Loweynet
Revision | 2335c90d75fc705460a84d66f6a13bf57115f8ca (tree) |
---|---|
Time | 2018-01-07 16:01:12 |
Author | s_kawamoto <s_kawamoto@user...> |
Commiter | s_kawamoto |
Implement Subject Alternative Names check.
@@ -65,6 +65,9 @@ This list includes changes applied by automatic software updates. | ||
65 | 65 | -- Implemented Server Name Indication. |
66 | 66 | This solves the problem that it cannot connect to some shared servers. |
67 | 67 | |
68 | +-- Changed to check Subject Alternative Names at validation of SSL/TLS | |
69 | + certificates. | |
70 | + | |
68 | 71 | -- Fixed bugs that sometimes it cannot reconnect after transfer failure. |
69 | 72 | |
70 | 73 | -- Fixed bugs that the queue of file transfer is not released on disconnection. |
@@ -35,6 +35,9 @@ Changes in Ver.2.00 | ||
35 | 35 | -- Implemented Server Name Indication. |
36 | 36 | This solves the problem that it cannot connect to some shared servers. |
37 | 37 | |
38 | +-- Changed to check Subject Alternative Names at validation of SSL/TLS | |
39 | + certificates. | |
40 | + | |
38 | 41 | -- Fixed bugs that sometimes it cannot reconnect after transfer failure. |
39 | 42 | |
40 | 43 | -- Fixed bugs that the queue of file transfer is not released on disconnection. |
@@ -61,7 +61,10 @@ Ver 2.00 | ||
61 | 61 | EoOÎôÌìpÉæéEBhEÌ¿ç«ððÁµÜµ½B |
62 | 62 | |
63 | 63 | EServer Name IndicationðÀµÜµ½B |
64 | -@±êÉæèê̤pT[o[ÉڱūȢâèªðÁ³êÜ·B | |
64 | +@±êÉæèê̤pT[o[ÉڱūȢâèªðÁ³êÜ·B | |
65 | + | |
66 | +ESSL/TLSؾÌØÉSubject Alternative NamesðmF·éæ¤É | |
67 | +@ÏXµÜµ½B | |
65 | 68 | |
66 | 69 | E]¸sÉÄÚ±Å«È¢êª éoOðC³µÜµ½B |
67 | 70 |
@@ -31,7 +31,10 @@ FFFTP | ||
31 | 31 | EoOÎôÌìpÉæéEBhEÌ¿ç«ððÁµÜµ½B |
32 | 32 | |
33 | 33 | EServer Name IndicationðÀµÜµ½B |
34 | -@±êÉæèê̤pT[o[ÉڱūȢâèªðÁ³êÜ·B | |
34 | +@±êÉæèê̤pT[o[ÉڱūȢâèªðÁ³êÜ·B | |
35 | + | |
36 | +ESSL/TLSؾÌØÉSubject Alternative NamesðmF·éæ¤É | |
37 | +@ÏXµÜµ½B | |
35 | 38 | |
36 | 39 | E]¸sÉÄÚ±Å«È¢êª éoOðC³µÜµ½B |
37 | 40 |
@@ -81,7 +81,7 @@ | ||
81 | 81 | // ソフトウェア自動更新 |
82 | 82 | // リリースバージョンはリリース予定年(10進数4桁)+月(2桁)+日(2桁)+通し番号(0スタート2桁)とする |
83 | 83 | // 2014年7月31日中の30個目のリリースは2014073129 |
84 | -#define RELEASE_VERSION_NUM 2017110400 /* リリースバージョン */ | |
84 | +#define RELEASE_VERSION_NUM 2018010700 /* リリースバージョン */ | |
85 | 85 | |
86 | 86 | |
87 | 87 | // SourceForge.JPによるフォーク |
@@ -1423,7 +1423,7 @@ void ResetAutoExitFlg(void); | ||
1423 | 1423 | int AskAutoExit(void); |
1424 | 1424 | // 暗号化通信対応 |
1425 | 1425 | BOOL __stdcall SSLTimeoutCallback(BOOL* pbAborted); |
1426 | -BOOL __stdcall SSLConfirmCallback(BOOL* pbAborted, BOOL bVerified, LPCSTR Certificate, LPCSTR CommonName); | |
1426 | +BOOL __stdcall SSLConfirmCallback(BOOL* pbAborted, BOOL bVerified, LPCSTR Certificate); | |
1427 | 1427 | BOOL LoadSSLRootCAFile(); |
