bool OSSLDSA::reconstructParameters(AsymmetricParameters** ppParams, ByteString& serialisedData)
{
// Check input parameters
if ((ppParams == NULL) || (serialisedData.size() == 0))
{
return false;
}
DSAParameters* params = new DSAParameters();
if (!params->deserialise(serialisedData))
{
delete params;
return false;
}
*ppParams = params;
return true;
}
bool BotanRSA::reconstructPublicKey(PublicKey** ppPublicKey, ByteString& serialisedData)
{
// Check input
if ((ppPublicKey == NULL) ||
(serialisedData.size() == 0))
{
return false;
}
BotanRSAPublicKey* pub = new BotanRSAPublicKey();
if (!pub->deserialise(serialisedData))
{
delete pub;
return false;
}
*ppPublicKey = pub;
return true;
}
bool BotanRSA::reconstructPrivateKey(PrivateKey** ppPrivateKey, ByteString& serialisedData)
{
// Check input
if ((ppPrivateKey == NULL) ||
(serialisedData.size() == 0))
{
return false;
}
BotanRSAPrivateKey* priv = new BotanRSAPrivateKey();
if (!priv->deserialise(serialisedData))
{
delete priv;
return false;
}
*ppPrivateKey = priv;
return true;
}
void HashTests::readTmpFile(ByteString& data)
{
unsigned char buf[256];
data.wipe();
FILE* in = fopen("shsmv2-hashtest-out.tmp", "r");
CPPUNIT_ASSERT(in != NULL);
int read = 0;
do
{
read = fread(buf, 1, 256, in);
data += ByteString(buf, read);
}
while (read > 0);
CPPUNIT_ASSERT(read == 0);
CPPUNIT_ASSERT(!fclose(in));
}
bool FileSystem::ReadFile(const char *Filename, ByteString &DataBuffer)
{
// Waste of time.
if (!FileExists(Filename))
return false;
bool Result = false;
uint32_t ReadSize = GetFileSize(Filename);
uint8_t *ReadBuffer = new uint8_t[ReadSize];
SecureZeroMemory(ReadBuffer, ReadSize);
// Read the file.
Result = ReadFile(Filename, ReadBuffer, ReadSize);
// Append the data.
DataBuffer.append(ReadBuffer, ReadSize);
// Clear the buffer.
SecureZeroMemory(ReadBuffer, ReadSize);
delete[] ReadBuffer;
return Result;
}
void loadLogo (String fileName)
{
//Read the file
File file( fileName );
if( !file.open( "rb" ))
{
printf( "Failed opening file '%s'!\n", fileName.toCSTR().buffer() );
getchar();
exit( 1 );
}
data = file.read( file.getSize() );
file.close();
//Load character data
SerializeManager sm;
mshLogo = (TriMesh*) sm.load( (void*)data.buffer() );
mshLogo->sendToGpu();
printf ("Logo: %d verts, %d faces\n",
mshLogo->getVertexCount(),
mshLogo->getFaceCount());
}
bool BotanRSA::reconstructKeyPair(AsymmetricKeyPair** ppKeyPair, ByteString& serialisedData)
{
// Check input
if ((ppKeyPair == NULL) ||
(serialisedData.size() == 0))
{
return false;
}
ByteString dPub = ByteString::chainDeserialise(serialisedData);
ByteString dPriv = ByteString::chainDeserialise(serialisedData);
BotanRSAKeyPair* kp = new BotanRSAKeyPair();
bool rv = true;
if (!((RSAPublicKey*) kp->getPublicKey())->deserialise(dPub))
{
rv = false;
}
if (!((RSAPrivateKey*) kp->getPrivateKey())->deserialise(dPriv))
{
rv = false;
}
if (!rv)
{
delete kp;
return false;
}
*ppKeyPair = kp;
return true;
}
bool DHPrivateKey::deserialise(ByteString& serialised)
{
ByteString dP = ByteString::chainDeserialise(serialised);
ByteString dG = ByteString::chainDeserialise(serialised);
ByteString dX = ByteString::chainDeserialise(serialised);
if ((dP.size() == 0) ||
(dG.size() == 0) ||
(dX.size() == 0))
{
return false;
}
setP(dP);
setG(dG);
setX(dX);
return true;
}
bool OSAttribute::peekValue(ByteString& value) const
{
switch (attributeType)
{
case BOOL:
value.resize(sizeof(boolValue));
memcpy(&value[0], &boolValue, value.size());
return true;
case ULONG:
value.resize(sizeof(ulongValue));
memcpy(&value[0], &ulongValue, value.size());
return true;
case BYTESTR:
value.resize(byteStrValue.size());
memcpy(&value[0], byteStrValue.const_byte_str(), value.size());
return true;
default:
return false;
}
}
// Encryption functions
bool BotanRSA::encrypt(PublicKey* publicKey, const ByteString& data,
ByteString& encryptedData, const AsymMech::Type padding)
{
// Check if the public key is the right type
if (!publicKey->isOfType(BotanRSAPublicKey::type))
{
ERROR_MSG("Invalid key type supplied");
return false;
}
std::string eme;
switch (padding)
{
case AsymMech::RSA_PKCS:
eme = "PKCS1v15";
break;
case AsymMech::RSA_PKCS_OAEP:
eme = "EME1(SHA-160)";
break;
case AsymMech::RSA:
eme = "Raw";
break;
default:
ERROR_MSG("Invalid padding mechanism supplied (%i)", padding);
return false;
}
BotanRSAPublicKey* pk = (BotanRSAPublicKey*) publicKey;
Botan::RSA_PublicKey* botanKey = pk->getBotanKey();
if (!botanKey)
{
ERROR_MSG("Could not get the Botan public key");
return false;
}
Botan::PK_Encryptor_EME* encryptor = NULL;
try
{
encryptor = new Botan::PK_Encryptor_EME(*botanKey, eme);
}
catch (...)
