diff options
Diffstat (limited to 'Swiften/TLS')
-rw-r--r-- | Swiften/TLS/Certificate.cpp | 6 | ||||
-rw-r--r-- | Swiften/TLS/Certificate.h | 14 | ||||
-rw-r--r-- | Swiften/TLS/CertificateTrustChecker.h | 2 | ||||
-rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp | 2 | ||||
-rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLCertificate.h | 28 | ||||
-rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContext.cpp | 2 | ||||
-rw-r--r-- | Swiften/TLS/PKCS12Certificate.h | 6 | ||||
-rw-r--r-- | Swiften/TLS/ServerIdentityVerifier.cpp | 32 | ||||
-rw-r--r-- | Swiften/TLS/ServerIdentityVerifier.h | 10 | ||||
-rw-r--r-- | Swiften/TLS/SimpleCertificate.h | 32 | ||||
-rw-r--r-- | Swiften/TLS/UnitTest/CertificateTest.cpp | 2 |
11 files changed, 69 insertions, 67 deletions
diff --git a/Swiften/TLS/Certificate.cpp b/Swiften/TLS/Certificate.cpp index 984d668..ecd7d5e 100644 --- a/Swiften/TLS/Certificate.cpp +++ b/Swiften/TLS/Certificate.cpp @@ -19,16 +19,16 @@ const char* Certificate::ID_ON_DNSSRV_OID = "1.3.6.1.5.5.7.8.7"; Certificate::~Certificate() { } -String Certificate::getSHA1Fingerprint() const { +std::string Certificate::getSHA1Fingerprint() const { ByteArray hash = SHA1::getHash(toDER()); std::ostringstream s; for (size_t i = 0; i < hash.getSize(); ++i) { if (i > 0) { s << ":"; } - s << Hexify::hexify(hash[i]).getUTF8String(); + s << Hexify::hexify(hash[i]); } - return String(s.str()); + return std::string(s.str()); } } diff --git a/Swiften/TLS/Certificate.h b/Swiften/TLS/Certificate.h index e01aa74..dc93a2d 100644 --- a/Swiften/TLS/Certificate.h +++ b/Swiften/TLS/Certificate.h @@ -8,7 +8,7 @@ #include <boost/shared_ptr.hpp> -#include "Swiften/Base/String.h" +#include <string> #include "Swiften/Base/ByteArray.h" namespace Swift { @@ -22,16 +22,16 @@ namespace Swift { * Returns the textual representation of the full Subject * name. */ - virtual String getSubjectName() const = 0; + virtual std::string getSubjectName() const = 0; - virtual std::vector<String> getCommonNames() const = 0; - virtual std::vector<String> getSRVNames() const = 0; - virtual std::vector<String> getDNSNames() const = 0; - virtual std::vector<String> getXMPPAddresses() const = 0; + virtual std::vector<std::string> getCommonNames() const = 0; + virtual std::vector<std::string> getSRVNames() const = 0; + virtual std::vector<std::string> getDNSNames() const = 0; + virtual std::vector<std::string> getXMPPAddresses() const = 0; virtual ByteArray toDER() const = 0; - virtual String getSHA1Fingerprint() const; + virtual std::string getSHA1Fingerprint() const; protected: static const char* ID_ON_XMPPADDR_OID; diff --git a/Swiften/TLS/CertificateTrustChecker.h b/Swiften/TLS/CertificateTrustChecker.h index c248e4a..aec03e3 100644 --- a/Swiften/TLS/CertificateTrustChecker.h +++ b/Swiften/TLS/CertificateTrustChecker.h @@ -8,7 +8,7 @@ #include <boost/shared_ptr.hpp> -#include "Swiften/Base/String.h" +#include <string> #include "Swiften/TLS/Certificate.h" namespace Swift { diff --git a/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp b/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp index 6a3d688..8a3bf97 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp @@ -58,7 +58,7 @@ void OpenSSLCertificate::parse() { ByteArray subjectNameData; subjectNameData.resize(256); X509_NAME_oneline(X509_get_subject_name(cert.get()), subjectNameData.getData(), subjectNameData.getSize()); - this->subjectName = String(subjectNameData.getData()); + this->subjectName = std::string(subjectNameData.getData()); // Common name int cnLoc = X509_NAME_get_index_by_NID(subjectName, NID_commonName, -1); diff --git a/Swiften/TLS/OpenSSL/OpenSSLCertificate.h b/Swiften/TLS/OpenSSL/OpenSSLCertificate.h index 2255826..b900170 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLCertificate.h +++ b/Swiften/TLS/OpenSSL/OpenSSLCertificate.h @@ -9,7 +9,7 @@ #include <boost/shared_ptr.hpp> #include <openssl/ssl.h> -#include "Swiften/Base/String.h" +#include <string> #include "Swiften/TLS/Certificate.h" namespace Swift { @@ -18,23 +18,23 @@ namespace Swift { OpenSSLCertificate(boost::shared_ptr<X509>); OpenSSLCertificate(const ByteArray& der); - String getSubjectName() const { + std::string getSubjectName() const { return subjectName; } - std::vector<String> getCommonNames() const { + std::vector<std::string> getCommonNames() const { return commonNames; } - std::vector<String> getSRVNames() const { + std::vector<std::string> getSRVNames() const { return srvNames; } - std::vector<String> getDNSNames() const { + std::vector<std::string> getDNSNames() const { return dnsNames; } - std::vector<String> getXMPPAddresses() const { + std::vector<std::string> getXMPPAddresses() const { return xmppAddresses; } @@ -47,24 +47,24 @@ namespace Swift { private: void parse(); - void addSRVName(const String& name) { + void addSRVName(const std::string& name) { srvNames.push_back(name); } - void addDNSName(const String& name) { + void addDNSName(const std::string& name) { dnsNames.push_back(name); } - void addXMPPAddress(const String& addr) { + void addXMPPAddress(const std::string& addr) { xmppAddresses.push_back(addr); } private: boost::shared_ptr<X509> cert; - String subjectName; - std::vector<String> commonNames; - std::vector<String> dnsNames; - std::vector<String> xmppAddresses; - std::vector<String> srvNames; + std::string subjectName; + std::vector<std::string> commonNames; + std::vector<std::string> dnsNames; + std::vector<std::string> xmppAddresses; + std::vector<std::string> srvNames; }; } diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp index be2f0af..21e377f 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp @@ -178,7 +178,7 @@ bool OpenSSLContext::setClientCertificate(const PKCS12Certificate& certificate) X509 *certPtr = 0; EVP_PKEY* privateKeyPtr = 0; STACK_OF(X509)* caCertsPtr = 0; - int result = PKCS12_parse(pkcs12.get(), certificate.getPassword().getUTF8Data(), &privateKeyPtr, &certPtr, &caCertsPtr); + int result = PKCS12_parse(pkcs12.get(), certificate.getPassword().c_str(), &privateKeyPtr, &certPtr, &caCertsPtr); if (result != 1) { return false; } diff --git a/Swiften/TLS/PKCS12Certificate.h b/Swiften/TLS/PKCS12Certificate.h index 1d8c7c2..1c8c38f 100644 --- a/Swiften/TLS/PKCS12Certificate.h +++ b/Swiften/TLS/PKCS12Certificate.h @@ -14,7 +14,7 @@ namespace Swift { public: PKCS12Certificate() {} - PKCS12Certificate(const String& filename, const String& password) : password_(password) { + PKCS12Certificate(const std::string& filename, const std::string& password) : password_(password) { data_.readFromFile(filename); } @@ -30,13 +30,13 @@ namespace Swift { data_ = data; } - const String& getPassword() const { + const std::string& getPassword() const { return password_; } private: ByteArray data_; - String password_; + std::string