//static
std::string KVFlickrRequest::getSignatureForCall(const LLSD& parameters, bool encoded)
{
std::vector<std::string> keys;
for(LLSD::map_const_iterator itr = parameters.beginMap(); itr != parameters.endMap(); ++itr)
{
keys.push_back(itr->first);
}
std::sort(keys.begin(), keys.end());
std::string to_hash(KV_FLICKR_API_SECRET);
for(std::vector<std::string>::const_iterator itr = keys.begin(); itr != keys.end(); ++itr)
{
to_hash += *itr;
if(encoded)
{
to_hash += LLURI::escapeQueryValue(parameters[*itr].asString());
}
else
{
to_hash += parameters[*itr].asString();
}
}
LLMD5 hashed((const unsigned char*)to_hash.c_str());
char hex_hash[MD5HEX_STR_SIZE];
hashed.hex_digest(hex_hash);
return std::string(hex_hash);
}
void Traverser::UniqueVertexGetter::reset(VPackSlice startVertex) {
_returnedVertices.clear();
arangodb::basics::VPackHashedSlice hashed(startVertex);
// The startVertex always counts as visited!
_returnedVertices.emplace(hashed);
}
bool Traverser::UniqueVertexGetter::getVertex(
VPackSlice edge, std::vector<VPackSlice>& result) {
VPackSlice toAdd = Transaction::extractFromFromDocument(edge);
VPackSlice cmp = result.back();
if (toAdd == cmp) {
toAdd = Transaction::extractToFromDocument(edge);
}
arangodb::basics::VPackHashedSlice hashed(toAdd);
// First check if we visited it. If not, then mark
if (_returnedVertices.find(hashed) != _returnedVertices.end()) {
// This vertex is not unique.
++_traverser->_filteredPaths;
return false;
} else {
_returnedVertices.emplace(hashed);
}
if (!_traverser->vertexMatchesConditions(toAdd, result.size())) {
return false;
}
result.emplace_back(toAdd);
return true;
}
/* on_changeButton_clicked()
* Called : When User Clicks Change Button
* Performs : Saves Changes to Admin/User Password
*/
void Config::on_changeButton_clicked()
{
if (newPasswordLE->text()==confirmPasswordLE->text() && !newPasswordLE->text().isEmpty())
{
if(newPasswordLE->text().size()<5)
QMessageBox::information(this,tr("DocmaQ Password Manager"),tr("Password should atleast have 5 characters !"));
else
{
QCryptographicHash hashed(QCryptographicHash::Sha1);
hashed.addData(QVariant(confirmPasswordLE->text()).toByteArray());
QSettings *settings1=new QSettings(QSettings::SystemScope,"DocmaQ","App");
settings1->setValue("logins/"+userCombo->currentText(),hashed.result());
if (settings->status()!= QSettings::NoError)
QMessageBox::warning(this,tr("DocmaQ Password Manager"),tr("Password could not be Changed.Contact Admin software Dept !!"));
else
QMessageBox::information(this,"DocmaQ Password Manager","Password Changed.");
}
}
else
{
QMessageBox::information(this,"DocmaQ Password Manager","Passwords do not match");
newPasswordLE->clear();
confirmPasswordLE->clear();
newPasswordLE->setFocus();
}
}
/* adminAuthentication()
* Called : When Users hits Enter key on Admin Password LineEdit
* Performs : Checks for Admin
*/
void Config::adminAuthentication()
{
QString passwd=adminPasswordLE->text();
if(passwd.isEmpty())
return;
QCryptographicHash hashed(QCryptographicHash::Sha1);
hashed.addData (QVariant(passwd).toByteArray());
QSettings *settings1=new QSettings(QSettings::SystemScope,"DocmaQ","App");
if (hashed.result()==settings1->value("logins/admin").toByteArray())
{
stackedWidget->setEnabled(true);
puLabel->hide();
adminPasswordLE->hide();
getConfig->getDatabaseDetails(databaseDetails);
fillDatabaseSettings();
fillLogSettings();
}
else
{
QMessageBox::critical(this,"DocmaQ Authentication"," Incorrect Password !");
adminPasswordLE->clear();
}
}
/*!
