diff --git a/.github/workflows/backport_branches.yml b/.github/workflows/backport_branches.yml index c52a58eac8a..7d7efc51fa9 100644 --- a/.github/workflows/backport_branches.yml +++ b/.github/workflows/backport_branches.yml @@ -512,6 +512,75 @@ jobs: docker ps --quiet | xargs --no-run-if-empty docker kill ||: docker ps --all --quiet | xargs --no-run-if-empty docker rm -f ||: sudo rm -fr "$TEMP_PATH" +############################################################################################ +#################################### INSTALL PACKAGES ###################################### +############################################################################################ + InstallPackagesTestRelease: + needs: [BuilderDebRelease] + runs-on: [self-hosted, style-checker] + steps: + - name: Set envs + run: | + cat >> "$GITHUB_ENV" << 'EOF' + TEMP_PATH=${{runner.temp}}/test_install + REPORTS_PATH=${{runner.temp}}/reports_dir + CHECK_NAME=Install packages (amd64) + REPO_COPY=${{runner.temp}}/test_install/ClickHouse + EOF + - name: Download json reports + uses: actions/download-artifact@v3 + with: + path: ${{ env.REPORTS_PATH }} + - name: Check out repository code + uses: ClickHouse/checkout@v1 + with: + clear-repository: true + - name: Test packages installation + run: | + sudo rm -fr "$TEMP_PATH" + mkdir -p "$TEMP_PATH" + cp -r "$GITHUB_WORKSPACE" "$TEMP_PATH" + cd "$REPO_COPY/tests/ci" + python3 install_check.py "$CHECK_NAME" + - name: Cleanup + if: always() + run: | + docker ps --quiet | xargs --no-run-if-empty docker kill ||: + docker ps --all --quiet | xargs --no-run-if-empty docker rm -f ||: + sudo rm -fr "$TEMP_PATH" + InstallPackagesTestAarch64: + needs: [BuilderDebRelease] + runs-on: [self-hosted, style-checker-aarch64] + steps: + - name: Set envs + run: | + cat >> "$GITHUB_ENV" << 'EOF' + TEMP_PATH=${{runner.temp}}/test_install + REPORTS_PATH=${{runner.temp}}/reports_dir + CHECK_NAME=Install packages (arm64) + REPO_COPY=${{runner.temp}}/test_install/ClickHouse + EOF + - name: Download json reports + uses: actions/download-artifact@v3 + with: + path: ${{ env.REPORTS_PATH }} + - name: Check out repository code + uses: ClickHouse/checkout@v1 + with: + clear-repository: true + - name: Test packages installation + run: | + sudo rm -fr "$TEMP_PATH" + mkdir -p "$TEMP_PATH" + cp -r "$GITHUB_WORKSPACE" "$TEMP_PATH" + cd "$REPO_COPY/tests/ci" + python3 install_check.py "$CHECK_NAME" + - name: Cleanup + if: always() + run: | + docker ps --quiet | xargs --no-run-if-empty docker kill ||: + docker ps --all --quiet | xargs --no-run-if-empty docker rm -f ||: + sudo rm -fr "$TEMP_PATH" ############################################################################################## ########################### FUNCTIONAl STATELESS TESTS ####################################### ############################################################################################## diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index cd4ee482702..6e728b6bfb0 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -946,6 +946,75 @@ jobs: run: | cd "$GITHUB_WORKSPACE/tests/ci" python3 mark_release_ready.py +############################################################################################ +#################################### INSTALL PACKAGES ###################################### +############################################################################################ + InstallPackagesTestRelease: + needs: [BuilderDebRelease] + runs-on: [self-hosted, style-checker] + steps: + - name: Set envs + run: | + cat >> "$GITHUB_ENV" << 'EOF' + TEMP_PATH=${{runner.temp}}/test_install + REPORTS_PATH=${{runner.temp}}/reports_dir + CHECK_NAME=Install packages (amd64) + REPO_COPY=${{runner.temp}}/test_install/ClickHouse + EOF + - name: Download json reports + uses: actions/download-artifact@v3 + with: + path: ${{ env.REPORTS_PATH }} + - name: Check out repository code + uses: ClickHouse/checkout@v1 + with: + clear-repository: true + - name: Test packages installation + run: | + sudo rm -fr "$TEMP_PATH" + mkdir -p "$TEMP_PATH" + cp -r "$GITHUB_WORKSPACE" "$TEMP_PATH" + cd "$REPO_COPY/tests/ci" + python3 install_check.py "$CHECK_NAME" + - name: Cleanup + if: always() + run: | + docker ps --quiet | xargs --no-run-if-empty docker kill ||: + docker ps --all --quiet | xargs --no-run-if-empty docker rm -f ||: + sudo rm -fr "$TEMP_PATH" + InstallPackagesTestAarch64: + needs: [BuilderDebRelease] + runs-on: [self-hosted, style-checker-aarch64] + steps: + - name: Set envs + run: | + cat >> "$GITHUB_ENV" << 'EOF' + TEMP_PATH=${{runner.temp}}/test_install + REPORTS_PATH=${{runner.temp}}/reports_dir + CHECK_NAME=Install packages (arm64) + REPO_COPY=${{runner.temp}}/test_install/ClickHouse + EOF + - name: Download json reports + uses: actions/download-artifact@v3 + with: + path: ${{ env.REPORTS_PATH }} + - name: Check out repository code + uses: ClickHouse/checkout@v1 + with: + clear-repository: true + - name: Test packages installation + run: | + sudo rm -fr "$TEMP_PATH" + mkdir -p "$TEMP_PATH" + cp -r "$GITHUB_WORKSPACE" "$TEMP_PATH" + cd "$REPO_COPY/tests/ci" + python3 install_check.py "$CHECK_NAME" + - name: Cleanup + if: always() + run: | + docker ps --quiet | xargs --no-run-if-empty docker kill ||: + docker ps --all --quiet | xargs --no-run-if-empty docker rm -f ||: + sudo rm -fr "$TEMP_PATH" ############################################################################################## ########################### FUNCTIONAl STATELESS TESTS ####################################### ############################################################################################## diff --git a/.github/workflows/release_branches.yml b/.github/workflows/release_branches.yml index 251087f33a5..95ef60686a7 100644 --- a/.github/workflows/release_branches.yml +++ b/.github/workflows/release_branches.yml @@ -604,6 +604,75 @@ jobs: run: | cd "$GITHUB_WORKSPACE/tests/ci" python3 mark_release_ready.py +############################################################################################ +#################################### INSTALL PACKAGES ###################################### +############################################################################################ + InstallPackagesTestRelease: + needs: [BuilderDebRelease] + runs-on: [self-hosted, style-checker] + steps: + - name: Set envs + run: | + cat >> "$GITHUB_ENV" << 'EOF' + TEMP_PATH=${{runner.temp}}/test_install + REPORTS_PATH=${{runner.temp}}/reports_dir + CHECK_NAME=Install packages (amd64) + REPO_COPY=${{runner.temp}}/test_install/ClickHouse + EOF + - name: Download json reports + uses: actions/download-artifact@v3 + with: + path: ${{ env.REPORTS_PATH }} + - name: Check out repository code + uses: ClickHouse/checkout@v1 + with: + clear-repository: true + - name: Test packages installation + run: | + sudo rm -fr "$TEMP_PATH" + mkdir -p "$TEMP_PATH" + cp -r "$GITHUB_WORKSPACE" "$TEMP_PATH" + cd "$REPO_COPY/tests/ci" + python3 install_check.py "$CHECK_NAME" + - name: Cleanup + if: always() + run: | + docker ps --quiet | xargs --no-run-if-empty docker kill ||: + docker ps --all --quiet | xargs --no-run-if-empty docker rm -f ||: + sudo rm -fr "$TEMP_PATH" + InstallPackagesTestAarch64: + needs: [BuilderDebRelease] + runs-on: [self-hosted, style-checker-aarch64] + steps: + - name: Set envs + run: | + cat >> "$GITHUB_ENV" << 'EOF' + TEMP_PATH=${{runner.temp}}/test_install + REPORTS_PATH=${{runner.temp}}/reports_dir + CHECK_NAME=Install packages (arm64) + REPO_COPY=${{runner.temp}}/test_install/ClickHouse + EOF + - name: Download json reports + uses: actions/download-artifact@v3 + with: + path: ${{ env.REPORTS_PATH }} + - name: Check out repository code + uses: ClickHouse/checkout@v1 + with: + clear-repository: true + - name: Test packages installation + run: | + sudo rm -fr "$TEMP_PATH" + mkdir -p "$TEMP_PATH" + cp -r "$GITHUB_WORKSPACE" "$TEMP_PATH" + cd "$REPO_COPY/tests/ci" + python3 install_check.py "$CHECK_NAME" + - name: Cleanup + if: always() + run: | + docker ps --quiet | xargs --no-run-if-empty docker kill ||: + docker ps --all --quiet | xargs --no-run-if-empty docker rm -f ||: + sudo rm -fr "$TEMP_PATH" ############################################################################################## ########################### FUNCTIONAl STATELESS TESTS ####################################### ############################################################################################## diff --git a/.gitmodules b/.gitmodules index 13b1b2035be..0b88bd616fb 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,7 +1,3 @@ -[submodule "contrib/poco"] - path = contrib/poco - url = https://github.com/ClickHouse/poco - branch = clickhouse [submodule "contrib/zstd"] path = contrib/zstd url = https://github.com/facebook/zstd diff --git a/README.md b/README.md index bcf2643c33d..75e0fa1bc4d 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,7 @@ ClickHouse® is an open-source column-oriented database management system that a * [Code Browser (github.dev)](https://github.dev/ClickHouse/ClickHouse) with syntax highlight, powered by github.dev. * [Contacts](https://clickhouse.com/company/contact) can help to get your questions answered if there are any. -## Upcoming events +## Events +* **FOSDEM 2023**: In the "Fast and Streaming Data" room Alexey gave a talk entitled "Building Analytical Apps With ClickHouse" that looks at the landscape of data tools, an interesting data set, and how you can interact with data quickly. Check out the recording on **[YouTube](https://www.youtube.com/watch?v=JlcI2Vfz_uk)**. * **Recording available**: [**v23.1 Release Webinar**](https://www.youtube.com/watch?v=zYSZXBnTMSE) 23.1 is the ClickHouse New Year release. Original creator, co-founder, and CTO of ClickHouse Alexey Milovidov will walk us through the highlights of the release. Inverted indices, query cache, and so -- very -- much more. * **Recording available**: [**ClickHouse Meetup at the CHEQ office in Tel Aviv**](https://www.meetup.com/clickhouse-tel-aviv-user-group/events/289599423/) - We are very excited to be holding our next in-person ClickHouse meetup at the CHEQ office in Tel Aviv! Hear from CHEQ, ServiceNow and Contentsquare, as well as a deep dive presentation from ClickHouse CTO Alexey Milovidov. Join us for a fun evening of talks, food and discussion! diff --git a/base/CMakeLists.txt b/base/CMakeLists.txt index dcf8f650262..9c47d63e9a2 100644 --- a/base/CMakeLists.txt +++ b/base/CMakeLists.txt @@ -1,8 +1,5 @@ -if (USE_CLANG_TIDY) - set (CMAKE_CXX_CLANG_TIDY "${CLANG_TIDY_PATH}") -endif () - add_subdirectory (base) add_subdirectory (pcg-random) +add_subdirectory (poco) add_subdirectory (widechar_width) add_subdirectory (readpassphrase) diff --git a/base/base/CMakeLists.txt b/base/base/CMakeLists.txt index 5d9f1de8309..64785d575c5 100644 --- a/base/base/CMakeLists.txt +++ b/base/base/CMakeLists.txt @@ -1,3 +1,7 @@ +if (USE_CLANG_TIDY) + set (CMAKE_CXX_CLANG_TIDY "${CLANG_TIDY_PATH}") +endif () + set (SRCS argsToConfig.cpp coverage.cpp diff --git a/base/pcg-random/CMakeLists.txt b/base/pcg-random/CMakeLists.txt index 88acabba6a7..005b8dfa61f 100644 --- a/base/pcg-random/CMakeLists.txt +++ b/base/pcg-random/CMakeLists.txt @@ -1,2 +1,6 @@ +if (USE_CLANG_TIDY) + set (CMAKE_CXX_CLANG_TIDY "${CLANG_TIDY_PATH}") +endif () + add_library(pcg_random INTERFACE) target_include_directories(pcg_random INTERFACE .) diff --git a/base/poco/CHANGELOG b/base/poco/CHANGELOG new file mode 100644 index 00000000000..a10371b381c --- /dev/null +++ b/base/poco/CHANGELOG @@ -0,0 +1,2791 @@ +This is the changelog file for the POCO C++ Libraries. + +Release 1.9.3 (2019-08-20) +========================== + +- fixed GH #2603: Remove incorrect upper size limits for SSL certificates in NetSSL_Win +- fixed GH #2661: Poco::Zip::ZipArchive cannot load new tomcat.zip file (additional fix) +- fixed GH #2742: Support of vs150 & vs160 with the official Microsoft localization executable, + vswhere.exe, installed by MSVC starting from VS2017 +- Data/ODBC: make binding of std::string configurable (SQL_LONGVARCHAR - default or SQL_VARCHAR) + through a global setting (Poco::Data::ODBC::Connector::bindStringToLongVarChar()). +- added Poco::SharedLibrary::setSearchPath() (currently implemented on Windows only) +- Windows required minimum version is now Windows XP SP2 +- upgraded bundled SQLite to 3.29.0 +- CppParser now supports type aliases defined with using keyword. +- PageCompiler: added support for adding Content-Security-Policy and Cache-Control headers. + + +Release 1.9.2 (2019-07-02) +========================== + +- fixed GH #2736: Error using CMake gui - latest version +- fixed GH #2737: Bundles vulnerable copy of Expat — please upgrade to Expat 2.2.7 +- fixed GH #2738: Poco::AccessExpireStrategy::onGet() must not extend expiration time after expiration + + +Release 1.9.1 (2019-06-24) +========================== + +- Added support for building with different OpenSSL distributions on Windows. + See the POCO_EXTERNAL_OPENSSL macro defined in Foundation/include/Poco/Config.h + for options. +- Added Poco::Net::HTTPClientSession::flushRequest() +- Added Poco::Net::WebSocket::setMaxPayloadSize() and Poco::Net::WebSocket::getMaxPayloadSize() + to specify a maximum acceptable payload size for Poco::Net::WebSocket::receiveFrame(). +- Poco::Net::WebSocket: don't attempt to send empty credentials in response to 401 response. +- Redis: added support for additional commands (exists, expire, ping, multi, exec, discard) +- Redis: added Poco::Redis::Client::isConnected() +- Upgraded bundled PCRE to version 8.43 +- Upgraded bundled SQLite to version 3.28.0 +- Added project/solution files for Visual Studio 2019 +- Fixed Visual Studio project files (version information from DLLVersion.rc not included in DLLs) +- Include version resource in DLLs built with CMake +- Added HTTP*Credentials::empty() and HTTPCredentials::clear() +- fixed GH #2220: Encoding/DoubleByteEncoding.cpp fails to compile with VS2008 and _DEBUG +- fixed GH #2243: DLLVersion.rc is excluded from build, missing detail information in properties of *.dll +- fixed GH #2277: SQLite null pointer dereference occurs when exception is being thrown +- fixed GH #2313: PollSet behaves differently on windows +- fixed GH #2316: cmake can't find MySQL and ODBC libraries +- fixed GH #2336: Omit ContentLength in WebSocket accept response +- fixed GH #2358: Don't include for later OpenSSL +- fixed GH #2364: Stringify escapes every unicode symbol when object contain an array +- fixed GH #2380: Calling Poco::Net::X509Certificate::addChainCertificate() leads to double free. +- fixed GH #2492: Net::Socket::address() crash on Android +- fixed GH #2549: Fix keepAlive in http client session +- fixed GH #2565: HTMLForm: optional enforcement of Content-Length instead of Chunked Transfer-Encoding +- fixed GH #2570: DialogSocket: receiveStatusMessage() - line length limit applies to entire multi-line message +- fixed GH #2583: Crypto library does not build with OpenSSL 1.0.0 +- fixed GH #2655: MongoDB Binary element to string - bug +- fixed GH #2661: Poco::Zip::ZipArchive cannot load new tomcat.zip file +- fixed GH #2700: Invalid read of memory in Poco::Environment::set which may cause crashes. +- fixed GH #2712: File_WIN32.cpp(168): error C2065: "_upath":Undeclared identifier +- fixed GH #2723: Access violation when trying to decompress .zip file with unsupported compression method. + + +Release 1.9.0 (2018-03-07) +========================== + +- Added additional text encodings, available in the new PocoEncodings library (GH #2165) +- Added Punycode support for resolving Internationalized Domain Names to Poco::Net::DNS (GH #2164) +- Added XDG Base Directory Specification support in Poco::Path, Poco::Util::SystemConfiguration + and Poco::Util::Application (GH #1609, GH #561, GH #1609) +- Added support for GCM ciphers in Crypto library (GH #2129) +- Poco::Net::RemoteSyslogChannel and Poco::Net::RemoteSyslogListener now have basic + support for RFC 5424 structured data (GH #2173) +- Poco::File now has methods for obtaining partition space (GH #1545) +- Added Poco::Net::Context::addCertificateAuthority() (GH #2197) +- Added Poco::AutoPtr::reset() and Poco::SharedPtr::reset() to improve compatibility + with std::shared_ptr() (GH #2172) +- fixed GH #703: Poco::Data::SQLite data types (INTEGER is now mapped to Int64) +- fixed GH #1426: inttypes.h is available on sun solaris +- fixed GH #1912: Run ping with custom data size #1912 +- fixed GH #2177: Run ping with custom timeout instead of the default +- fixed GH #2058 and GH #2095: Synchronization issue/deadlock in Poco::Util::Timer at destruction +- fixed GH #2089: Allow hyphen in HTTP authentication scheme names +- fixed GH #2106: Undefined behavior in Delegate::equals() +- fixed GH #2108: POCO SQLite Data Connector hangs for 20 secs waiting for thread timeouts on Windows +- fixed GH #2142: JSON::Object preserveOrder keys not synced on assignment +- fixed GH #2199 and GH #2188: Illegal header in zip file exception/assertion failure during JAR file decompression +- fixed GH #2203: Use MAX_ADDRESS_LENGTH to determine buffer size + + +Release 1.8.1 (2018-01-09) +========================== + +- Added Poco::File::linkTo() +- fixed GH #2044: Poco::Net::NetworkInterface::list does not list inactive interfaces + even when explicitly being asked for it. +- fixed GH #2042: Android abstract namespace local socket address +- fixed GH #2038: Poco::Net::MultipartWriter::createBoundary() always returns the same string. +- fixed GH #2020: SQLite not handling parameter count mismatch correctly. +- fixed GH #2012: Data/SQLite: Exception messages contain duplicate text +- fixed GH #2005: Upgraded bundled PCRE to 8.41 +- fixed GH #2000: Fix building XMLStreamParser with unbundled expat +- fixed GH #1603: fix MinGW 4.8.2 Compilation +- fixed GH #1991: Support building poco 1.8.0 as cmake sub-project +- fixed GH #2080: Bugs in Poco::Net::Socket::select when POCO_HAVE_FD_POLL is defined + + +Release 1.8.0.1 (2017-11-11) +============================ + +- Reverted change for GH #1828; DeflatingStreamBuf::sync() no longer flushes + underlying stream as this causes corruption for some Zip files. +- PocoDoc: fix for handling compiler configuration for Gradle builds. + + +Release 1.8.0 (2017-11-10) +========================== + +- Poco::Base64Encoder: add support for base64url encoding (GH #1967) +- Add Poco::Net::PollSet class to Net library (GH #1763) +- The Net library now supports Unix Domain Sockets, where available. +- Added stream parser (Poco::XML::XMLStreamParser) to XML library (GH #1697) +- Added Poco::Net::TCPServerConnectionFilter and Poco::Net::TCPServer::setConnectionFilter() + to support connection filtering and IP blacklisting (GH #1485) +- Added Redis library (GH #1383) +- Added Zip64 support to Zip library (GH #1356) +- Upgraded bundled SQLite to 3.21.0 +- Removed OpenVMS support (GH #1988) +- fixed GH #271: NamedMutex_UNIX.cpp must remove semid +- fixed GH #739: Add WebSocket::receiveFrame() that appends to a Poco::Buffer +- fixed GH #749: NTP Packet impl not according to RFC958 +- fixed GH #896: Sample "TwitterClient" of NetSSL_OpenSSL can't be build +- fixed GH #1172: Poco::Data default storage should be std::vector +- fixed GH #1337: Poco::HTMLForm throws exception HTMLFormException("Form must be prepared") + even after form is prepared. +- fixed GH #1373: SessionImpl::close() does not check return code of close handle specific function +- fixed GH #1425: Workaround bug in SolarisStudio 12.4 on RVO-ed objects. +- fixed GH #1614: Problematic license for JSON component: the previously used JSON.org parser + has been replaced with pdjson +- fixed GH #1659: wrong field size calculation in ODBC code +- fixed GH #1683: Poco::Data ODBC impl doesn't bind to unsigned numeric types properly +- fixed GH #1705: MongoDB: support URI in Connection +- fixed GH #1708: "SocketReactor::addEventHandler" and "SocketReactor::removeEventHandler" + must protect the access to "NotifierPtr pNotifier" +- fixed GH #1729: getConnectionTimeout of SQLite DB wrapper returns wrong value + (in milliseconds, should be in seconds) +- fixed GH #1739: OpenSSLInitializer isn't threadsafe +- fixed GH #1750: double_conversion in NumericString is in conflict with Qt5 Core +- fixed GH #1804 and GH #1805: Integer Overflow or Wraparound +- fixed GH #1828: DeflatingStreamBuf::sync() should also flush underlying stream. +- fixed GH #1880: FTPClientSession::close() error +- fixed GH #1897: DateTime wrong binding/extraction for MySQL database +- fixed GH #1905: Compiling Foundation library with POCO_NO_FPENVIRONMENT in Config.h fails +- fixed GH #1906: Race condition in ThreadPool +- fixed GH #1913: Message Doesn't Support 64-bit Thread IDs +- fixed GH #1921: ICMPSocket does not check reply address +- fixed GH #1926: Exception when using SortedDirectoryIterator +- fixed GH #1934: File::setExecutable() on POSIX should set executable bit for group and + other if corresponding readable bit is set +- fixed GH #1950: Net Exception: Address family not supported with clang +- fixed GH #1964: Buffer<> swap miss ownMem + + +Release 1.7.9p2 (2017-11-06) +============================ + +- fixed GH #1628: Export Poco::Zip::ZipUtil class + + +Release 1.7.9p1 (2017-11-02) +============================ + +- fixed GH #1968: Zip Decompress Parent Path Injection + + +Release 1.7.9 (2017-09-11) +========================== + +- fixed GH #1813: xmlparse.cpp doesn't compile in WinCE (poco 1.7.8p3) +- fixed GH #1826: XPath query error +- fixed GH #1834: Visual Studio 2008 cannot find stdint.h +- fixed GH #1842: Upgrade bundled expat to 2.2.3 +- fixed GH #1843: Use random salt for Poco::XML::NamePool +- fixed GH #1865: AbstractEvent::hasDelegates() is not thread-safe +- improved/fixed QNX support +- Poco::Util::LayeredConfiguration: added support for labelling configurations and + finding them by their label +- upgraded bundled SQLite to 3.20.1 +- PageCompiler: support <%@ include file="" %> syntax for includes, in addition + to <%@ include page="" %> +- PageCompiler: optimize generated request handler code by removing useless + statements, e.g. writing empty strings. +- added POCO_DEPRECATED macro which will be used in the future to deprecate + classes and methods. +- Poco::NamedMutex and Poco::NamedEvent (System V Semaphores implementation): files are + now opened with O_RDONLY | O_CREAT instead of O_WRONLY | O_CREAT, allowing sharing + between different users. Furthermore, ftok() is called with 'p' as project ID + argument. + + +Release 1.7.8p3 (2017-06-22) +============================ + +- fixed GH #1760: Upgrade bundled expat to 2.2.1 which fixes some vulnerabilities: + http://seclists.org/oss-sec/2017/q2/499 + + +Release 1.7.8p2 (2017-04-18) +============================ + +- fixed GH #1655: CipherImpl memory leak with OpenSSL 1.1 + + +Release 1.7.8 (2017-02-21) +========================== + +- fixed GH #1212: Lost WebSocket Frames after Client Websocket Handshake is complete +- fixed GH #1260: URI encoding +- fixed GH #1501: Alpine 3.4 trouble with Foundation/src/Error.cpp +- fixed GH #1523: Long path names under Windows +- fixed GH #1536: Building with OS X 10.12 SDK and 10.7 deployment target without libc++ fails +- fixed GH #1537: Need to add multiple cflags parameters to configure +- fixed GH #1539: Allow overriding POCO_TARGET_OSARCH for iPhoneSimulator +- fixed GH #1546: Enable bitcode for iPhone build config +- fixed GH #1549: Latin2Encoding and 0xFF +- fixed GH #1551: Unable to use Poco on macOS 10.12 +- fixed GH #1552: IPv6 & operator throws an exception when scope = 0 +- fixed GH #1566: Poco/Zip issue with some CM_DEFLATE archives +- fixed GH #1567: Poco/ZIP issue with uncompressed archives +- fixed GH #1570: IPv6AddressImpl::toString() returns wrong output for IPv6 address "::" +- fixed GH #1571: ODBC Preparator memory leak +- fixed GH #1573: Poco::File::createDirectories() should not throw Poco::FileExistsException +- fixed GH #1580: Unable to unzip zip file created using non-seeking stream +- fixed GH #1581: Cannot find 'pcre.h' when using POCO_UNBUNDLED, a non-system PCRE, and CMake +- fixed GH #1588: Poco::Net::HTTPChunkedStreamBuf::readFromDevice(): restrict maximum + size of chunk length +- fixed GH #1589: Poco::Net::HTMLForm: restrict maximum field and value length +- fixed GH #1590: Poco::Net::DialogSocket: restrict maximum line length +- fixed GH #1591: Poco::Net::MultipartReader: restrict maximum boundary string length +- fixed GH #1597: adding empty file to zip leads to archive that can't be unzipped by windows +- fixed GH #1599: readFromDevice() in AutoDetectStream.cpp in Poco Zip cannot detect signature +- fixed GH #1534: Upgraded bundled zlib to 1.2.11 +- fixed GH #1558: Upgraded bundled SQLite to 3.16.2 +- fixed GH #1586: Upgraded bundled PCRE to 8.40 +- fixed GH #1538: Upgraded bundled double-conversion to 1.1.5 +- MongoDB: added support for authentication using "MONGODB-CR" and "SCRAM-SHA-1" + authentication schemes. +- MongoDB: additional documentation and fixes for style and consistency and minor + API improvements (e.g., Poco::MongoDB::Binary) + Note: some flag enumeration values have been renamed for better consistency + and readability; existing code using these will have to be updated. + + +Release 1.7.7 (2016-12-31) +========================== + +- fixed GH #865: FileChannel compress fails leaving empty .gz files +- fixed GH #990: Potential race condition in Poco::File on Windows +- fixed GH #1157: Fixing a bug in the NetSSL_Win module (Host name verification failed error) +- fixed GH #1351: Fix for android include pthread.h from /usr/include +- fixed GH #1436: ODBC Bug: Unicode text(NVARCHAT) read from DB is truncated to half +- fixed GH #1453: _clock_gettime Symbol not found on Mac 10.11 +- fixed GH #1460: POCO does not build with OpenSSL 1.1 +- fixed GH #1461: Poco::Data::SQLite::SQLiteStatementImpl::next() error +- fixed GH #1462: AbstractConfiguration::getUInt does not parse hex numbers +- fixed GH #1464: ODBCMetaColumn::init() always maps integer NUMERIC/DECIMAL to Int32 +- fixed GH #1465: Assertion violation in DateTime.cpp using ZipArchive +- fixed GH #1472: HTTP(S)StreamFactory should send a User-Agent header. +- fixed GH #1476: Fixed error with Poco::UTF8Encoding::isLegal() +- fixed GH #1484: ODBC: fix uninitialized variable +- fixed GH #1486: Support ODBC GUID data type as string +- fixed GH #1488: Poco::ObjectPool shrinks if returned object is not valid +- fixed GH #1515: Detection of closed websocket connection +- fixed GH #1521: bug in JSON ParseHandler.cpp (empty keys should be valid) +- fixed GH #1526: iOS app rejected, IPv6 not working +- fixed GH #1532: RecordSet and RowFilter: bad use of reference counter + + +Release 1.7.6 (2016-10-18) +========================== + +- fixed GH #1298: ZipFileInfo: Assertion violation when reading ods files +- fixed GH #1315: Redefine Poco assertions for static analysis +- fixed GH #1397: Fix issues reported by static source code analysis +- fixed GH #1403: Android compile with poco-1.7.5 no 'pthread_condattr_setclock' error +- fixed GH #1416: Assertion violation when unzipping +- fixed GH #1418: Poco::Delegate assignment operator fails to compile for some specializations +- fixed GH #1422: Can't build poco 1.7.4 or 1.7.5 on centos5 32 bit +- fixed GH #1429: exception thrown in MongoDB when using replicaset +- fixed GH #1431: Poco/FIFOBuffer.h copy issue +- fixed GH #1445: Use stable_sort to preserve order of IP addresses from DNS +- fixed GH #1456: better handle leap seconds in Poco::DateTime and Poco::LocalDateTime +- fixed GH #1458: Probably invalid epoll_create() usage inside Poco/Socket.cpp +- Poco::XML::NamePool: increased default size from 251 to 509. Default size can now + be changed by defining the POCO_XML_NAMEPOOL_DEFAULT_SIZE macro accordingly. +- Enchancements: Poco::XML::Document and Poco::XML::DOMParser have new constructors + taking a NamePool size. Poco::Util::XMLConfiguration::load() also has a new overload + for that purpose. +- Improved error handling in the Zip library (getting rid of some poco_assert macros + and did proper error handling instead). +- Added Poco::URISyntaxException (subclass of Poco::SyntaxException), which is now + thrown by Poco::URI. +- Improved error handling in Poco::URIStreamOpener::open(). +- Poco::Data::MySQL: Handle connection lost/server gone error when starting a transaction + and retry. +- XMLConfiguration default (and single-argument delimiter) constructor now loads an empty + XML document with "config" root element to make the configuration usable without an + additional call to load() or loadEmpty(). + + +Release 1.7.5 (2016-08-29) +========================== + +- fixed GH #1252: Unable to compile Poco::Data for Windows Compact Embedded 2013 +- fixed GH #1344: Poco::Event::wait(timeout) should use CLOCK_MONOTONIC on Linux +- fixed GH #1355: [JSON::Object] After copy-ctor, JSON::Object::_keys still points to + keys in map of copied object +- GH #1361: Shell expansion rules say that tilde must be replaced with $HOME before + calling getpwuid +- Poco::SingletonHolder: added reset() method +- prefer clock_getttime() over gettimeofday() if available +- Upgraded bundled SQLite to 3.14.1 + + +Release 1.7.4 (2016-07-20) +========================== + +- fixed GH #1300: Session constructor hangs +- fixed GH #1303: HTTPSClientSession::sendRequest() fails if server has wildcard cert +- fixed GH #1304: URI doesn't know "ws:/" or "wss://" schemes +- fixed GH #1307: Upgrade bundled expat to 2.2.0 +- fixed GH #1313: XML library compilation error +- fixed GH #1316: Empty SocketReactor never sleeps +- Upgraded bundled SQLite to 3.13.0 + + +Release 1.7.3 (2016-05-02) +========================== + +- fixed GH #993: Invalid zip format when opening a docx in word +- fixed GH #1235: Poco::Net::HTTPClientSession::sendRequest() should also handle HTTP_PATCH +- fixed GH #1236: Remove Poco::Data::Row::checkEmpty() as it prevents Row from being used + with all NULL rows +- fixed GH #1239: Poco::Zip::Compress with non-seekable stream fails for CM_STORE +- fixed GH #1242: Poco::Data::RowFormatter generate exception if the first column of first + row is null +- fixed GH #1253: ListMap does not maintain insertion order if key already exists +- Upgraded bundled SQLite to 3.12.2 + + +Release 1.7.2 (2016-03-21) +========================== + +- fixed GH #1197: Upgrade bundled expat to 2.1.1 + Expat 2.1.1 fixes a CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283 +- fixed GH #1204: getdtablesize has been removed on Android 21 +- fixed GH #1203: Poco::Data::RecordSet should be reusable +- fixed GH #1198: Upgrade bundled SQLite to 3.12.1 + + +Release 1.7.1 (2016-03-14) +========================== + +- fixed GH #1187: Data/MySQL: Seeing frequent "MySQL server has gone away" errors +- fixed GH #1184: Attempting to connect via a proxy throws a DNS error "Host not found" +- fixed GH #1180: Possible deadlock when TaskManager::count() is called in onFinished +- NetSSL_OpenSSL: use TLS_*_method() instead of deprecated SSLv23_*_method() + if OpenSSL version is >= 1.1; initialize default/fallback client context to support + all TLS protocols, not just TLSv1 + + +Release 1.7.0 (2016-03-07) +========================== + +- POSSIBLE BREAKING CHANGE: removed automatic registration of Data connectors due to + issues with static initialization order. +- NetSSL_OpenSSL: added support for ECDH and DH ciphers; added support to disable + specific protocols (Poco::Net::Context::disableProtocols()); + new Poco::Net::Context constructor taking a Poco::Net::Context::Params structure that + allows specifying ECDH and DH parameters. +- Poco::Net::TCPServer: add additional try ... catch block around poll() to + gracefully deal with errors due to high system load (e.g., out of file descriptors). +- fixed GH #1171: Poco::Data::RecordSet: rowCount not reset after execute +- fixed GH #1167: CMake & POCO_UNBUNDLED: expat sources are compiled in libPocoXML +- fixed GH #1160: Poco::Net::NetException + "SSL Exception: error:1409F07F:SSL routines:ssl3_write_pending:bad write retry" +- fixed GH #1152: Wrong TaskProgressNotification description +- fixed GH #1141: Poco::StringTokenizer::TOK_TRIM changes behavior between 1.4 and 1.6 +- fixed GH #1137: Missing 'longint' type in SQLite +- fixed GH #1135: Different package on github and official web site +- fixed GH #1030: tvOS / WatchOS bitcode enabled for simulators +- fixed GH #1114: World-write permissions on files created by daemon +- fixed GH #1087: prevent line breaks in base64-encoded creds +- fixed GH #1026: Fixes for producing the poco-1.6.2 release on a Cygwin x86 platform +- fixed GH #1022: Abbreviation in setThreadName can happen even if thread name is not too long +- fixed GH #1002: ActiveDispatcher saves reference to event context after event was + performed until it gets new event +- fixed GH #973: overwrite existing files on windows when moving files +- fixed GH #969: Poco::File::renameTo() behaviour differs on windows and linux +- fixed GH #967: Missing data types in SQLite +- fixed GH #966: Possible crash when processing a corrupted Zip file +- fixed GH #958: Bug while reading X509Certificate subjectName +- fixed GH #937: Missing build_vs140.cmd +- fixed GH #933: Change in JSON::Object::set(key,value) behavior in 1.6.1 +- fixed GH #931: make strToInt() more strict in what it accepts +- fixed GH #921: `BasicUnbufferedStreamBuf` needs to be marked for import/export +- fixed GH #848: MailMessage::_encoding is not set when retrieving plain/text message +- fixed GH #767: Inconsistency in getPath & getPathAndQuery returns +- fixed GH #724: Poco 1.6.0 is not compiled with openssl 1.0.0 +- fixed GH #713: Improved support for producing Canonical XML in XMLWriter +- fixed GH #696: bug in parsing name of attachment poco c++ 1.6.0 +- fixed GH #335: Compress with nonseekable +- upgraded bundled SQLite to 3.11.0 +- added Poco::Crypto::X509Certificate::equals() to compare two certificates +- support for detecting Win8/Win10 in Poco::Environment +- Poco::Net::HTTPServerRequestImpl: fixed an issue with DELETE in persistent connections +- NetSSL: added Context::preferServerCiphers() +- NetSSL: added support for ECDH, new Context constructor +- NetSSL: add support for disabling certain protocols +- SMTPClientSession: added support for XOAUTH2 authentication +- Poco::Data::SessionPool: re-added customizeSession() method from 1.4.x releases +- improved SSLManager to automatically set-up a reasonable client Context if + none is configured +- add brew OpenSSL search paths to Darwin configs +- add HTTP/1.1 version to HTTPRequest for client WebSocket, as this is required for + most servers +- remove GCC_DIAG_OFF as this caused more issues than it solved +- respect POCO_NO_FORK_EXEC in ServerApplication (tvOS) +- tvOS and WatchOS support +- fix: need an implementation of available() for WebSocketImpl +- HTTPSessionInstantiator: respect global proxy config +- added constant for HTTP PATCH method to Poco::Net::HTTPRequest +- NumberParser::parseHex[64](): allow 0x/0X prefix + + +Release 1.6.1 (2015-08-03) +========================== + +- added project and solution files for Visual Studio 2015 +- upgraded bundled SQLite to 3.8.11.1 +- fixed GH #782: Poco::JSON::PrintHandler not working for nested arrays +- fixed GH #819: JSON Stringifier fails with preserve insert order +- fixed GH #878: UUID tryParse +- fixed GH #869: FIFOBuffer::read(T*, std::size_t) documentation inaccurate +- fixed GH #861: Var BadCastException +- fixed GH #779: BUG in 1.6.0 Zip code +- fixed GH #769: Poco::Var operator== throws exception +- fixed GH #766: Poco::JSON::PrintHandler not working for objects in array +- fixed GH #763: Unable to build static with NetSSL_OpenSSL for OS X +- fixed GH #750: BsonWriter::write missing size ? +- fixed GH #741: Timestamp anomaly in Poco::Logger on WindowsCE +- fixed GH #735: WEC2013 build fails due to missing Poco::Path methods. +- fixed GH #722: poco-1.6.0: Unicode Converter Test confuses string and char types +- fixed GH #719: StreamSocket::receiveBytes and FIFOBuffer issue in 1.6 +- fixed GH #706: POCO1.6 Sample EchoServer BUG +- fixed GH #646: Prevent possible data race in access to Timer::_periodicInerval +- DeflatingStream: do not flush underlying stream on sync() as these can cause + corrupted files in Zip archives + + +Release 1.6.0 (2014-12-22) +========================== + +- fixed GH #625: MongoDB ensureIndex double insert? +- fixed GH #622: Crypto: RSATest::testSign() should verify with public key only +- fixed GH #620: Data documentation sample code outdated +- fixed GH #618: OS X 10.10 defines PAGE_SIZE macro, conflicts with PAGE_SIZE in Thread_POSIX.cpp +- fixed GH #616: Visual Studio warning C4244 +- fixed GH #612: OpenSSLInitializer calls OPENSSL_config but not CONF_modules_free +- fixed GH #608: (Parallel)SocketAcceptor ctor/dtor call virtual functions +- fixed GH #607: Idle Reactor high CPU usage +- fixed GH #606: HTMLForm constructor read application/x-www-form-urlencoded UTF-8 request + body first parameter with BOM in name +- fixed GH #596: For OpenSSL 1.0.1, include openssl/crypto.h not openssl/fips.h +- fixed GH #592: Incorrect format string in Poco::Dynamic::Struct +- fixed GH #590: Poco::Data::SQlite doesn't support URI filenames +- fixed GH #564: URI::encode +- fixed GH #560: DateTime class calculates a wrong day +- fixed GH #549: Memory allocation is not safe between fork() and execve() +- fixed GH #500: SSLManager causes a crash +- fixed GH #490: 2 byte frame with payload length of 0 throws "Incomplete Frame Received" exception +- fixed GH #483: multiple cases for sqlite_busy +- fixed GH #482: Poco::JSON::Stringifier::stringify bad behaviour +- fixed GH #478: HTTPCredentials not according to HTTP spec +- fixed GH #471: vs2010 release builds have optimization disabled ? +- fixed GH #468: HTTPClientSession/HTTPResponse not forwarding exceptions +- fixed GH #438: Poco::File::setLastModified() doesn't work +- fixed GH #402: StreamSocket::receiveBytes(FIFOBuffer&) and sendBytes(FIFOBuffer&) are + not thread safe +- fixed GH #345: Linker warning LNK4221 in Foundation for SignalHandler.obj, String.obj + and ByteOrder.obj +- fixed GH #331: Poco::Zip does not support files with ".." in the name. +- fixed GH #318: Logger local time doesn't automatically account for DST +- fixed GH #294: Poco::Net::TCPServerParams::setMaxThreads(int count) will not accept count == 0. +- fixed GH #215: develop WinCE build broken +- fixed GH #63: Net::NameValueCollection::size() returns int +- Poco::Logger: formatting methods now support up to 10 arguments. +- added Poco::Timestamp::raw() +- Poco::DeflatingOutputStream and Poco::InflatingOutputStreams also flush underlying stream + on flush()/sync(). +- Poco::Util::Timer: prevent re-schedule of cancelled TimerTask +- enabled WinRegistryKey and WinRegistryConfiguration for WinCE +- Poco::BasicEvent improvements and preparations for future support of lambdas/std::function +- upgraded bundled sqlite to 3.8.7.2 +- Poco::Thread: added support for starting functors/lambdas +- Poco::Net::HTTPClientSession: added support for global proxy configuration +- added support for OAuth 1.0/2.0 via Poco::Net::OAuth10Credentials and + Poco::Net::OAuth20Credentials classes. +- Poco::Net::IPAddress: fixed IPv6 prefix handling issue on Windows +- added Poco::Timestamp::TIMEVAL_MIN and Poco::Timestamp::TIMEVAL_MAX +- added Poco::Clock::CLOCKVAL_MIN and Poco::Clock::CLOCKVAL_MAX +- added poco_assert_msg() and poco_assert_msg_dbg() macros +- Poco::Net::Context: fixed a memory leak if the CA file was not found while creating the + Context object (the underlying OpenSSL context would leak) +- Poco::URI: added new constructor to create URI from Path +- Various documentation and style fixes +- Removed support (project/solution files) for Visual Studio.NET 2003 and Visual Studio 2005. +- Improved CMake support + + +Release 1.5.4 (2014-10-14) +========================== + +- fixed GH #326: compile Net lib 1.5.2 without UTF8 support enabled +- fixed GH #518: NetworkInterface.cpp compile error w/ POCO_NO_WSTRING (1.5.3) +- Fixed MSVC 2010 warnings on large alignment +- make HTTPAuthenticationParams::parse() add value on end of string +- fixed GH #482: Poco::JSON::Stringifier::stringify bad behaviour +- fixed GH #508: Can't compile for arm64 architecture +- fixed GH #510: Incorrect RSAKey construction from istream +- fix SharedMemory for WinCE/WEC2013 +- Add NIOS2 double conversion detection, fixes compile errors +- added VS2013 project/solution files for Windows Embedded Compact 2013 +- added Process::isRunning() +- NetSSL: Fix typo in documentation +- NetSSL_OpenSSL: support for TLS 1.1 and 1.2 +- Zip: Added CM_AUTO, which automatically selects CM_STORE or CM_DEFLATE based + on file extension. Used to avoid double-compression of already compressed file + formats such as images. +- added %L modifier to PatternFormatter to switch to local time +- removed unnecessary explicit in some multi-arg constructors +- Allow SecureStreamSocket::attach() to be used in server connections +- added Var::isBoolean() and fixed JSON stringifier +- added poco_unexpected() macro invoking Bugcheck::unexpected() to deal + with unexpected exceptions in destructors +- fixed GH #538 prevent destructors from throwing exceptions +- improved HTTP server handling of errors while reading header +- fixed GH #545: use short for sign +- upgraded SQLite to 3.8.6 +- fixed GH #550 WebSocket fragmented message problem +- improved HTTPClientSession handling of network errors while sending the request +- updated bundled PCRE to 8.35.0 +- fixed GH #552: FIFOBuffer drain() problem +- fixed GH #402: StreamSocket::receiveBytes(FIFOBuffer&) and sendBytes(FIFOBuffer&) are + not thread safe +- HTTPCookie: fix documentation for max age +- added Timestamp::raw() and Clock::raw() +- Poco::Buffer properly handles zero-sized buffers +- GH #512: Poco:Data:ODBC:Binder.h causes a crash +- Added Crypto_Win and NetSSL_Win libraries which are re-implementations of existing + Crypto and NetSSL_OpenSSL libraries based on WinCrypt/Schannel. The new libraries + can be used as an almost drop-in replacement for the OpenSSL based libraries on + Windows and Windows Embedded Compact platforms. Only available from GitHub for now. + + +Release 1.5.3 (2014-06-30) +========================== + +- fixed GH# 316: Poco::DateTimeFormatter::append() gives wrong result for + Poco::LocalDateTime +- Poco::Data::MySQL: added SQLite thread cleanup handler +- Poco::Net::X509Certificate: improved and fixed domain name verification for + wildcard domains +- added Poco::Clock class, which uses a system-provided monotonic clock + (if available) and is thus not affected by system realtime clock changes. + Monotonic Clock is available on Windows, Linux, OS X and on POSIX platforms + supporting clock_gettime() and CLOCK_MONOTONIC. +- Poco::Timer, Poco::Stopwatch, Poco::TimedNotificationQueue and Poco::Util::Timer + have been changed to use Poco::Clock instead of Poco::Timestamp and are now + unaffected by system realtime clock changes. +- fixed GH# 350: Memory leak in Data/ODBC