gloox 1.0

tlsopensslserver.cpp

00001 /*
00002   Copyright (c) 2009 by Jakob Schroeter <js@camaya.net>
00003   This file is part of the gloox library. http://camaya.net/gloox
00004 
00005   This software is distributed under a license. The full license
00006   agreement can be found in the file LICENSE in this distribution.
00007   This software may not be copied, modified, sold or distributed
00008   other than expressed in the named license agreement.
00009 
00010   This software is distributed without any warranty.
00011 */
00012 
00013 
00014 
00015 #include "tlsopensslserver.h"
00016 
00017 #ifdef HAVE_OPENSSL
00018 
00019 #ifndef __SYMBIAN32__
00020 
00021 #ifndef HEADER_DH_H
00022 #include <openssl/dh.h>
00023 #endif
00024 
00025 namespace gloox
00026 {
00027 
00028   OpenSSLServer::OpenSSLServer( TLSHandler* th )
00029     : OpenSSLBase( th )
00030   {
00031   }
00032 
00033   OpenSSLServer::~OpenSSLServer()
00034   {
00035   }
00036 
00037   bool OpenSSLServer::setType()
00038   {
00039     m_ctx = SSL_CTX_new( SSLv23_server_method() );
00040     if( !m_ctx )
00041       return false;
00042 
00043     return true;
00044   }
00045 
00046   int OpenSSLServer::handshakeFunction()
00047   {
00048     return SSL_accept( m_ssl );
00049   }
00050 
00051   DH* getDH512()
00052   {
00053     static unsigned char dh512_p[] =
00054     {
00055       0xF5,0x2A,0xFF,0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,
00056       0x84,0xA7,0x0A,0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,
00057       0x7A,0xCA,0x95,0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,
00058       0x02,0x46,0xD3,0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,
00059       0xBD,0x89,0x4B,0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,
00060       0xE9,0x2A,0x05,0x5F,
00061     };
00062     static unsigned char dh512_g[] =
00063     {
00064       0x02,
00065     };
00066     DH* dh = DH_new();
00067 
00068     if( !dh )
00069       return 0;
00070 
00071     dh->p = BN_bin2bn( dh512_p, sizeof( dh512_p ), 0 );
00072     dh->g = BN_bin2bn( dh512_g, sizeof( dh512_g ), 0 );
00073     if( ( dh->p == 0 ) || ( dh->g == 0 ) )
00074     {
00075       DH_free( dh );
00076       return 0;
00077     }
00078 
00079     return dh;
00080   }
00081   DH* getDH1024()
00082   {
00083     static unsigned char dh1024_p[]={
00084       0xF4,0x88,0xFD,0x58,0x4E,0x49,0xDB,0xCD,0x20,0xB4,0x9D,0xE4,
00085       0x91,0x07,0x36,0x6B,0x33,0x6C,0x38,0x0D,0x45,0x1D,0x0F,0x7C,
00086       0x88,0xB3,0x1C,0x7C,0x5B,0x2D,0x8E,0xF6,0xF3,0xC9,0x23,0xC0,
00087       0x43,0xF0,0xA5,0x5B,0x18,0x8D,0x8E,0xBB,0x55,0x8C,0xB8,0x5D,