{
ERROR_MSG("Could not create the encryptor token");
return false;
}
// Perform the encryption operation
#if BOTAN_VERSION_MINOR == 11
std::vector<Botan::byte> encResult;
#else
Botan::SecureVector<Botan::byte> encResult;
#endif
try
{
BotanRNG* rng = (BotanRNG*)BotanCryptoFactory::i()->getRNG();
encResult = encryptor->encrypt(data.const_byte_str(), data.size(), *rng->getRNG());
}
catch (...)
{
ERROR_MSG("Could not encrypt the data");
delete encryptor;
return false;
}
// Return the result
encryptedData.resize(encResult.size());
#if BOTAN_VERSION_MINOR == 11
memcpy(&encryptedData[0], encResult.data(), encResult.size());
#else
memcpy(&encryptedData[0], encResult.begin(), encResult.size());
#endif
delete encryptor;
return true;
}
// Signing functions
bool BotanRSA::sign(PrivateKey* privateKey, const ByteString& dataToSign,
ByteString& signature, const AsymMech::Type mechanism,
const void* param /* = NULL */, const size_t paramLen /* = 0 */)
{
std::string emsa = "";
switch (mechanism)
{
case AsymMech::RSA:
emsa = "Raw";
break;
case AsymMech::RSA_PKCS:
emsa = "EMSA3(Raw)";
break;
default:
// Call default implementation
return AsymmetricAlgorithm::sign(privateKey, dataToSign, signature, mechanism, param, paramLen);
}
// Check if the private key is the right type
if (!privateKey->isOfType(BotanRSAPrivateKey::type))
{
ERROR_MSG("Invalid key type supplied");
return false;
}
BotanRSAPrivateKey* pk = (BotanRSAPrivateKey*) privateKey;
Botan::RSA_PrivateKey* botanKey = pk->getBotanKey();
if (!botanKey)
{
ERROR_MSG("Could not get the Botan private key");
return false;
}
try
{
signer = new Botan::PK_Signer(*botanKey, emsa);
// Should we add DISABLE_FAULT_PROTECTION? Makes this operation faster.
}
catch (...)
{
ERROR_MSG("Could not create the signer token");
return false;
}
// Perform the signature operation
#if BOTAN_VERSION_MINOR == 11
std::vector<Botan::byte> signResult;
#else
Botan::SecureVector<Botan::byte> signResult;
#endif
try
{
BotanRNG* rng = (BotanRNG*)BotanCryptoFactory::i()->getRNG();
signResult = signer->sign_message(dataToSign.const_byte_str(), dataToSign.size(), *rng->getRNG());
}
catch (std::exception& e)
{
ERROR_MSG("Could not sign the data: %s", e.what());
delete signer;
signer = NULL;
return false;
}
// Return the result
signature.resize(signResult.size());
#if BOTAN_VERSION_MINOR == 11
memcpy(&signature[0], signResult.data(), signResult.size());
#else
memcpy(&signature[0], signResult.begin(), signResult.size());
#endif
delete signer;
signer = NULL;
return true;
}
// Verification functions
bool BotanRSA::verify(PublicKey* publicKey, const ByteString& originalData,
const ByteString& signature, const AsymMech::Type mechanism,
const void* param /* = NULL */, const size_t paramLen /* = 0 */)
{
std::string emsa = "";
switch (mechanism)
{
case AsymMech::RSA:
emsa = "Raw";
break;
case AsymMech::RSA_PKCS:
emsa = "EMSA3(Raw)";
break;
default:
// Call the generic function
return AsymmetricAlgorithm::verify(publicKey, originalData, signature, mechanism, param, paramLen);
}
// Check if the public key is the right type
if (!publicKey->isOfType(BotanRSAPublicKey::type))
{
ERROR_MSG("Invalid key type supplied");
return false;
}
BotanRSAPublicKey* pk = (BotanRSAPublicKey*) publicKey;
Botan::RSA_PublicKey* botanKey = pk->getBotanKey();
if (!botanKey)
{
ERROR_MSG("Could not get the Botan public key");
return false;
}
try
{
verifier = new Botan::PK_Verifier(*botanKey, emsa);
}
catch (...)
{
ERROR_MSG("Could not create the verifier token");
return false;
}
// Perform the verify operation
bool verResult;
try
{
verResult = verifier->verify_message(originalData.const_byte_str(),
originalData.size(),
signature.const_byte_str(),
signature.size());
}
catch (...)