with BLOB +- Correctly set MySQL time_type for Poco::Data::Date. +- fixed GH #352: Removed redundant #includes and fixed spelling mistakes. +- fixed setting of MYSQL_BIND is_unsigned value. +- fixed GH #360: CMakeLists foundation: add Clock.cpp in the list of source files +- Add extern "C" around on HPUX platform. +- added runtests.sh +- fixed CPPUNIT_IGNORE parsing +- fixed Glob from start path, for platforms not alowing transverse from root (Android) +- added NTPClient (Rangel Reale) +- added PowerShell build script +- added SmartOS build support +- fix warnings in headers +- XMLWriter: removed unnecessary apostrophe escaping (&apos) +- MongoDB: use Int32 for messageLength +- fixed GH #380: SecureSocket+DialogSocket crashes with SIGSEGV when timeout occours +- Improve RSADigestEngine, using Poco::Crypto::DigestEngine to calculate hash before signing +- added Poco::PBKDF2Engine +- Fixed GH #380: SecureSocket+DialogSocket crashes with SIGSEGV when timeout occours +- added support for a 'Priority' attribute on cookies. +- GH #386: fixed bug in MailMessage without content-transfer-encoding header +- GH #384: ew hash algorithms support for RSADigestEngine +- fixed Clock overflow bug on Windows +- Poco::ByteOrder now uses intrinsics, if available +- CMake: added /bigobj option for msvc +- Fix typo to restore Net/TestSuite_x64_vs120 build +- correct path for CONFIGURE_FILE in CMakeLists.txt +- Building Poco 1.5.2 for Synology RS812+ (Intel Atom) (honor POCO_NO_INOTIFY) +- added WEC2013 support to buildwin.cmd and buildwin.ps1 +- HTMLForm: in URL encoding, percent-encode more characters +- Fixed #include conflict with other libraries +- Poco::Net::X509Certificate::verify() no longer uses DNS reverse lookups to validate host names +- cert hostname validation is case insensitive and stricter for wildcard certificates +- TCPServer: do not reduce the capacity of the default ThreadPool +- added POCO_LOG_DEBUG flag +- Zip: fixed a crash caused by an I/O error +- added runtest script for windows +- added SQlite Full Text Search support +- added Thread::trySleep() and Thread::wakeUp() +- fixed GH #410: Bug in JSON::Object.stringify() in 1.5.2 +- fixed GH #362: Defect in Var::parseString when there is no space between value and newline +- fixed GH #314: JSON parsing bug +- added GH #313: MetaColumn additions for Data::ODBC and Data::SQLite +- fixed GH #346: Make Poco::Data::Date and Poco::Data::Time compare functions const. +- fixed GH #341: Compiling poco-1.5.2 for Cygwin +- fixed GH #305: There are bugs in Buffer.h +- fixed GH #321: trivial build fixes (BB QNX build) +- fixed GH #440: MongoDB ObjectId string formatting +- added SevenZip library (Guenter Obiltschnig) +- fixed GH #442: Use correct prefix length field of Windows IP_ADAPTER_PREFIX structure +- improved GH #328: NetworkInterface on Windows XP +- fixed GH #154 Add support for MYSQL_TYPE_NEWDECIMAL to Poco::Data::MySQL +- fixed GH #290: Unicode support +- fixed GH #318: Logger local time doesn't automatically account for DST +- fixed GH #363: DateTimeParser tryParse/parse +- added HTMLForm Content-Length calculation (Rangel Reale) +- Make TemporaryFile append a slash to tempDir +- fixed GH #319 android build with cmake +- added hasDelegates() method to AbstractEvent +- fixed GH #230: Poco::Timer problem +- fixed GH #317: Poco::Zip does not support newer Zip file versions. +- fixed GH #176: Poco::JSON::Stringifier UTF encoding +- fixed GH #458: Broadcast address and subnet mask for IEEE802.11 network interface +- fixed GH #456: poco: library install dirs per RUNTIME/LIBRARY/ARCHIVE + + +Release 1.5.2 (2013-09-16) +========================== + +- added MongoDB library +- fixed GH #57: poco-1.5.1: Doesn't compile for Android +- added VoidEvent (Arturo Castro) +- fixed GH #80: NumberFormatter::append broken +- fixed GH #93: ParallelSocketAcceptor virtual functions +- optional small object optimization for IPAddress, SocketAddress, Any and Dynamic::Var +- SQLite events (insert, update, delete, commit, rollback) handlers +- merged GH #91: Improve SQLite multi-threaded use (Rangel Reale) +- merged GH #86: Invalid pointers to vector internals (Adrian Imboden) +- automatic library initialization macros +- fixed GH #110: WebSocket accept() fails when Connection header contains multiple tokens +- fixed GH #71: WebSocket and broken Timeouts (POCO_BROKEN_TIMEOUTS) +- fixed a warning in Poco/Crypto/OpenSSLInitializer.h +- fixed GH #109: Bug in Poco::Net::SMTPClientSession::loginUsingPlain +- added clang libc++ build configurations for Darwin and iPhone (Andrea Bigagli) +- fixed GH #116: Wrong timezone parsing in DateTimeParse (Matej Knopp) +- fixed GH #118: JSON::Object::stringify endless loop +- added Recursive and SortedDirectoryIterator (Marian Krivos) +- added ListMap (map-like container with preserving insertion order) +- MailMessage: attachments saving support and consistent read/write +- fixed GH #124: Possible buffer overrun in Foundation/EventLogChannel +- fixed GH #119: JSON::Object holds values in ordered map +- added JSON::PrintHandler +- renamed JSON::DefaultHandler to ParseHandler (breaking change!) +- fixed GH #127: Eliminate -Wshadow warnings +- fixed GH #79: Poco::Thread leak on Linux +- fixed GH #61: static_md build configs for Crypto and NetSSL +- fixed GH #130: prefer sysconf over sysctlbyname +- fixed GH #131: no timezone global var on OpenBSD +- fixed GH #102: Some subprojects don't have x64 solutions for VS 2010 +- added GH #75: Poco::Uri addQueryParameter method +- Poco::Environment::osDisplayName() now recognizes Windows 8/Server 2012 +- fixed GH #140: Poco::Runnable threading cleanup issue +- simplified default TCP/HTTPServer construction +- fixed GH #141: Application::run() documentation/implementation discrepancy +- changed RowFormatter to SharedPtr in Data::RecordSet interface (breaking change!) +- fixed GH #144: Poco::Dynamic emits invalid JSON +- removed naked pointers from Data interfaces +- fixed GH #82: name conflict in Data::Keywords::bind +- fixed GH #157: MySQL: cannot bind to 'long' data type on Windows/Visual C++ +- fixed GH #158: MySQL: MYSQL_BIND 'is_unsigned' member is not set +- fixed GH #160: MultipartReader ignores first part, if preamble is missing +- fixed GH #156: Possible buffer overrun in Foundation/EventLogChannel +- XML: fixed an issue with parsing a memory buffer > 2 GB +- upgraded to expat 2.1.0 +- Data/ODBC: added support for setting query timeout (via setProperty + of "queryTimeout"). Timeout is int, given in seconds. +- fixed a potential endless loop in SecureStreamSocketImpl::sendBytes() + and also removed unnecessary code. +- fixed GH #159: Crash in openssl CRYPTO_thread_id() after library libPocoCrypto.so + has been unloaded. +- fixed GH #155: MailOutputStream mangles consecutive newline sequences +- fixed GH #139: FileChannel::PROP_FLUSH is invalid (contains a tab character) +- fixed GH #173: HTTPClientSession::proxyConnect forces DNS lookup of host names +- fixed GH #194: MessageNotification constructor is inefficient. +- fixed GH #189: Poco::NumberParser::tryParse() documentation bug +- fixed GH #172: IPv6 Host field is stripped of Brackets in HTTPClientSession +- fixed GH #188: Net: SocketAddress operator < unusable for std::map key +- fixed GH #128: DOMWriter incorrectly adds SYSTEM keyword to DTD if PUBLIC is + already specified +- fixed GH #65: Poco::format() misorders sign and padding specifiers +- upgraded bundled SQLite to 3.7.17 +- replaced JSON parser with Poco::Web::JSON parser (from sandbox) +- added JSON conversion to Dynamic Struct and Array +- added VarIterator +- modified behavior of empty Var (empty == empty) +- added Alignment.h header for C++03 alignment needs +- added Data/WebNotifier (DB, WebSocket) example +- fixed GH #209: Poco::NumberFormatter double length +- fixed GH #204: Upgrade zlib to 1.2.8 +- fixed GH #198: The "application.configDir" property is not always created. +- fixed GH #185: Poco::NumberFormatter::format(double value, int precision) + ignore precision == 0 +- fixed GH #138: FreeBSD JSON tests fail +- fixed GH #99: JSON::Query an JSON::Object +- limited allowed types for JSON::Query to Object, Array, Object::Ptr, + Array::Ptr and empty +- fixed GH #175: HTMLForm does not read URL parameters on POST or PUT +- added GH #187: MySQL: allow access to the underlying connection handle +- added GH #186: MySQL: support for MYSQL_SECURE_AUTH +- fixed GH #174: MySQL: 4GB allocated when reading any largetext or largeblob field +- fixed a potential memory leak in Poco::Net::HTTPClientSession if it is misused + (e.g., sendRequest() is sent two times in a row without an intermediate call to + receiveResponse(), or by calling receiveResponse() two times in a row without + an intermediate call to sendRequest()) - GH #217 +- removed a few unnecessary protected accessor methods from Poco::Net::HTTPClientSession + that would provide inappropriate access to internal state +- merged GH #210: Don't call CloseHandle() twice on Windows; Ability to select the + threadpool that will be used to start an Activity(Patrice Tarabbia) +- fixed GH #212: JSONConfiguration was missing from the vs90 project(Patrice Tarabbia) +- fixed GH #220: add qualifiers for FPEnvironment in C99 (Lucas Clemente) +- fixed GH #222: HTTPCookie doesn't support expiry times in the past (Karl Reid) +- fixed GH #224: building 1.5.1 on Windows for x64 +- fixed GH# 233: ServerSocket::bind6(Poco::UInt16 port, bool reuseAddress, bool ipV6Only) does not work +- fixed GH# 231: Compatibility issue with Poco::Net::NetworkInterface +- fixed GH# 236: Bug in RecursiveDirectoryIterator +- added ColorConsoleChannel and WindowsColorConsoleChannel classes supporting + colorizing log messages +- fixed GH# 259: Poco::EventLogChannel fails to find 64bit Poco Foundation dll +- fixed GH# 254: UTF8::icompare unexpected behavior +- Poco::UUID::tryParse() also accepts UUIDs without hyphens. Also updated documentation + (links to specifications). +- added GH# 268: Method to get JSON object value using Poco::Nullable +- fixed GH# 267: JSON 'find' not returning empty result if object is expected but another value is found +- Added support for ARM64 architecture and iPhone 5s 64-bit builds + (POCO_TARGET_OSARCH=arm64). + + +Release 1.5.1 (2013-01-11) +========================== + +- using double-conversion library for floating-point numeric/string conversions +- added Poco::istring (case-insensitive string) and Poco::isubstr +- added SQLite sys.dual (in-memory system table) +- applied SF Patch #120: The ExpireLRUCache does not compile with a tuple as key on Visual Studio 2010 +- fixed SF Bug #599: JSON::Array and JSON::Object size() member can implicitly lose precision +- fixed SF Bug #602: iterating database table rows not correct if no data in table +- fixed SF Bug #603: count() is missing in HashMap +- fixed GH #23: JSON::Object::stringify throw BadCastException +- fixed GH #16: NetworkInterface::firstAddress() should not throw on unconfigured interfaces +- Android compile/build support (by Rangel Reale) +- TypeHandler::prepare() now takes const-reference +- fixed GH #27: Poco::URI::decode() doesn't properly handle '+' +- fixed GH #31: JSON implementation bug +- fixed SF #597: Configure script ignores cflags +- fixed SF #593: Poco 1.5.0 on FreeBSD: cannot find -ldl +- added SF #542: SocketAddress() needs port-only constructor +- fixed SF #215: Wrong return type in SocketConnector.h +- applied SF Patch #97: fix c++0x / clang++ bugs +- fixed GH32/SF596: Poco::JSON: Parsing long integer (int64) value fails. +- added Net ifconfig sample (contributed by Philip Prindeville) +- merged GH #34: add algorithm header (Roger Meier/Philip Prindeville) +- fixed GH #26: Cannot compile on gcc +- merged SF #111: FTP Client logging (Marian Krivos) +- fixed GH #30: Poco::Path::home() throws when called from Windows Service +- fixed GH #22: MySQL connection string lowercased +- added MySQL support for Date/Time +- upgraded SQLite to version 3.7.15.1 (2012-12-19) +- improved SQLite execute() return (affected rows) value and added tests +- added SQLite::Utility::isThreadSafe() function +- added SQLite::Utility::setThreadMode(int mode) function +- fixed GH #36: 'distclean' requires 3 traversals of project tree +- fixed GH #41: Buffer::resize crash +- fixed GH #42: Linux unbundled builds don't link +- fixed GH #44: Problems with win x64 build +- fixed GH #46: 1.5.1 build fails on OS X when using libc++ +- fixed GH #48: Need getArgs() accessor to Util::Application to retrieve start-up arguments +- fixed GH #49: NetworkInterface::list doesn't return MAC addresses +- fixed GH #51: Android should use isfinite, isinf, isnan and signbit from the std namespace +- fixed GH #53: JSON unicode fixes and running tests on invalid unicode JSON +- added ParallelAcceptor and ParallelReactor classes +- added EOF and error to FIFOBuffer + + +Release 1.5.0 (2012-10-14) +========================== + +- added JSON library +- added Util::JSONConfiguration +- added FIFOBuffer and FIFOBufferStream +- fixed SF# 3522906: Unregistering handlers from SocketReactor +- fixed SF# 3522084: AbstractConfiguration does not support 64-bit integers +- HTTPServer::stopAll(): close the socket instead of just shutting it down, as the latter won't wake up a select() on Windows +- added SMTPLogger +- added cmake support +- fixed SF#3538778: NetworkInterface enumeration uses deprecated API +- fixed SF#3538779: IPAddress lacks useful constructors: from prefix mask, native SOCKADDR +- fixed SF#3538780: SocketAddress needs operator < function +- fixed SF#3538775: Issues building on Fedora/Centos, etc. for AMD64 +- fixed SF#3538786: Use size_t for describing data-blocks in DigestEngine +- added IPAddress bitwise operators (&,|,^,~) +- added IPAddress BinaryReader/Writer << and >> operators +- modified IPAddress to force IPv6 to lowercase (RFC 5952) +- fixed SF#3538785: SMTPClientSession::sendMessage() should take recipient list +- added IPAddress::prefixLength() +- UTF portability improvements +- fixed SF#3556186: Linux shouldn't use in Net/SocketDefs.h +- added IPAddress RFC 4291 compatible site-local prefix support +- fixed SF#3012166: IPv6 patch +- added SF#3558085: Add formatter to MACAddress object +- fixed SF#3552774: Don't hide default target in subordinate makefile +- fixed SF#3534307: Building IPv6 for Linux by default +- fixed SF#3516844: poco missing symbols with external >=lipcre-8.13 +- added SF#3544720: AbstractConfigurator to support 64bit values +- fixed SF#3522081: WinRegistryConfiguration unable to read REG_QWORD values +- fixed SF#3563626: For Win32 set Up/Running flags on NetworkInterface +- fixed SF#3560807: Deprecate setPeerAddress() as this is now done in getifaddrs +- fixed SF#3560776: Fix byte-ordering issues with INADDR_* literals +- fixed SF#3563627: Set IP address on multicast socket from socket family +- fixed SF#3563999: Size BinaryWriter based on buffer's capacity(), not size() +- fixed SF#102 Fix building Poco on Debian GNU/kFreeBSD +- fixed SF#321 Binding DatTime or Timestamp +- fixed SF#307 Detect the SQL driver type at run time +- added VS 2012 Projects/Solutions +- enhanced and accelerated numeric parsing for integers and floats +- fixed SF#590 Segfault on FreeBSD when stack size not rounded +- added warn function and warnmsg macro in CppUnit +- fixed SF# 3558012 Compilation fails when building with -ansi or -std=c++0x +- fixed SF# 3563517 Get rid of loss-of-precision warnings on x64 MacOS +- fixed SF#3562244: Portability fix for AF_LINK +- fixed SF #3562400: DatagramSocketImpl comment is incorrect + + +Release 1.4.7p1 (2014-11-25) +============================ + +- Fixed Visual C++ 2010-2013 project files. Release builds now have optimization enabled. +- Poco::URI: added constructor to create URI from Path. +- fixed GH #618: OS X 10.10 defines PAGE_SIZE macro, conflicts with PAGE_SIZE in Thread_POSIX.cpp +- Poco::Net::HTTPClientSession: added support for global proxy configuration +- fixed GH #331: Poco::Zip does not support files with .. in the name. +- fixed a memory leak in Poco::Net::Context constructor when it fails to load the certificate + or private key files. +- upgraded bundled SQLite to 3.8.7.2 +- fixed GH #229: added missing value() function +- fixed GH #69: MySQL empty text/blob + + +Release 1.4.7 (2014-10-06) +========================== + +- fixed GH #398: PropertyFileConfiguration: input != output +- fixed GH #368: Build failure of Poco 1.4.6p2 on FreeBSD 9.2 +- fixed GH #318: Logger local time doesn't automatically account for DST +- fixed GH #317: Poco::Zip does not support newer Zip file versions. +- fixed GH #454: Fix: handle unhandled exceptions +- fixed GH #463: XML does not compile with XML_UNICODE_WCHAR_T +- fixed GH #282: Using Thread in a global can cause crash on Windows +- fixed GH #424: Poco::Timer deadlock +- fixed GH #465: Fix result enum type XML_Error -> XML_Status +- fixed GH #510: Incorrect RSAKey construction from istream +- fixed GH #332: POCO::ConsoleChannnel::initColors() assigns no color to + PRIO_TRACE and wrong color to PRIO_FATAL +- fixed GH #550: WebSocket fragmented message problem +- Poco::Data::MySQL: added SQLite thread cleanup handler +- Poco::Net::X509Certificate: improved and fixed domain name verification for + wildcard domains +- fixed a crash in Foundation testsuite with Visual C++ 2012 +- improved and fixed domain name verification for wildcard domains in + Poco::Net::X509Certificate +- updated TwitterClient sample to use new 1.1 API and OAuth +- added Poco::Clock class, which uses a system-provided monotonic clock + (if available) and is thus not affected by system realtime clock changes. + Monotonic Clock is available on Windows, Linux, OS X and on POSIX platforms + supporting clock_gettime() and CLOCK_MONOTONIC. +- Poco::Timer, Poco::Stopwatch, Poco::TimedNotificationQueue and Poco::Util::Timer + have been changed to use Poco::Clock instead of Poco::Timestamp and are now + unaffected by system realtime clock changes. +- added Poco::PBKDF2Engine class template +- Poco::Net::HTTPCookie: added support for Priority attribute (backport from develop) +- fixed makedepend.* scripts to work in paths containing '.o*' + (contributed by Per-Erik Bjorkstad, Hakan Bengtsen) +- Upgraded bundled SQLite to 3.8.6 +- Support for Windows Embedded Compact 2013 (Visual Studio 2012) +- Project and solution files for Visual Studio 2013 +- Changes for C++11 compatibility. +- fixed an issue with receiving empty web socket frames (such as ping) +- improved error handling in secure socket classes +- Poco::ByteOrder now uses intrinsics if available +- added new text encoding classes: Latin2Encoding, Windows1250Encoding, Windows1251Encoding +- Zip: Added CM_AUTO, which automatically selects CM_STORE or CM_DEFLATE based on file extension. + Used to avoid double-compression of already compressed file formats such as images. + + +Release 1.4.6p4 (2014-04-18) +============================ + +- no longer use reverse DNS lookups for cert hostname validation +- cert hostname validation is case insensitive and more strict +- HTMLForm: in URL encoding, percent-encode more special characters +- fixed thread priority issues on POSIX platforms with non-standard scheduling policy +- XMLWriter no longer escapes apostrophe character +- fixed GH #316: Poco::DateTimeFormatter::append() gives wrong result for Poco::LocalDateTime +- fixed GH #305 (memcpy in Poco::Buffer uses wrong size if type != char) +- Zip: fixed a crash caused by an I/O error (e.g., full disk) while creating a Zip archive + + +Release 1.4.6p3 (2014-04-02) +============================ + +- Fixed a potential security vulnerability in client-side X509 + certificate verification. + + +Release 1.4.6p2 (2013-09-16) +============================ + +- fixed GH #156: Possible buffer overrun in Foundation/EventLogChannel +- XML: fixed an issue with parsing a memory buffer > 2 GB +- upgraded to expat 2.1.0 +- Data/ODBC: added support for setting query timeout (via setProperty + of "queryTimeout"). Timeout is int, given in seconds. +- fixed a potential endless loop in SecureStreamSocketImpl::sendBytes() + and also removed unnecessary code. +- fixed GH #159: Crash in openssl CRYPTO_thread_id() after library libPocoCrypto.so + has been unloaded. +- fixed GH #155: MailOutputStream mangles consecutive newline sequences +- fixed GH# 139: FileChannel::PROP_FLUSH is invalid (contains a tab character) +- fixed GH# 173: HTTPClientSession::proxyConnect forces DNS lookup of host names +- fixed GH# 194: MessageNotification constructor is inefficient. +- fixed GH# 189: Poco::NumberParser::tryParse() documentation bug +- fixed GH# 172: IPv6 Host field is stripped of Brackets in HTTPClientSession +- fixed GH# 188: Net: SocketAddress operator < unusable for std::map key +- fixed GH# 128: DOMWriter incorrectly adds SYSTEM keyword to DTD if PUBLIC is + already specified +- fixed GH# 65: Poco::format() misorders sign and padding specifiers +- upgraded bundled SQLite to 3.7.17 +- upgraded bundled zlib to 1.2.8 +- fixed a potential memory leak in Poco::Net::HTTPClientSession if it is misused + (e.g., sendRequest() is sent two times in a row without an intermediate call to + receiveResponse(), or by calling receiveResponse() two times in a row without + an intermediate call to sendRequest()) - GH #217 +- removed a few unnecessary protected accessor methods from Poco::Net::HTTPClientSession + that would provide inappropriate access to internal state +- fixed GH# 223 (Poco::Net::HTTPCookie does not support expiry times in the past) +- fixed GH# 233: ServerSocket::bind6(Poco::UInt16 port, bool reuseAddress, bool ipV6Only) + does not work +- added ColorConsoleChannel and WindowsColorConsoleChannel classes supporting + colorizing log messages +- fixed GH# 259: Poco::EventLogChannel fails to find 64bit Poco Foundation dll +- fixed GH# 254: UTF8::icompare unexpected behavior +- Poco::UUID::tryParse() also accepts UUIDs without hyphens. Also updated documentation + (links to specifications). +- Added support for ARM64 architecture and iPhone 5s 64-bit builds + (POCO_TARGET_OSARCH=arm64). + + +Release 1.4.6p1 (2013-03-06) +============================ + +- fixed GH# 71: WebSocket and broken Timeouts (POCO_BROKEN_TIMEOUTS) +- fixed an ambiguity error with VC++ 2010 in Data/MySQL testsuite +- Poco::Net::NetworkInterface now provides the interface index even for IPv4 +- added DNS::reload() as a wrapper for res_init(). +- On Linux, Poco::Environment::nodeId() first always tries to obtain the + MAC address of eth0, before looking for other interfaces. +- Poco::Net::HTTPSession now always resets the buffer in connect() to clear + any leftover data from a (failed) previous session +- fixed copysign namespace issue in FPEnvironment_DUMMY.h +- fixed a warning in Poco/Crypto/OpenSSLInitializer.h +- added a build configuration for BeagleBoard/Angstrom +- fixed GH# 109: Bug in Poco::Net::SMTPClientSession::loginUsingPlain) +- fixed compile errors with clang -std=c++11 +- fixed GH# 116: Wrong timezone parsing in DateTimeParse (fix by Matej Knopp) +- updated bundled SQLite to 3.7.15.2 + + +Release 1.4.6 (2013-01-10) +========================== + +- changed FPEnvironment_DUMMY.h to include instead of +- updated bundled SQLite to 3.7.15.1 +- fixed GH# 30: Poco::Path::home() throws +- fixed SF Patch# 120 The ExpireLRUCache does not compile with a tuple as key on VS2010 +- fixed SF# 603 count() is missing in HashMap +- Crypto and NetSSL_OpenSSL project files now use OpenSSL *MD.lib library files for + static_md builds. Previously, the DLL import libs were used. +- Poco::Environment::osDisplayName() now recognizes Windows 8/Server 2012 + + +Release 1.4.5 (2012-11-19) +========================== + +- added Visual Studio 2012 project files +- buildwin.cmd now support building with msbuild for VS2010 and 2012. +- added Poco::Optional class +- fixed SF# 3558012 Compilation fails when building with -ansi or -std=c++0x +- fixed SF# 3563517 Get rid of loss-of-precision warnings on x64 MacOS +- fixed SF# 3562244: Portability fix for AF_LINK +- fixed SF# 3562400: DatagramSocketImpl comment +- fixed SF# 594: Websocket fails with small masked payloads +- fixed SF# 588: Missing POCO_ARCH and POCO_ARCH_LITTLE_ENDIAN define for WinCE on SH4 +- fixed SF# 581: Out-of-bound array access in Unicode::properties() function. +- fixed SF# 590: Segfault on FreeBSD when stack size not rounded +- fixed SF# 586: Poco::DateTimeParser and ISO8601 issues when seconds fraction has more than 6 digits +- Poco::Net::HTTPSSessionInstantiator::registerInstantiator() now optionally accepts a + Poco::Net::Context object. +- added Poco::XML::XMLWriter::depth() member function. +- added Poco::XML::XMLWriter::uniquePrefix() and Poco::XML::XMLWriter::isNamespaceMapped(). +- Poco::FileChannel now supports a new rotateOnOpen property (true/false) which can be used + to force rotation of the log file when it's opened. +- fixed a bug in Poco::XML::XMLWriter::emptyElement(): need to pop namespace context +- OS X builds now use Clang as default compiler +- Updated SQLite to 3.7.14.1 +- POCO_SERVER_MAIN macro now has a try ... catch block for Poco::Exception and writes + the displayText to stderr. +- Poco/Platform.h now defines POCO_LOCAL_STATIC_INIT_IS_THREADSAFE macro if the compiler + generates thread-safe static local initialization code. + + +Release 1.4.4 (2012-09-03) +========================== + +- ZipStream now builds correctly in unbundled build. +- added proxy digest authentication support to Net library +- integrated MySQL BLOB fixes from Franky Braem. +- use standard OpenSSL import libraries (libeay32.lib, ssleay32.lib) for Crypto and + NetSSL_OpenSSL Visual Studio project files. +- fixed a potential buffer corruption issue in Poco::Net::SecureStreamSocket if lazy + handshake is enabled and the first attempt to complete the handshake fails +- Poco::DateTimeParser::tryParse() without format specifier now correctly parses ISO8601 + date/times with fractional seconds. +- Poco::Process::launch() now has additional overloads allowing to specify an initial + directory and/or environment. +- Poco::Net::FTPClientSession: timeout was not applied to data connection, only to + control connection. +- Fixed potential IPv6 issue with socket constructors if IPv6 SocketAddress is given + (contributed by ??????? ????????? ). +- Added an additional (optional) parameter to Poco::Thread::setOSPriority() allowing to + specify a scheduling policy. Currently this is only used on POSIX platforms and allows + specifying SCHED_OTHER (default), SCHED_FIFO or SCHED_RR, as well as other + platform-specific policy values. +- Added Poco::Crypto::DigestEngine class providing a Poco::DigestEngine interface to + the digest algorithms provided by OpenSSL. +- Fixed some potential compiler warnings in Crypto library +- In some cases, when an SSL exception was unexpectedly closed, a generic Poco::IOException + was thrown. This was fixed to throw a SSLConnectionUnexpectedlyClosedException instead. +- Added Poco::ObjectPool class template. +- Poco::Net::HTTPServer has a new stopAll() method allowing stopping/aborting of all + currently active client connections. +- The HTTP server framework now actively prevents sending a message body in the + response to a HEAD request, or in case of a 204 No Content or 304 Not Modified + response status. +- fixed a DOM parser performance bug (patch by Peter Klotz) +- fixed SF# 3559325: Util Windows broken in non-Unicode +- updated iOS build configuration to use xcode-select for finding toolchain +- Poco::Net::SecureSocketImpl::shutdown() now also shuts down the underlying socket. +- fixed SF# 3552597: Crypto des-ecb error +- fixed SF# 3550553: SecureSocketImpl::connect hangs +- fixed SF# 3543047: Poco::Timer bug for long startInterval/periodic interval +- fixed SF# 3539695: Thread attributes should be destroyed using the pthread_attr_destroy() +- fixed SF# 3532311: Not able to set socket option on ServerSocket before bind + Added Poco::Net::Socket::init(int af) which can be used to explicitely + initialize the underlying socket before calling bind(), connect(), etc. +- fixed SF# 3521347: Typo in UnWindows.h undef +- fixed SF# 3519474: WinRegistryConfiguration bug + Also added tests and fixed another potential issue with an empty root path passed to the constructor. +- fixed SF# 3516827: wrong return value of WinRegistryKey::exists() +- fixed SF# 3515284: RSA publickey format(X.509 SubjectPublicKeyInfo) +- fixed SF# 3503267: VxWorks OS prio is not set in standard constructor +- fixed SF# 3500438: HTTPResponse failure when reason is empty +- fixed SF# 3495656: numberformater, numberparser error in mingw +- fixed SF# 3496493: Reference counting broken in TaskManager postNotification +- fixed SF# 3483174: LogFile flushing behavior on Windows + Flushing is now configurable for FileChannel and SimpleFileChannel + using the "flush" property (true or false). +- fixed SF# 3479561: Subsequent IPs on a NIC is not enumerated +- fixed SF# 3478665: Permission checks in Poco::File not correct for root +- fixed SF# 3475050: Threading bug in initializeNetwork() on Windows +- fixed SF# 3552680: websocket small frames bug and proposed fix +- fixed a WebSocket interop issue with Firefox +- added Poco::Net::MessageHeader::hasToken() +- Poco::AtomicCounter now uses GCC 4.3 builtin atomics on more platforms +- fixed SF# 3555938: NetSSL: socket closed twice +- socket exceptions now include OS error code +- fixed SF# 3556975: Need to fix Shared Memory for memory map +- Poco::Net::SecureSocketImpl::close() now catches exceptions thrown by its call to shutdown(). +- fixed SF# 3535990: POCO_HAVE_IPv6 without POCO_WIN32_UTF8 conflict +- fixed SF# 3559665: Poco::InflatingInputStream may not always inflate completely +- added Poco::DirectoryWatcher class +- fixed SF# 3561464: Poco::File::isDevice() can throw due to sharing violation +- Poco::Zip::Compress::addRecursive() has a second variant that allows to specify the compression method. +- Upgraded internal SQLite to 3.7.14 + + +Release 1.4.3p1 (2012-01-23) +============================ + +- fixed SF# 3476926: RegDeleteKeyEx not available on Windows XP 32-bit + + +Release 1.4.3 (2012-01-16) +========================== + +- fixed a compilation error with Data/MySQL on QNX. +- fixed Util project files for WinCE (removed sources not compileable on CE) +- removed MD2 license text from Ackowledgements document +- fixed iPhone build config for Xcode 4.2 (compiler name changed to llvm-g++) +- Poco::Util::XMLConfiguration: delimiter char (default '.') is now configurable. + This allows for working with XML documents having element names with '.' in them. +- Poco::Util::OptionProcessor: Required option arguments can now be specified as + separate command line arguments, as in "--option value" in addition to the + "--option=value" format. +- Poco::Util::HelpFormatter: improved option help formatting if indentation has + been set explicitely. +- added Mail sample to NetSSL_OpenSSL, showing use of Poco::Net::SecureSMTPClientSession. +- added additional read() overloads to Poco::Net::HTMLForm. +- fixed SF# 3440769: Poco::Net::HTTPResponse doesn't like Amazon EC2 cookies. +- added support for requiring TLSv1 to Poco::Net::Context. +- added an additional constructor to Poco::Net::HTTPBasicCredentials, allowing + the object to be created from a string containing a base64-encoded, colon-separated + username and password. +- Poco::Zip::ZipStreamBuf: fixed a crash if CM_STORE was used. +- Added setContentLength64() and getContentLength64() to Poco::Net::HTTPMessage. +- added Poco::Environment::osDisplayName(). +- fixed SF# 3463096: WinService leaves dangling handles (open() now does not reopen the + service handle if it's already open) +- fixed SF# 3426537: WinRegistryConfiguration can't read virtualized keys +- added Poco::Buffer::resize() +- fixed SF# 3441822: thread safety issue in HTTPClientSession: + always use getaddrinfo() instead of gethostbyname() on all platforms supporting it +- added version resource to POCO DLLs +- fixed SF# 3440599: Dir Path in Quotes in PATH cause PathTest::testFind to fail. +- fixed SF# 3406030: Glob::collect problem +- added Poco::Util::AbstractConfiguration::enableEvents() +- Poco::AtomicCounter now uses GCC builtins with GCC 4.1 or newer + (contributed by Alexey Milovidov) +- made Poco::Logger::formatDump() public as it may be useful for others as well + (SF# 3453446) +- Poco::Net::DialogSocket now has a proper copy constructor (SF# 3414602) +- Poco::Net::MessageHeader and Poco::Net::HTMLForm now limit the maximum number of + fields parsed from a message to prevent certain kinds of denial-of-service + attacks. The field limit can be changed with the new method setFieldLimit(). + The default limit is 100. +- Poco::NumberFormatter, Poco::NumberParser and Poco::format() now always use the + classic ("C") locale to format and parse floating-point numbers. +- added Poco::StreamCopier::copyStream64(), Poco::StreamCopier::copyStreamUnbuffered64() + and Poco::StreamCopier::copyToString64(). These functions use a 64-bit integer + to count the number of bytes copied. +- upgraded internal zlib to 1.2.5 +- upgraded internal sqlite to 3.7.9 +- XML: integrated bugfix for Expat bug# 2958794 (memory leak in poolGrow) +- Added support for HTTP Digest authentication (based on a contribution by + Anton V. Yabchinskiy (arn at bestmx dot ru)). For information on how + to use this, see the Poco::Net::HTTPCredentials, Poco::Net::HTTPDigestCredentials + and Poco::Net::HTTPAuthenticationParams classes. +- Poco::Net::HTTPStreamFactory and Poco::Net::HTTPSStreamFactory now support Basic + and Digest authentication. Username and password must be provided in the URI. +- added Poco::Net::WebSocket, supporting the WebSocket protocol as described in RFC 6455 +- NetSSL_OpenSSL: added client-side support for Server Name Indication. + Poco::Net::SecureSocketImpl::connectSSL() now calls SSL_set_tlsext_host_name() + if its available (OpenSSL 9.8.6f and later). +- added Poco::Net::HTTPClientSession::proxyConnect() (factored out from + Poco::Net::HTTPSClientSession::connect()) +- added Poco::Process::kill(const Poco::ProcessHandle&) which is preferable to + kill(pid) on Windows, as process IDs on Windows may be reused. +- fixed SF# 3471463: Compiler warnings with -Wformat +- Poco::Util::Application::run() now catches and logs exceptions thrown in initialize() +- Fixed a WinCE-specific bug in Poco::Util::ServerApplication where uninitialize() would + be called twice. +- fixed SF# 3471957: WinRegistryKey::deleteKey() unable to delete alt views +- Added additional constructor to Poco::ScopedLock and Poco::ScopedLockWithUnlock + accepting a timeout as second argument. +- Added Poco::Logger::parseLevel() +- Poco::format(): an argument that does not match the format + specifier no longer results in a BadCastException. The string [ERRFMT] is + written to the result string instead. +- PageCompiler: added createSession page attribute. + + +Release 1.4.2p1 (2011-09-24) +============================ + +- On Linux, the RTLD_DEEPBIND option is no longer passed to dlopen(). + This change was introduced in 1.4.2 to solve a specific problem one customer + was having. Unfortunately, it leads to problems with RTTI. +- It's now possible to pass flags (SHLIB_GLOBAL, SHLIB_LOCAL) to + Poco::SharedLibrary::load() (and the constructor implicitly calling load()), + controlling the mode flags (RTLD_GLOBAL, RTLD_LOCAL) passed to dlopen(). + On platforms not using dlopen(), these flags are ignored. +- fixed SF# 3400267: Path_WIN32.cpp bug + + +Release 1.4.2 (2011-08-28) +========================== + +- added Poco::DateTimeFormat::ISO8601_FRAC_FORMAT +- added new Poco::DateTimeFormatter and Poco::DateTimeParser format specifier: + %s for seconds with optional fractions of a second +- fixed a problem with ioctl() on BSD platforms (including OS X) where the + second argument to ioctl() is unsigned long instead of int, causing bad + things on a OS X 64-bit kernel. +- fixed a potential endless loop when enumerating IPv6 network addresses + (reported by Laurent Carcagno) +- new compile-time config option on Windows to set thread names in + debugger. Enable with -DPOCO_WIN32_DEBUGGER_THREAD_NAMES. Available + only in debug builds. +- Cipher can now create Base64 and HexBinary encoded output without linefeeds + (suitable for use in cookies, etc.) +- added Poco::Path::popFrontDirectory() +- improved VxWorks support +- IPv6 fixes: added proper scope id handling in IPAddress, SocketAddress + and related classes. +- Added Poco::Net::ServerSocket::bind6() which allows control over the + IPPROTO_IPV6/IPV6_V6ONLY socket option. +- Removed Poco::MD2Engine class due to licensing issues (the + license for the MD2 code from RSA only allows non-commercial + use). Note that the MD4 and MD5 code from RSA does not have + this issue. +- fixed a Net HTTP client testsuite issue where some tests might + have failed due to prematurely aborted connections by + the HTTPTestServer. +- Poco::Net::SocketAddress: when there is more than one address + returned by a DNS lookup for a name, IPv4 addresses will be + preferred to IPv6 ones. +- NetworkInterface::list() now also returns IPv4 interfaces on Windows when + built with -DPOCO_HAVE_IPv6 +- XMLWriter: fixed a bug with attribute namespaces (no namespace prefix + written if attribute namespace is the same as element namespace) +- fixed SF# 3378588: Mismatched new[]/delete (in RSAEncryptImpl and RSADecryptImpl) +- fixed SF# 3212954 (OpenSSLInitializer::uninitialize() crash) and + SF# 3196862 (Static OpenSSLInitializer instance causes Windows deadlocks) by + removing the static Poco::Crypto::OpenSSLInitializer instance. Automatic OpenSSL + initialization is now done through Poco::Crypto::Cipher, Poco::Crypto::CipherKey, + Poco::Crypto::X509Certificate, Poco::Net::Context classes; however, it is still + recommended to call Poco::Crypto::initializeCrypto() and + Poco::Crypto::uninitializeCrypto() early at application startup, and late at + shutdown respectively (or Poco::Net::initializeSSL()/Poco::Net::uninitializeSSL() + if the NetSSL library is used) to avoid multiple full OpenSSL init/uninit cycles + during application runtime. +- Poco::Logger now also support a symbolic log level "none" + (for use with setLevel()) that disables logging completely + for that Logger (equivalent to setLevel(0)). +- Added experimental Android support, using the existing gmake-based + build system. +- fixed SF# 3288584: DateTimeFormatter link error +- fixed SF# 3187117: Typo in InflatingInputStream doc +- fixed SF# 3309731: _WIN32_WCE comparison should be with 0x600 not 600 +- fixed SF# 3393026: RegularExpression.h identical enum value +- fixed SF# 3274222: AtomicCounter's postfix operators aren't atomic on Windows +- fixed SF# 3317177: Handle leak on windows +- fixed SF# 3181882: Poco::URI::getPathEtc() double-encodes query +- fixed SF# 3379935: ThreadPool Start Bug +- fixed SF# 3354451: Poco::Format::parsePrec never sets the precision to zero +- fixed SF# 3387258: _MAX_PATH used but unknown in Path_WIN32 +- fixed a problem in RSAKeyImpl where direct access to the RSA in a EVP_PKEY + would no longer work in recent OpenSSL versions. Using EVP_PKEY_get1_RSA() + fixes the issue. +- added Poco::Crypto::EncryptingInputStream, Poco::Crypto::EncryptingOutputStream, + Poco::Crypto::DecryptingInputStream and Poco::Crypto::DecryptingOutputStream. +- fixed SF# 3148126: HTTPSClientSession destructor (!) throws an IOException +- fixed SF# 3178098: Add constructor to Poco::TemporaryFile to specify directory +- fixed SF# 3175310: Absolute path when device +- fixed SF# 3301207: Guided tour example contradicts apidoc (API doc was wrong) +- Poco::Net::HTTPMessage::setContentLength() and Poco::Net::HTTPMessage::getContentLength() now + use std::streamsize instead of int. This enables 64-bit Content-Length support at least + on 64-bit platforms. +- fixed SF# 3177530: TemporaryFile::tempName() + glob bug on xp +- fixed SF# 3177372: FileChannel documentation inconsistency +- added %E format specifier to Poco::PattermFormatter (epoch time in seconds + since midnight, January 1 1970) +- On Windows, Poco::Util::ServerApplication now supports a /description command + line argument for specifying a service description (together with /registerService) +- added Poco::Util::WinService::setDescription() and + Poco::Util::WinService::getDescription() +- fixed SF# 3155477: Incorrect URI path handling +- fixed SF# 3309736: Extended Exception macros to set default exception code + new macro is named POCO_DECLARE_EXCEPTION_CODE +- added getter functions for modulus and exponents to Poco::Crypto::RSAKey. +- added Poco::Net::SocketAddress::operator == () and + Poco::Net::SocketAddress::operator != () +- fixed SF# 3182746: IPAddress.cpp IPv6 bug on big-endian +- fixed SF# 3196961: Unix daemon fails to loadConfiguration() if started from cwd +- fixed SF# 3393700: NotificationCenter may call a removed observer and crash. +- Reworked implementation of the events framework (Poco::BasicEvent and friends). + The framework is now completely multithreading save (even in the case that + an event subscriber object unsubscribes and is deleted while an event is + being dispatched). Also, the restriction that any object can only register + one delegate for each event has been removed. For most cases, dispatching + events should be faster, as dispatching an event now needs less dynamic memory + allocations. +- fixed SF# 3178109: getNodeByPath() changes: + getNodeByPath() and getNodeByPathNS() have been moved to Poco::XML::Node. + Furthermore, when invoked on a Poco::XML::Document, the behavior has changed + so that the document element is now included when traversing the path (previously, + traversal would start at the document element, now it starts at the document). + The path expression can now start with a double-slash, which results in a recursive + search for the path's first element in the DOM tree. +- fixed SF# 3382935: String data being truncated using ODBC, and + SF# 2921813: Wrong implementation of the ODBC string binding + + +Release 1.4.1p1 (2011-02-08) +============================ + +- Poco::Mutex is now a recursive mutex again on Linux + (this was caused by an unfortunate feature test for + PTHREAD_MUTEX_RECURSIVE which did not work on Linux + as PTHREAD_MUTEX_RECURSIVE is an enum value and not + a macro) +- Poco::Net::SecureSocketImpl::abort() now only shuts + down the underlying socket connection and does not free + the SSL object, due to multithreading issues. + + +Release 1.4.1 (2011-01-29) +========================== + +- fixed SF# 3150223: Poco::BinaryReader cannot read std::vector correctly +- fixed SF# 3146326: SharedMemory issue +- made Poco::Net::HTTPSession::abort() virtual +- added Poco::Net::SecureStreamSocket::abort() to immediately close + a SSL/TLS connection without performing an orderly SSL/TLS shutdown. +- fixed SF# 3148126: HTTPSClientSession destructor (!) throws an IOException. + Added try/catch block to Poco::Net::SecureSocketImpl destructor. +- added additional constructor to Poco::Net::HTTPSClientSession, taking + both a socket