_FIPS - return FIPS_mode() ? true : false; + return FIPS_mode() ? true : false; #else - return false; + return false; #endif -} + } #ifdef OPENSSL_FIPS -inline void OpenSSLInitializer::enableFIPSMode(bool enabled) -{ - FIPS_mode_set(enabled); -} + inline void OpenSSLInitializer::enableFIPSMode(bool enabled) + { + FIPS_mode_set(enabled); + } #else -inline void OpenSSLInitializer::enableFIPSMode(bool /*enabled*/) -{ -} + inline void OpenSSLInitializer::enableFIPSMode(bool /*enabled*/) + { + } #endif -} } // namespace Poco::Crypto +} +} // namespace Poco::Crypto #endif // Crypto_OpenSSLInitializer_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/PKCS12Container.h b/base/poco/Crypto/include/Poco/Crypto/PKCS12Container.h index 63cc224d8cc..40baa496827 100644 --- a/base/poco/Crypto/include/Poco/Crypto/PKCS12Container.h +++ b/base/poco/Crypto/include/Poco/Crypto/PKCS12Container.h @@ -18,142 +18,145 @@ #define Crypto_PKCS12Container_INCLUDED +#include +#include +#include #include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/EVPPKey.h" #include "Poco/Crypto/OpenSSLInitializer.h" #include "Poco/Crypto/X509Certificate.h" -#include "Poco/Crypto/EVPPKey.h" #include "Poco/Path.h" -#include -#include -#include -namespace Poco { -namespace Crypto { - - -class Crypto_API PKCS12Container - /// This class implements PKCS#12 container functionality. +namespace Poco +{ +namespace Crypto { -public: - typedef X509Certificate::List CAList; - typedef std::vector CANameList; - explicit PKCS12Container(std::istream& istr, const std::string& password = ""); - /// Creates the PKCS12Container object from a stream. - explicit PKCS12Container(const std::string& path, const std::string& password = ""); - /// Creates the PKCS12Container object from a file. + class Crypto_API PKCS12Container + /// This class implements PKCS#12 container functionality. + { + public: + typedef X509Certificate::List CAList; + typedef std::vector CANameList; - PKCS12Container(const PKCS12Container& cont); - /// Copy constructor. + explicit PKCS12Container(std::istream & istr, const std::string & password = ""); + /// Creates the PKCS12Container object from a stream. - PKCS12Container& operator = (const PKCS12Container& cont); - /// Assignment operator. + explicit PKCS12Container(const std::string & path, const std::string & password = ""); + /// Creates the PKCS12Container object from a file. + + PKCS12Container(const PKCS12Container & cont); + /// Copy constructor. + + PKCS12Container & operator=(const PKCS12Container & cont); + /// Assignment operator. #ifdef POCO_ENABLE_CPP11 - PKCS12Container(PKCS12Container&& cont); - /// Move constructor. + PKCS12Container(PKCS12Container && cont); + /// Move constructor. - PKCS12Container& operator = (PKCS12Container&& cont); - /// Move assignment operator. + PKCS12Container & operator=(PKCS12Container && cont); + /// Move assignment operator. #endif // POCO_ENABLE_CPP11 - ~PKCS12Container(); - /// Destroys the PKCS12Container. + ~PKCS12Container(); + /// Destroys the PKCS12Container. - bool hasKey() const; - /// Returns true if container contains the key. + bool hasKey() const; + /// Returns true if container contains the key. - EVPPKey getKey() const; - /// Return key as openssl EVP_PKEY wrapper object. + EVPPKey getKey() const; + /// Return key as openssl EVP_PKEY wrapper object. - bool hasX509Certificate() const; - /// Returns true if container has X509 certificate. + bool hasX509Certificate() const; + /// Returns true if container has X509 certificate. - const X509Certificate& getX509Certificate() const; - /// Returns the X509 certificate. - /// Throws NotFoundException if there is no certificate. + const X509Certificate & getX509Certificate() const; + /// Returns the X509 certificate. + /// Throws NotFoundException if there is no certificate. - const CAList& getCACerts() const; - /// Returns the list of CA certificates in this container. + const CAList & getCACerts() const; + /// Returns the list of CA certificates in this container. - const std::string& getFriendlyName() const; - /// Returns the friendly name of the certificate bag. + const std::string & getFriendlyName() const; + /// Returns the friendly name of the certificate bag. - const CANameList& getFriendlyNamesCA() const; - /// Returns a list of CA certificates friendly names. + const CANameList & getFriendlyNamesCA() const; + /// Returns a list of CA certificates friendly names. -private: - void load(PKCS12* pPKCS12, const std::string& password = ""); - std::string extractFriendlyName(X509* pCert); + private: + void load(PKCS12 * pPKCS12, const std::string & password = ""); + std::string extractFriendlyName(X509 * pCert); #ifdef POCO_ENABLE_CPP11 - typedef std::unique_ptr CertPtr; + typedef std::unique_ptr CertPtr; #else - typedef std::auto_ptr CertPtr; + typedef std::auto_ptr CertPtr; #endif // #ifdef POCO_ENABLE_CPP11 - OpenSSLInitializer _openSSLInitializer; - EVP_PKEY* _pKey; - CertPtr _pX509Cert; - CAList _caCertList; - CANameList _caCertNames; - std::string _pkcsFriendlyName; -}; + OpenSSLInitializer _openSSLInitializer; + EVP_PKEY * _pKey; + CertPtr _pX509Cert; + CAList _caCertList; + CANameList _caCertNames; + std::string _pkcsFriendlyName; + }; -// -// inlines -// + // + // inlines + // + + inline bool PKCS12Container::hasX509Certificate() const + { + return _pX509Cert.get() != 0; + } + + + inline const X509Certificate & PKCS12Container::getX509Certificate() const + { + if (!hasX509Certificate()) + throw NotFoundException("PKCS12Container X509 certificate"); + return *_pX509Cert; + } + + + inline const std::string & PKCS12Container::getFriendlyName() const + { + return _pkcsFriendlyName; + } + + + inline const PKCS12Container::CAList & PKCS12Container::getCACerts() const + { + return _caCertList; + } + + + inline const PKCS12Container::CANameList & PKCS12Container::getFriendlyNamesCA() const + { + return _caCertNames; + } + + + inline bool PKCS12Container::hasKey() const + { + return _pKey != 0; + } + + + inline EVPPKey PKCS12Container::getKey() const + { + return EVPPKey(_pKey); + } + -inline bool PKCS12Container::hasX509Certificate() const -{ - return _pX509Cert.get() != 0; } - - -inline const X509Certificate& PKCS12Container::getX509Certificate() const -{ - if (!hasX509Certificate()) - throw NotFoundException("PKCS12Container X509 certificate"); - return *_pX509Cert; -} - - -inline const std::string& PKCS12Container::getFriendlyName() const -{ - return _pkcsFriendlyName; -} - - -inline const PKCS12Container::CAList& PKCS12Container::getCACerts() const -{ - return _caCertList; -} - - -inline const PKCS12Container::CANameList& PKCS12Container::getFriendlyNamesCA() const -{ - return _caCertNames; -} - - -inline bool PKCS12Container::hasKey() const -{ - return _pKey != 0; -} - - -inline EVPPKey PKCS12Container::getKey() const -{ - return EVPPKey(_pKey); -} - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_PKCS12Container_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/RSACipherImpl.h b/base/poco/Crypto/include/Poco/Crypto/RSACipherImpl.h index 2ebc38e3b55..c0920b4099a 100644 --- a/base/poco/Crypto/include/Poco/Crypto/RSACipherImpl.h +++ b/base/poco/Crypto/include/Poco/Crypto/RSACipherImpl.h @@ -18,60 +18,63 @@ #define Crypto_RSACipherImpl_INCLUDED -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/Cipher.h" -#include "Poco/Crypto/RSAKey.h" -#include "Poco/Crypto/OpenSSLInitializer.h" #include +#include "Poco/Crypto/Cipher.h" +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/Crypto/RSAKey.h" -namespace Poco { -namespace Crypto { - - -class RSACipherImpl: public Cipher - /// An implementation of the Cipher class for - /// asymmetric (public-private key) encryption - /// based on the the RSA algorithm in OpenSSL's - /// crypto library. - /// - /// Encryption is using the public key, decryption - /// requires the private key. +namespace Poco { -public: - RSACipherImpl(const RSAKey& key, RSAPaddingMode paddingMode); - /// Creates a new RSACipherImpl object for the given RSAKey - /// and using the given padding mode. - - virtual ~RSACipherImpl(); - /// Destroys the RSACipherImpl. - - const std::string& name() const; - /// Returns the name of the Cipher. - - CryptoTransform* createEncryptor(); - /// Creates an encryptor object. - - CryptoTransform* createDecryptor(); - /// Creates a decryptor object. - -private: - RSAKey _key; - RSAPaddingMode _paddingMode; - OpenSSLInitializer _openSSLInitializer; -}; - - -// -// Inlines -// -inline const std::string& RSACipherImpl::name() const +namespace Crypto { - return _key.name(); + + + class RSACipherImpl : public Cipher + /// An implementation of the Cipher class for + /// asymmetric (public-private key) encryption + /// based on the the RSA algorithm in OpenSSL's + /// crypto library. + /// + /// Encryption is using the public key, decryption + /// requires the private key. + { + public: + RSACipherImpl(const RSAKey & key, RSAPaddingMode paddingMode); + /// Creates a new RSACipherImpl object for the given RSAKey + /// and using the given padding mode. + + virtual ~RSACipherImpl(); + /// Destroys the RSACipherImpl. + + const std::string & name() const; + /// Returns the name of the Cipher. + + CryptoTransform * createEncryptor(); + /// Creates an encryptor object. + + CryptoTransform * createDecryptor(); + /// Creates a decryptor object. + + private: + RSAKey _key; + RSAPaddingMode _paddingMode; + OpenSSLInitializer _openSSLInitializer; + }; + + + // + // Inlines + // + inline const std::string & RSACipherImpl::name() const + { + return _key.name(); + } + + } - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_RSACipherImpl_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/RSADigestEngine.h b/base/poco/Crypto/include/Poco/Crypto/RSADigestEngine.h index 7c4d3860508..980fae1f0f0 100644 --- a/base/poco/Crypto/include/Poco/Crypto/RSADigestEngine.h +++ b/base/poco/Crypto/include/Poco/Crypto/RSADigestEngine.h @@ -18,94 +18,97 @@ #define Crypto_RSADigestEngine_INCLUDED -#include "Poco/Crypto/Crypto.h" -#include "Poco/Crypto/RSAKey.h" -#include "Poco/DigestEngine.h" -#include "Poco/Crypto/DigestEngine.h" #include #include +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/DigestEngine.h" +#include "Poco/Crypto/RSAKey.h" +#include "Poco/DigestEngine.h" -namespace Poco { -namespace Crypto { - - -class Crypto_API RSADigestEngine: public Poco::DigestEngine - /// This class implements a Poco::DigestEngine that can be - /// used to compute a secure digital signature. - /// - /// First another Poco::Crypto::DigestEngine is created and - /// used to compute a cryptographic hash of the data to be - /// signed. Then, the hash value is encrypted, using - /// the RSA private key. - /// - /// To verify a signature, pass it to the verify() - /// member function. It will decrypt the signature - /// using the RSA public key and compare the resulting - /// hash with the actual hash of the data. +namespace Poco +{ +namespace Crypto { -public: - enum DigestType - { - DIGEST_MD5, - DIGEST_SHA1 - }; - - //@ deprecated - RSADigestEngine(const RSAKey& key, DigestType digestType = DIGEST_SHA1); - /// Creates the RSADigestEngine with the given RSA key, - /// using the MD5 or SHA-1 hash algorithm. - /// Kept for backward compatibility - - RSADigestEngine(const RSAKey& key, const std::string &name); - /// Creates the RSADigestEngine with the given RSA key, - /// using the hash algorithm with the given name - /// (e.g., "MD5", "SHA1", "SHA256", "SHA512", etc.). - /// See the OpenSSL documentation for a list of supported digest algorithms. - /// - /// Throws a Poco::NotFoundException if no algorithm with the given name exists. - - ~RSADigestEngine(); - /// Destroys the RSADigestEngine. - - std::size_t digestLength() const; - /// Returns the length of the digest in bytes. - - void reset(); - /// Resets the engine so that a new - /// digest can be computed. - - const DigestEngine::Digest& digest(); - /// Finishes the computation of the digest - /// (the first time it's called) and - /// returns the message digest. - /// - /// Can be called multiple times. - - const DigestEngine::Digest& signature(); - /// Signs the digest using the RSA algorithm - /// and the private key (the first time it's - /// called) and returns the result. - /// - /// Can be called multiple times. - - bool verify(const DigestEngine::Digest& signature); - /// Verifies the data against the signature. - /// - /// Returns true if the signature can be verified, false otherwise. - -protected: - void updateImpl(const void* data, std::size_t length); - -private: - RSAKey _key; - Poco::Crypto::DigestEngine _engine; - Poco::DigestEngine::Digest _digest; - Poco::DigestEngine::Digest _signature; -}; -} } // namespace Poco::Crypto + class Crypto_API RSADigestEngine : public Poco::DigestEngine + /// This class implements a Poco::DigestEngine that can be + /// used to compute a secure digital signature. + /// + /// First another Poco::Crypto::DigestEngine is created and + /// used to compute a cryptographic hash of the data to be + /// signed. Then, the hash value is encrypted, using + /// the RSA private key. + /// + /// To verify a signature, pass it to the verify() + /// member function. It will decrypt the signature + /// using the RSA public key and compare the resulting + /// hash with the actual hash of the