{
ERROR_MSG("Could not check the signature");
delete verifier;
verifier = NULL;
return false;
}
delete verifier;
verifier = NULL;
return verResult;
}
void DSATests::testSigningVerifying()
{
AsymmetricKeyPair* kp;
// Key sizes to test
std::vector<size_t> keySizes;
#ifndef WITH_FIPS
keySizes.push_back(512);
keySizes.push_back(768);
keySizes.push_back(1024);
keySizes.push_back(1536);
#else
keySizes.push_back(1024);
#endif
#ifndef WITH_BOTAN
keySizes.push_back(2048);
#endif
// Mechanisms to test
std::vector<AsymMech::Type> mechanisms;
mechanisms.push_back(AsymMech::DSA_SHA1);
mechanisms.push_back(AsymMech::DSA_SHA224);
mechanisms.push_back(AsymMech::DSA_SHA256);
for (std::vector<size_t>::iterator k = keySizes.begin(); k != keySizes.end(); k++)
{
// Generate parameters
AsymmetricParameters* p;
CPPUNIT_ASSERT(dsa->generateParameters(&p, (void*) *k));
// Generate key-pair
CPPUNIT_ASSERT(dsa->generateKeyPair(&kp, p));
// Generate some data to sign
ByteString dataToSign;
RNG* rng = CryptoFactory::i()->getRNG();
CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567));
// Test mechanisms that perform internal hashing
for (std::vector<AsymMech::Type>::iterator m = mechanisms.begin(); m != mechanisms.end(); m++)
{
ByteString blockSignature, singlePartSignature;
// Sign the data in blocks
CPPUNIT_ASSERT(dsa->signInit(kp->getPrivateKey(), *m));
CPPUNIT_ASSERT(dsa->signUpdate(dataToSign.substr(0, 134)));
CPPUNIT_ASSERT(dsa->signUpdate(dataToSign.substr(134, 289)));
CPPUNIT_ASSERT(dsa->signUpdate(dataToSign.substr(134 + 289)));
CPPUNIT_ASSERT(dsa->signFinal(blockSignature));
// Sign the data in one pass
CPPUNIT_ASSERT(dsa->sign(kp->getPrivateKey(), dataToSign, singlePartSignature, *m));
// Now perform multi-pass verification
CPPUNIT_ASSERT(dsa->verifyInit(kp->getPublicKey(), *m));
CPPUNIT_ASSERT(dsa->verifyUpdate(dataToSign.substr(0, 125)));
CPPUNIT_ASSERT(dsa->verifyUpdate(dataToSign.substr(125, 247)));
CPPUNIT_ASSERT(dsa->verifyUpdate(dataToSign.substr(125 + 247)));
CPPUNIT_ASSERT(dsa->verifyFinal(blockSignature));
// And single-pass verification
CPPUNIT_ASSERT(dsa->verify(kp->getPublicKey(), dataToSign, singlePartSignature, *m));
}
// Test mechanisms that do not perform internal hashing
CPPUNIT_ASSERT(rng->generateRandom(dataToSign, *k >= 2048 ? 32 : 20));
// Sign the data
ByteString signature;
CPPUNIT_ASSERT(dsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::DSA));
// Verify the signature
CPPUNIT_ASSERT(dsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::DSA));
dsa->recycleKeyPair(kp);
dsa->recycleParameters(p);
}
}
// Generic function for creating an encrypted version of the key from the specified passphrase
bool SecureDataManager::pbeEncryptKey(const ByteString& passphrase, ByteString& encryptedKey)
{
// Generate salt
ByteString salt;
if (!rng->generateRandom(salt, 8)) return false;
// Derive the key using RFC4880 PBE
AESKey* pbeKey = NULL;
if (!RFC4880::PBEDeriveKey(passphrase, salt, &pbeKey))
{
return false;
}
// Add the salt
encryptedKey.wipe();
encryptedKey += salt;
// Generate random IV
ByteString IV;
if (!rng->generateRandom(IV, aes->getBlockSize())) return false;
// Add the IV
encryptedKey += IV;
// Encrypt the data
ByteString block;
if (!aes->encryptInit(pbeKey, SymMode::CBC, IV))
{
delete pbeKey;
return false;
}
// First, add the magic
if (!aes->encryptUpdate(magic, block))
{
delete pbeKey;
return false;
}
encryptedKey += block;
// Then, add the key itself
ByteString key;
{
MutexLocker lock(dataMgrMutex);
unmask(key);
bool rv = aes->encryptUpdate(key, block);
remask(key);
if (!rv)
{
delete pbeKey;
return false;
}
}
encryptedKey += block;
// And finalise encryption
if (!aes->encryptFinal(block))
{
delete pbeKey;
return false;
}
encryptedKey += block;
delete pbeKey;
return true;
}
// Set the specified attribute
bool DBObject::setAttribute(CK_ATTRIBUTE_TYPE type, const OSAttribute& attribute)
{
MutexLocker lock(_mutex);
if (_connection == NULL)
{
ERROR_MSG("Object is not connected to the database.");
return false;
}
if (_objectId == 0)
{
ERROR_MSG("Cannot update invalid object.");
return false;
}
// Retrieve and existing attribute if it exists or NULL if it doesn't
OSAttribute *attr = getAttributeDB(type);
// Update an existing attribute...
if (attr)
{
DB::Statement statement;
if (attr->isBooleanAttribute())
{
// update boolean attribute
statement = _connection->prepare(
"update attribute_boolean set value=%d where type=%lu and object_id=%lld",
attribute.getBooleanValue() ? 1 : 0,
type,
_objectId);
}
else if (attr->isUnsignedLongAttribute())
{
// update integer attribute
statement = _connection->prepare(
"update attribute_integer set value=%lld where type=%lu and object_id=%lld",
static_cast<long long>(attribute.getUnsignedLongValue()),
type,
_objectId);
}
else if (attr->isByteStringAttribute())
{
// update binary attribute
statement = _connection->prepare(
"update attribute_binary set value=? where type=%lu and object_id=%lld",
type,
_objectId);
DB::Bindings(statement).bindBlob(1, attribute.getByteStringValue().const_byte_str(), attribute.getByteStringValue().size(), SQLITE_STATIC);
}
else if (attr->isMechanismTypeSetAttribute())
{
// update binary attribute
ByteString value;
encodeMechanismTypeSet(value, attribute.getMechanismTypeSetValue());
statement = _connection->prepare(
"update attribute_binary set value=? where type=%lu and object_id=%lld",
type,
_objectId);
DB::Bindings(statement).bindBlob(1, value.const_byte_str(), value.size(), SQLITE_TRANSIENT);
}
else if (attr->isAttributeMapAttribute())
{
// update attribute map attribute
ByteString value;
if (!encodeAttributeMap(value, attribute.getAttributeMapValue()))
{
return false;
}
statement = _connection->prepare(
"update attribute_array set value=? where type=%lu and object_id=%lld",
type,
_objectId);
DB::Bindings(statement).bindBlob(1, value.const_byte_str(), value.size(), SQLITE_TRANSIENT);
}
// Statement is valid when a prepared statement has been attached to it.