and a session object. +- Poco::Net::HTTPSession::abort() now also can be used with a + Poco::Net::HTTPSClientSession. +- fixed SF# 3148045: make clean and distclean issues +- changed Data library names on Unix/Linux platforms to + match the names on Windows (PocoSQLite -> PocoDataSQLite, + PocoMySQL -> PocoDataMySQL, PocoODBC -> PocoDataODBC) +- added additional options to configure script +- added additional documentation to Poco::Net::HTTPClientSession +- Poco::Net::HTTPClientSession::receiveResponse() closes the connection + if an exception is thrown while reading the response header. + This ensures that a new connection will be set up for the next request + if persistent connections are used. +- improved Poco::Net::MultipartDecoder performance by reading directly from streambuf +- improved performance of Poco::Base64Encoder, Poco::Base64Decoder, + Poco::HexBinaryEncoder and Poco::HexBinaryDecoder by working directly with the + given stream's streambuf. +- improved performance of MessageHeader::read() by reading directly from streambuf + instead of istream. +- it is now possible to specify additional MIME part header fields + for a MIME part through the Poco::Net::PartSource class. +- upgraded SQLite to release 3.7.4 +- added experimental VxWorks support for VxWorks 5.5.1/Tornado 2.2 and + newer. Please see the VxWorks Platform Notes in the reference documentation + for more information. Currently, the VxWorks is untested; full support + will be available in release 1.4.2. +- fixed SF# 3165918: Poco::DynamicAny fails to convert from string to float +- fixed SF# 3165910: Poco::Net::MessageHeader does not accept HTTP conforming header +- made Poco::Task::cancel() virtual so that tasks can implement custom + cancellation behavior. +- added optional argument to Poco::Util::WinRegistryKey constructor + to specify additional flags (in addition to KEY_READ and KEY_WRITE) + for the samDesired argument of RegOpenKeyEx() or RegCreateKeyEx(). +- improved Poco::BasicEvent::notify() performance by avoiding an unnecessary heap + allocation. +- added additional well-known port numbers to Poco::URI: rtsp, sip, sips, xmpp. +- added Poco::Net::MediaType::matchesRange() +- improved invalid socket handling: a Poco::Net::InvalidSocketException is + now thrown instead of an assertion when an operation is attempted on a closed or + otherwise uninitialized socket. + + +Release 1.4.0 (2010-12-14) +========================== + +- SSLManager: documentation fixes, code cleanup +- SSLManager: renamed PrivateKeyPassPhrase event to PrivateKeyPassphraseRequired +- added HTTPServerRequestImpl::socket() to get access to the underlying socket +- added Socket::secure() to find out whether a given socket supports SSL/TLS +- added SecureStreamSocket::havePeerCertificate() +- NetSSL: added support for turning off extended certificate validation (hostname matching) +- fixed SF# 2941228: ICMPClient::ping() issues on Mac OS X +- fixed SF# 2941231: ICMPEventArgs out of bounds array access +- added PageCompiler sample +- added missing newline at end of xmlparse.c +- Poco::Glob can now be used with an empty pattern which will match nothing (patch from Kim Graesman) +- added support for HTTP proxy authentication (Basic authentication only) +- fixed SF# 2958959: XMLWriter must encode CR, LF and TAB in attribute values as character entities. +- HTMLForm now supports PUT requests as well (see ) +- fixed SF# #2970521: FileOutputStream and file permissions. + (also fixed in File class) +- removed an unused (and wrong) default parameter from EventImpl constructor for WIN32. +- added full support for session caching to NetSSL_OpenSSL +- fixed SF# 2984454: Poco::Util::Timer::scheduleAtFixedRate() works incorrectly +- fixed a bug in Poco::Util::Timer that could lead to high CPU load if + the system clock is moved forward. +- added system.nodeId to SystemConfiguration +- added a note to Poco::Util::ServerApplication documentation regarding + creation of threads +- added Poco::Net::IPAddress::broadcast() and Poco::Net::IPAddress::wildcard() to + create broadcast (255.255.255.255) and wildcard (0.0.0.0) addresses. +- fixed SF# 2916154: Poco::Net::IPAddress::isLoopback() only works for 127.0.0.1. +- added build configuration for iPhone Simulator +- GNU Make based build system provides new variables: POCO_HOST_BINDIR, POCO_HOST_BINPATH, + POCO_HOST_LIBDIR, POCO_HOST_LIBPATH and POCO_TARGET_* equivalents. +- Application::initialize() and Application::uninitialize() will now be called from within run(). + This solves various issues with uninitialize() not being called, or being called inappropriately + from the Application destructor. + Please note that this change will break applications that use the Application class, + but only call init() and not run(). +- added /startup option to specify startup mode for Windows services (automatic or manual) +- fixed SF# 2967354: SecureSocketImpl shutdown/close problem +- fixed SF# 3006340: LinearHashTable grows even if key already exists +- fixed a particularly nasty Windows error handling issue that manifested itself on WinCE: + WSAGetLastError() would be called after a std::string was created. The string creation could result + in a heap operation which called a Windows API to allocate memory. This would reset the + GetLastError() error code. Since WSAGetLastError() is just an alias for GetLastError(), the actual + error code from the socket operation would be lost. +- upgraded SQLite to 3.7.3 +- added --header-prefix option to PageCompiler +- fixed SF# 3003875: SQLite data binding is broken +- fixed SF# 2993988: Issue with multiple calls to open()/close() on File*Stream +- fixed SF# 2990256: HTMLForm and file uploads +- fixed SF# 2969227: DateTimeParser bug +- fixed SF# 2966698: Socket connect with timeout issue +- fixed SF# 2981041: Bind NULL to a query (patch supplied) +- fixed SF# 2961419: UTF8Encoding::convert() doesn't work properly in DEBUG mode +- fixed SF# 2957068: Timeout value not picked up by proxy in HTTPSClientSession +- fixed NetSSL_OpenSSL test runner for Poco::Util::Application class changes +- Poco::AbstractEvent, Poco::AbstractCache and related classes now accept a Mutex class as additional template argument. + Poco::NullMutex can be used if no synchronization is desired. +- Added Poco::AbstractEvent::empty() to check whether an event has registered delegates. +- Poco::URI now correctly handles IPv6 addresses. +- Added Poco::Nullable class template. +- Added Poco::NullMutex, a no-op mutex to be used as template argument for template classes + taking a mutex policy argument. +- Poco::XML::XMLWriter: fixed a namespace handling issue that occured with startPrefixMapping() and endPrefixMapping() +- Poco::Net::Context now allows for loading certificates and private keys from Poco::Crypto::X509Certificate objects + and Poco::Crypto::RSAKey objects. +- Poco::Crypto::RSAKey no longer uses temporary files for stream operations. Memory buffers are used instead. +- fixed SF# 2957865: added Poco::UUID::tryParse() +- All Zip classes now use Poco::File[Input|Output]Stream instead of std::[i|o]fstream. + UTF-8 filenames will now be handled correctly on Windows. +- fixed SF# 2902029: zlib flush support (Z_SYNC_FLUSH) +- added Poco::TextBufferIterator class +- fixed SF# 2977249: Use epoll instead select under Linux + Socket::select() and Socket::poll() will use epoll under Linux if the Net library is compiled + with -DPOCO_HAVE_FD_EPOLL. This is the default for the Linux build configuration (but not for + the various build configurations targeting embedded Linux platforms). +- fixed SF# 2941664: Memory leak in DeflatingStream with zero-length streams (also fixed some other potential, + but unlikely, memory leaks) +- fixed SF# 2946457: added RejectCertificateHandler +- fixed SF# 2946621: Poco::Path bug with POCO_WIN32_UTF8 +- fixed SF# 2929805: Environment::nodeId() does not work if no eth0 device exists +- Environment::nodeId() no longer throws if no hardware ethernet address can be determined. + It returns an all-zero address instead. +- Added additional classification functions to Poco::Unicode class; made classification functions inline. +- added Ascii class for ASCII character classification. + Methods of the Ascii class are now used instead of the + standard library functions (std::isspace(), etc.) due to + possible inconsistent results or assertions when the + standard library functions are used with character codes + outside the ASCII range. +- Poco::Net::MailMessage: fixed a bug in StringPartHandler that resulted in incorrect handling of non-ASCII data if + char is signed. +- Improved Poco::Net::SMTPClientSession compatibility with various mail servers when using AUTH_LOGIN authentication. +- Added CRAM-SHA1 support to Poco::Net::SMTPClientSession +- Poco::Net::SMTPClientSession now also supports login with AUTH PLAIN. +- Added Poco::Net::SecureSMTPClientSession class, supporting STARTTLS for secure SMTP connections. +- fixed an issue with SharedMemory on POSIX systems, where a shared memory region would be deleted + despite the server flag set to true (see http://pocoproject.org/forum/viewtopic.php?f=12&t=3494). +- PageCompiler: added a new page context directive, to allow passing custom context objects to the + request handler. +- fixed StreamSocketImpl::sendBytes() for non-blocking sockets +- added Poco::Net::DialogSocket::receiveRawBytes(), which should be used instead of receiveBytes() due to internal + buffering by DialogSocket. +- DOMParser: FEATURE_WHITESPACE has been renamed to FEATURE_FILTER_WHITESPACE (which now matches the underlying URI) + and is now handled correctly (previously we did the exact reverse thing) +- added Poco::Util::AbstractConfiguration::remove() to remove a configuration property; added removeRaw() implementations + to all implementations (contributions by Daniel Hobi and Alexey Shults). +- fixed NetSSL_OpenSSL compilation error on Windows with OpenSSL 1.0 +- Added optional FIPS mode support to NetSSL_OpenSSL (contributed by Lior Okman). + If OpenSSL has been configured and built with FIPS support, then FIPS support can + be enabled by calling Poco::Crypto::OpenSSLInitializer::enableFIPSMode(true); or + by setting the fips property in the OpenSSL configuration to true (see Poco::Net::SSLManager + for details). +- fixed SF# 3031530: Ping and possible no timeout +- added Poco::Net::SocketReactor::onBusy(), called whenever at least one notification will + be dispatched. +- fixed SF# 3034863: Compiler warning in net/IPAddress.h with poco 1.3.2 +- added support for CRAM-SHA1 authentication to SMTPClientSession +- Poco::format(): arguments can now be addressed by their index, e.g. %[2]d +- Poco::Util::Timer::cancel() now accepts an optional boolean argument. + If true is passed, cancel() waits until the task queue has been purged. + Otherwise, it returns immediately and works asynchronously, as before. +- Poco::Net::HTTPServerResponse::redirect() now accepts an optional additional + argument to specify the HTTP status code for the redirection. +- fixed a warning (BinaryReader.cpp) and error (ThreadLocal.cpp) in Foundation when compiling with Visual Studio 2010 +- fixed a wrong exception in Poco::Net::POP3ClientSession +- Poco::Net::FTPClientSession and Poco::Net::SMTPClientSession now set the error code in exceptions they throw +- fixed a potential race condition with terminating a Windows service based on Poco::Util::ServerApplication +- fixed a bug in global build configuration file: explicitly setting POCO_CONFIG did not work on Solaris platforms, + as it was always overridden by the automatically determined configuration. +- Added support for MinGW cross builds on Linux. +- Changed location of statically linked build products in the gmake-based build system. + Statically linked executables are now in bin/$(OSNAME)/$(OSARCH)/static and no longer + have the _s suffix +- The POCO_VERSION macro now is in its own header file, "Poco/Version.h". It is no longer + available through "Poco/Foundation.h". +- added Poco::Net::HTTPCookie::escape() and Poco::Net::HTTPCookie::unescape(). +- fixed SF# 3021173: Thread (POSIX) returns uninitialised value for OS priority +- fixed SF# 3040870: ThreadPool has no function to get assigned name +- fixed SF# 3044303: Can't use own config file on Solaris & OSARCH_64BITS ignored +- fixed SF# 2943896: AsyncChannel::log blocks +- fixed a bug in Poco::Util::WinRegistryKey::getInt(): + The size variable passed to RegQueryValueExW() should be initialized to the size + of the output buffer. +- Added rudimentary support for compiling with Clang 2.0 (Xcode 4) on Mac OS X. +- New build configurations for Mac OS X: Darwin32 and Darwin64 for explicit + 32-bit and 64-bit builds. Note that the default Darwin build configuration + will build 64-bit on Snow Leopard and 32-bit on Leopard, but will always place + build products in Darwin/i386. The new Darwin32 and Darwin64 configurations + will use the correct directories. +- fixed SF# 3051598: Bug in URL encoding +- Poco::ThreadPool::stopAll() (and thus also the destructor) will now wait for each + pooled thread to terminate before returning. This fixes an issue with creating + and orderly shutting down a thread pool in a plugin. Previously, a pooled thread + in a thread pool created by a dynamically loaded library might still be running + when the plugin's shared library was unloaded, resulting in Bad Things happening. + This can now no longer happen. As a downside, a pooled thread that fails to + finish will block stopAll() and the destructor forever. +- NetSSL_OpenSSL: for a SecureStreamSocket, available() now returns the number of bytes that + are pending in the SSL buffer (SSL_pending()), not the actual socket buffer. +- Added Poco::Net::HTTPClientSession::secure() to check for a secure connection. +- Poco::Net::HTTPRequest::setHost() now does not include the port number in the Host header + if it's either 80 or 443. +- log messages can now optionally include source file path and line number +- Poco::PatternFormatter can format source file path and line number (%U, %u) +- logging macros (poco_information(), etc.) now use __LINE__ and __FILE__ +- new logging macros that incorporate Poco::format(): poco_information_f1(logger, format, arg) with up to 4 arguments +- added Poco::Net::HTTPSession::attachSessionData() and Poco::Net::HTTPSession::sessionData() + to attach arbitrary data to a HTTP session. +- added additional constructors to zlib stream classes that allow passing + a windowBits parameter to the underlying zlib library. +- fixed a potential error handling issue in Poco::Net::SecureSocketImpl. +- fixed SF# 3110272: RSACipherImpl bug. +- fixed SF# 3081677: ConfigurationView's getRaw not retrieving xml attributes. +- added basic support for Canonical XML and better pretty-printing support to Poco::XML::XMLWriter. +- Poco::Util::AbstractConfiguration now supports events fired when changing or + removing properties. +- XML: added support for finding DOM nodes by XPath-like + expressions. Only a very minimal subset of XPath is supported. + See Poco::XML::Element::getNodeByPath(), Poco::XML::Element::getNodeByPathNS() + and the same methods in Poco::XML::Document. +- Poco::Timer: If the callback takes longer to execute than the + timer interval, the callback function will not be called until the next + proper interval. The number of skipped invocations since the last + invocation will be recorded and can be obtained by the callback + by calling skipped(). +- Poco::BinaryReader and Poco::BinaryWriter now support reading and + writing std::vectors of the supported basic types. Also, strings + can now be written in a different encoding (a Poco::TextEncoding + can be optionally passed to the constructor). +- Poco::UUID::nil() and Poco::UUID::isNil() have been renamed to + Poco::UUID::null() and Poco::UUID::isNull(), respectively, to avoid + issues with Objective-C++ projects on Mac OS X and iOS where nil is + a system-provided macro. +- Crypto bugfixes: RSACipherImpl now pads every block of data, not just the + last (or last two). +- Improved Crypto testsuite by adding new tests +- Added new Visual Studio project configurations: debug_static_mt and release_static_mt + (linking with static runtime libraries). The existing configurations debug_static + and release_static have been renamed to debug_static_md and release_static_md, respectively. + The suffixes of the static libraries have also changed. The static_md configurations + now build libraries with suffixes md[d], while the libraries built by the static_mt + configurations have mt[d] suffixes. +- Added Visual Studio project files for 64-bit builds. +- Added Visual Studio 2010 project files. +- Removed the use of local static objects in various methods due to + their construction not being threadsafe (and thus leading to + potential race conditions) on Windows/Visual C++. +- Fixed some warning on 64-bit Windows builds. +- The name of the Data connector libraries have changed. They are now + named PocoDataMySQL, PocoDataODBC and PocoDataSQLite. +- fixed SF# 3125498: Linux NetworkInterface::list() doesn't return IPv6 IPs +- fixed SF# 3125457: IPv6 IPAddress tests are wrong +- Added initialization functions for the NetSSL_OpenSSL and Crypto libraries. + These should be called instead of relying on automatic initialization, + implemented with static initializer objects, as this won't work with + statically linked executables (where the linker won't include the + static initializer object). + The functions are Poco::Crypto::initializeCrypto(), Poco::Crypto::uninitializeCrypto(), + Poco::Net::initializeSSL() and Poco::Net::uninitializeSSL(). + Applications using Crypto and/or NetSSL should call these methods appropriately at + program startup and shutdown. + Note: In release 1.3.6, similar functions have been added to the Net library. + + +Release 1.3.6p2 (2010-01-15) +============================ + +- fixed an issue in the Windows implementation Poco::RWLock, where + tryReadLock() sometimes would return false even if no writers + were using the lock (fix contributed by Bjrn Carlsson) +- added Poco::Environment::libraryVersion(). +- fixed SF# 2919461: Context ignores parameter cypherList +- removed an unused enum from RSACipherImpl.cpp (Crypto) +- integrated a new expat patch for CVE-2009-3560. +- fixed SF# 2926458: SSL Context Problem. The Poco::Net::Context + class now makes sure that OpenSSL is properly initialized. +- updated iPhone build configuration (contributed by Martin York) +- fixed SF# 1815124 (reopened): XML Compile failed on VS7.1 with + XML_UNICODE_WCHAR_T +- fixed SF# 2932647: FTPClientSession::getWorkingDirectory() returns a bad result + + +Release 1.3.6p1 (2009-12-21) +============================ + +- added support for using external zlib, pcre, expat and sqlite3 instead of + bundled ones (-DPOCO_UNBUNDLED, configure --unbundled) +- fixed SF# 2911407: Add sh4 support +- fixed SF# 2912746: RSAKey::EXP_LARGE doesn't work +- fixed SF# 2904119: abstractstrategy uses std::set but do not includes it +- fixed SF# 2909946: localtime NULL pointer +- fixed SF# 2914986: potential expat DoS security issues (CVE-2009-3560 and CVE-2009-3720) +- fixed SF# 2916305: SSL Manager crashes +- fixed SF# 2903676: Tuple TypeHander does not handle composites. + + +Release 1.3.6 (2009-11-24) +========================== + +- added Environment::processorCount() +- added POCO_VERSION macro to Poco/Foundation.h +- fixed SF# 2807527: Poco::Timer bug for long startInterval/periodic interval +- fixed a bug similar to SF# 2807527 in Poco::Util::Timer. +- fixed SF# 2795395: Constructor doesn't treat the params "key" and "iv" +- fixed SF# 2804457: DateTime::checkLimit looks wrong +- fixed SF# 2804546: DateTimeParser requires explicit RFC1123 format +- added ReleaseArrayPolicy to Poco::SharedPtr +- upgraded to SQLite 3.6.20 +- fixed SF# 2782709: Missing semicolons in "Logger.h" convenience +- fixed SF# 2526407: DefaultStrategy.h ++it instead of it++ in a loop +- fixed SF# 2502235: Poco STLPort patch +- fixed SF# 2186643: Data::Statement::reset() not implemented in 1.3.3 +- fixed SF# 2164227: Allow File opened read only by FileInputSteam to be writable +- fixed SF# 2791934: use of char_traits::copy in BufferedStreamBuf::underflow +- fixed SF# 2807750: Support additional SQL types in SQLite +- fixed documentation bugs in Timed/PriorityNotificationQueue +- fixed SF# 2828401: Deadlock in SocketReactor/NotificationCenter (also fixes patch# 1956490) + NotificationCenter now uses a std::vector internally instead of a std::list, and the mutex is + no longer held while notifications are sent to observers. +- fixed SF# 2835206: File_WIN32 not checking aganist INVALID_HANDLE_VALUE +- fixed SF# 2841812: Posix ThreadImpl::sleepImpl throws exceptions on EINTR +- fixed SF# 2839579: simple DoS for SSL TCPServer, HTTPS server + No SSL handshake is performed during accept() - the handshake is delayed until + sendBytes(), receiveBytes() or completeHandshake() is called for the first time. + This also allows for better handshake and certificate validation when using + nonblocking connections. +- fixed SF# 2836049: Possible handle leak in FileStream + If sync() fails, close() now simply set's the stream's bad bit. + In any case, close() closes the file handle/descriptor. +- fixed SF# 2814451: NetSSL: receiveBytes crashes if socket is closed +- added a workaround for Vista service network initialization issue + (an Windows service using the Net library running under Vista will + crash in the call to WSAStartup() done in NetworkInitializer). + Workaround is to call WSAStartup() in the application's main(). + Automatic call to WSAStartup() in the Net library can now be disabled + by compiling Net with -DPOCO_NET_NO_AUTOMATIC_WSASTARTUP. Also + the new Poco::Net::initializeNetwork() and Poco::Net::uninitializeNetwork() + functions can be used to call WSAStartup() and WSACleanup(), respectively, + in a platform-independent way (on platforms other than Windows, these + functions will simply do nothing). +- added VCexpress build script support (contributed by Jolyon Wright) +- fixed SF# 2851052: Poco::DirectoryIterator copy constructor is broken +- fixed SF# 2851197: IPAddress ctor throw keyword missing +- added Poco::ProtocolException +- PageCompiler improvements: new tags, support for buffered output, etc. +- better error reporting in Data MySQL connector (patch #2881270 by Jan "HanzZ" Kaluza) +- fixed SF# 1892462: FTPClient:Choose explicitely between EPSV and PASV +- fixed SF# 2806365: Option for PageCompiler to write output to different dir +- fixed a documentation bug (wrong sample code) in Process::launch() documentation +- added --header-output-dir option to PageCompiler +- fixed SF# 2849144: Zip::Decompress notifications error +- SAXParser has a new feature: "http://www.appinf.com/features/enable-partial-reads". + See ParserEngine::setEnablePartialReads() for a description of what this does. +- fixed SF# 2876179: MySQL Signed/Unsigned value bug +- fixed SF# 2877970: possible bug in timer task +- fixed SF# 2874104: wrong parsing empty http headers +- fixed SF# 2860694: Incorrect return code from SecureStreamSocketImpl::sendBytes +- fixed SF# 2849750: Possible bug with XMLWriter? +- added MailMessage::encodeWord() to support RFC 2047 word encoded + mail header fields when sending out mail containing non-ASCII + characters. +- fixed SF# 2890975: SMTPClientSession bug with 7BIT encoding +- fixed an issue with retrieving the value of socket options on Windows 7. + Before obtaining the value of a socket, we now initialize the variable receiving the + socket option value to zero. +- fixed SF# 2836141: Documentation errors +- fixed SF# 2864232: Socket::select() does not detect closed sockets on windows +- fixed SF# 2812143: Socket::select() should check socket descriptors... +- fixed SF# 2801750: NetworkInterface forName returns wrong subnetMask +- fixed SF# 2816315: Problem with POSIX Thread::sleepImpl +- fixed SF# 2795646: IPv6 address parsing bug +- fixed #0000092: ServerApplication::waitForTerminationRequest(), SIGINT and GDB. + Poco::Util::ServerApplication::waitForTerminationRequest() no longer registers a + signal handler for SIGINT if the environment variable POCO_ENABLE_DEBUGGER + is defined. +- fixed SF# 2896070: Poco::Net::Context with non-ASCII paths +- added Unicode Surrogate support to Poco::UTF16Encoding. + See Poco::TextEncoding::queryConvert() and Poco::TextEncoding::sequenceLength() + for how this is implemented. Contributed by Philippe Cuvillier. +- fixed SF# 2897650: [branch 1.3.6] Net.SocketAddress won't compile for CYGWIN +- fixed SF# 2896161: Building on Windows fails when basedir has space in it +- fixed SF# 2864380: Memory leak when using secure sockets +- NetSSL_OpenSSL: the SSL/TLS session cache is now disabled by default and + can be enabled per Context using Poco::Net::Context::enableSessionCache(). +- fixed SF# 2899039: Wrong DST handling in LocalDateTime +- added RWLock::ScopedReadLock and RWLock::ScopedWriteLock (contributed by Marc Chevrier) +- added Thread::TID type, as well as Thread::tid() and Thread::currentTid() to obtain the native + thread handle/ID +- added Zip file comment support +- On Windows, Poco::SharedLibrary::load() now uses LoadLibraryEx instead of LoadLibrary + and uses the LOAD_WITH_ALTERED_SEARCH_PATH if an absolute path is specified. This will + add the directory containing the library to the search path for DLLs that the + loaded library depends upon. +- Mac OS X build settings now match those used by default Xcode projects, making linking the + POCO libs to Xcode projects easier +- Replaced use of std::valarray in Poco::Net::ICMPEventArgs with std::vector due to issues with + std::valarray together with STDCXX debug mode on OS X + + +Release 1.3.5 (2009-05-11) +========================== + +- fixed SF# 2779410: Poco::Data::ODBC::HandleException impovement +- fixed wrong exception text for Poco::UnhandledException +- Fixed a problem with SSL shutdown that causes clients (web browsers) + to hang when the server attempts to perform a clean SSL shutdown. We now call + SSL_shutdown() once, even if the shutdown is not complete after the first call. +- added Poco::Crypto::X509Certificate::save() +- fixed a bug in Poco::Zip::Decompress that results in wrong paths for extracted files +- fixed a bug in Poco::Zip::ZipManipulator where the Zip file was opened in text format + on Windows. +- added Poco::Crypto::X509Certificate::issuedBy() to verify certificate chain. +- fixed 0000089: Thread::sleep() on Linux is extremely inaccurate +- added methods to extract the contents of specific fields from the + subject and issuer distinguished names of a certificate. + + +Release 1.3.4 (2009-04-21) +========================== + +- fixed SF# 2611804: PropertyFileConfiguration continuation lines +- fixed SF# 2529788: ServerApplication::beDaemon() broken +- fixed SF# 2445467: Bug in Thread_WIN32.cpp +- Improved performance of HTTP Server by removing some + string copy operations +- fixed SF# 2310735: HTTPServer: Keep-Alive only works with send() +- fixed appinf.com IP address in Net testsuite +- fixed RFC-00188: NumberFormatter and float/double numbers +- added --pidfile option to ServerApplication on Unix +- fixed SF# 2499504: Bug in Win32_Thread when using from dll (fixed also for POSIX threads) +- fixed SF# 2465794: HTTPServerRequestImpl memory leak +- fixed SF# 2583934: Zip: No Unix permissions set +- the NetSSL_OpenSSL library has been heavily refactored +- added NumberFormatter::append*() and DateTimeFormatter::append() functions +- use NumberFormatter::append() and DateTimeFormatter::append() instead of format() where + it makes sense to gain some performance +- added system.dateTime and system.pid to Poco::Util::SystemConfiguration +- added %F format specifier (fractional seconds/microseconds) to DateTimeFormatter, + DateTimeParser and PatternFormatter. +- fixed SF# 2630476: Thread_POSIX::setStackSize() failure with g++ 4.3 +- fixed SF# 2679279: Handling of -- option broken +- added compile options to reduce memory footprint of statically linked applications + by excluding various classes from automatically being linked. + See the POCO_NO_* macros in Poco/Config.h. +- fixed SF# 2644940: on Windows the COMPUTER-NAME and the HOSTNAME can be different +- added DNS::hostName() function +- added build configuration for iPhone (using Apple's SDK) +- basic support for AIX 5.x/xlC 8 +- fixed a bug resulting in a badly formatted exception message with IOException + thrown due to a socket-related error +- fixed SF# 2644718: NetworkInterface name conflict in MinGW +- added a missing #include to CryptoTransform.h +- fixed SF# 2635377: HTTPServer::HTTPServer should take AutoPtr +- replaced plain pointers with smart pointers in some interfaces +- upgraded to sqlite 3.6.13 +- improved Data::SQLite error reporting +- Poco::Glob now works with UTF-8 encoded strings and supports case-insensitive comparison. + This also fixes SF# 1944831: Glob::glob on windows should be case insensitve +- added Twitter client sample to Net library +- Fixed SF# 2513643: Seg fault in Poco::UTF8::toLower on 64-bit Linux +- Poco::Data::SessionPool: the janitor can be disabled by specifying a zero idle time. +- added Poco::Data::SessionPool::customizeSession() +- added support for different SQLite transaction modes (DEFERRED, IMMEDIATE, EXCLUSIVE) +- fixed a few wrong #if POCO_HAVE_IPv6 in the Net library +- added support for creating an initialized, but unconnected StreamSocket. +- added File::isDevice() +- added family() member function to SocketAddress, +- Data::SQLite: added support for automatic retries if the database is locked +- XMLConfiguration is now writable +- fixed an IPv6 implementation for Windows bug in HostEntry +- Timer class improvement: interval between callback is no longer influenced by the + time needed to execute the callback. +- added PriorityNotificationQueue and TimedNotificationQueue classes to Foundation. + These are variants of the NotificationQueue class that support priority and + timestamp-tagged notifications. +- added Poco::Util::Timer class. This implements a timer that can schedule different + tasks at different times, using only one thread. +- the signatures of Poco::NotificationQueue and Poco::NotificationCenter member functions + have been changed to accept a Poco::Notification::Ptr instead of Poco::Notification* + to improve exception safety. This change should be transparent and fully backwards + compatible. The signature of the methods returning a Poco::Notification* have not been + changed for backwards compatibility. It is recommended, that any Notification* obtained + should be immediately assigned to a Notification::Ptr. +- SQLite::SessionImpl::isTransaction() now uses sqlite3_get_autocommit() to find out + about the transaction state. +- refactored Crypto library to make it independent from NetSSL_OpenSSL. +- added support for RSA-MD5 digital signatures to Crypto library. +- removed SSLInitializer from NetSSL library (now moved to Crypto library) +- added build configs for static libraries to Crypto library +- OpenSSL now depends on Crypto library (which makes more sense than + vice versa, as it was before). Poco::Net::X509Certificate is now + a subclass of Poco::Crypto::X509Certificate (adding the verify() + member function) and the Poco::Net::SSLInitializer class was + moved to Poco::Crypto::OpenSSLInitializer. +- added build configs for static libraries to Zip +- added batch mode to CppUnit::WinTestRunner. + WinTestRunnerApp supports a batch mode, which runs the + test using the standard text-based TestRunner from CppUnit. + To enable batch mode, start the application with the "/b" + or "/B" command line argument. Optionally, a path to a file + where the test output will be written to may be given: + "/b:" or "/B:". + When run in batch mode, the exit code of the application + will denote test success (0) or failure (1). +- testsuites now also work for static builds on Windows +- The IPv6 support for Windows now basically works (Net library compiled with POCO_HAVE_IPv6) +- fixed a potential error when shutting down openssl in a statically linked application +- added static build configs to Data library +- added Poco::AtomicCounter class, which uses OS-specific APIs for atomic (thread-safe) + manipulation of counter values. +- Poco::RefCountedObject and Poco::SharedPtr now use Poco::AtomicCounter for + reference counting +- fixed SF# 2765569: LoadConfiguration failing from current directory + + +Release 1.3.3p1 (2008-10-09) +============================ + +- Fixed SF# 2153031: 1.3.3 Crypto won't compile on 64-bit Linux +- Fixed a warning in MySQL connector +- Updated README +- The global Makefile in the Zip archive is no longer broken + + +Release 1.3.3 (2008-10-07) +========================== + +- Threads now have optional user-settable stack size (if the OS supports that feature) +- Events now support simplified delegate syntax based on delegate function template. + See Poco::AbstractEvent documentation for new syntax. +- Cache supports new access expire strategy. +- Upgraded to SQLite 3.6.2 +- Upgraded to PCRE 7.8 +- added HttpOnly support to Poco::Net::HTTPCookie +- NetworkInterface now has displayName() member (useful only on Windows) +- Poco::Util::WinRegistryKey now has a read-only mode +- Poco::Util::WinRegistryKey::deleteKey() can now recursively delete registry keys +- Poco::File::created() now returns 0 if the creation date/time is not known, as + it's the case on most Unix platforms (including Linux). + On FreeBSD and Mac OS X, it returns the real creation time. +- Time interval based log file rotation (Poco::FileChannel) now works + correctly. Since there's no reliable and portable way to find out the creation + date of a file (Windows has the tunneling "feature", most Unixes don't provide + the creation date), the creation/rotation date of the log file is written into + the log file as the first line. +- added Environment::nodeId() for obtaining the Ethernet address of the system + (this is now also used by UUIDGenerator - the corresponding code from UUIDGenerator + was moved into Environment) +- added a release policy argument to SharedPtr template +- Socket::select() will no longer throw an InvalidArgumentException + on Windows when called with no sockets at all. If all three socket + sets are empty, Socket::select() will return 0 immediately. +- SocketReactor::run() now catches exceptions and reports them via + the ErrorHandler. +- SocketReactor has a new IdleNotification, which will be posted when + the SocketReactor has no sockets to handle. +- added referenceCount() method to Poco::SharedPtr. +- POCO now builds with GCC 4.3 (but there are some stupid warnings: + "suggest parentheses around && within ||". +- Solution and project files for Visual Studio 2008 are included +- The Zip library is now officially part of the standard POCO release. +- The Crypto library (based on OpenSSL) has been added. The original code + was kindly contributed by Ferdinand Beyer. +- A Data Connector to MySQL, contributed by Sergey Kholodilov, is now part + of the POCO release. +- fixed SF# 1859738: AsyncChannel stall +- fixed SF# 1815124: XML Compile failed on VS7.1 with XML_UNICODE_WCHAR_T +- fixed SF# 1867340: Net and NetSSL additional dependency not set - ws2_32.lib +- fixed SF# 1871946: no exception thrown on error +- fixed SF# 1881113: LinearHashTable does not conform to stl iterators +- fixed SF# 1899808: HTMLForm.load() should call clear() first +- fixed SF# 2030074: Cookie problem with .NET server +- fixed SF# 2009707: small bug in Net/ICMPPacketImpl.cpp +- fixed SF# 1988579: Intel Warning: invalid multibyte character sequence +- fixed SF# 2007486: Please clarify license for Data/samples/* +- fixed SF# 1985180: Poco::Net::DNS multithreading issue +- fixed SF# 1968106: DigestOutputStream losing data +- fixed SF# 1980478: FileChannel loses messages with "archive"="timestamp" +- fixed SF# 1906481: mingw build WC_NO_BEST_FIT_CHARS is not defined +- fixed SF# 1916763: Bug in Activity? +- fixed SF# 1956300: HTTPServerConnection hanging +- fixed SF# 1963214: Typo in documentation for NumberParser::parseFloat +- fixed SF# 1981865: Cygwin Makefile lacks ThreadTarget.cpp +- fixed SF# 1981130: pointless comparison of unsigned integer with zero +- fixed SF# 1943728: POCO_APP_MAIN namespace issue +- fixed SF# 1981139: initial value of reference to non-const must be an lvalue +- fixed SF# 1995073: setupRegistry is broken if POCO_WIN32_UTF8 enabled +- fixed SF# 1981125: std::swap_ranges overloading resolution failed +- fixed SF# 2019857: Memory leak in Data::ODBC Extractor +- fixed SF# 1916761: Bug in Stopwatch? +- fixed SF# 1951443: NetworkInterface::list BSD/QNX no netmask and broadcast addr +- fixed SF# 1935310: Unhandled characters in Windows1252Encoding +- fixed SF# 1948361: a little bug for win32 +- fixed SF# 1896482: tryReadLock intermittent error +- workaround for SF# 1959059: Poco::SignalHandler deadlock + the SignalHandler can now be disabled globally by adding a + #define POCO_NO_SIGNAL_HANDLER to Poco/Config.h +- fixed SF# 2012050: Configuration key created on read access +- fixed SF# 1895483: PCRE - possible buffer overflow +- fixed SF# 2062835: Logfile _creationDate is wrong +- fixed SF# 2118943: out_of_bound access in Poco::Data::BLOB:rawContent +- fixed SF# 2121732: Prevent InvalidArgumentException in SocketReactor +- fixed SF# 1891132: Poco::Data::StatementImpl::executeWithLimit is not correct +- fixed SF# 1951604: POCO refuses to compile with g++ 4.3.0 +- fixed SF# 1954327: CYGWIN's pthread does not define PTHREAD_STACK_MIN +- fixed SF# 2124636: Discrepancy between FileWIN32(U)::handleLastError +- fixed SF# 1558300: MinGW/MSYS Builds +- fixed SF# 2123266: Memory leak under QNX6 with dinkum library +- fixed SF# 2140411: ScopedUnlock documentation bug +- fixed SF# 2036460: UUID regression tests are failing on Linux with g++ 4.3.1 +- fixed SF# 2150438: Tuple TypeHandler position increment size is wrong + + +Release 1.3.2 (2008-02-04) +========================== + +Foundation, XML, Net, Util: +- added POCO_NO_SHAREDMEMORY to Config.h +- POCO_NO_WSTRING now really disables all wide string related calls +- added template specialization for string hashfunction (performance) +- XML parser performance improvements (SAX parser is now up to 40 % faster +- added parseMemoryNP() to XMLReader and friends +- URIStreamOpener improvement: redirect logic is now in URIStreamOpener. + this enables support for redirects from http to https. +- added support for temporary redirects and useproxy return code +- added getBlocking() to Socket +- added File::isHidden() +- better WIN64 support (AMD64 and IA64 platforms are recognized) +- added support for timed lock operations to [Fast]Mutex +- SharedLibrary: dlopen() is called with RTLD_GLOBAL instead of RTLD_LOCAL + (see http://gcc.gnu.org/faq.html#dso) +- Poco::Timer threads can now run with a specified priority +- added testcase for SF# 1774351 +- fixed SF# 1784772: Message::swap omits _tid mem +- fixed SF# 1790894: IPAddress(addr,family) doesn't fail on invalid address +- fixed SF# 1804395: Constructor argument name wrong +- fixed SF# 1806807: XMLWriter::characters should ignore empty strings +- fixed SF# 1806994: property application.runAsService set too late +- fixed SF# 1828908: HTMLForm does not encode '+' +- fixed SF# 1831871: Windows configuration file line endings not correct. +- fixed SF# 1845545: TCP server hangs on shutdown +- fixed SF# 1846734: Option::validator() does not behave according to doc +- fixed SF# 1856567: Assertion in DateTimeParser::tryParse() +- fixed SF# 1864832: HTTP server sendFile() uses incorrect date +- HTTPServerResponseImpl now always sets the Date header automatically + in the constructor. +- fixed SF# 1787667: DateTimeFormatter and time related classes + (also SF# 1800031: The wrong behavior of time related classes) +- fixed SF# 1829700: TaskManager::_taskList contains tasks that never started +- fixed SF# 1834127: Anonymous enums in Tuple.h result in invalid C++ +- fixed SF# 1834130: RunnableAdapter::operator= not returning a value +- fixed SF# 1873924: Add exception code to NetException +- fixed SF# 1873929: SMTPClientSession support for name in sender field +- logging performance improvements (PatternFormatter) +- fixed SF# 1883871: TypeList operator < fails for tuples with duplicate values +- CYGWIN build works again (most things work but Foundation testsuite still fails) +- new build configuration for Digi Embedded Linux (ARM9, uclibc) +- new build configuration for PowerPC Linux + +Data: +- fixed SF# 1724388: ODBC Diagnostics +- fixed SF# 1804797: ODBC Statement multiple execution fails +- fixed SF# 1803435: SessionPool onJanitorTimer called too often? +- fixed SF# 1851997: Undefined Behavior in ODBC::Preparation +- updated SQlite to 3.5.5 + + +Release 1.3.1 (2007-08-08) +========================== + +Foundation, XML, Net, Util: +- DynamicAny fixes for char conversions +- fixed SF# 1733362: Strange timeout handling in SocketImpl::poll and Socket::select +- fixed SF patch# 1728912: crash in POCO on Solaris +- fixed SF# 1732138: Bug in WinRegistryConfiguration::getString +- fixed SF# 1730790: Reference counting breaks NetworkInterface::list() +- fixed SF# 1720733: Poco::SignalHandler bug +- fixed SF# 1718724: Poco::StreamCopier::copyStream loops forever +- fixed SF# 1718437: HashMap bug +- changed LinearHashTable iterator implementation. less templates -> good thing. +- fixed SF# 1733964: DynamicAny compile error +- UUIDGenerator: fixed infinite loop with non ethernet interfaces +- updated expat to 2.0.1 +- fixed SF# 1730566: HTTP server throws exception +- Glob supports symbolic links (additional flag to control behavior) +- fixed a problem with non blocking connect in NetSSL_OpenSSL + (see http://www.appinf.com/poco/wiki/tiki-view_forum_thread.php?comments_parentId=441&topics_threshold=0&topics_offset=29&topics_sort_mode=commentDate_desc&topics_find=&forumId=6) +- fixed a problem with SSL renegotiation in NetSSL_OpenSSL (thanks to Sanjay Chouksey for the fix) +- fixed SF# 1714753: NetSSL_OpenSSL: HTTPS connections fail with wildcard certs +- HTTPClientSession: set Host header only if it's not already set (proposed by EHL) +- NetworkInterface (Windows): Loopback interface now has correct netmask; + interfaces that do not have an IP address assigned are no longer reported. +- Fixes for VC++ W4 warnings from EHL +- SharedMemory: first constructor has an additional "server" parameter + Setting to true does not unlink the shared memory region when the SharedMemory object is destroyed. (Alessandro Oliveira Ungaro) +- fixed SF# 1768231: MemoryPool constructor + +Data: +- fixed SF# 1739989: Data::RecordSet::operator = () (in 1.3 branch) +- fixed SF# 1747525: SQLite, Transactions and Session Pooling (in 1.3 branch) +- upgraded to SQLite 3.4.1 + + +Release 1.3.0 (2007-05-07) +========================== + +- added HashMap, HashSet classes +- the HashFunction class template has been changed in an incompatible + way. The member function formerly named hash() is now the function + call operator. If