diff options
author | Sara Golemon <sara.golemon@mongodb.com> | 2020-01-13 20:38:27 +0000 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2020-02-04 19:03:40 +0000 |
commit | 3ca76fd569c94de72c4daf6eef27fbf9bf51233b (patch) | |
tree | df08c2e3416475ea70867eb64673ce210ffef150 /src/mongo/crypto/sha_block.h | |
parent | d3262e58c914fd0b5689069c7e8950c508cf1b4a (diff) | |
download | mongo-3ca76fd569c94de72c4daf6eef27fbf9bf51233b.tar.gz |
SERVER-44435 Allow selective whitelisting of X509 based role authorizations
(cherry picked from commit b99fbe5f80f4368e1916e1bfbf3d195276ace5c7)
create mode 100644 jstests/libs/client_roles.pem
create mode 100644 jstests/ssl/tlsCATrusts.js
create mode 100644 jstests/ssl/x509/root-and-trusted-ca.pem
create mode 100644 jstests/ssl/x509/trusted-client-testdb-roles.pem
create mode 100644 src/mongo/db/auth/auth_types.idl
create mode 100644 src/mongo/util/net/ssl_parameters.cpp
create mode 100644 src/mongo/util/net/ssl_parameters.idl
Diffstat (limited to 'src/mongo/crypto/sha_block.h')
-rw-r--r-- | src/mongo/crypto/sha_block.h | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/src/mongo/crypto/sha_block.h b/src/mongo/crypto/sha_block.h index 2860fe7fb1d..267d71cb163 100644 --- a/src/mongo/crypto/sha_block.h +++ b/src/mongo/crypto/sha_block.h @@ -40,7 +40,9 @@ #include "mongo/base/status_with.h" #include "mongo/bson/bsonmisc.h" #include "mongo/bson/bsonobjbuilder.h" +#include "mongo/bson/util/builder.h" #include "mongo/util/base64.h" +#include "mongo/util/hex.h" #include "mongo/util/secure_compare_memory.h" namespace mongo { @@ -77,6 +79,20 @@ public: return SHABlock(newHash); } + static StatusWith<SHABlock> fromHexStringNoThrow(StringData hex) { + if (!isValidHex(hex)) { + return {ErrorCodes::BadValue, "Hash input is not a hex string"}; + } + + BufBuilder buf; + mongo::fromHexString(hex, &buf); + return fromBuffer(reinterpret_cast<const uint8_t*>(buf.buf()), buf.len()); + } + + static SHABlock fromHexString(StringData hex) { + return uassertStatusOK(fromHexStringNoThrow(hex)); + } + /** * Computes a hash of 'input' from multiple contigous buffers. */ @@ -187,6 +203,13 @@ public: return base64::encode(reinterpret_cast<const char*>(_hash.data()), _hash.size()); } + /** + * Hex encoded hash block. + */ + std::string toHexString() const { + return toHex(_hash.data(), _hash.size()); + } + bool operator==(const SHABlock& other) const { return consttimeMemEqual(this->_hash.data(), other._hash.data(), kHashLength); } @@ -195,6 +218,10 @@ public: return !(*this == other); } + bool operator<(const SHABlock& other) const { + return this->_hash < other._hash; + } + /** * Custom hasher so SHABlocks can be used in unordered data structures. * |