summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to 'Swiften/TLS')
-rw-r--r--Swiften/TLS/Certificate.cpp6
-rw-r--r--Swiften/TLS/Certificate.h14
-rw-r--r--Swiften/TLS/CertificateTrustChecker.h2
-rw-r--r--Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp2
-rw-r--r--Swiften/TLS/OpenSSL/OpenSSLCertificate.h28
-rw-r--r--Swiften/TLS/OpenSSL/OpenSSLContext.cpp2
-rw-r--r--Swiften/TLS/PKCS12Certificate.h6
-rw-r--r--Swiften/TLS/ServerIdentityVerifier.cpp32
-rw-r--r--Swiften/TLS/ServerIdentityVerifier.h10
-rw-r--r--Swiften/TLS/SimpleCertificate.h32
-rw-r--r--Swiften/TLS/UnitTest/CertificateTest.cpp2
11 files changed, 69 insertions, 67 deletions
diff --git a/Swiften/TLS/Certificate.cpp b/Swiften/TLS/Certificate.cpp
index 984d668..ecd7d5e 100644
--- a/Swiften/TLS/Certificate.cpp
+++ b/Swiften/TLS/Certificate.cpp
@@ -19,16 +19,16 @@ const char* Certificate::ID_ON_DNSSRV_OID = "1.3.6.1.5.5.7.8.7";
Certificate::~Certificate() {
}
-String Certificate::getSHA1Fingerprint() const {
+std::string Certificate::getSHA1Fingerprint() const {
ByteArray hash = SHA1::getHash(toDER());
std::ostringstream s;
for (size_t i = 0; i < hash.getSize(); ++i) {
if (i > 0) {
s << ":";
}
- s << Hexify::hexify(hash[i]).getUTF8String();
+ s << Hexify::hexify(hash[i]);
}
- return String(s.str());
+ return std::string(s.str());
}
}
diff --git a/Swiften/TLS/Certificate.h b/Swiften/TLS/Certificate.h
index e01aa74..dc93a2d 100644
--- a/Swiften/TLS/Certificate.h
+++ b/Swiften/TLS/Certificate.h
@@ -8,7 +8,7 @@
#include <boost/shared_ptr.hpp>
-#include "Swiften/Base/String.h"
+#include <string>
#include "Swiften/Base/ByteArray.h"
namespace Swift {
@@ -22,16 +22,16 @@ namespace Swift {
* Returns the textual representation of the full Subject
* name.
*/
- virtual String getSubjectName() const = 0;
+ virtual std::string getSubjectName() const = 0;
- virtual std::vector<String> getCommonNames() const = 0;
- virtual std::vector<String> getSRVNames() const = 0;
- virtual std::vector<String> getDNSNames() const = 0;
- virtual std::vector<String> getXMPPAddresses() const = 0;
+ virtual std::vector<std::string> getCommonNames() const = 0;
+ virtual std::vector<std::string> getSRVNames() const = 0;
+ virtual std::vector<std::string> getDNSNames() const = 0;
+ virtual std::vector<std::string> getXMPPAddresses() const = 0;
virtual ByteArray toDER() const = 0;
- virtual String getSHA1Fingerprint() const;
+ virtual std::string getSHA1Fingerprint() const;
protected:
static const char* ID_ON_XMPPADDR_OID;
diff --git a/Swiften/TLS/CertificateTrustChecker.h b/Swiften/TLS/CertificateTrustChecker.h
index c248e4a..aec03e3 100644
--- a/Swiften/TLS/CertificateTrustChecker.h
+++ b/Swiften/TLS/CertificateTrustChecker.h
@@ -8,7 +8,7 @@
#include <boost/shared_ptr.hpp>
-#include "Swiften/Base/String.h"
+#include <string>
#include "Swiften/TLS/Certificate.h"
namespace Swift {
diff --git a/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp b/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp
index 6a3d688..8a3bf97 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp
+++ b/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp
@@ -58,7 +58,7 @@ void OpenSSLCertificate::parse() {
ByteArray subjectNameData;
subjectNameData.resize(256);
X509_NAME_oneline(X509_get_subject_name(cert.get()), subjectNameData.getData(), subjectNameData.getSize());
- this->subjectName = String(subjectNameData.getData());
