Lines 1262-1270
public:
Link Here
|
1262 |
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, nullptr); |
1262 |
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, nullptr); |
1263 |
EVP_PKEY_derive_init(pctx); |
1263 |
EVP_PKEY_derive_init(pctx); |
1264 |
EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()); |
1264 |
EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()); |
1265 |
EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt.data(), int(salt.size())); |
1265 |
EVP_PKEY_CTX_set1_hkdf_salt(pctx, reinterpret_cast<const unsigned char*>(salt.data()), int(salt.size())); |
1266 |
EVP_PKEY_CTX_set1_hkdf_key(pctx, secret.data(), int(secret.size())); |
1266 |
EVP_PKEY_CTX_set1_hkdf_key(pctx, reinterpret_cast<const unsigned char*>(secret.data()), int(secret.size())); |
1267 |
EVP_PKEY_CTX_add1_hkdf_info(pctx, info.data(), int(info.size())); |
1267 |
EVP_PKEY_CTX_add1_hkdf_info(pctx, reinterpret_cast<const unsigned char*>(info.data()), int(info.size())); |
1268 |
size_t outlen = out.size(); |
1268 |
size_t outlen = out.size(); |
1269 |
EVP_PKEY_derive(pctx, reinterpret_cast<unsigned char *>(out.data()), &outlen); |
1269 |
EVP_PKEY_derive(pctx, reinterpret_cast<unsigned char *>(out.data()), &outlen); |
1270 |
EVP_PKEY_CTX_free(pctx); |
1270 |
EVP_PKEY_CTX_free(pctx); |
Lines 1438-1444
public:
Link Here
|
1438 |
int type = EVP_PKEY_id(pkey); |
1438 |
int type = EVP_PKEY_id(pkey); |
1439 |
|
1439 |
|
1440 |
if (type == EVP_PKEY_RSA) { |
1440 |
if (type == EVP_PKEY_RSA) { |
1441 |
RSA *rsa = EVP_PKEY_get0_RSA(pkey); |
1441 |
RSA *rsa = EVP_PKEY_get1_RSA(pkey); |
1442 |
if (RSA_private_encrypt(raw.size(), |
1442 |
if (RSA_private_encrypt(raw.size(), |
1443 |
(unsigned char *)raw.data(), |
1443 |
(unsigned char *)raw.data(), |
1444 |
(unsigned char *)out.data(), |
1444 |
(unsigned char *)out.data(), |
Lines 1472-1491
public:
Link Here
|
1472 |
if (state == VerifyActive) { |
1472 |
if (state == VerifyActive) { |
1473 |
if (raw_type) { |
1473 |
if (raw_type) { |
1474 |
SecureArray out(EVP_PKEY_size(pkey)); |
1474 |
SecureArray out(EVP_PKEY_size(pkey)); |
1475 |
int len = 0; |
1475 |
size_t len = 0; |
1476 |
|
1476 |
|
1477 |
int type = EVP_PKEY_id(pkey); |
1477 |
int type = EVP_PKEY_id(pkey); |
1478 |
|
1478 |
|
1479 |
if (type == EVP_PKEY_RSA) { |
1479 |
if (type == EVP_PKEY_RSA) { |
1480 |
RSA *rsa = EVP_PKEY_get0_RSA(pkey); |
1480 |
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey, nullptr); |
1481 |
if ((len = RSA_public_decrypt(sig.size(), |
1481 |
if ((EVP_PKEY_decrypt_init(ctx) < 1) || |
1482 |
