ptr_lib::shared_ptr<PublicKey> FilePrivateKeyStorage::getPublicKey(const Name& keyName) { string keyURI = keyName.toUri(); if (!doesKeyExist(keyName, KEY_CLASS_PUBLIC)) throw SecurityException("Public Key does not exist."); ifstream file(nameTransform(keyURI, ".pub").c_str()); stringstream base64; base64 << file.rdbuf(); // Use a vector in a shared_ptr so we can make it a Blob without copying. ptr_lib::shared_ptr<vector<uint8_t> > der(new vector<uint8_t>()); fromBase64(base64.str(), *der); Blob derBlob(der, false); return ptr_lib::shared_ptr<PublicKey>(new PublicKey(derBlob)); }
bool loadFile(const char* fileName, Elysia::Genome::Genome &retval) { FILE * fp=fopen(fileName,"rb"); if (!fp) return false; fseek(fp,0,SEEK_END); size_t fileSize=ftell(fp); std::vector<unsigned char> data(fileSize); fseek(fp,0,SEEK_SET); if (!data.empty()) { fread(&*data.begin(),1,fileSize,fp); } fclose(fp); if (data.empty()) return false; std::vector<unsigned char> buffer; if (fromBase64(buffer,Base64::MemoryReference(&*data.begin(),fileSize))) { if (buffer.size()&&retval.ParseFromArray(&*buffer.begin(),buffer.size())) { return true; } else { return retval.ParseFromArray(&*data.begin(),fileSize); } } else { return retval.ParseFromArray(&*data.begin(),fileSize); } }
gl::Texture QRcode::loadImageFromString(std::string value) { Buffer buff = fromBase64(value); auto myImage = ci::loadImage(DataSourceBuffer::create(buff), ImageSource::Options(), "png"); return gl::Texture(myImage); }
char* Crypto::decryptAndVerifyMessage(const char* whole, rsa* crypter, rsa* signer) { // parse base 64 input size_t wholeSize = strlen(whole); size_t nonceLen; size_t keyLen; size_t messageLen; size_t signatureLen; int state = 0; int len = 0; for(int i=0; i<wholeSize; ++i) { ++len; if(whole[i] == '\n') { switch (state) { case 0: nonceLen = len; break; case 1: keyLen = len; break; case 2: messageLen = len; break; case 3: signatureLen = len; break; default: printf("unknown case detected : %d\n", state); break; } state ++; len = 0; } } char nonce[nonceLen]; char key[keyLen]; char message[messageLen]; char signature[signatureLen]; state = 0; len = 0; for(int i=0; i<wholeSize; ++i) { char c = whole[i]; c = (c == '\n' ? 0 : c); switch (state) { case 0: nonce[len] = c; break; case 1: key[len] = c; break; case 2: message[len] = c; break; case 3: signature[len] = c; break; default: printf("unknown case detected : %d\n", state); break; } if(c == 0) { state ++; len = 0; } else { ++len; } } if(CRYPTO_DEBUG) { printf("nonce=%s\n", nonce); printf("key=%s\n", key); printf("message=%s\n", message); printf("signature=%s\n", signature); } // End parsing base 64 file //verify message signature if(! signer->verify(message, signature)) { if(CRYPTO_DEBUG) printf("signature is KO\n"); } aes aes; // decrypt nonce size_t size; u_char buffer[512]; u_char* nonceCrypted = fromBase64(nonce, &size); if(nonceCrypted == NULL) return NULL; size = crypter->decrypt(nonceCrypted, size, buffer, 512); aes.setIV(buffer); free(nonceCrypted); //decrypt session key u_char* keyCrypted = fromBase64(key, &size); if(keyCrypted == NULL) return NULL; size = crypter->decrypt(keyCrypted, size, buffer, 512); aes.setKey(buffer); free(keyCrypted); aes.dumpKey(); aes.dumpNonce(); //decrypt message u_char* messageCrypted = fromBase64(message, &size); if(messageCrypted == NULL) return NULL; u_char* plainText = (u_char*)malloc(size); if(plainText == NULL) { free(messageCrypted); if(CRYPTO_DEBUG) printf("cannot allocate memory for plain text\n"); return NULL; } aes.decrypt(messageCrypted, plainText, size); plainText[size] = 0; free(messageCrypted); return (char*) plainText; }