00088       0x38,0xD3,0x34,0xFD,0x7C,0x17,0x57,0x43,0xA3,0x1D,0x18,0x6C,
00089       0xDE,0x33,0x21,0x2C,0xB5,0x2A,0xFF,0x3C,0xE1,0xB1,0x29,0x40,
00090       0x18,0x11,0x8D,0x7C,0x84,0xA7,0x0A,0x72,0xD6,0x86,0xC4,0x03,
00091       0x19,0xC8,0x07,0x29,0x7A,0xCA,0x95,0x0C,0xD9,0x96,0x9F,0xAB,
00092       0xD0,0x0A,0x50,0x9B,0x02,0x46,0xD3,0x08,0x3D,0x66,0xA4,0x5D,
00093       0x41,0x9F,0x9C,0x7C,0xBD,0x89,0x4B,0x22,0x19,0x26,0xBA,0xAB,
00094       0xA2,0x5E,0xC3,0x55,0xE9,0x2F,0x78,0xC7,
00095     };
00096     static unsigned char dh1024_g[]={
00097       0x02,
00098     };
00099     DH* dh = DH_new();
00100 
00101     if( !dh )
00102       return 0;
00103 
00104     dh->p = BN_bin2bn( dh1024_p, sizeof( dh1024_p ), 0 );
00105     dh->g = BN_bin2bn( dh1024_g, sizeof( dh1024_g ), 0 );
00106     if( ( dh->p == 0 ) || ( dh->g == 0 ) )
00107     {
00108       DH_free( dh );
00109       return 0;
00110     }
00111 
00112     return dh;
00113   }
00114   DH* getDH2048()
00115   {
00116     static unsigned char dh2048_p[]={
00117       0xF6,0x42,0x57,0xB7,0x08,0x7F,0x08,0x17,0x72,0xA2,0xBA,0xD6,
00118       0xA9,0x42,0xF3,0x05,0xE8,0xF9,0x53,0x11,0x39,0x4F,0xB6,0xF1,
00119       0x6E,0xB9,0x4B,0x38,0x20,0xDA,0x01,0xA7,0x56,0xA3,0x14,0xE9,
00120       0x8F,0x40,0x55,0xF3,0xD0,0x07,0xC6,0xCB,0x43,0xA9,0x94,0xAD,
00121       0xF7,0x4C,0x64,0x86,0x49,0xF8,0x0C,0x83,0xBD,0x65,0xE9,0x17,
00122       0xD4,0xA1,0xD3,0x50,0xF8,0xF5,0x59,0x5F,0xDC,0x76,0x52,0x4F,
00123       0x3D,0x3D,0x8D,0xDB,0xCE,0x99,0xE1,0x57,0x92,0x59,0xCD,0xFD,
00124       0xB8,0xAE,0x74,0x4F,0xC5,0xFC,0x76,0xBC,0x83,0xC5,0x47,0x30,
00125       0x61,0xCE,0x7C,0xC9,0x66,0xFF,0x15,0xF9,0xBB,0xFD,0x91,0x5E,
00126       0xC7,0x01,0xAA,0xD3,0x5B,0x9E,0x8D,0xA0,0xA5,0x72,0x3A,0xD4,
00127       0x1A,0xF0,0xBF,0x46,0x00,0x58,0x2B,0xE5,0xF4,0x88,0xFD,0x58,
00128       0x4E,0x49,0xDB,0xCD,0x20,0xB4,0x9D,0xE4,0x91,0x07,0x36,0x6B,
00129       0x33,0x6C,0x38,0x0D,0x45,0x1D,0x0F,0x7C,0x88,0xB3,0x1C,0x7C,
00130       0x5B,0x2D,0x8E,0xF6,0xF3,0xC9,0x23,0xC0,0x43,0xF0,0xA5,0x5B,
00131       0x18,0x8D,0x8E,0xBB,0x55,0x8C,0xB8,0x5D,0x38,0xD3,0x34,0xFD,
00132       0x7C,0x17,0x57,0x43,0xA3,0x1D,0x18,0x6C,0xDE,0x33,0x21,0x2C,
00133       0xB5,0x2A,0xFF,0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,
00134       0x84,0xA7,0x0A,0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,
00135       0x7A,0xCA,0x95,0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,
00136       0x02,0x46,0xD3,0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,
00137       0xBD,0x89,0x4B,0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,
00138       0xE9,0x32,0x0B,0x3B,
00139     };