+ this->subjectName = std::string(subjectNameData.getData());
// Common name
int cnLoc = X509_NAME_get_index_by_NID(subjectName, NID_commonName, -1);
diff --git a/Swiften/TLS/OpenSSL/OpenSSLCertificate.h b/Swiften/TLS/OpenSSL/OpenSSLCertificate.h
index 2255826..b900170 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLCertificate.h
+++ b/Swiften/TLS/OpenSSL/OpenSSLCertificate.h
@@ -9,7 +9,7 @@
#include <boost/shared_ptr.hpp>
#include <openssl/ssl.h>
-#include "Swiften/Base/String.h"
+#include <string>
#include "Swiften/TLS/Certificate.h"
namespace Swift {
@@ -18,23 +18,23 @@ namespace Swift {
OpenSSLCertificate(boost::shared_ptr<X509>);
OpenSSLCertificate(const ByteArray& der);
- String getSubjectName() const {
+ std::string getSubjectName() const {
return subjectName;
}
- std::vector<String> getCommonNames() const {
+ std::vector<std::string> getCommonNames() const {
return commonNames;
}
- std::vector<String> getSRVNames() const {
+ std::vector<std::string> getSRVNames() const {
return srvNames;
}
- std::vector<String> getDNSNames() const {
+ std::vector<std::string> getDNSNames() const {
return dnsNames;
}
- std::vector<String> getXMPPAddresses() const {
+ std::vector<std::string> getXMPPAddresses() const {
return xmppAddresses;
}
@@ -47,24 +47,24 @@ namespace Swift {
private:
void parse();
- void addSRVName(const String& name) {
+ void addSRVName(const std::string& name) {
srvNames.push_back(name);
}
- void addDNSName(const String& name) {
+ void addDNSName(const std::string& name) {
dnsNames.push_back(name);
}
- void addXMPPAddress(const String& addr) {
+ void addXMPPAddress(const std::string& addr) {
xmppAddresses.push_back(addr);
}
private:
boost::shared_ptr<X509> cert;
- String subjectName;
- std::vector<String> commonNames;
- std::vector<String> dnsNames;
- std::vector<String> xmppAddresses;
- std::vector<String> srvNames;
+ std::string subjectName;
+ std::vector<std::string> commonNames;
+ std::vector<std::string> dnsNames;
+ std::vector<std::string> xmppAddresses;
+ std::vector<std::string> srvNames;
};
}
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
index be2f0af..21e377f 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
@@ -178,7 +178,7 @@ bool OpenSSLContext::setClientCertificate(const PKCS12Certificate& certificate)
X509 *certPtr = 0;
EVP_PKEY* privateKeyPtr = 0;
STACK_OF(X509)* caCertsPtr = 0;
- int result = PKCS12_parse(pkcs12.get(), certificate.getPassword().getUTF8Data(), &privateKeyPtr, &certPtr, &caCertsPtr);
+ int result = PKCS12_parse(pkcs12.get(), certificate.getPassword().c_str(), &privateKeyPtr, &certPtr, &caCertsPtr);
if (result != 1) {
return false;
}
diff --git a/Swiften/TLS/PKCS12Certificate.h b/Swiften/TLS/PKCS12Certificate.h
index 1d8c7c2..1c8c38f 100644
--- a/Swiften/TLS/PKCS12Certificate.h
+++ b/Swiften/TLS/PKCS12Certificate.h
@@ -14,7 +14,7 @@ namespace Swift {
public:
PKCS12Certificate() {}
- PKCS12Certificate(const String& filename, const String& password) : password_(password) {
+ PKCS12Certificate(const std::string& filename, const std::string& password) : password_(password) {
data_.readFromFile(filename);
}
@@ -30,13 +30,13 @@ namespace Swift {
data_ = data;
}
- const String& getPassword() const {
+ const std::string& getPassword() const {
return password_;
}
private:
ByteArray data_;
- String password_;
+ std::string password_;
};
}
