From 70fec6995207eb8a8b9e253b44590c286772bcf1 Mon Sep 17 00:00:00 2001 From: Jan Steemann Date: Tue, 17 Jun 2014 11:20:46 +0200 Subject: [PATCH 1/2] added crypto.hmac function --- .../frontend/js/bootstrap/module-internal.js | 11 ++++- js/common/bootstrap/module-internal.js | 11 ++++- js/common/modules/org/arangodb/crypto.js | 20 +++------- lib/Rest/SslInterface.cpp | 21 +++++++--- lib/Rest/SslInterface.h | 9 ++++- lib/V8/v8-utils.cpp | 40 +++++++++++++++++++ 6 files changed, 87 insertions(+), 25 deletions(-) diff --git a/js/apps/system/aardvark/frontend/js/bootstrap/module-internal.js b/js/apps/system/aardvark/frontend/js/bootstrap/module-internal.js index d26ef590bc..0fe7b4c916 100644 --- a/js/apps/system/aardvark/frontend/js/bootstrap/module-internal.js +++ b/js/apps/system/aardvark/frontend/js/bootstrap/module-internal.js @@ -10,7 +10,7 @@ SYS_DOWNLOAD, SYS_EXECUTE, SYS_GET_CURRENT_REQUEST, SYS_GET_CURRENT_RESPONSE, SYS_LOAD, SYS_LOG_LEVEL, SYS_MD5, SYS_OUTPUT, SYS_PROCESS_STATISTICS, SYS_RAND, SYS_SERVER_STATISTICS, SYS_SPRINTF, SYS_TIME, SYS_START_PAGER, SYS_STOP_PAGER, - SYS_SHA256, SYS_SLEEP, SYS_WAIT, SYS_PARSE, SYS_IMPORT_CSV_FILE, SYS_IMPORT_JSON_FILE, SYS_LOG, + SYS_HMAC, SYS_SHA256, SYS_SLEEP, SYS_WAIT, SYS_PARSE, SYS_IMPORT_CSV_FILE, SYS_IMPORT_JSON_FILE, SYS_LOG, SYS_GEN_RANDOM_NUMBERS, SYS_GEN_RANDOM_ALPHA_NUMBERS, SYS_GEN_RANDOM_SALT, SYS_CREATE_NONCE, SYS_CHECK_AND_MARK_NONCE, SYS_CLIENT_STATISTICS, SYS_HTTP_STATISTICS, SYS_UNIT_TESTS, SYS_UNIT_TESTS_RESULT:true, SYS_PROCESS_CSV_FILE, SYS_PROCESS_JSON_FILE, ARANGO_QUIET, COLORS, COLOR_OUTPUT, @@ -559,6 +559,15 @@ delete SYS_GEN_RANDOM_SALT; } +//////////////////////////////////////////////////////////////////////////////// +/// @brief sha256 +//////////////////////////////////////////////////////////////////////////////// + + if (typeof SYS_HMAC !== "undefined") { + exports.hmac = SYS_HMAC; + delete SYS_HMAC; + } + //////////////////////////////////////////////////////////////////////////////// /// @brief createNonce //////////////////////////////////////////////////////////////////////////////// diff --git a/js/common/bootstrap/module-internal.js b/js/common/bootstrap/module-internal.js index d26ef590bc..0fe7b4c916 100644 --- a/js/common/bootstrap/module-internal.js +++ b/js/common/bootstrap/module-internal.js @@ -10,7 +10,7 @@ SYS_DOWNLOAD, SYS_EXECUTE, SYS_GET_CURRENT_REQUEST, SYS_GET_CURRENT_RESPONSE, SYS_LOAD, SYS_LOG_LEVEL, SYS_MD5, SYS_OUTPUT, SYS_PROCESS_STATISTICS, SYS_RAND, SYS_SERVER_STATISTICS, SYS_SPRINTF, SYS_TIME, SYS_START_PAGER, SYS_STOP_PAGER, - SYS_SHA256, SYS_SLEEP, SYS_WAIT, SYS_PARSE, SYS_IMPORT_CSV_FILE, SYS_IMPORT_JSON_FILE, SYS_LOG, + SYS_HMAC, SYS_SHA256, SYS_SLEEP, SYS_WAIT, SYS_PARSE, SYS_IMPORT_CSV_FILE, SYS_IMPORT_JSON_FILE, SYS_LOG, SYS_GEN_RANDOM_NUMBERS, SYS_GEN_RANDOM_ALPHA_NUMBERS, SYS_GEN_RANDOM_SALT, SYS_CREATE_NONCE, SYS_CHECK_AND_MARK_NONCE, SYS_CLIENT_STATISTICS, SYS_HTTP_STATISTICS, SYS_UNIT_TESTS, SYS_UNIT_TESTS_RESULT:true, SYS_PROCESS_CSV_FILE, SYS_PROCESS_JSON_FILE, ARANGO_QUIET, COLORS, COLOR_OUTPUT, @@ -559,6 +559,15 @@ delete SYS_GEN_RANDOM_SALT; } +//////////////////////////////////////////////////////////////////////////////// +/// @brief sha256 +//////////////////////////////////////////////////////////////////////////////// + + if (typeof SYS_HMAC !