added JWT library

CMakeLists.txt

@@ -119,7 +119,7 @@ if(ENABLE_DATA_POSTGRESQL)
 else()
     find_package(PostgreSQL)
 endif()
- 
+
 if(PostgreSQL_FOUND)
     option(ENABLE_DATA "Enable SQL" ON)
     option(ENABLE_DATA_POSTGRESQL "Enable SQL PosgreSQL" ON)
@@ -154,6 +154,7 @@ option(ENABLE_PDF "Enable PDF" OFF)
 option(ENABLE_UTIL "Enable Util" ON)
 option(ENABLE_NET "Enable Net" ON)
 option(ENABLE_NETSSL_WIN "Enable NetSSL Windows" OFF)
+option(ENABLE_JWT "Enable JWT" OFF)
 option(ENABLE_SEVENZIP "Enable SevenZip" OFF)
 option(ENABLE_ZIP "Enable Zip" ON)
 option(ENABLE_CPPPARSER "Enable C++ parser" OFF)
@@ -227,7 +228,7 @@ endif()
 
 if(ENABLE_PAGECOMPILER)
     set(ENABLE_NET ON CACHE BOOL "Enable Net" FORCE)
-    set(ENABLE_UTIL ON CACHE BOOL "Enable Util" FORCE)    
+    set(ENABLE_UTIL ON CACHE BOOL "Enable Util" FORCE)
 endif()
 
 if(ENABLE_MONGODB OR ENABLE_REDIS)
@@ -269,6 +270,11 @@ if(ENABLE_NET AND ENABLE_TESTS)
     set(ENABLE_UTIL ON CACHE BOOL "Enable Util" FORCE)
 endif()
 
+if(ENABLE_JWT)
+	set(ENABLE_CRYPTO ON CACHE BOOL "Enable Crypto" FORCE)
+    set(ENABLE_JSON ON CACHE BOOL "Enable JSON" FORCE)
+endif()
+
 if(ENABLE_PDF)
     set(ENABLE_UTIL ON CACHE BOOL "Enable Util" FORCE)
     set(ENABLE_XML ON CACHE BOOL "Enable XML" FORCE)
@@ -282,7 +288,7 @@ endif()
 
 if(ENABLE_SEVENZIP OR ENABLE_ZIP)
     set(ENABLE_UTIL ON CACHE BOOL "Enable Util" FORCE)
-    set(ENABLE_XML ON CACHE BOOL "Enable XML" FORCE)    
+    set(ENABLE_XML ON CACHE BOOL "Enable XML" FORCE)
 endif()
 
 if(ENABLE_UTIL AND ENABLE_TESTS)
@@ -316,6 +322,11 @@ if(ENABLE_NET)
     list(APPEND Poco_COMPONENTS "Net")
 endif()
 
+if(EXISTS ${PROJECT_SOURCE_DIR}/JWT AND ENABLE_JWT)
+    add_subdirectory(JWT)
+    list(APPEND Poco_COMPONENTS "JWT")
+endif()
+
 if(EXISTS ${PROJECT_SOURCE_DIR}/MongoDB AND ENABLE_MONGODB)
     add_subdirectory(MongoDB)
     list(APPEND Poco_COMPONENTS "MongoDB")
@@ -366,7 +377,7 @@ if(EXISTS ${PROJECT_SOURCE_DIR}/Zip AND ENABLE_ZIP)
     list(APPEND Poco_COMPONENTS "Zip")
 endif()
 
-if(APRUTIL_FOUND AND APACHE_FOUND AND 
+if(APRUTIL_FOUND AND APACHE_FOUND AND
     EXISTS ${PROJECT_SOURCE_DIR}/ApacheConnector AND ENABLE_APACHECONNECTOR)
     add_subdirectory(ApacheConnector)
     list(APPEND Poco_COMPONENTS "ApacheConnector")
@@ -447,7 +458,7 @@ if(POCO_UNBUNDLED)
             DESTINATION "${PocoConfigPackageLocation}")
     install(FILES cmake/V39/FindEXPAT.cmake
             DESTINATION "${PocoConfigPackageLocation}/V39")
-    install(FILES cmake/V313/FindSQLite3.cmake 
+    install(FILES cmake/V313/FindSQLite3.cmake
             DESTINATION "${PocoConfigPackageLocation}/V313")
 endif()
 

Crypto/include/Poco/Crypto/ECDSADigestEngine.h

@@ -40,7 +40,7 @@ class Crypto_API ECDSADigestEngine: public Poco::DigestEngine
 	/// signed. Then, the hash value is encrypted, using
 	/// the ECDSA private key.
 	///
-	/// To verify a signature, pass it to the verify() 
+	/// To verify a signature, pass it to the verify()
 	/// member function. It will decrypt the signature
 	/// using the ECDSA public key and compare the resulting
 	/// hash with the actual hash of the data.
@@ -64,11 +64,11 @@ class Crypto_API ECDSADigestEngine: public Poco::DigestEngine
 	void reset();
 		/// Resets the engine so that a new
 		/// digest can be computed.
-		
+
 	const DigestEngine::Digest& digest();
-		/// Finishes the computation of the digest 
+		/// Finishes the computation of the digest
 		/// (the first time it's called) and
-		/// returns the message digest. 
+		/// returns the message digest.
 		///
 		/// Can be called multiple times.
 