* \brief HashTreeSup<Data, Hasher>::getSubsets
* \param data
* \return
*/
std::list<std::pair<std::vector<Data>,unsigned long>> HashTreeSup<Data,Hasher>::getSubsets(const Itemset &data){
std::list<ItemsetSup> results;
Itemset hashed(data.size());
for(auto it = data.cbegin();it != data.cend(); ++it){
hashed[ it - data.cbegin() ] = hash(*it);
}
run(root,results,data,hashed);
return std::move(results);
}
std::string hash_sha512(std::string input)
{
CryptoPP::SHA512 sha;
unsigned char* buffer = new unsigned char[sha.DigestSize()];
unsigned char* inputbytes = new unsigned char[input.size()];
memcpy(inputbytes, input.c_str(), input.size());
sha.CalculateDigest(buffer, inputbytes, input.size());
char* hashedbytes = new char[sha.DigestSize()];
memcpy(hashedbytes, buffer, sha.DigestSize());
std::string hashed(hashedbytes, sha.DigestSize());
delete[] buffer;
delete[] inputbytes;
delete[] hashedbytes;
return hashed;
}
// is this a scan bypass URL? i.e. a "magic" URL for retrieving a previously scanned file
bool HTTPHeader::isScanBypassURL(String * url, const char *magic, const char *clientip)
{
if ((*url).length() <= 45)
return false; // Too short, can't be a bypass
if (!(*url).contains("GSBYPASS="******"URL GSBYPASS found checking..." << std::endl;
#endif
String url_left((*url).before("GSBYPASS="******"GSBYPASS="******"URL: " << url_left << ", HASH: " << url_hash << std::endl;
#endif
// format is:
// GSBYPASS=hash(ip+url+tempfilename+mime+disposition+secret)
// &N=tempfilename&M=mimetype&D=dispos
String tempfilename(url_right.after("&N="));
String tempfilemime(tempfilename.after("&M="));
String tempfiledis(tempfilemime.after("&D="));
tempfilemime = tempfilemime.before("&D=");
tempfilename = tempfilename.before("&M=");
String tohash(clientip + url_left + tempfilename + tempfilemime + tempfiledis + magic);
String hashed(tohash.md5());
#ifdef DGDEBUG
std::cout << "checking hash: " << clientip << " " << url_left << " " << tempfilename << " " << " " << tempfilemime << " " << tempfiledis << " " << magic << " " << hashed << std::endl;
#endif
if (hashed == url_hash) {
return true;
}
#ifdef DGDEBUG
std::cout << "URL GSBYPASS HASH mismatch" << std::endl;
#endif
return false;
}
bool Traverser::UniqueVertexGetter::getSingleVertex(
VPackSlice edge, VPackSlice cmp, size_t depth, VPackSlice& result) {
result = Transaction::extractFromFromDocument(edge);
if (cmp == result) {
result = Transaction::extractToFromDocument(edge);
}
arangodb::basics::VPackHashedSlice hashed(result);
// First check if we visited it. If not, then mark
if (_returnedVertices.find(hashed) != _returnedVertices.end()) {
// This vertex is not unique.
++_traverser->_filteredPaths;
return false;
} else {
_returnedVertices.emplace(hashed);
}
return _traverser->vertexMatchesConditions(result, depth);
}
/* adminAuthentication()
* Called : When Users hits Enter key on Admin Password LineEdit
* Performs : Checks for Admin
*/
void Settings::adminAuthentication()
{
QString passwd=adminPasswordLE->text();
if(passwd.isEmpty())
return;
QCryptographicHash hashed(QCryptographicHash::Sha1);
hashed.addData (QVariant(passwd).toByteArray());
QSettings *settings1=new QSettings(QSettings::SystemScope,"DocmaQ","App");
if (hashed.result()==settings1->value("logins/admin").toByteArray())
{
databaseGB->setEnabled(true);
changePasswordGB->setEnabled(true);
logGB->setEnabled(true);
userCombo->setEnabled(true);
connectButton->setEnabled(true);
//fill interface same as undo for first time
pLabel->hide();
pLabel2->hide();
pLabel3->hide();
puLabel->hide();
adminPasswordLE->hide();
tcRB2->show();
au = true;
getSettings->getDatabaseDetails(databaseDetails);
fillDatabaseSettings();
fillLogSettings();
}
else
{
QMessageBox::critical(this,"DocmaQ Authentication"," Incorrect Password !");
adminPasswordLE->clear();
}
}
// is this a temporary filter bypass cookie?