== "undefined") { + exports.hmac = SYS_HMAC; + delete SYS_HMAC; + } + //////////////////////////////////////////////////////////////////////////////// /// @brief createNonce //////////////////////////////////////////////////////////////////////////////// diff --git a/js/common/modules/org/arangodb/crypto.js b/js/common/modules/org/arangodb/crypto.js index 7c50e6985f..e9695aab1a 100644 --- a/js/common/modules/org/arangodb/crypto.js +++ b/js/common/modules/org/arangodb/crypto.js @@ -38,11 +38,6 @@ var internal = require("internal"); // --SECTION-- public methods // ----------------------------------------------------------------------------- -//////////////////////////////////////////////////////////////////////////////// -/// @addtogroup Random -/// @{ -//////////////////////////////////////////////////////////////////////////////// - //////////////////////////////////////////////////////////////////////////////// /// @brief generate a random number /// @@ -54,10 +49,6 @@ exports.rand = function (value) { return internal.rand(); }; -//////////////////////////////////////////////////////////////////////////////// -/// @} -//////////////////////////////////////////////////////////////////////////////// - // ----------------------------------------------------------------------------- // --SECTION-- HASHES // ----------------------------------------------------------------------------- @@ -67,10 +58,13 @@ exports.rand = function (value) { // ----------------------------------------------------------------------------- //////////////////////////////////////////////////////////////////////////////// -/// @addtogroup Hashes -/// @{ +/// @brief apply an SHA 256 hash //////////////////////////////////////////////////////////////////////////////// +exports.hmac = function (key, message, algorithm) { + return internal.hmac(key, message, algorithm); +}; + //////////////////////////////////////////////////////////////////////////////// /// @brief apply an MD5 hash //////////////////////////////////////////////////////////////////////////////// @@ -127,10 +121,6 @@ exports.checkAndMarkNonce = function (value) { return internal.checkAndMarkNonce(value); }; -//////////////////////////////////////////////////////////////////////////////// -/// @} -//////////////////////////////////////////////////////////////////////////////// - // ----------------------------------------------------------------------------- // --SECTION-- END-OF-FILE // ----------------------------------------------------------------------------- diff --git a/lib/Rest/SslInterface.cpp b/lib/Rest/SslInterface.cpp index fa0a4153e1..4f5e46ded1 100644 --- a/lib/Rest/SslInterface.cpp +++ b/lib/Rest/SslInterface.cpp @@ -182,12 +182,21 @@ namespace triagens { } - string sslHMAC (char const* key, char const* message, size_t messageLen) { - const EVP_MD * evp_md = EVP_sha256(); + string sslHMAC (char const* key, size_t keyLength, char const* message, size_t messageLen, Algorithm algorithm) { + EVP_MD* evp_md = nullptr; + + if (algorithm == Algorithm::ALGORITHM_SHA1) { + evp_md = const_cast(EVP_sha1()); + } + else { + // default + evp_md = const_cast(EVP_sha256()); + } + unsigned char* md = (unsigned char*) TRI_SystemAllocate(EVP_MAX_MD_SIZE + 1, false); unsigned int md_len; - HMAC(evp_md, key, (int) strlen(key), (const unsigned char*) message, messageLen, md, &md_len); + HMAC(evp_md, key, (int) keyLength, (const unsigned char*) message, messageLen, md, &md_len); string result = StringUtils::encodeBase64(string((char*)md, md_len)); TRI_SystemFree(md); @@ -197,15 +206,15 @@ namespace triagens { - bool verifyHMAC (char const* challenge, char const* secret, size_t secretLen, char const* response, size_t responseLen) { + bool verifyHMAC (char const* challenge, size_t challengeLength, char const* secret, size_t secretLen, char const* response, size_t responseLen, Algorithm algorithm) { // challenge = key // secret, secretLen = message // result must == BASE64(response, responseLen) - string s = sslHMAC(challenge, secret, secretLen); + string s = sslHMAC(challenge, challengeLength, secret, secretLen, algorithm); if (s.length() == responseLen && s.compare( string(response, responseLen) ) == 