1428 | 1428 | // マルチコアCPUの特定環境下でファイル通信中にクラッシュするバグ対策 |
1429 | 1429 | BOOL IsMainThread(); |
@@ -3588,7 +3588,7 @@ BOOL __stdcall SSLTimeoutCallback(BOOL* pbAborted) | ||
3588 | 3588 | return FALSE; |
3589 | 3589 | } |
3590 | 3590 | |
3591 | -BOOL __stdcall SSLConfirmCallback(BOOL* pbAborted, BOOL bVerified, LPCSTR Certificate, LPCSTR CommonName) | |
3591 | +BOOL __stdcall SSLConfirmCallback(BOOL* pbAborted, BOOL bVerified, LPCSTR Certificate) | |
3592 | 3592 | { |
3593 | 3593 | BOOL bResult; |
3594 | 3594 | uint32 Hash[5]; |
@@ -3616,7 +3616,7 @@ BOOL __stdcall SSLConfirmCallback(BOOL* pbAborted, BOOL bVerified, LPCSTR Certif | ||
3616 | 3616 | { |
3617 | 3617 | if(pm1 = AllocateStringM(strlen(Certificate) * 2 + 1024)) |
3618 | 3618 | { |
3619 | - sprintf(pm0, MSGJPN326, IsHostNameMatched(AskHostAdrs(), CommonName) ? MSGJPN327 : MSGJPN328, bVerified ? MSGJPN327 : MSGJPN328, Certificate); | |
3619 | + sprintf(pm0, MSGJPN326, bVerified ? MSGJPN327 : MSGJPN328, Certificate); | |
3620 | 3620 | ReplaceAllStrings(pm1, pm0, "\n", "\r\n"); |
3621 | 3621 | if(DialogBoxParam(GetFtpInst(), MAKEINTRESOURCE(ssl_confirm_dlg), GetMainHwnd(), ExeEscTextDialogProc, (LPARAM)pm1) == YES) |
3622 | 3622 | { |
@@ -324,7 +324,7 @@ | ||
324 | 324 | #define MSGJPN323 _Tu8("Failed to unload untrustworthy DLLs.", "Failed to unload untrustworthy DLLs.") |
325 | 325 | #define MSGJPN324 _Tu8("Failed to hook required functions to protect the process.", "Failed to hook required functions to protect the process.") |
326 | 326 | #define MSGJPN325 _Tu8("New master passwords are not identical.", "New master passwords are not identical.") |
327 | -#define MSGJPN326 _Tu8("Summary\nCN is identical: %s\nVerified successfully: %s\n\nDetailed information\n%s", "Summary\nCN is identical: %s\nVerified successfully: %s\n\nDetailed information\n%s") | |
327 | +#define MSGJPN326 _Tu8("Summary\nVerified successfully: %s\n\nDetailed information\n%s", "Summary\nVerified successfully: %s\n\nDetailed information\n%s") | |
328 | 328 | #define MSGJPN327 _Tu8("Yes", "Yes") |
329 | 329 | #define MSGJPN328 _Tu8("No", "No") |
330 | 330 | #define MSGJPN329 _Tu8("UTF-8 BOM", "UTF-8 BOM") |
@@ -324,7 +324,7 @@ | ||
324 | 324 | #define MSGJPN323 _Tu8("信頼できないDLLをアンロードできませんでした.", "\xE4\xBF\xA1\xE9\xA0\xBC\xE3\x81\xA7\xE3\x81\x8D\xE3\x81\xAA\xE3\x81\x84\x44LL\xE3\x82\x92\xE3\x82\xA2\xE3\x83\xB3\xE3\x83\xAD\xE3\x83\xBC\xE3\x83\x89\xE3\x81\xA7\xE3\x81\x8D\xE3\x81\xBE\xE3\x81\x9B\xE3\x82\x93\xE3\x81\xA7\xE3\x81\x97\xE3\x81\x9F.") |
325 | 325 | #define MSGJPN324 _Tu8("プロセスの保護に必要な関数をフックできませんでした.", "\xE3\x83\x97\xE3\x83\xAD\xE3\x82\xBB\xE3\x82\xB9\xE3\x81\xAE\xE4\xBF\x9D\xE8\xAD\xB7\xE3\x81\xAB\xE5\xBF\x85\xE8\xA6\x81\xE3\x81\xAA\xE9\x96\xA2\xE6\x95\xB0\xE3\x82\x92\xE3\x83\x95\xE3\x83\x83\xE3\x82\xAF\xE3\x81\xA7\xE3\x81\x8D\xE3\x81\xBE\xE3\x81\x9B\xE3\x82\x93\xE3\x81\xA7\xE3\x81\x97\xE3\x81\x9F.") |
