base64.h   base64.h 
skipping to change at line 61 skipping to change at line 61
/// ///
/// Perform base64 URL decoding of the binary data in range [\a begi n,\a end), and store it to output buffer /// Perform base64 URL decoding of the binary data in range [\a begi n,\a end), and store it to output buffer
/// \a target. The size of target storage should have a capacity cal culated with encoded_size(end-begin). /// \a target. The size of target storage should have a capacity cal culated with encoded_size(end-begin).
/// ///
/// Pointer to the first character directly after text string ends i s returned. Invalid codes are substituted /// Pointer to the first character directly after text string ends i s returned. Invalid codes are substituted
/// by 0 values. /// by 0 values.
/// ///
/// ///
unsigned char CPPCMS_API *decode(unsigned char const *begin,unsigned char const *end,unsigned char *target); unsigned char CPPCMS_API *decode(unsigned char const *begin,unsigned char const *end,unsigned char *target);
///
/// Perform base64 URL decoding of the textual data \a input, and st
ore it to \a output.
///
/// If the source is invalid returns false
///
///
bool CPPCMS_API decode(std::string const &input,std::string &output)
;
///
/// Perform base64 URL encoding of the binary data \a input, and ret
urn it
///
///
std::string CPPCMS_API encode(std::string const &input);
} }
} }
#endif #endif
 End of changes. 1 change blocks. 
0 lines changed or deleted 16 lines changed or added


 crypto.h   crypto.h 
skipping to change at line 30 skipping to change at line 30
#define CPPCMS_CRYPTO_H #define CPPCMS_CRYPTO_H
#include <cppcms/defs.h> #include <cppcms/defs.h>
#include <booster/noncopyable.h> #include <booster/noncopyable.h>
#include <booster/hold_ptr.h> #include <booster/hold_ptr.h>
#include <memory> #include <memory>
#include <string> #include <string>
namespace cppcms { namespace cppcms {
/// ///
/// \brief this class provides an API to calculate various cryptogra phic hash functions /// \brief This namespace holds basic cryptographic utilities useful for save interaction with user.
/// ///
class CPPCMS_API message_digest : public booster::noncopyable { /// One of the limitations of these functions is the fact that they
protected: do not use so called cryptographic memory,
/// It should be implemented in derived classes /// however it is not required as all secret keys are stored as plai
message_digest() n text in configuration files,
{ /// The only protection that is given is that values of keys are era
} sed when the object is deleted
public: /// to prevent key-leaks due to use of uninitialized memory in user
virtual ~message_digest() applications.
{ ///
} ///
namespace crypto {
///
/// Get the size of message digest, for example for MD5 it i
s 16, for SHA1 it is 20
/// ///
virtual unsigned digest_size() const = 0; /// \brief Key object, holds the string that represents the binary key.
/// ///
/// Get processing block size, returns 64 or 128, used mostl /// When the key is destroyed it zeros all the memory it use
y for correct HMAC calculations s to prevent accidental
/// leaks of the highly confidential data
/// ///
virtual unsigned block_size() const = 0; class CPPCMS_API key {
public:
///
/// Create an empty key on 0 length
///
key();
///
/// Copy the key
///
key(key const &other);
///
/// Assign the key
///
key const &operator=(key const &);
///
/// Destroy they key object clearing the area used b
y it.
///
~key();
///
/// Create a key using binary representation pointed
by \a data of \a length bytes
///
key(void const *data,size_t length);
///
/// Create a key using the hexadecimal representatio
n
///
explicit key(char const *s);
///
/// Create a key using the hexadecimal representatio
n
///
explicit key(std::string const &);
///
/// Get the pointer to data, never returns NULL even
if size() == 0
///
char const *data() const;
///
/// Get the size of the key
///
size_t size() const;
/// ///
/// Add more data of size bytes for processing /// Clear the key - and clear the area it was stored
/// it
virtual void append(void const *ptr,size_t size) = 0; ///
/// void reset();
/// Read the message digest for the data and reset it into i
nitial state,
/// provided buffer must be digest_size() bytes
///
virtual void readout(void *ptr) = 0;
/// ///
/// Make a polymorphic copy of this object, note the state o /// Set the binary value for the key
f copied object is reset to ///
/// initial void set(void const *ptr,size_t len);
/// ///
virtual message_digest *clone() const = 0; /// Set the value for the key using hexadecimal repr
esentation
///
void set_hex(char const *ptr,size_t len);
/// ///
/// Get the name of the hash function /// Read the key from file. Under windows file_name
/// should be UTF-8 encoded
virtual char const *name() const = 0; /// string.