@@ -95,6 +95,35 @@ class Crypto_API ECDSADigestEngine: public Poco::DigestEngine
 };
 
 
+class Crypto_API ECDSASignature
+	/// A helper class for dealing with ECDSA signatures.
+{
+public:
+	typedef std::vector<unsigned char> ByteVec;
+
+	explicit ECDSASignature(const ByteVec& derSignature);
+		/// Creates the ECDSASignature from a DER-encoded signature.
+
+	ECDSASignature(const ByteVec& rawR, const ByteVec& rawS);
+		/// Creates the ECDSASignature from raw r and s values.
+
+	~ECDSASignature();
+		/// Destroys the ECDSASignature.
+
+	ByteVec toDER() const;
+		/// Returns a buffer containing the DER-encoded signature.
+
+	ByteVec rawR() const;
+		/// Returns a raw P value.
+
+	ByteVec rawS() const;
+		/// Returns a raw Q value.
+
+private:
+	ECDSA_SIG* _pSig;
+};
+
+
 } } // namespace Poco::Crypto
 
 

Crypto/src/ECDSADigestEngine.cpp

@@ -14,13 +14,19 @@
 
 
 #include "Poco/Crypto/ECDSADigestEngine.h"
+#include "Poco/Crypto/CryptoException.h"
 #include <openssl/ecdsa.h>
 
 
 namespace Poco {
 namespace Crypto {
 
 
+//
+// ECDSADigestEngine
+//
+
+
 ECDSADigestEngine::ECDSADigestEngine(const ECKey& key, const std::string &name):
 	_key(key),
 	_engine(name)
@@ -46,7 +52,7 @@ void ECDSADigestEngine::reset()
 	_signature.clear();
 }
 
-	
+
 const DigestEngine::Digest& ECDSADigestEngine::digest()
 {
 	if (_digest.empty())
@@ -97,4 +103,104 @@ void ECDSADigestEngine::updateImpl(const void* data, std::size_t length)
 }
 
 
+//
+// ECDSASignature
+//
+
+
+ECDSASignature::ECDSASignature(const ByteVec& derSignature)
+{
+	poco_assert (!derSignature.empty());
+
+	const unsigned char* p = &derSignature[0];
+	_pSig = d2i_ECDSA_SIG(0, &p, derSignature.size());
+	if (!_pSig)
+		throw OpenSSLException();
+}
+
+
+ECDSASignature::ECDSASignature(const ByteVec& rawR, const ByteVec& rawS):
+	_pSig(ECDSA_SIG_new())
+{
+	poco_assert (!rawR.empty() && !rawS.empty());
+
+	if (!_pSig) throw CryptoException("cannot allocate ECDSA signature");
+
+	try
+	{
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+		ECDSA_SIG_set0(_pSig,
+			BN_bin2bn(&rawR[0], rawR.size(), 0),
+			BN_bin2bn(&rawS[0], rawS.size(), 0));
+		if (ECDSA_SIG_get0_r(_pSig) == 0 || ECDSA_SIG_get0_s(_pSig) == 0)
+			throw CryptoException("failed to decode R and S values");
+#else
+		if (!BN_bin2bn(&rawR[0], rawR.size(), _pSig->r))
+			 throw OpenSSLException();
+		if (!BN_bin2bn(&rawS[0], rawS.size(), _pSig->s))
+			 throw OpenSSLException();
+#endif
+	}
+	catch (...)
+	{
+		ECDSA_SIG_free(_pSig);
+		throw;
+	}
+}
+
+
+ECDSASignature::~ECDSASignature()
+{
+	ECDSA_SIG_free(_pSig);
+}
+
+
+ECDSASignature::ByteVec ECDSASignature::toDER() const
+{
+	int size = i2d_ECDSA_SIG(_pSig, 0);
+	if (size > 0)
+	{
+		ByteVec buffer(size);
+		unsigned char* p = &buffer[0];
+		i2d_ECDSA_SIG(_pSig, &p);
+		return buffer;
+	}
+	else throw OpenSSLException();
+}
+
+
+ECDSASignature::ByteVec ECDSASignature::rawR() const
+{
+	ByteVec buffer;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	const BIGNUM* pR = ECDSA_SIG_get0_r(_pSig);
+#else
+	const BIGNUM* pR = _pSig->r;
+#endif
+	if (pR)
+	{
+		buffer.resize(BN_num_bytes(pR));
+		BN_bn2bin(pR, &buffer[0]);
+	}
+	return buffer;
+}
+
+
+ECDSASignature::ByteVec ECDSASignature::rawS() const
+{
+	ByteVec buffer;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	const BIGNUM* pS = ECDSA_SIG_get0_s(_pSig);
+#else
+	const BIGNUM* pS = _pSig->s;
+#endif
+	if (pS)
+	{
+		buffer.resize(BN_num_bytes(pS));
+		BN_bn2bin(pS, &buffer[0]);
+	}
+	return buffer;
+}
+
+
 } } // namespace Poco::Crypto