00140     static unsigned char dh2048_g[]={
00141       0x02,
00142     };
00143     DH* dh = DH_new();
00144 
00145     if( !dh )
00146       return 0;
00147 
00148     dh->p = BN_bin2bn( dh2048_p, sizeof( dh2048_p ), 0 );
00149     dh->g = BN_bin2bn( dh2048_g, sizeof( dh2048_g ), 0 );
00150     if( ( dh->p == 0 ) || ( dh->g == 0 ) )
00151     {
00152       DH_free( dh );
00153       return 0;
00154     }
00155 
00156     return dh;
00157   }
00158 
00159   DH* getDH4096()
00160   {
00161     static unsigned char dh4096_p[]={
00162       0xFA,0x14,0x72,0x52,0xC1,0x4D,0xE1,0x5A,0x49,0xD4,0xEF,0x09,
00163       0x2D,0xC0,0xA8,0xFD,0x55,0xAB,0xD7,0xD9,0x37,0x04,0x28,0x09,
00164       0xE2,0xE9,0x3E,0x77,0xE2,0xA1,0x7A,0x18,0xDD,0x46,0xA3,0x43,
00165       0x37,0x23,0x90,0x97,0xF3,0x0E,0xC9,0x03,0x50,0x7D,0x65,0xCF,
00166       0x78,0x62,0xA6,0x3A,0x62,0x22,0x83,0xA1,0x2F,0xFE,0x79,0xBA,
00167       0x35,0xFF,0x59,0xD8,0x1D,0x61,0xDD,0x1E,0x21,0x13,0x17,0xFE,
00168       0xCD,0x38,0x87,0x9E,0xF5,0x4F,0x79,0x10,0x61,0x8D,0xD4,0x22,
00169       0xF3,0x5A,0xED,0x5D,0xEA,0x21,0xE9,0x33,0x6B,0x48,0x12,0x0A,
00170       0x20,0x77,0xD4,0x25,0x60,0x61,0xDE,0xF6,0xB4,0x4F,0x1C,0x63,
00171       0x40,0x8B,0x3A,0x21,0x93,0x8B,0x79,0x53,0x51,0x2C,0xCA,0xB3,
00172       0x7B,0x29,0x56,0xA8,0xC7,0xF8,0xF4,0x7B,0x08,0x5E,0xA6,0xDC,
00173       0xA2,0x45,0x12,0x56,0xDD,0x41,0x92,0xF2,0xDD,0x5B,0x8F,0x23,
00174       0xF0,0xF3,0xEF,0xE4,0x3B,0x0A,0x44,0xDD,0xED,0x96,0x84,0xF1,
00175       0xA8,0x32,0x46,0xA3,0xDB,0x4A,0xBE,0x3D,0x45,0xBA,0x4E,0xF8,
00176       0x03,0xE5,0xDD,0x6B,0x59,0x0D,0x84,0x1E,0xCA,0x16,0x5A,0x8C,
00177       0xC8,0xDF,0x7C,0x54,0x44,0xC4,0x27,0xA7,0x3B,0x2A,0x97,0xCE,
00178       0xA3,0x7D,0x26,0x9C,0xAD,0xF4,0xC2,0xAC,0x37,0x4B,0xC3,0xAD,
00179       0x68,0x84,0x7F,0x99,0xA6,0x17,0xEF,0x6B,0x46,0x3A,0x7A,0x36,
00180       0x7A,0x11,0x43,0x92,0xAD,0xE9,0x9C,0xFB,0x44,0x6C,0x3D,0x82,
00181       0x49,0xCC,0x5C,0x6A,0x52,0x42,0xF8,0x42,0xFB,0x44,0xF9,0x39,
00182       0x73,0xFB,0x60,0x79,0x3B,0xC2,0x9E,0x0B,0xDC,0xD4,0xA6,0x67,
00183       0xF7,0x66,0x3F,0xFC,0x42,0x3B,0x1B,0xDB,0x4F,0x66,0xDC,0xA5,
00184       0x8F,0x66,0xF9,0xEA,0xC1,0xED,0x31,0xFB,0x48,0xA1,0x82,0x7D,
00185       0xF8,0xE0,0xCC,0xB1,0xC7,0x03,0xE4,0xF8,0xB3,0xFE,0xB7,0xA3,
00186       0x13,0x73,0xA6,0x7B,0xC1,0x0E,0x39,0xC7,0x94,0x48,0x26,0x00,
00187       0x85,0x79,0xFC,0x6F,0x7A,0xAF,0xC5,0x52,0x35,0x75,0xD7,0x75,
00188       0xA4,0x40,0xFA,0x14,0x74,0x61,0x16,0xF2,0xEB,0x67,0x11,0x6F,
00189       0x04,0x43,0x3D,0x11,0x14,0x4C,0xA7,0x94,0x2A,0x39,0xA1,0xC9,
00190       0x90,0xCF,0x83,0xC6,0xFF,0x02,0x8F,0xA3,0x2A,0xAC,0x26,0xDF,