if (statement.isValid())
{
if (!_connection->execute(statement))
{
ERROR_MSG("Failed to update attribute %lu for object %lld",type,_objectId);
return false;
}
if (_transaction)
{
std::map<CK_ATTRIBUTE_TYPE,OSAttribute*>::iterator it = _transaction->find(type);
if (it != _transaction->end())
*it->second = attribute;
else
(*_transaction)[type] = new OSAttribute(attribute);
} else
*attr = attribute;
return true;
}
}
DB::Statement statement;
// Insert the attribute, because it is currently unknown
if (attribute.isBooleanAttribute())
{
// Could not update it, so we need to insert it.
statement = _connection->prepare(
"insert into attribute_boolean (value,type,object_id) values (%d,%lu,%lld)",
attribute.getBooleanValue() ? 1 : 0,
type,
_objectId);
}
else if (attribute.isUnsignedLongAttribute())
{
// Could not update it, so we need to insert it.
statement = _connection->prepare(
"insert into attribute_integer (value,type,object_id) values (%lld,%lu,%lld)",
static_cast<long long>(attribute.getUnsignedLongValue()),
type,
_objectId);
}
else if (attribute.isByteStringAttribute())
{
// Could not update it, so we need to insert it.
statement = _connection->prepare(
"insert into attribute_binary (value,type,object_id) values (?,%lu,%lld)",
type,
_objectId);
DB::Bindings(statement).bindBlob(1, attribute.getByteStringValue().const_byte_str(), attribute.getByteStringValue().size(), SQLITE_STATIC);
}
else if (attribute.isMechanismTypeSetAttribute())
{
// Could not update it, so we need to insert it.
ByteString value;
encodeMechanismTypeSet(value, attribute.getMechanismTypeSetValue());
statement = _connection->prepare(
"insert into attribute_binary (value,type,object_id) values (?,%lu,%lld)",
type,
_objectId);
DB::Bindings(statement).bindBlob(1, value.const_byte_str(), value.size(), SQLITE_TRANSIENT);
}
else if (attribute.isAttributeMapAttribute())
{
// Could not update it, so we need to insert it.
ByteString value;
if (!encodeAttributeMap(value, attribute.getAttributeMapValue()))
{
return false;
}
statement = _connection->prepare(
"insert into attribute_array (value,type,object_id) values (?,%lu,%lld)",
type,
_objectId);
DB::Bindings(statement).bindBlob(1, value.const_byte_str(), value.size(), SQLITE_TRANSIENT);
}
// Statement is valid when a prepared statement has been attached to it.
if (statement.isValid())
{
if (!_connection->execute(statement))
{
ERROR_MSG("Failed to insert attribute %lu for object %lld",type,_objectId);
return false;
}
if (_transaction)
(*_transaction)[type] = new OSAttribute(attribute);
else
_attributes[type] = new OSAttribute(attribute);
return true;
}
return false;
}
// Encryption functions
bool BotanSymmetricAlgorithm::encryptInit(const SymmetricKey* key, const std::string mode /* = "cbc" */, const ByteString& IV /* = ByteString()*/, bool padding /* = true */)
{
// Call the superclass initialiser
if (!SymmetricAlgorithm::encryptInit(key, mode, IV, padding))
{
return false;
}
// Check the IV
if ((IV.size() > 0) && (IV.size() != getBlockSize()))
{
ERROR_MSG("Invalid IV size (%d bytes, expected %d bytes)", IV.size(), getBlockSize());
ByteString dummy;
SymmetricAlgorithm::encryptFinal(dummy);
return false;
}
ByteString iv;
if (IV.size() > 0)
{
iv = IV;
}
else
{
iv.wipe(getBlockSize());
}
// Set the padding mode (PCKS7 or NoPadding)
if (padding)
{
currentPaddingMode = "PKCS7";
}
else
{
currentPaddingMode = "NoPadding";
}
// Determine the cipher
std::string cipherName = getCipher();
if (cipherName == "")
{
ERROR_MSG("Invalid encryption cipher");
ByteString dummy;
SymmetricAlgorithm::encryptFinal(dummy);
return false;
}
// Allocate the context
try
{
Botan::SymmetricKey botanKey = Botan::SymmetricKey(key->getKeyBits().const_byte_str(), key->getKeyBits().size());
Botan::InitializationVector botanIV = Botan::InitializationVector(IV.const_byte_str(), IV.size());
if (mode == "ecb")
{
cryption = new Botan::Pipe(Botan::get_cipher(cipherName, botanKey, Botan::ENCRYPTION));
}
else
{
cryption = new Botan::Pipe(Botan::get_cipher(cipherName, botanKey, botanIV, Botan::ENCRYPTION));
}
cryption->start_msg();
}
catch (...)