diff --git a/Swiften/TLS/ServerIdentityVerifier.cpp b/Swiften/TLS/ServerIdentityVerifier.cpp
index 05efd31..d7b0580 100644
--- a/Swiften/TLS/ServerIdentityVerifier.cpp
+++ b/Swiften/TLS/ServerIdentityVerifier.cpp
@@ -6,6 +6,8 @@
#include "Swiften/TLS/ServerIdentityVerifier.h"
+#include <boost/algorithm/string.hpp>
+
#include "Swiften/Base/foreach.h"
#include "Swiften/IDN/IDNA.h"
@@ -20,8 +22,8 @@ bool ServerIdentityVerifier::certificateVerifies(Certificate::ref certificate) {
bool hasSAN = false;
// DNS names
- std::vector<String> dnsNames = certificate->getDNSNames();
- foreach (const String& dnsName, dnsNames) {
+ std::vector<std::string> dnsNames = certificate->getDNSNames();
+ foreach (const std::string& dnsName, dnsNames) {
if (matchesDomain(dnsName)) {
return true;
}
@@ -29,19 +31,19 @@ bool ServerIdentityVerifier::certificateVerifies(Certificate::ref certificate) {
hasSAN |= !dnsNames.empty();
// SRV names
- std::vector<String> srvNames = certificate->getSRVNames();
- foreach (const String& srvName, srvNames) {
+ std::vector<std::string> srvNames = certificate->getSRVNames();
+ foreach (const std::string& srvName, srvNames) {
// Only match SRV names that begin with the service; this isn't required per
// spec, but we're being purist about this.
- if (srvName.beginsWith("_xmpp-client.") && matchesDomain(srvName.getSubstring(String("_xmpp-client.").getUTF8Size(), srvName.npos()))) {
+ if (boost::starts_with(srvName, "_xmpp-client.") && matchesDomain(srvName.substr(std::string("_xmpp-client.").size(), srvName.npos))) {
return true;
}
}
hasSAN |= !srvNames.empty();
// XmppAddr
- std::vector<String> xmppAddresses = certificate->getXMPPAddresses();
- foreach (const String& xmppAddress, xmppAddresses) {
+ std::vector<std::string> xmppAddresses = certificate->getXMPPAddresses();
+ foreach (const std::string& xmppAddress, xmppAddresses) {
if (matchesAddress(xmppAddress)) {
return true;
}
@@ -50,8 +52,8 @@ bool ServerIdentityVerifier::certificateVerifies(Certificate::ref certificate) {
// CommonNames. Only check this if there was no SAN (according to spec).
if (!hasSAN) {
- std::vector<String> commonNames = certificate->getCommonNames();
- foreach (const String& commonName, commonNames) {
+ std::vector<std::string> commonNames = certificate->getCommonNames();
+ foreach (const std::string& commonName, commonNames) {
if (matchesDomain(commonName)) {
return true;
}
@@ -61,13 +63,13 @@ bool ServerIdentityVerifier::certificateVerifies(Certificate::ref certificate) {
return false;
}
-bool ServerIdentityVerifier::matchesDomain(const String& s) {
- if (s.beginsWith("*.")) {
- String matchString(s.getSubstring(2, s.npos()));
- String matchDomain = encodedDomain;
+bool ServerIdentityVerifier::matchesDomain(const std::string& s) {
+ if (boost::starts_with(s, "*.")) {
+ std::string matchString(s.substr(2, s.npos));
+ std::string matchDomain = encodedDomain;
int dotIndex = matchDomain.find('.');
if (dotIndex >= 0) {
- matchDomain = matchDomain.getSubstring(dotIndex + 1, matchDomain.npos());
+ matchDomain = matchDomain.substr(dotIndex + 1, matchDomain.npos);
}
return matchString == matchDomain;
}
@@ -76,7 +78,7 @@ bool ServerIdentityVerifier::matchesDomain(const String& s) {
}
}
-bool ServerIdentityVerifier::matchesAddress(const String& s) {
+bool ServerIdentityVerifier::matchesAddress(const std::string& s) {
return s == domain;
}
