示例#1
0
void ThreadSleep::Sleep(unsigned int milliseconds)
{
	Glib::Mutex condMutex;
	Glib::Cond condition;
	condMutex.lock();
	Glib::TimeVal wait_period(milliseconds/1000,milliseconds%1000);
	Glib::TimeVal abs_time;
	abs_time.assign_current_time();
	abs_time.add(wait_period);
	condition.timed_wait(condMutex, abs_time);
	condMutex.unlock();
}
示例#2
0
bool init_xmlsec(void) {
  if(!has_init) {
    init_lock_.lock();
    has_init = true;
    init_lock_.unlock();

    //Init libxml and libxslt libraries
    xmlInitParser();

    //Init xmlsec library
    if(xmlSecInit() < 0) {
      std::cerr<<"XMLSec initialization failed"<<std::endl;
      goto err;
    }

    /* Load default crypto engine if we are supporting dynamic
     * loading for xmlsec-crypto libraries. Use the crypto library
     * name ("openssl", "nss", etc.) to load corresponding
     * xmlsec-crypto library.
     */
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
    if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
      std::cerr<<"Unable to load default xmlsec-crypto library. Make sure"
                        "that you have it installed and check shared libraries path"
                        "(LD_LIBRARY_PATH) envornment variable."<<std::endl;
      goto err;
    }
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */

    // Init crypto library
    if(xmlSecCryptoAppInit(NULL) < 0) {
      std::cerr<<"crypto initialization failed"<<std::endl;
      goto err;
    }

    //Init xmlsec-crypto library
    if(xmlSecCryptoInit() < 0) {
      std::cerr<<"xmlsec-crypto initialization failed"<<std::endl;
      goto err;
    }

    return true;

err:
    init_lock_.lock();
    has_init = false;
    init_lock_.unlock();
    return false;
  }
  return true;
}
示例#3
0
bool final_xmlsec(void) {
  if(has_init) {
    init_lock_.lock();
    has_init = false;
    init_lock_.unlock();

    //Shutdown xmlsec-crypto library
    xmlSecCryptoShutdown();
    //Shutdown crypto library 
    xmlSecCryptoAppShutdown();  
    //Shutdown xmlsec library
    xmlSecShutdown();
    //Shutdown libxml
    xmlCleanupParser();
  }
  return true;
}
示例#4
0
namespace Arc {

int passphrase_callback(char* buf, int size, int /* rwflag */, void *) {
  int len;
  char prompt[128];
  snprintf(prompt, sizeof(prompt), "Enter passphrase for the key file: \n");
  int r = EVP_read_pw_string(buf, size, prompt, 0);
  if(r != 0) {
    std::cerr<<"Failed to read passphrase from stdin"<<std::endl;
    return -1;
  }
  len = strlen(buf);
  if(buf[len-1] == '\n') {
    buf[len-1] = '\0';
    len--;
  }
  return len;
}

static Glib::Mutex init_lock_;
static bool has_init = false;

bool init_xmlsec(void) {
  if(!has_init) {
    init_lock_.lock();
    has_init = true;
    init_lock_.unlock();

    //Init libxml and libxslt libraries
    xmlInitParser();

    //Init xmlsec library
    if(xmlSecInit() < 0) {
      std::cerr<<"XMLSec initialization failed"<<std::endl;
      goto err;
    }

    /* Load default crypto engine if we are supporting dynamic
     * loading for xmlsec-crypto libraries. Use the crypto library
     * name ("openssl", "nss", etc.) to load corresponding
     * xmlsec-crypto library.
     */
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
    if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
      std::cerr<<"Unable to load default xmlsec-crypto library. Make sure"
                        "that you have it installed and check shared libraries path"
                        "(LD_LIBRARY_PATH) envornment variable."<<std::endl;
      goto err;
    }
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */

    // Init crypto library
    if(xmlSecCryptoAppInit(NULL) < 0) {
      std::cerr<<"crypto initialization failed"<<std::endl;
      goto err;
    }

