diff --git a/Crypto/include/Poco/Crypto/Cipher.h b/Crypto/include/Poco/Crypto/Cipher.h index 05bb9e3ae..fbe0c30ae 100644 --- a/Crypto/include/Poco/Crypto/Cipher.h +++ b/Crypto/include/Poco/Crypto/Cipher.h @@ -35,7 +35,7 @@ class CryptoTransform; class Crypto_API Cipher: public Poco::RefCountedObject /// Represents the abstract base class from which all implementations of - /// symmetric/assymetric encryption algorithms must inherit. Use the CipherFactory + /// symmetric/asymmetric encryption algorithms must inherit. Use the CipherFactory /// class to obtain an instance of this class: /// /// CipherFactory& factory = CipherFactory::defaultFactory(); @@ -55,7 +55,7 @@ class Crypto_API Cipher: public Poco::RefCountedObject /// decrypt strings or, in conjunction with a CryptoInputStream or a /// CryptoOutputStream, to encrypt streams of data. /// - /// Since encrypted strings will contain arbitary binary data that will cause + /// Since encrypted strings will contain arbitrary binary data that will cause /// problems in applications that are not binary-safe (eg., when sending /// encrypted data in e-mails), the encryptString() and decryptString() can /// encode (or decode, respectively) encrypted data using a "transport encoding". @@ -105,7 +105,7 @@ public: /// Returns the name of the Cipher. virtual CryptoTransform* createEncryptor() = 0; - /// Creates an encrytor object to be used with a CryptoStream. + /// Creates an encryptor object to be used with a CryptoStream. virtual CryptoTransform* createDecryptor() = 0; /// Creates a decryptor object to be used with a CryptoStream. diff --git a/Crypto/include/Poco/Crypto/CipherImpl.h b/Crypto/include/Poco/Crypto/CipherImpl.h index 905b9287b..d6e8e0e79 100644 --- a/Crypto/include/Poco/Crypto/CipherImpl.h +++ b/Crypto/include/Poco/Crypto/CipherImpl.h @@ -43,10 +43,10 @@ public: /// Returns the name of the cipher. CryptoTransform* createEncryptor(); - /// Creates an encrytor object. + /// Creates an encryptor object. CryptoTransform* createDecryptor(); - /// Creates a decrytor object. + /// Creates a decryptor object. private: CipherKey _key; diff --git a/Crypto/include/Poco/Crypto/CipherKey.h b/Crypto/include/Poco/Crypto/CipherKey.h index 6b1ad36bc..b102cc231 100644 --- a/Crypto/include/Poco/Crypto/CipherKey.h +++ b/Crypto/include/Poco/Crypto/CipherKey.h @@ -45,6 +45,16 @@ class Crypto_API CipherKey /// std::string salt("asdff8723lasdf(**923412"); /// CipherKey key("aes-256", password, salt); /// + /// You may also control the digest and the number of iterations used to generate the key + /// by specifying the specific values. Here we create a key with the same data as before, + /// except that we use 100 iterations instead of DEFAULT_ITERATION_COUNT, and sha1 instead of + /// the default md5: + /// + /// std::string password = "secret"; + /// std::string salt("asdff8723lasdf(**923412"); + /// std::string digest ("sha1"); + /// CipherKey key("aes-256", password, salt, 100, digest); + /// { public: typedef CipherKeyImpl::Mode Mode; @@ -64,7 +74,7 @@ public: int iterationCount = DEFAULT_ITERATION_COUNT, const std::string& digest = "md5"); /// Creates a new CipherKeyImpl object using the given - /// cipher name, passphrase, salt value and iteration count. + /// cipher name, passphrase, salt value, iteration count and digest. CipherKey(const std::string& name, const ByteVec& key, diff --git a/Crypto/include/Poco/Crypto/CryptoException.h b/Crypto/include/Poco/Crypto/CryptoException.h index 93a05a985..34c15111e 100644 --- a/Crypto/include/Poco/Crypto/CryptoException.h +++ b/Crypto/include/Poco/Crypto/CryptoException.h @@ -21,7 +21,6 @@ #include "Poco/Crypto/Crypto.h" #include "Poco/Exception.h" -#include namespace Poco { diff --git a/Crypto/include/Poco/Crypto/ECKey.h b/Crypto/include/Poco/Crypto/ECKey.h index 3a0307d32..14f2ac0a1 100644 --- a/Crypto/include/Poco/Crypto/ECKey.h +++ b/Crypto/include/Poco/Crypto/ECKey.h @@ -88,6 +88,16 @@ public: /// /// If no curves are found, returns empty string; + static int getCurveNID(std::string& name); + /// Returns the NID of the specified curve. + /// + /// If name is empty, returns the first curve NID + /// and updates the name accordingly. + + static bool hasCurve(const std::string& name); + /// Returns true if the named curve is found, + /// false otherwise. + private: ECKeyImpl::Ptr _pImpl; }; @@ -108,6 +118,18 @@ inline std::string ECKey::getCurveName(int nid) } +inline int ECKey::getCurveNID(std::string& name) +{ + return ECKeyImpl::getCurveNID(name); +} + + +inline bool ECKey::hasCurve(const std::string& name) +{ + return ECKeyImpl::hasCurve(name); +} + + } } // namespace Poco::Crypto diff --git a/Crypto/include/Poco/Crypto/ECKeyImpl.h b/Crypto/include/Poco/Crypto/ECKeyImpl.h index f20c0e1d1..840764304 100644 --- a/Crypto/include/Poco/Crypto/ECKeyImpl.h +++ b/Crypto/include/Poco/Crypto/ECKeyImpl.h @@ -113,6 +113,16 @@ public: /// /// If no curves are found, returns empty string; + static int getCurveNID(std::string& name); + /// Returns the NID of the specified curve. + /// + /// If name is empty, returns the first curve NID + /// and updates the name accordingly. + + static bool hasCurve(const std::string& name); + /// Returns true if the named curve is found, + /// false otherwise. + private: void checkEC(const std::string& method, const std::string& func) const; void freeEC(); diff --git a/Crypto/include/Poco/Crypto/EVPPKey.h b/Crypto/include/Poco/Crypto/EVPPKey.h index dacb57de4..fbcdad5b1 100644 --- a/Crypto/include/Poco/Crypto/EVPPKey.h +++ b/Crypto/include/Poco/Crypto/EVPPKey.h @@ -282,6 +282,7 @@ private: friend class RSAKeyImpl; }; + // // inlines // @@ -314,6 +315,7 @@ inline int EVPPKey::type() const return type(_pEVPPKey); } + inline bool EVPPKey::isSupported(int type) const { return type == EVP_PKEY_EC || type == EVP_PKEY_RSA; diff --git a/Crypto/include/Poco/Crypto/RSACipherImpl.h b/Crypto/include/Poco/Crypto/RSACipherImpl.h index daa951831..2ebc38e3b 100644 --- a/Crypto/include/Poco/Crypto/RSACipherImpl.h +++ b/Crypto/include/Poco/Crypto/RSACipherImpl.h @@ -31,7 +31,7 @@ namespace Crypto { class RSACipherImpl: public Cipher /// An implementation of the Cipher class for - /// assymetric (public-private key) encryption + /// asymmetric (public-private key) encryption /// based on the the RSA algorithm in OpenSSL's /// crypto library. /// @@ -50,10 +50,10 @@ public: /// Returns the name of the Cipher. CryptoTransform* createEncryptor(); - /// Creates an encrytor object. + /// Creates an encryptor object. CryptoTransform* createDecryptor(); - /// Creates a decrytor object. + /// Creates a decryptor object. private: RSAKey _key; diff --git a/Crypto/include/Poco/Crypto/RSADigestEngine.h b/Crypto/include/Poco/Crypto/RSADigestEngine.h index 5e4b5240a..7c4d38605 100644 --- a/Crypto/include/Poco/Crypto/RSADigestEngine.h +++ b/Crypto/include/Poco/Crypto/RSADigestEngine.h @@ -84,7 +84,7 @@ public: const DigestEngine::Digest& signature(); /// Signs the digest using the RSA algorithm - /// and the private key (teh first time it's + /// and the private key (the first time it's /// called) and returns the result. /// /// Can be called multiple times. diff --git a/Crypto/include/Poco/Crypto/X509Certificate.h b/Crypto/include/Poco/Crypto/X509Certificate.h index 9ef4a614b..412e88eec 100644 --- a/Crypto/include/Poco/Crypto/X509Certificate.h +++ b/Crypto/include/Poco/Crypto/X509Certificate.h @@ -194,6 +194,7 @@ private: // inlines // + inline long X509Certificate::version() const { // This is defined by standards (X.509 et al) to be diff --git a/Crypto/src/CryptoException.cpp b/Crypto/src/CryptoException.cpp index 56fd92824..a4450af9b 100644 --- a/Crypto/src/CryptoException.cpp +++ b/Crypto/src/CryptoException.cpp @@ -16,6 +16,7 @@ #include "Poco/Crypto/CryptoException.h" #include "Poco/NumberFormatter.h" #include +#include namespace Poco { diff --git a/Crypto/src/ECKeyImpl.cpp b/Crypto/src/ECKeyImpl.cpp index 8acc005e8..99ffae760 100644 --- a/Crypto/src/ECKeyImpl.cpp +++ b/Crypto/src/ECKeyImpl.cpp @@ -205,4 +205,54 @@ std::string ECKeyImpl::getCurveName(int nid) } +int ECKeyImpl::getCurveNID(std::string& name) +{ + std::string curveName; + size_t len = EC_get_builtin_curves(NULL, 0); + EC_builtin_curve* pCurves = + (EC_builtin_curve*)OPENSSL_malloc(static_cast(sizeof(EC_builtin_curve) * len)); + if (!pCurves) return -1; + + if (!EC_get_builtin_curves(pCurves, len)) + { + OPENSSL_free(pCurves); + return -1; + } + + int nid = -1; + const int bufLen = 128; + char buf[bufLen]; + if (name.empty()) + { + std::memset(buf, 0, bufLen); + OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(nid), 0); + name = buf; + nid = pCurves[0].nid; + } + else + { + for (int i = 0; i < len; ++i) + { + std::memset(buf, 0, bufLen); + OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(pCurves[i].nid), 0); + if (strncmp(name.c_str(), buf, name.size() > bufLen ? bufLen : name.size()) == 0) + { + nid = pCurves[i].nid; + break; + } + } + } + + OPENSSL_free(pCurves); + return nid; +} + + +bool ECKeyImpl::hasCurve(const std::string& name) +{ + std::string tmp(name); + return (-1 != getCurveNID(tmp)); +} + + } } // namespace Poco::Crypto