you have defined your own HashFunction classes, + you have to update your code. Sorry for the inconvenience. +- added Poco::Tuple +- added AbstractCache::getAllKeys(), improved performance of the get operation +- fixed AbstractCache::size() to do cache replacement before returning the size +- added additional match() method to RegularExpression and documented the fact that the simple + match() method internally sets RE_ANCHORED and RE_NOTEMPTY. +- added ExpirationDecorator template. Decorates data types so that they can be used with UniqueExpireCaches +- added operator ! to AutoPtr and SharedPtr +- Buffer uses std::size_t instead of int +- Exception::what() now returns exception name instead of message +- added poco_ndc_dbg() macro (same as poco_ndc(), but only enabled in debug builds) +- added Environment::get(name, defaultValue); +- Foundation.h now includes Config.h at the very beginning. +- added replace() and replaceInPlace() to Poco/String.h +- added AutoPtr::assign() and SharedPtr::assign() +- added operator () to AbstractEvent +- gcc Makefiles now strip release builds +- Void now has a == and != operator +- Base64Encoder and HexBinaryEncoder now support an unlimited line length + (no newlines written), by specifying a line length of 0 +- NumberParser now has stricter syntax requirements: garbage following a number leads to a SyntaxException + (Thanks to phireis@gmail.com for the suggestion) +- fixed SF# 1676830: Don't use -rpath in libraries +- fixed SF# 1670279: AbstractConfiguration::unckeckedExpand crash +- fixed a warning in Hashtable +- HTTPClientSession now uses a keepAliveTimeout for better persistent connection handling +- added DateTime::makeUTC() and DateTime::makeLocal() +- added another constructor to LocalDateTime +- POCO_WIN32_UTF8 is ignored on non-Windows platforms +- fixed a timeout bug (with NetSSL) in HTTPSession +- AsyncChannel is automatically opened with first log() +- minor fix to NotificationQueue sample (reported by Laszlo Keresztfalvi) +- added File::canExecute() and File::setExecutable() +- added SharedMemory class to Foundation +- added FileStream, FileInputStream, FileOutputStream to Foundation +- added NodeAppender class to XML for faster DOM tree creation +- HTTPServerRequest and HTTPServerResponse are now abstract base classes, + actual functionality has moved into HTTPServerRequestImpl and + HTTPServerResponseImpl. This allows us to plug other HTTP servers + into POCO. +- added DynamicAny class to Foundation +- replaced std::fstream with Poco::FileStream across POCO. +- added Poco::Checksum class to Foundation. +- fixed SF# 1700811: conflict in threadpool +- bugfix: File::moveTo() does not work if the target is a directory +- File::copyTo() and File::moveTo() now copy/move directories recursively +- refactored NetworkInterface (now using pimpl idiom); + added broadcast address and netmask support +- fixed SF# 1688982: POP3ClientSession fails when retrieving mails with attachment +- fixed SF# 1655104: Enhance Poco::TextEncoding functionality +- added Poco::Condition class, implementing a POSIX-style condition variable +- fixed a bug in File::create() for Windows +- added poco_static_assert (imported from boost) +- added Thread::join(timeout) and Thread::tryJoin() +- ClassLoader support for named manifests (see ClassLibrary.h - POCO_EXPORT_NAMED_MANIFEST) +- POCO_WIN32_UTF8: UNICODE #define is no longer required (and no longer + automatically defined in POCO_WIN32_UTF8 is defined) +- PCRE: upgraded to PCRE version 7.1 +- fixed SF# 1682162: Suggestion on thread priority +- fixed SF# 1613460: MSVC/STLPort warnings +- fixed SF# 1709358: Format double percent std::String bug +- added WindowsConsoleChannel class to Foundation +- added AutoPtr::unsafeCast<>() and SharedPtr::unsafeCast<>() +- fixed SF# 1708552: Failed to build on arm and powerpc +- fixed SF$ 1708529: Failed to build using GCC 4.3: missing #includes +- fixed SF# 1710053: LogStream proposal +- fixed a bug involving empty root directories in Windows DirectoryIterator implementation + (see http://www.appinf.com/poco/wiki/tiki-view_forum_thread.php?comments_parentId=343&forumId=6) +- robustness improvements to ActiveMethod - removed the opportunity for memory leaks in + case something goes while invoking the method +- made C library usage more C++-like - use C++ headers (e.g. ) instead of + C ones (). Also, use C library functions in std namespace. +- added Unicode and UTF8String for improved Unicode support. + The Unicode class can be used to obtain the Unicode properties of a character. + The UTF8 class provides case insensitive comparison and case conversion + for UTF-8 encoded strings. +- added UnWindows.h header file, replaced all #include with #include "Poco/UnWindows.h". + See the Poco/UnWindows.h header file for a rationale and explanations. +- fixed SF# 1713820: StreamSocketImpl::sendBytes sends too many bytes +- File::copyTo(): on Windows, the copy now always has the read-only flag reset, to be consistent + with other platforms. +- With Microsoft Visual C++, the necessary POCO libraries are now implicitly linked when + the corresponding header files are included (#pragma comment(lib, "PocoXYZ.lib") is used). + To disable this, compile POCO with the preprocessor symbol POCO_NO_AUTOMATIC_LIBS #define'd + (see Poco/Foundation.h and Poco/Config.h). +- The Visual Studio project files for the POCO libraries now include configurations + for building static libraries. + + +Release 1.2.9 (2007-02-26) +========================== + +- fixed a formatting problem in Util::HelpFormatter +- HTTPClientSession::sendRequest() now attempts to send the complete request in one network packet. +- improved network performance of ChunkedOutputStream: chunk size and chunk data + are sent in one network packet if possible +- fixed SF# 1655035: Wrong expires field calculation in HTTPCookie + (thanks to Sergey N. Yatskevich for this and other fixes) +- fixed SF# 1655049: Fix discrepancy of a code to the description +- fixed SF# 1655170: Poco::Timezone::standardName() problem on WIN32 +- fixed SF# 1629095: POCO_WIN32_UTF8 problem + There is a new function Path::transcode() that can be used to convert a path (or any other string) + from UTF-8 to the current Windows code page. This string can the be passed as a filename + to an fstream or fopen(). This function only does the conversion on Windows, + and only, if POCO_WIN32_UTF8 is defined. Otherwise, it simply returns the unmodified argument. +- fixed SF# 1659607: Probably a bug in Poco::Net::DialogSocket +- HTTPServer network performance improvement: responses that fit into a single network packet + sent with HTTPServerResponse::sendFile() or the new HTTPServerResponse::sendBuffer() are + sent in only one packet. +- added HTTPServerResponse::sendBuffer() +- HTTPServer now sends a Bad Request response if it fails to parse the HTTP request header. +- HTTPServer now sends an Internal Server Error response if the request handler throws an + exception prior to sending a response.- enabled TCP_NODELAY per default on TCPServer/HTTPServer +- fixed a bug in HTTP persistent connection handling + (server does not send Connection: close when it reaches connection maximum) +- HTMLForm - POST submission of URL encoded form no longer uses chunked transfer encoding + (thus improving interoperability with certain web servers) +- integrated Environment.cpp from Main (missing get(var, default)) +- added missing AutoPtr include to Util/Application + (and using Poco::AutoPtr is no longer necessary for POCO_APP_MAIN macro) +- fixed SF# 1635420: Per Regents of the University of Calfornia letter, + remove advertising from BSD licensed parts +- fixed SF# 1633133: MultipartWriter writes superluous CR-LF at beginning + + +Release 1.2.8 (2007-01-04) +========================== + +- fixed SF# 1613906: Util/Application.h and GCC 3.3 +- fixed a byte order issue (failed test) in IPv6 address formatting +- fixed SF# 1626640: Poco::Net::SocketReactor bug +- fixed client side chunked transfer encoding handling +- fixed client side persistent connection handling +- fixed SF# 1623536: HTTP Server Chunked Transfer Encoding Bug +- improved HTTP server exception text +- fixed SF# 1616294: KeepAlive HTTPServerSession patch +- fixed SF# 1616296: Trivial Poco::TaskCustomNotification patch +- fixed SF# 1619282: PurgeStrategy bug fix +- fixed SF# 1620855: Format problem + there is a new format specifier %z for std::size_t, as well as a new + flag ? for %d, %i, %o, %x meaning any signed or unsigned integer + + +Release 1.2.7 (2006-12-07) +========================== + +- Poco::File: fixed root directory handling +- fixed UUIDGenerator documentation +- clarified Application::setUnixOptions() documentation +- fixes for issue [SOAPLite Transport 0000023]: SOAP Transport Listener should be able to use existing HTTPServer instance +- fixing mantis issues 13, 14, 15, 16, 17, 18, 19, 21 +- fixed SF# 1597022: Signed/unsigned warning in StringTokenizer::operator[] +- fixed SF# 1598601: Message::op= leaks +- fixed SF# 1605960: PatternFormatter crashes on custom property +- fixed SF# 1605950: Memory leak in Logger sample code +- fixed SF# 1591635: Copy Paste Error in sample code +- fixed SF# 1591512: SMTPClientSession response stream +- fixed SF #1592776: LayeredConfiguration: getRaw should enumerate in reverse order +- SF Patch # 1599848 ] VS 2005 Util build fails +- Logger::dump() now uses std::size_t instead of int for buffer size +- LayeredConfiguration now supports a priority value for each configuration. + Also, it's possible to specify for each configuration added whether it + should be writeable. +- ServerApplication: cd to root directory only if running as a daemon +- added Message::swap() +- improvements to build system: + global Makefile has correct dependencies for samples + on Windows, samples build after libraries are ready + configure supports --no-wstring and --no-fpenvironment flags + build system supports POCO_FLAGS environment variable for compiler flags +- RemoteGen: fixed error handling for write protected files (SystemException) + fixing integral constant overflow messages with large cache expiration, m_ support for type serializers, + case-insensitive comparison added + + +Release 1.2.6 (2006-11-19) +========================== + +- added additional match() method to RegularExpression and documented the fact that the simple + match() method internally sets RE_ANCHORED and RE_NOTEMPTY. +- added ExpirationDecorator template. Decorates data types so that they can be used with UniqueExpireCaches +- added operator ! to AutoPtr and SharedPtr +- Buffer uses std::size_t instead of int +- added poco_ndc_dbg() macro (same as poco_ndc(), but only enabled in debug builds) +- Foundation.h now includes Config.h at the very beginning. +- added AutoPtr::assign() and SharedPtr::assign() +- added operator () to AbstractEvent +- gcc Makefiles now strip release builds +- documentation improvements + + +Release 1.2.5 (2006-10-23) +========================== + +- Improved LoggingConfigurator: channel creation and configuration is now a two-step process. + This means that the previous problems with PropertyFileConfiguration and IniFileConfiguration when referencing other channels are solved. +- improved options handling: better handling of (non) ambiguities. + If both an option named "help" and one named "helper" is specified, this no longer causes ambiguity errors. +- added check for duplicate option definition +- ThreadPool bugfix: fixed a crash that occurs on Linux multiprocessor machines + (caused by an thread unsafe string assignment corrupting the heap...) + (SF# 1575315) +- improved ThreadPool performance +- XML now compiles with -DXML_UNICODE_WCHAR_T (SF# 1575174) +- fixed SF# 1572757: HTML forms can have more than one key/value pair with the same name +- got rid of the dynamic casts in Events, Events/Cache: simpler/faster Delegate < operator, + prevents some rare dynamic casts error from occuring when using StrategyCollection with Caches +- improvements to Logger and LoggingConfigurator: + * added Logger::unsafeGet() + * added Logger::setProperty(loggerName, propertyName, value) + * LoggingConfigurator now correctly (re)configures existing Loggers + (prior to this change, if a Logger named "a.b.c" existed before + the LoggingConfigurator started its work, and the LoggingConfigurator + configured a Logger named "a.b", then "a.b.c" would not inherit + the new configuration). +- improvements to SplitterChannel and EventLogChannel configuration +- improved LoggingRegistry exception messages +- MessageHeader::read() is more liberal with malformed message headers. + This fixes problems with certain network cameras sending malformed HTTP headers. + + +Release 1.2.4 (2006-10-02) +========================== + +- some code beautifying and improvements to comments +- DOMParser now automatically sets FEATURE_NAMESPACE_PREFIXES +- fixed SF #1567051: DOMBuilder/DOMParser/NamespaceStrategy bug +- fixed SF #1567364: POCO_APP_MAIN +- added Document::getElementById() (two-argument) and getElementByIdNS() +- added another test for DOMParser +- added AutoPtr::isNull() (to be consistent with SharedPtr) +- this release again compiles on PA-RISC HP-UX systems with aCC +- added CMAKE support files contributed by Andrew J. P. Maclean + + +Release 1.2.3 (2006-09-14) +========================== + +- configure script now checks if (auto)selected configuration is supported +- fixed SF #1552904: NamedEvent bug? +- fixed SF #1552787: POCO not handling EINTR +- fixed SF #1552846: Random::~Random uses scalar delete +- fixed SF #1552987: TLSSlot should explicitly default-construct _value +- IPAddress no longer accepts an empty address string +- split up Observer.h into AbstractObserver.h and Observer.h +- added NObserver class template which supports an AutoPtr + argument for the notification callback +- changed EchoServer sample to use NObserver +- some Windows-specific files were missing in the tarballs + + +Release 1.2.2 (2006-09-01) +========================== + +- fixed SF # 1549973: NotificationCenter::hasObservers() returns wrong result +- fixed a memory leak in EchoServer sample +- fixed SocketReactor TimeoutNotification bug (SF #1549365, SocketNotifier::addObserver() incorrect behavior) +- fixed SF# 1549513: MultipartReader does not work with Unix-style linefeeds +- MailMessage and HTMLForm: processing of multipart messages will no longer fail if a PartHandler does not read all data from the part stream. +- added additional test case (Unix-style line ends) to MultipartReaderTest + + +Release 1.2.1 (2006-08-29) +========================== + +- fixed Config.h header (no more #undefs) + +Release 1.2.0 (2006-08-29) +========================== + +- DateTime fixes: Julian Day is no longer stored internally. + Times (hours, minutes, seconds, ...) are now always taken from an utcValue (if available) and not from the Julian day. + The Julian day is only used for calculating year, month and day (except when the Julian day is the only thing we have) + This helps us get rid of rounding errors that the Julian Day arithmetic introduced.- on Windows, UUIDGenerator no longer uses Netbios, but GetAdaptersInfo instead +- The main Makefile now has correct dependencies +- updated poco-doc.pl with latest version by Caleb Epstein +- fixed SF #1542722: InflatingInputStream: buffer error +- improved Windows UTF-8 support +- added Logger::names() +- added configure script and make install target +- XMLWriter bugfix: pretty-print bug with characters() and rawCharacters() +- improvements to build system: support builds outside of source tree +- added header doc conversion tool contributed by Caleb Epstein +- fixed SF #1542618 (build/config/Linux patch) +- bugfix: BinaryReader/BinaryWriter BOM is now 16 bits, as documented +- fixed SF #1542247 (Compiler warning from OptionCallback) +- fixed SF #1542253 (ServerApplication::handleOption doesn't call Application::handleOption) +- added Application::stopOptionsProcessing() +- updated samples +- Util::Application command line handling now supports: + * argument validation (Option::validator(); see Validator, IntValidator, RegExpValidator) + * binding of argument values to config properties (Option::binding()) + * callbacks for arguments (Option::callback()) + * checking of required parameters +- changed header file locations: + Foundation headers are now in Poco (#include "Poco/Foundation.h") + XML headers are now in Poco/XML, Poco/SAX and Poco/DOM (#include "Poco/XML/XML.h") + Util headers are now in Poco/Util (#include "Poco/Util/Util.h") + etc. + Unfortunately, this change will break existing code. However, fixing the code is + a matter of a few global search/replace operations and can be done quickly. + On the plus side, POCO is now a much better citizen when used with other + libraries. +- changed namespaces: + Foundation is now Poco + XML is now Poco::XML + Util is now Poco::Util + Net is now Poco::Net +- removed namespace macros +- fixed some warnings reported by gcc -Wall -Wextra +- fixed AutoPtr and LayeredConfiguration documentation +- improved StreamSocket::receiveBytes() doc +- added Pipe and PipeStream classes +- added support for I/O redirection (pipes) to Process::launch() +- added LogStream class (ostream interface to Logger) +- improved Makefiles (no more double-building if clean all is specified) +- added CppUnit and DateTime testsuite contributions by Andrew Marlow +- improved Cygwin and minimal MinGW support +- FileChannel: gzip compression if archived files now runs in a background thread (SF #1537481) +- POCO now compiles with large (64-bit) file support on Linux (SF #1536634) +- added format() function, which provides typesafe sprintf-like functionality (SF #1327621) +- added File::isLink() +- bugfix: dangling symbolic links in a directory no longer cause recursive remove to fail with file not found error +- added Void class (useful as argument to ActiveMethod) +- ActiveResult now supports exceptions +- bugfix: Timezone::utcOffset() and Timezone::dst() returned wrong values on Unix platforms (SF #1535428) +- added ActiveDispatcher class +- added ActiveStarter class, which is a policy used by ActiveMethod for starting methods +- ActiveRunnable moved to its own header file +- ThreadPool: added startWithPriority(), which allows for running threads with a different priority +- added error handling to dir sample +- added additional test case to HTTPServer test suite- HTMLForm: should now work with request methods other than POST and GET (all non-POST requests are treated the same as GET) +- clarified HTMLForm documentation +- HTMLForm bugfix: uploaded files no longer end up in value; PartHandler is called instead +- NameValueCollection: added get(name, defaultValue) +- added HTTPFormServer sample +- added Foundation::HashTable and SimpleHashTable +- added Net::HTTPSessionFactory +- improvements to AutoPtr and SharedPtr +- improvements to namespaces handling in XMLWriter +- Foundation Cache: fixed add implementation to match the docu: a 2nd add will now simply overwrite existing entries +- added DateTime::isValid() +- added Exception::rethrow() (virtual, must be overridden by all subclasses) +- Timer can now use a user-supplied ThreadPool +- added rethrow() to exception classes +- Net: made some constructors explicit +- Net: added SocketAddress constructor to HTTPClientSession +- Net: added HTTPSession::networkException() to check for exceptions swallowed by stream classes +- Net: added single string argument constructor to SocketAddress. +- Net: improved HTTPClientSession error handling (no more "Invalid HTTP version string" exceptions when the server prematurely closes the connection due to too much load) +- Net: improved HTTPSession error handling. Exceptions while sending and receiving data are stored for later retrieval and no longer get lost since streambufs swallow them. +- Net: added HTTPLoadTest sample +- fixed a bug when opening logfiles on Unix platforms causing an existing logfile to be truncated +- bugfix: log file purge intervals given in months did not work, due to a stupid typo +- added RawSocket and ICMP classes +- UUID: fixed a doc formatting bug +- NetworkInterface::list() now includes loopback interface on Windows (SF #1460309) +- made Exception::message() and Exception::nested() inline +- added Net::UnsupportedRedirectException +- HTTPStreamFactory throws an UnsupportedRedirectException if it encounters a redirect to https +- HTTP: fixed bad 100 Continue handling in client and server code +- added CONTRIBUTORS file + + +Release 1.1.2 (2006-07-07) +========================== + +- Changed license to Boost license +- DBlite and NetSSL have been removed from the Boost-licensed release. + Please contact Applied Informatics (info@appinf.com) if you're interested in them. + + +Release 1.1.1 (2006-04-03) +========================== + +- NetSSL_OpenSSL now supports separate certificate verification + settings for client and server. +- fixed SF #1460309 (enumerating network interfaces failed on 64bit Linux) +- TCPServer no longer crashes if accept() fails + + +Release 1.1.0 (2006-03-23) +========================== + +- events no longer require awkward += new syntax +- source code and documentation cleanups +- basic support for new compilers and platforms + + +Release 1.1b2 (2006-03-04) +========================== + +- made NetSSL threadsafe (added locking callbacks for OpenSSL) +- improved OpenSSL initialization (random generator seeding) +- various changes to improve compatibility with various platforms + + +Release 1.1b1 (2006-03-03) +========================== + +- New Events package in Foundation. The package supports C#-style event handling +- New Cache package in Foundation: a templates-based caching framework +- added Any class to Foundation +- added DBLite library +- fixed a memory leak with layered configurations in the application +- made POCO_DLL the default (unless POCO_STATIC is #defined) + It is no longer necessary to specify POCO_DLL in projects that use Poco + (SourceForge Patch #1408231 and Feature Request #1407575). +- added Buffer template class to Foundation +- added the UnicodeConverter utility class. This is mainly used for Windows Unicode support and probably of little use for anything else. +- added Path::resolve() +- added Windows Unicode support. This calls the Unicode variant of the Windows API functions. + For this to work, all strings must be UTF-8 encoded and POCO_WIN32_UTF8 must be defined in all compilation units. +- added StreamCopier::copyToString() +- added URIStreamOpener::unregisterStreamFactory() and new variants of URIStreamOpener::open() that also work with filesystem paths. + This fixes SourceForge Bug #1409064 and Feature Request #1409062. +- added NodeIterator::currentNodeNP() to XML library +- added some sanity checks to UTF8Encoding::convert() +- added NetSSL - SSL support for Net library, based on OpenSSL +- console output of processes launched with Process::launch() is now visible + + +Release 1.0.0 (2006-01-19) +========================== + +- removed unnecessary console output from ProcessTest +- documentation fixes + + +Release 1.0b2 (2006-01-16) +========================== + +- added ProcessHandle class +- Process::launch() now returns a ProcessHandle instead of a process ID. + This fixes a potential problem on Windows with Process::wait() when + the process terminates before wait() is called. +- added SplitterChannel::close() +- added Logger::destroy() +- added POP3ClientSession::deleteMessage() +- added test for Process::launch() +- documentation fixes + + +Release 1.0b1 (2006-01-09) +========================== + +- improved recognition of Windows paths in Path::parseGuess() +- added setCurrentLineNumber()/getCurrentLineNumber() to CountingStreamBuf +- improvememts to StreamTokenizer and Token; fixed documentation +- added a workaround for some strange istream behaviour with VS 2005 and FTPClientSessionTest +- improved exception/error reporting in cppunit +- added POP3ClientSession +- added Process::launch() and Process::wait() +- added Mail sample +- added MailStream and SMTPClientSession classes +- renamed some methods in DialogSocket to make them more general +- NullPartHandler has moved out of HTMLForm.cpp into a separate file +- Base64Encoder now always writes \r\n line ends +- MessageHeader::quote has an optional addition arg controlling the treatment of whitespace +- bugfix: MultipartReader had a problem with empty lines (\r\n sequences) in a part +- added MailMessage and MailRecipient classes +- added text encoding support for Windows-1252 codepage + + +Release 1.0a1 (2006-01-03) [internal] +===================================== + +- mediaType is used consistently to refer to a MIME media type (some occurences of contentType and mimeType have been replaced) +- moved MediaType::quote() to MessageHeader and made it public +- added MultipartWriter::stream() +- Renamed AttachmentSource to PartSource and AttachmentHandler to PartHandler +- SIGPIPE is always blocked in main thread on Unix systems +- added EchoServer sample +- fixed a bug in SocketImpl::setBlocking() - did exactly the opposite (value to ioctl was wrong) +- fixed a memory leak in NotificationQueue sample +- added comparison operators to Socket so that Sockets can be used as keys in maps +- added Socket::setBlocking() +- added StreamSocket::connectNB() (non-blocking connect) +- added Observer::accepts() +- added SocketReactor, SocketConnector and SocketAcceptor classes to support event-based socket programming +- NamespacePrefixesStrategy now uses expat's XML_SetReturnNSTriplet(). + The previously used separate namespace handling code has been removed. + This improves performance if NamespacePrefixesStrategy is used (both the n + amespaces and namespace-prefixes SAX2 features are used) +- upgraded expat to 2.0 pre-release (2005-12-27) snapshot +- added TeeInputStream and TeeOutputStream classes +- added download sample for URIStreamOpener +- renamed registerOpener() to registerFactory() in HTTPStreamFactory and FTPStreamFactory +- added LineEndingConverter streams +- added FTPClientSession +- code and documentation clean-up +- added DialogSocket class +- reorganized HTTP test suites +- added FTPClientSession and FTPStreamFactory +- added DialogSocket class + + +Release 0.96.1 (2005-12-28) +=========================== + +- fixed a memory leak caused by a bug in Microsoft's stream implementation (see the comment in Foundation/StreamUtil.h for an explanation) +- added samples for Net library +- added uptime() and startTime() to Util::Application +- added DateTimeFormatter::format() for Timespan +- added ErrorHandler class and better exception handling for threads +- added poco_debugger() and poco_debugger_msg() macros +- added project and solution files for Visual Studio 2005 (due to some bugs/leaks in Microsofts standard library - see + http://lab.msdn.microsoft.com/productfeedback/viewfeedback.aspx?feedbackid=e08bd793-3fef-40ff-adda-ed313e0eafcc + we do not recommend using this for production purposes) +- fixed two problems with out-of-range string iterator in Path (the testsuite triggered an assertion in VC++ 8.0) +- fixed mac line endings in a few files +- added a workaround to the class loader that fixes strange behavior with VC++ 8.0. There seems to be a problem with typeid() not returning a valid typeinfo under certain circumstances. +- added buffer allocator argument to buffered stream buffer templates +- added buffer pools to HTTP to reduce memory fragmentation and to improve performance +- added Net to Windows build.cmd script +- added swap() to various classes that already support assignment +- added a null pointer check in DOMWriter::writeNode() +- fixed documentation in BinaryWriter.h and BinaryReader.h +- added explicit support for network byte order to BinaryReader and BinaryWriter +- added basic support for FreeBSD (needs more testing) +- BinaryReader: renamed readRawData() to readRaw() to be consistent with BinaryWriter::writeRaw() +- added support for uppercase output to HexBinaryEncoder. +- added MediaType class +- added QuotedPrintableEncoder and QuotedPrintableDecoder classes +- renamed ObjectFactory to Instantiator. This should prevent the confusion caused by DynamicFactory and ObjectFactory. Sorry for the inconvenience if you are already using this. +- AttachmentSource::filename() now returns const string& +- added StringAttachmentSource +- replaced old-style C casts with C++ casts in NetworkInterface.cpp +- MutexImpl (WIN32): replaced InitializeCriticalSection with InitializeCriticalSectionAndSpinCount, which should increase performance on multiprocessor or multicore systems when many locks are used. +- fixed a problem with STLport 5.0 when compiling StreamTokenizer +- HTTPStreamOpener now also works with no-path URIs (like http://www.appinf.com) +- fixed wrong delete usage (plain delete instead of delete [] was used in a few cases) +- fixed a handle leak in WinTestRunner + + +Release 0.95.4 (2005-11-07) +=========================== + +- fixed #1348006 and #1348005 + + +Release 0.95.3 (2005-10-28) [internal] +====================================== + +- updated build scripts (patch #1339015) +- added support for AMD64 platforms (patch #1339015) +- MultipartWriter creates its own boundary if an empty string is passed in as boundary +- made MultipartWriter::createBoundary() public +- fixed wrong documentation for DateTimeFormat::HTTP_FORMAT +- added support for HTTP Basic authentication +- added support for HTTP Cookies +- added support for HTML forms + + +Release 0.95.2 (2005-10-22) [internal] +====================================== + +- fixed a potential problems with streams when close in destructor fails (added try..catch block around close in destructors) +- added HTTPServer & friends +- added hasIdleThreads() method to NotificationQueue +- added TCPServer and friend +- added support for HTTP proxies to HTTPClientSession and HTTPStreamOpener +- fixed documentation bugs (Mutex.h, ClassLoader.h) + + +Relesae 0.95.1 (2005-10-15) [internal] +====================================== + +- Tasks can now throw custom notifications (contributed by Alex Fabijanic) +- renamed URIFileStreamFactory to FileStreamFactory +- added a few methods to URI (setPathEtc(), getPathEtc(), getPathAndQuery()) +- added new exception classes +- fixed some documentation +- added basic checks when reading a MessageHeader from a stream +- added HTTP classes (testsuite still incomplete) +- added MessageHeader, NameValueCollection, MultipartReader and MultipartWriter classes +- added Timespan::useconds() +- added ClassLoader::isLibraryLoaded() +- Socket classes use Timespan::useconds() to fill struct timeval +- added DatagramSocket, MulticastSocket and NetworkInterface classes +- added socket classes and related basic stuff +- added additonal constructor/assign to Timespan- added BasicBufferedBidirectionalStreamBuf +- fixed a potential MT issue in Base64Decoder +- code beautifying in [Un]BufferedStreamBuf +- more improvements to ClassLoader +- code cleanup and naming convention fixes (changed all *Imp classes to *Impl for consistency) + + +Release 0.94.1 (2005-09-30) [internal] +====================================== + +- added MetaSingleton (based on a contribution by Alex Fabijanic) +- added ClassLoader::create() +- added ClassLoader::instance() +- code clean-ups in FileChannel and related classes +- added SimpleFileChannel +- RotateAtTimeStrategy: + ::getNextRollover() rewritten (buggy) +- DateTime + microseconds assert corrected + asserts in computeGregorian() (except for year - see comment in computeGregorian()) + milliseconds calculation modified in computeGregorian() + microseconds assigned in computeGregorian() + normalize() and checkLimit() private functions to correct cases of overflow for milli/microseconds +- LocalDateTime: added timestamp() method +- FileChannel: + added "times" property (used to determine whether to use UTC or local time with RotateAtTimeStrategy) + ::setProperty() modified (whenever "times" property is set, methods setRotation and setArchive are + reinvoked to reflect the change) +- FileChannel: added support for archived file compression and archived file purging +- FileChannel tests modified +- FileChannel: put LogFile, RotateStrategy and ArchiveStrategy into their own files +- Message: added thread id field +- PatternFormatter: added %I specifier for thread id +- ThreadPool: PooledThread can be assigned a name +- TaskManager: task name is reflected in thread name +- fixed LocalDateTime::operator - (const Timespan&) [#0000004] +- upon startup all loggers' channels are set to a console channel +- improved search for application configuration files (see loadConfiguration()). +- added Glob class (fixes #1249700) +- upgraded to zlib 1.2.3 (fixes #1261712) +- added Logger::dump() +- fixed a wrong condition in Logger::log(const Message&) +- Path::find() now also works with relative paths in addition to plain file names +- added Path(const Path&, const Path&) constructor +- added SharedPtr template +- added Path::tryParse() +- SAXParser::parse()/EntityResolverImpl now works for both URIs and local filesystem paths (fixes #1254812) + + +Release 0.93.1 (2005-08-01) +=========================== + +This release contains various new features, improvements and bugfixes: +- bugfix: UUIDGenerator throws an exception if no connected ethernet adapter can + be found (and thus no MAC address can be obtained) +- added UUIDGenerator::createOne() method +- added error handling to UUID sample application +- added relational (==, !=, <, <=, >, >=) and arithmetic operators (+, -, +=, -=) to DateTime +- added LocalDateTime class +- added support for LocalDateTime to DateTimeParser and DateTimeFormatter +- added enqueueUrgentNotification() to NotificationQueue +- added support for timezone specifiers (%z, %Z) to PatternFormatter +- added [] operator and count() to StringTokenizer +- added elapsed() and isElapsed() to Timestamp +- added tzd() to Timezone +- added WinRegistryKey and WinService classes (Windows only) +- added index operator and count() to StringTokenizer +- added day/time-based log rotation (thanks to Alex Fabijanic), minor improvements to DateTimeParser +- support for Mac OS X 10.4/gcc 4.0.0 +- added NamedMutex and NamedEvent +- added Process::kill() +- added NoPermissionException +- added Task and TaskManager classes +- added ServerApplication class +- bugfix: EventLogChannel - _logFile was not properly initialized in one constructor +- bugfix: File::createDirectories did not work for hierarchies deeper than three +- added Util::FilesystemConfiguration +- documented logging policy: log() must open channel if it hasn't been opened yet +- FileChannel::log() opens channel if necessary +- the application reference passed to initialize() and reinitialize() is no longer const +- improved application logging initialization +- fixed a problem with configuration view and property placeholders +- fixed Util build configuration for Visual Studio +- improved application samples +- fixed documentation for Semaphore class + + +Release 0.92.1 (2005-05-09) +=========================== + +This release introduces the Util library that provides support for +configuration file parsing (different file formats), command line +argument processing, logging configuration and a framework for +command line/server applications. +There have also been various changes to the Foundation library: +- a new RefCountedObject class that acts as a base class for + various classes that use reference counting +- some missing members have been added to the AutoPtr template +- various improvements and bugfixes to the Logging framework, as well as + new LoggingFactory and LoggingRegistry classses, and a NullChannel class +- the SignalHandler class (Unix platforms only) +- ObjectFactory and DynamicFactory template classes +- the Path::find method for searching a file in a list of directories +- various new Exception classes + + +Release 0.91.4 (2005-04-11) +=========================== + +This is mainly a maintenance release that adds support for QNX Neutrino +and OpenVMS. There are also minor bugfixes and improvements. + +The Unix build system has been modified to work on QNX Neutrino. +The OpenVMS build system has been fixed and works now. +Some missing #include's have been added for QNX Neutrino. +Foundation/String.h: icompare now supports comparison with const char*; +the classic C version of isspace() has been used in a few places instead of the +C++ version, this has been fixed. +Foundation/Exception.h: IllegalStateException added. + + +Release 0.91.3 (2005-03-19) +=========================== + +This is a maintenance release that adds support for Solaris/Sun Forte C++. +No new features have been added. + +An implementation of FPEnvironment for Solaris has been included. +All stream classes have been modified to work around an initialization +problem that surfaced with Sun's C++ compiler when using STLport. +Source-code compatibility with the previous release is not affected. Various +minor changes, mostly adding missing #include's for Solaris. + + +Release 0.91.2 (2005-02-27) +=========================== + +Minor improvements to the Unix build system. No actual changes in the +libraries. + + +Release 0.91.1 (2005-02-21) +=========================== + +This is the first public release of the C++ Portable Components. +The release does not contain all features planned for the later 1.0 release +(the NET library is missing, for example), but is already quite usable. +Please refer to the README file for more information and instructions for +building the libraries. diff --git a/contrib/poco-cmake/CMakeLists.txt b/base/poco/CMakeLists.txt similarity index 67% rename from contrib/poco-cmake/CMakeLists.txt rename to base/poco/CMakeLists.txt index d173f35b9bf..0432ce196bf 100644 --- a/contrib/poco-cmake/CMakeLists.txt +++ b/base/poco/CMakeLists.txt @@ -1,4 +1,5 @@ -set (LIBRARY_DIR "${ClickHouse_SOURCE_DIR}/contrib/poco") +set (CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -w") +set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -w") add_subdirectory (Crypto) add_subdirectory (Data) @@ -7,7 +8,7 @@ add_subdirectory (Foundation) add_subdirectory (JSON) add_subdirectory (MongoDB) add_subdirectory (Net) -add_subdirectory (Net/SSL) +add_subdirectory (NetSSL_OpenSSL) add_subdirectory (Redis) add_subdirectory (Util) add_subdirectory (XML) diff --git a/base/poco/CONTRIBUTORS b/base/poco/CONTRIBUTORS new file mode 100644 index 00000000000..7a74a9cc00c --- /dev/null +++ b/base/poco/CONTRIBUTORS @@ -0,0 +1,52 @@ +Guenter Obiltschnig +Alex Fabijanic +Peter Schojer +Ferdinand Beyer +Krzysztof Burghardt +Claus Dabringer +Caleb Epstein +Eran Hammer-Lahav +Chris Johnson +Sergey Kholodilov +Ryan Kraay +Larry Lewis +Andrew J. P. Maclean +Andrew Marlow +Paschal Mushubi +Jiang Shan +David Shawley +Sergey Skorokhodov +Tom Tan +Sergey N. Yatskevich +Marc Chevrier +Philippe Cuvillier +Marian Krivos +Franky Braem +Philip Prindeville +Anton Yabchinskiy +Rangel Reale +Fabrizio Duhem +Patrick White +Mike Naquin +Roger Meier +Mathaus Mendel +Arturo Castro +Adrian Imboden +Matej Knopp +Patrice Tarabbia +Lucas Clemente +Karl Reid +Pascal Bach +Cristian Thiago Moecke +Sergei Nikulov +Aaron Kaluszka +Iyed Bennour +Scott Davis +Kristin Cowalcijk +Yuval Kashtan +Christopher Baker +Scott Davis +Jeff Adams +Martin Osborne +Björn Schramke +Francis Andre diff --git a/base/poco/Crypto/CMakeLists.txt b/base/poco/Crypto/CMakeLists.txt new file mode 100644 index 00000000000..3753c5eed7b --- /dev/null +++ b/base/poco/Crypto/CMakeLists.txt @@ -0,0 +1,17 @@ +if (ENABLE_SSL) + file (GLOB SRCS src/*.cpp) + + add_library (_poco_crypto ${SRCS}) + add_library (Poco::Crypto ALIAS _poco_crypto) + + target_compile_options (_poco_crypto PRIVATE -Wno-newline-eof) + target_include_directories (_poco_crypto SYSTEM PUBLIC "include") + target_link_libraries (_poco_crypto PUBLIC Poco::Foundation OpenSSL::SSL OpenSSL::Crypto) + + message (STATUS "Using Poco::Crypto") +else () + add_library (_poco_crypto INTERFACE) + add_library (Poco::Crypto ALIAS _poco_crypto) + + message (STATUS "Not using Poco::Crypto") +endif () diff --git a/base/poco/Crypto/include/Poco/Crypto/Cipher.h b/base/poco/Crypto/include/Poco/Crypto/Cipher.h new file mode 100644 index 00000000000..fbe0c30ae8c --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/Cipher.h @@ -0,0 +1,138 @@ +// +// Cipher.h +// +// Library: Crypto +// Package: Cipher +// Module: Cipher +// +// Definition of the Cipher class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_Cipher_INCLUDED +#define Crypto_Cipher_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/RefCountedObject.h" +#include "Poco/AutoPtr.h" +#include +#include +#include + + +namespace Poco { +namespace Crypto { + + +class CryptoTransform; + + +class Crypto_API Cipher: public Poco::RefCountedObject + /// Represents the abstract base class from which all implementations of + /// symmetric/asymmetric encryption algorithms must inherit. Use the CipherFactory + /// class to obtain an instance of this class: + /// + /// CipherFactory& factory = CipherFactory::defaultFactory(); + /// // Creates a 256-bit AES cipher + /// Cipher* pCipher = factory.createCipher(CipherKey("aes-256")); + /// Cipher* pRSACipher = factory.createCipher(RSAKey(RSAKey::KL_1024, RSAKey::EXP_SMALL)); + /// + /// Check the different Key constructors on how to initialize/create + /// a key. The above example auto-generates random keys. + /// + /// Note that you won't be able to decrypt data encrypted with a random key + /// once the Cipher is destroyed unless you persist the generated key and IV. + /// An example usage for random keys is to encrypt data saved in a temporary + /// file. + /// + /// Once your key is set up, you can use the Cipher object to encrypt or + /// decrypt strings or, in conjunction with a CryptoInputStream or a + /// CryptoOutputStream, to encrypt streams of data. + /// + /// Since encrypted strings will contain arbitrary binary data that will cause + /// problems in applications that are not binary-safe (eg., when sending + /// encrypted data in e-mails), the encryptString() and decryptString() can + /// encode (or decode, respectively) encrypted data using a "transport encoding". + /// Supported encodings are Base64 and BinHex. + /// + /// The following example encrypts and decrypts a string utilizing Base64 + /// encoding: + /// + /// std::string plainText = "This is my secret information"; + /// std::string encrypted = pCipher->encryptString(plainText, Cipher::ENC_BASE64); + /// std::string decrypted = pCipher->decryptString(encrypted, Cipher::ENC_BASE64); + /// + /// In order to encrypt a stream of data (eg. to encrypt files), you can use + /// a CryptoStream: + /// + /// // Create an output stream that will encrypt all data going through it + /// // and write pass it to the underlying file stream. + /// Poco::FileOutputStream sink("encrypted.dat"); + /// CryptoOutputStream encryptor(sink, pCipher->createEncryptor()); + /// + /// Poco::FileInputStream source("source.txt"); + /// Poco::StreamCopier::copyStream(source, encryptor); + /// + /// // Always close output streams to flush all internal buffers + /// encryptor.close(); + /// sink.close(); +{ +public: + typedef Poco::AutoPtr Ptr; + typedef std::vector ByteVec; + + enum Encoding + /// Transport encoding to use for encryptString() and decryptString(). + { + ENC_NONE = 0x00, /// Plain binary output + ENC_BASE64 = 0x01, /// Base64-encoded output + ENC_BINHEX = 0x02, /// BinHex-encoded output + ENC_BASE64_NO_LF = 0x81, /// Base64-encoded output, no linefeeds + ENC_BINHEX_NO_LF = 0x82 /// BinHex-encoded output, no linefeeds + + }; + + virtual ~Cipher(); + /// Destroys the Cipher. + + virtual const std::string& name() const = 0; + /// Returns the name of the Cipher. + + virtual CryptoTransform* createEncryptor() = 0; + /// Creates an encryptor object to be used with a CryptoStream. + + virtual CryptoTransform* createDecryptor() = 0; + /// Creates a decryptor object to be used with a CryptoStream. + + virtual std::string encryptString(const std::string& str, Encoding encoding = ENC_NONE); + /// Directly encrypt a string and encode it using the given encoding. + + virtual std::string decryptString(const std::string& str, Encoding encoding = ENC_NONE); + /// Directly decrypt a string that is encoded with the given encoding. + + virtual void encrypt(std::istream& source, std::ostream& sink, Encoding encoding = ENC_NONE); + /// Directly encrypts an input stream and encodes it using the given encoding. + + virtual void decrypt(std::istream& source, std::ostream& sink, Encoding encoding = ENC_NONE); + /// Directly decrypt an input stream that is encoded with the given encoding. + +protected: + Cipher(); + /// Creates a new Cipher object. + +private: + Cipher(const Cipher&); + Cipher& operator = (const Cipher&); +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_Cipher_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CipherFactory.h b/base/poco/Crypto/include/Poco/Crypto/CipherFactory.h new file mode 100644 index 00000000000..36aa964a1e6 --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/CipherFactory.h @@ -0,0 +1,75 @@ +// +// CipherFactory.h +// +// Library: Crypto +// Package: Cipher +// Module: CipherFactory +// +// Definition of the CipherFactory class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CipherFactory_INCLUDED +#define Crypto_CipherFactory_INCLUDED + + +#include "Poco/Crypto/Crypto.h" + + +namespace Poco { +namespace Crypto { + + +class Cipher; +class CipherKey; +class RSAKey; + + +class Crypto_API CipherFactory + /// A factory for Cipher objects. See the Cipher class for examples on how to + /// use the CipherFactory. +{ +public: + CipherFactory(); + /// Creates a new CipherFactory object. + + virtual ~CipherFactory(); + /// Destroys the CipherFactory. + + Cipher* createCipher(const CipherKey& key); + /// Creates a Cipher object for the given Cipher name. Valid cipher + /// names depend on the OpenSSL version the library is linked with; + /// see the output of + /// + /// openssl enc --help + /// + /// for a list of supported block and stream ciphers. + /// + /// Common examples are: + /// + /// * AES: "aes-128", "aes-256" + /// * DES: "des", "des3" + /// * Blowfish: "bf" + + Cipher* createCipher(const RSAKey& key, RSAPaddingMode paddingMode = RSA_PADDING_PKCS1); + /// Creates a RSACipher using the given RSA key and padding mode + /// for public key encryption/private key decryption. + + static CipherFactory& defaultFactory(); + /// Returns the default CipherFactory. + +private: + CipherFactory(const CipherFactory&); + CipherFactory& operator = (const CipherFactory&); +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CipherFactory_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CipherImpl.h b/base/poco/Crypto/include/Poco/Crypto/CipherImpl.h new file mode 100644 index 00000000000..d6e8e0e79b2 --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/CipherImpl.h @@ -0,0 +1,69 @@ +// +// CipherImpl.h +// +// Library: Crypto +// Package: Cipher +// Module: CipherImpl +// +// Definition of the CipherImpl class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CipherImpl_INCLUDED +#define Crypto_CipherImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/Cipher.h" +#include "Poco/Crypto/CipherKey.