Exemplo n.º 1
1
static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
                            const char *policy, int no_nonce, int cert)
{
    int ret = 0;
    TS_REQ *ts_req = NULL;
    int len;
    TS_MSG_IMPRINT *msg_imprint = NULL;
    X509_ALGOR *algo = NULL;
    unsigned char *data = NULL;
    ASN1_OBJECT *policy_obj = NULL;
    ASN1_INTEGER *nonce_asn1 = NULL;

    if (md == NULL && (md = EVP_get_digestbyname("sha1")) == NULL)
        goto err;
    if ((ts_req = TS_REQ_new()) == NULL)
        goto err;
    if (!TS_REQ_set_version(ts_req, 1))
        goto err;
    if ((msg_imprint = TS_MSG_IMPRINT_new()) == NULL)
        goto err;
    if ((algo = X509_ALGOR_new()) == NULL)
        goto err;
    if ((algo->algorithm = OBJ_nid2obj(EVP_MD_type(md))) == NULL)
        goto err;
    if ((algo->parameter = ASN1_TYPE_new()) == NULL)
        goto err;
    algo->parameter->type = V_ASN1_NULL;
    if (!TS_MSG_IMPRINT_set_algo(msg_imprint, algo))
        goto err;
    if ((len = create_digest(data_bio, digest, md, &data)) == 0)
        goto err;
    if (!TS_MSG_IMPRINT_set_msg(msg_imprint, data, len))
        goto err;
    if (!TS_REQ_set_msg_imprint(ts_req, msg_imprint))
        goto err;
    if (policy && (policy_obj = txt2obj(policy)) == NULL)
        goto err;
    if (policy_obj && !TS_REQ_set_policy_id(ts_req, policy_obj))
        goto err;

    /* Setting nonce if requested. */
    if (!no_nonce && (nonce_asn1 = create_nonce(NONCE_LENGTH)) == NULL)
        goto err;
    if (nonce_asn1 && !TS_REQ_set_nonce(ts_req, nonce_asn1))
        goto err;
    if (!TS_REQ_set_cert_req(ts_req, cert))
        goto err;

    ret = 1;
 err:
    if (!ret) {
        TS_REQ_free(ts_req);
        ts_req = NULL;
        BIO_printf(bio_err, "could not create query\n");
        ERR_print_errors(bio_err);
    }
    TS_MSG_IMPRINT_free(msg_imprint);
    X509_ALGOR_free(algo);
    OPENSSL_free(data);
    ASN1_OBJECT_free(policy_obj);
    ASN1_INTEGER_free(nonce_asn1);
    return ts_req;
}
Exemplo n.º 2
0
int add_digest_challenge(struct pmsg *msg, char *realm, int stale)
{
	struct digest_auth_info auth;

	strcpy(auth.realm, realm);
	create_nonce(&auth);

	/* LIVE.COM expects the challenge in exactly this format */
	return add_header_printf(msg, "WWW-Authenticate",
							 "Digest realm=\"%s\", nonce=\"%s\"%s",
							 auth.realm, auth.nonce,
							 stale ? ", stale=true" : "");
}
Exemplo n.º 3
0
compact_signature sign_compact(ec_secret secret, hash_digest hash)
{
    init.init();

    compact_signature out;

    ec_secret nonce;
    unsigned index = 0;
    do {
        nonce = create_nonce(secret, hash, index++);
    } while (secp256k1_ecdsa_sign_compact(hash.data(), hash.size(),
        out.signature.data(), secret.data(), nonce.data(), &out.recid) <= 0);

    return out;
}
Exemplo n.º 4
0
//------------------------------------------------------------------------------
// deals with private API methods:
std::string KClient::private_method(const std::string& method, 
				 const KInput& input) const
{   
   // build method URL
   std::string path = "/" + version_ + "/private/" + method;
   std::string method_url = url_ + path;

   curl_easy_setopt(curl_, CURLOPT_URL, method_url.c_str());

   // create a nonce and and postdata 
   std::string nonce = create_nonce();
   std::string postdata = "nonce=" + nonce;

   // if 'input' is not empty generate other postdata
   if (!input.empty())
      postdata = postdata + "&" + build_query(input);
   curl_easy_setopt(curl_, CURLOPT_POSTFIELDS, postdata.c_str());

   // add custom header
   curl_slist* chunk = NULL;

   std::string key_header =  "API-Key: "  + key_;
   std::string sign_header = "API-Sign: " + signature(path, nonce, postdata);

   chunk = curl_slist_append(chunk, key_header.c_str());
   chunk = curl_slist_append(chunk, sign_header.c_str());
   curl_easy_setopt(curl_, CURLOPT_HTTPHEADER, chunk);
   
   // where CURL write callback function stores the response
   std::string response;
   curl_easy_setopt(curl_, CURLOPT_WRITEDATA, static_cast<void*>(&response));

   // perform CURL request
   CURLcode result = curl_easy_perform(curl_);

   // free the custom headers
   curl_slist_free_all(chunk);
  
