Peerplays_Blockchain/peerplays-fc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initialize openssl properly, use ssl wrapper types instead of ..._free, unify DH_check

Browse source
This commit is contained in:
Peter Conrad 2015-07-30 17:43:43 +02:00
parent bfa1433cdd
commit e3fc463efc
3 changed files with 29 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
include/fc/crypto/dh.hpp
View file

@ -1,11 +1,12 @@
#pragma once #pragma once
#include <fc/crypto/openssl.hpp>
#include <vector> #include <vector>
#include <stdint.h> #include <stdint.h>
namespace fc { namespace fc {
struct diffie_hellman { struct diffie_hellman {
diffie_hellman():valid(0),g(5){} diffie_hellman():valid(0),g(5){ fc::init_openssl(); }
bool generate_params( int s, uint8_t g ); bool generate_params( int s, uint8_t g );
bool generate_pub_key(); bool generate_pub_key();
bool compute_shared_key( const char* buf, uint32_t s ); bool compute_shared_key( const char* buf, uint32_t s );

7
include/fc/crypto/openssl.hpp
View file

@ -22,11 +22,10 @@ namespace fc
{ {
ssl_wrapper(ssl_type* obj):obj(obj) {} ssl_wrapper(ssl_type* obj):obj(obj) {}
operator ssl_type*() operator ssl_type*() { return obj; }
{ operator const ssl_type*() const { return obj; }
return obj;
}
ssl_type* operator->() { return obj; } ssl_type* operator->() { return obj; }
const ssl_type* operator->() const { return obj; }
ssl_type* obj; ssl_type* obj;
}; };

59
src/crypto/dh.cpp
View file

@ -2,52 +2,45 @@
#include <openssl/dh.h> #include <openssl/dh.h>
namespace fc { namespace fc {
SSL_TYPE(ssl_dh, DH, DH_free)
static bool validate( const ssl_dh& dh, bool& valid ) {
int check;
DH_check(dh,&check);
return valid = !(check /*& DH_CHECK_P_NOT_SAFE_PRIME*/);
}
bool diffie_hellman::generate_params( int s, uint8_t g ) bool diffie_hellman::generate_params( int s, uint8_t g )
{ {
DH* dh = DH_generate_parameters( s, g, NULL, NULL ); ssl_dh dh = DH_generate_parameters( s, g, NULL, NULL );
p.resize( BN_num_bytes( dh->p ) ); p.resize( BN_num_bytes( dh->p ) );
if( p.size() ) if( p.size() )
BN_bn2bin( dh->p, (unsigned char*)&p.front() ); BN_bn2bin( dh->p, (unsigned char*)&p.front() );
this->g = g; this->g = g;
return fc::validate( dh, valid );
int check;
DH_check(dh,&check);
DH_free(dh);
if( check & DH_CHECK_P_NOT_SAFE_PRIME )
return valid = false;
return valid = true;
} }
bool diffie_hellman::validate() bool diffie_hellman::validate()
{ {
if( !p.size() ) if( !p.size() )
return valid = false; return valid = false;
DH* dh = DH_new(); ssl_dh dh = DH_new();
dh->p = BN_bin2bn( (unsigned char*)&p.front(), p.size(), NULL ); dh->p = BN_bin2bn( (unsigned char*)&p.front(), p.size(), NULL );
dh->g = BN_bin2bn( (unsigned char*)&g, 1, NULL ); dh->g = BN_bin2bn( (unsigned char*)&g, 1, NULL );
return fc::validate( dh, valid );
int check;
DH_check(dh,&check);
DH_free(dh);
if( check & DH_CHECK_P_NOT_SAFE_PRIME )
return valid = false;
return valid = true;
} }
bool diffie_hellman::generate_pub_key() bool diffie_hellman::generate_pub_key()
{ {
if( !p.size() ) if( !p.size() )
return valid = false; return valid = false;
DH* dh = DH_new(); ssl_dh dh = DH_new();
dh->p = BN_bin2bn( (unsigned char*)&p.front(), p.size(), NULL ); dh->p = BN_bin2bn( (unsigned char*)&p.front(), p.size(), NULL );
dh->g = BN_bin2bn( (unsigned char*)&g, 1, NULL ); dh->g = BN_bin2bn( (unsigned char*)&g, 1, NULL );
int check; if( !fc::validate( dh, valid ) )
DH_check(dh,&check);
if( check & DH_CHECK_P_NOT_SAFE_PRIME )
{ {
DH_free(dh); return false;
return valid = false;
} }
DH_generate_key(dh); DH_generate_key(dh);
@ -58,11 +51,10 @@ namespace fc {
if( priv_key.size() ) if( priv_key.size() )
BN_bn2bin( dh->priv_key, (unsigned char*)&priv_key.front() ); BN_bn2bin( dh->priv_key, (unsigned char*)&priv_key.front() );
DH_free(dh); return true;
return valid = true;
} }
bool diffie_hellman::compute_shared_key( const char* buf, uint32_t s ) { bool diffie_hellman::compute_shared_key( const char* buf, uint32_t s ) {
DH* dh = DH_new(); ssl_dh dh = DH_new();
dh->p = BN_bin2bn( (unsigned char*)&p.front(), p.size(), NULL ); dh->p = BN_bin2bn( (unsigned char*)&p.front(), p.size(), NULL );
dh->pub_key = BN_bin2bn( (unsigned char*)&pub_key.front(), pub_key.size(), NULL ); dh->pub_key = BN_bin2bn( (unsigned char*)&pub_key.front(), pub_key.size(), NULL );
dh->priv_key = BN_bin2bn( (unsigned char*)&priv_key.front(), priv_key.size(), NULL ); dh->priv_key = BN_bin2bn( (unsigned char*)&priv_key.front(), priv_key.size(), NULL );
@ -70,22 +62,19 @@ namespace fc {
int check; int check;
DH_check(dh,&check); DH_check(dh,&check);
if( check & DH_CHECK_P_NOT_SAFE_PRIME ) if( !fc::validate( dh, valid ) )
{ {
DH_free(dh); return false;
return valid = false;
} }
ssl_bignum pk;
BIGNUM* pk = BN_bin2bn( (unsigned char*)buf, s, NULL ); BN_bin2bn( (unsigned char*)buf, s, pk );
shared_key.resize( DH_size(dh) ); shared_key.resize( DH_size(dh) );
DH_compute_key( (unsigned char*)&shared_key.front(), pk, dh ); DH_compute_key( (unsigned char*)&shared_key.front(), pk, dh );
BN_free(pk);
DH_free(dh); return true;
return valid = true;
} }
bool diffie_hellman::compute_shared_key( const std::vector<char>& pubk ) { bool diffie_hellman::compute_shared_key( const std::vector<char>& pubk ) {
return compute_shared_key( &pubk.front(), pubk.size() ); return compute_shared_key( &pubk.front(), pubk.size() );
} }
} }