(unsigned char *)sig.data(), |
1482 |
(EVP_PKEY_decrypt(ctx, |
1483 |
(unsigned char *)out.data(), |
1483 |
(unsigned char *)out.data(), |
1484 |
rsa, |
1484 |
&len, |
1485 |
RSA_PKCS1_PADDING)) == -1) { |
1485 |
(unsigned char *)sig.data(), |
|
|
1486 |
sig.size()) < 1)) { |
1486 |
state = VerifyError; |
1487 |
state = VerifyError; |
1487 |
return false; |
1488 |
return false; |
1488 |
} |
1489 |
} |
1489 |
} else if (type == EVP_PKEY_DSA) { |
1490 |
} else if (type == EVP_PKEY_DSA) { |
1490 |
state = VerifyError; |
1491 |
state = VerifyError; |
1491 |
return false; |
1492 |
return false; |
Lines 1932-1938
public:
Link Here
|
1932 |
return; |
1933 |
return; |
1933 |
|
1934 |
|
1934 |
// extract the public key into DER format |
1935 |
// extract the public key into DER format |
1935 |
RSA * rsa_pkey = EVP_PKEY_get0_RSA(evp.pkey); |
1936 |
RSA * rsa_pkey = EVP_PKEY_get1_RSA(evp.pkey); |
1936 |
int len = i2d_RSAPublicKey(rsa_pkey, nullptr); |
1937 |
int len = i2d_RSAPublicKey(rsa_pkey, nullptr); |
1937 |
SecureArray result(len); |
1938 |
SecureArray result(len); |
1938 |
unsigned char *p = (unsigned char *)result.data(); |
1939 |
unsigned char *p = (unsigned char *)result.data(); |
Lines 1954-1960
public:
Link Here
|
1954 |
|
1955 |
|
1955 |
int maximumEncryptSize(EncryptionAlgorithm alg) const override |
1956 |
int maximumEncryptSize(EncryptionAlgorithm alg) const override |
1956 |
{ |
1957 |
{ |
1957 |
RSA *rsa = EVP_PKEY_get0_RSA(evp.pkey); |
1958 |
RSA const *rsa = EVP_PKEY_get0_RSA(evp.pkey); |
1958 |
int size = 0; |
1959 |
int size = 0; |
1959 |
switch (alg) { |
1960 |
switch (alg) { |
1960 |
case EME_PKCS1v15: |
1961 |
case EME_PKCS1v15: |
Lines 1976-1982
public:
Link Here
|
1976 |
|
1977 |
|
1977 |
SecureArray encrypt(const SecureArray &in, EncryptionAlgorithm alg) override |
1978 |
SecureArray encrypt(const SecureArray &in, EncryptionAlgorithm alg) override |
1978 |
{ |
1979 |
{ |
1979 |
RSA * rsa = EVP_PKEY_get0_RSA(evp.pkey); |
1980 |
RSA * rsa = EVP_PKEY_get1_RSA(evp.pkey); |
1980 |
SecureArray buf = in; |
1981 |
SecureArray buf = in; |
1981 |
int max = maximumEncryptSize(alg); |
1982 |
int max = maximumEncryptSize(alg); |
1982 |
|
1983 |
|
Lines 1993-1999
public:
Link Here
|
1993 |
pad = RSA_PKCS1_OAEP_PADDING; |
1994 |
pad = RSA_PKCS1_OAEP_PADDING; |
1994 |
break; |
1995 |
break; |
1995 |
case EME_PKCS1v15_SSL: |
1996 |
case EME_PKCS1v15_SSL: |
1996 |
pad = RSA_SSLV23_PADDING; |
1997 |
pad = RSA_PKCS1_WITH_TLS_PADDING; |
1997 |
break; |
1998 |
break; |
1998 |
case EME_NO_PADDING: |
1999 |
case EME_NO_PADDING: |
1999 |
pad = RSA_NO_PADDING; |
2000 |
pad = RSA_NO_PADDING; |
Lines 2007-2014
public:
Link Here
|
2007 |
if (isPrivate()) |
2008 |
if (isPrivate()) |
2008 |
ret = |
2009 |
ret = |
2009 |
RSA_private_encrypt(buf.size(), (unsigned char *)buf.data(), (unsigned char *)result.data(), rsa, pad); |
2010 |
RSA_private_encrypt(buf.size(), (unsigned char *)buf.data(), (unsigned char *)result.data(), rsa, pad); |
2010 |
else |
2011 |
else { |
|
|
2012 |
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(evp.pkey, nullptr); |
2013 |
if ((EVP_PKEY_encrypt_init(ctx) <= 0) || |
2014 |
(EVP_PKEY_CTX_set_rsa_padding(ctx, pad) <= 0)) |
2015 |
return SecureArray(); |
2016 |
size_t size; |
2017 |
ret = EVP_PKEY_encrypt(ctx, (unsigned char*)result.data(), &size, (unsigned char *)buf.data(), buf.size()); |
2011 |
ret = RSA_public_encrypt(buf.size(), (unsigned char *)buf.data(), (unsigned char *)result.data(), rsa, pad); |
2018 |
ret = RSA_public_encrypt(buf.size(), (unsigned char *)buf.data(), (unsigned char *)result.data(), rsa, pad); |
|
|
2019 |
} |
2012 |
|
2020 |
|
2013 |
if (ret < 0) |
2021 |
if (ret < 0) |
2014 |
return SecureArray(); |
2022 |
return SecureArray(); |
Lines 2019-2025
public:
Link Here
|
2019 |
|
2027 |
|
2020 |
bool decrypt(const SecureArray &in, SecureArray *out, EncryptionAlgorithm alg) override |
2028 |
bool decrypt(const SecureArray &in, SecureArray *out, EncryptionAlgorithm alg) override |
2021 |
{ |
2029 |
{ |
2022 |
RSA * rsa = EVP_PKEY_get0_RSA(evp.pkey); |
2030 |
RSA * rsa = EVP_PKEY_get1_RSA(evp.pkey); |
2023 |
SecureArray result(RSA_size(rsa)); |
2031 |
SecureArray result(RSA_size(rsa)); |
2024 |
int pad; |
2032 |
int pad; |
2025 |
|
2033 |
|
Lines 2031-2037
public:
Link Here
|
2031 |
pad = RSA_PKCS1_OAEP_PADDING; |
2039 |
pad = RSA_PKCS1_OAEP_PADDING; |
2032 |
break; |
2040 |
break; |
2033 |
case EME_PKCS1v15_SSL: |
2041 |
case EME_PKCS1v15_SSL: |
2034 |
pad = RSA_SSLV23_PADDING; |
2042 |
pad = RSA_PKCS1_WITH_TLS_PADDING; |
2035 |
break; |
2043 |
break; |
2036 |
case EME_NO_PADDING: |
2044 |
case EME_NO_PADDING: |
2037 |
pad = RSA_NO_PADDING; |
2045 |
pad = RSA_NO_PADDING; |
Lines 2044-2053
public:
Link Here
|
2044 |
int ret; |
2052 |
int ret; |
2045 |
if (isPrivate()) |
2053 |
if (isPrivate()) |
2046 |
ret = RSA_private_decrypt(in.size(), (unsigned char *)in.data(), (unsigned char *)result.data(), rsa, pad); |
2054 |
ret = RSA_private_decrypt(in.size(), (unsigned char *)in.data(), (unsigned char *)result.data(), rsa, pad); |
2047 |
else |
2055 |
else { |
2048 |
ret = RSA_public_decrypt(in.size(), (unsigned char *)in.data(), (unsigned char *)result.data(), rsa, pad); |
2056 |
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(evp.pkey, nullptr); |
|
|
2057 |
if ((EVP_PKEY_decrypt_init(ctx) <= 0) || |
2058 |
(EVP_PKEY_CTX_set_rsa_padding(ctx, pad) <= 0)) |
2059 |
return false; |
2060 |
size_t size; |
2061 |
ret = EVP_PKEY_decrypt(ctx, (unsigned char *)result.data(), &size, (unsigned char *)in.data(), in.size()); |
2062 |
} |
2049 |
|
2063 |
|
2050 |
if (ret < 0) |
2064 |
if (ret <= 0) |
2051 |
return false; |
2065 |
return false; |
2052 |
result.resize(ret); |
2066 |
result.resize(ret); |
2053 |
|
2067 |
|
Lines 2182-2188
public:
Link Here
|
2182 |
|
2196 |
|
2183 |
BigInteger n() const override |
2197 |
BigInteger n() const override |
2184 |
{ |
2198 |
{ |
2185 |
RSA * rsa = EVP_PKEY_get0_RSA(evp.pkey); |
2199 |
RSA const * rsa = EVP_PKEY_get0_RSA(evp.pkey); |
2186 |
const BIGNUM *bnn; |
2200 |
const BIGNUM *bnn; |
2187 |
RSA_get0_key(rsa, &bnn, nullptr, nullptr); |
2201 |
RSA_get0_key(rsa, &bnn, nullptr, nullptr); |
2188 |
return bn2bi(bnn); |
2202 |
return bn2bi(bnn); |
Lines 2190-2196
public:
Link Here
|
2190 |
|
2204 |
|
2191 |
BigInteger e() const override |
2205 |
BigInteger e() const override |
2192 |
{ |
2206 |
{ |
2193 |
RSA * rsa = EVP_PKEY_get0_RSA(evp.pkey); |
2207 |
RSA const * rsa = EVP_PKEY_get0_RSA(evp.pkey); |
2194 |
const BIGNUM *bne; |
2208 |
const BIGNUM *bne; |
2195 |
RSA_get0_key(rsa, nullptr, &bne, nullptr); |
2209 |
RSA_get0_key(rsa, nullptr, &bne, nullptr); |
2196 |
return bn2bi(bne); |
2210 |
return bn2bi(bne); |
Lines 2198-2204
public:
Link Here
|
2198 |
|
2212 |
|
2199 |
BigInteger p() const override |
2213 |
BigInteger p() const override |
2200 |
{ |
2214 |
{ |
2201 |
RSA * rsa = EVP_PKEY_get0_RSA(evp.pkey); |
2215 |
RSA const * rsa = EVP_PKEY_get0_RSA(evp.pkey); |
2202 |
const BIGNUM *bnp; |
2216 |
const BIGNUM *bnp; |
2203 |
RSA_get0_factors(rsa, &bnp, nullptr); |
2217 |
RSA_get0_factors(rsa, &bnp, nullptr); |
2204 |
return bn2bi(bnp); |
2218 |
return bn2bi(bnp); |
Lines 2206-2212
public:
Link Here
|
2206 |
|
2220 |
|
2207 |
BigInteger q() const override |
2221 |
BigInteger q() const override |
2208 |
{ |
2222 |
{ |
2209 |
RSA * rsa = EVP_PKEY_get0_RSA(evp.pkey); |
2223 |
RSA const * rsa = EVP_PKEY_get0_RSA(evp.pkey); |
2210 |
const BIGNUM *bnq; |
2224 |
const BIGNUM *bnq; |
2211 |
RSA_get0_factors(rsa, nullptr, &bnq); |
2225 |
RSA_get0_factors(rsa, nullptr, &bnq); |
2212 |
return bn2bi(bnq); |
2226 |
return bn2bi(bnq); |
Lines 2214-2220
public:
Link Here
|
2214 |
|
2228 |
|
2215 |
BigInteger d() const override |
2229 |
BigInteger d() const override |
2216 |
{ |
2230 |
{ |
2217 |
RSA * rsa = EVP_PKEY_get0_RSA(evp.pkey); |
2231 |
RSA const * rsa = EVP_PKEY_get0_RSA(evp.pkey); |
2218 |
const BIGNUM *bnd; |
2232 |
const BIGNUM *bnd; |
2219 |
RSA_get0_key(rsa, nullptr, nullptr, &bnd); |
2233 |
RSA_get0_key(rsa, nullptr, nullptr, &bnd); |
2220 |
return bn2bi(bnd); |
2234 |
return bn2bi(bnd); |
Lines 2347-2353
public:
Link Here
|
2347 |
return; |
2361 |
return; |
2348 |
|
2362 |
|
2349 |
// extract the public key into DER format |
2363 |
// extract the public key into DER format |
2350 |
DSA * dsa_pkey = EVP_PKEY_get0_DSA(evp.pkey); |
2364 |
DSA const * dsa_pkey = EVP_PKEY_get0_DSA(evp.pkey); |
2351 |
int len = i2d_DSAPublicKey(dsa_pkey, nullptr); |
2365 |
int len = i2d_DSAPublicKey(dsa_pkey, nullptr); |
2352 |
SecureArray result(len); |
2366 |
SecureArray result(len); |
2353 |
unsigned char *p = (unsigned char *)result.data(); |
2367 |
unsigned char *p = (unsigned char *)result.data(); |
Lines 2471-2477
public:
Link Here
|
2471 |
|
2485 |
|
2472 |
DLGroup domain() const override |
2486 |
DLGroup domain() const override |
2473 |
{ |
2487 |
{ |
2474 |
DSA * dsa = EVP_PKEY_get0_DSA(evp.pkey); |
2488 |
DSA const * dsa = EVP_PKEY_get0_DSA(evp.pkey); |
2475 |
const BIGNUM *bnp, *bnq, *bng; |
2489 |
const BIGNUM *bnp, *bnq, *bng; |
2476 |
DSA_get0_pqg(dsa, &bnp, &bnq, &bng); |
2490 |
DSA_get0_pqg(dsa, &bnp, &bnq, &bng); |
2477 |
return DLGroup(bn2bi(bnp), bn2bi(bnq), bn2bi(bng)); |
2491 |
return DLGroup(bn2bi(bnp), bn2bi(bnq), bn2bi(bng)); |
Lines 2479-2485
public:
Link Here
|
2479 |
|
2493 |
|
2480 |
BigInteger y() const override |
2494 |
BigInteger y() const override |
2481 |
{ |
2495 |
{ |
2482 |
DSA * dsa = EVP_PKEY_get0_DSA(evp.pkey); |
2496 |
DSA const * dsa = EVP_PKEY_get0_DSA(evp.pkey); |
2483 |
const BIGNUM *bnpub_key; |
2497 |
const BIGNUM *bnpub_key; |
2484 |
DSA_get0_key(dsa, &bnpub_key, nullptr); |
2498 |
DSA_get0_key(dsa, &bnpub_key, nullptr); |
2485 |
return bn2bi(bnpub_key); |
2499 |
return bn2bi(bnpub_key); |
Lines 2487-2493
public:
Link Here
|
2487 |
|
2501 |
|
2488 |
BigInteger x() const override |
2502 |
BigInteger x() const override |
2489 |
{ |
2503 |
{ |
2490 |
DSA * dsa = EVP_PKEY_get0_DSA(evp.pkey); |
2504 |
DSA const * dsa = EVP_PKEY_get0_DSA(evp.pkey); |
2491 |
const BIGNUM *bnpriv_key; |
2505 |
const BIGNUM *bnpriv_key; |
2492 |
DSA_get0_key(dsa, nullptr, &bnpriv_key); |
2506 |
DSA_get0_key(dsa, nullptr, &bnpriv_key); |
2493 |
return bn2bi(bnpriv_key); |
2507 |
return bn2bi(bnpriv_key); |
Lines 2617-2623
public:
Link Here
|
2617 |
if (!sec) |
2631 |
if (!sec) |
2618 |
return; |
2632 |
return; |
2619 |
|
2633 |
|
2620 |
DH * orig = EVP_PKEY_get0_DH(evp.pkey); |
2634 |
DH const * orig = EVP_PKEY_get0_DH(evp.pkey); |
2621 |
DH * dh = DH_new(); |
2635 |
DH * dh = DH_new(); |
2622 |
const BIGNUM *bnp, *bng, *bnpub_key; |
2636 |
const BIGNUM *bnp, *bng, *bnpub_key; |
2623 |
DH_get0_pqg(orig, &bnp, nullptr, &bng); |
2637 |
DH_get0_pqg(orig, &bnp, nullptr, &bng); |
Lines 2640-2647
public:
Link Here
|
2640 |
|
2654 |
|
2641 |
SymmetricKey deriveKey(const PKeyBase &theirs) override |
2655 |
SymmetricKey deriveKey(const PKeyBase &theirs) override |
2642 |
{ |
2656 |
{ |
2643 |
DH * dh = EVP_PKEY_get0_DH(evp.pkey); |
2657 |
DH * dh = EVP_PKEY_get1_DH(evp.pkey); |
2644 |
DH * them = EVP_PKEY_get0_DH(static_cast<const DHKey *>(&theirs)->evp.pkey); |
2658 |
DH const * them = EVP_PKEY_get0_DH(static_cast<const DHKey *>(&theirs)->evp.pkey); |
2645 |
const BIGNUM *bnpub_key; |
2659 |
const BIGNUM *bnpub_key; |
2646 |
DH_get0_key(them, &bnpub_key, nullptr); |
2660 |
DH_get0_key(them, &bnpub_key, nullptr); |
2647 |
|
2661 |
|
Lines 2709-2715
public:
Link Here
|
2709 |
|
2723 |
|
2710 |
DLGroup domain() const override |
2724 |
DLGroup domain() const override |
2711 |
{ |
2725 |
{ |
2712 |
DH * dh = EVP_PKEY_get0_DH(evp.pkey); |
2726 |
DH const * dh = EVP_PKEY_get0_DH(evp.pkey); |
2713 |
const BIGNUM *bnp, *bng; |
2727 |
const BIGNUM *bnp, *bng; |
2714 |
DH_get0_pqg(dh, &bnp, nullptr, &bng); |
2728 |
DH_get0_pqg(dh, &bnp, nullptr, &bng); |
2715 |
return DLGroup(bn2bi(bnp), bn2bi(bng)); |
2729 |
return DLGroup(bn2bi(bnp), bn2bi(bng)); |
Lines 2717-2723
public:
Link Here
|
2717 |
|
2731 |
|
2718 |
BigInteger y() const override |
2732 |
BigInteger y() const override |
2719 |
{ |
2733 |
{ |
2720 |
DH * dh = EVP_PKEY_get0_DH(evp.pkey); |
2734 |
DH const * dh = EVP_PKEY_get0_DH(evp.pkey); |
2721 |
const BIGNUM *bnpub_key; |
2735 |
const BIGNUM *bnpub_key; |
2722 |
DH_get0_key(dh, &bnpub_key, nullptr); |
2736 |
DH_get0_key(dh, &bnpub_key, nullptr); |
2723 |
return bn2bi(bnpub_key); |
2737 |
return bn2bi(bnpub_key); |
Lines 2725-2731
public:
Link Here
|
2725 |
|
2739 |
|
2726 |
BigInteger x() const override |
2740 |
BigInteger x() const override |
2727 |
{ |
2741 |
{ |
2728 |
DH * dh = EVP_PKEY_get0_DH(evp.pkey); |
2742 |
DH const * dh = EVP_PKEY_get0_DH(evp.pkey); |
2729 |
const BIGNUM *bnpriv_key; |
2743 |
const BIGNUM *bnpriv_key; |
2730 |
DH_get0_key(dh, nullptr, &bnpriv_key); |
2744 |
DH_get0_key(dh, nullptr, &bnpriv_key); |
2731 |
return bn2bi(bnpriv_key); |
2745 |
return bn2bi(bnpriv_key); |