gloox  1.0.20
tlsopensslserver.cpp
1 /*
2  Copyright (c) 2009-2017 by Jakob Schröter <js@camaya.net>
3  This file is part of the gloox library. http://camaya.net/gloox
4 
5  This software is distributed under a license. The full license
6  agreement can be found in the file LICENSE in this distribution.
7  This software may not be copied, modified, sold or distributed
8  other than expressed in the named license agreement.
9 
10  This software is distributed without any warranty.
11 */
12 
13 
14 
15 #include "tlsopensslserver.h"
16 
17 #ifdef HAVE_OPENSSL
18 
19 #ifndef __SYMBIAN32__
20 
21 #ifndef HEADER_DH_H
22 #include <openssl/dh.h>
23 #endif
24 
25 namespace gloox
26 {
27 
28  OpenSSLServer::OpenSSLServer( TLSHandler* th )
29  : OpenSSLBase( th )
30  {
31  }
32 
33  OpenSSLServer::~OpenSSLServer()
34  {
35  }
36 
37  bool OpenSSLServer::setType()
38  {
39  m_ctx = SSL_CTX_new( SSLv23_server_method() );
40  if( !m_ctx )
41  return false;
42 
43  SSL_CTX_set_options( m_ctx, SSL_OP_NO_SSLv3 );
44 
45  return true;
46  }
47 
48  int OpenSSLServer::handshakeFunction()
49  {
50  return SSL_accept( m_ssl );
51  }
52 
53 #if defined OPENSSL_VERSION_NUMBER && ( OPENSSL_VERSION_NUMBER < 0x10100000 )
54  int DH_set0_pqg( DH* dh, BIGNUM* p, BIGNUM* q, BIGNUM* g )
55  {
56  /* If the fields p and g in d are NULL, the corresponding input
57  * parameters MUST be non-NULL. q may remain NULL.
58  */
59  if( ( dh->p == 0 && p == 0 ) || ( dh->g == 0 && g == 0 ) )
60  return 0;
61 
62  if( p != 0 )
63  {
64  BN_free( dh->p );
65  dh->p = p;
66  }
67 
68  if( q != 0 )
69  {
70  BN_free( dh->q );
71  dh->q = q;
72  }
73 
74  if( g != 0 )
75  {
76  BN_free( dh->g );
77  dh->g = g;
78  }
79 
80  if( q != 0 )
81  {
82  dh->length = BN_num_bits( q );
83  }
84 
85  return 1;
86  }
87 #endif // OPENSSL_VERSION_NUMBER < 0x10100000
88 
89  DH* getDH512()
90  {
91  static unsigned char dh512_p[] =
92  {
93  0xF5,0x2A,0xFF,0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,
94  0x84,0xA7,0x0A,0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,
95  0x7A,0xCA,0x95,0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,
96  0x02,0x46,0xD3,0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,
97  0xBD,0x89,0x4B,0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,
98  0xE9,0x2A,0x05,0x5F,
99  };
100  static unsigned char dh512_g[] =
101  {
102  0x02,
103  };
104  DH* dh = DH_new();
105 
106  if( !dh )
107  return 0;
108 
109  int ret = DH_set0_pqg( dh, BN_bin2bn( dh512_p, sizeof( dh512_p ), 0 ), 0,
110  BN_bin2bn( dh512_g, sizeof( dh512_g ), 0 ) );