{
ERROR_MSG("Failed to create the encryption token");
ByteString dummy;
SymmetricAlgorithm::encryptFinal(dummy);
delete cryption;
cryption = NULL;
return false;
}
return true;
}
bool BPlusTree::recursiveInsert(Node* nodoCorriente, Key clave, ByteString dato, Key* clavePromocion, Node** nuevoNodo) {
if (!nodoCorriente->isLeaf()) {
InnerNode *nodoInteriorCorriente = static_cast<InnerNode*> (nodoCorriente);
Key nuevaClave;
Node* nuevoNodoHijo = NULL;
int posicion = getPosition(nodoInteriorCorriente, clave);
Node* nodoHijo = hidratateNode(nodoInteriorCorriente->sons[posicion]);
bool resultado = recursiveInsert(nodoHijo, clave, dato, &nuevaClave, &nuevoNodoHijo);
if (nuevoNodoHijo) {
if (nodoInteriorCorriente->isOverflow(nuevaClave.getSize() + TreeConstraits::getControlSizeRecord() + keyTopSize)) {
splitInnerNode(nodoInteriorCorriente, clavePromocion, nuevoNodo, posicion);
if (posicion == nodoInteriorCorriente->keyMount + 1
&& nodoInteriorCorriente->keyMount < (*nuevoNodo)->keyMount) {
InnerNode *nuevoNodoInterior = static_cast<InnerNode*> (*nuevoNodo);
nodoInteriorCorriente->keys[nodoInteriorCorriente->keyMount] = *clavePromocion;
nodoInteriorCorriente->sons[nodoInteriorCorriente->keyMount + 1] = nuevoNodoInterior->sons[0];
nodoInteriorCorriente->keyMount++;
nodoInteriorCorriente->occupiedSpace += (*clavePromocion).getSize() + TreeConstraits::getControlSizeRecord();
nuevoNodoInterior->sons[0] = nuevoNodoHijo->number;
*clavePromocion = nuevaClave;
persistNode(nuevoNodoHijo);
freeNodeMemory(nuevoNodoHijo);
persistNode(nodoHijo);
freeNodeMemory(nodoHijo);
return resultado;
} else {
if (posicion >= nodoInteriorCorriente->keyMount + 1) {
posicion -= (nodoInteriorCorriente->keyMount + 1);
nodoInteriorCorriente = static_cast<InnerNode*> (*nuevoNodo);
}
}
}
int i = nodoInteriorCorriente->keyMount;
while (i > posicion) {
nodoInteriorCorriente->keys[i] = nodoInteriorCorriente->keys[i - 1];
nodoInteriorCorriente->sons[i + 1] = nodoInteriorCorriente->sons[i];
i--;
}
nodoInteriorCorriente->keys[posicion] = nuevaClave;
nodoInteriorCorriente->sons[posicion + 1] = nuevoNodoHijo->number;
nodoInteriorCorriente->keyMount++;
nodoInteriorCorriente->occupiedSpace += nuevaClave.getSize() + TreeConstraits::getControlSizeRecord();
persistNode(nuevoNodoHijo);
freeNodeMemory(nuevoNodoHijo);
}
persistNode(nodoHijo);
freeNodeMemory(nodoHijo);
return resultado;
} else {
LeafNode *nodoHojaCorriente = static_cast<LeafNode*> (nodoCorriente);
int posicion = getPosition(nodoHojaCorriente, clave);
// chequea que no exista la clave
if (posicion < nodoHojaCorriente->keyMount && equalKey(clave, nodoHojaCorriente->keys[posicion])) {
return false;
}
int i = nodoHojaCorriente->keyMount - 1;
while (i >= 0 && minorKey(clave, nodoHojaCorriente->keys[i])) {
nodoHojaCorriente->keys[i + 1] = nodoHojaCorriente->keys[i];
nodoHojaCorriente->byteData[i + 1] = nodoHojaCorriente->byteData[i];
i--;
}
nodoHojaCorriente->keys[i + 1] = clave;
nodoHojaCorriente->byteData[i + 1] = dato;
nodoHojaCorriente->keyMount++;
nodoHojaCorriente->occupiedSpace += dato.getSize() + clave.getSize() + TreeConstraits::getControlSizeRecord();
if (nodoHojaCorriente->isOverflow(keyTopSize)) {
splitLeafNode(nodoHojaCorriente, clavePromocion, nuevoNodo);
if (posicion >= nodoHojaCorriente->keyMount) {
posicion -= nodoHojaCorriente->keyMount;
nodoHojaCorriente = static_cast<LeafNode*> (*nuevoNodo);
}
}
if (nuevoNodo && nodoHojaCorriente != *nuevoNodo && posicion == nodoHojaCorriente->keyMount - 1) {
*clavePromocion = clave;
}
return true;
}
}
// Read a DER encoded bytestring
// =============================================================================================
PkiPublicKey PkiPublicKey::fromDER(const ByteString& data)
{
UaByteArray uaByteArray;
data.toSdk(uaByteArray);