    //Init xmlsec-crypto library
    if(xmlSecCryptoInit() < 0) {
      std::cerr<<"xmlsec-crypto initialization failed"<<std::endl;
      goto err;
    }

    return true;

err:
    init_lock_.lock();
    has_init = false;
    init_lock_.unlock();
    return false;
  }
  return true;
}

bool final_xmlsec(void) {
  if(has_init) {
    init_lock_.lock();
    has_init = false;
    init_lock_.unlock();

    //Shutdown xmlsec-crypto library
    xmlSecCryptoShutdown();
    //Shutdown crypto library 
    xmlSecCryptoAppShutdown();  
    //Shutdown xmlsec library
    xmlSecShutdown();
    //Shutdown libxml
    xmlCleanupParser();
  }
  return true;
}

//Get certificate piece (the string under BEGIN CERTIFICATE : END CERTIFICATE) from a certificate file
std::string get_cert_str(const char* certfile) {
  std::ifstream is(certfile);
  std::string cert;
  std::getline(is,cert, char(0));
  std::size_t pos = cert.find("BEGIN CERTIFICATE");
  if(pos != std::string::npos) {
    std::size_t pos1 = cert.find_first_of("---", pos);
    std::size_t pos2 = cert.find_first_not_of("-", pos1);
    std::size_t pos3 = cert.find_first_of("---", pos2);
    std::string str = cert.substr(pos2+1, pos3-pos2-2);
    return str;
  }
  return ("");
}

xmlSecKey* get_key_from_keyfile(const char* keyfile) {
  std::string key_str;
  std::ifstream is(keyfile);
  std::getline(is,key_str, char(0));

  xmlSecKeyPtr key = NULL;
  key = get_key_from_keystr(key_str);
  return key;
}

//Get key from a binary key 
xmlSecKey* get_key_from_keystr(const std::string& value) {//, const bool usage) { 
  xmlSecKey *key = NULL;
  xmlSecKeyDataFormat key_formats[] = {
    xmlSecKeyDataFormatDer,
    xmlSecKeyDataFormatCertDer,
    xmlSecKeyDataFormatPkcs8Der,
    xmlSecKeyDataFormatCertPem,
    xmlSecKeyDataFormatPkcs8Pem,
    xmlSecKeyDataFormatPem,
    xmlSecKeyDataFormatBinary,
    (xmlSecKeyDataFormat)0
  };

  int rc;

  //We need to remove the "BEGIN RSA PRIVATE KEY" and "END RSA PRIVATE KEY" 
  //if they exit in the input parameter
  std::string v;
  std::size_t pos1, pos2;
  pos1 = value.find("BEGIN RSA PRIVATE KEY");
  if(pos1 == std::string::npos) {
    pos1 = value.find("BEGIN RSA PUBLIC KEY");
  }
  if(pos1 != std::string::npos) {
    pos1 = pos1 + 21;
    pos2 = value.find_first_not_of("-", pos1);
    v = value.substr(pos2);
    pos2 = v.find_first_of("-");
    v.resize(pos2);
  }
  else v = value;

  xmlSecErrorsDefaultCallbackEnableOutput(FALSE);
  xmlSecByte* tmp_str = new xmlSecByte[v.size()];
  memset(tmp_str,0,v.size());

  rc = xmlSecBase64Decode((const xmlChar*)(v.c_str()), tmp_str, v.size());
  if (rc < 0) {
    //bad base-64
    memcpy(tmp_str,v.c_str(),v.size());
    rc = v.size();
  }
  for (int i=0; key_formats[i] && key == NULL; i++) {
    key = xmlSecCryptoAppKeyLoadMemory(tmp_str, rc, key_formats[i], NULL, NULL, NULL);
  }
  delete[] tmp_str;
  xmlSecErrorsDefaultCallbackEnableOutput(TRUE);

  return key;
}

//Get key from a cert file, return string
std::string get_key_from_certfile(const char* certfile) {
  BIO* certbio = NULL;
  certbio = BIO_new_file(certfile, "r");
  X509* cert = NULL;
  cert = PEM_read_bio_X509(certbio, NULL, NULL, NULL); 
  EVP_PKEY* key = NULL;
  key = X509_get_pubkey(cert);

