changed: when winix demonizes it creates a three new descriptors (0, 1 and 3)
pointing to /dev/null
added: DbBase::AssertValueBin(PGresult * r, int row, int col, std::string & result)
it reads binary (bytea) data
added: DbTextStream can handle 'bool' types now
(is puts 'true' of 'false' to the stream)
changed: now passwords can be stored either as plain text, a hash or can be encrypted
with RSA
currently we have following hashes:
md4, md5, sha1, sha224, sha256, sha384, sha512
we are using openssl to manage them
(look at config options for more info)
changed: winix version to 0.4.7
added: class Run - you can run any program from os and send a buffer to its standard input
and read what the program put on its standard output
added: class Crypt (in System) - calculating hashes, and crypting/decrypting
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@734 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-06-09 23:22:08 +02:00
|
|
|
/*
|
|
|
|
* This file is a part of Winix
|
|
|
|
* and is not publicly distributed
|
|
|
|
*
|
|
|
|
* Copyright (c) 2011, Tomasz Sowa
|
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef headerfile_winix_core_crypt
|
|
|
|
#define headerfile_winix_core_crypt
|
|
|
|
|
|
|
|
|
|
|
|
#include <string>
|
|
|
|
#include "run.h"
|
|
|
|
#include "config.h"
|
|
|
|
#include "user.h"
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
the kind of hashes we are able to obtain in winix
|
|
|
|
*/
|
2011-06-24 22:53:21 +02:00
|
|
|
#define WINIX_CRYPT_HASH_NONE 0
|
changed: when winix demonizes it creates a three new descriptors (0, 1 and 3)
pointing to /dev/null
added: DbBase::AssertValueBin(PGresult * r, int row, int col, std::string & result)
it reads binary (bytea) data
added: DbTextStream can handle 'bool' types now
(is puts 'true' of 'false' to the stream)
changed: now passwords can be stored either as plain text, a hash or can be encrypted
with RSA
currently we have following hashes:
md4, md5, sha1, sha224, sha256, sha384, sha512
we are using openssl to manage them
(look at config options for more info)
changed: winix version to 0.4.7
added: class Run - you can run any program from os and send a buffer to its standard input
and read what the program put on its standard output
added: class Crypt (in System) - calculating hashes, and crypting/decrypting
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@734 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-06-09 23:22:08 +02:00
|
|
|
#define WINIX_CRYPT_HASH_MD4 1
|
|
|
|
#define WINIX_CRYPT_HASH_MD5 2
|
|
|
|
#define WINIX_CRYPT_HASH_SHA1 10
|
|
|
|
#define WINIX_CRYPT_HASH_SHA224 11
|
|
|
|
#define WINIX_CRYPT_HASH_SHA256 12
|
|
|
|
#define WINIX_CRYPT_HASH_SHA384 13
|
|
|
|
#define WINIX_CRYPT_HASH_SHA512 14
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
calculating hashes, encrypting and decrypting with RSA
|
|
|
|
*/
|
|
|
|
class Crypt
|
|
|
|
{
|
|
|
|
public:
|
|
|
|
|
|
|
|
|
|
|
|
void SetConfig(Config * pconfig);
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
calculating a hash from a given input
|
|
|
|
|
|
|
|
input:
|
|
|
|
hash - the kind of the hash - WINIX_CRYPT_HASH_*
|
|
|
|
in - input buffer
|
|
|
|
inlen - the length of the buffer
|
|
|
|
output:
|
|
|
|
out - the hash
|
|
|
|
*/
|
|
|
|
bool Hash(int hash, const char * in, size_t inlen, std::string & out);
|
|
|
|
bool Hash(int hash, const char * in, std::string & out);
|
|
|
|
bool Hash(int hash, const std::string & in, std::string & out);
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
calculating a hash from a given input
|
|
|
|
the input string is first changed to UTF8 and then hash is calculated
|
|
|
|
|
|
|
|
input:
|
|
|
|
hash - the kind of the hash - WINIX_CRYPT_HASH_*
|
|
|
|
in - input buffer
|
|
|
|
inlen - the length of the buffer
|
|
|
|
output:
|
|
|
|
out - the hash
|
|
|
|
*/
|
|
|
|
bool Hash(int hash, const wchar_t * in, size_t inlen, std::wstring & out);
|
|
|
|
bool Hash(int hash, const wchar_t * in, std::wstring & out);
|
|
|
|
bool Hash(int hash, const std::wstring & in, std::wstring & out);
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
encrypt/decrypt by using RSA algorithm
|
|
|
|
|
|
|
|
input:
|
|
|
|
encrypt - true means encrypting, false means decrypting
|
|
|
|
keypath - path to a RSA private key (this is a private and public key in one file)
|
|
|
|
in - input buffer
|
|
|
|
inlen - the size of the buffer
|
|
|
|
|
|
|
|
output:
|
|
|
|
out - encrypted or decrypted buffer
|
|
|
|
*/
|
|
|
|
bool RSA(bool encrypt, const char * keypath, const char * in, size_t inlen, std::string & out);
|
|
|
|
bool RSA(bool encrypt, const char * keypath, const std::string & in, std::string & out);
|
|
|
|
bool RSA(bool encrypt, const std::string & keypath, const std::string & in, std::string & out);
|
|
|
|
bool RSA(bool encrypt, const wchar_t * keypath, const char * in, size_t inlen, std::string & out);
|
|
|
|
bool RSA(bool encrypt, const wchar_t * keypath, const std::string & in, std::string & out);
|
|
|
|
bool RSA(bool encrypt, const std::wstring & keypath, const std::string & in, std::string & out);
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
this method creates a hash from the given plain text password
|
|
|
|
|
|
|
|
input.