/** * \brief Loads the ChanServ database from disk */ void readChanData() { RegChanList *rcl; RegNickList *rnl; char *command; int done = 0, db_version = 1; int line_num = 0; char *pass; char *topic; rcl = NULL; rnl = NULL; db.cs = fopen(CS_DIR "chanserv.db", "r"); if (db.cs == NULL) return; while (!done) { if ((sfgets(dbLine, 2048, db.cs)) == 0) { if (!done) { unexpected_eof(CS_DB); } done = 1; fclose(db.cs); return; } line_num++; if (parse_init(&state, dbLine) != 0) { fprintf(stderr, CS_DIR "chanserv.db:%d: " " Fatal error during read " " (Null line?) \n", line_num); abort(); } command = parse_getarg(&state); if (!strcmp(command, "version")) { db_version = atoi(parse_getarg(&state)); } else if (!strcmp(command, "channel")) { char *sChannelName, *sFounderNick; rcl = (RegChanList *) oalloc(sizeof(RegChanList)); sChannelName = parse_getarg(&state); sFounderNick = parse_getarg(&state); initRegChanData(rcl); if (strlen(sChannelName) >= CHANLEN) { fprintf(stderr, CS_DIR "chanserv.db:%d: " " Channel name '%.80s' exceeds " " CHANLEN.\n", line_num, sChannelName); sshutdown(-1); } else if (strlen(sFounderNick) >= NICKLEN) { fprintf(stderr, CS_DIR "chanserv.db:%d: " " Founder nick name '%.80s' " " (%.80s)" " exceeds NICKLEN.\n", line_num, sFounderNick, sChannelName); sshutdown(-1); } if (!sChannelName || !sFounderNick) { fprintf(stderr, CS_DIR "chanserv.db:%d: " " Parse error. (%p, %p)", line_num, sChannelName, sFounderNick); sshutdown(-1); } rnl = getRegNickData(sFounderNick); strcpy(rcl->name, sChannelName); if (rnl) { rcl->founderId = rnl->regnum; rnl->chans++; } else rcl->founderId = RegId(0, 0); rcl->mlock = atol(parse_getarg(&state)); rcl->flags = atol(parse_getarg(&state)); pass = parse_getarg(&state); /*! \bug XXX verify this works */ if (!pass) { fprintf(stderr, CS_DIR "chanserv.db:%d: " " Null password?!", line_num); sshutdown(-1); } if ((db_version < 2) || *pass == '@') { if (db_version < 2) strcpy((char *)rcl->password, pass); else strcpy((char *)rcl->password, pass + 1); if (strlen(pass) > (u_int)((db_version < 2) ? PASSLEN : PASSLEN+1)) { fprintf(stderr, CS_DIR "chanserv.db:%d: " " password > PASSLEN", line_num); sshutdown(-1); } xorit((char *)rcl->password); rcl->flags &= ~CENCRYPT; } else { u_char *tmpup = fromBase64(pass+1, NULL); int q; if (!tmpup) abort(); for(q = 0; q < 16; q++) rcl->password[q] = tmpup[q]; FREE(tmpup); rcl->flags |= CENCRYPT; } rcl->timereg = (time_t) atol(parse_getarg(&state)); rcl->timestamp = (time_t) atol(parse_getarg(&state)); strncpyzt(rcl->key, parse_getarg(&state), KEYLEN); rcl->limit = atol(parse_getarg(&state)); rcl->memolevel = atoi(parse_getarg(&state)); rcl->tlocklevel = atoi(parse_getarg(&state)); rcl->restrictlevel = atoi(parse_getarg(&state)); /* The rest of the line - skipping the leading : */ topic = parse_getallargs(&state); if (topic == NULL) rcl->desc[0] = '\0'; else strncpyzt(rcl->desc, topic, CHANDESCBUF); addRegChan(rcl); mostchans++; } else if (!strcmp(command, "topic")) { rcl = getRegChanData(parse_getarg(&state)); if (rcl == NULL) continue; strncpyzt(rcl->tsetby, parse_getarg(&state), NICKLEN); rcl->ttimestamp = (time_t) atol(parse_getarg(&state)); /* The rest of the topic, skipping the : in it */ topic = parse_getallargs(&state); if (topic == NULL) rcl->topic = NULL; else rcl->topic = strdup(topic); } else if (!strcmp(command, "url")) { rcl = getRegChanData(parse_getarg(&state)); if (rcl == NULL) continue; topic = parse_getallargs(&state); if (topic == NULL) rcl->url = NULL; else rcl->url = strdup(topic); } else if (!strcmp(command, "autogreet")) { rcl = getRegChanData(parse_getarg(&state)); if (rcl == NULL) continue; topic = parse_getallargs(&state); if (topic == NULL) rcl->autogreet = NULL; else rcl->autogreet = strdup(topic); } else if (!strcmp(command, "markby")) { rcl = getRegChanData(parse_getarg(&state)); if (rcl == NULL) continue; topic = parse_getarg(&state); if (topic == NULL) rcl->markby = NULL; else rcl->markby = strdup(topic); } else if (strcmp(command, "chkey") == 0) { char *tmpp = parse_getarg(&state); if (rcl && tmpp) rcl->chpw_key = strtoul(tmpp, (char **)0, 16); } else if (!strcmp(command, "op")) { cAccessList *lame; char *tmpName; rcl = getRegChanData(parse_getarg(&state)); if (rcl == NULL) continue; tmpName = parse_getarg(&state); if ((rnl = getRegNickData(tmpName)) != NULL) { lame = (cAccessList *) oalloc(sizeof(cAccessList)); lame->nickId = rnl->regnum; lame->uflags = atoi(parse_getarg(&state)); addChanOp(rcl, lame); } } else if (!strcmp(command, "akick")) { cAkickList *lame; lame = (cAkickList *) oalloc(sizeof(cAkickList)); rcl = getRegChanData(parse_getarg(&state)); if (rcl == NULL) continue; strncpyzt(lame->mask, parse_getarg(&state), 70); lame->added = (time_t) atol(parse_getarg(&state)); /* The rest of the string... */ topic = parse_getallargs(&state); if (topic == NULL) lame->reason[0] = '\0'; else { strncpyzt(lame->reason, topic, NICKLEN + 50); } addChanAkick(rcl, lame); } else if (!strcmp(command, "done")) done = 1; else { fprintf(stderr, "GLOBOPS :Read chan data (%s)", dbLine); sshutdown(-1); } #ifdef DBDEBUG sSend(":%s PRIVMSG " DEBGUGCHAN " :Read chan data (%s)", ChanServ, dbLine); #endif parse_cleanup(&state); } fclose(db.cs); }
/** * \brief Loads the NickServ database from disk */ void readNickData() { RegNickList *rnl = NULL; char *command, *tmpp; unsigned char *tmpup; int done = 0, db_version = 1; int line_num = 0, do_enc = 0; #ifdef REQ_EMAIL readRegData(); #endif db.ns = fopen(NS_DB, "r"); if (db.ns == NULL) { logDump(corelog, "Unable to open " NS_DB ": %s", strerror(errno)); return; } while (!done) { if (!(sfgets(dbLine, 1024, db.ns))) { if (!done) { unexpected_eof(NS_DB); } done = 1; fclose(db.ns); return; } line_num++; if (parse_init(&state, dbLine) != 0) { /*! \bug XXX make a nicer error here! */ abort(); } command = parse_getarg(&state); if (strcmp(command, "version") == 0) { tmpp = parse_getarg(&state); assert(tmpp); if (tmpp) db_version = atoi(tmpp); } else if (strcmp(command, "nick") == 0) { rnl = (RegNickList *) oalloc(sizeof(RegNickList)); char *sNick, *sUser, *sHost, *sPass; sNick = parse_getarg(&state); sUser = parse_getarg(&state); sHost = parse_getarg(&state); sPass = parse_getarg(&state); if (strlen(sNick) >= NICKLEN) { fprintf(stderr, NS_DB ":%d: " " Nickname '%.80s' exceeds " " NICKLEN.