///
void read_from_file(std::string const &file_name);
private:
static unsigned from_hex(char c);
char *data_;
size_t size_;
};
/// ///
/// Create MD5 message digest /// \brief this class provides an API to calculate various c
/// ryptographic hash functions
static std::auto_ptr<message_digest> md5();
///
/// Create SHA1 message digest
///
static std::auto_ptr<message_digest> sha1();
///
/// Create message digest by name, more then sha1 and md5 ma
y be supported,
/// if CppCMS is compiled with cryptography library like lib
gcrypt or openssl
/// ///
static std::auto_ptr<message_digest> create_by_name(std::str class CPPCMS_API message_digest : public booster::noncopyabl
ing const &name); e {
}; protected:
/// It should be implemented in derived classes
message_digest()
{
}
public:
virtual ~message_digest()
{
}
/// ///
/// This object calculates the HMAC signature for the input data /// Get the size of message digest, for example for
/// MD5 it is 16, for SHA1 it is 20
class CPPCMS_API hmac : public booster::noncopyable { ///
public: virtual unsigned digest_size() const = 0;
/// ///
/// Create hmac that uses given \a digest algorithm and a bi /// Get processing block size, returns 64 or 128, us
nary key - \a key ed mostly for correct HMAC calculations
/// ///
hmac(std::auto_ptr<message_digest> digest,std::string const virtual unsigned block_size() const = 0;
&key);
///
/// Create hmac that uses message digest algorithm called \a
name and use a binary key - \a key
///
hmac(std::string const &name,std::string const &key);
~hmac();
/// ///
/// Get the size of the signtature /// Add more data of size bytes for processing
/// ///
unsigned digest_size() const; virtual void append(void const *ptr,size_t size) = 0
;
///
/// Read the message digest for the data and reset i
t into initial state,
/// provided buffer must be digest_size() bytes
///
virtual void readout(void *ptr) = 0;
///
/// Make a polymorphic copy of this object, note the
state of copied object is reset to
/// initial
///
virtual message_digest *clone() const = 0;
///
/// Get the name of the hash function
///
virtual char const *name() const = 0;
///
/// Create MD5 message digest
///
static std::auto_ptr<message_digest> md5();
///
/// Create SHA1 message digest
///
static std::auto_ptr<message_digest> sha1();
///
/// Create message digest by name, more then sha1 an
d md5 may be supported,
/// if CppCMS is compiled with cryptography library
like libgcrypt or openssl
///
static std::auto_ptr<message_digest> create_by_name(
std::string const &name);
};
/// ///
/// Add data for signing /// This object calculates the HMAC signature for the input data
/// ///
void append(void const *ptr,size_t size); class CPPCMS_API hmac : public booster::noncopyable {
public:
///
/// Create hmac that uses given \a digest algorithm
and a binary key - \a key
///
hmac(std::auto_ptr<message_digest> digest,key const
&k);
///
/// Create hmac that uses message digest algorithm c
alled \a name and use a binary key - \a key
///
hmac(std::string const &name,key const &k);
~hmac();
///
/// Get the size of the signtature
///
unsigned digest_size() const;
///
/// Add data for signing
///
void append(void const *ptr,size_t size);
///
/// Get the signature for all the data, after callin
g this function
/// the state of the hmac is reset and it can be use
d for signing again
///
/// Note: provided buffer must be digest_size() byte
s long.
///
void readout(void *ptr);
private:
void init();
struct data_;
booster::hold_ptr<data_> d;
std::auto_ptr<message_digest> md_,md_opad_;
key key_;
};
/// ///
/// Get the signature for all the data, after calling this f /// \brief Cipher-block chaining encryption and decryption
unction cryptographic service.
/// the state of the hmac is reset and it can't be used agai
n for
/// signing the data.
/// ///
/// Note: provided buffer must be digest_size() bytes long. /// \note In order to use it, you \b must compile CppCMS wit h OpenSSL (libcrypto) or GNU-TLS (libgcrypt) library.
/// ///
void readout(void *ptr); class CPPCMS_API cbc : public booster::noncopyable {
private: public:
void init(std::string const &); ///
struct data_; /// CBC encryption type
booster::hold_ptr<data_> d; ///
std::auto_ptr<message_digest> md_,md_opad_; typedef enum {
}; aes128 = 0, ///< AES-128
aes192 = 1, ///< AES-192
aes256 = 2 ///< AES-256
} cbc_type;
///
/// Create a new cbc object that performs encryption
using \a type method.
///
/// If the encryption method is not supported return
s an empty pointer!
///
static std::auto_ptr<cbc> create(cbc_type type);
///
/// Create a new cbc object that performs encryption
using algorithm \a name
///
/// If the encryption method is not supported return
s an empty pointer!
///
/// Currently supported aes128, aes192, aes256, with
names "aes" = "aes-128" = "aes128" , "aes-192" "aes192",
/// "aes-256" = "aes256". They require CppCMS to be
compiled with OpenSSL or GNU-TLS library
///
static std::auto_ptr<cbc> create(std::string const &
name);
///
/// Get the size of the block CBC works on
///
virtual unsigned block_size() const = 0;
///
/// Get the required key size in bytes
///
virtual unsigned key_size() const = 0;
///
/// Set the key value
///
virtual void set_key(key const &) = 0;
///
/// Set initial vector value, size should be equal
to block_size()
///
virtual void set_iv(void const *ptr,size_t size) = 0
;
///
/// Set randomly created initial vector value
///
virtual void set_nonce_iv() = 0;
///
/// Encrypt the data \a in to \a out of size \a len.