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include + + +namespace Poco { +namespace Crypto { + + +class CipherImpl: public Cipher + /// An implementation of the Cipher class for OpenSSL's crypto library. +{ +public: + CipherImpl(const CipherKey& key); + /// Creates a new CipherImpl object for the given CipherKey. + + virtual ~CipherImpl(); + /// Destroys the CipherImpl. + + const std::string& name() const; + /// Returns the name of the cipher. + + CryptoTransform* createEncryptor(); + /// Creates an encryptor object. + + CryptoTransform* createDecryptor(); + /// Creates a decryptor object. + +private: + CipherKey _key; + OpenSSLInitializer _openSSLInitializer; +}; + + +// +// Inlines +// +inline const std::string& CipherImpl::name() const +{ + return _key.name(); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CipherImpl_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CipherKey.h b/base/poco/Crypto/include/Poco/Crypto/CipherKey.h new file mode 100644 index 00000000000..b102cc2310b --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/CipherKey.h @@ -0,0 +1,201 @@ +// +// CipherKey.h +// +// Library: Crypto +// Package: Cipher +// Module: CipherKey +// +// Definition of the CipherKey class. +// +// Copyright (c) 2007, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CipherKey_INCLUDED +#define Crypto_CipherKey_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/CipherKeyImpl.h" + + +namespace Poco { +namespace Crypto { + + +class Crypto_API CipherKey + /// CipherKey stores the key information for decryption/encryption of data. + /// To create a random key, using the following code: + /// + /// CipherKey key("aes-256"); + /// + /// Note that you won't be able to decrypt data encrypted with a random key + /// once the Cipher is destroyed unless you persist the generated key and IV. + /// An example usage for random keys is to encrypt data saved in a temporary + /// file. + /// + /// To create a key using a human-readable password + /// string, use the following code. We create a AES Cipher and + /// use a salt value to make the key more robust: + /// + /// std::string password = "secret"; + /// std::string salt("asdff8723lasdf(**923412"); + /// CipherKey key("aes-256", password, salt); + /// + /// You may also control the digest and the number of iterations used to generate the key + /// by specifying the specific values. Here we create a key with the same data as before, + /// except that we use 100 iterations instead of DEFAULT_ITERATION_COUNT, and sha1 instead of + /// the default md5: + /// + /// std::string password = "secret"; + /// std::string salt("asdff8723lasdf(**923412"); + /// std::string digest ("sha1"); + /// CipherKey key("aes-256", password, salt, 100, digest); + /// +{ +public: + typedef CipherKeyImpl::Mode Mode; + typedef CipherKeyImpl::ByteVec ByteVec; + + enum + { + DEFAULT_ITERATION_COUNT = 2000 + /// Default iteration count to use with + /// generateKey(). RSA security recommends + /// an iteration count of at least 1000. + }; + + CipherKey(const std::string& name, + const std::string& passphrase, + const std::string& salt = "", + int iterationCount = DEFAULT_ITERATION_COUNT, + const std::string& digest = "md5"); + /// Creates a new CipherKeyImpl object using the given + /// cipher name, passphrase, salt value, iteration count and digest. + + CipherKey(const std::string& name, + const ByteVec& key, + const ByteVec& iv); + /// Creates a new CipherKeyImpl object using the given cipher + /// name, key and initialization vector (IV). + /// + /// The size of the IV must match the cipher's expected + /// IV size (see ivSize()), except for GCM mode, which allows + /// a custom IV size. + + CipherKey(const std::string& name); + /// Creates a new CipherKeyImpl object. Autoinitializes key and + /// initialization vector. + + ~CipherKey(); + /// Destroys the CipherKeyImpl. + + const std::string& name() const; + /// Returns the name of the Cipher. + + int keySize() const; + /// Returns the key size of the Cipher. + + int blockSize() const; + /// Returns the block size of the Cipher. + + int ivSize() const; + /// Returns the IV size of the Cipher. + + Mode mode() const; + /// Returns the Cipher's mode of operation. + + const ByteVec& getKey() const; + /// Returns the key for the Cipher. + + void setKey(const ByteVec& key); + /// Sets the key for the Cipher. + + const ByteVec& getIV() const; + /// Returns the initialization vector (IV) for the Cipher. + + void setIV(const ByteVec& iv); + /// Sets the initialization vector (IV) for the Cipher. + /// + /// The size of the vector must match the cipher's expected + /// IV size (see ivSize()), except for GCM mode, which allows + /// a custom IV size. + + CipherKeyImpl::Ptr impl(); + /// Returns the impl object + +private: + CipherKeyImpl::Ptr _pImpl; +}; + + +// +// inlines +// +inline const std::string& CipherKey::name() const +{ + return _pImpl->name(); +} + + +inline int CipherKey::keySize() const +{ + return _pImpl->keySize(); +} + + +inline int CipherKey::blockSize() const +{ + return _pImpl->blockSize(); +} + + +inline int CipherKey::ivSize() const +{ + return _pImpl->ivSize(); +} + + +inline CipherKey::Mode CipherKey::mode() const +{ + return _pImpl->mode(); +} + + +inline const CipherKey::ByteVec& CipherKey::getKey() const +{ + return _pImpl->getKey(); +} + + +inline void CipherKey::setKey(const CipherKey::ByteVec& key) +{ + _pImpl->setKey(key); +} + + +inline const CipherKey::ByteVec& CipherKey::getIV() const +{ + return _pImpl->getIV(); +} + + +inline void CipherKey::setIV(const CipherKey::ByteVec& iv) +{ + _pImpl->setIV(iv); +} + + +inline CipherKeyImpl::Ptr CipherKey::impl() +{ + return _pImpl; +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CipherKey_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CipherKeyImpl.h b/base/poco/Crypto/include/Poco/Crypto/CipherKeyImpl.h new file mode 100644 index 00000000000..f7807aad9f8 --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/CipherKeyImpl.h @@ -0,0 +1,168 @@ +// +// CipherKeyImpl.h +// +// Library: Crypto +// Package: Cipher +// Module: CipherKeyImpl +// +// Definition of the CipherKeyImpl class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CipherKeyImpl_INCLUDED +#define Crypto_CipherKeyImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/RefCountedObject.h" +#include "Poco/AutoPtr.h" +#include + + +struct evp_cipher_st; +typedef struct evp_cipher_st EVP_CIPHER; + + +namespace Poco { +namespace Crypto { + + +class CipherKeyImpl: public RefCountedObject + /// An implementation of the CipherKey class for OpenSSL's crypto library. +{ +public: + typedef std::vector ByteVec; + typedef Poco::AutoPtr Ptr; + + enum Mode + /// Cipher mode of operation. This mode determines how multiple blocks + /// are connected; this is essential to improve security. + { + MODE_STREAM_CIPHER, /// Stream cipher + MODE_ECB, /// Electronic codebook (plain concatenation) + MODE_CBC, /// Cipher block chaining (default) + MODE_CFB, /// Cipher feedback + MODE_OFB, /// Output feedback + MODE_CTR, /// Counter mode + MODE_GCM, /// Galois/Counter mode + MODE_CCM /// Counter with CBC-MAC + }; + + CipherKeyImpl(const std::string& name, + const std::string& passphrase, + const std::string& salt, + int iterationCount, + const std::string& digest); + /// Creates a new CipherKeyImpl object, using + /// the given cipher name, passphrase, salt value + /// and iteration count. + + CipherKeyImpl(const std::string& name, + const ByteVec& key, + const ByteVec& iv); + /// Creates a new CipherKeyImpl object, using the + /// given cipher name, key and initialization vector. + + CipherKeyImpl(const std::string& name); + /// Creates a new CipherKeyImpl object. Autoinitializes key + /// and initialization vector. + + virtual ~CipherKeyImpl(); + /// Destroys the CipherKeyImpl. + + const std::string& name() const; + /// Returns the name of the Cipher. + + int keySize() const; + /// Returns the key size of the Cipher. + + int blockSize() const; + /// Returns the block size of the Cipher. + + int ivSize() const; + /// Returns the IV size of the Cipher. + + Mode mode() const; + /// Returns the Cipher's mode of operation. + + const ByteVec& getKey() const; + /// Returns the key for the Cipher. + + void setKey(const ByteVec& key); + /// Sets the key for the Cipher. + + const ByteVec& getIV() const; + /// Returns the initialization vector (IV) for the Cipher. + + void setIV(const ByteVec& iv); + /// Sets the initialization vector (IV) for the Cipher. + + const EVP_CIPHER* cipher(); + /// Returns the cipher object + +private: + void generateKey(const std::string& passphrase, + const std::string& salt, + int iterationCount); + /// Generates key and IV from a password and optional salt string. + + void generateKey(); + /// Generates key and IV from random data. + + void getRandomBytes(ByteVec& vec, std::size_t count); + /// Stores random bytes in vec. + +private: + const EVP_CIPHER* _pCipher; + const EVP_MD* _pDigest; + std::string _name; + ByteVec _key; + ByteVec _iv; + OpenSSLInitializer _openSSLInitializer; +}; + + +// +// Inlines +// +inline const std::string& CipherKeyImpl::name() const +{ + return _name; +} + + +inline const CipherKeyImpl::ByteVec& CipherKeyImpl::getKey() const +{ + return _key; +} + + +inline void CipherKeyImpl::setKey(const ByteVec& key) +{ + poco_assert(key.size() == static_cast(keySize())); + _key = key; +} + + +inline const CipherKeyImpl::ByteVec& CipherKeyImpl::getIV() const +{ + return _iv; +} + + +inline const EVP_CIPHER* CipherKeyImpl::cipher() +{ + return _pCipher; +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CipherKeyImpl_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/Crypto.h b/base/poco/Crypto/include/Poco/Crypto/Crypto.h new file mode 100644 index 00000000000..d6b3ede65cb --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/Crypto.h @@ -0,0 +1,195 @@ +// +// Crypto.h +// +// Library: Crypto +// Package: CryptoCore +// Module: Crypto +// +// Basic definitions for the Poco Crypto library. +// This file must be the first file included by every other Crypto +// header file. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_Crypto_INCLUDED +#define Crypto_Crypto_INCLUDED + + +#define POCO_EXTERNAL_OPENSSL_DEFAULT 1 +#define POCO_EXTERNAL_OPENSSL_SLPRO 2 + + +#include "Poco/Foundation.h" +#include + + +#ifndef OPENSSL_VERSION_PREREQ + #if defined(OPENSSL_VERSION_MAJOR) && defined(OPENSSL_VERSION_MINOR) + #define OPENSSL_VERSION_PREREQ(maj, min) \ + ((OPENSSL_VERSION_MAJOR << 16) + OPENSSL_VERSION_MINOR >= ((maj) << 16) + (min)) + #else + #define OPENSSL_VERSION_PREREQ(maj, min) \ + (OPENSSL_VERSION_NUMBER >= (((maj) << 28) | ((min) << 20))) + #endif +#endif + + +enum RSAPaddingMode + /// The padding mode used for RSA public key encryption. +{ + RSA_PADDING_PKCS1, + /// PKCS #1 v1.5 padding. This currently is the most widely used mode. + + RSA_PADDING_PKCS1_OAEP, + /// EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty + /// encoding parameter. This mode is recommended for all new applications. + + RSA_PADDING_SSLV23, + /// PKCS #1 v1.5 padding with an SSL-specific modification that denotes + /// that the server is SSL3 capable. + + RSA_PADDING_NONE + /// Raw RSA encryption. This mode should only be used to implement cryptographically + /// sound padding modes in the application code. Encrypting user data directly with RSA + /// is insecure. +}; + + +// +// The following block is the standard way of creating macros which make exporting +// from a DLL simpler. All files within this DLL are compiled with the Crypto_EXPORTS +// symbol defined on the command line. this symbol should not be defined on any project +// that uses this DLL. This way any other project whose source files include this file see +// Crypto_API functions as being imported from a DLL, whereas this DLL sees symbols +// defined with this macro as being exported. +// +#if defined(_WIN32) + #if defined(POCO_DLL) + #if defined(Crypto_EXPORTS) + #define Crypto_API __declspec(dllexport) + #else + #define Crypto_API __declspec(dllimport) + #endif + #endif +#endif + + +#if !defined(Crypto_API) + #if !defined(POCO_NO_GCC_API_ATTRIBUTE) && defined (__GNUC__) && (__GNUC__ >= 4) + #define Crypto_API __attribute__ ((visibility ("default"))) + #else + #define Crypto_API + #endif +#endif + + +// +// Automatically link Crypto and OpenSSL libraries. +// +#if defined(_MSC_VER) + #if !defined(POCO_NO_AUTOMATIC_LIBS) + #if defined(POCO_INTERNAL_OPENSSL_MSVC_VER) + #if defined(POCO_EXTERNAL_OPENSSL) + #pragma message("External OpenSSL defined but internal headers used - possible mismatch!") + #endif // POCO_EXTERNAL_OPENSSL + #if !defined(_DEBUG) + #define POCO_DEBUG_SUFFIX "" + #if !defined (_DLL) + #define POCO_STATIC_SUFFIX "mt" + #else // _DLL + #define POCO_STATIC_SUFFIX "" + #endif + #else // _DEBUG + #define POCO_DEBUG_SUFFIX "d" + #if !defined (_DLL) + #define POCO_STATIC_SUFFIX "mt" + #else // _DLL + #define POCO_STATIC_SUFFIX "" + #endif + #endif + #pragma comment(lib, "libcrypto" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") + #pragma comment(lib, "libssl" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") + #if !defined(_WIN64) && !defined (_DLL) && \ + (POCO_INTERNAL_OPENSSL_MSVC_VER == 120) && \ + (POCO_MSVC_VERSION < POCO_INTERNAL_OPENSSL_MSVC_VER) + #pragma comment(lib, "libPreVS2013CRT" POCO_STATIC_SUFFIX POCO_DEBUG_SUFFIX ".lib") + #endif + #if !defined (_DLL) && (POCO_MSVS_VERSION >= 2015) + #pragma comment(lib, "legacy_stdio_definitions.lib") + #pragma comment(lib, "legacy_stdio_wide_specifiers.lib") + #endif + #elif defined(POCO_EXTERNAL_OPENSSL) + #if POCO_EXTERNAL_OPENSSL == POCO_EXTERNAL_OPENSSL_SLPRO + #if defined(POCO_DLL) + #if OPENSSL_VERSION_PREREQ(1,1) + #pragma comment(lib, "libcrypto.lib") + #pragma comment(lib, "libssl.lib") + #else + #pragma comment(lib, "libeay32.lib") + #pragma comment(lib, "ssleay32.lib") + #endif + #else + #if OPENSSL_VERSION_PREREQ(1,1) + #if defined(_WIN64) + #pragma comment(lib, "libcrypto64" POCO_LIB_SUFFIX) + #pragma comment(lib, "libssl64" POCO_LIB_SUFFIX) + #else + #pragma comment(lib, "libcrypto32" POCO_LIB_SUFFIX) + #pragma comment(lib, "libssl32" POCO_LIB_SUFFIX) + #endif + #else + #pragma comment(lib, "libeay32" POCO_LIB_SUFFIX) + #pragma comment(lib, "ssleay32" POCO_LIB_SUFFIX) + #endif + #endif + #elif POCO_EXTERNAL_OPENSSL == POCO_EXTERNAL_OPENSSL_DEFAULT + #if OPENSSL_VERSION_PREREQ(1,1) + #pragma comment(lib, "libcrypto.lib") + #pragma comment(lib, "libssl.lib") + #else + #pragma comment(lib, "libeay32.lib") + #pragma comment(lib, "ssleay32.lib") + #endif + #endif + #endif // POCO_INTERNAL_OPENSSL_MSVC_VER + #if !defined(Crypto_EXPORTS) + #pragma comment(lib, "PocoCrypto" POCO_LIB_SUFFIX) + #endif + #endif // POCO_NO_AUTOMATIC_LIBS +#endif + + +namespace Poco { +namespace Crypto { + + +void Crypto_API initializeCrypto(); + /// Initialize the Crypto library, as well as the underlying OpenSSL + /// libraries, by calling OpenSSLInitializer::initialize(). + /// + /// Should be called before using any class from the Crypto library. + /// The Crypto library will be initialized automatically, through + /// OpenSSLInitializer instances held by various Crypto classes + /// (Cipher, CipherKey, RSAKey, X509Certificate). + /// However, it is recommended to call initializeCrypto() + /// in any case at application startup. + /// + /// Can be called multiple times; however, for every call to + /// initializeCrypto(), a matching call to uninitializeCrypto() + /// must be performed. + + +void Crypto_API uninitializeCrypto(); + /// Uninitializes the Crypto library by calling + /// OpenSSLInitializer::uninitialize(). + + +} } // namespace Poco::Crypto + + +#endif // Crypto_Crypto_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CryptoException.h b/base/poco/Crypto/include/Poco/Crypto/CryptoException.h new file mode 100644 index 00000000000..34c15111e6a --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/CryptoException.h @@ -0,0 +1,56 @@ +// +// CryptoException.h +// +// +// Library: Crypto +// Package: Crypto +// Module: CryptoException +// +// Definition of the CryptoException class. +// +// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CryptoException_INCLUDED +#define Crypto_CryptoException_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Exception.h" + + +namespace Poco { +namespace Crypto { + + +POCO_DECLARE_EXCEPTION(Crypto_API, CryptoException, Poco::Exception) + + +class Crypto_API OpenSSLException : public CryptoException +{ +public: + OpenSSLException(int code = 0); + OpenSSLException(const std::string& msg, int code = 0); + OpenSSLException(const std::string& msg, const std::string& arg, int code = 0); + OpenSSLException(const std::string& msg, const Poco::Exception& exc, int code = 0); + OpenSSLException(const OpenSSLException& exc); + ~OpenSSLException() throw(); + OpenSSLException& operator = (const OpenSSLException& exc); + const char* name() const throw(); + const char* className() const throw(); + Poco::Exception* clone() const; + void rethrow() const; + +private: + void setExtMessage(); +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CryptoException_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CryptoStream.h b/base/poco/Crypto/include/Poco/Crypto/CryptoStream.h new file mode 100644 index 00000000000..25a99a4ae58 --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/CryptoStream.h @@ -0,0 +1,192 @@ +// +// CryptoStream.h +// +// Library: Crypto +// Package: Cipher +// Module: CryptoStream +// +// Definition of the CryptoStreamBuf, CryptoInputStream and CryptoOutputStream +// classes. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CryptoStream_INCLUDED +#define Crypto_CryptoStream_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/BufferedStreamBuf.h" +#include "Poco/Buffer.h" +#include + + +namespace Poco { +namespace Crypto { + + +class CryptoTransform; +class Cipher; + + +class Crypto_API CryptoStreamBuf: public Poco::BufferedStreamBuf + /// This stream buffer performs cryptographic transformation on the data + /// going through it. +{ +public: + CryptoStreamBuf(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); + CryptoStreamBuf(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); + + virtual ~CryptoStreamBuf(); + + void close(); + /// Flushes all buffers and finishes the encryption. + +protected: + int readFromDevice(char* buffer, std::streamsize length); + int writeToDevice(const char* buffer, std::streamsize length); + +private: + CryptoTransform* _pTransform; + std::istream* _pIstr; + std::ostream* _pOstr; + bool _eof; + + Poco::Buffer _buffer; + + CryptoStreamBuf(const CryptoStreamBuf&); + CryptoStreamBuf& operator = (const CryptoStreamBuf&); +}; + + +class Crypto_API CryptoIOS: public virtual std::ios + /// The base class for CryptoInputStream and CryptoOutputStream. + /// + /// This class is needed to ensure correct initialization order of the + /// stream buffer and base classes. +{ +public: + CryptoIOS(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); + CryptoIOS(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); + ~CryptoIOS(); + CryptoStreamBuf* rdbuf(); + +protected: + CryptoStreamBuf _buf; +}; + + +class Crypto_API CryptoInputStream: public CryptoIOS, public std::istream + /// This stream transforms all data passing through it using the given + /// CryptoTransform. + /// + /// Use a CryptoTransform object provided by Cipher::createEncrytor() or + /// Cipher::createDecryptor() to create an encrypting or decrypting stream, + /// respectively. +{ +public: + CryptoInputStream(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); + /// Create a new CryptoInputStream object. The CryptoInputStream takes the + /// ownership of the given CryptoTransform object. + + CryptoInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize = 8192); + /// Create a new encrypting CryptoInputStream object using the given cipher. + + ~CryptoInputStream(); + /// Destroys the CryptoInputStream. +}; + + +class Crypto_API CryptoOutputStream: public CryptoIOS, public std::ostream + /// This stream transforms all data passing through it using the given + /// CryptoTransform. + /// + /// Use a CryptoTransform object provided by Cipher::createEncrytor() or + /// Cipher::createDecryptor() to create an encrypting or decrypting stream, + /// respectively. + /// + /// After all data has been passed through the stream, close() must be called + /// to ensure completion of cryptographic transformation. +{ +public: + CryptoOutputStream(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize = 8192); + /// Create a new CryptoOutputStream object. The CryptoOutputStream takes the + /// ownership of the given CryptoTransform object. + + CryptoOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize = 8192); + /// Create a new decrypting CryptoOutputStream object using the given cipher. + + ~CryptoOutputStream(); + /// Destroys the CryptoOutputStream. + + void close(); + /// Flushes all buffers and finishes the encryption. +}; + + +class Crypto_API DecryptingInputStream: public CryptoIOS, public std::istream + /// This stream decrypts all data passing through it using the given + /// Cipher. +{ +public: + DecryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize = 8192); + /// Create a new DecryptingInputStream object using the given cipher. + + ~DecryptingInputStream(); + /// Destroys the DecryptingInputStream. +}; + + +class Crypto_API DecryptingOutputStream: public CryptoIOS, public std::ostream + /// This stream decrypts all data passing through it using the given + /// Cipher. +{ +public: + DecryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize = 8192); + /// Create a new DecryptingOutputStream object using the given cipher. + + ~DecryptingOutputStream(); + /// Destroys the DecryptingOutputStream. + + void close(); + /// Flushes all buffers and finishes the decryption. +}; + + +class Crypto_API EncryptingInputStream: public CryptoIOS, public std::istream + /// This stream encrypts all data passing through it using the given + /// Cipher. +{ +public: + EncryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize = 8192); + /// Create a new EncryptingInputStream object using the given cipher. + + ~EncryptingInputStream(); + /// Destroys the EncryptingInputStream. +}; + + +class Crypto_API EncryptingOutputStream: public CryptoIOS, public std::ostream + /// This stream encrypts all data passing through it using the given + /// Cipher. +{ +public: + EncryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize = 8192); + /// Create a new EncryptingOutputStream object using the given cipher. + + ~EncryptingOutputStream(); + /// Destroys the EncryptingOutputStream. + + void close(); + /// Flushes all buffers and finishes the encryption. +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CryptoStream_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/CryptoTransform.h b/base/poco/Crypto/include/Poco/Crypto/CryptoTransform.h new file mode 100644 index 00000000000..9fa3806c653 --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/CryptoTransform.h @@ -0,0 +1,87 @@ +// +// CryptoTransform.h +// +// Library: Crypto +// Package: Cipher +// Module: CryptoTransform +// +// Definition of the CryptoTransform class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_CryptoTransform_INCLUDED +#define Crypto_CryptoTransform_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include + + +namespace Poco { +namespace Crypto { + + +class Crypto_API CryptoTransform + /// This interface represents the basic operations for cryptographic + /// transformations to be used with a CryptoInputStream or a + /// CryptoOutputStream. + /// + /// Implementations of this class are returned by the Cipher class to + /// perform encryption or decryption of data. +{ +public: + CryptoTransform(); + /// Creates a new CryptoTransform object. + + virtual ~CryptoTransform(); + /// Destroys the CryptoTransform. + + virtual std::size_t blockSize() const = 0; + /// Returns the block size for this CryptoTransform. + + virtual int setPadding(int padding); + /// Enables or disables padding. By default encryption operations are padded using standard block + /// padding and the padding is checked and removed when decrypting. If the padding parameter is zero then + /// no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of + /// the block size or an error will occur. + + virtual std::string getTag(std::size_t tagSize = 16) = 0; + /// Returns the GCM tag after encrypting using GCM mode. + /// + /// Must be called after finalize(). + + virtual void setTag(const std::string& tag) = 0; + /// Sets the GCM tag for authenticated decryption using GCM mode. + /// + /// Must be set before finalize() is called, otherwise + /// decryption will fail. + + virtual std::streamsize transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength) = 0; + /// Transforms a chunk of data. The inputLength is arbitrary and does not + /// need to be a multiple of the block size. The output buffer has a maximum + /// capacity of the given outputLength that must be at least + /// inputLength + blockSize() - 1 + /// Returns the number of bytes written to the output buffer. + + virtual std::streamsize finalize(unsigned char* output, std::streamsize length) = 0; + /// Finalizes the transformation. The output buffer must contain enough + /// space for at least two blocks, ie. + /// length >= 2*blockSize() + /// must be true. Returns the number of bytes written to the output + /// buffer. +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_CryptoTransform_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/DigestEngine.h b/base/poco/Crypto/include/Poco/Crypto/DigestEngine.h new file mode 100644 index 00000000000..1c30e769d5f --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/DigestEngine.h @@ -0,0 +1,80 @@ +// +// DigestEngine.h +// +// Library: Crypto +// Package: Digest +// Module: DigestEngine +// +// Definition of the DigestEngine class. +// +// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_DigestEngine_INCLUDED +#define Crypto_DigestEngine_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/DigestEngine.h" +#include + + +namespace Poco { +namespace Crypto { + + +class Crypto_API DigestEngine: public Poco::DigestEngine + /// This class implements a Poco::DigestEngine for all + /// digest algorithms supported by OpenSSL. +{ +public: + DigestEngine(const std::string& name); + /// Creates a DigestEngine using the digest with the given name + /// (e.g., "MD5", "SHA1", "SHA256", "SHA512", etc.). + /// See the OpenSSL documentation for a list of supported digest algorithms. + /// + /// Throws a Poco::NotFoundException if no algorithm with the given name exists. + + ~DigestEngine(); + /// Destroys the DigestEngine. + + const std::string& algorithm() const; + /// Returns the name of the digest algorithm. + + int nid() const; + /// Returns the NID (OpenSSL object identifier) of the digest algorithm. + + // DigestEngine + std::size_t digestLength() const; + void reset(); + const Poco::DigestEngine::Digest& digest(); + +protected: + void updateImpl(const void* data, std::size_t length); + +private: + std::string _name; + EVP_MD_CTX* _pContext; + Poco::DigestEngine::Digest _digest; + OpenSSLInitializer _openSSLInitializer; +}; + + +// +// inlines +// +inline const std::string& DigestEngine::algorithm() const +{ + return _name; +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_DigestEngine_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/ECDSADigestEngine.h b/base/poco/Crypto/include/Poco/Crypto/ECDSADigestEngine.h new file mode 100644 index 00000000000..ed6fab442f6 --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/ECDSADigestEngine.h @@ -0,0 +1,101 @@ +// +// ECDSADigestEngine.h +// +// +// Library: Crypto +// Package: ECDSA +// Module: ECDSADigestEngine +// +// Definition of the ECDSADigestEngine class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_ECDSADigestEngine_INCLUDED +#define Crypto_ECDSADigestEngine_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/ECKey.h" +#include "Poco/DigestEngine.h" +#include "Poco/Crypto/DigestEngine.h" +#include +#include + + +namespace Poco { +namespace Crypto { + + +class Crypto_API ECDSADigestEngine: public Poco::DigestEngine + /// This class implements a Poco::DigestEngine that can be + /// used to compute a secure digital signature. + /// + /// First another Poco::Crypto::DigestEngine is created and + /// used to compute a cryptographic hash of the data to be + /// signed. Then, the hash value is encrypted, using + /// the ECDSA private key. + /// + /// To verify a signature, pass it to the verify() + /// member function. It will decrypt the signature + /// using the ECDSA public key and compare the resulting + /// hash with the actual hash of the data. +{ +public: + + ECDSADigestEngine(const ECKey& key, const std::string &name); + /// Creates the ECDSADigestEngine with the given ECDSA key, + /// using the hash algorithm with the given name + /// (e.g., "SHA1", "SHA256", "SHA512", etc.). + /// See the OpenSSL documentation for a list of supported digest algorithms. + /// + /// Throws a Poco::NotFoundException if no algorithm with the given name exists. + + ~ECDSADigestEngine(); + /// Destroys the ECDSADigestEngine. + + std::size_t digestLength() const; + /// Returns the length of the digest in bytes. + + void reset(); + /// Resets the engine so that a new + /// digest can be computed. + + const DigestEngine::Digest& digest(); + /// Finishes the computation of the digest + /// (the first time it's called) and + /// returns the message digest. + /// + /// Can be called multiple times. + + const DigestEngine::Digest& signature(); + /// Signs the digest using the ECDSADSA algorithm + /// and the private key (the first time it's + /// called) and returns the result. + /// + /// Can be called multiple times. + + bool verify(const DigestEngine::Digest& signature); + /// Verifies the data against the signature. + /// + /// Returns true if the signature can be verified, false otherwise. + +protected: + void updateImpl(const void* data, std::size_t length); + +private: + ECKey _key; + Poco::Crypto::DigestEngine _engine; + Poco::DigestEngine::Digest _digest; + Poco::DigestEngine::Digest _signature; +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_ECDSADigestEngine_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/ECKey.h b/base/poco/Crypto/include/Poco/Crypto/ECKey.h new file mode 100644 index 00000000000..14f2ac0a189 --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/ECKey.h @@ -0,0 +1,136 @@ +// +// ECKey.h +// +// +// Library: Crypto +// Package: EC +// Module: ECKey +// +// Definition of the ECKey class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_ECKey_INCLUDED +#define Crypto_ECKey_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/KeyPair.h" +#include "Poco/Crypto/ECKeyImpl.h" + + +namespace Poco { +namespace Crypto { + + +class X509Certificate; +class PKCS12Container; + + +class Crypto_API ECKey : public KeyPair + /// This class stores an EC key pair, consisting + /// of private and public key. Storage of the private + /// key is optional. + /// + /// If a private key is available, the ECKey can be + /// used for decrypting data (encrypted with the public key) + /// or computing secure digital signatures. +{ +public: + ECKey(const EVPPKey& key); + /// Constructs ECKeyImpl by extracting the EC key. + + ECKey(const X509Certificate& cert); + /// Extracts the EC public key from the given certificate. + + ECKey(const PKCS12Container& cert); + /// Extracts the EC private key from the given certificate. + + ECKey(const std::string& eccGroup); + /// Creates the ECKey. Creates a new public/private keypair using the given parameters. + /// Can be used to sign data and verify signatures. + + ECKey(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase = ""); + /// Creates the ECKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. + /// + /// Cannot be used for signing or decryption unless a private key is available. + /// + /// If a private key is specified, you don't need to specify a public key file. + /// OpenSSL will auto-create the public key from the private key. + + ECKey(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream = 0, const std::string& privateKeyPassphrase = ""); + /// Creates the ECKey, by reading public and private key from the given streams and + /// using the given passphrase for the private key. + /// + /// Cannot be used for signing or decryption unless a private key is available. + /// + /// If a private key is specified, you don't need to specify a public key file. + /// OpenSSL will auto-create the public key from the private key. + + ~ECKey(); + /// Destroys the ECKey. + + ECKeyImpl::Ptr impl() const; + /// Returns the impl object. + + static std::string getCurveName(int nid = -1); + /// Returns elliptical curve name corresponding to + /// the given nid; if nid is not found, returns + /// empty string. + /// + /// If nid is -1, returns first curve name. + /// + /// If no curves are found, returns empty string; + + static int getCurveNID(std::string& name); + /// Returns the NID of the specified curve. + /// + /// If name is empty, returns the first curve NID + /// and updates the name accordingly. + + static bool hasCurve(const std::string& name); + /// Returns true if the named curve is found, + /// false otherwise. + +private: + ECKeyImpl::Ptr _pImpl; +}; + + +// +// inlines +// +inline ECKeyImpl::Ptr ECKey::impl() const +{ + return _pImpl; +} + + +inline std::string ECKey::getCurveName(int nid) +{ + return ECKeyImpl::getCurveName(nid); +} + + +inline int ECKey::getCurveNID(std::string& name) +{ + return ECKeyImpl::getCurveNID(name); +} + + +inline bool ECKey::hasCurve(const std::string& name) +{ + return ECKeyImpl::hasCurve(name); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_ECKey_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/ECKeyImpl.h b/base/poco/Crypto/include/Poco/Crypto/ECKeyImpl.h new file mode 100644 index 00000000000..840764304d1 --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/ECKeyImpl.h @@ -0,0 +1,174 @@ +// +// ECKeyImpl.h +// +// +// Library: Crypto +// Package: EC +// Module: ECKeyImpl +// +// Definition of the ECKeyImpl class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_ECKeyImplImpl_INCLUDED +#define Crypto_ECKeyImplImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/EVPPKey.h" +#include "Poco/Crypto/KeyPairImpl.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/RefCountedObject.h" +#include "Poco/AutoPtr.h" +#include +#include +#include +#include +#include + + +namespace Poco { +namespace Crypto { + + +class X509Certificate; +class PKCS12Container; + + +class ECKeyImpl: public KeyPairImpl + /// Elliptic Curve key clas implementation. +{ +public: + typedef Poco::AutoPtr Ptr; + typedef std::vector ByteVec; + + ECKeyImpl(const EVPPKey& key); + /// Constructs ECKeyImpl by extracting the EC key. + + ECKeyImpl(const X509Certificate& cert); + /// Constructs ECKeyImpl by extracting the EC public key from the given certificate. + + ECKeyImpl(const PKCS12Container& cert); + /// Constructs ECKeyImpl by extracting the EC private key from the given certificate. + + ECKeyImpl(int eccGroup); + /// Creates the ECKey of the specified group. Creates a new public/private keypair using the given parameters. + /// Can be used to sign data and verify signatures. + + ECKeyImpl(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase); + /// Creates the ECKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. Can only by used for signing if + /// a private key is available. + + ECKeyImpl(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase); + /// Creates the ECKey. Can only by used for signing if pPrivKey + /// is not null. If a private key file is specified, you don't need to + /// specify a public key file. OpenSSL will auto-create it from the private key. + + ~ECKeyImpl(); + /// Destroys the ECKeyImpl. + + EC_KEY* getECKey(); + /// Returns the OpenSSL EC key. + + const EC_KEY* getECKey() const; + /// Returns the OpenSSL EC key. + + int size() const; + /// Returns the EC key length in bits. + + int groupId() const; + /// Returns the EC key group integer Id. + + std::string groupName() const; + /// Returns the EC key group name. + + void save(const std::string& publicKeyFile, + const std::string& privateKeyFile = "", + const std::string& privateKeyPassphrase = "") const; + /// Exports the public and private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + void save(std::ostream* pPublicKeyStream, + std::ostream* pPrivateKeyStream = 0, + const std::string& privateKeyPassphrase = "") const; + /// Exports the public and private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + + static std::string getCurveName(int nid = -1); + /// Returns elliptical curve name corresponding to + /// the given nid; if nid is not found, returns + /// empty string. + /// + /// If nid is -1, returns first curve name. + /// + /// If no curves are found, returns empty string; + + static int getCurveNID(std::string& name); + /// Returns the NID of the specified curve. + /// + /// If name is empty, returns the first curve NID + /// and updates the name accordingly. + + static bool hasCurve(const std::string& name); + /// Returns true if the named curve is found, + /// false otherwise. + +private: + void checkEC(const std::string& method, const std::string& func) const; + void freeEC(); + + EC_KEY* _pEC; +}; + + +// +// inlines +// +inline EC_KEY* ECKeyImpl::getECKey() +{ + return _pEC; +} + + +inline const EC_KEY* ECKeyImpl::getECKey() const +{ + return _pEC; +} + + +inline std::string ECKeyImpl::groupName() const +{ + return OBJ_nid2sn(groupId()); +} + + +inline void ECKeyImpl::save(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase) const +{ + EVPPKey(_pEC).save(publicKeyFile, privateKeyFile, privateKeyPassphrase); +} + + +inline void ECKeyImpl::save(std::ostream* pPublicKeyStream, + std::ostream* pPrivateKeyStream, + const std::string& privateKeyPassphrase) const +{ + EVPPKey(_pEC).save(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_ECKeyImplImpl_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/EVPPKey.h b/base/poco/Crypto/include/Poco/Crypto/EVPPKey.h new file mode 100644 index 00000000000..fbcdad5b19c --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/EVPPKey.h @@ -0,0 +1,354 @@ +// +// EVPPKey.h +// +// +// Library: Crypto +// Package: CryptoCore +// Module: EVPPKey +// +// Definition of the EVPPKey class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_EVPPKeyImpl_INCLUDED +#define Crypto_EVPPKeyImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/CryptoException.h" +#include "Poco/StreamCopier.h" +#include +#include +#include +#include +#include +#include + + +namespace Poco { +namespace Crypto { + + +class ECKey; +class RSAKey; + + +class Crypto_API EVPPKey + /// Utility class for conversion of native keys to EVP. + /// Currently, only RSA and EC keys are supported. +{ +public: + explicit EVPPKey(const std::string& ecCurveName); + /// Constructs EVPPKey from ECC curve name. + /// + /// Only EC keys can be wrapped by an EVPPKey + /// created using this constructor. + + explicit EVPPKey(const char* ecCurveName); + /// Constructs EVPPKey from ECC curve name. + /// + /// Only EC keys can be wrapped by an EVPPKey + /// created using this constructor. + + explicit EVPPKey(EVP_PKEY* pEVPPKey); + /// Constructs EVPPKey from EVP_PKEY pointer. + /// The content behind the supplied pointer is internally duplicated. + + template + explicit EVPPKey(K* pKey): _pEVPPKey(EVP_PKEY_new()) + /// Constructs EVPPKey from a "native" OpenSSL (RSA or EC_KEY), + /// or a Poco wrapper (RSAKey, ECKey) key pointer. + { + if (!