\n", line_num, sNick); sshutdown(-1); } strcpy(rnl->nick, sNick); strncpyzt(rnl->user, sUser, USERLEN); SetDynBuffer(&rnl->host, sHost); if (db_version < 2) { if (strlen(sPass) > PASSLEN) { fprintf(stderr, NS_DB ":%d: " " Password for nick '%s' " " exceeds PASSLEN.\n", line_num, sNick); sshutdown(-1); } strcpy((char *)rnl->password, xorit(sPass)); } else { char encType = *sPass; if (encType == '@') { if (strlen(sPass+1) > PASSLEN) { fprintf(stderr, NS_DB ":%d: " " Password for nick '%s' " " exceeds PASSLEN.\n", line_num, sNick); sshutdown(-1); } strcpy((char *)rnl->password, xorit(sPass + 1)); do_enc = 0; } else if (encType == '$') { int q, len; tmpup = fromBase64(sPass + 1, &len); assert(tmpup); for(q = 0; q < 16; q++) rnl->password[q] = tmpup[q]; do_enc = 1; FREE(tmpup); } else rnl->password[0] = '\0'; } rnl->timestamp = (time_t) atol(parse_getarg(&state)); rnl->timereg = (time_t) atol(parse_getarg(&state)); rnl->flags = atoi(parse_getarg(&state)); if (db_version >= 3) { const char *idString = parse_getarg(&state); int av, bv; sscanf(idString, "%X*%X", &av, &bv); rnl->regnum.SetDirect(top_regnick_idnum, av, bv); } else { rnl->regnum.SetNext(top_regnick_idnum); } if (do_enc) rnl->flags |= NENCRYPT; else rnl->flags &= ~NENCRYPT; rnl->opflags = 0; rnl->idtime = DEF_NDELAY; ADD_MEMO_BOX(rnl); addRegNick(rnl); } else if (strcmp(command, "is") == 0) { char *data = parse_getarg(&state); if (rnl && data) rnl->is_readtime = atol(data); } else if (strcmp(command, "oper") == 0) { char *opflags_s; if (rnl && (rnl == getRegNickData(parse_getarg(&state)))) { if ((opflags_s = parse_getarg(&state))) rnl->opflags |= (strtoul(opflags_s, (char **)0, 10) & ~(OROOT | OSERVOP)); if (rnl->opflags) addOpData(rnl); } } else if (strcmp(command, "url") == 0) { if (rnl && (rnl == getRegNickData(parse_getarg(&state)))) { rnl->url = strdup(parse_getarg(&state)); if (strlen(rnl->url) > (URLLEN - 1)) rnl->url[URLLEN - 1] = '\0'; } } else if (strcmp(command, "gecos") == 0) { #ifdef TRACK_GECOS char *gecos = parse_getallargs(&state); if (gecos != NULL) rnl->gecos = strdup(gecos); #endif } else if (strcmp(command, "akey") == 0) { #ifdef REQ_EMAIL if (rnl) rnl->email_key = atoi(parse_getarg(&state)); #endif } else if (strcmp(command, "chkey") == 0) { char *tmpp = parse_getarg(&state); if (rnl && tmpp) rnl->chpw_key = strtoul(tmpp, (char **)0, 16); } else if (strcmp(command, "markby") == 0) { char *mby; rnl = getRegNickData(parse_getarg(&state)); if (!rnl || !(mby = parse_getarg(&state))) continue; rnl->markby = strdup(mby); } else if (strcmp(command, "access") == 0) { rnl = getRegNickData(parse_getarg(&state)); addAccItem(rnl, parse_getarg(&state)); } else if (!strcmp(command, "email")) { rnl = getRegNickData(parse_getarg(&state)); strncpyzt(rnl->email, parse_getarg(&state), EMAILLEN); if (!strcmp(rnl->email, "(none)")) strcat(rnl->email, " "); } else if (!strcmp(command, "idtime")) { rnl = getRegNickData(parse_getarg(&state)); rnl->idtime = atoi(parse_getarg(&state)); } else if (!strcmp(command, "done")) done = 1; else { fprintf(stderr, NS_DB ":%d: Error reading nick data (%s)", line_num, dbLine); sshutdown(-1); } #ifdef DBDEBUG sSend(":%s PRIVMSG " DEBUGCHAN " :Read nick data (%s)", NICKSERV, dbLine); #endif parse_cleanup(&state); } fclose(db.ns); readMemoData(); }