return PkiPublicKey(uaByteArray);
}
void ReplicatedKeyspaceDB::AsyncOnAppend()
{
Log_Trace();
unsigned nread;
bool ret;
uint64_t commandID;
KeyspaceOp* op;
KeyspaceOp** it;
ByteString value;
Stopwatch sw;
value.Set(valueBuffer);
Log_Trace("length: %d", value.length);
numOps = 0;
if (ownAppend)
it = ops.Head();
else
it = NULL;
commandID = 0;
while (true)
{
if (msg.Read(value, nread))
{
sw.Start();
ret = Execute(transaction, paxosID, commandID);
commandID++;
sw.Stop();
value.Advance(nread);
numOps++;
if (ownAppend)
{
op = *it;
if (op->type == KeyspaceOp::DIRTY_GET ||
op->type == KeyspaceOp::GET)
ASSERT_FAIL();
if ((op->type == KeyspaceOp::ADD ||
op->type == KeyspaceOp::TEST_AND_SET ||
op->type == KeyspaceOp::REMOVE) && ret)
op->value.Set(wdata);
op->status = ret;
it = ops.Next(it);
}
if (value.length == 0)
break;
}
else
{
Log_Trace("Failed parsing:");
Log_Trace("%.*s", value.length, value.buffer);
ASSERT_FAIL();
break;
}
}
Log_Trace("time spent in Execute(): %ld", sw.elapsed);
Log_Trace("numOps = %u", numOps);
Log_Trace("ops/sec = %f", (double)1000*numOps/sw.elapsed);
IOProcessor::Complete(&onAppendComplete);
}
// Seed the random pool
void OSSLRNG::seed(ByteString& seedData)
{
RAND_seed(seedData.byte_str(), seedData.size());
}
// Generate random data
bool OSSLRNG::generateRandom(ByteString& data, const size_t len)
{
data.wipe(len);
return RAND_bytes(&data[0], len);
}
// Decryption functions
bool BotanRSA::decrypt(PrivateKey* privateKey, const ByteString& encryptedData,
ByteString& data, const AsymMech::Type padding)
{
// Check if the private key is the right type
if (!privateKey->isOfType(BotanRSAPrivateKey::type))
{
ERROR_MSG("Invalid key type supplied");
return false;
}
std::string eme;
switch (padding)
{
case AsymMech::RSA_PKCS:
eme = "PKCS1v15";
break;
case AsymMech::RSA_PKCS_OAEP:
eme = "EME1(SHA-160)";
break;
case AsymMech::RSA:
eme = "Raw";
break;
default:
ERROR_MSG("Invalid padding mechanism supplied (%i)", padding);
return false;
}
BotanRSAPrivateKey* pk = (BotanRSAPrivateKey*) privateKey;
Botan::RSA_PrivateKey* botanKey = pk->getBotanKey();
if (!botanKey)
{
ERROR_MSG("Could not get the Botan private key");
return false;
}
Botan::PK_Decryptor_EME* decryptor = NULL;
try
{
decryptor = new Botan::PK_Decryptor_EME(*botanKey, eme);
}
catch (...)
{
ERROR_MSG("Could not create the decryptor token");
return false;
}
// Perform the decryption operation
#if BOTAN_VERSION_MINOR == 11
Botan::secure_vector<Botan::byte> decResult;
#else
Botan::SecureVector<Botan::byte> decResult;
#endif
try
{
decResult = decryptor->decrypt(encryptedData.const_byte_str(), encryptedData.size());
}
catch (...)
{
ERROR_MSG("Could not decrypt the data");
delete decryptor;
return false;
}
// Return the result
if (padding == AsymMech::RSA)
{
// We compensate that Botan removes leading zeros
int modSize = pk->getN().size();
int decSize = decResult.size();
data.resize(modSize);
#if BOTAN_VERSION_MINOR == 11
memcpy(&data[0] + modSize - decSize, decResult.data(), decSize);
#else
memcpy(&data[0] + modSize - decSize, decResult.begin(), decSize);
#endif
}
else
{
data.resize(decResult.size());
#if BOTAN_VERSION_MINOR == 11
memcpy(&data[0], decResult.data(), decResult.size());
#else
memcpy(&data[0], decResult.begin(), decResult.size());
#endif
}
delete decryptor;
return true;
}
// Test that the large length of the child serial number causes
// CreateEncodedOCSPRequest to fail.
TEST_F(pkixocsp_CreateEncodedOCSPRequest, ChildCertLongSerialNumberTest)
{
static const uint8_t UNSUPPORTED_LEN = 128; // must be larger than 127
ByteString serialNumberString;
// tag + length + value is 1 + 2 + UNSUPPORTED_LEN
// Encoding the length takes two bytes: one byte to indicate that a
// second byte follows, and the second byte to indicate the length.
