http_response_builder( const byte_string& content_hook, int response_code = 200, const std::string& content_type = "text/plain", bool autodelete = true ): _content_hook(std::string(content_hook.get_content_hook(), content_hook.get_content_length())), _response_code(response_code), _autodelete(autodelete), _realm(""), _opaque(""), _reload_nonce(false), _headers(std::map<std::string, std::string, http::header_comparator>()), _footers(std::map<std::string, std::string, http::header_comparator>()), _cookies(std::map<std::string, std::string, http::header_comparator>()), _topics(std::vector<std::string>()), _keepalive_secs(-1), _keepalive_msg(""), _send_topic(""), _cycle_callback(NULL), _ce(0x0), _get_raw_response(&http_response::get_raw_response_str), _decorate_response(&http_response::decorate_response_str), _enqueue_response(&http_response::enqueue_response_str) { _headers[http::http_utils::http_header_content_type] = content_type; }
//debugged and working properly... do not disturb. string BASE64Encode(const byte_string& input) { string output; const byte* data = input.c_str(); size_t length = input.length(); int value, value2; //handle input in 3 byte blocks while( length > 2 ) { value = data[0]; value >>= 2; output.push_back(Base64EncodeTable[value]); value = data[0]; value2 = data[1]; value &= 0x03; value <<= 4; value2 &= 0xF0; value2 >>= 4; value |= value2; output.push_back(Base64EncodeTable[value]); value = data[1]; value2 = data[2]; value &= 0x0F; value <<= 2; value2 &= 0xC0; value2 >>= 6; value |= value2; output.push_back(Base64EncodeTable[value]); value = data[2]; value &= 0x3F; output.push_back(Base64EncodeTable[value]); data += 3; length -= 3; } //handle remainder switch(length) { case 0: //no remainder to process break; case 1: //process and pad with two = value = data[0]; value >>= 2; output.push_back(Base64EncodeTable[value]); value = data[0]; value &= 0x03; value <<= 4; output.push_back(Base64EncodeTable[value]); output.push_back(Base64EncodeTable[64]); output.push_back(Base64EncodeTable[64]); break; case 2: //process and pad with one = value = data[0]; value >>= 2; output.push_back(Base64EncodeTable[value]); value = data[0]; value2 = data[1]; value &= 0x03; value <<= 4; value2 &= 0xF0; value2 >>= 4; value |= value2; output.push_back(Base64EncodeTable[value]); value = data[1]; value &= 0x0F; value <<= 2; output.push_back(Base64EncodeTable[value]); output.push_back(Base64EncodeTable[64]); break; } return output; }
bool AvHNexus::TunnelToClient::recv(const Nexus::ClientID local_id, byte_string& data) { std::pair<const Nexus::ClientID,const byte_string> item = messages.front(); if( item.first != local_id ) { return false; } data.assign(item.second); messages.pop_front(); return true; }
/// Get hash value for byte_string. size_t calculate_hash_value(const byte_string& v) { return v.hash_value(); }
void PIVKeyRecord::computeCrypt(PIVToken &pivToken, bool sign, // MODIFY const AccessCredentials *cred, const byte_string &data, byte_string &output) { if (data.size() != sizeInBits() / 8) CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH); /* Allow all key usage, certificates determine validity */ unsigned char algRef; switch (sizeInBits()) { case 1024: algRef = PIV_KEYALG_RSA_1024; break; case 2048: algRef = PIV_KEYALG_RSA_2048; break; default: /* Cannot use a key ~= 1024 or 2048 bits yet */ CssmError::throwMe(CSSMERR_CSP_KEY_USAGE_INCORRECT); break; } /* Build the BER-Encoded message */ /* Template: 0x7C L { 0x82 0x00, 0x81 L data } .. 2 tag+lengths + 1 tag-0 */ TLVList commandList; commandList.push_back(TLV_ref(new TLV(0x81, data))); commandList.push_back(TLV_ref(new TLV(0x82))); TLV_ref command = TLV_ref(new TLV(0x7C, commandList)); /* TODO: Evaluate result length handling */ /* At least enough to contain BER-TLV */ size_t resultLength = sizeInBits() / 8; resultLength += 1 + TLV::encodedLength(resultLength); // RESPONSE resultLength += 1 + 1; // Potential empty response-tlv resultLength += 1 + TLV::encodedLength(resultLength); // TLV containing response /* Round out resultLength to a multiple of 256 */ resultLength = resultLength + resultLength % 256 + 256; // Ensure that there's enough space to prevent unnecessary resizing output.reserve(resultLength); PCSC::Transaction _(pivToken); pivToken.selectDefault(); /* Support for the signing key w/ user-consent pin */ if (cred) { uint32 size = cred->size(); for (uint32 ix = 0; ix < size; ++ix) { const TypedList &sample = (*cred)[ix]; if (sample.type() == CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD && sample.length() == 2) { CssmData &pin = sample[1].data(); if (pin.Length > 0) { pivToken.verifyPIN(1, pin.Data, pin.Length); break; } else if (pin.Length == 0) { // %%% <rdar://4334623> // PIN previously verified by securityd; // continue to look at remaining samples } else { CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED); } } } } byte_string commandString = command->encode(); PIVError::check(pivToken.exchangeChainedAPDU(0x00, 0x87, algRef, keyRef, commandString, output)); /* DECODE 0x7C */ TLV_ref tlv; try { tlv = TLV::parse(output); } catch(...) { secure_zero(output); PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED); } secure_zero(output); if(tlv->getTag() != (unsigned char*)"\x7C") { secdebug("piv", " %s: computeCrypt: missing response tag: 0x%.2X", description(), 0x7C); PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH); } byte_string tagData; try { TLVList list = tlv->getInnerValues(); TLVList::const_iterator iter = find_if(list.begin(), list.end(), TagPredicate(0x82)); if(iter != list.end()) tagData = (*iter)->getValue(); } catch(...) { } if(tagData.size() == 0) { secdebug("piv", " %s: computeCrypt: missing response value tag: 0x%.2X", description(), 0x82); PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH); } if(tagData.size() != sizeInBits() / 8) { // Not enough data at all.. secure_zero(tagData); secdebug("piv", " %s: computeCrypt: expected contained response length: %ld, got: %ld", description(), sizeInBits() / 8, tagData.size()); PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH); } output.swap(tagData); /* zero-out tagData */ secure_zero(tagData); }
bool AvHNexus::TunnelToClient::send(const Nexus::ClientID local_id, const byte_string& data) { return AvHNexus::send( VARS(local_id), data.c_str(), data.length() ); }
inline bool operator < (char const * lhs, byte_string const & rhs) { return rhs.compare(lhs) > 0; }
inline bool operator < (byte_string const & lhs, const char * rhs) { return lhs.compare(rhs) < 0; }
inline bool operator == (std::string const & lhs, byte_string const & rhs) { return rhs.compare(lhs) == 0; }
inline bool operator == (byte_string::const_pointer lhs, byte_string const & rhs) { return rhs.compare(lhs) == 0; }
inline bool operator == (byte_string const & lhs, byte_string const & rhs) { return lhs.compare(rhs) == 0; }
byte_string_ref (byte_string & bs) : p(& bs) , max_size(bs.size()) {}
inline bool operator < (byte_string const & lhs, std::string const & rhs) { return lhs.compare(rhs) < 0; }
inline bool operator < (byte_string const & lhs, byte_string::const_pointer rhs) { return lhs.compare(rhs) < 0; }