0) { - return true; + return true; } return false; diff --git a/lib/Rest/SslInterface.h b/lib/Rest/SslInterface.h index 78d62ba84e..6b6d2cf41f 100644 --- a/lib/Rest/SslInterface.h +++ b/lib/Rest/SslInterface.h @@ -34,6 +34,11 @@ namespace triagens { namespace rest { namespace SslInterface { + enum Algorithm { + ALGORITHM_SHA256 = 0, + ALGORITHM_SHA1 = 1 + }; + ////////////////////////////////////////////////////////////////////////// /// @brief md5 hash ////////////////////////////////////////////////////////////////////////// @@ -116,13 +121,13 @@ namespace triagens { /// @brief HMAC with sha265 hashing and base64 encoding ////////////////////////////////////////////////////////////////////////// - string sslHMAC (char const* key, char const* message, size_t messageLen); + string sslHMAC (char const* key, size_t keyLength, char const* message, size_t messageLen, Algorithm algorithm); ////////////////////////////////////////////////////////////////////////// /// @brief HMAC ////////////////////////////////////////////////////////////////////////// - bool verifyHMAC (char const* challenge, char const* secret, size_t secretLen, char const* response, size_t responseLen); + bool verifyHMAC (char const* challenge, size_t challengeLength, char const* secret, size_t secretLen, char const* response, size_t responseLen, Algorithm algorithm); ////////////////////////////////////////////////////////////////////////// /// @brief generate a random number using OpenSsl diff --git a/lib/V8/v8-utils.cpp b/lib/V8/v8-utils.cpp index 376b44d312..9ff482f3df 100644 --- a/lib/V8/v8-utils.cpp +++ b/lib/V8/v8-utils.cpp @@ -2515,6 +2515,45 @@ static v8::Handle JS_ClientStatistics (v8::Arguments const& argv) { return scope.Close(result); } +//////////////////////////////////////////////////////////////////////////////// +/// @brief computes the HMAC signature +/// +/// @FUN{internal.HMAC(@FA{key}, @FA{message}, @FA{algorithm})} +/// +/// Computes the HMAC for the @FA{message}. +//////////////////////////////////////////////////////////////////////////////// + +static v8::Handle JS_HMAC (v8::Arguments const& argv) { + v8::HandleScope scope; + + // extract arguments + if (argv.Length() < 2 || ! argv[0]->IsString() || ! argv[1]->IsString()) { + TRI_V8_EXCEPTION_USAGE(scope, "HMAC(, , )"); + } + + string key = TRI_ObjectToString(argv[0]); + string message = TRI_ObjectToString(argv[1]); + + SslInterface::Algorithm al = SslInterface::Algorithm::ALGORITHM_SHA256; + if (argv.Length() > 2 && ! argv[2]->IsUndefined()) { + string algorithm = TRI_ObjectToString(argv[2]); + StringUtils::tolowerInPlace(&algorithm); + + if (algorithm == "sha1") { + al = SslInterface::Algorithm::ALGORITHM_SHA1; + } + else if (algorithm == "sha256") { + al = SslInterface::Algorithm::ALGORITHM_SHA256; + } + else { + TRI_V8_EXCEPTION_PARAMETER(scope, "invalid value for "); + } + } + + string result = SslInterface::sslHMAC(key.c_str(), key.size(), message.c_str(), message.size(), al); + return scope.Close(v8::String::New(result.c_str(), (int) result.size())); +} + //////////////////////////////////////////////////////////////////////////////// /// @brief returns the current http statistics //////////////////////////////////////////////////////////////////////////////// @@ -3313,6 +3352,7 @@ void TRI_InitV8Utils (v8::Handle context, TRI_AddGlobalFunctionVocbase(context, "SYS_GEN_RANDOM_NUMBERS", JS_RandomNumbers); TRI_AddGlobalFunctionVocbase(context, "SYS_GEN_RANDOM_SALT", JS_RandomSalt); TRI_AddGlobalFunctionVocbase(context, "SYS_GETLINE", JS_Getline); + TRI_AddGlobalFunctionVocbase(context, "SYS_HMAC", JS_HMAC); TRI_AddGlobalFunctionVocbase(context, "SYS_HTTP_STATISTICS", JS_HttpStatistics); TRI_AddGlobalFunctionVocbase(context, "SYS_KILL_EXTERNAL", JS_KillExternal); TRI_AddGlobalFunctionVocbase(context, "SYS_LOAD", JS_Load); From 