serialNumberString.push_back(0x80 + 1);
serialNumberString.push_back(UNSUPPORTED_LEN);
// value is 0x010000...00
serialNumberString.push_back(0x01);
for (size_t i = 1; i < UNSUPPORTED_LEN; ++i) {
serialNumberString.push_back(0x00);
}
ByteString issuerDER;
ByteString issuerSPKI;
ASSERT_NO_FATAL_FAILURE(MakeIssuerCertIDComponents("CA", issuerDER,
issuerSPKI));
Input issuer;
ASSERT_EQ(Success, issuer.Init(issuerDER.data(), issuerDER.length()));
Input spki;
ASSERT_EQ(Success, spki.Init(issuerSPKI.data(), issuerSPKI.length()));
Input serialNumber;
ASSERT_EQ(Success, serialNumber.Init(serialNumberString.data(),
serialNumberString.length()));
uint8_t ocspRequest[OCSP_REQUEST_MAX_LENGTH];
size_t ocspRequestLength;
ASSERT_EQ(Result::ERROR_BAD_DER,
CreateEncodedOCSPRequest(trustDomain,
CertID(issuer, spki, serialNumber),
ocspRequest, ocspRequestLength));
}
int luatpt_get_property(lua_State* l)
{
ByteString prop = luaL_optstring(l, 1, "");
int i = luaL_optint(l, 2, 0); //x coord or particle index, depending on arguments
int y = luaL_optint(l, 3, -1);
if (y!=-1 && y<YRES && y>=0 && i < XRES && i>=0)
{
int r = luacon_sim->pmap[y][i];
if (!r)
{
r = luacon_sim->photons[y][i];
if (!r)
{
if (!prop.compare("type"))
{
lua_pushinteger(l, 0);
return 1;
}
return luaL_error(l, "Particle does not exist");
}
}
i = ID(r);
}
else if (y != -1)
return luaL_error(l, "Coordinates out of range (%d,%d)", i, y);
if (i < 0 || i >= NPART)
return luaL_error(l, "Invalid particle ID '%d'", i);
if (luacon_sim->parts[i].type)
{
int tempinteger;
float tempfloat;
CommandInterface::FormatType format;
int offset = luacon_ci->GetPropertyOffset(prop, format);
if (offset == -1)
{
if (!prop.compare("id"))
{
lua_pushnumber(l, i);
return 1;
}
else
return luaL_error(l, "Invalid property");
}
switch(format)
{
case CommandInterface::FormatInt:
case CommandInterface::FormatElement:
tempinteger = *((int*)(((unsigned char*)&luacon_sim->parts[i])+offset));
lua_pushnumber(l, tempinteger);
break;
case CommandInterface::FormatFloat:
tempfloat = *((float*)(((unsigned char*)&luacon_sim->parts[i])+offset));
lua_pushnumber(l, tempfloat);
break;
default:
break;
}
return 1;
}
else if (!prop.compare("type"))
{
lua_pushinteger(l, 0);
return 1;
}
return luaL_error(l, "Particle does not exist");
}
void BPlusTree::exportNode(ofstream& salida, Node* unNodo, int tabulacion,bool keyText,bool textContent) {
if (unNodo->isLeaf()) {
LeafNode *unNodoHoja = static_cast<LeafNode*> (unNodo);
salida << endl;
for(int i = 0 ; i < tabulacion ; i++)
salida << " ";
salida << "Numero: " << unNodoHoja->number << " Nivel: " << unNodoHoja->level << " Cant.Elem: " << unNodoHoja->keyMount
<< " Esp.Libre: " << TreeConstraits::getEfectiveSizeNode() - unNodoHoja->occupiedSpace << " Hoja.Sig: " << unNodoHoja->nextLeaf << endl;
for (int posicion = 0; posicion < unNodoHoja->keyMount; ++posicion) {
for(int i = 0 ; i < tabulacion + 4 ; i++)
salida << " ";
salida << "(";
Key unaClave = unNodoHoja->keys[posicion];
if(keyText)
{
salida << unaClave.toString();
}
else
{
ByteString clave(unaClave.toString());
salida << Utility::toString(clave.readAsInt(0));
}
salida << ";";
ByteString unDato = unNodoHoja->byteData[posicion];
if(textContent)
{
salida << unDato.toString();
}
else
{
salida << Utility::intToString(unDato.readAsInt(0));
}
salida << ")";
salida << (unaClave.getSize() + unDato.getSize() + TreeConstraits::getControlSizeRecord()) << endl;
}
salida << endl;
} else {
InnerNode *unNodoInterior = static_cast<InnerNode*> (unNodo);
salida << endl << endl;
for(int i=0; i<tabulacion ; i++)
salida << " ";
salida << "Numero: " << unNodoInterior->number << " Nivel: " << unNodoInterior->level << " Cant.Elem: " << unNodoInterior->keyMount
<< " Esp.Libre: " << TreeConstraits::getEfectiveSizeNode() - unNodoInterior->occupiedSpace << endl;
for (int posicion = 0; posicion <= unNodoInterior->keyMount; ++posicion) {
if (posicion < unNodoInterior->keyMount) {
Key unaClave = unNodoInterior->keys[posicion];
for(int i=0; i<(tabulacion+1) ; i++)
salida << " ";
salida << "(";
if(keyText)
{
salida << unaClave.toString();
}
else
{
ByteString clave(unaClave.toString());
salida << Utility::toString(clave.readAsInt(0));
}
salida << ")";
salida << unaClave.getSize();
salida << " ";
salida << unNodoInterior->getSons()[posicion] << " ";
}
}
for (int posicion = 0; posicion <= unNodoInterior->keyMount; ++posicion) {
Node *hijo = hidratateNode(unNodoInterior->sons[posicion]);
exportNode(salida, hijo, tabulacion + 2,keyText,textContent);
if (hijo)
freeNodeMemory(hijo);
}
for(int i=0; i<tabulacion ; i++)
salida << " ";
salida << endl;
}
}
// Test that CreateEncodedOCSPRequest handles the longest serial number that
// it's required to support (i.e. 20 octets).