diff --git a/Swiften/TLS/ServerIdentityVerifier.h b/Swiften/TLS/ServerIdentityVerifier.h
index a001a5e..05bb5f0 100644
--- a/Swiften/TLS/ServerIdentityVerifier.h
+++ b/Swiften/TLS/ServerIdentityVerifier.h
@@ -8,7 +8,7 @@
#include <boost/shared_ptr.hpp>
-#include "Swiften/Base/String.h"
+#include <string>
#include "Swiften/JID/JID.h"
#include "Swiften/TLS/Certificate.h"
@@ -20,11 +20,11 @@ namespace Swift {
bool certificateVerifies(Certificate::ref);
private:
- bool matchesDomain(const String&);
- bool matchesAddress(const String&);
+ bool matchesDomain(const std::string&);
+ bool matchesAddress(const std::string&);
private:
- String domain;
- String encodedDomain;
+ std::string domain;
+ std::string encodedDomain;
};
}
diff --git a/Swiften/TLS/SimpleCertificate.h b/Swiften/TLS/SimpleCertificate.h
index 7af8530..a81a23e 100644
--- a/Swiften/TLS/SimpleCertificate.h
+++ b/Swiften/TLS/SimpleCertificate.h
@@ -6,7 +6,7 @@
#pragma once
-#include "Swiften/Base/String.h"
+#include <string>
#include "Swiften/TLS/Certificate.h"
namespace Swift {
@@ -14,43 +14,43 @@ namespace Swift {
public:
typedef boost::shared_ptr<SimpleCertificate> ref;
- void setSubjectName(const String& name) {
+ void setSubjectName(const std::string& name) {
subjectName = name;
}
- String getSubjectName() const {
+ std::string getSubjectName() const {
return subjectName;
}
- std::vector<String> getCommonNames() const {
+ std::vector<std::string> getCommonNames() const {
return commonNames;
}
- void addCommonName(const String& name) {
+ void addCommonName(const std::string& name) {
commonNames.push_back(name);
}
- void addSRVName(const String& name) {
+ void addSRVName(const std::string& name) {
srvNames.push_back(name);
}
- void addDNSName(const String& name) {
+ void addDNSName(const std::string& name) {
dnsNames.push_back(name);
}
- void addXMPPAddress(const String& addr) {
+ void addXMPPAddress(const std::string& addr) {
xmppAddresses.push_back(addr);
}
- std::vector<String> getSRVNames() const {
+ std::vector<std::string> getSRVNames() const {
return srvNames;
}
- std::vector<String> getDNSNames() const {
+ std::vector<std::string> getDNSNames() const {
return dnsNames;
}
- std::vector<String> getXMPPAddresses() const {
+ std::vector<std::string> getXMPPAddresses() const {
return xmppAddresses;
}
@@ -66,11 +66,11 @@ namespace Swift {
void parse();
private:
- String subjectName;
+ std::string subjectName;
ByteArray der;
- std::vector<String> commonNames;
- std::vector<String> dnsNames;
- std::vector<String> xmppAddresses;
- std::vector<String> srvNames;
+ std::vector<std::string> commonNames;
+ std::vector<std::string> dnsNames;
+ std::vector<std::string> xmppAddresses;
+ std::vector<std::string> srvNames;
};
}
diff --git a/Swiften/TLS/UnitTest/CertificateTest.cpp b/Swiften/TLS/UnitTest/CertificateTest.cpp
index b5e69c3..216aaae 100644
--- a/Swiften/TLS/UnitTest/CertificateTest.cpp
+++ b/Swiften/TLS/UnitTest/CertificateTest.cpp
@@ -25,7 +25,7 @@ class CertificateTest : public CppUnit::TestFixture {
SimpleCertificate::ref testling = boost::make_shared<SimpleCertificate>();
testling->setDER(ByteArray("abcdefg"));
- CPPUNIT_ASSERT_EQUAL(String("2f:b5:e1:34:19:fc:89:24:68:65:e7:a3:24:f4:76:ec:62:4e:87:40"), testling->getSHA1Fingerprint());
+ CPPUNIT_ASSERT_EQUAL(std::string("2f:b5:e1:34:19:fc:89:24:68:65:e7:a3:24:f4:76:ec:62:4e:87:40"), testling->getSHA1Fingerprint());
}
};