8082941e94a056f530aac56bcf088f8500936a62 Mon Sep 17 00:00:00 2001 From: Thomas Schmidts Date: Tue, 17 Jun 2014 11:21:15 +0200 Subject: [PATCH 2/2] Added Upgrading to gitbook --- Documentation/Books/Users/Installing/README.mdpp | 3 +++ Documentation/Books/Users/SUMMARY.md | 2 ++ .../Users/localtheme/templates/includes/book/summary.html | 3 +++ Documentation/Books/codeBlockReader.py | 8 +++----- 4 files changed, 11 insertions(+), 5 deletions(-) diff --git a/Documentation/Books/Users/Installing/README.mdpp b/Documentation/Books/Users/Installing/README.mdpp index eee0d32c6f..34eeae3873 100644 --- a/Documentation/Books/Users/Installing/README.mdpp +++ b/Documentation/Books/Users/Installing/README.mdpp @@ -7,3 +7,6 @@ You can find packages for various operation systems at our [download](http://www If you don't want to install ArangoDB at the beginning and just want to experiment with the features, you can use our [online demo](https://www.arangodb.org/tryitout). +In this Chapter you will also learn how to Compile ArangoDB from scratch. + +You also get help if you want to update your ArangoDB Version to the newest one! \ No newline at end of file diff --git a/Documentation/Books/Users/SUMMARY.md b/Documentation/Books/Users/SUMMARY.md index b6db35e7e4..75aee80d43 100644 --- a/Documentation/Books/Users/SUMMARY.md +++ b/Documentation/Books/Users/SUMMARY.md @@ -5,6 +5,8 @@ * [Mac OS X](Installing/MacOSX.md) * [Windows](Installing/Windows.md) * [Compiling](Installing/Compiling.md) + * [Upgrading in general](Installing/Upgrading.md) + * [Set up Cluster](Installing/Cluster.md) * [First Steps](FirstSteps/README.md) * [Getting Familiar](FirstSteps/GettingFamiliar.md) diff --git a/Documentation/Books/Users/localtheme/templates/includes/book/summary.html b/Documentation/Books/Users/localtheme/templates/includes/book/summary.html index 0e28246b0d..e2005047f3 100644 --- a/Documentation/Books/Users/localtheme/templates/includes/book/summary.html +++ b/Documentation/Books/Users/localtheme/templates/includes/book/summary.html @@ -28,6 +28,9 @@
  • Have any questions?
  • +
  • + Whats New in this Version? +
  • {% endif %} {% if _divider %}
  • diff --git a/Documentation/Books/codeBlockReader.py b/Documentation/Books/codeBlockReader.py index ad7ad39709..90d93964ea 100644 --- a/Documentation/Books/codeBlockReader.py +++ b/Documentation/Books/codeBlockReader.py @@ -60,8 +60,7 @@ def fetch_comments(dirpath): if ("@startDocuBlock" in _text) or \ ("@endDocuBlock" in _text): fh.write("\n\n" % _text) - elif ("@EXAMPLE_ARANGOSH_OUTPUT" in _text or \ - "@EXAMPLE_ARANGOSH_RUN" in _text): + elif ("@EXAMPLE_ARANGOSH_OUTPUT" in _text): shouldIgnoreLine = True _filename = re.search("{(.*)}", _text).group(1) dirpath = os.path.abspath(os.path.join(os.path.dirname( __file__ ), os.pardir, "Examples", _filename + ".generated")) @@ -71,8 +70,7 @@ def fetch_comments(dirpath): print "Could not find code for " + _filename else: fh.write("%s\n" % _text) - elif ("@END_EXAMPLE_ARANGOSH_OUTPUT" in _text or \ - "@END_EXAMPLE_ARANGOSH_RUN" in _text): + elif ("@END_EXAMPLE_ARANGOSH_OUTPUT" in _text): shouldIgnoreLine = False fh.close() @@ -81,7 +79,7 @@ if __name__ == "__main__": open("allComments.txt", "w").close() path = ["arangod/cluster","arangod/RestHandler","arangod/V8Server", "lib/Admin","lib/HttpServer", - "js/actions","js/client","js/apps","js/common","js/server"] + "js/actions","js/client","js/apps/databases","js/apps/system/cerberus","js/apps/system/gharial","js/common","js/server"] for i in path: dirpath = os.path.abspath(os.path.join(os.path.dirname( __file__ ), os.pardir,"ArangoDB/../../"+i)) fetch_comments(dirpath)