TEST_F(pkixocsp_CreateEncodedOCSPRequest, LongestSupportedSerialNumberTest)
{
static const uint8_t LONGEST_REQUIRED_LEN = 20;
ByteString serialNumberString;
// tag + length + value is 1 + 1 + LONGEST_REQUIRED_LEN
serialNumberString.push_back(der::INTEGER);
serialNumberString.push_back(LONGEST_REQUIRED_LEN);
serialNumberString.push_back(0x01);
// value is 0x010000...00
for (size_t i = 1; i < LONGEST_REQUIRED_LEN; ++i) {
serialNumberString.push_back(0x00);
}
ByteString issuerDER;
ByteString issuerSPKI;
ASSERT_NO_FATAL_FAILURE(MakeIssuerCertIDComponents("CA", issuerDER,
issuerSPKI));
Input issuer;
ASSERT_EQ(Success, issuer.Init(issuerDER.data(), issuerDER.length()));
Input spki;
ASSERT_EQ(Success, spki.Init(issuerSPKI.data(), issuerSPKI.length()));
Input serialNumber;
ASSERT_EQ(Success, serialNumber.Init(serialNumberString.data(),
serialNumberString.length()));
uint8_t ocspRequest[OCSP_REQUEST_MAX_LENGTH];
size_t ocspRequestLength;
ASSERT_EQ(Success,
CreateEncodedOCSPRequest(trustDomain,
CertID(issuer, spki, serialNumber),
ocspRequest, ocspRequestLength));
}
// Seed the random pool
void BotanRNG::seed(ByteString& seedData)
{
rng->add_entropy(seedData.byte_str(), seedData.size());
rng->reseed(seedData.size());
}
// Convert a ByteString to an OpenSSL NID
int OSSL::byteString2oid(const ByteString& byteString)
{
const unsigned char *p = byteString.const_byte_str();
return OBJ_obj2nid(d2i_ASN1_OBJECT(NULL, &p, byteString.size()));
}
static bool decodeAttributeMap(std::map<CK_ATTRIBUTE_TYPE,OSAttribute>& map, const unsigned char *binary, size_t size)
{
for (size_t pos = 0; pos < size; )
{
// finished?
if (pos == size) break;
CK_ATTRIBUTE_TYPE attrType;
if (pos + sizeof(attrType) > size)
{
goto overrun;
}
memcpy(&attrType, binary + pos, sizeof(attrType));
pos += sizeof(attrType);
AttributeKind attrKind;
if (pos + sizeof(AttributeKind) > size)
{
goto overrun;
}
memcpy(&attrKind, binary + pos, sizeof(attrKind));
pos += sizeof(attrKind);
// Verify using attributeKind()?
switch (attrKind)
{
case akBoolean:
{
bool value;
if (pos + sizeof(value) > size)
{
goto overrun;
}
memcpy(&value, binary + pos, sizeof(value));
pos += sizeof(value);
map.insert(std::pair<CK_ATTRIBUTE_TYPE,OSAttribute> (attrType, value));
}
break;
case akInteger:
{
unsigned long value;
if (pos + sizeof(value) > size)
{
goto overrun;
}
memcpy(&value, binary + pos, sizeof(value));
pos += sizeof(value);
map.insert(std::pair<CK_ATTRIBUTE_TYPE,OSAttribute> (attrType, value));
}
break;
case akBinary:
{
ByteString value;
unsigned long len;
if (pos + sizeof(len) > size)
{
goto overrun;
}
memcpy(&len, binary + pos, sizeof(len));
pos += sizeof(len);
if (pos + len > size)
{
goto overrun;
}
value.resize(len);
memcpy(&value[0], binary + pos, len);
pos += len;
map.insert(std::pair<CK_ATTRIBUTE_TYPE,OSAttribute> (attrType, value));
}
break;
case akMechSet:
{
unsigned long len;
if (pos + sizeof(len) > size)
{
goto overrun;
}
memcpy(&len, binary + pos, sizeof(len));
pos += sizeof(len);
if (pos + len > size)
{
goto overrun;
}
std::set<CK_MECHANISM_TYPE> value;
if (!decodeMechanismTypeSet(value, binary + pos, len)) {
return false;
}
pos += len;
map.insert(std::pair<CK_ATTRIBUTE_TYPE,OSAttribute> (attrType, value));
}
break;
default:
ERROR_MSG("unsupported attribute kind in attribute map");
return false;
}
}
return true;
overrun:
ERROR_MSG("attribute map template overrun");
return false;
}
// Verification functions
bool OSSLECDSA::verify(PublicKey* publicKey, const ByteString& originalData, const ByteString& signature, const std::string mechanism)
{
std::string lowerMechanism;
lowerMechanism.resize(mechanism.size());
std::transform(mechanism.begin(), mechanism.end(), lowerMechanism.begin(), tolower);
if (lowerMechanism.compare("ecdsa"))
{
ERROR_MSG("Invalid mechanism supplied (%s)", mechanism.c_str());
return false;
}
// Check if the private key is the right type
if (!publicKey->isOfType(OSSLECPublicKey::type))
{
ERROR_MSG("Invalid key type supplied");
return false;
}
OSSLECPublicKey* pk = (OSSLECPublicKey*) publicKey;
EC_KEY* eckey = pk->getOSSLKey();
if (eckey == NULL)
{
ERROR_MSG("Could not get the OpenSSL public key");
return false;
}
// Perform the verify operation
size_t len = pk->getOrderLength();
if (len == 0)
return false;
if (signature.size() != 2 * len)
return false;
ECDSA_SIG* sig = ECDSA_SIG_new();
if (sig == NULL)
return false;
if (sig->r != NULL)
BN_clear_free(sig->r);
const unsigned char *s = signature.const_byte_str();
sig->r = BN_bin2bn(s, len, NULL);
if (sig->s != NULL)
BN_clear_free(sig->s);
sig->s = BN_bin2bn(s + len, len, NULL);
if (sig->r == NULL || sig->s == NULL)
{
ECDSA_SIG_free(sig);
return false;
}
int ret = ECDSA_do_verify(originalData.const_byte_str(), originalData.size(), sig, eckey);
if (ret != 1)
{
if (ret < 0)
ERROR_MSG("ECDSA verify failed (0x%08X)", ERR_get_error());
ECDSA_SIG_free(sig);
return false;
}
ECDSA_SIG_free(sig);
return true;
}