_pEVPPKey) throw OpenSSLException(); + setKey(pKey); + } + + EVPPKey(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase = ""); + /// Creates the EVPPKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. Can only by used for signing if + /// a private key is available. + + EVPPKey(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase = ""); + /// Creates the EVPPKey. Can only by used for signing if pPrivKey + /// is not null. If a private key file is specified, you don't need to + /// specify a public key file. OpenSSL will auto-create it from the private key. + + EVPPKey(const EVPPKey& other); + /// Copy constructor. + + EVPPKey& operator=(const EVPPKey& other); + /// Assignment operator. + +#ifdef POCO_ENABLE_CPP11 + + EVPPKey(EVPPKey&& other); + /// Move constructor. + + EVPPKey& operator=(EVPPKey&& other); + /// Assignment move operator. + +#endif // POCO_ENABLE_CPP11 + + ~EVPPKey(); + /// Destroys the EVPPKey. + + bool operator == (const EVPPKey& other) const; + /// Comparison operator. + /// Returns true if public key components and parameters + /// of the other key are equal to this key. + /// + /// Works as expected when one key contains only public key, + /// while the other one contains private (thus also public) key. + + bool operator != (const EVPPKey& other) const; + /// Comparison operator. + /// Returns true if public key components and parameters + /// of the other key are different from this key. + /// + /// Works as expected when one key contains only public key, + /// while the other one contains private (thus also public) key. + + void save(const std::string& publicKeyFile, const std::string& privateKeyFile = "", const std::string& privateKeyPassphrase = "") const; + /// Exports the public and/or private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + void save(std::ostream* pPublicKeyStream, std::ostream* pPrivateKeyStream = 0, const std::string& privateKeyPassphrase = "") const; + /// Exports the public and/or private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + + int type() const; + /// Retuns the EVPPKey type NID. + + bool isSupported(int type) const; + /// Returns true if OpenSSL type is supported + + operator const EVP_PKEY*() const; + /// Returns const pointer to the OpenSSL EVP_PKEY structure. + + operator EVP_PKEY*(); + /// Returns pointer to the OpenSSL EVP_PKEY structure. + + static EVP_PKEY* duplicate(const EVP_PKEY* pFromKey, EVP_PKEY** pToKey); + /// Duplicates pFromKey into *pToKey and returns + // the pointer to duplicated EVP_PKEY. + +private: + EVPPKey(); + + static int type(const EVP_PKEY* pEVPPKey); + void newECKey(const char* group); + void duplicate(EVP_PKEY* pEVPPKey); + + void setKey(ECKey* pKey); + void setKey(RSAKey* pKey); + void setKey(EC_KEY* pKey); + void setKey(RSA* pKey); + static int passCB(char* buf, int size, int, void* pass); + + typedef EVP_PKEY* (*PEM_read_FILE_Key_fn)(FILE*, EVP_PKEY**, pem_password_cb*, void*); + typedef EVP_PKEY* (*PEM_read_BIO_Key_fn)(BIO*, EVP_PKEY**, pem_password_cb*, void*); + typedef void* (*EVP_PKEY_get_Key_fn)(EVP_PKEY*); + + // The following load*() functions are used by both native and EVP_PKEY type key + // loading from BIO/FILE. + // When used for EVP key loading, getFunc is null (ie. native key is not extracted + // from the loaded EVP_PKEY). + template + static bool loadKey(K** ppKey, + PEM_read_FILE_Key_fn readFunc, + F getFunc, + const std::string& keyFile, + const std::string& pass = "") + { + poco_assert_dbg (((typeid(K*) == typeid(RSA*) || typeid(K*) == typeid(EC_KEY*)) && getFunc) || + ((typeid(K*) == typeid(EVP_PKEY*)) && !getFunc)); + poco_check_ptr (ppKey); + poco_assert_dbg (!*ppKey); + + FILE* pFile = 0; + if (!keyFile.empty()) + { + if (!getFunc) *ppKey = (K*)EVP_PKEY_new(); + EVP_PKEY* pKey = getFunc ? EVP_PKEY_new() : (EVP_PKEY*)*ppKey; + if (pKey) + { + pFile = fopen(keyFile.c_str(), "r"); + if (pFile) + { + pem_password_cb* pCB = pass.empty() ? (pem_password_cb*)0 : &passCB; + void* pPassword = pass.empty() ? (void*)0 : (void*)pass.c_str(); + if (readFunc(pFile, &pKey, pCB, pPassword)) + { + fclose(pFile); pFile = 0; + if(getFunc) + { + *ppKey = (K*)getFunc(pKey); + EVP_PKEY_free(pKey); + } + else + { + poco_assert_dbg (typeid(K*) == typeid(EVP_PKEY*)); + *ppKey = (K*)pKey; + } + if(!*ppKey) goto error; + return true; + } + goto error; + } + else + { + if (getFunc) EVP_PKEY_free(pKey); + throw IOException("ECKeyImpl, cannot open file", keyFile); + } + } + else goto error; + } + return false; + + error: + if (pFile) fclose(pFile); + throw OpenSSLException("EVPKey::loadKey(string)"); + } + + template + static bool loadKey(K** ppKey, + PEM_read_BIO_Key_fn readFunc, + F getFunc, + std::istream* pIstr, + const std::string& pass = "") + { + poco_assert_dbg (((typeid(K*) == typeid(RSA*) || typeid(K*) == typeid(EC_KEY*)) && getFunc) || + ((typeid(K*) == typeid(EVP_PKEY*)) && !getFunc)); + poco_check_ptr(ppKey); + poco_assert_dbg(!*ppKey); + + BIO* pBIO = 0; + if (pIstr) + { + std::ostringstream ostr; + Poco::StreamCopier::copyStream(*pIstr, ostr); + std::string key = ostr.str(); + pBIO = BIO_new_mem_buf(const_cast(key.data()), static_cast(key.size())); + if (pBIO) + { + if (!getFunc) *ppKey = (K*)EVP_PKEY_new(); + EVP_PKEY* pKey = getFunc ? EVP_PKEY_new() : (EVP_PKEY*)*ppKey; + if (pKey) + { + pem_password_cb* pCB = pass.empty() ? (pem_password_cb*)0 : &passCB; + void* pPassword = pass.empty() ? (void*)0 : (void*)pass.c_str(); + if (readFunc(pBIO, &pKey, pCB, pPassword)) + { + BIO_free(pBIO); pBIO = 0; + if (getFunc) + { + *ppKey = (K*)getFunc(pKey); + EVP_PKEY_free(pKey); + } + else + { + poco_assert_dbg (typeid(K*) == typeid(EVP_PKEY*)); + *ppKey = (K*)pKey; + } + if (!*ppKey) goto error; + return true; + } + if (getFunc) EVP_PKEY_free(pKey); + goto error; + } + else goto error; + } + else goto error; + } + return false; + + error: + if (pBIO) BIO_free(pBIO); + throw OpenSSLException("EVPKey::loadKey(stream)"); + } + + EVP_PKEY* _pEVPPKey; + + friend class ECKeyImpl; + friend class RSAKeyImpl; +}; + + +// +// inlines +// + + +inline bool EVPPKey::operator == (const EVPPKey& other) const +{ + poco_check_ptr (other._pEVPPKey); + poco_check_ptr (_pEVPPKey); + return (1 == EVP_PKEY_cmp(_pEVPPKey, other._pEVPPKey)); +} + + +inline bool EVPPKey::operator != (const EVPPKey& other) const +{ + return !(other == *this); +} + + +inline int EVPPKey::type(const EVP_PKEY* pEVPPKey) +{ + if (!pEVPPKey) return NID_undef; + + return EVP_PKEY_type(EVP_PKEY_id(pEVPPKey)); +} + + +inline int EVPPKey::type() const +{ + return type(_pEVPPKey); +} + + +inline bool EVPPKey::isSupported(int type) const +{ + return type == EVP_PKEY_EC || type == EVP_PKEY_RSA; +} + + +inline EVPPKey::operator const EVP_PKEY*() const +{ + return _pEVPPKey; +} + + +inline EVPPKey::operator EVP_PKEY*() +{ + return _pEVPPKey; +} + + +inline void EVPPKey::setKey(EC_KEY* pKey) +{ + if (!EVP_PKEY_set1_EC_KEY(_pEVPPKey, pKey)) + throw OpenSSLException(); +} + + +inline void EVPPKey::setKey(RSA* pKey) +{ + if (!EVP_PKEY_set1_RSA(_pEVPPKey, pKey)) + throw OpenSSLException(); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_EVPPKeyImpl_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/KeyPair.h b/base/poco/Crypto/include/Poco/Crypto/KeyPair.h new file mode 100644 index 00000000000..b9a705f8f1b --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/KeyPair.h @@ -0,0 +1,133 @@ +// +// KeyPair.h +// +// +// Library: Crypto +// Package: CryptoCore +// Module: KeyPair +// +// Definition of the KeyPair class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_KeyPair_INCLUDED +#define Crypto_KeyPair_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/KeyPairImpl.h" + + +namespace Poco { +namespace Crypto { + + +class X509Certificate; + + +class Crypto_API KeyPair + /// This is a parent class for classes storing a key pair, consisting + /// of private and public key. Storage of the private key is optional. + /// + /// If a private key is available, the KeyPair can be + /// used for decrypting data (encrypted with the public key) + /// or computing secure digital signatures. +{ +public: + enum Type + { + KT_RSA = KeyPairImpl::KT_RSA_IMPL, + KT_EC = KeyPairImpl::KT_EC_IMPL + }; + + explicit KeyPair(KeyPairImpl::Ptr pKeyPairImpl = 0); + /// Extracts the RSA public key from the given certificate. + + virtual ~KeyPair(); + /// Destroys the KeyPair. + + virtual int size() const; + /// Returns the RSA modulus size. + + virtual void save(const std::string& publicKeyPairFile, + const std::string& privateKeyPairFile = "", + const std::string& privateKeyPairPassphrase = "") const; + /// Exports the public and private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + virtual void save(std::ostream* pPublicKeyPairStream, + std::ostream* pPrivateKeyPairStream = 0, + const std::string& privateKeyPairPassphrase = "") const; + /// Exports the public and private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + + KeyPairImpl::Ptr impl() const; + /// Returns the impl object. + + const std::string& name() const; + /// Returns key pair name + + Type type() const; + /// Returns key pair type + +private: + KeyPairImpl::Ptr _pImpl; +}; + + +// +// inlines +// + +inline int KeyPair::size() const +{ + return _pImpl->size(); +} + + +inline void KeyPair::save(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase) const +{ + _pImpl->save(publicKeyFile, privateKeyFile, privateKeyPassphrase); +} + + +inline void KeyPair::save(std::ostream* pPublicKeyStream, + std::ostream* pPrivateKeyStream, + const std::string& privateKeyPassphrase) const +{ + _pImpl->save(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase); +} + + +inline const std::string& KeyPair::name() const +{ + return _pImpl->name(); +} + +inline KeyPairImpl::Ptr KeyPair::impl() const +{ + return _pImpl; +} + + +inline KeyPair::Type KeyPair::type() const +{ + return (KeyPair::Type)impl()->type(); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_KeyPair_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/KeyPairImpl.h b/base/poco/Crypto/include/Poco/Crypto/KeyPairImpl.h new file mode 100644 index 00000000000..e6320df044b --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/KeyPairImpl.h @@ -0,0 +1,107 @@ +// +// KeyPairImpl.h +// +// +// Library: Crypto +// Package: CryptoCore +// Module: KeyPairImpl +// +// Definition of the KeyPairImpl class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_KeyPairImplImpl_INCLUDED +#define Crypto_KeyPairImplImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/RefCountedObject.h" +#include "Poco/AutoPtr.h" +#include +#include + + +namespace Poco { +namespace Crypto { + + +class KeyPairImpl: public Poco::RefCountedObject + /// Class KeyPairImpl +{ +public: + enum Type + { + KT_RSA_IMPL = 0, + KT_EC_IMPL + }; + + typedef Poco::AutoPtr Ptr; + typedef std::vector ByteVec; + + KeyPairImpl(const std::string& name, Type type); + /// Create KeyPairImpl with specified type and name. + + virtual ~KeyPairImpl(); + /// Destroys the KeyPairImpl. + + virtual int size() const = 0; + /// Returns the key size. + + virtual void save(const std::string& publicKeyFile, + const std::string& privateKeyFile = "", + const std::string& privateKeyPassphrase = "") const = 0; + /// Exports the public and private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + virtual void save(std::ostream* pPublicKeyStream, + std::ostream* pPrivateKeyStream = 0, + const std::string& privateKeyPassphrase = "") const = 0; + /// Exports the public and private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + + const std::string& name() const; + /// Returns key pair name + + Type type() const; + /// Returns key pair type + +private: + KeyPairImpl(); + + std::string _name; + Type _type; + OpenSSLInitializer _openSSLInitializer; +}; + + +// +// inlines +// + + +inline const std::string& KeyPairImpl::name() const +{ + return _name; +} + + +inline KeyPairImpl::Type KeyPairImpl::type() const +{ + return _type; +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_KeyPairImplImpl_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/OpenSSLInitializer.h b/base/poco/Crypto/include/Poco/Crypto/OpenSSLInitializer.h new file mode 100644 index 00000000000..42c97ae465d --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/OpenSSLInitializer.h @@ -0,0 +1,115 @@ +// +// OpenSSLInitializer.h +// +// Library: Crypto +// Package: CryptoCore +// Module: OpenSSLInitializer +// +// Definition of the OpenSSLInitializer class. +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_OpenSSLInitializer_INCLUDED +#define Crypto_OpenSSLInitializer_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Mutex.h" +#include "Poco/AtomicCounter.h" +#include + +#if defined(OPENSSL_FIPS) && OPENSSL_VERSION_NUMBER < 0x010001000L +#include +#endif + + +extern "C" +{ + struct CRYPTO_dynlock_value + { + Poco::FastMutex _mutex; + }; +} + + +namespace Poco { +namespace Crypto { + + +class Crypto_API OpenSSLInitializer + /// Initalizes the OpenSSL library. + /// + /// The class ensures the earliest initialization and the + /// latest shutdown of the OpenSSL library. +{ +public: + OpenSSLInitializer(); + /// Automatically initialize OpenSSL on startup. + + ~OpenSSLInitializer(); + /// Automatically shut down OpenSSL on exit. + + static void initialize(); + /// Initializes the OpenSSL machinery. + + static void uninitialize(); + /// Shuts down the OpenSSL machinery. + + static bool isFIPSEnabled(); + // Returns true if FIPS mode is enabled, false otherwise. + + static void enableFIPSMode(bool enabled); + // Enable or disable FIPS mode. If FIPS is not available, this method doesn't do anything. + +protected: + enum + { + SEEDSIZE = 256 + }; + + // OpenSSL multithreading support + static void lock(int mode, int n, const char* file, int line); + static unsigned long id(); + static struct CRYPTO_dynlock_value* dynlockCreate(const char* file, int line); + static void dynlock(int mode, struct CRYPTO_dynlock_value* lock, const char* file, int line); + static void dynlockDestroy(struct CRYPTO_dynlock_value* lock, const char* file, int line); + +private: + static Poco::FastMutex* _mutexes; + static Poco::AtomicCounter _rc; +}; + + +// +// inlines +// +inline bool OpenSSLInitializer::isFIPSEnabled() +{ +#ifdef OPENSSL_FIPS + return FIPS_mode() ? true : false; +#else + return false; +#endif +} + +#ifdef OPENSSL_FIPS +inline void OpenSSLInitializer::enableFIPSMode(bool enabled) +{ + FIPS_mode_set(enabled); +} +#else +inline void OpenSSLInitializer::enableFIPSMode(bool /*enabled*/) +{ +} +#endif + + +} } // namespace Poco::Crypto + + +#endif // Crypto_OpenSSLInitializer_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/PKCS12Container.h b/base/poco/Crypto/include/Poco/Crypto/PKCS12Container.h new file mode 100644 index 00000000000..63cc224d8cc --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/PKCS12Container.h @@ -0,0 +1,159 @@ +// +// PKCS12Container.h +// +// Library: Crypto +// Package: Certificate +// Module: PKCS12Container +// +// Definition of the PKCS12Container class. +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_PKCS12Container_INCLUDED +#define Crypto_PKCS12Container_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/Crypto/X509Certificate.h" +#include "Poco/Crypto/EVPPKey.h" +#include "Poco/Path.h" +#include +#include +#include + + +namespace Poco { +namespace Crypto { + + +class Crypto_API PKCS12Container + /// This class implements PKCS#12 container functionality. +{ +public: + typedef X509Certificate::List CAList; + typedef std::vector CANameList; + + explicit PKCS12Container(std::istream& istr, const std::string& password = ""); + /// Creates the PKCS12Container object from a stream. + + explicit PKCS12Container(const std::string& path, const std::string& password = ""); + /// Creates the PKCS12Container object from a file. + + PKCS12Container(const PKCS12Container& cont); + /// Copy constructor. + + PKCS12Container& operator = (const PKCS12Container& cont); + /// Assignment operator. + +#ifdef POCO_ENABLE_CPP11 + + PKCS12Container(PKCS12Container&& cont); + /// Move constructor. + + PKCS12Container& operator = (PKCS12Container&& cont); + /// Move assignment operator. + +#endif // POCO_ENABLE_CPP11 + + ~PKCS12Container(); + /// Destroys the PKCS12Container. + + bool hasKey() const; + /// Returns true if container contains the key. + + EVPPKey getKey() const; + /// Return key as openssl EVP_PKEY wrapper object. + + bool hasX509Certificate() const; + /// Returns true if container has X509 certificate. + + const X509Certificate& getX509Certificate() const; + /// Returns the X509 certificate. + /// Throws NotFoundException if there is no certificate. + + const CAList& getCACerts() const; + /// Returns the list of CA certificates in this container. + + const std::string& getFriendlyName() const; + /// Returns the friendly name of the certificate bag. + + const CANameList& getFriendlyNamesCA() const; + /// Returns a list of CA certificates friendly names. + +private: + void load(PKCS12* pPKCS12, const std::string& password = ""); + std::string extractFriendlyName(X509* pCert); + +#ifdef POCO_ENABLE_CPP11 + typedef std::unique_ptr CertPtr; +#else + typedef std::auto_ptr CertPtr; +#endif // #ifdef POCO_ENABLE_CPP11 + + OpenSSLInitializer _openSSLInitializer; + EVP_PKEY* _pKey; + CertPtr _pX509Cert; + CAList _caCertList; + CANameList _caCertNames; + std::string _pkcsFriendlyName; +}; + + +// +// inlines +// + +inline bool PKCS12Container::hasX509Certificate() const +{ + return _pX509Cert.get() != 0; +} + + +inline const X509Certificate& PKCS12Container::getX509Certificate() const +{ + if (!hasX509Certificate()) + throw NotFoundException("PKCS12Container X509 certificate"); + return *_pX509Cert; +} + + +inline const std::string& PKCS12Container::getFriendlyName() const +{ + return _pkcsFriendlyName; +} + + +inline const PKCS12Container::CAList& PKCS12Container::getCACerts() const +{ + return _caCertList; +} + + +inline const PKCS12Container::CANameList& PKCS12Container::getFriendlyNamesCA() const +{ + return _caCertNames; +} + + +inline bool PKCS12Container::hasKey() const +{ + return _pKey != 0; +} + + +inline EVPPKey PKCS12Container::getKey() const +{ + return EVPPKey(_pKey); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_PKCS12Container_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/RSACipherImpl.h b/base/poco/Crypto/include/Poco/Crypto/RSACipherImpl.h new file mode 100644 index 00000000000..2ebc38e3b55 --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/RSACipherImpl.h @@ -0,0 +1,77 @@ +// +// RSACipherImpl.h +// +// Library: Crypto +// Package: RSA +// Module: RSACipherImpl +// +// Definition of the RSACipherImpl class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_RSACipherImpl_INCLUDED +#define Crypto_RSACipherImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/Cipher.h" +#include "Poco/Crypto/RSAKey.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include + + +namespace Poco { +namespace Crypto { + + +class RSACipherImpl: public Cipher + /// An implementation of the Cipher class for + /// asymmetric (public-private key) encryption + /// based on the the RSA algorithm in OpenSSL's + /// crypto library. + /// + /// Encryption is using the public key, decryption + /// requires the private key. +{ +public: + RSACipherImpl(const RSAKey& key, RSAPaddingMode paddingMode); + /// Creates a new RSACipherImpl object for the given RSAKey + /// and using the given padding mode. + + virtual ~RSACipherImpl(); + /// Destroys the RSACipherImpl. + + const std::string& name() const; + /// Returns the name of the Cipher. + + CryptoTransform* createEncryptor(); + /// Creates an encryptor object. + + CryptoTransform* createDecryptor(); + /// Creates a decryptor object. + +private: + RSAKey _key; + RSAPaddingMode _paddingMode; + OpenSSLInitializer _openSSLInitializer; +}; + + +// +// Inlines +// +inline const std::string& RSACipherImpl::name() const +{ + return _key.name(); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_RSACipherImpl_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/RSADigestEngine.h b/base/poco/Crypto/include/Poco/Crypto/RSADigestEngine.h new file mode 100644 index 00000000000..7c4d3860508 --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/RSADigestEngine.h @@ -0,0 +1,111 @@ +// +// RSADigestEngine.h +// +// Library: Crypto +// Package: RSA +// Module: RSADigestEngine +// +// Definition of the RSADigestEngine class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_RSADigestEngine_INCLUDED +#define Crypto_RSADigestEngine_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/RSAKey.h" +#include "Poco/DigestEngine.h" +#include "Poco/Crypto/DigestEngine.h" +#include +#include + + +namespace Poco { +namespace Crypto { + + +class Crypto_API RSADigestEngine: public Poco::DigestEngine + /// This class implements a Poco::DigestEngine that can be + /// used to compute a secure digital signature. + /// + /// First another Poco::Crypto::DigestEngine is created and + /// used to compute a cryptographic hash of the data to be + /// signed. Then, the hash value is encrypted, using + /// the RSA private key. + /// + /// To verify a signature, pass it to the verify() + /// member function. It will decrypt the signature + /// using the RSA public key and compare the resulting + /// hash with the actual hash of the data. +{ +public: + enum DigestType + { + DIGEST_MD5, + DIGEST_SHA1 + }; + + //@ deprecated + RSADigestEngine(const RSAKey& key, DigestType digestType = DIGEST_SHA1); + /// Creates the RSADigestEngine with the given RSA key, + /// using the MD5 or SHA-1 hash algorithm. + /// Kept for backward compatibility + + RSADigestEngine(const RSAKey& key, const std::string &name); + /// Creates the RSADigestEngine with the given RSA key, + /// using the hash algorithm with the given name + /// (e.g., "MD5", "SHA1", "SHA256", "SHA512", etc.). + /// See the OpenSSL documentation for a list of supported digest algorithms. + /// + /// Throws a Poco::NotFoundException if no algorithm with the given name exists. + + ~RSADigestEngine(); + /// Destroys the RSADigestEngine. + + std::size_t digestLength() const; + /// Returns the length of the digest in bytes. + + void reset(); + /// Resets the engine so that a new + /// digest can be computed. + + const DigestEngine::Digest& digest(); + /// Finishes the computation of the digest + /// (the first time it's called) and + /// returns the message digest. + /// + /// Can be called multiple times. + + const DigestEngine::Digest& signature(); + /// Signs the digest using the RSA algorithm + /// and the private key (the first time it's + /// called) and returns the result. + /// + /// Can be called multiple times. + + bool verify(const DigestEngine::Digest& signature); + /// Verifies the data against the signature. + /// + /// Returns true if the signature can be verified, false otherwise. + +protected: + void updateImpl(const void* data, std::size_t length); + +private: + RSAKey _key; + Poco::Crypto::DigestEngine _engine; + Poco::DigestEngine::Digest _digest; + Poco::DigestEngine::Digest _signature; +}; + + +} } // namespace Poco::Crypto + + +#endif // Crypto_RSADigestEngine_INCLUDED diff --git a/base/poco/Crypto/include/Poco/Crypto/RSAKey.h b/base/poco/Crypto/include/Poco/Crypto/RSAKey.h new file mode 100644 index 00000000000..ad9163ed42f --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/RSAKey.h @@ -0,0 +1,125 @@ +// +// RSAKey.h +// +// Library: Crypto +// Package: RSA +// Module: RSAKey +// +// Definition of the RSAKey class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_RSAKey_INCLUDED +#define Crypto_RSAKey_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/KeyPair.h" +#include "Poco/Crypto/RSAKeyImpl.h" + + +namespace Poco { +namespace Crypto { + + +class X509Certificate; +class PKCS12Container; + + +class Crypto_API RSAKey : public KeyPair + /// This class stores an RSA key pair, consisting + /// of private and public key. Storage of the private + /// key is optional. + /// + /// If a private key is available, the RSAKey can be + /// used for decrypting data (encrypted with the public key) + /// or computing secure digital signatures. +{ +public: + enum KeyLength + { + KL_512 = 512, + KL_1024 = 1024, + KL_2048 = 2048, + KL_4096 = 4096 + }; + + enum Exponent + { + EXP_SMALL = 0, + EXP_LARGE + }; + + RSAKey(const EVPPKey& key); + /// Constructs ECKeyImpl by extracting the EC key. + + RSAKey(const X509Certificate& cert); + /// Extracts the RSA public key from the given certificate. + + RSAKey(const PKCS12Container& cert); + /// Extracts the RSA private key from the given certificate. + + RSAKey(KeyLength keyLength, Exponent exp); + /// Creates the RSAKey. Creates a new public/private keypair using the given parameters. + /// Can be used to sign data and verify signatures. + + RSAKey(const std::string& publicKeyFile, + const std::string& privateKeyFile = "", + const std::string& privateKeyPassphrase = ""); + /// Creates the RSAKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. + /// + /// Cannot be used for signing or decryption unless a private key is available. + /// + /// If a private key is specified, you don't need to specify a public key file. + /// OpenSSL will auto-create the public key from the private key. + + RSAKey(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream = 0, + const std::string& privateKeyPassphrase = ""); + /// Creates the RSAKey, by reading public and private key from the given streams and + /// using the given passphrase for the private key. + /// + /// Cannot be used for signing or decryption unless a private key is available. + /// + /// If a private key is specified, you don't need to specify a public key file. + /// OpenSSL will auto-create the public key from the private key. + + ~RSAKey(); + /// Destroys the RSAKey. + + RSAKeyImpl::ByteVec modulus() const; + /// Returns the RSA modulus. + + RSAKeyImpl::ByteVec encryptionExponent() const; + /// Returns the RSA encryption exponent. + + RSAKeyImpl::ByteVec decryptionExponent() const; + /// Returns the RSA decryption exponent. + + RSAKeyImpl::Ptr impl() const; + /// Returns the impl object. + +private: + RSAKeyImpl::Ptr _pImpl; +}; + + +// +// inlines +// +inline RSAKeyImpl::Ptr RSAKey::impl() const +{ + return _pImpl; +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_RSAKey_INCLUDED \ No newline at end of file diff --git a/base/poco/Crypto/include/Poco/Crypto/RSAKeyImpl.h b/base/poco/Crypto/include/Poco/Crypto/RSAKeyImpl.h new file mode 100644 index 00000000000..035881636b2 --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/RSAKeyImpl.h @@ -0,0 +1,141 @@ +// +// RSAKeyImpl.h +// +// Library: Crypto +// Package: RSA +// Module: RSAKeyImpl +// +// Definition of the RSAKeyImpl class. +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_RSAKeyImplImpl_INCLUDED +#define Crypto_RSAKeyImplImpl_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/EVPPKey.h" +#include "Poco/Crypto/KeyPairImpl.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/RefCountedObject.h" +#include "Poco/AutoPtr.h" +#include +#include +#include + + +struct bignum_st; +struct rsa_st; +typedef struct bignum_st BIGNUM; +typedef struct rsa_st RSA; + + +namespace Poco { +namespace Crypto { + + +class X509Certificate; +class PKCS12Container; + + +class RSAKeyImpl: public KeyPairImpl + /// class RSAKeyImpl +{ +public: + typedef Poco::AutoPtr Ptr; + typedef std::vector ByteVec; + + RSAKeyImpl(const EVPPKey& key); + /// Constructs ECKeyImpl by extracting the EC key. + + RSAKeyImpl(const X509Certificate& cert); + /// Extracts the RSA public key from the given certificate. + + RSAKeyImpl(const PKCS12Container& cert); + /// Extracts the EC private key from the given certificate. + + RSAKeyImpl(int keyLength, unsigned long exponent); + /// Creates the RSAKey. Creates a new public/private keypair using the given parameters. + /// Can be used to sign data and verify signatures. + + RSAKeyImpl(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase); + /// Creates the RSAKey, by reading public and private key from the given files and + /// using the given passphrase for the private key. Can only by used for signing if + /// a private key is available. + + RSAKeyImpl(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase); + /// Creates the RSAKey. Can only by used for signing if pPrivKey + /// is not null. If a private key file is specified, you don't need to + /// specify a public key file. OpenSSL will auto-create it from the private key. + + ~RSAKeyImpl(); + /// Destroys the RSAKeyImpl. + + RSA* getRSA(); + /// Returns the OpenSSL RSA object. + + const RSA* getRSA() const; + /// Returns the OpenSSL RSA object. + + int size() const; + /// Returns the RSA modulus size. + + ByteVec modulus() const; + /// Returns the RSA modulus. + + ByteVec encryptionExponent() const; + /// Returns the RSA encryption exponent. + + ByteVec decryptionExponent() const; + /// Returns the RSA decryption exponent. + + void save(const std::string& publicKeyFile, + const std::string& privateKeyFile = "", + const std::string& privateKeyPassphrase = "") const; + /// Exports the public and private keys to the given files. + /// + /// If an empty filename is specified, the corresponding key + /// is not exported. + + void save(std::ostream* pPublicKeyStream, + std::ostream* pPrivateKeyStream = 0, + const std::string& privateKeyPassphrase = "") const; + /// Exports the public and private key to the given streams. + /// + /// If a null pointer is passed for a stream, the corresponding + /// key is not exported. + +private: + RSAKeyImpl(); + + void freeRSA(); + static ByteVec convertToByteVec(const BIGNUM* bn); + + RSA* _pRSA; +}; + + +// +// inlines +// +inline RSA* RSAKeyImpl::getRSA() +{ + return _pRSA; +} + + +inline const RSA* RSAKeyImpl::getRSA() const +{ + return _pRSA; +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_RSAKeyImplImpl_INCLUDED \ No newline at end of file diff --git a/base/poco/Crypto/include/Poco/Crypto/X509Certificate.h b/base/poco/Crypto/include/Poco/Crypto/X509Certificate.h new file mode 100644 index 00000000000..ccdab1ce37e --- /dev/null +++ b/base/poco/Crypto/include/Poco/Crypto/X509Certificate.h @@ -0,0 +1,245 @@ +// +// X509Certificate.h +// +// Library: Crypto +// Package: Certificate +// Module: X509Certificate +// +// Definition of the X509Certificate class. +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Crypto_X509Certificate_INCLUDED +#define Crypto_X509Certificate_INCLUDED + + +#include "Poco/Crypto/Crypto.h" +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/DateTime.h" +#include "Poco/SharedPtr.h" +#include +#include +#include +#include + + +namespace Poco { +namespace Crypto { + + +class Crypto_API X509Certificate + /// This class represents a X509 Certificate. +{ +public: + typedef std::vector List; + + enum NID + /// Name identifier for extracting information from + /// a certificate subject's or issuer's distinguished name. + { + NID_COMMON_NAME = 13, + NID_COUNTRY = 14, + NID_LOCALITY_NAME = 15, + NID_STATE_OR_PROVINCE = 16, + NID_ORGANIZATION_NAME = 17, + NID_ORGANIZATION_UNIT_NAME = 18, + NID_PKCS9_EMAIL_ADDRESS = 48, + NID_SERIAL_NUMBER = 105 + }; + + explicit X509Certificate(std::istream& istr); + /// Creates the X509Certificate object by reading + /// a certificate in PEM format from a stream. + + explicit X509Certificate(const std::string& path); + /// Creates the X509Certificate object by reading + /// a certificate in PEM format from a file. + + explicit X509Certificate(X509* pCert); + /// Creates the X509Certificate from an existing + /// OpenSSL certificate. Ownership is taken of + /// the certificate. + + X509Certificate(X509* pCert, bool shared); + /// Creates the X509Certificate from an existing + /// OpenSSL certificate. Ownership is taken of + /// the certificate. If shared is true, the + /// certificate's reference count is incremented. + + X509Certificate(const X509Certificate& cert); + /// Creates the certificate by copying another one. + + X509Certificate& operator = (const X509Certificate& cert); + /// Assigns a certificate. + + void swap(X509Certificate& cert); + /// Exchanges the certificate with another one. + + ~X509Certificate(); + /// Destroys the X509Certificate. + + long version() const; + /// Returns the version of the certificate. + + const std::string& serialNumber() const; + /// Returns the certificate serial number as a + /// string in decimal encoding. + + const std::string& issuerName() const; + /// Returns the certificate issuer's distinguished name. + + std::string issuerName(NID nid) const; + /// Extracts the information specified by the given + /// NID (name identifier) from the certificate issuer's + /// distinguished name. + + const std::string& subjectName() const; + /// Returns the certificate subject's distinguished name. + + std::string subjectName(NID nid) const; + /// Extracts the information specified by the given + /// NID (name identifier) from the certificate subject's + /// distinguished name. + + std::string commonName() const; + /// Returns the common name stored in the certificate + /// subject's distinguished name. + + void extractNames(std::string& commonName, std::set& domainNames) const; + /// Extracts the common name and the alias domain names from the + /// certificate. + + Poco::DateTime validFrom() const; + /// Returns the date and time the certificate is valid from. + + Poco::DateTime expiresOn() const; + /// Returns the date and time the certificate expires. + + void save(std::ostream& stream) const; + /// Writes the certificate to the given stream. + /// The certificate is written in PEM format. + + void save(const std::string& path) const; + /// Writes the certificate to the file given by path. + /// The certificate is written in PEM format. + + bool issuedBy(const X509Certificate& issuerCertificate) const; + /// Checks whether the certificate has been issued by + /// the issuer given by issuerCertificate. This can be + /// used to validate a certificate chain. + /// + /// Verifies if the certificate has been signed with the + /// issuer's private key, using the public key from the issuer + /// certificate. + /// + /// Returns true if verification against the issuer certificate + /// was successful, false otherwise. + + bool equals(const X509Certificate& otherCertificate) const; + /// Checks whether the certificate is equal to + /// the other certificate, by comparing the hashes + /// of both certificates. + /// + /// Returns true if both certificates are identical, + /// otherwise false. + + const X509* certificate() const; + /// Returns the underlying OpenSSL certificate. + + X509* dup() const; + /// Duplicates and returns the underlying OpenSSL certificate. Note that + /// the caller assumes responsibility for the lifecycle of the created + /// certificate. + + std::string signatureAlgorithm() const; + /// Returns the certificate signature algorithm long name. + + void print(std::ostream& out) const; + /// Prints the certificate information to ostream. + + static List readPEM(const std::string& pemFileName); + /// Reads and returns a list of certificates from + /// the specified PEM file. + + static void writePEM(const std::string& pemFileName, const List& list); + /// Writes the list of certificates to the specified PEM file. + +protected: + void load(std::istream& stream); + /// Loads the certificate from the given stream. The + /// certificate must be in PEM format. + + void load(const std::string& path); + /// Loads the certificate from the given file. The + /// certificate must be in PEM format. + + void init(); + /// Extracts issuer and subject name from the certificate. + +private: + enum + { + NAME_BUFFER_SIZE = 256 + }; + + std::string _issuerName; + std::string _subjectName; + std::string _serialNumber; + X509* _pCert; + OpenSSLInitializer _openSSLInitializer; +}; + + +// +// inlines +// + + +inline long X509Certificate::version() const +{ + // This is defined by standards (X.509 et al) to be + // one less than the certificate version. + // So, eg. a version 3 certificate will return 2. + return X509_get_version(_pCert) + 1; +} + + +inline const std::string& X509Certificate::serialNumber() const +{ + return _serialNumber; +} + + +inline const std::string& X509Certificate::issuerName() const +{ + return _issuerName; +} + + +inline const std::string& X509Certificate::subjectName() const +{ + return _subjectName; +} + + +inline const X509* X509Certificate::certificate() const +{ + return _pCert; +} + + +inline X509* X509Certificate::dup() const +{ + return X509_dup(_pCert); +} + + +} } // namespace Poco::Crypto + + +#endif // Crypto_X509Certificate_INCLUDED diff --git a/base/poco/Crypto/src/Cipher.cpp b/base/poco/Crypto/src/Cipher.cpp new file mode 100644 index 00000000000..8b4d57964f5 --- /dev/null +++ b/base/poco/Crypto/src/Cipher.cpp @@ -0,0 +1,140 @@ +// +// Cipher.cpp +// +// Library: Crypto +// Package: Cipher +// Module: Cipher +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/Cipher.h" +#include "Poco/Crypto/CryptoStream.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Base64Encoder.h" +#include "Poco/Base64Decoder.h" +#include "Poco/HexBinaryEncoder.h" +#include "Poco/HexBinaryDecoder.h" +#include "Poco/StreamCopier.h" +#include "Poco/Exception.h" +#include +#include + + +namespace Poco { +namespace Crypto { + + +Cipher::Cipher() +{ +} + + +Cipher::~Cipher() +{ +} + + +std::string Cipher::encryptString(const std::string& str, Encoding encoding) +{ + std::istringstream source(str); + std::ostringstream sink; + + encrypt(source, sink, encoding); + + return sink.str(); +} + + +std::string Cipher::decryptString(const std::string& str, Encoding encoding) +{ + std::istringstream source(str); + std::ostringstream sink; + + decrypt(source, sink, encoding); + return sink.str(); +} + + +void Cipher::encrypt(std::istream& source, std::ostream& sink, Encoding encoding) +{ + CryptoInputStream encryptor(source, createEncryptor()); + + switch (encoding) + { + case ENC_NONE: + StreamCopier::copyStream(encryptor, sink); + break; + + case ENC_BASE64: + case ENC_BASE64_NO_LF: + { + Poco::Base64Encoder encoder(sink); + if (encoding == ENC_BASE64_NO_LF) + { + encoder.rdbuf()->setLineLength(0); + } + StreamCopier::copyStream(encryptor, encoder); + encoder.close(); + } + break; + + case ENC_BINHEX: + case ENC_BINHEX_NO_LF: + { + Poco::HexBinaryEncoder encoder(sink); + if (encoding == ENC_BINHEX_NO_LF) + { + encoder.rdbuf()->setLineLength(0); + } + StreamCopier::copyStream(encryptor, encoder); + encoder.close(); + } + break; + + default: + throw Poco::InvalidArgumentException("Invalid argument", "encoding"); + } +} + + +void Cipher::decrypt(std::istream& source, std::ostream& sink, Encoding encoding) +{ + CryptoOutputStream decryptor(sink, createDecryptor()); + + switch (encoding) + { + case ENC_NONE: + StreamCopier::copyStream(source, decryptor); + decryptor.close(); + break; + + case ENC_BASE64: + case ENC_BASE64_NO_LF: + { + Poco::Base64Decoder decoder(source); + StreamCopier::copyStream(decoder, decryptor); + decryptor.close(); + } + break; + + case ENC_BINHEX: + case ENC_BINHEX_NO_LF: + { + Poco::HexBinaryDecoder decoder(source); + StreamCopier::copyStream(decoder, decryptor); + decryptor.close(); + } + break; + + default: + throw Poco::InvalidArgumentException("Invalid argument", "encoding"); + } +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/CipherFactory.cpp b/base/poco/Crypto/src/CipherFactory.cpp new file mode 100644 index 00000000000..28ba3748643 --- /dev/null +++ b/base/poco/Crypto/src/CipherFactory.cpp @@ -0,0 +1,65 @@ +// +// CipherFactory.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CipherFactory +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CipherFactory.h" +#include "Poco/Crypto/Cipher.h" +#include "Poco/Crypto/CipherKey.h" +#include "Poco/Crypto/RSAKey.h" +#include "Poco/Crypto/CipherImpl.h" +#include "Poco/Crypto/RSACipherImpl.h" +#include "Poco/Exception.h" +#include "Poco/SingletonHolder.h" +#include +#include + + +namespace Poco { +namespace Crypto { + + +CipherFactory::CipherFactory() +{ +} + + +CipherFactory::~CipherFactory() +{ +} + + +namespace +{ + static Poco::SingletonHolder holder; +} + + +CipherFactory& CipherFactory::defaultFactory() +{ + return *holder.get(); +} + + +Cipher* CipherFactory::createCipher(const CipherKey& key) +{ + return new CipherImpl(key); +} + + +Cipher* CipherFactory::createCipher(const RSAKey& key, RSAPaddingMode paddingMode) +{ + return new RSACipherImpl(key, paddingMode); +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/CipherImpl.cpp b/base/poco/Crypto/src/CipherImpl.cpp new file mode 100644 index 00000000000..ae574775957 --- /dev/null +++ b/base/poco/Crypto/src/CipherImpl.cpp @@ -0,0 +1,272 @@ +// +// CipherImpl.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CipherImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CipherImpl.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Exception.h" +#include "Poco/Buffer.h" +#include + + +namespace Poco { +namespace Crypto { + + +namespace +{ + void throwError() + { + unsigned long err; + std::string msg; + + while ((err = ERR_get_error())) + { + if (!msg.empty()) + msg.append("; "); + msg.append(ERR_error_string(err, 0)); + } + + throw Poco::IOException(msg); + } + + + class CryptoTransformImpl: public CryptoTransform + { + public: + typedef Cipher::ByteVec ByteVec; + + enum Direction + { + DIR_ENCRYPT, + DIR_DECRYPT + }; + + CryptoTransformImpl( + const EVP_CIPHER* pCipher, + const ByteVec& key, + const ByteVec& iv, + Direction dir); + + ~CryptoTransformImpl(); + + std::size_t blockSize() const; + int setPadding(int padding); + std::string getTag(std::size_t tagSize); + void setTag(const std::string& tag); + + std::streamsize transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength); + + std::streamsize finalize( + unsigned char* output, + std::streamsize length); + + private: + const EVP_CIPHER* _pCipher; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_CIPHER_CTX* _pContext; +#else + EVP_CIPHER_CTX _context; +#endif + ByteVec _key; + ByteVec _iv; + }; + + + CryptoTransformImpl::CryptoTransformImpl( + const EVP_CIPHER* pCipher, + const ByteVec& key, + const ByteVec& iv, + Direction dir): + _pCipher(pCipher), + _key(key), + _iv(iv) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + _pContext = EVP_CIPHER_CTX_new(); + EVP_CipherInit( + _pContext, + _pCipher, + &_key[0], + _iv.empty() ? 0 : &_iv[0], + (dir == DIR_ENCRYPT) ? 1 : 0); +#else + EVP_CipherInit( + &_context, + _pCipher, + &_key[0], + _iv.empty() ? 