Exemplo n.º 1
0
bool Digest::has(const char *id)
{
    if(eq_case(id, "md5"))
        return true;

    if(eq_case(id, "sha1") || eq_case(id, "sha"))
        return true;

    return false;
}
Exemplo n.º 2
0
void Cipher::Key::set(const char *cipher, const char *digest)
{
    set(cipher);

    // never use sha0...
    if(eq_case(digest, "sha") || eq_case(digest, "sha160"))
        digest = "sha1";

    hashtype = EVP_get_digestbyname(digest);
}
Exemplo n.º 3
0
void Digest::set(const char *type)
{
    release();

    if(eq_case(type, "md5")) {
        hashtype = "m";
        context = new MD5_CTX;
        MD5Init((MD5_CTX*)context);
    }
    else if(eq_case(type, "sha") || eq_case(type, "sha1")) {
        hashtype = "s";
        context = new SHA1_CTX;
        SHA1Init((SHA1_CTX*)context);
    }
}
Exemplo n.º 4
0
secure::error_t secure::verify(session_t session, const char *peername)
{
    SSL *ssl = (SSL *)session;

    char peer_cn[256];

    if(SSL_get_verify_result(ssl) != X509_V_OK)
        return secure::INVALID_CERTIFICATE;

    if(!peername)
        return secure::OK;

    X509 *peer = SSL_get_peer_certificate(ssl);

    if(!peer)
        return secure::INVALID_PEERNAME;

    X509_NAME_get_text_by_NID(
        X509_get_subject_name(peer),
        NID_commonName, peer_cn, sizeof(peer_cn));
    if(!eq_case(peer_cn, peername))
        return secure::INVALID_PEERNAME;

    return secure::OK;
}
Exemplo n.º 5
0
void Digest::set(const char *type)
{
    secure::init();

    release();

    // never use sha0
    if(eq_case(type, "sha") || eq_case(type, "sha160"))
        type = "sha1";

    hashtype = (void *)EVP_get_digestbyname(type);
    if(hashtype) {
        context = new EVP_MD_CTX;
        EVP_MD_CTX_init((EVP_MD_CTX *)context);
        EVP_DigestInit_ex((EVP_MD_CTX *)context, (const EVP_MD *)hashtype, NULL);
    }
}
Exemplo n.º 6
0
int __context::map_digest(const char *type)
{
    if(eq_case(type, "sha") || eq_case(type, "sha1")) 
        return GNUTLS_DIG_SHA1;
    else if(eq_case(type, "sha256"))
        return GNUTLS_DIG_SHA256;
    else if(eq_case(type, "sha512"))
        return GNUTLS_DIG_SHA512;
    else if(eq_case(type, "md5"))
        return GNUTLS_DIG_MD5;
    else if(eq_case(type, "md2"))
        return GNUTLS_DIG_MD2;
    else if(eq_case(type, "rmd160"))
        return GNUTLS_DIG_RMD160;
    else
        return 0;
}
Exemplo n.º 7
0
int __context::map_cipher(const char *cipher)
{
    char algoname[64];

    enum {
        NONE, CBC, ECB, CFB, OFB
    } modeid;

    String::set(algoname, sizeof(algoname), cipher);
    char *fpart = strchr(algoname, '-');
    char *lpart = strrchr(algoname, '-');

    modeid = NONE;

    if(lpart) {
        if(fpart != lpart)
            *(fpart++) = 0;
        else
            ++fpart;

        *(lpart++) = 0;
        if(eq_case(lpart, "cbc"))
            modeid = CBC;
        else if(eq_case(lpart, "ecb"))
            modeid = ECB;
        else if(eq_case(lpart, "cfb") || eq_case(lpart, "pgp"))
            modeid = CFB;
        else if(eq_case(lpart, "ofb"))
            modeid = OFB;
        else
            modeid = NONE;    
    }
    else if(eq_case(cipher, "aes128") || eq_case(cipher, "aes"))
        return GNUTLS_CIPHER_AES_128_CBC;
    else if(eq_case(cipher, "aes256"))
        return GNUTLS_CIPHER_AES_256_CBC;
    else if(eq_case(cipher, "aes192"))
        return GNUTLS_CIPHER_AES_192_CBC;
    else if(eq_case(cipher, "arcfour") || eq_case(cipher, "arc4"))
        return GNUTLS_CIPHER_ARCFOUR_128;
    else if(eq_case(cipher, "des"))
        return GNUTLS_CIPHER_DES_CBC;
    else if(eq_case(cipher, "3des"))
        return GNUTLS_CIPHER_3DES_CBC;
    else if(eq_case(cipher, "rc2"))
        return GNUTLS_CIPHER_RC2_40_CBC;
    else if(eq_case(cipher, "idea"))
        return GNUTLS_CIPHER_IDEA_PGP_CFB;
    else if(eq_case(cipher, "twofish") || eq_case(cipher, "2fish"))
        return GNUTLS_CIPHER_TWOFISH_PGP_CFB;
    else if(eq_case(cipher, "blowfish"))
        return GNUTLS_CIPHER_BLOWFISH_PGP_CFB;

    else if(eq_case(algoname, "cast") || eq_case(algoname, "cast5"))
        return GNUTLS_CIPHER_CAST5_PGP_CFB;

    switch(modeid) {
    case CFB:
        if(eq_case(algoname, "aes")) {
            if(atoi(fpart) == 128)
                return GNUTLS_CIPHER_AES128_PGP_CFB;
            if(atoi(fpart) == 192)
                return GNUTLS_CIPHER_AES192_PGP_CFB;
            if(atoi(fpart) == 256)
                return GNUTLS_CIPHER_AES256_PGP_CFB;
            return 0;
        }

        if(eq_case(algoname, "idea"))
            return GNUTLS_CIPHER_IDEA_PGP_CFB;
        if(eq_case(algoname, "3des"))
            return GNUTLS_CIPHER_3DES_PGP_CFB;
        if(eq_case(algoname, "cast") || eq_case(algoname, "cast5"))
            return GNUTLS_CIPHER_CAST5_PGP_CFB;
        if(eq_case(algoname, "twofish") || eq_case(algoname, "2fish"))
            return GNUTLS_CIPHER_TWOFISH_PGP_CFB;
        if(eq_case(algoname, "blowfish"))
            return GNUTLS_CIPHER_BLOWFISH_PGP_CFB;
        if(eq_case(algoname, "sk"))
            return GNUTLS_CIPHER_SAFER_SK128_PGP_CFB;
        return 0;
    case CBC:
        if(eq_case(algoname, "aes")) {
            if(atoi(fpart) == 128)
                return GNUTLS_CIPHER_AES_128_CBC;
            if(atoi(fpart) == 192)
                return GNUTLS_CIPHER_AES_192_CBC;
            if(atoi(fpart) == 256)
                return GNUTLS_CIPHER_AES_256_CBC;
            return 0;
        }
        if(eq_case(algoname, "camellia")) {
            if(atoi(fpart) == 128)
                return GNUTLS_CIPHER_CAMELLIA_128_CBC;
            if(atoi(fpart) == 256)
                return GNUTLS_CIPHER_CAMELLIA_256_CBC;
            return 0;
        }
        if(eq_case(algoname, "3des"))
            return GNUTLS_CIPHER_3DES_CBC;
        if(eq_case(algoname, "des"))
            return GNUTLS_CIPHER_DES_CBC;
        if(eq_case(algoname, "rc2"))
            return GNUTLS_CIPHER_RC2_40_CBC;
        return 0;
    default:
        if(eq_case(algoname, "arc4") || eq_case(algoname, "arcfour")) {
            if(atoi(fpart) == 40)
                return GNUTLS_CIPHER_ARCFOUR_40;
            if(atoi(fpart) == 128)
                return GNUTLS_CIPHER_ARCFOUR_128;
        }
        return 0;
    }
}