326 | 326 | #define MSGJPN325 _Tu8("新しいマスターパスワードが一致しません.", "\xE6\x96\xB0\xE3\x81\x97\xE3\x81\x84\xE3\x83\x9E\xE3\x82\xB9\xE3\x82\xBF\xE3\x83\xBC\xE3\x83\x91\xE3\x82\xB9\xE3\x83\xAF\xE3\x83\xBC\xE3\x83\x89\xE3\x81\x8C\xE4\xB8\x80\xE8\x87\xB4\xE3\x81\x97\xE3\x81\xBE\xE3\x81\x9B\xE3\x82\x93.") |
327 | -#define MSGJPN326 _Tu8("概要\nCNの一致: %s\n検証に成功: %s\n\n詳細情報\n%s", "\xE6\xA6\x82\xE8\xA6\x81\nCN\xE3\x81\xAE\xE4\xB8\x80\xE8\x87\xB4: %s\n\xE6\xA4\x9C\xE8\xA8\xBC\xE3\x81\xAB\xE6\x88\x90\xE5\x8A\x9F: %s\n\n\xE8\xA9\xB3\xE7\xB4\xB0\xE6\x83\x85\xE5\xA0\xB1\n%s") | |
327 | +#define MSGJPN326 _Tu8("概要\n検証に成功: %s\n\n詳細情報\n%s", "\xE6\xA6\x82\xE8\xA6\x81\n\xE6\xA4\x9C\xE8\xA8\xBC\xE3\x81\xAB\xE6\x88\x90\xE5\x8A\x9F: %s\n\n\xE8\xA9\xB3\xE7\xB4\xB0\xE6\x83\x85\xE5\xA0\xB1\n%s") | |
328 | 328 | #define MSGJPN327 _Tu8("はい", "\xE3\x81\xAF\xE3\x81\x84") |
329 | 329 | #define MSGJPN328 _Tu8("いいえ", "\xE3\x81\x84\xE3\x81\x84\xE3\x81\x88") |
330 | 330 | #define MSGJPN329 _Tu8("UTF-8 BOM", "UTF-8 BOM") |
@@ -38,6 +38,7 @@ typedef int (__cdecl* _SSL_write)(SSL*, const void*, int); | ||
38 | 38 | typedef int (__cdecl* _SSL_peek)(SSL*, void*, int); |
39 | 39 | typedef int (__cdecl* _SSL_read)(SSL*, void*, int); |
40 | 40 | typedef int (__cdecl* _SSL_get_error)(SSL*, int); |
41 | +typedef int (__cdecl* _SSL_set1_param)(SSL*, X509_VERIFY_PARAM*); | |
41 | 42 | typedef X509* (__cdecl* _SSL_get_peer_certificate)(const SSL*); |
42 | 43 | typedef long (__cdecl* _SSL_get_verify_result)(const SSL*); |
43 | 44 | typedef SSL_SESSION* (__cdecl* _SSL_get_session)(SSL*); |
@@ -56,6 +57,9 @@ typedef void (__cdecl* _X509_free)(X509*); | ||
56 | 57 | typedef int (__cdecl* _X509_print_ex)(BIO*, X509*, unsigned long, unsigned long); |
57 | 58 | typedef X509_NAME* (__cdecl* _X509_get_subject_name)(X509*); |
58 | 59 | typedef int (__cdecl* _X509_NAME_print_ex)(BIO*, X509_NAME*, int, unsigned long); |
60 | +typedef X509_VERIFY_PARAM* (__cdecl* _X509_VERIFY_PARAM_new)(); | |
61 | +typedef void (__cdecl* _X509_VERIFY_PARAM_free)(X509_VERIFY_PARAM*); | |
62 | +typedef int (__cdecl* _X509_VERIFY_PARAM_set1_host)(X509_VERIFY_PARAM*, const char*, size_t); | |
59 | 63 | typedef void (__cdecl* _X509_CRL_free)(X509_CRL*); |
60 | 64 | typedef EVP_PKEY* (__cdecl* _PEM_read_bio_PrivateKey)(BIO*, EVP_PKEY**, pem_password_cb*, void*); |
61 | 65 | typedef EVP_PKEY* (__cdecl* _PEM_read_bio_PUBKEY)(BIO*, EVP_PKEY**, pem_password_cb*, void*); |
@@ -94,6 +98,7 @@ _SSL_write p_SSL_write; | ||
94 | 98 | _SSL_peek p_SSL_peek; |
95 | 99 | _SSL_read p_SSL_read; |
96 | 100 | _SSL_get_error p_SSL_get_error; |
101 | +_SSL_set1_param p_SSL_set1_param; | |
97 | 102 | _SSL_get_peer_certificate p_SSL_get_peer_certificate; |
98 | 103 | _SSL_get_verify_result p_SSL_get_verify_result; |
99 | 104 | _SSL_get_session p_SSL_get_session; |
@@ -112,6 +117,9 @@ _X509_free p_X509_free; | ||
112 | 117 | _X509_print_ex p_X509_print_ex; |
113 | 118 | _X509_get_subject_name p_X509_get_subject_name; |
114 | 119 | _X509_NAME_print_ex p_X509_NAME_print_ex; |
120 | +_X509_VERIFY_PARAM_new p_X509_VERIFY_PARAM_new; | |
121 | +_X509_VERIFY_PARAM_free p_X509_VERIFY_PARAM_free; | |
122 | +_X509_VERIFY_PARAM_set1_host p_X509_VERIFY_PARAM_set1_host; | |
115 | 123 | _X509_CRL_free p_X509_CRL_free; |
116 | 124 | _PEM_read_bio_PrivateKey p_PEM_read_bio_PrivateKey; |
117 | 125 | _PEM_read_bio_PUBKEY p_PEM_read_bio_PUBKEY; |
@@ -149,7 +157,7 @@ BOOL __stdcall DefaultSSLTimeoutCallback(BOOL* pbAborted) | ||
149 | 157 | return *pbAborted; |
150 | 158 | } |
151 | 159 | |
152 | -BOOL __stdcall DefaultSSLConfirmCallback(BOOL* pbAborted, BOOL bVerified, LPCSTR Certificate, LPCSTR CommonName) | |
160 | +BOOL __stdcall DefaultSSLConfirmCallback(BOOL* pbAborted, BOOL bVerified, LPCSTR Certificate) | |
153 | 161 | { |
154 | 162 | return bVerified; |
155 | 163 | } |
@@ -195,6 +203,7 @@ BOOL LoadOpenSSL() | ||
195 | 203 | || !(p_SSL_peek = (_SSL_peek)GetProcAddress(g_hOpenSSL, "SSL_peek")) |
196 | 204 | || !(p_SSL_read = (_SSL_read)GetProcAddress(g_hOpenSSL, "SSL_read")) |
197 | 205 | || !(p_SSL_get_error = (_SSL_get_error)GetProcAddress(g_hOpenSSL, "SSL_get_error")) |
206 | + || !(p_SSL_set1_param = (_SSL_set1_param)GetProcAddress(g_hOpenSSL, "SSL_set1_param")) | |
198 | 207 | || !(p_SSL_get_peer_certificate = (_SSL_get_peer_certificate)GetProcAddress(g_hOpenSSL, "SSL_get_peer_certificate")) |
199 | 208 | || !(p_SSL_get_verify_result = (_SSL_get_verify_result)GetProcAddress(g_hOpenSSL, "SSL_get_verify_result")) |
200 | 209 | || !(p_SSL_get_session = (_SSL_get_session)GetProcAddress(g_hOpenSSL, "SSL_get_session")) |
@@ -227,6 +236,9 @@ BOOL LoadOpenSSL() | ||
227 | 236 | || !(p_X509_print_ex = (_X509_print_ex)GetProcAddress(g_hOpenSSLCommon, "X509_print_ex")) |
228 | 237 | || !(p_X509_get_subject_name = (_X509_get_subject_name)GetProcAddress(g_hOpenSSLCommon, "X509_get_subject_name")) |
229 | 238 | || !(p_X509_NAME_print_ex = (_X509_NAME_print_ex)GetProcAddress(g_hOpenSSLCommon, "X509_NAME_print_ex")) |
239 | + || !(p_X509_VERIFY_PARAM_new = (_X509_VERIFY_PARAM_new)GetProcAddress(g_hOpenSSLCommon, "X509_VERIFY_PARAM_new")) | |
240 | + || !(p_X509_VERIFY_PARAM_free = (_X509_VERIFY_PARAM_free)GetProcAddress(g_hOpenSSLCommon, "X509_VERIFY_PARAM_free")) | |
241 | + || !(p_X509_VERIFY_PARAM_set1_host = (_X509_VERIFY_PARAM_set1_host)GetProcAddress(g_hOpenSSLCommon, "X509_VERIFY_PARAM_set1_host")) | |
