Commit graph

21 commits

Author SHA1 Message Date
Andras Timar
0002fdfd6c fix license headers
Change-Id: I8623770b32d278a45357dc7f757fabfadd2b4af7
2020-10-01 11:56:43 +02:00
Michael Meeks
cd98388653 Avoid contention on RSA Digest engine.
Change-Id: If9068371c7ab18083d432f8bc582d85c2f85e80e
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/101081
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-08-20 18:11:12 +02:00
Mike Kaganski
571ef16df8 Implement fake oldvalue/modulus/exponent and X-WOPI-ProofOld
... since these are required in proof-key element as per [MS-WOPI].

Change-Id: Ie770271ee911e3f7822375c00a83c6a32cd5f2fc
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88743
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Tested-by: Jenkins
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-07-28 14:46:02 +02:00
Damian
f160ccf80d tdf#134041: reset engine before next digest computation
Change-Id: I68ef078f6f885bebaf29b37d5fd704a9c70c826a
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/96899
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
2020-06-23 12:32:19 +02:00
Michael Meeks
82fec145eb RequestDetails - move into a single class & simplify flow.
Change-Id: Ic9148350e04fca7876ec1b5985b467524c6894e1
2020-05-12 15:29:07 +01:00
Andras Timar
25bc0a1088 Proof: add loolwsd-generate-proof-key helper script
Change-Id: Ibbd99b6431b1a2992c520d3fad5f52d0770905f6
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92788
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
2020-04-23 19:36:06 +02:00
Andras Timar
b0645a647c Proof: SSH private key format matters
On openSUSE Leap 15.1 the ssh-keygen binary produced a private key
that caused Poco to throw an exception. Apparently Poco expects
the private key in PEM format. Apparently on most distros this is
the default format, but not on openSUSE Leap 15.1 where we need
to specify it explicitely.

Change-Id: Id142735b13887a1347895f121400ed6d5aecc1f4
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92736
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
2020-04-22 23:52:21 +02:00
Miklos Vajna
4992de990d Proof: improve logging
Tell if the key loading happened due to a Poco vs std exception.

If we show the response headers, show the request headers as well.

Change-Id: Idb32e8c4d9cc5565647b99d6ddae27cd2faba46f
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92518
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2020-04-20 09:22:59 +02:00
Michael Meeks
668007544b Proof: generate our own key, and verify our own signatures.
Change-Id: If805c89a3b6618d6e34e7421b20077c4f0a48cb3
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91940
Tested-by: Michael Meeks <michael.meeks@collabora.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-04-08 23:20:55 +02:00
Michael Meeks
f4f7b08d44 Proof: implement CAPI blob test.
Change-Id: Ifa4ddc3c5fa375606eedd932af029e4b30a740de
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91936
Tested-by: Michael Meeks <michael.meeks@collabora.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-04-08 22:19:51 +02:00
Michael Meeks
a2b9fc474a Proof: re-factor - publicise some internals to make testing easier.
Also add dummy, run-every-build test to validate wopi like proofs.

Change-Id: Ic2dc647a8d61693ae87b6523aaa30632979fd5d6
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91854
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-04-08 10:58:49 +02:00
Mike Kaganski
6eda59123a Proof key: make sure public exponent is exactly 4 bytes
It seems that Poco returns 3-byte public exponent (0x010001) as
3-element vector, and MS CAPI blob must include 4-byte exponent

In Poco code (Crypto/src/RSAKeyImpl.cpp), its convertToByteVec
uses OpenSSL's BN_bn2bin, which returns big-endian byte order
(see OpenSSL's crypto/bn/bn_lib.c). That is returned from Poco's
RSAKey::modulus() and RSAKey::*Exponent() unchanged, so treat
them accordingly.

Change-Id: I37f5fb9a310d42c7f346429c39611b25dd5bba2f
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88989
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
2020-02-19 10:19:55 +01:00
Mike Kaganski
99f0480460 Proof: URI must be absolute and converted to uppercase
Also access token is already passes decoded to GetProofHeaders,
so don't decode it second time.

Change-Id: I7c4404462a9dd9f53e4e82684b1fcae1aeecee73
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88736
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
2020-02-18 17:30:19 +01:00
Mike Kaganski
25a1d35467 Read proof key from source directory in debug builds
Change-Id: I3de5ec1d6993fdba8430f40c6c93327e90a151c2
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88672
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
2020-02-18 16:29:54 +01:00
Mike Kaganski
2504c88c43 Don't use Poco buffer when creating a proof
I need this to better control the byte order of values in the proof

Change-Id: I8a21c20af4cc3157c893d870f73cc2afa7910ff4
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88076
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Mike Kaganski <mike.kaganski@collabora.com>
2020-02-06 20:21:31 +01:00
Mike Kaganski
aaa9443eae Only warn on absent proof RSA key, don't log error
This reimplements commit bfb16d8831

Change-Id: I834a45ba4fcb939093b179f316176df790926c4e
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88096
Reviewed-by: Andras Timar <andras.timar@collabora.com>
Tested-by: Andras Timar <andras.timar@collabora.com>
2020-02-06 16:05:40 +01:00
Mike Kaganski
bfb16d8831 Turn some errors to warnings, and drop unneeded stderr output
Change-Id: I63de580480f983e8179546fae6217641fa370135
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88088
Reviewed-by: Andras Timar <andras.timar@collabora.com>
Tested-by: Andras Timar <andras.timar@collabora.com>
2020-02-06 12:36:55 +01:00
Mike Kaganski
0c0510cccf Implement proper proof-key value attribute
Change-Id: I3f2ad960ce6d3dad4d0b064492355b5643f345c8
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/87148
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-01-21 19:28:32 +01:00
Michael Meeks
5d5fb42715 Typo fix.
Change-Id: I4698a00a8646366bcf30aabd997c31996a58d0e0
2019-12-14 16:19:48 +00:00
Mike Kaganski
c39645bed5 Fix comparison of integer expressions of different signedness
Change-Id: Idcbaf83cb5f953cb725e5b84c27bc00b2fc267d6
Reviewed-on: https://gerrit.libreoffice.org/83475
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Mike Kaganski <mike.kaganski@collabora.com>
2019-11-22 13:03:38 +01:00
Mike Kaganski
a986aabeb1 Initial implementation of proof-key
Change-Id: I7ab79218ca2af268dd4573cb64c6353dc71b5f03
Reviewed-on: https://gerrit.libreoffice.org/82232
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Mike Kaganski <mike.kaganski@collabora.com>
2019-11-21 12:56:53 +01:00