data. + { + public: + enum DigestType + { + DIGEST_MD5, + DIGEST_SHA1 + }; + + //@ deprecated + RSADigestEngine(const RSAKey & key, DigestType digestType = DIGEST_SHA1); + /// Creates the RSADigestEngine with the given RSA key, + /// using the MD5 or SHA-1 hash algorithm. + /// Kept for backward compatibility + + RSADigestEngine(const RSAKey & key, const std::string & name); + /// Creates the RSADigestEngine with the given RSA key, + /// using the hash algorithm with the given name + /// (e.g., "MD5", "SHA1", "SHA256", "SHA512", etc.). + /// See the OpenSSL documentation for a list of supported digest algorithms. + /// + /// Throws a Poco::NotFoundException if no algorithm with the given name exists. + + ~RSADigestEngine(); + /// Destroys the RSADigestEngine. + + std::size_t digestLength() const; + /// Returns the length of the digest in bytes. + + void reset(); + /// Resets the engine so that a new + /// digest can be computed. + + const DigestEngine::Digest & digest(); + /// Finishes the computation of the digest + /// (the first time it's called) and + /// returns the message digest. + /// + /// Can be called multiple times. + + const DigestEngine::Digest & signature(); + /// Signs the digest using the RSA algorithm + /// and the private key (the first time it's + /// called) and returns the result. + /// + /// Can be called multiple times. + + bool verify(const DigestEngine::Digest & signature); + /// Verifies the data against the signature. + /// + /// Returns true if the signature can be verified, false otherwise. + + protected: + void updateImpl(const void * data, std::size_t length); + + private: + RSAKey _key; + Poco::Crypto::DigestEngine _engine; + Poco::DigestEngine::Digest _digest; + Poco::DigestEngine::Digest _signature; + }; + + +} +} // namespace Poco::Crypto #endif // Crypto_RSADigestEngine_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/RSAKey.h b/base/poco/Crypto/include/Poco/Crypto/RSAKey.h index ad9163ed42f..47a01e15746 100644 --- a/base/poco/Crypto/include/Poco/Crypto/RSAKey.h +++ b/base/poco/Crypto/include/Poco/Crypto/RSAKey.h @@ -23,103 +23,102 @@ #include "Poco/Crypto/RSAKeyImpl.h" -namespace Poco { -namespace Crypto { - - -class X509Certificate; -class PKCS12Container; - - -class Crypto_API RSAKey : public KeyPair - /// This class stores an RSA key pair, consisting - /// of private and public key. Storage of the private - /// key is optional. - /// - /// If a private key is available, the RSAKey can be - /// used for decrypting data (encrypted with the public key) - /// or computing secure digital signatures. +namespace Poco { -public: - enum KeyLength - { - KL_512 = 512, - KL_1024 = 1024, - KL_2048 = 2048, - KL_4096 = 4096 - }; - - enum Exponent - { - EXP_SMALL = 0, - EXP_LARGE - }; - - RSAKey(const EVPPKey& key); - /// Constructs ECKeyImpl by extracting the EC key. - - RSAKey(const X509Certificate& cert); - /// Extracts the RSA public key from the given certificate. - - RSAKey(const PKCS12Container& cert); - /// Extracts the RSA private key from the given certificate. - - RSAKey(KeyLength keyLength, Exponent exp); - /// Creates the RSAKey. Creates a new public/private keypair using the given parameters. - /// Can be used to sign data and verify signatures. - - RSAKey(const std::string& publicKeyFile, - const std::string& privateKeyFile = "", - const std::string& privateKeyPassphrase = ""); - /// Creates the RSAKey, by reading public and private key from the given files and - /// using the given passphrase for the private key. - /// - /// Cannot be used for signing or decryption unless a private key is available. - /// - /// If a private key is specified, you don't need to specify a public key file. - /// OpenSSL will auto-create the public key from the private key. - - RSAKey(std::istream* pPublicKeyStream, - std::istream* pPrivateKeyStream = 0, - const std::string& privateKeyPassphrase = ""); - /// Creates the RSAKey, by reading public and private key from the given streams and - /// using the given passphrase for the private key. - /// - /// Cannot be used for signing or decryption unless a private key is available. - /// - /// If a private key is specified, you don't need to specify a public key file. - /// OpenSSL will auto-create the public key from the private key. - - ~RSAKey(); - /// Destroys the RSAKey. - - RSAKeyImpl::ByteVec modulus() const; - /// Returns the RSA modulus. - - RSAKeyImpl::ByteVec encryptionExponent() const; - /// Returns the RSA encryption exponent. - - RSAKeyImpl::ByteVec decryptionExponent() const; - /// Returns the RSA decryption exponent. - - RSAKeyImpl::Ptr impl() const; - /// Returns the impl object. - -private: - RSAKeyImpl::Ptr _pImpl; -}; - - -// -// inlines -// -inline RSAKeyImpl::Ptr RSAKey::impl() const +namespace Crypto { - return _pImpl; + + + class X509Certificate; + class PKCS12Container; + + + class Crypto_API RSAKey : public KeyPair + /// This class stores an RSA key pair, consisting + /// of private and public key. Storage of the private + /// key is optional. + /// + /// If a private key is available, the RSAKey can be + /// used for decrypting data (encrypted with the public key) + /// or computing secure digital signatures. + { + public: + enum KeyLength + { + KL_512 = 512, + KL_1024 = 1024, + KL_2048 = 2048, + KL_4096 = 4096 + }; + + enum Exponent + { + EXP_SMALL = 0, + EXP_LARGE + }; + + RSAKey(const EVPPKey & key); + /// Constructs ECKeyImpl by extracting the EC key. + + RSAKey(const X509Certificate & cert); + /// Extracts the RSA public key from the given certificate. + + RSAKey(const PKCS12Container & cert); + /// Extracts the RSA private key from the given certificate. + + RSAKey(KeyLength keyLength, Exponent exp); + /// Creates the RSAKey. Creates a new public/private keypair using the given parameters. + /// Can be used to sign data and verify signatures. + + RSAKey(const std::string & publicKeyFile, const std::string & privateKeyFile = "", const std::string & privateKeyPassphrase = ""); + /// Creates the RSAKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. + /// + /// Cannot be used for signing or decryption unless a private key is available. + /// + /// If a private key is specified, you don't need to specify a public key file. + /// OpenSSL will auto-create the public key from the private key. + + RSAKey(std::istream * pPublicKeyStream, std::istream * pPrivateKeyStream = 0, const std::string & privateKeyPassphrase = ""); + /// Creates the RSAKey, by reading public and private key from the given streams and + /// using the given passphrase for the private key. + /// + /// Cannot be used for signing or decryption unless a private key is available. + /// + /// If