230 | 242 | || !(p_X509_CRL_free = (_X509_CRL_free)GetProcAddress(g_hOpenSSLCommon, "X509_CRL_free")) |
231 | 243 | || !(p_PEM_read_bio_PrivateKey = (_PEM_read_bio_PrivateKey)GetProcAddress(g_hOpenSSLCommon, "PEM_read_bio_PrivateKey")) |
232 | 244 | || !(p_PEM_read_bio_PUBKEY = (_PEM_read_bio_PUBKEY)GetProcAddress(g_hOpenSSLCommon, "PEM_read_bio_PUBKEY")) |
@@ -340,8 +352,6 @@ BOOL ConfirmSSLCertificate(SSL* pSSL, BOOL* pbAborted) | ||
340 | 352 | BIO* pBIO; |
341 | 353 | long Length; |
342 | 354 | char* pBuffer; |
343 | - char* pCN; | |
344 | - char* p; | |
345 | 355 | bResult = FALSE; |
346 | 356 | bVerified = FALSE; |
347 | 357 | pData = NULL; |
@@ -374,24 +384,10 @@ BOOL ConfirmSSLCertificate(SSL* pSSL, BOOL* pbAborted) | ||
374 | 384 | } |
375 | 385 | p_BIO_free(pBIO); |
376 | 386 | } |
377 | - p_X509_free(pX509); | |
378 | 387 | } |
379 | 388 | if(pX509 && p_SSL_get_verify_result(pSSL) == X509_V_OK) |
380 | 389 | bVerified = TRUE; |
381 | - pCN = pSubject; | |
382 | - while(pCN) | |
383 | - { | |
384 | - if(strncmp(pCN, "CN=", strlen("CN=")) == 0) | |
385 | - { | |
386 | - pCN += strlen("CN="); | |
387 | - if(p = strchr(pCN, ',')) | |
388 | - *p = '\0'; | |
389 | - break; | |
390 | - } | |
391 | - if(pCN = strchr(pCN, ',')) | |
392 | - pCN++; | |
393 | - } | |
394 | - bResult = g_pOpenSSLConfirmCallback(pbAborted, bVerified, pData, pCN); | |
390 | + bResult = g_pOpenSSLConfirmCallback(pbAborted, bVerified, pData); | |
395 | 391 | if(pData) |
396 | 392 | free(pData); |
397 | 393 | if(pSubject) |
@@ -528,55 +524,6 @@ BOOL SetSSLRootCertificate(const void* pData, DWORD Length) | ||
528 | 524 | return r; |
529 | 525 | } |
530 | 526 | |
531 | -// ワイルドカードの比較 | |
532 | -// 主にSSL証明書のCN確認用 | |
533 | -BOOL IsHostNameMatched(LPCSTR HostName, LPCSTR CommonName) | |
534 | -{ | |
535 | - BOOL bResult; | |
536 | - char* pa0; | |
537 | - const char* pAsterisk; | |
538 | - size_t BeforeAsterisk; | |
539 | - const char* pBeginAsterisk; | |
540 | - const char* pEndAsterisk; | |
541 | - const char* pDot; | |
542 | - bResult = FALSE; | |
543 | - if(HostName && CommonName) | |
544 | - { | |
545 | - if(pa0 = AllocateStringA(strlen(HostName) * 4)) | |
546 | - { | |
547 | - if(ConvertNameToPunycode(pa0, HostName)) | |
548 | - { | |
549 | - if(pAsterisk = strchr(CommonName, '*')) | |
550 | - { | |
551 | - BeforeAsterisk = ((size_t)pAsterisk - (size_t)CommonName) / sizeof(char); | |
552 | - pBeginAsterisk = pa0 + BeforeAsterisk; | |
553 | - while(*pAsterisk == '*') | |
554 | - { | |
555 | - pAsterisk++; | |
556 | - } | |
557 | - pEndAsterisk = pa0 + strlen(pa0) - strlen(pAsterisk); | |
558 | - // "*"より前は大文字小文字を無視して完全一致 | |
559 | - if(_strnicmp(pa0, CommonName, BeforeAsterisk) == 0) | |