   // check perform result
   if (result != CURLE_OK) {
      std::ostringstream oss;
      oss << "curl_easy_perform() failed: " << curl_easy_strerror(result);
      throw std::runtime_error(oss.str());
   }
   
   return response;
}
Exemplo n.º 5
0
endorsement sign(ec_secret secret, hash_digest hash)
{
    init.init();

    int out_size = max_endorsement_size;
    endorsement signature(out_size);

    ec_secret nonce;
    unsigned index = 0;
    do {
        nonce = create_nonce(secret, hash, index++);
    } while (secp256k1_ecdsa_sign(hash.data(), hash.size(), signature.data(),
        &out_size, secret.data(), nonce.data()) <= 0);

    signature.resize(out_size);
    return signature;
}
Exemplo n.º 6
0
void send_nonce(struct network_status *net_stat)
  /*@ requires [?f0]world(?pub, ?key_clsfy) &*&
               proof_obligations(pub) &*&
               network_status(net_stat) &*&
               principal(?principal, ?count1) &*&
               true == bad(principal); @*/
  /*@ ensures  [f0]world(pub, key_clsfy) &*&
               proof_obligations(pub) &*&
               network_status(net_stat) &*&
               principal(principal, ?count2); @*/
{
  int i = random_int_();
  //@ close nonce_request(principal, i);
  struct item *nonce = create_nonce();
  //@ assert item(nonce, ?n, pub);
  //@ open proof_obligations(pub);
  //@ assert is_public_nonce(?proof, pub);
  //@ close exists(info_for_item);
  //@ proof(n);
  //@ close proof_obligations(pub);
  network_send(net_stat, nonce);
  item_free(nonce);
}
UNSIGNED32 get_timestamp_response(const char* urlStr, char* hash, UNSIGNED32 hash_size, UNSIGNED32 httpTimeOut, TS_RESP** tsResponse)
{
	UNSIGNED32 result = TINTERNALERROR;
	BIO* responseBio = NULL;
	Url* url = NULL;
	TS_REQ* tsRequest = NULL;
	BIO* requestBio = NULL;
	int requestHeaderLength;
	int requestLength;
	int requestContentLength;
	char requestHeader[2048 + 256];
	char* request = NULL;
	void* contentBuffer = NULL;
	void* resultBuffer = NULL;
	int resultLength;
	TS_MSG_IMPRINT* msgImprint = NULL;
	ASN1_OCTET_STRING* hashedMessage = NULL;
	int hashedMessageLength;
	int httpResult;
	char *urlBuffer = NULL;
	int redirection = 0;

	/* Check if TS url is specified */
	if (!urlStr)
	{
		goto end;
	}

	/* Get Request for timestamp */
	tsRequest = get_timestamp_request(hash, hash_size, create_nonce(NONCE_LENGTH));
	msgImprint = TS_REQ_get_msg_imprint(tsRequest);
	hashedMessage = TS_MSG_IMPRINT_get_msg(msgImprint);
	hashedMessageLength = ASN1_STRING_length((ASN1_STRING*)hashedMessage);
	if ((int)hash_size != hashedMessageLength)
	{
		goto end;
	}

	requestBio = BIO_new(BIO_s_mem());
	if (requestBio == NULL)
	{
		goto end;
	}

	if (!i2d_TS_REQ_bio(requestBio, tsRequest))
	{
		goto end;
	}

	contentBuffer = memory_alloc(BIO_number_written(requestBio));
	if (contentBuffer == NULL)
	{
		goto end;
	}

    requestContentLength = BIO_read(requestBio, contentBuffer, BIO_number_written(requestBio));

    /* Allocate memory buffer for timestamp server url */
    urlBuffer = memory_alloc(strlen(urlStr) + 1);
    if (!urlBuffer)
    {
    	goto end;
    }
    /* Copy TS url to allocated buffer */
    strcpy(urlBuffer, urlStr);

http_redirect:

	/* Parse and check URL */
	url = parse_url(urlBuffer);
	if (url == NULL)
	{
		goto end;
	}
	if (strcmp(url->Scheme, "http") != 0)
	{
		goto end;
	}

    requestHeaderLength = sprintf(requestHeader, "POST %s HTTP/1.0\r\nHOST: %s\r\nPragma: no-cache\r\nContent-Type: application/timestamp-query\r\nAccept: application/timestamp-reply\r\nContent-Length: %d\r\n\r\n",
    		urlBuffer, url->Host, requestContentLength);

	requestLength = requestHeaderLength + requestContentLength;

	request = (char*)memory_alloc(requestLength);
	if (request == NULL)
	{
		goto end;
	}

	memcpy(request, requestHeader, requestHeaderLength);
	memcpy(request + requestHeaderLength, contentBuffer, requestContentLength);

	httpResult = http_read(url->Host, request, requestLength, url->Port, httpTimeOut, 1, &resultBuffer, &resultLength);
	if (httpResult == HTTP_REDIRECTION && (resultBuffer) && !redirection)
	{
		free_url(url);
		url = NULL;
		memory_free(request);
		request = NULL;
		/* Allocated buffer for redirected url */
	    urlBuffer = memory_realloc(urlBuffer, resultLength);
	    if (!urlBuffer)
	    {
	    	goto end;
	    }
	    memcpy(urlBuffer, resultBuffer, resultLength);
	    memory_free(resultBuffer);
	    redirection++;
		goto http_redirect;
	} else
	if ((httpResult == HTTP_NOERROR) && (resultBuffer))
	{
		responseBio = BIO_new(BIO_s_mem());
		if (responseBio == NULL)
		{
			goto end;
		}
		BIO_write(responseBio, resultBuffer, resultLength);