111  if( !ret )
112  {
113  DH_free( dh );
114  return 0;
115  }
116 
117  return dh;
118  }
119  DH* getDH1024()
120  {
121  static unsigned char dh1024_p[]={
122  0xF4,0x88,0xFD,0x58,0x4E,0x49,0xDB,0xCD,0x20,0xB4,0x9D,0xE4,
123  0x91,0x07,0x36,0x6B,0x33,0x6C,0x38,0x0D,0x45,0x1D,0x0F,0x7C,
124  0x88,0xB3,0x1C,0x7C,0x5B,0x2D,0x8E,0xF6,0xF3,0xC9,0x23,0xC0,
125  0x43,0xF0,0xA5,0x5B,0x18,0x8D,0x8E,0xBB,0x55,0x8C,0xB8,0x5D,
126  0x38,0xD3,0x34,0xFD,0x7C,0x17,0x57,0x43,0xA3,0x1D,0x18,0x6C,
127  0xDE,0x33,0x21,0x2C,0xB5,0x2A,0xFF,0x3C,0xE1,0xB1,0x29,0x40,
128  0x18,0x11,0x8D,0x7C,0x84,0xA7,0x0A,0x72,0xD6,0x86,0xC4,0x03,
129  0x19,0xC8,0x07,0x29,0x7A,0xCA,0x95,0x0C,0xD9,0x96,0x9F,0xAB,
130  0xD0,0x0A,0x50,0x9B,0x02,0x46,0xD3,0x08,0x3D,0x66,0xA4,0x5D,
131  0x41,0x9F,0x9C,0x7C,0xBD,0x89,0x4B,0x22,0x19,0x26,0xBA,0xAB,
132  0xA2,0x5E,0xC3,0x55,0xE9,0x2F,0x78,0xC7,
133  };
134  static unsigned char dh1024_g[]={
135  0x02,
136  };
137  DH* dh = DH_new();
138 
139  if( !dh )
140  return 0;
141 
142  int ret = DH_set0_pqg( dh, BN_bin2bn( dh1024_p, sizeof( dh1024_p ), 0 ), 0,
143  BN_bin2bn( dh1024_g, sizeof( dh1024_g ), 0 ) );
144  if( !ret )
145  {
146  DH_free( dh );
147  return 0;
148  }
149 
150  return dh;
151  }
152  DH* getDH2048()
153  {
154  static unsigned char dh2048_p[]={
155  0xF6,0x42,0x57,0xB7,0x08,0x7F,0x08,0x17,0x72,0xA2,0xBA,0xD6,
156  0xA9,0x42,0xF3,0x05,0xE8,0xF9,0x53,0x11,0x39,0x4F,0xB6,0xF1,
157  0x6E,0xB9,0x4B,0x38,0x20,0xDA,0x01,0xA7,0x56,0xA3,0x14,0xE9,
158  0x8F,0x40,0x55,0xF3,0xD0,0x07,0xC6,0xCB,0x43,0xA9,0x94,0xAD,
159  0xF7,0x4C,0x64,0x86,0x49,0xF8,0x0C,0x83,0xBD,0x65,0xE9,0x17,
160  0xD4,0xA1,0xD3,0x50,0xF8,0xF5,0x59,0x5F,0xDC,0x76,0x52,0x4F,
161  0x3D,0x3D,0x8D,0xDB,0xCE,0x99,0xE1,0x57,0x92,0x59,0xCD,0xFD,
162  0xB8,0xAE,0x74,0x4F,0xC5,0xFC,0x76,0xBC,0x83,0xC5,0x47,0x30,
163  0x61,0xCE,0x7C,0xC9,0x66,0xFF,0x15,0xF9,0xBB,0xFD,0x91,0x5E,
164  0xC7,0x01,0xAA,0xD3,0x5B,0x9E,0x8D,0xA0,0xA5,0x72,0x3A,0xD4,
165  0x1A,0xF0,0xBF,0x46,0x00,0x58,0x2B,0xE5,0xF4,0x88,0xFD,0x58,
166  0x4E,0x49,0xDB,0xCD,0x20,0xB4,0x9D,0xE4,0x91,0x07,0x36,0x6B,
167  0x33,0x6C,0x38,0x0D,0x45,0x1D,0x0F,0x7C,0x88,0xB3,0x1C,0x7C,
168  0x5B,0x2D,0x8E,0xF6,0xF3,0xC9,0x23,0xC0,0x43,0xF0,0xA5,0x5B,
169  0x18,0x8D,0x8E,0xBB,0x55,0x8C,0xB8,0x5D,0x38,0xD3,0x34,0xFD,
170  0x7C,0x17,0x57,0x43,0xA3,0x1D,0x18,0x6C,0xDE,0x33,0x21,0x2C,
171  0xB5,0x2A,0xFF,0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,
172  0x84,0xA7,0x0A,0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,
173  0x7A,0xCA,0x95,0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,