a private key is specified, you don't need to specify a public key file. + /// OpenSSL will auto-create the public key from the private key. + + ~RSAKey(); + /// Destroys the RSAKey. + + RSAKeyImpl::ByteVec modulus() const; + /// Returns the RSA modulus. + + RSAKeyImpl::ByteVec encryptionExponent() const; + /// Returns the RSA encryption exponent. + + RSAKeyImpl::ByteVec decryptionExponent() const; + /// Returns the RSA decryption exponent. + + RSAKeyImpl::Ptr impl() const; + /// Returns the impl object. + + private: + RSAKeyImpl::Ptr _pImpl; + }; + + + // + // inlines + // + inline RSAKeyImpl::Ptr RSAKey::impl() const + { + return _pImpl; + } + + } - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_RSAKey_INCLUDED \ No newline at end of file diff --git a/base/poco/Crypto/include/Poco/Crypto/RSAKeyImpl.h b/base/poco/Crypto/include/Poco/Crypto/RSAKeyImpl.h index 035881636b2..4ccbb324c06 100644 --- a/base/poco/Crypto/include/Poco/Crypto/RSAKeyImpl.h +++ b/base/poco/Crypto/include/Poco/Crypto/RSAKeyImpl.h @@ -18,15 +18,15 @@ #define Crypto_RSAKeyImplImpl_INCLUDED +#include +#include +#include +#include "Poco/AutoPtr.h" #include "Poco/Crypto/Crypto.h" #include "Poco/Crypto/EVPPKey.h" #include "Poco/Crypto/KeyPairImpl.h" #include "Poco/Crypto/OpenSSLInitializer.h" #include "Poco/RefCountedObject.h" -#include "Poco/AutoPtr.h" -#include -#include -#include struct bignum_st; @@ -35,107 +35,108 @@ typedef struct bignum_st BIGNUM; typedef struct rsa_st RSA; -namespace Poco { -namespace Crypto { - - -class X509Certificate; -class PKCS12Container; - - -class RSAKeyImpl: public KeyPairImpl - /// class RSAKeyImpl +namespace Poco { -public: - typedef Poco::AutoPtr Ptr; - typedef std::vector ByteVec; - - RSAKeyImpl(const EVPPKey& key); - /// Constructs ECKeyImpl by extracting the EC key. - - RSAKeyImpl(const X509Certificate& cert); - /// Extracts the RSA public key from the given certificate. - - RSAKeyImpl(const PKCS12Container& cert); - /// Extracts the EC private key from the given certificate. - - RSAKeyImpl(int keyLength, unsigned long exponent); - /// Creates the RSAKey. Creates a new public/private keypair using the given parameters. - /// Can be used to sign data and verify signatures. - - RSAKeyImpl(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase); - /// Creates the RSAKey, by reading public and private key from the given files and - /// using the given passphrase for the private key. Can only by used for signing if - /// a private key is available. - - RSAKeyImpl(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase); - /// Creates the RSAKey. Can only by used for signing if pPrivKey - /// is not null. If a private key file is specified, you don't need to - /// specify a public key file. OpenSSL will auto-create it from the private key. - - ~RSAKeyImpl(); - /// Destroys the RSAKeyImpl. - - RSA* getRSA(); - /// Returns the OpenSSL RSA object. - - const RSA* getRSA() const; - /// Returns the OpenSSL RSA object. - - int size() const; - /// Returns the RSA modulus size. - - ByteVec modulus() const; - /// Returns the RSA modulus. - - ByteVec encryptionExponent() const; - /// Returns the RSA encryption exponent. - - ByteVec decryptionExponent() const; - /// Returns the RSA decryption exponent. - - void save(const std::string& publicKeyFile, - const std::string& privateKeyFile = "", - const std::string& privateKeyPassphrase = "") const; - /// Exports the public and private keys to the given files. - /// - /// If an empty filename is specified, the corresponding key - /// is not exported. - - void save(std::ostream* pPublicKeyStream, - std::ostream* pPrivateKeyStream = 0, - const std::string& privateKeyPassphrase = "") const; - /// Exports the public and private key to the given streams. - /// - /// If a null pointer is passed for a stream, the corresponding - /// key is not exported. - -private: - RSAKeyImpl(); - - void freeRSA(); - static ByteVec convertToByteVec(const BIGNUM* bn); - - RSA* _pRSA; -}; - - -// -// inlines -// -inline RSA* RSAKeyImpl::getRSA() +namespace Crypto { - return _pRSA; + + + class X509Certificate; + class PKCS12Container; + + + class RSAKeyImpl : public KeyPairImpl + /// class RSAKeyImpl + { + public: + typedef Poco::AutoPtr Ptr; + typedef std::vector ByteVec; + + RSAKeyImpl(const EVPPKey & key); + /// Constructs ECKeyImpl by extracting the EC key. + + RSAKeyImpl(const X509Certificate & cert); + /// Extracts the RSA public key from the given certificate. + + RSAKeyImpl(const PKCS12Container & cert); + /// Extracts the EC private key from the given certificate. + + RSAKeyImpl(int keyLength, unsigned long exponent); + /// Creates the RSAKey. Creates a new public/private keypair using the given parameters. + /// Can be used to sign data and verify signatures. + + RSAKeyImpl(const std::string & publicKeyFile, const std::string & privateKeyFile, const std::string & privateKeyPassphrase); + /// Creates the RSAKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. Can only by used for signing if + /// a private key is available. + + RSAKeyImpl(std::istream * pPublicKeyStream, std::istream * pPrivateKeyStream, const std::string & privateKeyPassphrase); + /// Creates the RSAKey. Can only by used for signing if pPrivKey + /// is not null. If a private key file is specified, you don't need to + /// specify a public key file. OpenSSL will auto-create it from the private key. + + ~RSAKeyImpl(); + /// Destroys the RSAKeyImpl. + + RSA * getRSA(); + /// Returns the OpenSSL RSA object. + + const RSA * getRSA() const; + /// Returns the OpenSSL RSA object. + + int size() const; + /// Returns the RSA modulus size. + + ByteVec modulus() const; + /// Returns the RSA modulus. + + ByteVec encryptionExponent() const; + /// Returns the RSA encryption exponent. + + ByteVec decryptionExponent() const; + /// Returns the RSA decryption exponent. + + void save(const std::string & publicKeyFile, const std::string & privateKeyFile = "", const std::string & privateKeyPassphrase = "") + const; + /// Exports the public and private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + void + save(std::ostream * pPublicKeyStream, std::ostream * pPrivateKeyStream = 0, const std::string & privateKeyPassphrase = "") const; + /// Exports the public and private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + + private: + RSAKeyImpl(); + + void freeRSA(); + static ByteVec convertToByteVec(const BIGNUM * bn); + + RSA * _pRSA; + }; + + + // + // inlines + // + inline RSA * RSAKeyImpl::getRSA() + { + return _pRSA; + } + + + inline const RSA * RSAKeyImpl::getRSA() const + { + return _pRSA; + } + + } - - -inline const RSA* RSAKeyImpl::getRSA() const -{ - return _pRSA; -} - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_RSAKeyImplImpl_INCLUDED \ No newline at end of file diff --git a/base/poco/Crypto/include/Poco/Crypto/X509Certificate.h b/base/poco/Crypto/include/Poco/Crypto/X509Certificate.h index ccdab1ce37e..30147623035 100644 --- a/base/poco/Crypto/include/Poco/Crypto/X509Certificate.h +++ b/base/poco/Crypto/include/Poco/Crypto/X509Certificate.h @@ -18,228 +18,231 @@ #define Crypto_X509Certificate_INCLUDED +#include +#include +#include +#include #include "Poco/Crypto/Crypto.h" #include "Poco/Crypto/OpenSSLInitializer.h" #include "Poco/DateTime.h" #include "Poco/SharedPtr.h" -#include -#include -#include -#include -namespace Poco { -namespace Crypto { - - -class Crypto_API X509Certificate - /// This class represents a X509 Certificate. +namespace Poco { -public: - typedef std::vector List; - - enum NID - /// Name identifier for extracting information from - /// a certificate subject's or issuer's distinguished name. - { - NID_COMMON_NAME = 13, - NID_COUNTRY = 14, - NID_LOCALITY_NAME = 15, - NID_STATE_OR_PROVINCE = 16, - NID_ORGANIZATION_NAME = 17, - NID_ORGANIZATION_UNIT_NAME = 18, - NID_PKCS9_EMAIL_ADDRESS = 48, - NID_SERIAL_NUMBER = 105 - }; - - explicit X509Certificate(std::istream& istr); - /// Creates the X509Certificate object by reading - /// a certificate in PEM format from a stream. - - explicit X509Certificate(const std::string& path); - /// Creates the X509Certificate object by reading - /// a certificate in PEM format from a file. - - explicit X509Certificate(X509* pCert); - /// Creates the X509Certificate from an existing - /// OpenSSL certificate. Ownership is taken of - /// the certificate. - - X509Certificate(X509* pCert, bool shared); - /// Creates the X509Certificate from an existing - /// OpenSSL certificate. Ownership is taken of - /// the certificate. If shared is true, the - /// certificate's reference count is incremented. - - X509Certificate(const X509Certificate& cert); - /// Creates the certificate by copying another one. - - X509Certificate& operator = (const X509Certificate& cert); - /// Assigns a certificate. - - void swap(X509Certificate& cert); - /// Exchanges the certificate with another one. - - ~X509Certificate(); - /// Destroys the X509Certificate. - - long version() const; - /// Returns the version of the certificate. - - const std::string& serialNumber() const; - /// Returns the certificate serial number as a - /// string in decimal encoding. - - const std::string& issuerName() const; - /// Returns the certificate issuer's distinguished name. - - std::string issuerName(NID nid) const; - /// Extracts the information specified by the given - /// NID (name identifier) from the certificate issuer's - /// distinguished name. - - const std::string& subjectName() const; - /// Returns the certificate subject's distinguished name. - - std::string subjectName(NID nid) const; - /// Extracts the information specified by the given - /// NID (name identifier) from the certificate subject's - /// distinguished name. - - std::string commonName() const; - /// Returns the common name stored in the certificate - /// subject's distinguished name. - - void extractNames(std::string& commonName, std::set& domainNames) const; - /// Extracts the common name and the alias domain names from the - /// certificate. - - Poco::DateTime validFrom() const; - /// Returns the date and time the certificate is valid from. - - Poco::DateTime expiresOn() const; - /// Returns the date and time the certificate expires. - - void save(std::ostream& stream) const; - /// Writes the certificate to the given stream. - /// The certificate is written in PEM format. - - void save(const std::string& path) const; - /// Writes the certificate to the file given by path. - /// The certificate is written in PEM format. - - bool issuedBy(const X509Certificate& issuerCertificate) const; - /// Checks whether the certificate has been issued by - /// the issuer given by issuerCertificate. This can be - /// used to validate a certificate chain. - /// - /// Verifies if the certificate has been signed with the - /// issuer's private key, using the public key from the issuer - /// certificate. - /// - /// Returns true if verification against the issuer certificate - /// was successful, false otherwise. - - bool equals(const X509Certificate& otherCertificate) const; - /// Checks whether the certificate is equal to - /// the other certificate, by comparing the hashes - /// of both certificates. - /// - /// Returns true if both certificates are identical, - /// otherwise false. - - const X509* certificate() const; - /// Returns the underlying OpenSSL certificate. - - X509* dup() const; - /// Duplicates and returns the underlying OpenSSL certificate. Note that - /// the caller assumes responsibility for the lifecycle of the created - /// certificate. - - std::string signatureAlgorithm() const; - /// Returns the certificate signature algorithm long name. - - void print(std::ostream& out) const; - /// Prints the certificate information to ostream. - - static List readPEM(const std::string& pemFileName); - /// Reads and returns a list of certificates from - /// the specified PEM file. - - static void writePEM(const std::string& pemFileName, const List& list); - /// Writes the list of certificates to the specified PEM file. - -protected: - void load(std::istream& stream); - /// Loads the certificate from the given stream. The - /// certificate must be in PEM format. - - void load(const std::string& path); - /// Loads the certificate from the given file. The - /// certificate must be in PEM format. - - void init(); - /// Extracts issuer and subject name from the certificate. - -private: - enum - { - NAME_BUFFER_SIZE = 256 - }; - - std::string _issuerName; - std::string _subjectName; - std::string _serialNumber; - X509* _pCert; - OpenSSLInitializer _openSSLInitializer; -}; - - -// -// inlines -// - - -inline long X509Certificate::version() const +namespace Crypto { - // This is defined by standards (X.509 et al) to be - // one less than the certificate version. - // So, eg. a version 3 certificate will return 2. - return X509_get_version(_pCert) + 1; + + + class Crypto_API X509Certificate + /// This class represents a X509 Certificate. + { + public: + typedef std::vector List; + + enum NID + /// Name identifier for extracting information from + /// a certificate subject's or issuer's distinguished name. + { + NID_COMMON_NAME = 13, + NID_COUNTRY = 14, + NID_LOCALITY_NAME = 15, + NID_STATE_OR_PROVINCE = 16, + NID_ORGANIZATION_NAME = 17, + NID_ORGANIZATION_UNIT_NAME = 18, + NID_PKCS9_EMAIL_ADDRESS = 48, + NID_SERIAL_NUMBER = 105 + }; + + explicit X509Certificate(std::istream & istr); + /// Creates the X509Certificate object by reading + /// a certificate in PEM format from a stream. + + explicit X509Certificate(const std::string & path); + /// Creates the X509Certificate object by reading + /// a certificate in PEM format from a file. + + explicit X509Certificate(X509 * pCert); + /// Creates the X509Certificate from an existing + /// OpenSSL certificate. Ownership is taken of + /// the certificate. + + X509Certificate(X509 * pCert, bool shared); + /// Creates the X509Certificate from an existing + /// OpenSSL certificate. Ownership is taken of + /// the certificate. If shared is true, the + /// certificate's reference count is incremented. + + X509Certificate(const X509Certificate & cert); + /// Creates the certificate by copying another one. + + X509Certificate & operator=(const X509Certificate & cert); + /// Assigns a certificate. + + void swap(X509Certificate & cert); + /// Exchanges the certificate with another one. + + ~X509Certificate(); + /// Destroys the X509Certificate. + + long version() const; + /// Returns the version of the certificate. + + const std::string & serialNumber() const; + /// Returns the certificate serial number as a + /// string in decimal encoding. + + const std::string & issuerName() const; + /// Returns the certificate issuer's distinguished name. + + std::string issuerName(NID nid) const; + /// Extracts the information specified by the given + /// NID (name identifier) from the certificate issuer's + /// distinguished name. + + const std::string & subjectName() const; + /// Returns the certificate subject's distinguished name. + + std::string subjectName(NID nid) const; + /// Extracts the information specified by the given + /// NID (name identifier) from the certificate subject's + /// distinguished name. + + std::string commonName() const; + /// Returns the common name stored in the certificate + /// subject's distinguished name. + + void extractNames(std::string & commonName, std::set & domainNames) const; + /// Extracts the common name and the alias domain names from the + /// certificate. + + Poco::DateTime validFrom() const; + /// Returns the date and time the certificate is valid from. + + Poco::DateTime expiresOn() const; + /// Returns the date and time the certificate expires. + + void save(std::ostream & stream) const; + /// Writes the certificate to the given stream. + /// The certificate is written in PEM format. + + void save(const std::string & path) const; + /// Writes the certificate to the file given by path. + /// The certificate is written in PEM format. + + bool issuedBy(const X509Certificate & issuerCertificate) const; + /// Checks whether the certificate has been issued by + /// the issuer given by issuerCertificate. This can be + /// used to validate a certificate chain. + /// + /// Verifies if the certificate has been signed with the + /// issuer's private key, using the public key from the issuer + /// certificate. + /// + /// Returns true if verification against the issuer certificate + /// was successful, false otherwise. + + bool equals(const X509Certificate & otherCertificate) const; + /// Checks whether the certificate is equal to + /// the other certificate, by comparing the hashes + /// of both certificates. + /// + /// Returns true if both certificates are identical, + /// otherwise false. + + const X509 * certificate() const; + /// Returns the underlying OpenSSL certificate. + + X509 * dup() const; + /// Duplicates and returns the underlying OpenSSL certificate. Note that + /// the caller assumes responsibility for the lifecycle of the created + /// certificate. + + std::string signatureAlgorithm() const; + /// Returns the certificate signature algorithm long name. + + void print(std::ostream & out) const; + /// Prints the certificate information to ostream. + + static List readPEM(const std::string & pemFileName); + /// Reads and returns a list of certificates from + /// the specified PEM file. + + static void writePEM(const std::string & pemFileName, const List & list); + /// Writes the list of certificates to the specified PEM file. + + protected: + void load(std::istream & stream); + /// Loads the certificate from the given stream. The + /// certificate must be in PEM format. + + void load(const std::string & path); + /// Loads the certificate from the given file. The + /// certificate must be in PEM format. + + void init(); + /// Extracts issuer and subject name from the certificate. + + private: + enum + { + NAME_BUFFER_SIZE = 256 + }; + + std::string _issuerName; + std::string _subjectName; + std::string _serialNumber; + X509 * _pCert; + OpenSSLInitializer _openSSLInitializer; + }; + + + // + // inlines + // + + + inline long X509Certificate::version() const + { + // This is defined by standards (X.509 et al) to be + // one less than the certificate version. + // So, eg. a version 3 certificate will return 2. + return X509_get_version(_pCert) + 1; + } + + + inline const std::string & X509Certificate::serialNumber() const + { + return _serialNumber; + } + + + inline const std::string & X509Certificate::issuerName() const + { + return _issuerName; + } + + + inline const std::string & X509Certificate::subjectName() const + { + return _subjectName; + } + + + inline const X509 * X509Certificate::certificate() const + { + return _pCert; + } + + + inline X509 * X509Certificate::dup() const + { + return X509_dup(_pCert); + } + + } - - -inline const std::string& X509Certificate::serialNumber() const -{ - return _serialNumber; -} - - -inline const std::string& X509Certificate::issuerName() const -{ - return _issuerName; -} - - -inline const std::string& X509Certificate::subjectName() const -{ - return _subjectName; -} - - -inline const X509* X509Certificate::certificate() const -{ - return _pCert; -} - - -inline X509* X509Certificate::dup() const -{ - return X509_dup(_pCert); -} - - -} } // namespace Poco::Crypto +} // namespace Poco::Crypto #endif // Crypto_X509Certificate_INCLUDED diff --git a/base/poco/Data/ODBC/include/Poco/Data/ODBC/Binder.h b/base/poco/Data/ODBC/include/Poco/Data/ODBC/Binder.h index 5203f65679f..f0c7aa47d93 100644 --- a/base/poco/Data/ODBC/include/Poco/Data/ODBC/Binder.h +++ b/base/poco/Data/ODBC/include/Poco/Data/ODBC/Binder.h @@ -18,1499 +18,1520 @@ #define Data_ODBC_Binder_INCLUDED -#include "Poco/Data/ODBC/ODBC.h" -#include "Poco/Data/AbstractBinder.h" -#include "Poco/Data/LOB.h" -#include "Poco/Data/ODBC/Handle.h" -#include "Poco/Data/ODBC/Parameter.h" -#include "Poco/Data/ODBC/ODBCMetaColumn.h" -#include "Poco/Data/ODBC/Utility.h" -#include "Poco/Data/ODBC/TypeInfo.h" -#include "Poco/Exception.h" -#include #include #include #include +#include +#include "Poco/Data/AbstractBinder.h" +#include "Poco/Data/LOB.h" +#include "Poco/Data/ODBC/Handle.h" +#include "Poco/Data/ODBC/ODBC.h" +#include "Poco/Data/ODBC/ODBCMetaColumn.h" +#include "Poco/Data/ODBC/Parameter.h" +#include "Poco/Data/ODBC/TypeInfo.h" +#include "Poco/Data/ODBC/Utility.h" +#include "Poco/Exception.h" #ifdef POCO_OS_FAMILY_WINDOWS -#include +# include #endif #include -namespace Poco { +namespace Poco +{ class DateTime; -namespace Data { - - -class Date; -class Time; - - -namespace ODBC { - - -class ODBC_API Binder: public Poco::Data::AbstractBinder - /// Binds placeholders in the sql query to the provided values. Performs data types mapping. +namespace Data { -public: - typedef AbstractBinder::Direction Direction; - typedef std::map ParamMap; - static const size_t DEFAULT_PARAM_SIZE = 1024; - enum ParameterBinding - { - PB_IMMEDIATE, - PB_AT_EXEC - }; + class Date; + class Time; - Binder(const StatementHandle& rStmt, - std::size_t maxFieldSize, - ParameterBinding dataBinding = PB_IMMEDIATE, - TypeInfo* pDataTypes = 0); - /// Creates the Binder. - ~Binder(); - /// Destroys the Binder. + namespace ODBC + { - void bind(std::size_t pos, const Poco::Int8& val, Direction dir); - /// Binds an Int8. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds an Int8 vector. + class ODBC_API Binder : public Poco::Data::AbstractBinder + /// Binds placeholders in the sql query to the provided values. Performs data types mapping. + { + public: + typedef AbstractBinder::Direction Direction; + typedef std::map ParamMap; - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds an Int8 deque. + static const size_t DEFAULT_PARAM_SIZE = 1024; - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds an Int8 list. + enum ParameterBinding + { + PB_IMMEDIATE, + PB_AT_EXEC + }; - void bind(std::size_t pos, const Poco::UInt8& val, Direction dir); - /// Binds an UInt8. + Binder( + const StatementHandle & rStmt, + std::size_t maxFieldSize, + ParameterBinding dataBinding = PB_IMMEDIATE, + TypeInfo * pDataTypes = 0); + /// Creates the Binder. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds an UInt8 vector. + ~Binder(); + /// Destroys the Binder. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds an UInt8 deque. + void bind(std::size_t pos, const Poco::Int8 & val, Direction dir); + /// Binds an Int8. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds an UInt8 list. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds an Int8 vector. - void bind(std::size_t pos, const Poco::Int16& val, Direction dir); - /// Binds an Int16. - - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds an Int16 vector. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds an Int8 deque. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds an Int16 deque. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds an Int8 list. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds an Int16 list. + void bind(std::size_t pos, const Poco::UInt8 & val, Direction dir); + /// Binds an UInt8. - void bind(std::size_t pos, const Poco::UInt16& val, Direction dir); - /// Binds an UInt16. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds an UInt8 vector. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds an UInt16 vector. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds an UInt8 deque. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds an UInt16 deque. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds an UInt8 list. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds an UInt16 list. + void bind(std::size_t pos, const Poco::Int16 & val, Direction dir); + /// Binds an Int16. - void bind(std::size_t pos, const Poco::Int32& val, Direction dir); - /// Binds an Int32. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds an Int16 vector. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds an Int32 vector. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds an Int16 deque. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds an Int32 deque. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds an Int16 list. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds an Int32 list. + void bind(std::size_t pos, const Poco::UInt16 & val, Direction dir); + /// Binds an UInt16. - void bind(std::size_t pos, const Poco::UInt32& val, Direction dir); - /// Binds an UInt32. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds an UInt16 vector. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds an UInt32 vector. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds an UInt16 deque. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds an UInt32 deque. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds an UInt16 list. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds an UInt32 list. + void bind(std::size_t pos, const Poco::Int32 & val, Direction dir); + /// Binds an Int32. - void bind(std::size_t pos, const Poco::Int64& val, Direction dir); - /// Binds an Int64. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds an Int32 vector. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds an Int64 vector. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds an Int32 deque. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds an Int64 deque. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds an Int32 list. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds an Int64 list. + void bind(std::size_t pos, const Poco::UInt32 & val, Direction dir); + /// Binds an UInt32. - void bind(std::size_t pos, const Poco::UInt64& val, Direction dir); - /// Binds an UInt64. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds an UInt32 vector. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds an UInt64 vector. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds an UInt32 deque. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds an UInt64 deque. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds an UInt32 list. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds an UInt64 list. + void bind(std::size_t pos, const Poco::Int64 & val, Direction dir); + /// Binds an Int64. + + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds an Int64 vector. + + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds an Int64 deque. + + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds an Int64 list. + + void bind(std::size_t pos, const Poco::UInt64 & val, Direction dir); + /// Binds an UInt64. + + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds an UInt64 vector. + + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds an UInt64 deque. + + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds an UInt64 list. #ifndef POCO_LONG_IS_64_BIT - void bind(std::size_t pos, const long& val, Direction dir); - /// Binds a long. + void bind(std::size_t pos, const long & val, Direction dir); + /// Binds a long. - void bind(std::size_t pos, const unsigned long& val, Direction dir); - /// Binds an unsigned long. + void bind(std::size_t pos, const unsigned long & val, Direction dir); + /// Binds an unsigned long. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds a long vector. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds a long vector. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds a long deque. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds a long deque. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds a long list. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds a long list. #endif - void bind(std::size_t pos, const bool& val, Direction dir); - /// Binds a boolean. + void bind(std::size_t pos, const bool & val, Direction dir); + /// Binds a boolean. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds a boolean vector. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds a boolean vector. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds a boolean deque. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds a boolean deque. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds a boolean list. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds a boolean list. - void bind(std::size_t pos, const float& val, Direction dir); - /// Binds a float. + void bind(std::size_t pos, const float & val, Direction dir); + /// Binds a float. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds a float vector. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds a float vector. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds a float deque. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds a float deque. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds a float list. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds a float list. - void bind(std::size_t pos, const double& val, Direction dir); - /// Binds a double. + void bind(std::size_t pos, const double & val, Direction dir); + /// Binds a double. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds a double vector. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds a double vector. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds a double deque. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds a double deque. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds a double list. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds a double list. - void bind(std::size_t pos, const char& val, Direction dir); - /// Binds a single character. + void bind(std::size_t pos, const char & val, Direction dir); + /// Binds a single character. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds a character vector. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds a character vector. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds a character deque. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds a character deque. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds a character list. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds a character list. - void bind(std::size_t pos, const std::string& val, Direction dir); - /// Binds a string. + void bind(std::size_t pos, const std::string & val, Direction dir); + /// Binds a string. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds a string vector. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds a string vector. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds a string deque. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds a string deque. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds a string list. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds a string list. - void bind(std::size_t pos, const UTF16String& val, Direction dir); - /// Binds a string. + void bind(std::size_t pos, const UTF16String & val, Direction dir); + /// Binds a string. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds a string vector. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds a string vector. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds a string deque. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds a string deque. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds a string list. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds a string list. - void bind(std::size_t pos, const BLOB& val, Direction dir); - /// Binds a BLOB. In-bound only. + void bind(std::size_t pos, const BLOB & val, Direction dir); + /// Binds a BLOB. In-bound only. - void bind(std::size_t pos, const CLOB& val, Direction dir); - /// Binds a CLOB. In-bound only. + void bind(std::size_t pos, const CLOB & val, Direction dir); + /// Binds a CLOB. In-bound only. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds a BLOB vector. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds a BLOB vector. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds a BLOB deque. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds a BLOB deque. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds a BLOB list. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds a BLOB list. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds a CLOB vector. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds a CLOB vector. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds a CLOB deque. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds a CLOB deque. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds a CLOB list. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds a CLOB list. - void bind(std::size_t pos, const Date& val, Direction dir); - /// Binds a Date. + void bind(std::size_t pos, const Date & val, Direction dir); + /// Binds a Date. - void bind(std::size_t pos, const std::vector& val, Direction dir); - /// Binds a Date vector. + void bind(std::size_t pos, const std::vector & val, Direction dir); + /// Binds a Date vector. - void bind(std::size_t pos, const std::deque& val, Direction dir); - /// Binds a Date deque. + void bind(std::size_t pos, const std::deque & val, Direction dir); + /// Binds a Date deque. - void bind(std::size_t pos, const std::list& val, Direction dir); - /// Binds a Date list. + void bind(std::size_t pos, const std::list & val, Direction dir); + /// Binds a Date list. - void bind(std::size_t pos, const Time& val, Direction dir); - /// Binds a Time. + void bind(std::size_t pos, const Time & val, Direction dir); + /// Binds a Time. - void bind(std::size_t pos, const std::vector