* Added partially completed authssl.cc, as we move towards openpgp authentication.

Once completed this will allow standard ssl authentication and provide the base for the openpgp authenticator, * Tweaks, and removed debug statements. git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@1140 b45a01b8-16f6-495d-af2f-9b41ad6348cc
2025-06-06 13:48:59 -04:00 · 2009-04-22 23:29:16 +00:00 · 2009-04-22 23:29:16 +00:00 · 28df984148
commit 28df984148
parent 5466c447ae
7 changed files with 2194 additions and 26 deletions
--- a/libretroshare/src/pqi/Makefile
+++ b/libretroshare/src/pqi/Makefile
@ -38,7 +38,7 @@ ifdef PQI_USE_XPGP
 	TESTOBJ += xpgp_id.o
 	TESTS   += xpgp_id
 else
-	#SSL_OBJ  = sslcert.o  
+	SSL_OBJ  = authssl.o  
 endif
--- a/libretroshare/src/pqi/authssl.cc
+++ b/libretroshare/src/pqi/authssl.cc
--- a/libretroshare/src/pqi/authssl.h
+++ b/libretroshare/src/pqi/authssl.h
@ -46,7 +46,30 @@
 #include "pqi/pqinetwork.h"
 #include "pqi/p3authmgr.h"
-class AuthXPGP;
+class AuthSSL;
 class sslcert
 {
        public:
        sslcert(X509 *x509, std::string id);
        /* certificate parameters */
        std::string id;
        std::string name;
        std::string location;
        std::string org;
        std::string email;
        std::string fpr;
        std::list<std::string> signers;
        /* Auth settings */
        bool authed;
        /* INTERNAL Parameters */
        X509 *certificate;
 };
 class AuthSSL: public p3AuthMgr
 {
@ -75,6 +98,11 @@ virtual bool    isValid(std::string id);
 virtual bool    isAuthenticated(std::string id);
 virtual	std::string getName(std::string id);
 virtual bool    getDetails(std::string id, pqiAuthDetails &details);
        /* first party trust info (dummy) */
 virtual bool isTrustingMe(std::string id) ;
 virtual void addTrustingPeer(std::string id) ;
 	/* High Level Load/Save Configuration */
 virtual bool FinalSaveCertificates();
@ -94,6 +122,8 @@ virtual	bool SaveCertificateToBinary(std::string id, uint8_t **ptr, uint32_t *le
 	/* Signatures */
 virtual bool AuthCertificate(std::string uid);
 		/* These are dummy functions */
 virtual bool SignCertificate(std::string id);
 virtual bool RevokeCertificate(std::string id);
 virtual bool TrustCertificate(std::string id, bool trust);
@ -101,6 +131,10 @@ virtual bool TrustCertificate(std::string id, bool trust);
 	/* Sign / Encrypt / Verify Data (TODO) */
 virtual bool 	SignData(std::string input, std::string &sign);
 virtual bool 	SignData(const void *data, const uint32_t len, std::string &sign);
 virtual bool 	SignDataBin(std::string, unsigned char*, unsigned int*);
 virtual bool    SignDataBin(const void*, uint32_t, unsigned char*, unsigned int*);
 virtual bool    VerifySignBin(std::string, const void*, uint32_t, unsigned char*, unsigned int);
 	/*********** Overloaded Functions from p3AuthMgr **********/
@ -114,42 +148,39 @@ bool 	CheckCertificate(std::string peerId, X509 *x509); /* check that they are e
 	/* Special Config Loading (backwards compatibility) */
 bool  	loadCertificates(bool &oldFormat, std::map<std::string, std::string> &keyValueMap);
 #if 0
 	private:
 	/* Helper Functions */
-bool 	ProcessXPGP(XPGP *xpgp, std::string &id);
+bool 	ProcessX509(X509 *x509, std::string &id);
-XPGP *	loadXPGPFromPEM(std::string pem);
+X509 *	loadX509FromPEM(std::string pem);
-XPGP *	loadXPGPFromFile(std::string fname, std::string hash);
