int rsa_sign( rsa_ctx *ctx, int h_len, const uchar *hash, uchar *sig )
{
int ret = 0;
int nb_pad = 0, olen = 0;
uchar *p = sig;
/* ---------------- */
/* init */
/* ---------------- */
olen = ctx->len;
*p++ = 0;
*p++ = RSA_SIGN;
/* ---------------- */
/* PKCS 1.5 */
/* ---------------- */
nb_pad = olen - 3 - h_len;
if( nb_pad < 8 )
{
ret = E_RSA_BAD_INPUT_DATA;
goto _err;
}
memset( p, MASK, nb_pad );
p = p + nb_pad;
*p++ = 0;
/* ---------------- */
/* RAW padding */
/* ---------------- */
memcpy( p, hash, h_len );
/* ---------------- */
/* private key */
/* ---------------- */
return rsa_pri( ctx, sig, sig );
_err:
return ret;
}
bool http_proxy_server_config::load_config(const std::string& config_data)
{
bool rollback = true;
std::shared_ptr<bool> auto_rollback(&rollback, [this](bool* rollback) {
if (*rollback) {
this->config_map.clear();
authentication::get_instance().remove_all_users();
}
});
jsonxx::Object json_obj;
if (!json_obj.parse(config_data)) {
std::cerr << "Failed to parse config" << std::endl;
return false;
}
if (json_obj.has<jsonxx::String>("bind_address")) {
this->config_map["bind_address"] = std::string(json_obj.get<jsonxx::String>("bind_address"));
}
else {
this->config_map["bind_address"] = std::string("0.0.0.0");
}
if (json_obj.has<jsonxx::Number>("listen_port")) {
this->config_map["listen_port"] = static_cast<unsigned short>(json_obj.get<jsonxx::Number>("listen_port"));
}
else {
this->config_map["listen_port"] = static_cast<unsigned short>(8090);
}
if (!json_obj.has<jsonxx::String>("rsa_private_key")) {
std::cerr << "Could not find \"rsa_private_key\" in config or it's value is not a string" << std::endl;
return false;
}
const std::string& rsa_private_key = json_obj.get<jsonxx::String>("rsa_private_key");
try {
rsa rsa_pri(rsa_private_key);
if (rsa_pri.modulus_size() < 128) {
std::cerr << "Must use RSA keys of at least 1024 bits" << std::endl;
return false;
}
}
catch (const std::exception&) {
std::cerr << "The value of rsa_private_key is bad" << std::endl;
return false;
}
this->config_map["rsa_private_key"] = rsa_private_key;
if (json_obj.has<jsonxx::Number>("timeout")) {
int timeout = static_cast<int>(json_obj.get<jsonxx::Number>("timeout"));
this->config_map["timeout"] = static_cast<unsigned int>(timeout < 30 ? 30 : timeout);
}
else {
this->config_map["timeout"] = 240u;
}
if (json_obj.has<jsonxx::Number>("workers")) {
int threads = static_cast<int>(json_obj.get<jsonxx::Number>("workers"));
this->config_map["workers"] = static_cast<unsigned int>(threads < 1 ? 1 : (threads > 16 ? 16 : threads));
}
else {
this->config_map["workers"] = 4u;
}
if (json_obj.has<jsonxx::Boolean>("auth")) {
this->config_map["auth"] = json_obj.get<jsonxx::Boolean>("auth");
if (!json_obj.has<jsonxx::Array>("users")) {
std::cerr << "Could not find \"users\" in config or it's value is not a array" << std::endl;
return false;
}
const jsonxx::Array& users_array = json_obj.get<jsonxx::Array>("users");
for (size_t i = 0; i < users_array.size(); ++i) {
if (!users_array.has<jsonxx::Object>(i) || !users_array.get<jsonxx::Object>(i).has<jsonxx::String>("username") || !users_array.get<jsonxx::Object>(i).has<jsonxx::String>("username")) {
std::cerr << "The value of \"users\" contains unexpected element" << std::endl;
return false;
}
authentication::get_instance().add_user(users_array.get<jsonxx::Object>(i).get<jsonxx::String>("username"),
users_array.get<jsonxx::Object>(i).get<jsonxx::String>("password"));
}
}
else {
this->config_map["auth"] = false;
}
rollback = false;
return true;
}