void SSLContext::loadPrivateKeyFromBufferPEM(folly::StringPiece pkey) {
if (pkey.data() == nullptr) {
throw std::invalid_argument("loadPrivateKey: <pkey> is nullptr");
}
ssl::BioUniquePtr bio(BIO_new(BIO_s_mem()));
if (bio == nullptr) {
throw std::runtime_error("BIO_new: " + getErrors());
}
int written = BIO_write(bio.get(), pkey.data(), pkey.size());
if (written <= 0 || static_cast<unsigned>(written) != pkey.size()) {
throw std::runtime_error("BIO_write: " + getErrors());
}
ssl::EvpPkeyUniquePtr key(
PEM_read_bio_PrivateKey(bio.get(), nullptr, nullptr, nullptr));
if (key == nullptr) {
throw std::runtime_error("PEM_read_bio_PrivateKey: " + getErrors());
}
if (SSL_CTX_use_PrivateKey(ctx_, key.get()) == 0) {
throw std::runtime_error("SSL_CTX_use_PrivateKey: " + getErrors());
}
}
std::string getOpenSslErrors()
{
boost::shared_ptr<BIO> bio( BIO_new( BIO_s_mem() ), BIO_free );
ERR_print_errors(bio.get());
std::vector<char> buffer(256);
unsigned int startPos = 0;
unsigned int bytesRead = 0;
while (true)
{
RCF_ASSERT_GT(buffer.size() , startPos);
int ret = BIO_read(
bio.get(),
&buffer[startPos],
static_cast<int>(buffer.size()-startPos));
if (ret > 0)
{
bytesRead += ret;
}
if (bytesRead < buffer.size())
{
break;
}
startPos = static_cast<unsigned int>(buffer.size());
buffer.resize( 2*buffer.size() );
}
return std::string(&buffer[0], bytesRead);
}
void SSLContext::loadCertificateFromBufferPEM(folly::StringPiece cert) {
if (cert.data() == nullptr) {
throw std::invalid_argument("loadCertificate: <cert> is nullptr");
}
ssl::BioUniquePtr bio(BIO_new(BIO_s_mem()));
if (bio == nullptr) {
throw std::runtime_error("BIO_new: " + getErrors());
}
int written = BIO_write(bio.get(), cert.data(), cert.size());
if (written <= 0 || static_cast<unsigned>(written) != cert.size()) {
throw std::runtime_error("BIO_write: " + getErrors());
}
ssl::X509UniquePtr x509(
PEM_read_bio_X509(bio.get(), nullptr, nullptr, nullptr));
if (x509 == nullptr) {
throw std::runtime_error("PEM_read_bio_X509: " + getErrors());
}
if (SSL_CTX_use_certificate(ctx_, x509.get()) == 0) {
throw std::runtime_error("SSL_CTX_use_certificate: " + getErrors());
}
}
boost::shared_ptr< Connection > Connector::connect(const Scorpion::Context & context, const Details::Address & remote_address, boost::uint16_t port)
{
boost::format fmt("%1%.%2%.%3%.%4%:%5%");
fmt % remote_address[0] % remote_address[1] % remote_address[2] % remote_address[3] % port;
Scorpion::BIO * bio(connectSSL_(context, fmt.str()));
return boost::shared_ptr< Connection > (new Connection(bio));
}
boost::shared_ptr< Connection > Connector::connect(const Scorpion::Context & context, const std::string & remote_address, boost::uint16_t port)
{
boost::format fmt("%1%:%2%");
fmt % remote_address % port;
Scorpion::BIO * bio(connectSSL_(context, fmt.str()));
return boost::shared_ptr< Connection > (new Connection(bio));
}
buffer ecdhe_context::derive_secret_key(const void* peer_key, size_t peer_key_len)
{
if (!m_private_key)
{
generate_keys();
}
bio::bio_chain bio(::BIO_new_mem_buf(const_cast<void*>(peer_key), static_cast<int>(peer_key_len)));
pkey peer_pkey = pkey::from_certificate_public_key(bio.first());