+X509 *	loadX509FromFile(std::string fname, std::string hash);
-bool    saveXPGPToFile(XPGP *xpgp, std::string fname, std::string &hash);
+bool    saveX509ToFile(X509 *x509, std::string fname, std::string &hash);
-XPGP *	loadXPGPFromDER(const uint8_t *ptr, uint32_t len);
+X509 *	loadX509FromDER(const uint8_t *ptr, uint32_t len);
-bool 	saveXPGPToDER(XPGP *xpgp, uint8_t **ptr, uint32_t *len);
+bool 	saveX509ToDER(X509 *x509, uint8_t **ptr, uint32_t *len);
 	/*********** LOCKED Functions ******/
-bool 	locked_FindCert(std::string id, xpgpcert **cert);
+bool 	locked_FindCert(std::string id, sslcert **cert);
 	/* Data */
-	RsMutex xpgpMtx;  /**** LOCKING */
+	RsMutex sslMtx;  /**** LOCKING */
 	int init;
 	std::string mCertConfigFile;
 	std::string mNeighDir;
 	SSL_CTX *sslctx;
 	XPGP_KEYRING *pgp_keyring;
 	std::string mOwnId;
-	xpgpcert *mOwnCert;
+	sslcert *mOwnCert;
 	EVP_PKEY *pkey;
 	bool mToSaveCerts;
 	bool mConfigSaveActive;
-	std::map<std::string, xpgpcert *> mCerts;
+	std::map<std::string, sslcert *> mCerts;
 #endif
 };
@ -169,8 +200,8 @@ std::string getXPGPAuthCode(XPGP *xpgp);
 int     LoadCheckXPGPandGetName(const char *cert_file, 
 			std::string &userName, std::string &userId);
 bool 	getXPGPid(XPGP *xpgp, std::string &xpgpid);
 #endif
 bool 	getX509id(X509 *x509, std::string &xid);
-#endif // MRK_SSL_XPGP_CERT_HEADER
+#endif // MRK_AUTH_SSL_HEADER
--- a/libretroshare/src/pqi/authxpgp.cc
+++ b/libretroshare/src/pqi/authxpgp.cc
@ -59,11 +59,11 @@ xPGP_vfy.h:#define TRUST_SIGN_BAD               -1
 **********/
 // the single instance of this.
-static AuthXPGP instance_sslroot;
+static AuthXPGP instance_xpgproot;
 p3AuthMgr *getAuthMgr()
 {
-	return &instance_sslroot;
+	return &instance_xpgproot;
 }
--- a/libretroshare/src/pqi/pqisecurity.cc
+++ b/libretroshare/src/pqi/pqisecurity.cc
@ -27,7 +27,7 @@
 #include "pqi/pqisecurity.h"
-#include <stdlib.h>  #malloc
+#include <stdlib.h>  // malloc
 // Can keep the structure hidden....
--- a/libretroshare/src/serialiser/rsdiscitems.cc
+++ b/libretroshare/src/serialiser/rsdiscitems.cc
@ -364,9 +364,9 @@ bool     RsDiscSerialiser::serialiseReply(RsDiscReply *item, void *data, uint32_
 	if (offset != tlvsize)
 	{
 		ok = false;
-//#ifdef RSSERIAL_DEBUG 
+#ifdef RSSERIAL_DEBUG 
 		std::cerr << "RsDiscSerialiser::serialiseReply() Size Error! " << std::endl;
-//#endif
+#endif
 	}
 	return ok;
--- a/libretroshare/src/serialiser/rsmsgitems.cc
+++ b/libretroshare/src/serialiser/rsmsgitems.cc
@ -93,10 +93,10 @@ bool     RsChatSerialiser::serialiseItem(RsChatItem *item, void *data, uint32_t
 	ok &= setRsItemHeader(data, tlvsize, item->PacketId(), tlvsize);
-//#ifdef RSSERIAL_DEBUG
+#ifdef RSSERIAL_DEBUG
 	std::cerr << "RsChatSerialiser::serialiseItem() Header: " << ok << std::endl;
 	std::cerr << "RsChatSerialiser::serialiseItem() Size: " << tlvsize << std::endl;
-//#endif
+#endif
 	/* skip the header */
 	offset += 8;
@ -109,11 +109,13 @@ bool     RsChatSerialiser::serialiseItem(RsChatItem *item, void *data, uint32_t
 	if (offset != tlvsize)
 	{
 		ok = false;
-//#ifdef RSSERIAL_DEBUG
+#ifdef RSSERIAL_DEBUG
 		std::cerr << "RsChatSerialiser::serialiseItem() Size Error! " << std::endl;
-//#endif
+#endif
 	}
 #ifdef RSSERIAL_DEBUG
 	std::cerr << "computed size: " << 256*((unsigned char*)data)[6]+((unsigned char*)data)[7] << std::endl ;
 #endif
 	return ok;
 }