|
|
|
|
salt - salt for the hash
|
|
|
|
up.pass_type - what kind of hash do you want - look at WINIX_CRYPT_HASH_* macros (in crypt.h)
|
|
|
|
up.pass - plain text password
|
|
|
|
|
|
|
|
if salt is empty then the hash will not be salted
|
|
|
|
|
|
|
|
output:
|
|
|
|
up.pass_type - (can be changed to 0 when there is a problem with generating a hash)
|
|
|
|
up.pass - hash from the password (or plain text if up.pass_type was zero)
|
|
|
|
up.pass_hash_salted (true if the hash is salted - when salt was not empty)
|
|
|
|
|
|
|
|
if there is a problem with generating a hash the method stores a plain text password
|
|
|
|
and changes up.pass_type to zero (plain text passwords are not salted)
|
|
|
|
*/
|
|
|
|
bool PassHash(const std::wstring & salt, UserPass & up);
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
this method encrypts the given password
|
|
|
|
|
|
|
|
input:
|
|
|
|
path_to_rsa_private_key - a path to rsa private key (this are a private and public keys both in one file)
|
|
|
|
up.pass - given password (can be a plain text or a hash)
|
|
|
|
|
|
|
|
if path_to_rsa_private_key is empty then the password will not be encrypted
|
|
|
|
|
|
|
|
output:
|
|
|
|
up.pass_encrypted
|
|
|
|
|
|
|
|
if there is a problem (or the path to the key is empty) then up.pass_encrypted will be empty
|
|
|
|
and the method returns false
|
|
|
|
*/
|
|
|
|
bool PassCrypt(const std::wstring & path_to_rsa_private_key, UserPass & up);
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
this method creates a hash from the given plain text password and then encrypts it
|
|
|
|
|
|
|
|
input:
|
|
|
|
salt - salt for the hash
|
|
|
|
path_to_rsa_private_key - a path to rsa private key (this are a private and public keys both in one file)
|
|
|
|
up.pass_type - what kind of hash do you want - look at WINIX_CRYPT_HASH_* macros (in crypt.h)
|
|
|
|
up.pass - plain text password
|
|
|
|
|
|
|
|
if salt is empty then the hash will not be salted
|
|
|
|
if path_to_rsa_private_key is empty then the password will not be encrypted
|
|
|
|
|
|
|
|
output:
|
|
|
|
up.pass_type - (can be changed to 0 when there is a problem with generating a hash)
|
|
|
|
up.pass - hash from the password (or plain text if up.pass_type was zero)
|
|
|
|
up.pass_hash_salted (true if the hash is salted - when salt was not empty)
|
|
|
|
up.pass_encrypted - encrypted password (if not empty)
|
|
|
|
|
|
|
|
*/
|
|
|
|
void PassHashCrypt(const std::wstring & salt, const std::wstring & path_to_rsa_private_key, UserPass & up);
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
this method creates a hash from the given plain text password and then encrypts it
|
|
|
|
|
|
|
|
input:
|
|
|
|
up.pass - plain text password
|
|
|
|
|
|
|
|
output:
|
|
|
|
up.pass_type - what kind of hash there is in up.pass
|
|
|
|
up.pass - hash from the password (or plain text if up.pass_type is zero)
|
|
|
|
up.pass_hash_salted - true if the hash is salted (plain text are never salted)
|
|
|
|
up.pass_encrypted - encrypted password (if not empty)
|
|
|
|
*/
|
|
|
|
void PassHashCrypt(UserPass & up);
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
putting some characters into the string and then calling clear()
|
|
|
|
*/
|
|
|
|
template<class StringType>
|
|
|
|
void ClearString(StringType & str);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private:
|
|
|
|
|
|
|
|
void TrimLastWhite(std::string & str);
|
|
|
|
|
|
|
|
Config * config;
|
|
|
|
Run run;
|
|
|
|
std::string command, bufina, bufouta, keypatha;
|
|
|
|
//std::wstring pass_salted;//, pass_hashed;
|
|
|
|
//std::string pass_hasheda, pass_encrypteda;
|
|
|
|
|
|
|
|
std::wstring pass_salted, pass_org;
|
|
|
|
std::string passa;
|
|
|
|
std::wstring empty;
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
template<class StringType>
|
|
|
|
void Crypt::ClearString(StringType & str)
|
|
|
|
{
|
|
|
|
for(size_t i=0 ; i<str.size() ; ++i)
|
|
|
|
str[i] = 0x0c;
|
|
|
|
|
|
|
|
str.clear();
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#endif
|
|
|
|
|