evp_pkey_context_type key_derivation_context(::EVP_PKEY_CTX_new(m_private_key.raw(), NULL));
error::throw_error_if_not(key_derivation_context.get());
error::throw_error_if(::EVP_PKEY_derive_init(key_derivation_context.get()) != 1);
error::throw_error_if(::EVP_PKEY_derive_set_peer(key_derivation_context.get(), peer_pkey.raw()) != 1);
size_t buf_len = 0;
error::throw_error_if(::EVP_PKEY_derive(key_derivation_context.get(), NULL, &buf_len) != 1);
buffer buf(buf_len);
error::throw_error_if(::EVP_PKEY_derive(key_derivation_context.get(), buffer_cast<uint8_t*>(buf), &buf_len) != 1);
return buf;
}
FLQuant sp(int model, SEXP params, SEXP biomass)
{
FLQuant bio(biomass);
FLQuant par(params);
FLQuant rtn(1,1,par.minyr(),par.maxyr(),par.nareas(),par.nseasons(),par.nunits(),par.niters());
int i, j, k, l, m;
int i, j, k, l, m;
for(m=1; m <= bio.niters(); m++) {
for (l = 1; l <= bio.nareas(); l++) {
for (k = 1; k <= bio.nseasons(); k++) {
for (j = 1; j <= bio.nunits(); j++) {
for (i = bio.minyr(); i <= bio.maxyr(); i++) {
switch(getSP(model)) {
case FLRConst_fletcher:
rtn(1,i,j,k,l,m) = spFletcher(bio(1,i,j,k,l,m),par(1,i,j,k,l,m),par(2,i,j,k,l,m),par(3,i,j,k,l,m));
break;
case FLRConst_fox:
rtn(1,i,j,k,l,m) = spFox( bio(1,i,j,k,l,m),par(1,i,j,k,l,m),par(2,i,j,k,l,m));
break;
case FLRConst_genfit:
rtn(1,i,j,k,l,m) = spGenfit( bio(1,i,j,k,l,m),par(1,i,j,k,l,m),par(2,i,j,k,l,m),par(3,i,j,k,l,m));
break;
case FLRConst_gulland:
rtn(1,i,j,k,l,m) = spGulland( bio(1,i,j,k,l,m),par(1,i,j,k,l,m),par(2,i,j,k,l,m));
break;
case FLRConst_logistic:
rtn(1,i,j,k,l,m) = spLogistic(bio(1,i,j,k,l,m),par(1,i,j,k,l,m),par(2,i,j,k,l,m));
break;
case FLRConst_pellat:
rtn(1,i,j,k,l,m) = spPellaT( bio(1,i,j,k,l,m),par(1,i,j,k,l,m),par(2,i,j,k,l,m),par(3,i,j,k,l,m));
break;
case FLRConst_schaefer:
rtn(1,i,j,k,l,m) = spSchaefer(bio(1,i,j,k,l,m),par(1,i,j,k,l,m),par(2,i,j,k,l,m));
break;
case FLRConst_shepherd:
rtn(1,i,j,k,l,m) = spShepherd(bio(1,i,j,k,l,m),par(1,i,j,k,l,m),par(2,i,j,k,l,m),par(3,i,j,k,l,m));
break;
}
}
}
}
}
}
return rtn;
}
std::string BigNum::toString() const
{
ScopedOpenSSL<BIO, BIO_vfree> bio(BIO_new(BIO_s_mem()));
if(! BN_print(bio.get(), val_.get())) {
OPENSSLEXCEPTION_MSG("BN_print() in BigNum::toString()");
}
// get number of bytes in bio
size_t len = BIO_ctrl_pending(bio.get());
std::vector<unsigned char> out(len);
if(! BIO_read(bio.get(), &out[0], len)) {
OPENSSLEXCEPTION_MSG("BIO_read() in BigNum::toString()");
}
return std::string(reinterpret_cast<const char*>(&out[0]), out.size());
}
const std::string BEX509::generate ( )
{
if ( ! X509_set_issuer_name ( x509, name ) ) {
throw BEPlugin_Exception ( (fmx::errcode)ERR_get_error() );
}
if ( ! X509_sign ( x509, private_key, EVP_sha1() ) ) {
throw BEPlugin_Exception ( (fmx::errcode)ERR_get_error() );
}
std::unique_ptr<BEBio> bio ( new BEBio );
return bio->extract ( x509 );
}
buffer ecdhe_context::get_public_key()
{
if (!m_private_key)
{
generate_keys();
}
bio::bio_chain bio(::BIO_new(::BIO_s_mem()));
m_private_key.write_certificate_public_key(bio.first());
char* buf = nullptr;
const size_t buf_len = bio.first().get_mem_data(buf);
