forked from CollaboraOnline/online
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ProofKey.hpp
82 lines (67 loc) · 2.85 KB
/
ProofKey.hpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */
/*
* Copyright the Collabora Online contributors.
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
// WOPI proof management
#pragma once
#include <string>
#include <utility>
#include <vector>
#include <chrono>
#include <memory>
typedef std::vector<std::pair<std::string, std::string>> VecOfStringPairs;
namespace Poco {
namespace Crypto {
class RSAKey;
}
}
class WopiProofTests;
/**
* Global singleton - with one-time loaded key data
* loaded at startup, and then un-modified & shared
* across threads.
*/
class Proof {
friend class WopiProofTests;
void initialize();
enum Type { CreateKey };
Proof(Type);
public:
Proof();
VecOfStringPairs GetProofHeaders(const std::string& access_token, const std::string& uri) const;
const VecOfStringPairs& GetProofKeyAttributes() const { return m_aAttribs; }
private:
static std::string ProofKeyPath();
static std::string BytesToBase64(const std::vector<unsigned char>& bytes);
static std::vector<unsigned char> Base64ToBytes(const std::string &str);
// modulus and exponent are big-endian vectors
static std::vector<unsigned char> RSA2CapiBlob(const std::vector<unsigned char>& modulus,
const std::vector<unsigned char>& exponent);
// Returns .Net tick (=100ns) count since 0001-01-01 00:00:00 Z
// See https://docs.microsoft.com/en-us/dotnet/api/system.datetime.ticks
static int64_t DotNetTicks(const std::chrono::system_clock::time_point& utc);
// Returns bytes to sign and base64-encode
// See http://www.wictorwilen.se/sharepoint-2013-building-your-own-wopi-client-part-2
static std::vector<unsigned char> GetProof(const std::string& access_token,
const std::string& uri, int64_t ticks);
// Signs bytes and returns base64-encoded string
std::string SignProof(const std::vector<unsigned char>& proof) const;
std::unique_ptr<const Poco::Crypto::RSAKey> m_pKey;
VecOfStringPairs m_aAttribs;
};
// Returns pairs <header_name, header_value> to add to request
// The headers returned are X-WOPI-TimeStamp, X-WOPI-Proof
// If no proof key, returns empty vector
// Both parameters are utf-8-encoded strings
// access_token must not be URI-encoded
VecOfStringPairs GetProofHeaders(const std::string& access_token, const std::string& uri);
// Returns pairs <attribute, value> to set in proof-key element in discovery xml.
// If no proof key, returns empty vector
const VecOfStringPairs& GetProofKeyAttributes();
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */