Skip to content

Commit

Permalink
Fix OpenSSL 1.1.1 code.
Browse files Browse the repository at this point in the history
  • Loading branch information
@ni4
ni4 committed Dec 5, 2024
1 parent 2e1baf1 commit d6ec067
Show file tree
Hide file tree
Showing 5 changed files with 64 additions and 132 deletions.
21 changes: 11 additions & 10 deletions src/lib/crypto/dl_ossl.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,8 +98,8 @@ dl_load_key(const pgp::mpi &mp,
}
return rnp::ossl::evp::PKey(rawkey);
#else
rnp::ossl::DH dh;
if (!dh.get()) {
rnp::ossl::DH dh(DH_new());
if (!dh) {
/* LCOV_EXCL_START */
RNP_LOG("out of memory");
return NULL;
Expand Down Expand Up @@ -139,12 +139,12 @@ dl_load_key(const pgp::mpi &mp,
static rnp_result_t
dl_validate_secret_key(rnp::ossl::evp::PKey &dlkey, const pgp::mpi &mx)
{
const rnp::ossl::DH dh(EVP_PKEY_get0_DH(dlkey.get()));
assert(dh.get());
const rnp::bn p(DH_get0_p(dh.get()));
rnp::bn q(DH_get0_q(dh.get()));
const rnp::bn g(DH_get0_g(dh.get()));
const rnp::bn y(DH_get0_pub_key(dh.get()));
auto dh = EVP_PKEY_get0_DH(dlkey.get());
assert(dh);
const rnp::bn p(DH_get0_p(dh));
rnp::bn q(DH_get0_q(dh));
const rnp::bn g(DH_get0_g(dh));
const rnp::bn y(DH_get0_pub_key(dh));
assert(p && g && y);

rnp::ossl::BNCtx ctx(BN_CTX_new());
Expand Down Expand Up @@ -180,8 +180,9 @@ dl_validate_secret_key(rnp::ossl::evp::PKey &dlkey, const pgp::mpi &mx)
RNP_LOG("x is too large.");
return RNP_ERROR_GENERIC;
}
BN_CTX_start(ctx);
if (BN_mod_exp_mont_consttime(cy.get(), g.c_get(), x.c_get(), p.c_get(), ctx, NULL) < 1) {
BN_CTX_start(ctx.get());
if (BN_mod_exp_mont_consttime(cy.get(), g.c_get(), x.c_get(), p.c_get(), ctx.get(), NULL) <
1) {
RNP_LOG("Exponentiation failed");
return RNP_ERROR_GENERIC;
}
Expand Down
20 changes: 9 additions & 11 deletions src/lib/crypto/dsa_ossl.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,32 +44,30 @@ namespace dsa {
static bool
decode_sig(const uint8_t *data, size_t len, Signature &sig)
{
DSA_SIG *dsig = d2i_DSA_SIG(NULL, &data, len);
rnp::ossl::DSASig dsig(d2i_DSA_SIG(NULL, &data, len));
if (!dsig) {
RNP_LOG("Failed to parse DSA sig: %lu", ERR_peek_last_error());
return false;
}
rnp::bn r, s;
DSA_SIG_get0(dsig, r.cptr(), s.cptr());
DSA_SIG_get0(dsig.get(), r.cptr(), s.cptr());
r.mpi(sig.r);
s.mpi(sig.s);
DSA_SIG_free(dsig);
return true;
}

static bool
encode_sig(uint8_t *data, size_t *len, const Signature &sig)
{
DSA_SIG *dsig = DSA_SIG_new();
rnp::bn r(sig.r);
rnp::bn s(sig.s);
rnp::ossl::DSASig dsig(DSA_SIG_new());
rnp::bn r(sig.r);
rnp::bn s(sig.s);
if (!dsig || !r || !s) {
RNP_LOG("Allocation failed.");
return false;
}
DSA_SIG_set0(dsig, r.own(), s.own());
auto outlen = i2d_DSA_SIG(dsig, &data);
DSA_SIG_free(dsig);
DSA_SIG_set0(dsig.get(), r.own(), s.own());
auto outlen = i2d_DSA_SIG(dsig.get(), &data);
if (outlen < 0) {
RNP_LOG("Failed to encode signature.");
return false;
Expand Down Expand Up @@ -136,8 +134,8 @@ load_key(const Key &key, bool secret = false)
}
return rnp::ossl::evp::PKey(rawkey);
#else
rnp::ossl::DSA dsa;
if (!dsa.get()) {
rnp::ossl::DSA dsa(DSA_new());
if (!dsa) {
/* LCOV_EXCL_START */
RNP_LOG("Out of memory");
return NULL;
Expand Down
8 changes: 4 additions & 4 deletions src/lib/crypto/ec_ossl.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -291,8 +291,8 @@ load_key(const pgp::mpi &keyp, const pgp::mpi *keyx, pgp_curve_t curve)
#if defined(CRYPTO_BACKEND_OPENSSL3)
return load_key_openssl3(keyp, keyx, *curv_desc);
#else
rnp::ossl::ECKey ec(nid);
if (!ec.get()) {
rnp::ossl::ECKey ec(EC_KEY_new_by_curve_name(nid));
if (!ec) {
/* LCOV_EXCL_START */
RNP_LOG("Failed to create EC key with group %s: %s",
curv_desc->openssl_name,
Expand All @@ -302,8 +302,8 @@ load_key(const pgp::mpi &keyp, const pgp::mpi *keyx, pgp_curve_t curve)
}

auto group = EC_KEY_get0_group(ec.get());
rnp::ossl::ECPoint p(group);
if (!p.get()) {
rnp::ossl::ECPoint p(EC_POINT_new(group));
if (!p) {
/* LCOV_EXCL_START */
RNP_LOG("Failed to allocate point: %lu", ERR_peek_last_error());
return NULL;
Expand Down
131 changes: 32 additions & 99 deletions src/lib/crypto/ossl_utils.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -237,132 +237,67 @@ struct MDCtxDeleter {
using MDCtx = std::unique_ptr<EVP_MD_CTX, MDCtxDeleter>;
} // namespace evp

#if !defined(CRYPTO_BACKEND_OPENSSL3)
class RSA {
::RSA *rsa_;

public:
RSA()
{
rsa_ = RSA_new();
}

RSA(const RSA &) = delete;

~RSA()
{
RSA_free(rsa_);
}

::RSA *
get() noexcept
struct DSASigDeleter {
void
operator()(DSA_SIG *ptr) const
{
return rsa_;
DSA_SIG_free(ptr);
}
};

class DSA {
::DSA *dsa_;

public:
DSA()
{
dsa_ = DSA_new();
}

DSA(const DSA &) = delete;

~DSA()
{
DSA_free(dsa_);
}
using DSASig = std::unique_ptr<DSA_SIG, DSASigDeleter>;

::DSA *
get() noexcept
#if !defined(CRYPTO_BACKEND_OPENSSL3)
struct RSADeleter {
void
operator()(::RSA *ptr) const
{
return dsa_;
RSA_free(ptr);
}
};

class DH {
::DH * dh_;
const ::DH *dh_c_;

public:
DH() : dh_(DH_new()), dh_c_(NULL)
{
}

DH(const ::DH *dh) : dh_(NULL), dh_c_(dh)
{
}

DH(const DH &) = delete;

~DH()
{
DH_free(dh_);
}

::DH *
get() noexcept
{
return dh_;
}
using RSA = std::unique_ptr<::RSA, RSADeleter>;

const ::DH *
get() const noexcept
struct DSADeleter {
void
operator()(::DSA *ptr) const
{
return dh_c_ ? dh_c_ : dh_;
DSA_free(ptr);
}
};

class ECKey {
::EC_KEY *key_;

public:
ECKey(int nid) : key_(EC_KEY_new_by_curve_name(nid))
{
}

ECKey(const ECKey &) = delete;

~ECKey()
{
EC_KEY_free(key_);
}
using DSA = std::unique_ptr<::DSA, DSADeleter>;

::EC_KEY *
get() noexcept
struct DHDeleter {
void
operator()(::DH *ptr) const
{
return key_;
DH_free(ptr);
}
};

class ECPoint {
::EC_POINT *pt_;
using DH = std::unique_ptr<::DH, DHDeleter>;

public:
ECPoint(const EC_GROUP *grp) : pt_(EC_POINT_new(grp))
struct ECKeyDeleter {
void
operator()(::EC_KEY *ptr) const
{
EC_KEY_free(ptr);
}
};

ECPoint(const ECPoint &) = delete;
using ECKey = std::unique_ptr<::EC_KEY, ECKeyDeleter>;

~ECPoint()
{
EC_POINT_free(pt_);
}

::EC_POINT *
get() noexcept
struct ECPointDeleter {
void
operator()(::EC_POINT *ptr) const
{
return pt_;
EC_POINT_free(ptr);
}
};

using ECPoint = std::unique_ptr<::EC_POINT, ECPointDeleter>;
#else

struct ParamDeleter {
void
operator()(OSSL_PARAM *ptr) const
Expand All @@ -382,7 +317,6 @@ struct ParamBldDeleter {
};

using ParamBld = std::unique_ptr<OSSL_PARAM_BLD, ParamBldDeleter>;

#endif

inline const char *
Expand All @@ -392,7 +326,6 @@ latest_err()
}

} // namespace ossl

} // namespace rnp

#endif
16 changes: 8 additions & 8 deletions src/lib/crypto/rsa_ossl.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,9 +49,9 @@ load_public_key(const Key &key)
{
rnp::bn n(key.n);
rnp::bn e(key.e);
rnp::ossl::RSA rsa;
rnp::ossl::RSA rsa(RSA_new());

if (!n || !e || !rsa.get()) {
if (!n || !e || !rsa) {
/* LCOV_EXCL_START */
RNP_LOG("out of memory");
return NULL;
Expand Down Expand Up @@ -83,9 +83,9 @@ load_secret_key(const Key &key)
rnp::bn p(key.p);
rnp::bn q(key.q);
rnp::bn d(key.d);
rnp::ossl::RSA rsa;
rnp::ossl::RSA rsa(RSA_new());

if (!n || !p || !q || !e || !d || !rsa.get()) {
if (!n || !p || !q || !e || !d || !rsa) {
/* LCOV_EXCL_START */
RNP_LOG("out of memory");
return NULL;
Expand Down Expand Up @@ -117,14 +117,14 @@ load_secret_key(const Key &key)
return evpkey;
}

static rnp::ossl::evp::Ctx
static rnp::ossl::evp::PKeyCtx
init_context(const Key &key, bool secret)
{
rnp::ossl::evp::PKey evpkey(secret ? load_secret_key(key) : load_public_key(key));
auto evpkey = secret ? load_secret_key(key) : load_public_key(key);
if (!evpkey) {
return rnp::ossl::evp::Ctx(); // LCOV_EXCL_LINE
return rnp::ossl::evp::PKeyCtx(); // LCOV_EXCL_LINE
}
rnp::ossl::evp::Ctx ctx(evpkey);
rnp::ossl::evp::PKeyCtx ctx(EVP_PKEY_CTX_new(evpkey.get(), NULL));
if (!ctx) {
RNP_LOG("Context allocation failed: %lu", ERR_peek_last_error()); // LCOV_EXCL_LINE
}
Expand Down

0 comments on commit d6ec067

Please sign in to comment.