560 | - { | |
561 | - // "*"より後は大文字小文字を無視して完全一致 | |
562 | - if(_stricmp(pEndAsterisk, pAsterisk) == 0) | |
563 | - { | |
564 | - // "*"と一致する範囲に"."が含まれてはならない | |
565 | - pDot = strchr(pBeginAsterisk, '.'); | |
566 | - if(!pDot || pDot >= pEndAsterisk) | |
567 | - bResult = TRUE; | |
568 | - } | |
569 | - } | |
570 | - } | |
571 | - else if(_stricmp(pa0, CommonName) == 0) | |
572 | - bResult = TRUE; | |
573 | - } | |
574 | - } | |
575 | - FreeDuplicatedString(pa0); | |
576 | - } | |
577 | - return bResult; | |
578 | -} | |
579 | - | |
580 | 527 | #pragma warning(push) |
581 | 528 | #pragma warning(disable:4090) |
582 | 529 |
@@ -705,6 +652,7 @@ BOOL AttachSSL(SOCKET s, SOCKET parent, BOOL* pbAborted, BOOL bStrengthen, const | ||
705 | 652 | SSL** ppSSLParent; |
706 | 653 | SSL_SESSION* pSession; |
707 | 654 | char* pa0; |
655 | + X509_VERIFY_PARAM* pParam; | |
708 | 656 | int Return; |
709 | 657 | int Error; |
710 | 658 | if(!g_bOpenSSLLoaded) |
@@ -753,7 +701,15 @@ BOOL AttachSSL(SOCKET s, SOCKET parent, BOOL* pbAborted, BOOL bStrengthen, const | ||
753 | 701 | if(pa0 = AllocateStringA(strlen(ServerName) * 4)) |
754 | 702 | { |
755 | 703 | if(ConvertNameToPunycode(pa0, ServerName)) |
704 | + { | |
756 | 705 | p_SSL_ctrl(*ppSSL, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, pa0); |
706 | + if(pParam = p_X509_VERIFY_PARAM_new()) | |
707 | + { | |
708 | + p_X509_VERIFY_PARAM_set1_host(pParam, pa0, 0); | |
709 | + p_SSL_set1_param(*ppSSL, pParam); | |
710 | + p_X509_VERIFY_PARAM_free(pParam); | |
711 | + } | |
712 | + } | |
757 | 713 | } |
758 | 714 | FreeDuplicatedString(pa0); |
759 | 715 | } |
@@ -11,7 +11,7 @@ | ||
11 | 11 | #define USE_OPENSSL |
12 | 12 | |
13 | 13 | typedef BOOL (__stdcall* LPSSLTIMEOUTCALLBACK)(BOOL*); |
14 | -typedef BOOL (__stdcall* LPSSLCONFIRMCALLBACK)(BOOL*, BOOL, LPCSTR, LPCSTR); | |
14 | +typedef BOOL (__stdcall* LPSSLCONFIRMCALLBACK)(BOOL*, BOOL, LPCSTR); | |
15 | 15 | |
16 | 16 | BOOL LoadOpenSSL(); |
17 | 17 | void FreeOpenSSL(); |
@@ -19,7 +19,6 @@ BOOL IsOpenSSLLoaded(); | ||
19 | 19 | void SetSSLTimeoutCallback(DWORD Timeout, LPSSLTIMEOUTCALLBACK pCallback); |
20 | 20 | void SetSSLConfirmCallback(LPSSLCONFIRMCALLBACK pCallback); |
21 | 21 | BOOL SetSSLRootCertificate(const void* pData, DWORD Length); |
22 | -BOOL IsHostNameMatched(LPCSTR HostName, LPCSTR CommonName); | |
23 | 22 | BOOL EncryptSignature(const char* PrivateKey, const char* Password, const void* pIn, DWORD InLength, void* pOut, DWORD OutLength, DWORD* pOutLength); |
24 | 23 | BOOL DecryptSignature(const char* PublicKey, const char* Password, const void* pIn, DWORD InLength, void* pOut, DWORD OutLength, DWORD* pOutLength); |
25 | 24 | BOOL GetHashSHA1(const void* pData, DWORD Size, void* pHash); |