  BIO* out = NULL;
  out = BIO_new(BIO_s_mem());
  PEM_write_bio_PUBKEY(out, key);

  std::string pubkey_str;
  for(;;) {
    char s[256];
    int l = BIO_read(out,s,sizeof(s));
    if(l <= 0) break;
    pubkey_str.append(s,l);;
  }

  EVP_PKEY_free(key);
  X509_free(cert);
  BIO_free_all(certbio);
  BIO_free_all(out);

  if(!pubkey_str.empty()) {
    std::size_t pos = pubkey_str.find("BEGIN PUBLIC KEY");
    if(pos != std::string::npos) {
      std::size_t pos1 = pubkey_str.find_first_of("---", pos);
      std::size_t pos2 = pubkey_str.find_first_not_of("-", pos1);
      std::size_t pos3 = pubkey_str.find_first_of("---", pos2);
      std::string str = pubkey_str.substr(pos2+1, pos3-pos2-2);
      return str;
    }
    return ("");
  }
  return pubkey_str;
}

//Get key from a cert string
xmlSecKey* get_key_from_certstr(const std::string& value) {
  xmlSecKey *key = NULL;
  xmlSecKeyDataFormat key_formats[] = {
    xmlSecKeyDataFormatDer,
    xmlSecKeyDataFormatCertDer,
    xmlSecKeyDataFormatPkcs8Der,
    xmlSecKeyDataFormatCertPem,
    xmlSecKeyDataFormatPkcs8Pem,
    xmlSecKeyDataFormatPem,
    xmlSecKeyDataFormatBinary,
    (xmlSecKeyDataFormat)0
  };

  xmlSecErrorsDefaultCallbackEnableOutput(FALSE);

  BIO* certbio = NULL;
  std::string cert_value;
  //Here need to compose a complete certificate
  cert_value.append("-----BEGIN CERTIFICATE-----").append("\n").append(value).append("\n").append("-----END CERTIFICATE-----"
);

  for (int i=0; key_formats[i] && key == NULL; i++) {
    certbio = BIO_new_mem_buf((void*)(cert_value.c_str()), cert_value.size());
    key = xmlSecOpenSSLAppKeyFromCertLoadBIO(certbio, key_formats[i]);
    BIO_free(certbio);
    if(key != NULL) break;
    unsigned long e = ERR_get_error();
    while(e != SSL_ERROR_NONE) {
      e = ERR_get_error();
    }
  }

  xmlSecErrorsDefaultCallbackEnableOutput(TRUE);

  return key;
}

//Load private or public key from a key file into key manager
xmlSecKeysMngrPtr load_key_from_keyfile(xmlSecKeysMngrPtr* keys_manager, const char* keyfile) {
  xmlSecKeysMngrPtr keys_mngr;
  if((keys_manager != NULL) && (*keys_manager != NULL)) keys_mngr = *keys_manager;
  else {
    keys_mngr = xmlSecKeysMngrCreate();
    //initialize keys manager
    if (xmlSecCryptoAppDefaultKeysMngrInit(keys_mngr)<0) {
      std::cerr<<"Can not initialize xmlSecKeysMngr object"<<std::endl;
      xmlSecKeysMngrDestroy(keys_mngr); return NULL;
    }
  }
  if(keys_mngr == NULL) { std::cerr<<"Can not create xmlSecKeysMngr object"<<std::endl; return NULL;}

  std::string key_str;
  std::ifstream is(keyfile);
  std::getline(is,key_str, char(0));

  xmlSecKeyPtr key = get_key_from_keystr(key_str);

  if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(keys_mngr, key) < 0) {
    std::cerr<<"Failed to add key from "<<keyfile<<" to keys manager"<<std::endl;
    xmlSecKeyDestroy(key);
    xmlSecKeysMngrDestroy(keys_mngr);
    return NULL;
  }
  if(keys_manager != NULL) keys_manager = &keys_mngr;
  return keys_mngr;
}