174  0x02,0x46,0xD3,0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,
175  0xBD,0x89,0x4B,0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,
176  0xE9,0x32,0x0B,0x3B,
177  };
178  static unsigned char dh2048_g[]={
179  0x02,
180  };
181  DH* dh = DH_new();
182 
183  if( !dh )
184  return 0;
185 
186  int ret = DH_set0_pqg( dh, BN_bin2bn( dh2048_p, sizeof( dh2048_p ), 0 ), 0,
187  BN_bin2bn( dh2048_g, sizeof( dh2048_g ), 0 ) );
188  if( !ret )
189  {
190  DH_free( dh );
191  return 0;
192  }
193 
194  return dh;
195  }
196 
197  DH* getDH4096()
198  {
199  static unsigned char dh4096_p[]={
200  0xFA,0x14,0x72,0x52,0xC1,0x4D,0xE1,0x5A,0x49,0xD4,0xEF,0x09,
201  0x2D,0xC0,0xA8,0xFD,0x55,0xAB,0xD7,0xD9,0x37,0x04,0x28,0x09,
202  0xE2,0xE9,0x3E,0x77,0xE2,0xA1,0x7A,0x18,0xDD,0x46,0xA3,0x43,
203  0x37,0x23,0x90,0x97,0xF3,0x0E,0xC9,0x03,0x50,0x7D,0x65,0xCF,
204  0x78,0x62,0xA6,0x3A,0x62,0x22,0x83,0xA1,0x2F,0xFE,0x79,0xBA,
205  0x35,0xFF,0x59,0xD8,0x1D,0x61,0xDD,0x1E,0x21,0x13,0x17,0xFE,
206  0xCD,0x38,0x87,0x9E,0xF5,0x4F,0x79,0x10,0x61,0x8D,0xD4,0x22,
207  0xF3,0x5A,0xED,0x5D,0xEA,0x21,0xE9,0x33,0x6B,0x48,0x12,0x0A,
208  0x20,0x77,0xD4,0x25,0x60,0x61,0xDE,0xF6,0xB4,0x4F,0x1C,0x63,
209  0x40,0x8B,0x3A,0x21,0x93,0x8B,0x79,0x53,0x51,0x2C,0xCA,0xB3,
210  0x7B,0x29,0x56,0xA8,0xC7,0xF8,0xF4,0x7B,0x08,0x5E,0xA6,0xDC,
211  0xA2,0x45,0x12,0x56,0xDD,0x41,0x92,0xF2,0xDD,0x5B,0x8F,0x23,
212  0xF0,0xF3,0xEF,0xE4,0x3B,0x0A,0x44,0xDD,0xED,0x96,0x84,0xF1,
213  0xA8,0x32,0x46,0xA3,0xDB,0x4A,0xBE,0x3D,0x45,0xBA,0x4E,0xF8,
214  0x03,0xE5,0xDD,0x6B,0x59,0x0D,0x84,0x1E,0xCA,0x16,0x5A,0x8C,
215  0xC8,0xDF,0x7C,0x54,0x44,0xC4,0x27,0xA7,0x3B,0x2A,0x97,0xCE,
216  0xA3,0x7D,0x26,0x9C,0xAD,0xF4,0xC2,0xAC,0x37,0x4B,0xC3,0xAD,
217  0x68,0x84,0x7F,0x99,0xA6,0x17,0xEF,0x6B,0x46,0x3A,0x7A,0x36,
218  0x7A,0x11,0x43,0x92,0xAD,0xE9,0x9C,0xFB,0x44,0x6C,0x3D,0x82,
219  0x49,0xCC,0x5C,0x6A,0x52,0x42,0xF8,0x42,0xFB,0x44,0xF9,0x39,
220  0x73,0xFB,0x60,0x79,0x3B,0xC2,0x9E,0x0B,0xDC,0xD4,0xA6,0x67,
221  0xF7,0x66,0x3F,0xFC,0x42,0x3B,0x1B,0xDB,0x4F,0x66,0xDC,0xA5,
222  0x8F,0x66,0xF9,0xEA,0xC1,0xED,0x31,0xFB,0x48,0xA1,0x82,0x7D,
223  0xF8,0xE0,0xCC,0xB1,0xC7,0x03,0xE4,0xF8,0xB3,0xFE,0xB7,0xA3,
224  0x13,0x73,0xA6,0x7B,0xC1,0x0E,0x39,0xC7,0x94,0x48,0x26,0x00,
225  0x85,0x79,0xFC,0x6F,0x7A,0xAF,0xC5,0x52,0x35,0x75,0xD7,0x75,
226  0xA4,0x40,0xFA,0x14,0x74,0x61,0x16,0xF2,0xEB,0x67,0x11,0x6F,
227  0x04,0x43,0x3D,0x11,0x14,0x4C,0xA7,0x94,0x2A,0x39,0xA1,0xC9,
228  0x90,0xCF,0x83,0xC6,0xFF,0x02,0x8F,0xA3,0x2A,0xAC,0x26,0xDF,