return buffer(buf, buf_len);
}
EVP_PKEY* copyPrivateKey(EVP_PKEY* from)
{
BIO* b = BIO_new( BIO_s_mem() );
BioAutoPtr bio(b);
if (PEM_write_bio_PKCS8PrivateKey(bio.get(), from, 0, 0, 0, 0, 0) <= 0)
{
throw InvalidCertificate("invalid certificate");
}
EVP_PKEY *target = 0;
if (PEM_read_bio_PrivateKey(bio.get(), &target, 0, 0) == 0)
{
throw InvalidCertificate("invalid certificate");
}
return target;
}
TEST(SignTest, TestLoadValidPemKeysWithInvalidPassphrase)
{
ScopedEVP_PKEY private_key(nullptr, EVP_PKEY_free);
ScopedEVP_PKEY public_key(nullptr, EVP_PKEY_free);
ScopedBIO bio(BIO_new(BIO_s_mem()), BIO_free);
ASSERT_TRUE(!!bio);
// Generate keys
ASSERT_TRUE(generate_keys(private_key, public_key));
// Write key
ASSERT_TRUE(PEM_write_bio_PrivateKey(bio.get(), private_key.get(),
EVP_des_ede3_cbc(), nullptr, 0,
nullptr,
const_cast<char *>("testing")));
// Read back the key using invalid password
ScopedEVP_PKEY private_key_read(mb::sign::load_private_key(
bio.get(), mb::sign::KEY_FORMAT_PEM, "gnitset"),
EVP_PKEY_free);
ASSERT_FALSE(private_key_read);
}
void basic_http_connection_impl::__async_recv_handler(error_code ec,
std::size_t len,op_stamp_t stamp)
{
if(is_canceled_op(stamp)||state_==CLOSED||!connection_)
return;
if (ec)
{
while(!send_bufs_.empty())
send_bufs_.pop();
__to_close_state(ec,stamp);
return;
}
recv_state_=RECVED;
if (is_recv_blocked_)
return;
if (!is_header_recvd_)
{
http::request req;
http::response res;
http::header* h=(is_passive_?(http::header*)(&req):(http::header*)(&res));
h->clear();
asio::streambuf::const_buffers_type bf=recv_buf_.data();
const char* s=asio::buffer_cast<const char*>(bf);
int parseRst=h->parse(s,recv_buf_.size());
if(parseRst>0)
{
is_header_recvd_=true;
safe_buffer buf;
if (std::size_t(parseRst)<recv_buf_.size())
{
safe_buffer_io bio(&buf);
bio.write(s+parseRst,recv_buf_.size()-parseRst);
}
recv_buf_.consume(recv_buf_.size());
if (connection_)
{
const std::string&encoding=h->get(HTTP_ATOM_Content_Encoding);
if (encoding=="gzip"||encoding=="x-gzip")
is_gzip_=true;
else
is_gzip_=false;
if(is_passive_)
connection_->dispatch_request(req);
else
connection_->dispatch_response(res);
}
if(buf.length()>0&&!(is_canceled_op(stamp)||state_==CLOSED))
{
if (is_recv_blocked_)
{
memcpy(asio::buffer_cast<char*>(recv_buf_.prepare(buf.length())),
p2engine::buffer_cast<char*>(buf),buf.size());
recv_buf_.commit(buf.length());
return;
}
else
{
__dispatch_packet(buf,stamp);
}
}
}
else if(parseRst==0)
{
recv_state_=RECVING;
}
else
{
recv_buf_.consume(recv_buf_.size());
__to_close_state(asio::error::message_size,stamp);
return;
}
}
else
{
safe_buffer buf;
safe_buffer_io bio(&buf);
const char* s=asio::buffer_cast<const char*>(recv_buf_.data());
bio.write(s,recv_buf_.size());
recv_buf_.consume(recv_buf_.size());
__dispatch_packet(buf,stamp);
}
recv_state_=RECVING;
asio::async_read(*socket_impl_,
recv_buf_,
asio::transfer_at_least(1),
make_alloc_handler(boost::bind(&this_type::__async_recv_handler,
SHARED_OBJ_FROM_THIS,_1,_2,stamp))
);
}
// Manglings for instantiations caused by this function are at the
// top of the test.
void create_streams() {
std::basic_iostream<char> bio(17);
}