diff --git a/include/fc/crypto/dh.hpp b/include/fc/crypto/dh.hpp index 5e6f89f..9bd4d7b 100644 --- a/include/fc/crypto/dh.hpp +++ b/include/fc/crypto/dh.hpp @@ -1,11 +1,12 @@ #pragma once +#include #include #include namespace fc { struct diffie_hellman { - diffie_hellman():valid(0),g(5){} + diffie_hellman():valid(0),g(5){ fc::init_openssl(); } bool generate_params( int s, uint8_t g ); bool generate_pub_key(); bool compute_shared_key( const char* buf, uint32_t s ); diff --git a/include/fc/crypto/openssl.hpp b/include/fc/crypto/openssl.hpp index 5811390..af883d6 100644 --- a/include/fc/crypto/openssl.hpp +++ b/include/fc/crypto/openssl.hpp @@ -22,11 +22,10 @@ namespace fc { ssl_wrapper(ssl_type* obj):obj(obj) {} - operator ssl_type*() - { - return obj; - } + operator ssl_type*() { return obj; } + operator const ssl_type*() const { return obj; } ssl_type* operator->() { return obj; } + const ssl_type* operator->() const { return obj; } ssl_type* obj; }; diff --git a/src/crypto/dh.cpp b/src/crypto/dh.cpp index 7b49398..cbd7dcc 100644 --- a/src/crypto/dh.cpp +++ b/src/crypto/dh.cpp @@ -2,52 +2,45 @@ #include namespace fc { + SSL_TYPE(ssl_dh, DH, DH_free) + + static bool validate( const ssl_dh& dh, bool& valid ) { + int check; + DH_check(dh,&check); + return valid = !(check /*& DH_CHECK_P_NOT_SAFE_PRIME*/); + } + bool diffie_hellman::generate_params( int s, uint8_t g ) { - DH* dh = DH_generate_parameters( s, g, NULL, NULL ); + ssl_dh dh = DH_generate_parameters( s, g, NULL, NULL ); p.resize( BN_num_bytes( dh->p ) ); if( p.size() ) BN_bn2bin( dh->p, (unsigned char*)&p.front() ); this->g = g; - - int check; - DH_check(dh,&check); - DH_free(dh); - - if( check & DH_CHECK_P_NOT_SAFE_PRIME ) - return valid = false; - return valid = true; + return fc::validate( dh, valid ); } + bool diffie_hellman::validate() { if( !p.size() ) return valid = false; - DH* dh = DH_new(); + ssl_dh dh = DH_new(); dh->p = BN_bin2bn( (unsigned char*)&p.front(), p.size(), NULL ); dh->g = BN_bin2bn( (unsigned char*)&g, 1, NULL ); - - int check; - DH_check(dh,&check); - DH_free(dh); - if( check & DH_CHECK_P_NOT_SAFE_PRIME ) - return valid = false; - return valid = true; + return fc::validate( dh, valid ); } bool diffie_hellman::generate_pub_key() { if( !p.size() ) return valid = false; - DH* dh = DH_new(); + ssl_dh dh = DH_new(); dh->p = BN_bin2bn( (unsigned char*)&p.front(), p.size(), NULL ); dh->g = BN_bin2bn( (unsigned char*)&g, 1, NULL ); - int check; - DH_check(dh,&check); - if( check & DH_CHECK_P_NOT_SAFE_PRIME ) + if( !fc::validate( dh, valid ) ) { - DH_free(dh); - return valid = false; + return false; } DH_generate_key(dh); @@ -58,11 +51,10 @@ namespace fc { if( priv_key.size() ) BN_bn2bin( dh->priv_key, (unsigned char*)&priv_key.front() ); - DH_free(dh); - return valid = true; + return true; } bool diffie_hellman::compute_shared_key( const char* buf, uint32_t s ) { - DH* dh = DH_new(); + ssl_dh dh = DH_new(); dh->p = BN_bin2bn( (unsigned char*)&p.front(), p.size(), NULL ); dh->pub_key = BN_bin2bn( (unsigned char*)&pub_key.front(), pub_key.size(), NULL ); dh->priv_key = BN_bin2bn( (unsigned char*)&priv_key.front(), priv_key.size(), NULL ); @@ -70,22 +62,19 @@ namespace fc { int check; DH_check(dh,&check); - if( check & DH_CHECK_P_NOT_SAFE_PRIME ) + if( !fc::validate( dh, valid ) ) { - DH_free(dh); - return valid = false; + return false; } - - BIGNUM* pk = BN_bin2bn( (unsigned char*)buf, s, NULL ); + ssl_bignum pk; + BN_bin2bn( (unsigned char*)buf, s, pk ); shared_key.resize( DH_size(dh) ); DH_compute_key( (unsigned char*)&shared_key.front(), pk, dh ); - BN_free(pk); - DH_free(dh); - return valid = true; + + return true; } bool diffie_hellman::compute_shared_key( const std::vector& pubk ) { return compute_shared_key( &pubk.front(), pubk.size() ); } - }