//Load public key from a certificate file into key manager
xmlSecKeysMngrPtr load_key_from_certfile(xmlSecKeysMngrPtr* keys_manager, const char* certfile) {
  xmlSecKeysMngrPtr keys_mngr;
  if((keys_manager != NULL) && (*keys_manager != NULL)) keys_mngr = *keys_manager;
  else {
    keys_mngr = xmlSecKeysMngrCreate();
    //initialize keys manager
    if (xmlSecCryptoAppDefaultKeysMngrInit(keys_mngr)<0) {
      std::cerr<<"Can not initialize xmlSecKeysMngr object"<<std::endl;
      xmlSecKeysMngrDestroy(keys_mngr); return NULL;
    }
  }
  if(keys_mngr == NULL) { std::cerr<<"Can not create xmlSecKeysMngr object"<<std::endl; return NULL;}

  std::string cert_str;
  cert_str = get_cert_str(certfile);
  xmlSecKeyPtr key = get_key_from_certstr(cert_str);

  if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(keys_mngr, key) < 0) {
    std::cerr<<"Failed to add key from "<<certfile<<" to keys manager"<<std::endl;
    xmlSecKeyDestroy(key);
    xmlSecKeysMngrDestroy(keys_mngr);
    return NULL;
  }
  if(keys_manager != NULL) keys_manager = &keys_mngr;
  return keys_mngr;
}

//Load public key from a certificate string into key manager
xmlSecKeysMngrPtr load_key_from_certstr(xmlSecKeysMngrPtr* keys_manager, const std::string& certstr) {
  xmlSecKeysMngrPtr keys_mngr;
  if((keys_manager != NULL) && (*keys_manager != NULL)) keys_mngr = *keys_manager;
  else {
    keys_mngr = xmlSecKeysMngrCreate();
    //initialize keys manager
    if (xmlSecCryptoAppDefaultKeysMngrInit(keys_mngr)<0) {
      std::cerr<<"Can not initialize xmlSecKeysMngr object"<<std::endl;
      xmlSecKeysMngrDestroy(keys_mngr); return NULL;
    }
  }
  if(keys_mngr == NULL) { std::cerr<<"Can not create xmlSecKeysMngr object"<<std::endl; return NULL;}

  xmlSecKeyPtr key = get_key_from_certstr(certstr);
  if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(keys_mngr, key) < 0) {
    std::cerr<<"Failed to add key from "<<certstr<<" to keys manager"<<std::endl;
    xmlSecKeyDestroy(key);
    xmlSecKeysMngrDestroy(keys_mngr);
    return NULL;
  }
  if(keys_manager != NULL) keys_manager = &keys_mngr;
  return keys_mngr;
}


//Load trusted certificate from file
xmlSecKeysMngrPtr load_trusted_cert_file(xmlSecKeysMngrPtr* keys_manager, const char* cert_file) {
  xmlSecKeysMngrPtr keys_mngr;
  if((keys_manager != NULL) && (*keys_manager != NULL)) keys_mngr = *keys_manager;
  else {
    keys_mngr = xmlSecKeysMngrCreate();
    //initialize keys manager
    if (xmlSecCryptoAppDefaultKeysMngrInit(keys_mngr)<0) {
      std::cerr<<"Can not initialize xmlSecKeysMngr object"<<std::endl;
      xmlSecKeysMngrDestroy(keys_mngr); return NULL;
    }
  }
  if(keys_mngr == NULL) { std::cerr<<"Can not create xmlSecKeysMngr object"<<std::endl; return NULL;}
  //load cert from file
  if(cert_file && (strlen(cert_file) != 0))
    if(xmlSecCryptoAppKeysMngrCertLoad(keys_mngr, cert_file, xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) < 0) {
      xmlSecKeysMngrDestroy(keys_mngr);
      return NULL;
    }
  if(keys_manager != NULL) keys_manager = &keys_mngr;
  return keys_mngr;
}