\a len should be multiple of block_size()
///
virtual void encrypt(void const *in,void *out,unsign
ed len) = 0;
///
/// Decrypt the data \a in to \a out of size \a len.
\a len should be multiple of block_size()
///
virtual void decrypt(void const *in,void *out,unsign
ed len) = 0;
virtual ~cbc()
{
}
};
} // crypto
} // cppcms } // cppcms
#endif #endif
 End of changes. 18 change blocks. 
90 lines changed or deleted 271 lines changed or added


 cstdint.h   cstdint.h 
skipping to change at line 13 skipping to change at line 13
// //
// Distributed under the Boost Software License, Version 1.0. (See // Distributed under the Boost Software License, Version 1.0. (See
// accompanying file LICENSE_1_0.txt or copy at // accompanying file LICENSE_1_0.txt or copy at
// http://www.boost.org/LICENSE_1_0.txt) // http://www.boost.org/LICENSE_1_0.txt)
// //
#ifndef BOOSTER_CSTDINT_H #ifndef BOOSTER_CSTDINT_H
#define BOOSTER_CSTDINT_H #define BOOSTER_CSTDINT_H
#include <booster/build_config.h> #include <booster/build_config.h>
#if defined BOOSTER_HAVE_STDINT_H #if defined(BOOSTER_HAVE_STDINT_H) || defined(BOOSTER_HAVE_INTTYPES_H)
# include <stdint.h>
#elif defined BOOSTER_HAVE_INTTYPES_H # if defined BOOSTER_HAVE_STDINT_H
# include <inttypes.h> # include <stdint.h>
# elif defined BOOSTER_HAVE_INTTYPES_H
# include <inttypes.h>
# endif
namespace booster {
using ::int8_t;
using ::uint8_t;
using ::uint16_t;
using ::int16_t;
using ::uint32_t;
using ::int32_t;
using ::uint64_t;
using ::int64_t;
}
#else #else
namespace booster { namespace booster {
// //
// Generally only for broken MSVC // Generally only for broken MSVC
// And guess // And guess
typedef unsigned char uint8_t; typedef unsigned char uint8_t;
typedef signed char int8_t; typedef signed char int8_t;
typedef unsigned short uint16_t; typedef unsigned short uint16_t;
typedef short int16_t; typedef short int16_t;
typedef unsigned int uint32_t; typedef unsigned int uint32_t;
typedef int int32_t; typedef int int32_t;
typedef unsigned long long uint64_t; typedef unsigned long long uint64_t;
typedef long long int64_t; typedef long long int64_t;
} }
#endif #endif
#endif // BOOSTER_CSTDINT_H #endif // BOOSTER_CSTDINT_H
 End of changes. 2 change blocks. 
17 lines changed or deleted 31 lines changed or added


 session_cookies.h   session_cookies.h 
skipping to change at line 51 skipping to change at line 51
/// accessed, so lazy initialization is your best friend. /// accessed, so lazy initialization is your best friend.
/// ///
/// Note this class does not have to be thread safe to use from mult iple threads. /// Note this class does not have to be thread safe to use from mult iple threads.
/// ///
class encryptor : public booster::noncopyable { class encryptor : public booster::noncopyable {
public: public:
/// ///
/// Encrypt or sign the plain text \a plain together with \a timeout and return the encrypted value for a cookie. /// Encrypt or sign the plain text \a plain together with \a timeout and return the encrypted value for a cookie.
/// Don't forget to use base64 encoding in order to create a string that is valid for cookie /// Don't forget to use base64 encoding in order to create a string that is valid for cookie
/// ///
virtual std::string encrypt(std::string const &plain,time_t timeout) = 0; virtual std::string encrypt(std::string const &plain) = 0;
/// ///
/// Decrypt the \a cipher text or check the signature and re turn the \a plain text and the session expiration value: \a timeout. /// Decrypt the \a cipher text or check the signature and re turn the \a plain text and the session expiration value: \a timeout.
/// ///
/// If signature checks or decryption failed return false. /// If signature checks or decryption failed return false.
/// ///
virtual bool decrypt(std::string const &cipher,std::string & plain,time_t *timeout = 0) = 0; virtual bool decrypt(std::string const &cipher,std::string & plain) = 0;
/// ///
/// Destructor /// Destructor
/// ///
virtual ~encryptor() {} virtual ~encryptor() {}
}; };
/// ///
/// \brief This is an interface for an object that creates new encry ptors /// \brief This is an interface for an object that creates new encry ptors
/// ///
/// This class must be thread safe. /// This class must be thread safe.
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/