		*tsResponse = d2i_TS_RESP_bio(responseBio, NULL);
		if (*tsResponse == NULL)
		{
			goto end;
		}

		result = TNOERR;
	}
	else
	{
		switch (httpResult)
		{
			case HTTP_NOLIVEINTERNET_ERROR:
				result = TNONET;
				break;
			case HTTP_TIMEOUT_ERROR:
				result = TTIMEOUT;
				break;
			case HTTP_RESPONSESTATUS_ERROR:
				result = TSERVERERROR;
				break;
			default:
				result = TINTERNALERROR;
				break;
		}
	}

end:
	free_url(url);
	if (tsRequest != NULL)
	{
		TS_REQ_free(tsRequest);
	}
	if (requestBio != NULL)
	{
		BIO_free_all(requestBio);
	}
	if (responseBio != NULL)
	{
		BIO_free_all(responseBio);
	}
	if (request != NULL)
	{
		memory_free(request);
	}
	if (contentBuffer != NULL)
	{
		memory_free(contentBuffer);
	}
	if (resultBuffer != NULL)
	{
		memory_free(resultBuffer);
	}
	if (urlBuffer != NULL)
	{
		memory_free(urlBuffer);
	}

	return result;
}
Exemplo n.º 8
0
bool
Twitter::post_status(const char *message)
{
  char *cp;
  int i;

  timestamp = get_time();
  create_nonce();

  compute_authorization(message);

  /* Post message to twitter. */

  EthernetClient http;

  if (!http.connect(ip, port))
    {
      println(PSTR("Could not connect to server"));
      return false;
    }

  http_print(&http, PSTR("POST "));

  if (proxy)
    {
      http_print(&http, PSTR("http://"));
      http_print(&http, server);
    }

  http_print(&http, uri);
  http_println(&http, PSTR(" HTTP/1.1"));

  http_print(&http, PSTR("Host: "));
  http_print(&http, server);
  http_newline(&http);

  http_println(&http,
               PSTR("Content-Type: application/x-www-form-urlencoded"));
  http_println(&http, PSTR("Connection: close"));

  /* Authorization header. */
  http_print(&http, PSTR("Authorization: OAuth oauth_consumer_key=\""));

  url_encode_pgm(buffer, consumer_key);
  http.write(buffer);

  http_print(&http, PSTR("\",oauth_signature_method=\"HMAC-SHA1"));
  http_print(&http, PSTR("\",oauth_timestamp=\""));

  sprintf(buffer, "%ld", timestamp);
  http.write(buffer);

  http_print(&http, PSTR("\",oauth_nonce=\""));

  hex_encode(buffer, nonce, sizeof(nonce));
  http.write(buffer);

  http_print(&http, PSTR("\",oauth_version=\"1.0\",oauth_token=\""));

  if (access_token_pgm)
    url_encode_pgm(buffer, access_token.pgm);
  else
    url_encode_eeprom(buffer, access_token.eeprom);

  http.write(buffer);

  http_print(&http, PSTR("\",oauth_signature=\""));

  cp = base64_encode(buffer, signature, HASH_LENGTH);
  url_encode(cp + 1, buffer);

  http.write(cp + 1);

  http_println(&http, PSTR("\""));

  /* Encode content. */
  cp = url_encode(buffer, "status");
  *cp++ = '=';
  cp = url_encode(cp, message);

  int content_length = cp - buffer;
  sprintf(cp + 1, "%d", content_length);

  http_print(&http, PSTR("Content-Length: "));
  http.write(cp + 1);
  http_newline(&http);

  /* Header-body separator. */
  http_newline(&http);

  /* And finally content. */
  http.write(buffer);

  /* Read response status line. */
  if (!read_line(&http, buffer, buffer_len) || buffer[0] == '\0')
    {
      http.stop();
      return false;
    }

  int response_code;

  /* HTTP/1.1 200 Success */
  for (i = 0; buffer[i] && buffer[i] != ' '; i++)
    ;
  if (buffer[i])
    response_code = atoi(buffer + i + 1);
  else
    response_code = 0;

  bool success = (200 <= response_code && response_code < 300);

  if (!success)
    Serial.println(buffer);

  /* Skip header. */
  while (true)
    {
      if (!read_line(&http, buffer, buffer_len))
        {
          http.stop();
          return false;
        }

      if (buffer[0] == '\0')
        break;

      /* Update our system basetime from the response `Date'
         header. */
      process_date_header(buffer);
    }

  /* Handle content. */
  while (http.connected())
    {
      while (http.available() > 0)
        {
          uint8_t byte = http.read();

          if (!success)
            Serial.write(byte);
        }
      delay(100);
    }

  http.stop();

  if (!success)
    println(PSTR(""));

  return success;
}