229  0x0B,0x8B,0xBE,0x64,0x4A,0xF1,0xA1,0xDC,0xEE,0xBA,0xC8,0x03,
230  0x82,0xF6,0x62,0x2C,0x5D,0xB6,0xBB,0x13,0x19,0x6E,0x86,0xC5,
231  0x5B,0x2B,0x5E,0x3A,0xF3,0xB3,0x28,0x6B,0x70,0x71,0x3A,0x8E,
232  0xFF,0x5C,0x15,0xE6,0x02,0xA4,0xCE,0xED,0x59,0x56,0xCC,0x15,
233  0x51,0x07,0x79,0x1A,0x0F,0x25,0x26,0x27,0x30,0xA9,0x15,0xB2,
234  0xC8,0xD4,0x5C,0xCC,0x30,0xE8,0x1B,0xD8,0xD5,0x0F,0x19,0xA8,
235  0x80,0xA4,0xC7,0x01,0xAA,0x8B,0xBA,0x53,0xBB,0x47,0xC2,0x1F,
236  0x6B,0x54,0xB0,0x17,0x60,0xED,0x79,0x21,0x95,0xB6,0x05,0x84,
237  0x37,0xC8,0x03,0xA4,0xDD,0xD1,0x06,0x69,0x8F,0x4C,0x39,0xE0,
238  0xC8,0x5D,0x83,0x1D,0xBE,0x6A,0x9A,0x99,0xF3,0x9F,0x0B,0x45,
239  0x29,0xD4,0xCB,0x29,0x66,0xEE,0x1E,0x7E,0x3D,0xD7,0x13,0x4E,
240  0xDB,0x90,0x90,0x58,0xCB,0x5E,0x9B,0xCD,0x2E,0x2B,0x0F,0xA9,
241  0x4E,0x78,0xAC,0x05,0x11,0x7F,0xE3,0x9E,0x27,0xD4,0x99,0xE1,
242  0xB9,0xBD,0x78,0xE1,0x84,0x41,0xA0,0xDF,
243  };
244  static unsigned char dh4096_g[]={
245  0x02,
246  };
247  DH* dh = DH_new();
248 
249  if( !dh )
250  return 0;
251 
252  int ret = DH_set0_pqg( dh, BN_bin2bn( dh4096_p, sizeof( dh4096_p ), 0 ), 0,
253  BN_bin2bn( dh4096_g, sizeof( dh4096_g ), 0 ) );
254  if( !ret )
255  {
256  DH_free( dh );
257  return 0;
258  }
259 
260  return dh;
261  }
262 
263  DH* tmp_dh_callback( SSL* /*s*/, int is_export, int keylength )
264  {
265  switch( keylength )
266  {
267  case 512:
268  return getDH512();
269  break;
270  case 1024:
271  return getDH1024();
272  break;
273  case 2048:
274  return getDH2048();
275  break;
276  case 4096:
277  return getDH4096();
278  break;
279  default:
280  // unsupported DH param length requested
281  return 0;
282  break;
283  }
284  }
285 
286  RSA* tmp_rsa_callback( SSL* /*s*/, int is_export, int keylength )
287  {
288  return RSA_generate_key( keylength, RSA_F4, 0, 0 );
289  }
290 
291  bool OpenSSLServer::privateInit()
292  {
293  SSL_CTX_set_tmp_rsa_callback( m_ctx, tmp_rsa_callback );
294  SSL_CTX_set_tmp_dh_callback( m_ctx, tmp_dh_callback );
295  SSL_CTX_set_options( m_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE );
296  return true;
297  }
298 
299 }
300 
301 #endif // __SYMBIAN32__
302 
303 #endif // HAVE_OPENSSL
gloox::OpenSSLServer::OpenSSLServer
OpenSSLServer(TLSHandler *th)
Definition: tlsopensslserver.cpp:28
gloox
The namespace for the gloox library.
Definition: adhoc.cpp:27
gloox::TLSHandler
An interface that allows for interacting with TLS implementations derived from TLSBase.
Definition: tlshandler.h:34
Generated on Sun Feb 26 2017 22:50:07 for gloox by   doxygen 1.8.13