//Could be used for many trusted certificates in string
xmlSecKeysMngrPtr load_trusted_cert_str(xmlSecKeysMngrPtr* keys_manager, const std::string& cert_str) {
  xmlSecKeysMngrPtr keys_mngr;
  if((keys_manager != NULL) && (*keys_manager != NULL)) keys_mngr = *keys_manager;
  else {
    keys_mngr = xmlSecKeysMngrCreate();
    //initialize keys manager
    if (xmlSecCryptoAppDefaultKeysMngrInit(keys_mngr)<0) {
      std::cerr<<"Can not initialize xmlSecKeysMngr object"<<std::endl;
      xmlSecKeysMngrDestroy(keys_mngr); return NULL;
    }
  }
  if(keys_mngr == NULL) { std::cerr<<"Can not create xmlSecKeysMngr object"<<std::endl; return NULL;}

  //load cert from memory
  if(!cert_str.empty())
    if(xmlSecCryptoAppKeysMngrCertLoadMemory(keys_mngr, (const xmlSecByte*)(cert_str.c_str()), 
          (xmlSecSize)(cert_str.size()), xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) < 0) {
      xmlSecKeysMngrDestroy(keys_mngr);
      return NULL;
    }
  if(keys_manager != NULL) keys_manager = &keys_mngr;
  return keys_mngr;
}

//Load trusted cetificates into key manager
xmlSecKeysMngrPtr load_trusted_certs(xmlSecKeysMngrPtr* keys_manager, const char* cafile, const char* capath) {
  xmlSecKeysMngrPtr keys_mngr;
  if((keys_manager != NULL) && (*keys_manager != NULL)) keys_mngr = *keys_manager;
  else {
    keys_mngr = xmlSecKeysMngrCreate();
    //initialize keys manager
    if (xmlSecCryptoAppDefaultKeysMngrInit(keys_mngr)<0) {
      std::cerr<<"Can not initialize xmlSecKeysMngr object"<<std::endl;
      xmlSecKeysMngrDestroy(keys_mngr); return NULL;
    }
  }
  if(keys_mngr == NULL) { std::cerr<<"Can not create xmlSecKeysMngr object"<<std::endl; return NULL;}

  //load ca certs into keys manager, the two method used here could not work in some old xmlsec verion,
  //because of some bug about X509_FILETYPE_DEFAULT and X509_FILETYPE_PEM 
  //load a ca path
  if(capath && (strlen(capath) != 0))
    if(xmlSecOpenSSLAppKeysMngrAddCertsPath(keys_mngr, capath) < 0) {
      xmlSecKeysMngrDestroy(keys_mngr);
      return NULL;
    }
#if 0
  //load a ca file  TODO: can only be used in some new version of xmlsec
  if(cafile && (strlen(cafile) != 0))  
    if(xmlSecOpenSSLAppKeysMngrAddCertsFile(keys_mngr, cafile) < 0) {
      xmlSecKeysMngrDestroy(keys_mngr);
      return NULL;
  }
#endif
  if(cafile && (strlen(cafile) != 0))
    if(xmlSecCryptoAppKeysMngrCertLoad(keys_mngr, cafile, xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) < 0) {
      xmlSecKeysMngrDestroy(keys_mngr);
      return NULL;
    }

  if(keys_manager != NULL) keys_manager = &keys_mngr;
  return keys_mngr;
} 

XMLNode get_node(XMLNode& parent,const char* name) {
  XMLNode n = parent[name];
  if(!n) n=parent.NewChild(name);
  return n;
}

} // namespace Arc