JWT/CMakeLists.txt

@@ -0,0 +1,37 @@
+# Sources
+file(GLOB SRCS_G "src/*.cpp")
+POCO_SOURCES_AUTO( SRCS ${SRCS_G})
+
+# Headers
+file(GLOB_RECURSE HDRS_G "include/*.h" )
+POCO_HEADERS_AUTO( SRCS ${HDRS_G})
+
+# Version Resource
+if(MSVC AND NOT POCO_STATIC)
+    source_group("Resources" FILES ${CMAKE_SOURCE_DIR}/DLLVersion.rc)
+    list(APPEND SRCS ${CMAKE_SOURCE_DIR}/DLLVersion.rc)
+endif()
+
+add_library(JWT ${SRCS} )
+add_library(Poco::JWT ALIAS JWT)
+set_target_properties( JWT
+    PROPERTIES
+    VERSION ${SHARED_LIBRARY_VERSION} SOVERSION ${SHARED_LIBRARY_VERSION}
+	OUTPUT_NAME PocoJWT
+    DEFINE_SYMBOL JWT_EXPORTS
+    )
+
+target_link_libraries(JWT PUBLIC Poco::JSON Poco::Crypto)
+target_include_directories(JWT
+    PUBLIC
+        $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>
+        $<INSTALL_INTERFACE:include>
+    PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/src
+    )
+
+POCO_INSTALL(JWT)
+POCO_GENERATE_PACKAGE(JWT)
+
+if (ENABLE_TESTS)
+    add_subdirectory(testsuite)
+endif ()

JWT/Makefile

@@ -0,0 +1,15 @@
+#
+# Makefile
+#
+# Makefile for Poco JWT
+#
+
+include $(POCO_BASE)/build/rules/global
+
+objects = Token Signer Serializer JWTException
+
+target         = PocoJWT
+target_version = $(LIBVERSION)
+target_libs    = PocoCrypto PocoJSON PocoFoundation
+
+include $(POCO_BASE)/build/rules/lib

JWT/cmake/PocoJWTConfig.cmake

@@ -0,0 +1,5 @@
+include(CMakeFindDependencyMacro)
+find_dependency(PocoFoundation)
+find_dependency(PocoJSON)
+find_dependency(PocoCrypto)
+include("${CMAKE_CURRENT_LIST_DIR}/PocoJWTTargets.cmake")

JWT/include/Poco/JWT/JWT.h

@@ -0,0 +1,62 @@
+//
+// JWT.h
+//
+// Library: JWT
+// Package: JWT
+// Module:  JWT
+//
+// Basic definitions for the Poco JWT library.
+// This file must be the first file included by every other JWT
+// header file.
+//
+// Copyright (c) 2019, Applied Informatics Software Engineering GmbH.
+// and Contributors.
+//
+// SPDX-License-Identifier:	BSL-1.0
+//
+
+
+#ifndef JWT_JWT_INCLUDED
+#define JWT_JWT_INCLUDED
+
+
+#include "Poco/Foundation.h"
+
+
+//
+// The following block is the standard way of creating macros which make exporting
+// from a DLL simpler. All files within this DLL are compiled with the JWT_EXPORTS
+// symbol defined on the command line. this symbol should not be defined on any project
+// that uses this DLL. This way any other project whose source files include this file see
+// JWT_API functions as being imported from a DLL, whereas this DLL sees symbols
+// defined with this macro as being exported.
+//
+#if defined(_WIN32) && defined(POCO_DLL)
+	#if defined(JWT_EXPORTS)
+		#define JWT_API __declspec(dllexport)
+	#else
+		#define JWT_API __declspec(dllimport)
+	#endif
+#endif
+
+
+#if !defined(JWT_API)
+	#if !defined(POCO_NO_GCC_API_ATTRIBUTE) && defined (__GNUC__) && (__GNUC__ >= 4)
+		#define JWT_API __attribute__ ((visibility ("default")))
+	#else
+		#define JWT_API
+	#endif
+#endif
+
+
+//
+// Automatically link JWT library.
+//
+#if defined(_MSC_VER)
+	#if !defined(POCO_NO_AUTOMATIC_LIBS) && !defined(JWT_EXPORTS)
+		#pragma comment(lib, "PocoJWT" POCO_LIB_SUFFIX)
+	#endif
+#endif
+
+
+#endif // JWT_JWT_INCLUDED