bool HTTPHeader::isBypassCookie(String url, const char *magic, const char *clientip)
{
String cookie(getCookie("GBYPASS"));
if (!cookie.length()) {
#ifdef DGDEBUG
std::cout << "No bypass cookie" << std::endl;
#endif
return false;
}
String cookiehash(cookie.subString(0, 32));
String cookietime(cookie.after(cookiehash.toCharArray()));
String mymagic(magic);
mymagic += clientip;
mymagic += cookietime;
bool matched = false;
while(url.contains(".")) {
String hashed(url.md5(mymagic.toCharArray()));
if (hashed == cookiehash) {
matched = true;
break;
}
url = url.after(".");
}
if (not matched) {
#ifdef DGDEBUG
std::cout << "Cookie GBYPASS not match" << std::endl;
#endif
return false;
}
time_t timen = time(NULL);
time_t timeu = cookietime.toLong();
if (timeu < timen) {
#ifdef DGDEBUG
std::cout << "Cookie GBYPASS expired: " << timeu << " " << timen << std::endl;
#endif
return false;
}
return true;
}
bool ServerThread::verify(const QString & name, const QString & password)
{
if(!database->existsUser(name.toStdString()))
{
return false;
}
auto info = database->getUserByName(name.toStdString());
QString s(password);
s = s + info.getSalt();
unsigned char hash[32];
sha2((unsigned char*) s.toUtf8().constData(), s.length(), hash, 0);
char * base = getAscii85((char*) hash, 32);
QString hashed(base);
free(base);
if(hashed != info.getPass())
{
return false;
}
return true;
}
// is this a temporary filter bypass URL?
int HTTPHeader::isBypassURL(String * url, const char *magic, const char *clientip, bool *isvirusbypass)
{
if ((*url).length() <= 45)
return false; // Too short, can't be a bypass
// check to see if this is a bypass URL, and which type it is
bool filterbypass = false;
bool virusbypass = false;
if ((isvirusbypass == NULL) && ((*url).contains("GBYPASS="******"GIBYPASS="******"URL " << (filterbypass ? "GBYPASS" : "GIBYPASS") << " found checking..." << std::endl;
#endif
String url_left((*url).before(filterbypass ? "GBYPASS="******"GIBYPASS="******"GBYPASS="******"GIBYPASS="******"URL: " << url_left << ", HASH: " << url_hash << ", TIME: " << url_time << std::endl;
#endif
String mymagic(magic);
mymagic += clientip;
mymagic += url_time;
String hashed(url_left.md5(mymagic.toCharArray()));
if (hashed != url_hash) {
#ifdef DGDEBUG
std::cout << "URL " << (filterbypass ? "GBYPASS" : "GIBYPASS") << " hash mismatch" << std::endl;
#endif
return 0;
}
time_t timen = time(NULL);
time_t timeu = url_time.toLong();
if (timeu < 1) {
#ifdef DGDEBUG
std::cout << "URL " << (filterbypass ? "GBYPASS" : "GIBYPASS") << " bad time value" << std::endl;
#endif
return 1; // bad time value
}
if (timeu < timen) { // expired key
#ifdef DGDEBUG
std::cout << "URL " << (filterbypass ? "GBYPASS" : "GIBYPASS") << " expired" << std::endl;
#endif
return 1; // denotes expired but there
}
#ifdef DGDEBUG
std::cout << "URL " << (filterbypass ? "GBYPASS" : "GIBYPASS") << " not expired" << std::endl;
#endif
if (virusbypass)
(*isvirusbypass) = true;
return (int) timeu;
}