Blob FilePrivateKeyStorage::sign (const uint8_t *data, size_t dataLength, const Name& keyName, DigestAlgorithm digestAlgorithm) { string keyURI = keyName.toUri(); if (!doesKeyExist(keyName, KEY_CLASS_PRIVATE)) throw SecurityException ("FilePrivateKeyStorage::sign: private key doesn't exist"); if (digestAlgorithm != DIGEST_ALGORITHM_SHA256) throw SecurityException ("FilePrivateKeyStorage::sign: Unsupported digest algorithm"); // Read the private key. ifstream file(nameTransform(keyURI, ".pri").c_str()); stringstream base64; base64 << file.rdbuf(); vector<uint8_t> pkcs8Der; fromBase64(base64.str(), pkcs8Der); // The private key is generated by NFD which stores as PKCS #8. Decode it // to find the algorithm OID and the inner private key DER. ptr_lib::shared_ptr<DerNode> parsedNode = DerNode::parse(&pkcs8Der[0], 0); const std::vector<ptr_lib::shared_ptr<DerNode> >& pkcs8Children = parsedNode->getChildren(); // Get the algorithm OID and parameters. const std::vector<ptr_lib::shared_ptr<DerNode> >& algorithmIdChildren = DerNode::getSequence(pkcs8Children, 1).getChildren(); string oidString (dynamic_cast<DerNode::DerOid&>(*algorithmIdChildren[0]).toVal().toRawStr()); ptr_lib::shared_ptr<DerNode> algorithmParameters = algorithmIdChildren[1]; // Get the value of the 3rd child which is the octet string. Blob privateKeyDer = pkcs8Children[2]->toVal(); // Get the digest to sign. uint8_t digest[SHA256_DIGEST_LENGTH]; ndn_digestSha256(data, dataLength, digest); // TODO: use RSA_size, etc. to get the proper size of the signature buffer. uint8_t signatureBits[1000]; unsigned int signatureBitsLength; // Decode the private key and sign. if (oidString == RSA_ENCRYPTION_OID) { // Use a temporary pointer since d2i updates it. const uint8_t* derPointer = privateKeyDer.buf(); rsa_st* privateKey = d2i_RSAPrivateKey(NULL, &derPointer, privateKeyDer.size()); if (!privateKey) throw SecurityException ("FilePrivateKeyStorage::sign: Error decoding the RSA private key DER"); int success = RSA_sign (NID_sha256, digest, sizeof(digest), signatureBits, &signatureBitsLength, privateKey); // Free the private key before checking for success. RSA_free(privateKey); if (!success) throw SecurityException("FilePrivateKeyStorage::sign: Error in RSA_sign"); } else if (oidString == EC_ENCRYPTION_OID) { ec_key_st* privateKey = decodeEcPrivateKey(algorithmParameters, privateKeyDer); int success = ECDSA_sign (NID_sha256, digest, sizeof(digest), signatureBits, &signatureBitsLength, privateKey); // Free the private key before checking for success. EC_KEY_free(privateKey); if (!success) throw SecurityException("FilePrivateKeyStorage::sign: Error in ECDSA_sign"); } else throw SecurityException ("FilePrivateKeyStorage::sign: Unrecognized private key OID"); return Blob(signatureBits, (size_t)signatureBitsLength); }
Buffer fromBase64(const string &input) { return fromBase64(input.c_str(), input.size()); }