0 : &_iv[0], + (dir == DIR_ENCRYPT) ? 1 : 0); +#endif + +#if OPENSSL_VERSION_NUMBER >= 0x10001000L + if (_iv.size() != EVP_CIPHER_iv_length(_pCipher) && EVP_CIPHER_mode(_pCipher) == EVP_CIPH_GCM_MODE) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_SET_IVLEN, _iv.size(), NULL); +#else + int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_SET_IVLEN, _iv.size(), NULL); +#endif + if (rc == 0) throwError(); + } +#endif + } + + + CryptoTransformImpl::~CryptoTransformImpl() + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_CIPHER_CTX_cleanup(_pContext); + EVP_CIPHER_CTX_free(_pContext); +#else + EVP_CIPHER_CTX_cleanup(&_context); +#endif + } + + + std::size_t CryptoTransformImpl::blockSize() const + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + return EVP_CIPHER_CTX_block_size(_pContext); +#else + return EVP_CIPHER_CTX_block_size(&_context); +#endif + } + + + int CryptoTransformImpl::setPadding(int padding) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + return EVP_CIPHER_CTX_block_size(_pContext); +#else + return EVP_CIPHER_CTX_set_padding(&_context, padding); +#endif + } + + + std::string CryptoTransformImpl::getTag(std::size_t tagSize) + { + std::string tag; +#if OPENSSL_VERSION_NUMBER >= 0x10001000L + Poco::Buffer buffer(tagSize); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_GET_TAG, tagSize, buffer.begin()); +#else + int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_GET_TAG, tagSize, buffer.begin()); +#endif + if (rc == 0) throwError(); + tag.assign(buffer.begin(), tagSize); +#endif + return tag; + } + + + void CryptoTransformImpl::setTag(const std::string& tag) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CIPHER_CTX_ctrl(_pContext, EVP_CTRL_GCM_SET_TAG, tag.size(), const_cast(tag.data())); +#elif OPENSSL_VERSION_NUMBER >= 0x10001000L + int rc = EVP_CIPHER_CTX_ctrl(&_context, EVP_CTRL_GCM_SET_TAG, tag.size(), const_cast(tag.data())); +#else + int rc = 0; +#endif + if (rc == 0) throwError(); + } + + + std::streamsize CryptoTransformImpl::transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength) + { + poco_assert (outputLength >= (inputLength + blockSize() - 1)); + + int outLen = static_cast(outputLength); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CipherUpdate( + _pContext, + output, + &outLen, + input, + static_cast(inputLength)); +#else + int rc = EVP_CipherUpdate( + &_context, + output, + &outLen, + input, + static_cast(inputLength)); +#endif + if (rc == 0) + throwError(); + + return static_cast(outLen); + } + + + std::streamsize CryptoTransformImpl::finalize( + unsigned char* output, + std::streamsize length) + { + poco_assert (length >= blockSize()); + + int len = static_cast(length); + + // Use the '_ex' version that does not perform implicit cleanup since we + // will call EVP_CIPHER_CTX_cleanup() from the dtor as there is no + // guarantee that finalize() will be called if an error occurred. +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int rc = EVP_CipherFinal_ex(_pContext, output, &len); +#else + int rc = EVP_CipherFinal_ex(&_context, output, &len); +#endif + + if (rc == 0) + throwError(); + + return static_cast(len); + } +} + + +CipherImpl::CipherImpl(const CipherKey& key): + _key(key) +{ +} + + +CipherImpl::~CipherImpl() +{ +} + + +CryptoTransform* CipherImpl::createEncryptor() +{ + CipherKeyImpl::Ptr p = _key.impl(); + return new CryptoTransformImpl(p->cipher(), p->getKey(), p->getIV(), CryptoTransformImpl::DIR_ENCRYPT); +} + + +CryptoTransform* CipherImpl::createDecryptor() +{ + CipherKeyImpl::Ptr p = _key.impl(); + return new CryptoTransformImpl(p->cipher(), p->getKey(), p->getIV(), CryptoTransformImpl::DIR_DECRYPT); +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/CipherKey.cpp b/base/poco/Crypto/src/CipherKey.cpp new file mode 100644 index 00000000000..275edd1c883 --- /dev/null +++ b/base/poco/Crypto/src/CipherKey.cpp @@ -0,0 +1,49 @@ +// +// CipherKey.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CipherKey +// +// Copyright (c) 2007, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CipherKey.h" + + +namespace Poco { +namespace Crypto { + + +CipherKey::CipherKey(const std::string& name, + const std::string& passphrase, + const std::string& salt, + int iterationCount, + const std::string &digest): + _pImpl(new CipherKeyImpl(name, passphrase, salt, iterationCount, digest)) +{ +} + + +CipherKey::CipherKey(const std::string& name, const ByteVec& key, const ByteVec& iv): + _pImpl(new CipherKeyImpl(name, key, iv)) +{ +} + + +CipherKey::CipherKey(const std::string& name): + _pImpl(new CipherKeyImpl(name)) +{ +} + + +CipherKey::~CipherKey() +{ +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/CipherKeyImpl.cpp b/base/poco/Crypto/src/CipherKeyImpl.cpp new file mode 100644 index 00000000000..d5ebc5e3b17 --- /dev/null +++ b/base/poco/Crypto/src/CipherKeyImpl.cpp @@ -0,0 +1,222 @@ +// +// CipherKeyImpl.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CipherKeyImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CipherKeyImpl.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Crypto/CipherFactory.h" +#include "Poco/Exception.h" +#include "Poco/RandomStream.h" +#include +#include + + +namespace Poco { +namespace Crypto { + + +CipherKeyImpl::CipherKeyImpl(const std::string& name, + const std::string& passphrase, + const std::string& salt, + int iterationCount, + const std::string& digest): + _pCipher(0), + _pDigest(0), + _name(name), + _key(), + _iv() +{ + // dummy access to Cipherfactory so that the EVP lib is initilaized + CipherFactory::defaultFactory(); + _pCipher = EVP_get_cipherbyname(name.c_str()); + + if (!_pCipher) + throw Poco::NotFoundException("Cipher " + name + " was not found"); + + _pDigest = EVP_get_digestbyname(digest.c_str()); + + if (!_pDigest) + throw Poco::NotFoundException("Digest " + name + " was not found"); + + _key = ByteVec(keySize()); + _iv = ByteVec(ivSize()); + generateKey(passphrase, salt, iterationCount); +} + + +CipherKeyImpl::CipherKeyImpl(const std::string& name, + const ByteVec& key, + const ByteVec& iv): + _pCipher(0), + _pDigest(0), + _name(name), + _key(key), + _iv(iv) +{ + // dummy access to Cipherfactory so that the EVP lib is initialized + CipherFactory::defaultFactory(); + _pCipher = EVP_get_cipherbyname(name.c_str()); + + if (!_pCipher) + throw Poco::NotFoundException("Cipher " + name + " was not found"); +} + + +CipherKeyImpl::CipherKeyImpl(const std::string& name): + _pCipher(0), + _pDigest(0), + _name(name), + _key(), + _iv() +{ + // dummy access to Cipherfactory so that the EVP lib is initilaized + CipherFactory::defaultFactory(); + _pCipher = EVP_get_cipherbyname(name.c_str()); + + if (!_pCipher) + throw Poco::NotFoundException("Cipher " + name + " was not found"); + _key = ByteVec(keySize()); + _iv = ByteVec(ivSize()); + generateKey(); +} + + +CipherKeyImpl::~CipherKeyImpl() +{ +} + + +CipherKeyImpl::Mode CipherKeyImpl::mode() const +{ + switch (EVP_CIPHER_mode(_pCipher)) + { + case EVP_CIPH_STREAM_CIPHER: + return MODE_STREAM_CIPHER; + + case EVP_CIPH_ECB_MODE: + return MODE_ECB; + + case EVP_CIPH_CBC_MODE: + return MODE_CBC; + + case EVP_CIPH_CFB_MODE: + return MODE_CFB; + + case EVP_CIPH_OFB_MODE: + return MODE_OFB; + +#if OPENSSL_VERSION_NUMBER >= 0x10001000L + case EVP_CIPH_CTR_MODE: + return MODE_CTR; + + case EVP_CIPH_GCM_MODE: + return MODE_GCM; + +#endif + } + throw Poco::IllegalStateException("Unexpected value of EVP_CIPHER_mode()"); +} + + +void CipherKeyImpl::generateKey() +{ + ByteVec vec; + + getRandomBytes(vec, keySize()); + setKey(vec); + + getRandomBytes(vec, ivSize()); + setIV(vec); +} + + +void CipherKeyImpl::getRandomBytes(ByteVec& vec, std::size_t count) +{ + Poco::RandomInputStream random; + + vec.clear(); + vec.reserve(count); + + for (int i = 0; i < count; ++i) + vec.push_back(static_cast(random.get())); +} + + +void CipherKeyImpl::generateKey( + const std::string& password, + const std::string& salt, + int iterationCount) +{ + unsigned char keyBytes[EVP_MAX_KEY_LENGTH]; + unsigned char ivBytes[EVP_MAX_IV_LENGTH]; + + // OpenSSL documentation specifies that the salt must be an 8-byte array. + unsigned char saltBytes[8]; + + if (!salt.empty()) + { + int len = static_cast(salt.size()); + // Create the salt array from the salt string + for (int i = 0; i < 8; ++i) + saltBytes[i] = salt.at(i % len); + for (int i = 8; i < len; ++i) + saltBytes[i % 8] ^= salt.at(i); + } + + // Now create the key and IV, using the MD5 digest algorithm. + int keySize = EVP_BytesToKey( + _pCipher, + _pDigest ? _pDigest : EVP_md5(), + (salt.empty() ? 0 : saltBytes), + reinterpret_cast(password.data()), + static_cast(password.size()), + iterationCount, + keyBytes, + ivBytes); + + // Copy the buffers to our member byte vectors. + _key.assign(keyBytes, keyBytes + keySize); + + if (ivSize() == 0) + _iv.clear(); + else + _iv.assign(ivBytes, ivBytes + ivSize()); +} + + +int CipherKeyImpl::keySize() const +{ + return EVP_CIPHER_key_length(_pCipher); +} + + +int CipherKeyImpl::blockSize() const +{ + return EVP_CIPHER_block_size(_pCipher); +} + + +int CipherKeyImpl::ivSize() const +{ + return EVP_CIPHER_iv_length(_pCipher); +} + + +void CipherKeyImpl::setIV(const ByteVec& iv) +{ + poco_assert(mode() == MODE_GCM || iv.size() == static_cast(ivSize())); + _iv = iv; +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/CryptoException.cpp b/base/poco/Crypto/src/CryptoException.cpp new file mode 100644 index 00000000000..a4450af9bf0 --- /dev/null +++ b/base/poco/Crypto/src/CryptoException.cpp @@ -0,0 +1,108 @@ +// +// CryptoException.cpp +// +// +// Library: Crypto +// Package: Crypto +// Module: CryptoException +// +// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CryptoException.h" +#include "Poco/NumberFormatter.h" +#include +#include + + +namespace Poco { +namespace Crypto { + + +POCO_IMPLEMENT_EXCEPTION(CryptoException, Exception, "Crypto Exception") + + +OpenSSLException::OpenSSLException(int otherCode): CryptoException(otherCode) +{ + setExtMessage(); +} + + +OpenSSLException::OpenSSLException(const std::string& msg, int otherCode): CryptoException(msg, otherCode) +{ + setExtMessage(); +} + + +OpenSSLException::OpenSSLException(const std::string& msg, const std::string& arg, int otherCode): CryptoException(msg, arg, otherCode) +{ + setExtMessage(); +} + + +OpenSSLException::OpenSSLException(const std::string& msg, const Poco::Exception& exc, int otherCode): CryptoException(msg, exc, otherCode) +{ + setExtMessage(); +} + + +OpenSSLException::OpenSSLException(const OpenSSLException& exc): CryptoException(exc) +{ + setExtMessage(); +} + + +OpenSSLException::~OpenSSLException() throw() +{ +} + + +OpenSSLException& OpenSSLException::operator = (const OpenSSLException& exc) +{ + CryptoException::operator = (exc); + return *this; +} + + +const char* OpenSSLException::name() const throw() +{ + return "OpenSSLException"; +} + + +const char* OpenSSLException::className() const throw() +{ + return typeid(*this).name(); +} + + +Poco::Exception* OpenSSLException::clone() const +{ + return new OpenSSLException(*this); +} + + +void OpenSSLException::setExtMessage() +{ + Poco::UInt64 e = static_cast(ERR_get_error()); + char buf[128] = { 0 }; + char* pErr = ERR_error_string(static_cast(e), buf); + std::string err; + if (pErr) err = pErr; + else err = NumberFormatter::format(e); + + extendedMessage(err); +} + + +void OpenSSLException::rethrow() const +{ + throw *this; +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/CryptoStream.cpp b/base/poco/Crypto/src/CryptoStream.cpp new file mode 100644 index 00000000000..6b29b7f0775 --- /dev/null +++ b/base/poco/Crypto/src/CryptoStream.cpp @@ -0,0 +1,355 @@ +// +// CryptoStream.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CryptoStream +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CryptoStream.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Crypto/Cipher.h" +#include "Poco/Exception.h" +#include + + +#undef min +#undef max + + +namespace Poco { +namespace Crypto { + + +// +// CryptoStreamBuf +// + + +CryptoStreamBuf::CryptoStreamBuf(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): + Poco::BufferedStreamBuf(bufferSize, std::ios::in), + _pTransform(pTransform), + _pIstr(&istr), + _pOstr(0), + _eof(false), + _buffer(static_cast(bufferSize)) +{ + poco_check_ptr (pTransform); + poco_assert (bufferSize > 2 * pTransform->blockSize()); +} + + +CryptoStreamBuf::CryptoStreamBuf(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): + Poco::BufferedStreamBuf(bufferSize, std::ios::out), + _pTransform(pTransform), + _pIstr(0), + _pOstr(&ostr), + _eof(false), + _buffer(static_cast(bufferSize)) +{ + poco_check_ptr (pTransform); + poco_assert (bufferSize > 2 * pTransform->blockSize()); +} + + +CryptoStreamBuf::~CryptoStreamBuf() +{ + try + { + close(); + } + catch (...) + { + } + delete _pTransform; +} + + +void CryptoStreamBuf::close() +{ + sync(); + + if (_pIstr) + { + _pIstr = 0; + } + else if (_pOstr) + { + // Close can be called multiple times. By zeroing the pointer we make + // sure that we call finalize() only once, even if an exception is + // thrown. + std::ostream* pOstr = _pOstr; + _pOstr = 0; + + // Finalize transformation. + std::streamsize n = _pTransform->finalize(_buffer.begin(), static_cast(_buffer.size())); + + if (n > 0) + { + pOstr->write(reinterpret_cast(_buffer.begin()), n); + if (!pOstr->good()) + throw Poco::IOException("Output stream failure"); + } + } +} + + +int CryptoStreamBuf::readFromDevice(char* buffer, std::streamsize length) +{ + if (!_pIstr) + return 0; + + int count = 0; + + while (!_eof) + { + int m = (static_cast(length) - count)/2 - static_cast(_pTransform->blockSize()); + + // Make sure we can read at least one more block. Explicitely check + // for m < 0 since blockSize() returns an unsigned int and the + // comparison might give false results for m < 0. + if (m <= 0) + break; + + int n = 0; + + if (_pIstr->good()) + { + _pIstr->read(reinterpret_cast(_buffer.begin()), m); + n = static_cast(_pIstr->gcount()); + } + + if (n == 0) + { + _eof = true; + + // No more data, finalize transformation + count += static_cast(_pTransform->finalize( + reinterpret_cast(buffer + count), + static_cast(length) - count)); + } + else + { + // Transform next chunk of data + count += static_cast(_pTransform->transform( + _buffer.begin(), + n, + reinterpret_cast(buffer + count), + static_cast(length) - count)); + } + } + + return count; +} + + +int CryptoStreamBuf::writeToDevice(const char* buffer, std::streamsize length) +{ + if (!_pOstr) + return 0; + + std::size_t maxChunkSize = _buffer.size()/2; + std::size_t count = 0; + + while (count < length) + { + // Truncate chunk size so that the maximum output fits into _buffer. + std::size_t n = static_cast(length) - count; + if (n > maxChunkSize) + n = maxChunkSize; + + // Transform next chunk of data + std::streamsize k = _pTransform->transform( + reinterpret_cast(buffer + count), + static_cast(n), + _buffer.begin(), + static_cast(_buffer.size())); + + // Attention: (n != k) might be true. In count, we have to track how + // many bytes from buffer have been consumed, not how many bytes have + // been written to _pOstr! + count += n; + + if (k > 0) + { + _pOstr->write(reinterpret_cast(_buffer.begin()), k); + if (!_pOstr->good()) + throw Poco::IOException("Output stream failure"); + } + } + + return static_cast(count); +} + + +// +// CryptoIOS +// + + +CryptoIOS::CryptoIOS(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): + _buf(istr, pTransform, bufferSize) +{ + poco_ios_init(&_buf); +} + + +CryptoIOS::CryptoIOS(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): + _buf(ostr, pTransform, bufferSize) +{ + poco_ios_init(&_buf); +} + + +CryptoIOS::~CryptoIOS() +{ +} + + +CryptoStreamBuf* CryptoIOS::rdbuf() +{ + return &_buf; +} + + +// +// CryptoInputStream +// + + +CryptoInputStream::CryptoInputStream(std::istream& istr, CryptoTransform* pTransform, std::streamsize bufferSize): + CryptoIOS(istr, pTransform, bufferSize), + std::istream(&_buf) +{ +} + + +CryptoInputStream::CryptoInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(istr, cipher.createEncryptor(), bufferSize), + std::istream(&_buf) +{ +} + + +CryptoInputStream::~CryptoInputStream() +{ +} + + +// +// CryptoOutputStream +// + + +CryptoOutputStream::CryptoOutputStream(std::ostream& ostr, CryptoTransform* pTransform, std::streamsize bufferSize): + CryptoIOS(ostr, pTransform, bufferSize), + std::ostream(&_buf) +{ +} + + +CryptoOutputStream::CryptoOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(ostr, cipher.createDecryptor(), bufferSize), + std::ostream(&_buf) +{ +} + + +CryptoOutputStream::~CryptoOutputStream() +{ +} + + +void CryptoOutputStream::close() +{ + _buf.close(); +} + + +// +// EncryptingInputStream +// + + +EncryptingInputStream::EncryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(istr, cipher.createEncryptor(), bufferSize), + std::istream(&_buf) +{ +} + + +EncryptingInputStream::~EncryptingInputStream() +{ +} + + +// +// EncryptingOuputStream +// + + +EncryptingOutputStream::EncryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(ostr, cipher.createEncryptor(), bufferSize), + std::ostream(&_buf) +{ +} + + +EncryptingOutputStream::~EncryptingOutputStream() +{ +} + + +void EncryptingOutputStream::close() +{ + _buf.close(); +} + + +// +// DecryptingInputStream +// + + +DecryptingInputStream::DecryptingInputStream(std::istream& istr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(istr, cipher.createDecryptor(), bufferSize), + std::istream(&_buf) +{ +} + + +DecryptingInputStream::~DecryptingInputStream() +{ +} + + +// +// DecryptingOuputStream +// + + +DecryptingOutputStream::DecryptingOutputStream(std::ostream& ostr, Cipher& cipher, std::streamsize bufferSize): + CryptoIOS(ostr, cipher.createDecryptor(), bufferSize), + std::ostream(&_buf) +{ +} + + +DecryptingOutputStream::~DecryptingOutputStream() +{ +} + + +void DecryptingOutputStream::close() +{ + _buf.close(); +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/CryptoTransform.cpp b/base/poco/Crypto/src/CryptoTransform.cpp new file mode 100644 index 00000000000..e4e58fd6e64 --- /dev/null +++ b/base/poco/Crypto/src/CryptoTransform.cpp @@ -0,0 +1,38 @@ +// +// CryptoTransform.cpp +// +// Library: Crypto +// Package: Cipher +// Module: CryptoTransform +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/CryptoTransform.h" + + +namespace Poco { +namespace Crypto { + + +CryptoTransform::CryptoTransform() +{ +} + + +CryptoTransform::~CryptoTransform() +{ +} + + +int CryptoTransform::setPadding(int padding) +{ + return 1; +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/DigestEngine.cpp b/base/poco/Crypto/src/DigestEngine.cpp new file mode 100644 index 00000000000..a09879fe732 --- /dev/null +++ b/base/poco/Crypto/src/DigestEngine.cpp @@ -0,0 +1,80 @@ +// +// DigestEngine.cpp +// +// Library: Crypto +// Package: Digest +// Module: DigestEngine +// +// Copyright (c) 2012, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/DigestEngine.h" +#include "Poco/Exception.h" + + +namespace Poco { +namespace Crypto { + + +DigestEngine::DigestEngine(const std::string& name): + _name(name), + _pContext(EVP_MD_CTX_create()) +{ + const EVP_MD* md = EVP_get_digestbyname(_name.c_str()); + if (!md) throw Poco::NotFoundException(_name); + EVP_DigestInit_ex(_pContext, md, NULL); +} + + +DigestEngine::~DigestEngine() +{ + EVP_MD_CTX_destroy(_pContext); +} + +int DigestEngine::nid() const +{ + return EVP_MD_type(EVP_MD_CTX_md(_pContext)); +} + +std::size_t DigestEngine::digestLength() const +{ + return EVP_MD_CTX_size(_pContext); +} + + +void DigestEngine::reset() +{ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + EVP_MD_CTX_free(_pContext); + _pContext = EVP_MD_CTX_create(); +#else + EVP_MD_CTX_cleanup(_pContext); +#endif + const EVP_MD* md = EVP_get_digestbyname(_name.c_str()); + if (!md) throw Poco::NotFoundException(_name); + EVP_DigestInit_ex(_pContext, md, NULL); +} + + +const Poco::DigestEngine::Digest& DigestEngine::digest() +{ + _digest.clear(); + unsigned len = EVP_MD_CTX_size(_pContext); + _digest.resize(len); + EVP_DigestFinal_ex(_pContext, &_digest[0], &len); + reset(); + return _digest; +} + + +void DigestEngine::updateImpl(const void* data, std::size_t length) +{ + EVP_DigestUpdate(_pContext, data, length); +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/ECDSADigestEngine.cpp b/base/poco/Crypto/src/ECDSADigestEngine.cpp new file mode 100644 index 00000000000..59512770cd1 --- /dev/null +++ b/base/poco/Crypto/src/ECDSADigestEngine.cpp @@ -0,0 +1,100 @@ +// +// ECDSADigestEngine.cpp +// +// +// Library: Crypto +// Package: ECDSA +// Module: ECDSADigestEngine +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/ECDSADigestEngine.h" +#include + + +namespace Poco { +namespace Crypto { + + +ECDSADigestEngine::ECDSADigestEngine(const ECKey& key, const std::string &name): + _key(key), + _engine(name) +{ +} + + +ECDSADigestEngine::~ECDSADigestEngine() +{ +} + + +std::size_t ECDSADigestEngine::digestLength() const +{ + return _engine.digestLength(); +} + + +void ECDSADigestEngine::reset() +{ + _engine.reset(); + _digest.clear(); + _signature.clear(); +} + + +const DigestEngine::Digest& ECDSADigestEngine::digest() +{ + if (_digest.empty()) + { + _digest = _engine.digest(); + } + return _digest; +} + + +const DigestEngine::Digest& ECDSADigestEngine::signature() +{ + if (_signature.empty()) + { + digest(); + _signature.resize(_key.size()); + unsigned sigLen = static_cast(_signature.size()); + if (!ECDSA_sign(0, &_digest[0], static_cast(_digest.size()), + &_signature[0], &sigLen, _key.impl()->getECKey())) + { + throw OpenSSLException(); + } + if (sigLen < _signature.size()) _signature.resize(sigLen); + } + return _signature; +} + + +bool ECDSADigestEngine::verify(const DigestEngine::Digest& sig) +{ + digest(); + EC_KEY* pKey = _key.impl()->getECKey(); + if (pKey) + { + int ret = ECDSA_verify(0, &_digest[0], static_cast(_digest.size()), + &sig[0], static_cast(sig.size()), + pKey); + if (1 == ret) return true; + else if (0 == ret) return false; + } + throw OpenSSLException(); +} + + +void ECDSADigestEngine::updateImpl(const void* data, std::size_t length) +{ + _engine.update(data, length); +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/ECKey.cpp b/base/poco/Crypto/src/ECKey.cpp new file mode 100644 index 00000000000..56b8663776e --- /dev/null +++ b/base/poco/Crypto/src/ECKey.cpp @@ -0,0 +1,75 @@ +// +// ECKey.cpp +// +// +// Library: Crypto +// Package: EC +// Module: ECKey +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/ECKey.h" +#include + + +namespace Poco { +namespace Crypto { + + +ECKey::ECKey(const EVPPKey& key): + KeyPair(new ECKeyImpl(key)), + _pImpl(KeyPair::impl().cast()) +{ +} + + +ECKey::ECKey(const X509Certificate& cert): + KeyPair(new ECKeyImpl(cert)), + _pImpl(KeyPair::impl().cast()) +{ +} + + +ECKey::ECKey(const PKCS12Container& cont): + KeyPair(new ECKeyImpl(cont)), + _pImpl(KeyPair::impl().cast()) +{ +} + + +ECKey::ECKey(const std::string& eccGroup): + KeyPair(new ECKeyImpl(OBJ_txt2nid(eccGroup.c_str()))), + _pImpl(KeyPair::impl().cast()) +{ +} + + +ECKey::ECKey(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase): + KeyPair(new ECKeyImpl(publicKeyFile, privateKeyFile, privateKeyPassphrase)), + _pImpl(KeyPair::impl().cast()) +{ +} + + +ECKey::ECKey(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream, + const std::string& privateKeyPassphrase): + KeyPair(new ECKeyImpl(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase)), + _pImpl(KeyPair::impl().cast()) +{ +} + + +ECKey::~ECKey() +{ +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/ECKeyImpl.cpp b/base/poco/Crypto/src/ECKeyImpl.cpp new file mode 100644 index 00000000000..99ffae76067 --- /dev/null +++ b/base/poco/Crypto/src/ECKeyImpl.cpp @@ -0,0 +1,258 @@ +// +// ECKeyImpl.cpp +// +// +// Library: Crypto +// Package: EC +// Module: ECKeyImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/ECKeyImpl.h" +#include "Poco/Crypto/X509Certificate.h" +#include "Poco/Crypto/PKCS12Container.h" +#include "Poco/FileStream.h" +#include "Poco/Format.h" +#include "Poco/StreamCopier.h" +#include +#include +#if OPENSSL_VERSION_NUMBER >= 0x00908000L +#include +#endif + + +namespace Poco { +namespace Crypto { + + +ECKeyImpl::ECKeyImpl(const EVPPKey& key): + KeyPairImpl("ec", KT_EC_IMPL), + _pEC(EVP_PKEY_get1_EC_KEY(const_cast((const EVP_PKEY*)key))) +{ + checkEC("ECKeyImpl(const EVPPKey&)", "EVP_PKEY_get1_EC_KEY()"); +} + + +ECKeyImpl::ECKeyImpl(const X509Certificate& cert): + KeyPairImpl("ec", KT_EC_IMPL), + _pEC(0) +{ + const X509* pCert = cert.certificate(); + if (pCert) + { + EVP_PKEY* pKey = X509_get_pubkey(const_cast(pCert)); + if (pKey) + { + _pEC = EVP_PKEY_get1_EC_KEY(pKey); + EVP_PKEY_free(pKey); + checkEC("ECKeyImpl(const const X509Certificate&)", "EVP_PKEY_get1_EC_KEY()"); + return; + } + } + throw OpenSSLException("ECKeyImpl(const X509Certificate&)"); +} + + +ECKeyImpl::ECKeyImpl(const PKCS12Container& cont): + KeyPairImpl("ec", KT_EC_IMPL), + _pEC(EVP_PKEY_get1_EC_KEY(cont.getKey())) +{ + checkEC("ECKeyImpl(const PKCS12Container&)", "EVP_PKEY_get1_EC_KEY()"); +} + + +ECKeyImpl::ECKeyImpl(int curve): + KeyPairImpl("ec", KT_EC_IMPL), + _pEC(EC_KEY_new_by_curve_name(curve)) +{ + poco_check_ptr(_pEC); + EC_KEY_set_asn1_flag(_pEC, OPENSSL_EC_NAMED_CURVE); + if (!(EC_KEY_generate_key(_pEC))) + throw OpenSSLException("ECKeyImpl(int curve): EC_KEY_generate_key()"); + checkEC("ECKeyImpl(int curve)", "EC_KEY_generate_key()"); +} + + +ECKeyImpl::ECKeyImpl(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase): KeyPairImpl("ec", KT_EC_IMPL), _pEC(0) +{ + if (EVPPKey::loadKey(&_pEC, PEM_read_PrivateKey, EVP_PKEY_get1_EC_KEY, privateKeyFile, privateKeyPassphrase)) + { + checkEC(Poco::format("ECKeyImpl(%s, %s, %s)", + publicKeyFile, privateKeyFile, privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), + "PEM_read_PrivateKey() or EVP_PKEY_get1_EC_KEY()"); + return; // private key is enough + } + + // no private key, this must be public key only, otherwise throw + if (!EVPPKey::loadKey(&_pEC, PEM_read_PUBKEY, EVP_PKEY_get1_EC_KEY, publicKeyFile)) + { + throw OpenSSLException("ECKeyImpl(const string&, const string&, const string&"); + } + checkEC(Poco::format("ECKeyImpl(%s, %s, %s)", + publicKeyFile, privateKeyFile, privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), + "PEM_read_PUBKEY() or EVP_PKEY_get1_EC_KEY()"); +} + + +ECKeyImpl::ECKeyImpl(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream, + const std::string& privateKeyPassphrase): KeyPairImpl("ec", KT_EC_IMPL), _pEC(0) +{ + if (EVPPKey::loadKey(&_pEC, PEM_read_bio_PrivateKey, EVP_PKEY_get1_EC_KEY, pPrivateKeyStream, privateKeyPassphrase)) + { + checkEC(Poco::format("ECKeyImpl(stream, stream, %s)", + privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), + "PEM_read_bio_PrivateKey() or EVP_PKEY_get1_EC_KEY()"); + return; // private key is enough + } + + // no private key, this must be public key only, otherwise throw + if (!EVPPKey::loadKey(&_pEC, PEM_read_bio_PUBKEY, EVP_PKEY_get1_EC_KEY, pPublicKeyStream)) + { + throw OpenSSLException("ECKeyImpl(istream*, istream*, const string&"); + } + checkEC(Poco::format("ECKeyImpl(stream, stream, %s)", + privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string("***")), + "PEM_read_bio_PUBKEY() or EVP_PKEY_get1_EC_KEY()"); +} + + +ECKeyImpl::~ECKeyImpl() +{ + freeEC(); +} + + +void ECKeyImpl::checkEC(const std::string& method, const std::string& func) const +{ + if (!_pEC) throw OpenSSLException(Poco::format("%s: %s", method, func)); + if (!EC_KEY_check_key(_pEC)) + throw OpenSSLException(Poco::format("%s: EC_KEY_check_key()", method)); +} + + +void ECKeyImpl::freeEC() +{ + if (_pEC) + { + EC_KEY_free(_pEC); + _pEC = 0; + } +} + + +int ECKeyImpl::size() const +{ + int sz = -1; + EVP_PKEY* pKey = EVP_PKEY_new(); + if (pKey && EVP_PKEY_set1_EC_KEY(pKey, _pEC)) + { + sz = EVP_PKEY_bits(pKey); + EVP_PKEY_free(pKey); + return sz; + } + throw OpenSSLException("ECKeyImpl::size()"); +} + + +int ECKeyImpl::groupId() const +{ + if (_pEC) + { + const EC_GROUP* ecGroup = EC_KEY_get0_group(_pEC); + if (ecGroup) + { + return EC_GROUP_get_curve_name(ecGroup); + } + else + { + throw OpenSSLException("ECKeyImpl::groupName()"); + } + } + throw NullPointerException("ECKeyImpl::groupName() => _pEC"); +} + + +std::string ECKeyImpl::getCurveName(int nid) +{ + std::string curveName; + size_t len = EC_get_builtin_curves(NULL, 0); + EC_builtin_curve* pCurves = + (EC_builtin_curve*) OPENSSL_malloc(sizeof(EC_builtin_curve) * len); + if (!pCurves) return curveName; + + if (!EC_get_builtin_curves(pCurves, len)) + { + OPENSSL_free(pCurves); + return curveName; + } + + if (-1 == nid) nid = pCurves[0].nid; + const int bufLen = 128; + char buf[bufLen]; + std::memset(buf, 0, bufLen); + OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(nid), 0); + curveName = buf; + OPENSSL_free(pCurves); + return curveName; +} + + +int ECKeyImpl::getCurveNID(std::string& name) +{ + std::string curveName; + size_t len = EC_get_builtin_curves(NULL, 0); + EC_builtin_curve* pCurves = + (EC_builtin_curve*)OPENSSL_malloc(static_cast(sizeof(EC_builtin_curve) * len)); + if (!pCurves) return -1; + + if (!EC_get_builtin_curves(pCurves, len)) + { + OPENSSL_free(pCurves); + return -1; + } + + int nid = -1; + const int bufLen = 128; + char buf[bufLen]; + if (name.empty()) + { + std::memset(buf, 0, bufLen); + OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(nid), 0); + name = buf; + nid = pCurves[0].nid; + } + else + { + for (int i = 0; i < len; ++i) + { + std::memset(buf, 0, bufLen); + OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(pCurves[i].nid), 0); + if (strncmp(name.c_str(), buf, name.size() > bufLen ? bufLen : name.size()) == 0) + { + nid = pCurves[i].nid; + break; + } + } + } + + OPENSSL_free(pCurves); + return nid; +} + + +bool ECKeyImpl::hasCurve(const std::string& name) +{ + std::string tmp(name); + return (-1 != getCurveNID(tmp)); +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/EVPPKey.cpp b/base/poco/Crypto/src/EVPPKey.cpp new file mode 100644 index 00000000000..ffa0a78c070 --- /dev/null +++ b/base/poco/Crypto/src/EVPPKey.cpp @@ -0,0 +1,321 @@ +// +// EVPPKey.cpp +// +// +// Library: Crypto +// Package: CryptoCore +// Module: EVPPKey +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/EVPPKey.h" +#include "Poco/Crypto/ECKey.h" +#include "Poco/Crypto/RSAKey.h" +#include "Poco/NumberFormatter.h" + + +namespace Poco { +namespace Crypto { + + +EVPPKey::EVPPKey(const std::string& ecCurveName): _pEVPPKey(0) +{ + newECKey(ecCurveName.c_str()); + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(const char* ecCurveName): _pEVPPKey(0) +{ + newECKey(ecCurveName); + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(EVP_PKEY* pEVPPKey): _pEVPPKey(0) +{ + duplicate(pEVPPKey, &_pEVPPKey); + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase): _pEVPPKey(0) +{ + if (loadKey(&_pEVPPKey, PEM_read_PrivateKey, (EVP_PKEY_get_Key_fn)0, privateKeyFile, privateKeyPassphrase)) + { + poco_check_ptr(_pEVPPKey); + return; // private key is enough + } + + // no private key, this must be public key only, otherwise throw + if (!loadKey(&_pEVPPKey, PEM_read_PUBKEY, (EVP_PKEY_get_Key_fn)0, publicKeyFile)) + { + throw OpenSSLException("ECKeyImpl(const string&, const string&, const string&"); + } + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream, + const std::string& privateKeyPassphrase): _pEVPPKey(0) +{ + if (loadKey(&_pEVPPKey, PEM_read_bio_PrivateKey, (EVP_PKEY_get_Key_fn)0, pPrivateKeyStream, privateKeyPassphrase)) + { + poco_check_ptr(_pEVPPKey); + return; // private key is enough + } + + // no private key, this must be public key only, otherwise throw + if (!loadKey(&_pEVPPKey, PEM_read_bio_PUBKEY, (EVP_PKEY_get_Key_fn)0, pPublicKeyStream)) + { + throw OpenSSLException("ECKeyImpl(istream*, istream*, const string&"); + } + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey::EVPPKey(const EVPPKey& other) +{ + duplicate(other._pEVPPKey, &_pEVPPKey); + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey& EVPPKey::operator=(const EVPPKey& other) +{ + duplicate(other._pEVPPKey, &_pEVPPKey); + poco_check_ptr(_pEVPPKey); + return *this; +} + + +#ifdef POCO_ENABLE_CPP11 + +EVPPKey::EVPPKey(EVPPKey&& other): _pEVPPKey(other._pEVPPKey) +{ + other._pEVPPKey = nullptr; + poco_check_ptr(_pEVPPKey); +} + + +EVPPKey& EVPPKey::operator=(EVPPKey&& other) +{ + _pEVPPKey = other._pEVPPKey; + other._pEVPPKey = nullptr; + poco_check_ptr(_pEVPPKey); + return *this; +} + +#endif // POCO_ENABLE_CPP11 + +EVPPKey::~EVPPKey() +{ + if (_pEVPPKey) EVP_PKEY_free(_pEVPPKey); +} + + +void EVPPKey::save(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase) const +{ + if (!publicKeyFile.empty() && (publicKeyFile != privateKeyFile)) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key file", publicKeyFile); + try + { + if (BIO_write_filename(bio, const_cast(publicKeyFile.c_str()))) + { + if (!PEM_write_bio_PUBKEY(bio, _pEVPPKey)) + { + throw Poco::WriteFileException("Failed to write public key to file", publicKeyFile); + } + } + else throw Poco::CreateFileException("Cannot create public key file"); + } + catch (...) + { + BIO_free(bio); + throw; + } + BIO_free(bio); + } + + if (!privateKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing private key file", privateKeyFile); + try + { + if (BIO_write_filename(bio, const_cast(privateKeyFile.c_str()))) + { + int rc = 0; + if (privateKeyPassphrase.empty()) + { + rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, 0, 0, 0, 0, 0); + } + else + { + rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, EVP_des_ede3_cbc(), + reinterpret_cast(const_cast(privateKeyPassphrase.c_str())), + static_cast(privateKeyPassphrase.length()), 0, 0); + } + if (!rc) + throw Poco::FileException("Failed to write private key to file", privateKeyFile); + } + else throw Poco::CreateFileException("Cannot create private key file", privateKeyFile); + } + catch (...) + { + BIO_free(bio); + throw; + } + BIO_free(bio); + } +} + + +void EVPPKey::save(std::ostream* pPublicKeyStream, std::ostream* pPrivateKeyStream, const std::string& privateKeyPassphrase) const +{ + if (pPublicKeyStream && (pPublicKeyStream != pPrivateKeyStream)) + { + BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); + if (!PEM_write_bio_PUBKEY(bio, _pEVPPKey)) + { + BIO_free(bio); + throw Poco::WriteFileException("Failed to write public key to stream"); + } + char* pData; + long size = BIO_get_mem_data(bio, &pData); + pPublicKeyStream->write(pData, static_cast(size)); + BIO_free(bio); + } + + if (pPrivateKeyStream) + { + BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); + int rc = 0; + if (privateKeyPassphrase.empty()) + rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, 0, 0, 0, 0, 0); + else + rc = PEM_write_bio_PrivateKey(bio, _pEVPPKey, EVP_des_ede3_cbc(), + reinterpret_cast(const_cast(privateKeyPassphrase.c_str())), + static_cast(privateKeyPassphrase.length()), 0, 0); + if (!rc) + { + BIO_free(bio); + throw Poco::FileException("Failed to write private key to stream"); + } + char* pData; + long size = BIO_get_mem_data(bio, &pData); + pPrivateKeyStream->write(pData, static_cast(size)); + BIO_free(bio); + } +} + + +EVP_PKEY* EVPPKey::duplicate(const EVP_PKEY* pFromKey, EVP_PKEY** pToKey) +{ + if (!pFromKey) throw NullPointerException("EVPPKey::duplicate(): " + "provided key pointer is null."); + + *pToKey = EVP_PKEY_new(); + if (!*pToKey) throw NullPointerException("EVPPKey::duplicate(): " + "EVP_PKEY_new() returned null."); + + int keyType = type(pFromKey); + switch (keyType) + { + case EVP_PKEY_RSA: + { + RSA* pRSA = EVP_PKEY_get1_RSA(const_cast(pFromKey)); + if (pRSA) + { + EVP_PKEY_set1_RSA(*pToKey, pRSA); + RSA_free(pRSA); + } + else throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_get1_RSA()"); + break; + } + case EVP_PKEY_EC: + { + EC_KEY* pEC = EVP_PKEY_get1_EC_KEY(const_cast(pFromKey)); + if (pEC) + { + EVP_PKEY_set1_EC_KEY(*pToKey, pEC); + EC_KEY_free(pEC); + int cmp = EVP_PKEY_cmp_parameters(*pToKey, pFromKey); + if (cmp < 0) + throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_cmp_parameters()"); + if (0 == cmp) + { + if(!EVP_PKEY_copy_parameters(*pToKey, pFromKey)) + throw OpenSSLException("EVPPKey::duplicate(): EVP_PKEY_copy_parameters()"); + } + } + else throw OpenSSLException(); + break; + } + default: + throw NotImplementedException("EVPPKey:duplicate(); Key type: " + + NumberFormatter::format(keyType)); + } + + return *pToKey; +} + + +void EVPPKey::newECKey(const char* ecCurveName) +{ + int curveID = OBJ_txt2nid(ecCurveName); + EC_KEY* pEC = EC_KEY_new_by_curve_name(curveID); + if (!pEC) goto err; + if (!EC_KEY_generate_key(pEC)) goto err; + _pEVPPKey = EVP_PKEY_new(); + if (!_pEVPPKey) goto err; + if (!EVP_PKEY_set1_EC_KEY(_pEVPPKey, pEC)) goto err; + EC_KEY_free(pEC); + return; +err: + throw OpenSSLException("EVPPKey:newECKey()"); +} + + +void EVPPKey::setKey(ECKey* pKey) +{ + poco_check_ptr(pKey); + poco_check_ptr(pKey->impl()); + setKey(pKey->impl()->getECKey()); +} + + +void EVPPKey::setKey(RSAKey* pKey) +{ + poco_check_ptr(pKey); + poco_check_ptr(pKey->impl()); + setKey(pKey->impl()->getRSA()); +} + + +int EVPPKey::passCB(char* buf, int size, int, void* pass) +{ + if (pass) + { + int len = (int)std::strlen((char*)pass); + if(len > size) len = size; + std::memcpy(buf, pass, len); + return len; + } + return 0; +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/KeyPair.cpp b/base/poco/Crypto/src/KeyPair.cpp new file mode 100644 index 00000000000..1c650806b37 --- /dev/null +++ b/base/poco/Crypto/src/KeyPair.cpp @@ -0,0 +1,34 @@ +// +// KeyPair.cpp +// +// +// Library: Crypto +// Package: CryptoCore +// Module: KeyPair +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/KeyPair.h" +#include + + +namespace Poco { +namespace Crypto { + + +KeyPair::KeyPair(KeyPairImpl::Ptr pKeyPairImpl): _pImpl(pKeyPairImpl) +{ +} + + +KeyPair::~KeyPair() +{ +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/KeyPairImpl.cpp b/base/poco/Crypto/src/KeyPairImpl.cpp new file mode 100644 index 00000000000..c782f04270d --- /dev/null +++ b/base/poco/Crypto/src/KeyPairImpl.cpp @@ -0,0 +1,35 @@ +// +// KeyPairImpl.cpp +// +// +// Library: Crypto +// Package: CryptoCore +// Module: KeyPairImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/KeyPairImpl.h" + + +namespace Poco { +namespace Crypto { + + +KeyPairImpl::KeyPairImpl(const std::string& name, Type type): + _name(name), + _type(type) +{ +} + + +KeyPairImpl::~KeyPairImpl() +{ +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/OpenSSLInitializer.cpp b/base/poco/Crypto/src/OpenSSLInitializer.cpp new file mode 100644 index 00000000000..a3bc1d01431 --- /dev/null +++ b/base/poco/Crypto/src/OpenSSLInitializer.cpp @@ -0,0 +1,190 @@ +// +// OpenSSLInitializer.cpp +// +// Library: Crypto +// Package: CryptoCore +// Module: OpenSSLInitializer +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/OpenSSLInitializer.h" +#include "Poco/RandomStream.h" +#include "Poco/Thread.h" +#include +#include +#include +#include +#if OPENSSL_VERSION_NUMBER >= 0x0907000L +#include +#endif +#if defined(POCO_OS_FAMILY_WINDOWS) + #define POCO_STR_HELPER(x) #x + #define POCO_STR(x) POCO_STR_HELPER(x) + #if defined POCO_INTERNAL_OPENSSL_MSVC_VER + #define POCO_INTERNAL_OPENSSL_BUILD \ + " (POCO internal build, MSVC version " \ + POCO_STR(POCO_INTERNAL_OPENSSL_MSVC_VER) ")" + #else + #define POCO_INTERNAL_OPENSSL_BUILD "" + #endif + #pragma message (OPENSSL_VERSION_TEXT POCO_INTERNAL_OPENSSL_BUILD) +#endif + + +using Poco::RandomInputStream; +using Poco::Thread; + + +#if defined(_MSC_VER) && !defined(_DLL) && defined(POCO_INTERNAL_OPENSSL_MSVC_VER) + + #if (POCO_MSVS_VERSION >= 2015) + FILE _iob[] = { *stdin, *stdout, *stderr }; + extern "C" FILE * __cdecl __iob_func(void) { return _iob; } + #endif // (POCO_MSVS_VERSION >= 2015) + + #if (POCO_MSVS_VERSION < 2012) + extern "C" __declspec(noreturn) void __cdecl __report_rangecheckfailure(void) { ::ExitProcess(1); } + #endif // (POCO_MSVS_VERSION < 2012) + +#endif // _MSC_VER && _MT && !POCO_EXTERNAL_OPENSSL && (POCO_MSVS_VERSION < 2013) + + +namespace Poco { +namespace Crypto { + + +Poco::FastMutex* OpenSSLInitializer::_mutexes(0); +Poco::AtomicCounter OpenSSLInitializer::_rc; + + +OpenSSLInitializer::OpenSSLInitializer() +{ + initialize(); +} + + +OpenSSLInitializer::~OpenSSLInitializer() +{ + try + { + uninitialize(); + } + catch (...) + { + poco_unexpected(); + } +} + + +void OpenSSLInitializer::initialize() +{ + if (++_rc == 1) + { +#if OPENSSL_VERSION_NUMBER >= 0x0907000L + OPENSSL_config(NULL); +#endif + SSL_library_init(); + SSL_load_error_strings(); + OpenSSL_add_all_algorithms(); + + char seed[SEEDSIZE]; + RandomInputStream rnd; + rnd.read(seed, sizeof(seed)); + RAND_seed(seed, SEEDSIZE); + + int nMutexes = CRYPTO_num_locks(); + _mutexes = new Poco::FastMutex[nMutexes]; + CRYPTO_set_locking_callback(&OpenSSLInitializer::lock); +#ifndef POCO_OS_FAMILY_WINDOWS +// Not needed on Windows (see SF #110: random unhandled exceptions when linking with ssl). +// https://sourceforge.net/p/poco/bugs/110/ +// +// From http://www.openssl.org/docs/crypto/threads.html : +// "If the application does not register such a callback using CRYPTO_THREADID_set_callback(), +// then a default implementation is used - on Windows and BeOS this uses the system's +// default thread identifying APIs" + CRYPTO_set_id_callback(&OpenSSLInitializer::id); +#endif + CRYPTO_set_dynlock_create_callback(&OpenSSLInitializer::dynlockCreate); + CRYPTO_set_dynlock_lock_callback(&OpenSSLInitializer::dynlock); + CRYPTO_set_dynlock_destroy_callback(&OpenSSLInitializer::dynlockDestroy); + } +} + + +void OpenSSLInitializer::uninitialize() +{ + if (--_rc == 0) + { + EVP_cleanup(); + ERR_free_strings(); + CRYPTO_set_locking_callback(0); +#ifndef POCO_OS_FAMILY_WINDOWS + CRYPTO_set_id_callback(0); +#endif + delete [] _mutexes; + + CONF_modules_free(); + } +} + + +void OpenSSLInitializer::lock(int mode, int n, const char* file, int line) +{ + if (mode & CRYPTO_LOCK) + _mutexes[n].lock(); + else + _mutexes[n].unlock(); +} + + +unsigned long OpenSSLInitializer::id() +{ + // Note: we use an old-style C cast here because + // neither static_cast<> nor reinterpret_cast<> + // work uniformly across all platforms. + return (unsigned long) Poco::Thread::currentTid(); +} + + +struct CRYPTO_dynlock_value* OpenSSLInitializer::dynlockCreate(const char* file, int line) +{ + return new CRYPTO_dynlock_value; +} + + +void OpenSSLInitializer::dynlock(int mode, struct CRYPTO_dynlock_value* lock, const char* file, int line) +{ + poco_check_ptr (lock); + + if (mode & CRYPTO_LOCK) + lock->_mutex.lock(); + else + lock->_mutex.unlock(); +} + + +void OpenSSLInitializer::dynlockDestroy(struct CRYPTO_dynlock_value* lock, const char* file, int line) +{ + delete lock; +} + + +void initializeCrypto() +{ + OpenSSLInitializer::initialize(); +} + + +void uninitializeCrypto() +{ + OpenSSLInitializer::uninitialize(); +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/PKCS12Container.cpp b/base/poco/Crypto/src/PKCS12Container.cpp new file mode 100644 index 00000000000..def89bf0898 --- /dev/null +++ b/base/poco/Crypto/src/PKCS12Container.cpp @@ -0,0 +1,191 @@ +// +// PKCS12Container.cpp +// +// +// Library: Crypto +// Package: Certificate +// Module: PKCS12Container +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/PKCS12Container.h" +#include "Poco/NumberFormatter.h" +#include "Poco/StreamCopier.h" +#include +#include + + +namespace Poco { +namespace Crypto { + + +PKCS12Container::PKCS12Container(std::istream& istr, const std::string& password): _pKey(0) +{ + std::ostringstream ostr; + Poco::StreamCopier::copyStream(istr, ostr); + const std::string& cont = ostr.str(); + + BIO *pBIO = BIO_new_mem_buf(const_cast(cont.data()), static_cast(cont.size())); + if (pBIO) + { + PKCS12* pPKCS12 = 0; + d2i_PKCS12_bio(pBIO, &pPKCS12); + BIO_free(pBIO); + if (!pPKCS12) throw OpenSSLException("PKCS12Container(istream&, const string&)"); + load(pPKCS12, password); + } + else + { + throw Poco::NullPointerException("PKCS12Container(istream&, const string&)"); + } +} + + +PKCS12Container::PKCS12Container(const std::string& path, const std::string& password): _pKey(0) +{ + FILE* pFile = fopen(path.c_str(), "rb"); + if (pFile) + { + PKCS12* pPKCS12 = d2i_PKCS12_fp(pFile, NULL); + fclose (pFile); + if (!pPKCS12) throw OpenSSLException("PKCS12Container(const string&, const string&)"); + load(pPKCS12, password); + } + else + { + throw Poco::OpenFileException("PKCS12Container: " + path); + } +} + + +PKCS12Container::PKCS12Container(const PKCS12Container& other): + _pKey(EVPPKey::duplicate(other._pKey, &_pKey)), + _pX509Cert(new X509Certificate(*other._pX509Cert)), + _caCertList(other._caCertList), + _caCertNames(other._caCertNames), + _pkcsFriendlyName(other._pkcsFriendlyName) +{ +} + + +PKCS12Container& PKCS12Container::operator = (const PKCS12Container& other) +{ + if (&other != this) + { + if (_pKey) EVP_PKEY_free(_pKey); + _pKey = EVPPKey::duplicate(other._pKey, &_pKey); + _pX509Cert.reset(new X509Certificate(*other._pX509Cert)); + _caCertList = other._caCertList; + _caCertNames = other._caCertNames; + _pkcsFriendlyName = other._pkcsFriendlyName; + } + return *this; +} + + +#ifdef POCO_ENABLE_CPP11 + + +PKCS12Container::PKCS12Container(PKCS12Container&& other): + _pKey(other._pKey), + _pX509Cert(std::move(other._pX509Cert)), + _caCertList(std::move(other._caCertList)), + _caCertNames(std::move(other._caCertNames)), + _pkcsFriendlyName(std::move(other._pkcsFriendlyName)) +{ + other._pKey = 0; +} + + +PKCS12Container& PKCS12Container::operator = (PKCS12Container&& other) +{ + if (&other != this) + { + if (_pKey) EVP_PKEY_free(_pKey); + _pKey = other._pKey; other._pKey = 0; + _pX509Cert = std::move(other._pX509Cert); + _caCertList = std::move(other._caCertList); + _caCertNames = std::move(other._caCertNames); + _pkcsFriendlyName = std::move(other._pkcsFriendlyName); + } + return *this; +} + + +#endif // POCO_ENABLE_CPP11 + + +PKCS12Container::~PKCS12Container() +{ + if (_pKey) EVP_PKEY_free(_pKey); +} + + +std::string PKCS12Container::extractFriendlyName(X509* pCert) +{ + std::string friendlyName; + if(!pCert) throw NullPointerException("PKCS12Container::extractFriendlyName(X509)"); + + // This is how PKCS12_add_cert() sets friendlyName (via PKCS12_add_friendlyname()) + int namelen = 0; + char *name = (char *)X509_alias_get0(pCert, &namelen); + + friendlyName = std::string(name, namelen); + return friendlyName; +} + + +void PKCS12Container::load(PKCS12* pPKCS12, const std::string& password) +{ + if (pPKCS12) + { + X509* pCert = 0; + STACK_OF(X509)* pCA = 0; + if (PKCS12_parse(pPKCS12, password.c_str(), &_pKey, &pCert, &pCA)) + { + if (pCert) + { + _pX509Cert.reset(new X509Certificate(pCert, true)); + _pkcsFriendlyName = extractFriendlyName(pCert); + } + else _pX509Cert.reset(); + + _caCertList.clear(); + _caCertNames.clear(); + if (pCA) + { + int certCount = sk_X509_num(pCA); + for (int i = 0; i < certCount; ++i) + { + X509* pX509 = sk_X509_value(pCA, i); + if (pX509) + { + _caCertList.push_back(X509Certificate(pX509, true)); + _caCertNames.push_back(extractFriendlyName(pX509)); + } + else throw OpenSSLException("PKCS12Container::load()"); + } + } + } + else + { + throw OpenSSLException(); + } + PKCS12_free(pPKCS12); + sk_X509_pop_free(pCA, X509_free); + if (pCert) X509_free(pCert); + poco_assert_dbg (_caCertList.size() == _caCertNames.size()); + } + else + { + throw NullPointerException("PKCS12Container: struct PKCS12"); + } +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/RSACipherImpl.cpp b/base/poco/Crypto/src/RSACipherImpl.cpp new file mode 100644 index 00000000000..4f9ddcf32ad --- /dev/null +++ b/base/poco/Crypto/src/RSACipherImpl.cpp @@ -0,0 +1,342 @@ +// +// RSACipherImpl.cpp +// +// Library: Crypto +// Package: RSA +// Module: RSACipherImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/RSACipherImpl.h" +#include "Poco/Crypto/CryptoTransform.h" +#include "Poco/Exception.h" +#include +#include +#include + + +namespace Poco { +namespace Crypto { + + +namespace +{ + void throwError() + { + unsigned long err; + std::string msg; + + while ((err = ERR_get_error())) + { + if (!msg.empty()) + msg.append("; "); + msg.append(ERR_error_string(err, 0)); + } + + throw Poco::IOException(msg); + } + + + int mapPaddingMode(RSAPaddingMode paddingMode) + { + switch (paddingMode) + { + case RSA_PADDING_PKCS1: + return RSA_PKCS1_PADDING; + case RSA_PADDING_PKCS1_OAEP: + return RSA_PKCS1_OAEP_PADDING; + case RSA_PADDING_NONE: + return RSA_NO_PADDING; + default: + poco_bugcheck(); + return RSA_NO_PADDING; + } + } + + + class RSAEncryptImpl: public CryptoTransform + { + public: + RSAEncryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode); + ~RSAEncryptImpl(); + + std::size_t blockSize() const; + std::size_t maxDataSize() const; + std::string getTag(std::size_t); + void setTag(const std::string&); + + std::streamsize transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength); + + std::streamsize finalize(unsigned char* output, std::streamsize length); + + private: + const RSA* _pRSA; + RSAPaddingMode _paddingMode; + std::streamsize _pos; + unsigned char* _pBuf; + }; + + + RSAEncryptImpl::RSAEncryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode): + _pRSA(pRSA), + _paddingMode(paddingMode), + _pos(0), + _pBuf(0) + { + _pBuf = new unsigned char[blockSize()]; + } + + + RSAEncryptImpl::~RSAEncryptImpl() + { + delete [] _pBuf; + } + + + std::size_t RSAEncryptImpl::blockSize() const + { + return RSA_size(_pRSA); + } + + + std::size_t RSAEncryptImpl::maxDataSize() const + { + std::size_t size = blockSize(); + switch (_paddingMode) + { + case RSA_PADDING_PKCS1: + case RSA_PADDING_SSLV23: + size -= 11; + break; + case RSA_PADDING_PKCS1_OAEP: + size -= 41; + break; + default: + break; + } + return size; + } + + + std::string RSAEncryptImpl::getTag(std::size_t) + { + return std::string(); + } + + + void RSAEncryptImpl::setTag(const std::string&) + { + } + + + std::streamsize RSAEncryptImpl::transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength) + { + // always fill up the buffer before writing! + std::streamsize maxSize = static_cast(maxDataSize()); + std::streamsize rsaSize = static_cast(blockSize()); + poco_assert_dbg(_pos <= maxSize); + poco_assert (outputLength >= rsaSize); + int rc = 0; + while (inputLength > 0) + { + // check how many data bytes we are missing to get the buffer full + poco_assert_dbg (maxSize >= _pos); + std::streamsize missing = maxSize - _pos; + if (missing == 0) + { + poco_assert (outputLength >= rsaSize); + int n = RSA_public_encrypt(static_cast(maxSize), _pBuf, output, const_cast(_pRSA), mapPaddingMode(_paddingMode)); + if (n == -1) + throwError(); + rc += n; + output += n; + outputLength -= n; + _pos = 0; + + } + else + { + if (missing > inputLength) + missing = inputLength; + + std::memcpy(_pBuf + _pos, input, static_cast(missing)); + input += missing; + _pos += missing; + inputLength -= missing; + } + } + return rc; + } + + + std::streamsize RSAEncryptImpl::finalize(unsigned char* output, std::streamsize length) + { + poco_assert (length >= blockSize()); + poco_assert (_pos <= maxDataSize()); + int rc = 0; + if (_pos > 0) + { + rc = RSA_public_encrypt(static_cast(_pos), _pBuf, output, const_cast(_pRSA), mapPaddingMode(_paddingMode)); + if (rc == -1) throwError(); + } + return rc; + } + + + class RSADecryptImpl: public CryptoTransform + { + public: + RSADecryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode); + ~RSADecryptImpl(); + + std::size_t blockSize() const; + std::string getTag(std::size_t); + void setTag(const std::string&); + + std::streamsize transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength); + + std::streamsize finalize( + unsigned char* output, + std::streamsize length); + + private: + const RSA* _pRSA; + RSAPaddingMode _paddingMode; + std::streamsize _pos; + unsigned char* _pBuf; + }; + + + RSADecryptImpl::RSADecryptImpl(const RSA* pRSA, RSAPaddingMode paddingMode): + _pRSA(pRSA), + _paddingMode(paddingMode), + _pos(0), + _pBuf(0) + { + _pBuf = new unsigned char[blockSize()]; + } + + + RSADecryptImpl::~RSADecryptImpl() + { + delete [] _pBuf; + } + + + std::size_t RSADecryptImpl::blockSize() const + { + return RSA_size(_pRSA); + } + + + std::string RSADecryptImpl::getTag(std::size_t) + { + return std::string(); + } + + + void RSADecryptImpl::setTag(const std::string&) + { + } + + + std::streamsize RSADecryptImpl::transform( + const unsigned char* input, + std::streamsize inputLength, + unsigned char* output, + std::streamsize outputLength) + { + + // always fill up the buffer before decrypting! + std::streamsize rsaSize = static_cast(blockSize()); + poco_assert_dbg(_pos <= rsaSize); + poco_assert (outputLength >= rsaSize); + int rc = 0; + while (inputLength > 0) + { + // check how many data bytes we are missing to get the buffer full + poco_assert_dbg (rsaSize >= _pos); + std::streamsize missing = rsaSize - _pos; + if (missing == 0) + { + int tmp = RSA_private_decrypt(static_cast(rsaSize), _pBuf, output, const_cast(_pRSA), mapPaddingMode(_paddingMode)); + if (tmp == -1) + throwError(); + rc += tmp; + output += tmp; + outputLength -= tmp; + _pos = 0; + + } + else + { + if (missing > inputLength) + missing = inputLength; + + std::memcpy(_pBuf + _pos, input, static_cast(missing)); + input += missing; + _pos += missing; + inputLength -= missing; + } + } + return rc; + } + + + std::streamsize RSADecryptImpl::finalize(unsigned char* output, std::streamsize length) + { + poco_assert (length >= blockSize()); + int rc = 0; + if (_pos > 0) + { + rc = RSA_private_decrypt(static_cast(_pos), _pBuf, output, const_cast(_pRSA), mapPaddingMode(_paddingMode)); + if (rc == -1) + throwError(); + } + return rc; + } +} + + +RSACipherImpl::RSACipherImpl(const RSAKey& key, RSAPaddingMode paddingMode): + _key(key), + _paddingMode(paddingMode) +{ +} + + +RSACipherImpl::~RSACipherImpl() +{ +} + + +CryptoTransform* RSACipherImpl::createEncryptor() +{ + return new RSAEncryptImpl(_key.impl()->getRSA(), _paddingMode); +} + + +CryptoTransform* RSACipherImpl::createDecryptor() +{ + return new RSADecryptImpl(_key.impl()->getRSA(), _paddingMode); +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/RSADigestEngine.cpp b/base/poco/Crypto/src/RSADigestEngine.cpp new file mode 100644 index 00000000000..948aa25ac6c --- /dev/null +++ b/base/poco/Crypto/src/RSADigestEngine.cpp @@ -0,0 +1,96 @@ +// +// RSADigestEngine.cpp +// +// Library: Crypto +// Package: RSA +// Module: RSADigestEngine +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/RSADigestEngine.h" +#include + + +namespace Poco { +namespace Crypto { + + +RSADigestEngine::RSADigestEngine(const RSAKey& key, DigestType digestType): + _key(key), + _engine(digestType == DIGEST_MD5 ? "MD5" : "SHA1") +{ +} + +RSADigestEngine::RSADigestEngine(const RSAKey& key, const std::string &name): + _key(key), + _engine(name) +{ +} + + +RSADigestEngine::~RSADigestEngine() +{ +} + + +std::size_t RSADigestEngine::digestLength() const +{ + return _engine.digestLength(); +} + + +void RSADigestEngine::reset() +{ + _engine.reset(); + _digest.clear(); + _signature.clear(); +} + + +const DigestEngine::Digest& RSADigestEngine::digest() +{ + if (_digest.empty()) + { + _digest = _engine.digest(); + } + return _digest; +} + + +const DigestEngine::Digest& RSADigestEngine::signature() +{ + if (_signature.empty()) + { + digest(); + _signature.resize(_key.size()); + unsigned sigLen = static_cast(_signature.size()); + RSA_sign(_engine.nid(), &_digest[0], static_cast(_digest.size()), &_signature[0], &sigLen, _key.impl()->getRSA()); + // truncate _sig to sigLen + if (sigLen < _signature.size()) + _signature.resize(sigLen); + } + return _signature; +} + + +bool RSADigestEngine::verify(const DigestEngine::Digest& sig) +{ + digest(); + DigestEngine::Digest sigCpy = sig; // copy becausse RSA_verify can modify sigCpy + int ret = RSA_verify(_engine.nid(), &_digest[0], static_cast(_digest.size()), &sigCpy[0], static_cast(sigCpy.size()), _key.impl()->getRSA()); + return ret != 0; +} + + +void RSADigestEngine::updateImpl(const void* data, std::size_t length) +{ + _engine.update(data, length); +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Crypto/src/RSAKey.cpp b/base/poco/Crypto/src/RSAKey.cpp new file mode 100644 index 00000000000..b81a0281bf5 --- /dev/null +++ b/base/poco/Crypto/src/RSAKey.cpp @@ -0,0 +1,87 @@ +// +// RSAKey.cpp +// +// Library: Crypto +// Package: RSA +// Module: RSAKey +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/RSAKey.h" +#include + + +namespace Poco { +namespace Crypto { + + +RSAKey::RSAKey(const EVPPKey& key): + KeyPair(new RSAKeyImpl(key)), + _pImpl(KeyPair::impl().cast()) +{ +} + + +RSAKey::RSAKey(const X509Certificate& cert): + KeyPair(new RSAKeyImpl(cert)), + _pImpl(KeyPair::impl().cast()) +{ +} + + +RSAKey::RSAKey(const PKCS12Container& cont): + KeyPair(new RSAKeyImpl(cont)), + _pImpl(KeyPair::impl().cast()) +{ +} + + +RSAKey::RSAKey(KeyLength keyLength, Exponent exp): + KeyPair(new RSAKeyImpl(keyLength, (exp == EXP_LARGE) ? RSA_F4 : RSA_3)), + _pImpl(KeyPair::impl().cast()) +{ +} + + +RSAKey::RSAKey(const std::string& publicKeyFile, const std::string& privateKeyFile, const std::string& privateKeyPassphrase): + KeyPair(new RSAKeyImpl(publicKeyFile, privateKeyFile, privateKeyPassphrase)), + _pImpl(KeyPair::impl().cast()) +{ +} + + +RSAKey::RSAKey(std::istream* pPublicKeyStream, std::istream* pPrivateKeyStream, const std::string& privateKeyPassphrase): + KeyPair(new RSAKeyImpl(pPublicKeyStream, pPrivateKeyStream, privateKeyPassphrase)), + _pImpl(KeyPair::impl().cast()) +{ +} + + +RSAKey::~RSAKey() +{ +} + +RSAKeyImpl::ByteVec RSAKey::modulus() const +{ + return _pImpl->modulus(); +} + + +RSAKeyImpl::ByteVec RSAKey::encryptionExponent() const +{ + return _pImpl->encryptionExponent(); +} + + +RSAKeyImpl::ByteVec RSAKey::decryptionExponent() const +{ + return _pImpl->decryptionExponent(); +} + + +} } // namespace Poco::Crypto \ No newline at end of file diff --git a/base/poco/Crypto/src/RSAKeyImpl.cpp b/base/poco/Crypto/src/RSAKeyImpl.cpp new file mode 100644 index 00000000000..86089b828b1 --- /dev/null +++ b/base/poco/Crypto/src/RSAKeyImpl.cpp @@ -0,0 +1,386 @@ +// +// RSAKeyImpl.cpp +// +// Library: Crypto +// Package: RSA +// Module: RSAKeyImpl +// +// Copyright (c) 2008, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/RSAKeyImpl.h" +#include "Poco/Crypto/X509Certificate.h" +#include "Poco/Crypto/PKCS12Container.h" +#include "Poco/FileStream.h" +#include "Poco/StreamCopier.h" +#include +#include +#include +#include +#if OPENSSL_VERSION_NUMBER >= 0x00908000L +#include +#endif + + +namespace Poco { +namespace Crypto { + + +RSAKeyImpl::RSAKeyImpl(const EVPPKey& key): + KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(EVP_PKEY_get1_RSA(const_cast((const EVP_PKEY*)key))) +{ + if (!_pRSA) throw OpenSSLException(); +} + + +RSAKeyImpl::RSAKeyImpl(const X509Certificate& cert): + KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ + const X509* pCert = cert.certificate(); + EVP_PKEY* pKey = X509_get_pubkey(const_cast(pCert)); + if (pKey) + { + _pRSA = EVP_PKEY_get1_RSA(pKey); + EVP_PKEY_free(pKey); + } + else + throw OpenSSLException("RSAKeyImpl(const X509Certificate&)"); +} + + +RSAKeyImpl::RSAKeyImpl(const PKCS12Container& cont): + KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ + EVPPKey key = cont.getKey(); + _pRSA = EVP_PKEY_get1_RSA(key); +} + + +RSAKeyImpl::RSAKeyImpl(int keyLength, unsigned long exponent): KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ +#if OPENSSL_VERSION_NUMBER >= 0x00908000L + _pRSA = RSA_new(); + int ret = 0; + BIGNUM* bn = 0; + try + { + bn = BN_new(); + BN_set_word(bn, exponent); + ret = RSA_generate_key_ex(_pRSA, keyLength, bn, 0); + BN_free(bn); + } + catch (...) + { + BN_free(bn); + throw; + } + if (!ret) throw Poco::InvalidArgumentException("Failed to create RSA context"); +#else + _pRSA = RSA_generate_key(keyLength, exponent, 0, 0); + if (!_pRSA) throw Poco::InvalidArgumentException("Failed to create RSA context"); +#endif +} + + +RSAKeyImpl::RSAKeyImpl(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase): KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ + poco_assert_dbg(_pRSA == 0); + + _pRSA = RSA_new(); + if (!publicKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for reading public key", publicKeyFile); + int rc = BIO_read_filename(bio, publicKeyFile.c_str()); + if (rc) + { + RSA* pubKey = PEM_read_bio_RSAPublicKey(bio, &_pRSA, 0, 0); + if (!pubKey) + { + int rc = BIO_reset(bio); + // BIO_reset() normally returns 1 for success and 0 or -1 for failure. + // File BIOs are an exception, they return 0 for success and -1 for failure. + if (rc != 0) throw Poco::FileException("Failed to load public key", publicKeyFile); + pubKey = PEM_read_bio_RSA_PUBKEY(bio, &_pRSA, 0, 0); + } + BIO_free(bio); + if (!pubKey) + { + freeRSA(); + throw Poco::FileException("Failed to load public key", publicKeyFile); + } + } + else + { + freeRSA(); + throw Poco::FileNotFoundException("Public key file", publicKeyFile); + } + } + + if (!privateKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for reading private key", privateKeyFile); + int rc = BIO_read_filename(bio, privateKeyFile.c_str()); + if (rc) + { + RSA* privKey = 0; + if (privateKeyPassphrase.empty()) + privKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, 0); + else + privKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, const_cast(privateKeyPassphrase.c_str())); + BIO_free(bio); + if (!privKey) + { + freeRSA(); + throw Poco::FileException("Failed to load private key", privateKeyFile); + } + } + else + { + freeRSA(); + throw Poco::FileNotFoundException("Private key file", privateKeyFile); + } + } +} + + +RSAKeyImpl::RSAKeyImpl(std::istream* pPublicKeyStream, + std::istream* pPrivateKeyStream, + const std::string& privateKeyPassphrase): KeyPairImpl("rsa", KT_RSA_IMPL), + _pRSA(0) +{ + poco_assert_dbg(_pRSA == 0); + + _pRSA = RSA_new(); + if (pPublicKeyStream) + { + std::string publicKeyData; + Poco::StreamCopier::copyToString(*pPublicKeyStream, publicKeyData); + BIO* bio = BIO_new_mem_buf(const_cast(publicKeyData.data()), static_cast(publicKeyData.size())); + if (!bio) throw Poco::IOException("Cannot create BIO for reading public key"); + RSA* publicKey = PEM_read_bio_RSAPublicKey(bio, &_pRSA, 0, 0); + if (!publicKey) + { + int rc = BIO_reset(bio); + // BIO_reset() normally returns 1 for success and 0 or -1 for failure. + // File BIOs are an exception, they return 0 for success and -1 for failure. + if (rc != 1) throw Poco::FileException("Failed to load public key"); + publicKey = PEM_read_bio_RSA_PUBKEY(bio, &_pRSA, 0, 0); + } + BIO_free(bio); + if (!publicKey) + { + freeRSA(); + throw Poco::FileException("Failed to load public key"); + } + } + + if (pPrivateKeyStream) + { + std::string privateKeyData; + Poco::StreamCopier::copyToString(*pPrivateKeyStream, privateKeyData); + BIO* bio = BIO_new_mem_buf(const_cast(privateKeyData.data()), static_cast(privateKeyData.size())); + if (!bio) throw Poco::IOException("Cannot create BIO for reading private key"); + RSA* privateKey = 0; + if (privateKeyPassphrase.empty()) + privateKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, 0); + else + privateKey = PEM_read_bio_RSAPrivateKey(bio, &_pRSA, 0, const_cast(privateKeyPassphrase.c_str())); + BIO_free(bio); + if (!privateKey) + { + freeRSA(); + throw Poco::FileException("Failed to load private key"); + } + } +} + + +RSAKeyImpl::~RSAKeyImpl() +{ + freeRSA(); +} + + +void RSAKeyImpl::freeRSA() +{ + if (_pRSA) RSA_free(_pRSA); + _pRSA = 0; +} + + +int RSAKeyImpl::size() const +{ + return RSA_size(_pRSA); +} + + +RSAKeyImpl::ByteVec RSAKeyImpl::modulus() const +{ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + const BIGNUM* n = 0; + const BIGNUM* e = 0; + const BIGNUM* d = 0; + RSA_get0_key(_pRSA, &n, &e, &d); + return convertToByteVec(n); +#else + return convertToByteVec(_pRSA->n); +#endif +} + + +RSAKeyImpl::ByteVec RSAKeyImpl::encryptionExponent() const +{ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + const BIGNUM* n = 0; + const BIGNUM* e = 0; + const BIGNUM* d = 0; + RSA_get0_key(_pRSA, &n, &e, &d); + return convertToByteVec(e); +#else + return convertToByteVec(_pRSA->e); +#endif +} + + +RSAKeyImpl::ByteVec RSAKeyImpl::decryptionExponent() const +{ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + const BIGNUM* n = 0; + const BIGNUM* e = 0; + const BIGNUM* d = 0; + RSA_get0_key(_pRSA, &n, &e, &d); + return convertToByteVec(d); +#else + return convertToByteVec(_pRSA->d); +#endif +} + + +void RSAKeyImpl::save(const std::string& publicKeyFile, + const std::string& privateKeyFile, + const std::string& privateKeyPassphrase) const +{ + if (!publicKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key file", publicKeyFile); + try + { + if (BIO_write_filename(bio, const_cast(publicKeyFile.c_str()))) + { + if (!PEM_write_bio_RSAPublicKey(bio, _pRSA)) + throw Poco::WriteFileException("Failed to write public key to file", publicKeyFile); + } + else throw Poco::CreateFileException("Cannot create public key file"); + } + catch (...) + { + BIO_free(bio); + throw; + } + BIO_free(bio); + } + + if (!privateKeyFile.empty()) + { + BIO* bio = BIO_new(BIO_s_file()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing private key file", privateKeyFile); + try + { + if (BIO_write_filename(bio, const_cast(privateKeyFile.c_str()))) + { + int rc = 0; + if (privateKeyPassphrase.empty()) + rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, 0, 0, 0, 0, 0); + else + rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, EVP_des_ede3_cbc(), + reinterpret_cast(const_cast(privateKeyPassphrase.c_str())), + static_cast(privateKeyPassphrase.length()), 0, 0); + if (!rc) throw Poco::FileException("Failed to write private key to file", privateKeyFile); + } + else throw Poco::CreateFileException("Cannot create private key file", privateKeyFile); + } + catch (...) + { + BIO_free(bio); + throw; + } + BIO_free(bio); + } +} + + +void RSAKeyImpl::save(std::ostream* pPublicKeyStream, + std::ostream* pPrivateKeyStream, + const std::string& privateKeyPassphrase) const +{ + if (pPublicKeyStream) + { + BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); + if (!PEM_write_bio_RSAPublicKey(bio, _pRSA)) + { + BIO_free(bio); + throw Poco::WriteFileException("Failed to write public key to stream"); + } + char* pData; + long size = BIO_get_mem_data(bio, &pData); + pPublicKeyStream->write(pData, static_cast(size)); + BIO_free(bio); + } + + if (pPrivateKeyStream) + { + BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) throw Poco::IOException("Cannot create BIO for writing public key"); + int rc = 0; + if (privateKeyPassphrase.empty()) + rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, 0, 0, 0, 0, 0); + else + rc = PEM_write_bio_RSAPrivateKey(bio, _pRSA, EVP_des_ede3_cbc(), + reinterpret_cast(const_cast(privateKeyPassphrase.c_str())), + static_cast(privateKeyPassphrase.length()), 0, 0); + if (!rc) + { + BIO_free(bio); + throw Poco::FileException("Failed to write private key to stream"); + } + char* pData; + long size = BIO_get_mem_data(bio, &pData); + pPrivateKeyStream->write(pData, static_cast(size)); + BIO_free(bio); + } +} + + +RSAKeyImpl::ByteVec RSAKeyImpl::convertToByteVec(const BIGNUM* bn) +{ + int numBytes = BN_num_bytes(bn); + ByteVec byteVector(numBytes); + + ByteVec::value_type* buffer = new ByteVec::value_type[numBytes]; + BN_bn2bin(bn, buffer); + + for (int i = 0; i < numBytes; ++i) + byteVector[i] = buffer[i]; + + delete [] buffer; + + return byteVector; +} + + +} } // namespace Poco::Crypto \ No newline at end of file diff --git a/base/poco/Crypto/src/X509Certificate.cpp b/base/poco/Crypto/src/X509Certificate.cpp new file mode 100644 index 00000000000..a32e465bb0a --- /dev/null +++ b/base/poco/Crypto/src/X509Certificate.cpp @@ -0,0 +1,386 @@ +// +// X509Certificate.cpp +// +// Library: Crypto +// Package: Certificate +// Module: X509Certificate +// +// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#include "Poco/Crypto/X509Certificate.h" +#include "Poco/Crypto/CryptoException.h" +#include "Poco/StreamCopier.h" +#include "Poco/String.h" +#include "Poco/DateTimeParser.h" +#include "Poco/Format.h" +#include +#include +#ifdef _WIN32 +// fix for WIN32 header conflict +#undef X509_NAME +#endif +#include +#include +#include + + +namespace Poco { +namespace Crypto { + + +X509Certificate::X509Certificate(std::istream& istr): + _pCert(0) +{ + load(istr); +} + + +X509Certificate::X509Certificate(const std::string& path): + _pCert(0) +{ + load(path); +} + + +X509Certificate::X509Certificate(X509* pCert): + _pCert(pCert) +{ + poco_check_ptr(_pCert); + + init(); +} + + +X509Certificate::X509Certificate(X509* pCert, bool shared): + _pCert(pCert) +{ + poco_check_ptr(_pCert); + + if (shared) + { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + X509_up_ref(_pCert); +#else + _pCert->references++; +#endif + } + + init(); +} + + +X509Certificate::X509Certificate(const X509Certificate& cert): + _issuerName(cert._issuerName), + _subjectName(cert._subjectName), + _serialNumber(cert._serialNumber), + _pCert(cert._pCert) +{ + _pCert = X509_dup(_pCert); +} + + +X509Certificate& X509Certificate::operator = (const X509Certificate& cert) +{ + X509Certificate tmp(cert); + swap(tmp); + return *this; +} + + +void X509Certificate::swap(X509Certificate& cert) +{ + using std::swap; + swap(cert._issuerName, _issuerName); + swap(cert._subjectName, _subjectName); + swap(cert._serialNumber, _serialNumber); + swap(cert._pCert, _pCert); +} + + +X509Certificate::~X509Certificate() +{ + X509_free(_pCert); +} + + +void X509Certificate::load(std::istream& istr) +{ + poco_assert (!_pCert); + + std::stringstream certStream; + Poco::StreamCopier::copyStream(istr, certStream); + std::string cert = certStream.str(); + + BIO *pBIO = BIO_new_mem_buf(const_cast(cert.data()), static_cast(cert.size())); + if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate"); + _pCert = PEM_read_bio_X509(pBIO, 0, 0, 0); + BIO_free(pBIO); + + if (!_pCert) throw Poco::IOException("Failed to load certificate from stream"); + + init(); +} + + +void X509Certificate::load(const std::string& path) +{ + poco_assert (!_pCert); + + BIO *pBIO = BIO_new(BIO_s_file()); + if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate file", path); + if (!BIO_read_filename(pBIO, path.c_str())) + { + BIO_free(pBIO); + throw Poco::OpenFileException("Cannot open certificate file for reading", path); + } + + _pCert = PEM_read_bio_X509(pBIO, 0, 0, 0); + BIO_free(pBIO); + + if (!_pCert) throw Poco::ReadFileException("Faild to load certificate from", path); + + init(); +} + + +void X509Certificate::save(std::ostream& stream) const +{ + BIO *pBIO = BIO_new(BIO_s_mem()); + if (!pBIO) throw Poco::IOException("Cannot create BIO for writing certificate"); + try + { + if (!PEM_write_bio_X509(pBIO, _pCert)) + throw Poco::IOException("Failed to write certificate to stream"); + + char *pData; + long size; + size = BIO_get_mem_data(pBIO, &pData); + stream.write(pData, size); + } + catch (...) + { + BIO_free(pBIO); + throw; + } + BIO_free(pBIO); +} + + +void X509Certificate::save(const std::string& path) const +{ + BIO *pBIO = BIO_new(BIO_s_file()); + if (!pBIO) throw Poco::IOException("Cannot create BIO for reading certificate file", path); + if (!BIO_write_filename(pBIO, const_cast(path.c_str()))) + { + BIO_free(pBIO); + throw Poco::CreateFileException("Cannot create certificate file", path); + } + try + { + if (!PEM_write_bio_X509(pBIO, _pCert)) + throw Poco::WriteFileException("Failed to write certificate to file", path); + } + catch (...) + { + BIO_free(pBIO); + throw; + } + BIO_free(pBIO); +} + + +void X509Certificate::init() +{ + char buffer[NAME_BUFFER_SIZE]; + X509_NAME_oneline(X509_get_issuer_name(_pCert), buffer, sizeof(buffer)); + _issuerName = buffer; + X509_NAME_oneline(X509_get_subject_name(_pCert), buffer, sizeof(buffer)); + _subjectName = buffer; + BIGNUM* pBN = ASN1_INTEGER_to_BN(X509_get_serialNumber(const_cast(_pCert)), 0); + if (pBN) + { + char* pSN = BN_bn2hex(pBN); + if (pSN) + { + _serialNumber = pSN; + OPENSSL_free(pSN); + } + BN_free(pBN); + } +} + + +std::string X509Certificate::commonName() const +{ + return subjectName(NID_COMMON_NAME); +} + + +std::string X509Certificate::issuerName(NID nid) const +{ + if (X509_NAME* issuer = X509_get_issuer_name(_pCert)) + { + char buffer[NAME_BUFFER_SIZE]; + if (X509_NAME_get_text_by_NID(issuer, nid, buffer, sizeof(buffer)) >= 0) + return std::string(buffer); + } + return std::string(); +} + + +std::string X509Certificate::subjectName(NID nid) const +{ + if (X509_NAME* subj = X509_get_subject_name(_pCert)) + { + char buffer[NAME_BUFFER_SIZE]; + if (X509_NAME_get_text_by_NID(subj, nid, buffer, sizeof(buffer)) >= 0) + return std::string(buffer); + } + return std::string(); +} + + +void X509Certificate::extractNames(std::string& cmnName, std::set& domainNames) const +{ + domainNames.clear(); + if (STACK_OF(GENERAL_NAME)* names = static_cast(X509_get_ext_d2i(_pCert, NID_subject_alt_name, 0, 0))) + { + for (int i = 0; i < sk_GENERAL_NAME_num(names); ++i) + { + const GENERAL_NAME* name = sk_GENERAL_NAME_value(names, i); + if (name->type == GEN_DNS) + { + const char* data = reinterpret_cast(ASN1_STRING_data(name->d.ia5)); + std::size_t len = ASN1_STRING_length(name->d.ia5); + domainNames.insert(std::string(data, len)); + } + } + GENERAL_NAMES_free(names); + } + + cmnName = commonName(); + if (!cmnName.empty() && domainNames.empty()) + { + domainNames.insert(cmnName); + } +} + + +Poco::DateTime X509Certificate::validFrom() const +{ + ASN1_TIME* certTime = X509_get_notBefore(_pCert); + std::string dateTime(reinterpret_cast(certTime->data)); + int tzd; + return DateTimeParser::parse("%y%m%d%H%M%S", dateTime, tzd); +} + + +Poco::DateTime X509Certificate::expiresOn() const +{ + ASN1_TIME* certTime = X509_get_notAfter(_pCert); + std::string dateTime(reinterpret_cast(certTime->data)); + int tzd; + return DateTimeParser::parse("%y%m%d%H%M%S", dateTime, tzd); +} + + +bool X509Certificate::issuedBy(const X509Certificate& issuerCertificate) const +{ + X509* pCert = const_cast(_pCert); + X509* pIssuerCert = const_cast(issuerCertificate.certificate()); + EVP_PKEY* pIssuerPublicKey = X509_get_pubkey(pIssuerCert); + if (!pIssuerPublicKey) throw Poco::InvalidArgumentException("Issuer certificate has no public key"); + int rc = X509_verify(pCert, pIssuerPublicKey); + EVP_PKEY_free(pIssuerPublicKey); + return rc == 1; +} + + +bool X509Certificate::equals(const X509Certificate& otherCertificate) const +{ + X509* pCert = const_cast(_pCert); + X509* pOtherCert = const_cast(otherCertificate.certificate()); + return X509_cmp(pCert, pOtherCert) == 0; +} + + +std::string X509Certificate::signatureAlgorithm() const +{ + int sigNID = NID_undef; + +#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + sigNID = X509_get_signature_nid(_pCert); +#else + poco_check_ptr(_pCert->sig_alg); + sigNID = OBJ_obj2nid(_pCert->sig_alg->algorithm); +#endif + + if (sigNID != NID_undef) + { + const char* pAlgName = OBJ_nid2ln(sigNID); + if (pAlgName) return std::string(pAlgName); + else throw OpenSSLException(Poco::format("X509Certificate::" + "signatureAlgorithm(): OBJ_nid2ln(%d)", sigNID)); + } + else + throw NotFoundException("X509Certificate::signatureAlgorithm()"); + + return ""; +} + + +X509Certificate::List X509Certificate::readPEM(const std::string& pemFileName) +{ + List caCertList; + BIO* pBIO = BIO_new_file(pemFileName.c_str(), "r"); + if (pBIO == NULL) throw OpenFileException("X509Certificate::readPEM()"); + X509* x = PEM_read_bio_X509(pBIO, NULL, 0, NULL); + if (!x) throw OpenSSLException(Poco::format("X509Certificate::readPEM(%s)", pemFileName)); + while(x) + { + caCertList.push_back(X509Certificate(x)); + x = PEM_read_bio_X509(pBIO, NULL, 0, NULL); + } + BIO_free(pBIO); + return caCertList; +} + + +void X509Certificate::writePEM(const std::string& pemFileName, const List& list) +{ + BIO* pBIO = BIO_new_file(pemFileName.c_str(), "a"); + if (pBIO == NULL) throw OpenFileException("X509Certificate::writePEM()"); + List::const_iterator it = list.begin(); + List::const_iterator end = list.end(); + for (; it != end; ++it) + { + if (!PEM_write_bio_X509(pBIO, const_cast(it->certificate()))) + { + throw OpenSSLException("X509Certificate::writePEM()"); + } + } + BIO_free(pBIO); +} + + +void X509Certificate::print(std::ostream& out) const +{ + out << "subjectName: " << subjectName() << std::endl; + out << "issuerName: " << issuerName() << std::endl; + out << "commonName: " << commonName() << std::endl; + out << "country: " << subjectName(X509Certificate::NID_COUNTRY) << std::endl; + out << "localityName: " << subjectName(X509Certificate::NID_LOCALITY_NAME) << std::endl; + out << "stateOrProvince: " << subjectName(X509Certificate::NID_STATE_OR_PROVINCE) << std::endl; + out << "organizationName: " << subjectName(X509Certificate::NID_ORGANIZATION_NAME) << std::endl; + out << "organizationUnitName: " << subjectName(X509Certificate::NID_ORGANIZATION_UNIT_NAME) << std::endl; + out << "emailAddress: " << subjectName(X509Certificate::NID_PKCS9_EMAIL_ADDRESS) << std::endl; + out << "serialNumber: " << subjectName(X509Certificate::NID_SERIAL_NUMBER) << std::endl; +} + + +} } // namespace Poco::Crypto diff --git a/base/poco/Data/CMakeLists.txt b/base/poco/Data/CMakeLists.txt new file mode 100644 index 00000000000..142d3592b69 --- /dev/null +++ b/base/poco/Data/CMakeLists.txt @@ -0,0 +1,7 @@ +file (GLOB SRCS src/*.cpp) + +add_library (_poco_data ${SRCS}) +add_library (Poco::Data ALIAS _poco_data) + +target_include_directories (_poco_data SYSTEM PUBLIC "include") +target_link_libraries (_poco_data PUBLIC Poco::Foundation) diff --git a/base/poco/Data/ODBC/CMakeLists.txt b/base/poco/Data/ODBC/CMakeLists.txt new file mode 100644 index 00000000000..4a49f915b67 --- /dev/null +++ b/base/poco/Data/ODBC/CMakeLists.txt @@ -0,0 +1,39 @@ +if (ENABLE_ODBC) + if (NOT TARGET ch_contrib::unixodbc) + message(FATAL_ERROR "Configuration error: unixodbc is not a target") + endif() + + set (SRCS + src/Binder.cpp + src/ConnectionHandle.cpp + src/Connector.cpp + src/EnvironmentHandle.cpp + src/Extractor.cpp + src/ODBCException.cpp + src/ODBCMetaColumn.cpp + src/ODBCStatementImpl.cpp + src/Parameter.cpp + src/Preparator.cpp + src/SessionImpl.cpp + src/TypeInfo.cpp + src/Unicode.cpp + src/Utility.cpp + ) + + add_library (_poco_data_odbc ${SRCS}) + add_library (Poco::Data::ODBC ALIAS _poco_data_odbc) + + target_compile_options (_poco_data_odbc PRIVATE -Wno-unused-variable) + target_include_directories (_poco_data_odbc SYSTEM PUBLIC "include") + target_link_libraries (_poco_data_odbc PUBLIC Poco::Data ch_contrib::unixodbc) + + message (STATUS "Using Poco::Data::ODBC") +else () + add_library (_poco_data_odbc INTERFACE) + add_library (Poco::Data::ODBC ALIAS _poco_data_odbc) + if (TARGET ch_contrib::unixodbc) + target_link_libraries (_poco_data_odbc INTERFACE ch_contrib::unixodbc) + endif() + + message (STATUS "Not using Poco::Data::ODBC") +endif () diff --git a/base/poco/Data/ODBC/include/Poco/Data/ODBC/Binder.h b/base/poco/Data/ODBC/include/Poco/Data/ODBC/Binder.h new file mode 100644 index 00000000000..fd3241fbf8c --- /dev/null +++ b/base/poco/Data/ODBC/include/Poco/Data/ODBC/Binder.h @@ -0,0 +1,1516 @@ +// +// Binder.h +// +// Library: Data/ODBC +// Package: ODBC +// Module: Binder +// +// Definition of the Binder class. +// +// Copyright (c) 2006, Applied Informatics Software Engineering GmbH. +// and Contributors. +// +// SPDX-License-Identifier: BSL-1.0 +// + + +#ifndef Data_ODBC_Binder_INCLUDED +#define Data_ODBC_Binder_INCLUDED + + +#include "Poco/Data/ODBC/ODBC.h" +#include "Poco/Data/AbstractBinder.h" +#include "Poco/Data/LOB.h" +#include "Poco/Data/ODBC/Handle.h" +#include "Poco/Data/ODBC/Parameter.h" +#include "Poco/Data/ODBC/ODBCMetaColumn.h" +#include "Poco/Data/ODBC/Utility.h" +#include "Poco/Data/ODBC/TypeInfo.h" +#include "Poco/Exception.h" +#include +#include +#include +#include +#ifdef POCO_OS_FAMILY_WINDOWS +#include +#endif +#include + + +namespace Poco { + + +class DateTime; + + +namespace Data { + + +class Date; +class Time; + + +namespace ODBC { + + +class ODBC_API Binder: public Poco::Data::AbstractBinder + /// Binds placeholders in the sql query to the provided values. Performs data types mapping. +{ +public: + typedef AbstractBinder::Direction Direction; + typedef std::map ParamMap; + + static const size_t DEFAULT_PARAM_SIZE = 1024; + + enum ParameterBinding + { + PB_IMMEDIATE, + PB_AT_EXEC + }; + + Binder(const StatementHandle& rStmt, + std::size_t maxFieldSize, + ParameterBinding dataBinding = PB_IMMEDIATE, + TypeInfo* pDataTypes = 0); + /// Creates the Binder. + + ~Binder(); + /// Destroys the Binder. + + void bind(std::size_t pos, const Poco::Int8& val, Direction dir); + /// Binds an Int8. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds an Int8 vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds an Int8 deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds an Int8 list. + + void bind(std::size_t pos, const Poco::UInt8& val, Direction dir); + /// Binds an UInt8. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds an UInt8 vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds an UInt8 deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds an UInt8 list. + + void bind(std::size_t pos, const Poco::Int16& val, Direction dir); + /// Binds an Int16. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds an Int16 vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds an Int16 deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds an Int16 list. + + void bind(std::size_t pos, const Poco::UInt16& val, Direction dir); + /// Binds an UInt16. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds an UInt16 vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds an UInt16 deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds an UInt16 list. + + void bind(std::size_t pos, const Poco::Int32& val, Direction dir); + /// Binds an Int32. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds an Int32 vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds an Int32 deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds an Int32 list. + + void bind(std::size_t pos, const Poco::UInt32& val, Direction dir); + /// Binds an UInt32. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds an UInt32 vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds an UInt32 deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds an UInt32 list. + + void bind(std::size_t pos, const Poco::Int64& val, Direction dir); + /// Binds an Int64. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds an Int64 vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds an Int64 deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds an Int64 list. + + void bind(std::size_t pos, const Poco::UInt64& val, Direction dir); + /// Binds an UInt64. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds an UInt64 vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds an UInt64 deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds an UInt64 list. + +#ifndef POCO_LONG_IS_64_BIT + void bind(std::size_t pos, const long& val, Direction dir); + /// Binds a long. + + void bind(std::size_t pos, const unsigned long& val, Direction dir); + /// Binds an unsigned long. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds a long vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds a long deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds a long list. +#endif + + void bind(std::size_t pos, const bool& val, Direction dir); + /// Binds a boolean. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds a boolean vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds a boolean deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds a boolean list. + + void bind(std::size_t pos, const float& val, Direction dir); + /// Binds a float. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds a float vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds a float deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds a float list. + + void bind(std::size_t pos, const double& val, Direction dir); + /// Binds a double. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds a double vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds a double deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds a double list. + + void bind(std::size_t pos, const char& val, Direction dir); + /// Binds a single character. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds a character vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds a character deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds a character list. + + void bind(std::size_t pos, const std::string& val, Direction dir); + /// Binds a string. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds a string vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds a string deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds a string list. + + void bind(std::size_t pos, const UTF16String& val, Direction dir); + /// Binds a string. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds a string vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds a string deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds a string list. + + void bind(std::size_t pos, const BLOB& val, Direction dir); + /// Binds a BLOB. In-bound only. + + void bind(std::size_t pos, const CLOB& val, Direction dir); + /// Binds a CLOB. In-bound only. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds a BLOB vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds a BLOB deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds a BLOB list. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds a CLOB vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds a CLOB deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds a CLOB list. + + void bind(std::size_t pos, const Date& val, Direction dir); + /// Binds a Date. + + void bind(std::size_t pos, const std::vector& val, Direction dir); + /// Binds a Date vector. + + void bind(std::size_t pos, const std::deque& val, Direction dir); + /// Binds a Date deque. + + void bind(std::size_t pos, const std::list& val, Direction dir); + /// Binds a Date list. + + void bind(std::size_t pos, const Time& val, Direction dir); + /// Binds a Time. + + void bind(std::size_t pos, const std::vector