00191       0x0B,0x8B,0xBE,0x64,0x4A,0xF1,0xA1,0xDC,0xEE,0xBA,0xC8,0x03,
00192       0x82,0xF6,0x62,0x2C,0x5D,0xB6,0xBB,0x13,0x19,0x6E,0x86,0xC5,
00193       0x5B,0x2B,0x5E,0x3A,0xF3,0xB3,0x28,0x6B,0x70,0x71,0x3A,0x8E,
00194       0xFF,0x5C,0x15,0xE6,0x02,0xA4,0xCE,0xED,0x59,0x56,0xCC,0x15,
00195       0x51,0x07,0x79,0x1A,0x0F,0x25,0x26,0x27,0x30,0xA9,0x15,0xB2,
00196       0xC8,0xD4,0x5C,0xCC,0x30,0xE8,0x1B,0xD8,0xD5,0x0F,0x19,0xA8,
00197       0x80,0xA4,0xC7,0x01,0xAA,0x8B,0xBA,0x53,0xBB,0x47,0xC2,0x1F,
00198       0x6B,0x54,0xB0,0x17,0x60,0xED,0x79,0x21,0x95,0xB6,0x05,0x84,
00199       0x37,0xC8,0x03,0xA4,0xDD,0xD1,0x06,0x69,0x8F,0x4C,0x39,0xE0,
00200       0xC8,0x5D,0x83,0x1D,0xBE,0x6A,0x9A,0x99,0xF3,0x9F,0x0B,0x45,
00201       0x29,0xD4,0xCB,0x29,0x66,0xEE,0x1E,0x7E,0x3D,0xD7,0x13,0x4E,
00202       0xDB,0x90,0x90,0x58,0xCB,0x5E,0x9B,0xCD,0x2E,0x2B,0x0F,0xA9,
00203       0x4E,0x78,0xAC,0x05,0x11,0x7F,0xE3,0x9E,0x27,0xD4,0x99,0xE1,
00204       0xB9,0xBD,0x78,0xE1,0x84,0x41,0xA0,0xDF,
00205     };
00206     static unsigned char dh4096_g[]={
00207       0x02,
00208     };
00209     DH* dh = DH_new();
00210 
00211     if( !dh )
00212       return 0;
00213 
00214     dh->p = BN_bin2bn( dh4096_p, sizeof( dh4096_p ), 0 );
00215     dh->g = BN_bin2bn( dh4096_g, sizeof( dh4096_g ), 0 );
00216     if( ( dh->p == 0 ) || ( dh->g == 0 ) )
00217     {
00218       DH_free( dh );
00219       return 0;
00220     }
00221 
00222     return dh;
00223   }
00224 
00225   DH* tmp_dh_callback( SSL* /*s*/, int is_export, int keylength )
00226   {
00227     switch( keylength )
00228     {
00229       case 512:
00230         return getDH512();
00231         break;
00232       case 1024:
00233         return getDH1024();
00234         break;
00235       case 2048:
00236         return getDH2048();
00237         break;
00238       case 4096:
00239         return getDH4096();
00240         break;
00241       default:
00242         // unsupported DH param length requested
00243         return 0;
00244         break;
00245     }
00246   }
00247 
00248   RSA* tmp_rsa_callback( SSL* /*s*/, int is_export, int keylength )
00249   {
00250     return RSA_generate_key( keylength, RSA_F4, 0, 0 );
00251   }
00252 
00253   bool OpenSSLServer::privateInit()
00254   {
00255     SSL_CTX_set_tmp_rsa_callback( m_ctx, tmp_rsa_callback );
00256     SSL_CTX_set_tmp_dh_callback( m_ctx, tmp_dh_callback );
00257     SSL_CTX_set_tmp_ecdh( m_ctx, EC_KEY_new_by_curve_name( NID_sect163r2 ) );
00258     SSL_CTX_set_options( m_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE );
00259     return true;
00260   }
00261 
00262 }
00263 
00264 #endif // __SYMBIAN32__
00265 
00266 #endif // HAVE_OPENSSL