password_; }; } diff --git a/Swiften/TLS/ServerIdentityVerifier.cpp b/Swiften/TLS/ServerIdentityVerifier.cpp index 05efd31..d7b0580 100644 --- a/Swiften/TLS/ServerIdentityVerifier.cpp +++ b/Swiften/TLS/ServerIdentityVerifier.cpp @@ -6,6 +6,8 @@ #include "Swiften/TLS/ServerIdentityVerifier.h" +#include <boost/algorithm/string.hpp> + #include "Swiften/Base/foreach.h" #include "Swiften/IDN/IDNA.h" @@ -20,8 +22,8 @@ bool ServerIdentityVerifier::certificateVerifies(Certificate::ref certificate) { bool hasSAN = false; // DNS names - std::vector<String> dnsNames = certificate->getDNSNames(); - foreach (const String& dnsName, dnsNames) { + std::vector<std::string> dnsNames = certificate->getDNSNames(); + foreach (const std::string& dnsName, dnsNames) { if (matchesDomain(dnsName)) { return true; } @@ -29,19 +31,19 @@ bool ServerIdentityVerifier::certificateVerifies(Certificate::ref certificate) { hasSAN |= !dnsNames.empty(); // SRV names - std::vector<String> srvNames = certificate->getSRVNames(); - foreach (const String& srvName, srvNames) { + std::vector<std::string> srvNames = certificate->getSRVNames(); + foreach (const std::string& srvName, srvNames) { // Only match SRV names that begin with the service; this isn't required per // spec, but we're being purist about this. - if (srvName.beginsWith("_xmpp-client.") && matchesDomain(srvName.getSubstring(String("_xmpp-client.").getUTF8Size(), srvName.npos()))) { + if (boost::starts_with(srvName, "_xmpp-client.") && matchesDomain(srvName.substr(std::string("_xmpp-client.").size(), srvName.npos))) { return true; } } hasSAN |= !srvNames.empty(); // XmppAddr - std::vector<String> xmppAddresses = certificate->getXMPPAddresses(); - foreach (const String& xmppAddress, xmppAddresses) { + std::vector<std::string> xmppAddresses = certificate->getXMPPAddresses(); + foreach (const std::string& xmppAddress, xmppAddresses) { if (matchesAddress(xmppAddress)) { return true; } @@ -50,8 +52,8 @@ bool ServerIdentityVerifier::certificateVerifies(Certificate::ref certificate) { // CommonNames. Only check this if there was no SAN (according to spec). if (!hasSAN) { - std::vector<String> commonNames = certificate->getCommonNames(); - foreach (const String& commonName, commonNames) { + std::vector<std::string> commonNames = certificate->getCommonNames(); + foreach (const std::string& commonName, commonNames) { if (matchesDomain(commonName)) { return true; } @@ -61,13 +63,13 @@ bool ServerIdentityVerifier::certificateVerifies(Certificate::ref certificate) { return false; } -bool ServerIdentityVerifier::matchesDomain(const String& s) { - if (s.beginsWith("*.")) { - String matchString(s.getSubstring(2, s.npos())); - String matchDomain = encodedDomain; +bool ServerIdentityVerifier::matchesDomain(const std::string& s) { + if (boost::starts_with(s, "*.")) { + std::string matchString(s.substr(2, s.npos)); + std::string matchDomain = encodedDomain; int dotIndex = matchDomain.find('.'); if (dotIndex >= 0) { - matchDomain = matchDomain.getSubstring(dotIndex + 1, matchDomain.npos()); + matchDomain = matchDomain.substr(dotIndex + 1, matchDomain.npos); } return matchString == matchDomain; } @@ -76,7 +78,7 @@ bool ServerIdentityVerifier::matchesDomain(const String& s) { } } -bool ServerIdentityVerifier::matchesAddress(const String& s) { +bool ServerIdentityVerifier::matchesAddress(const std::string& s) { return s == domain; } diff --git a/Swiften/TLS/ServerIdentityVerifier.h b/Swiften/TLS/ServerIdentityVerifier.h index a001a5e..05bb5f0 100644 --- a/Swiften/TLS/ServerIdentityVerifier.h +++ b/Swiften/TLS/ServerIdentityVerifier.h @@ -8,7 +8,7 @@ #include <boost/shared_ptr.hpp> -#include "Swiften/Base/String.h" +#include <string> #include "Swiften/JID/JID.h" #include "Swiften/TLS/Certificate.h" @@ -20,11 +20,11 @@ namespace Swift { bool certificateVerifies(Certificate::ref); private: - bool matchesDomain(const String&); - bool matchesAddress(const String&); + bool matchesDomain(const std::string&); + bool matchesAddress(const std::string&); private: - String domain; - String encodedDomain; + std::string domain; + std::string encodedDomain; }; } diff --git a/Swiften/TLS/SimpleCertificate.h b/Swiften/TLS/SimpleCertificate.h index 7af8530..a81a23e 100644 --- a/Swiften/TLS/SimpleCertificate.h +++ b/Swiften/TLS/SimpleCertificate.h @@ -6,7 +6,7 @@ #pragma once -#include "Swiften/Base/String.h" +#include <string> #include "Swiften/TLS/Certificate.h" namespace Swift { @@ -14,43 +14,43 @@ namespace Swift { public: typedef boost::shared_ptr<SimpleCertificate> ref; - void setSubjectName(const String& name) { + void setSubjectName(const std::string& name) { subjectName = name; } - String getSubjectName() const { + std::string getSubjectName() const { return subjectName; } - std::vector<String> getCommonNames() const { + std::vector<std::string> getCommonNames() const { return commonNames; } - void addCommonName(const String& name) { + void addCommonName(const std::string& name) { commonNames.push_back(name); } - void addSRVName(const String& name) { + void addSRVName(const std::string& name) { srvNames.push_back(name); } - void addDNSName(const String& name) { + void addDNSName(const std::string& name) { dnsNames.push_back(name); } - void addXMPPAddress(const String& addr) { + void addXMPPAddress(const std::string& addr) { xmppAddresses.push_back(addr); } - std::vector<String> getSRVNames() const { + std::vector<std::string> getSRVNames() const { return srvNames; } - std::vector<String> getDNSNames() const { + std::vector<std::string> getDNSNames() const { return dnsNames; } - std::vector<String> getXMPPAddresses() const { + std::vector<std::string> getXMPPAddresses() const { return xmppAddresses; } @@ -66,11 +66,11 @@ namespace Swift { void parse(); private: - String subjectName; + std::string subjectName; ByteArray der; - std::vector<String> commonNames; - std::vector<String> dnsNames; - std::vector<String> xmppAddresses; - std::vector<String> srvNames; + std::vector<std::string> commonNames; + std::vector<std::string> dnsNames; + std::vector<std::string> xmppAddresses; + std::vector<std::string> srvNames; }; } diff --git a/Swiften/TLS/UnitTest/CertificateTest.cpp b/Swiften/TLS/UnitTest/CertificateTest.cpp index b5e69c3..216aaae 100644 --- a/Swiften/TLS/UnitTest/CertificateTest.cpp +++ b/Swiften/TLS/UnitTest/CertificateTest.cpp @@ -25,7 +25,7 @@ class CertificateTest : public CppUnit::TestFixture { SimpleCertificate::ref testling = boost::make_shared<SimpleCertificate>(); testling->setDER(ByteArray("abcdefg")); - CPPUNIT_ASSERT_EQUAL(String("2f:b5:e1:34:19:fc:89:24:68:65:e7:a3:24:f4:76:ec:62:4e:87:40"), testling->getSHA1Fingerprint()); + CPPUNIT_ASSERT_EQUAL(std::string("2f:b5:e1:34:19:fc:89:24:68:65:e7:a3:24:f4:76:ec:62:4e:87:40"), testling->getSHA1Fingerprint()); } }; |