From 09a6efad523b1c8b80684c87f73b41ac6deff35f Mon Sep 17 00:00:00 2001
From: csoler <csoler@users.sourceforge.net>
Date: Sat, 20 Feb 2016 21:25:21 -0500
Subject: [PATCH] removed dead code in GxsSecurity

---
 libretroshare/src/gxs/gxssecurity.cc     | 204 -----------------------
 libretroshare/src/gxs/gxssecurity.h      |  62 -------
 libretroshare/src/gxs/rsgxsnetservice.cc | 170 -------------------
 libretroshare/src/gxs/rsgxsnetservice.h  |   3 -
 4 files changed, 439 deletions(-)

diff --git a/libretroshare/src/gxs/gxssecurity.cc b/libretroshare/src/gxs/gxssecurity.cc
index 685e02828..a5d2a1c72 100644
--- a/libretroshare/src/gxs/gxssecurity.cc
+++ b/libretroshare/src/gxs/gxssecurity.cc
@@ -414,122 +414,6 @@ bool GxsSecurity::validateNxsMsg(const RsNxsMsg& msg, const RsTlvKeySignature& s
 	return false;
 }
 
-#ifdef TO_REMOVE
-bool GxsSecurity::initEncryption(GxsSecurity::MultiEncryptionContext& encryption_context, const std::vector<RsTlvSecurityKey>& keys)
-{
-    // prepare an array of encrypted keys ek and public keys puk
-
-    try
-    {
-	    encryption_context.clear() ;
-
-	    encryption_context.ek  = new unsigned char *[keys.size()] ;
-	    encryption_context.ekl = new int            [keys.size()] ;
-	encryption_context.ids.resize(keys.size()) ;
-
-	    EVP_PKEY      **pubk = new EVP_PKEY      *[keys.size()] ;
-	    memset(pubk,0,keys.size()*sizeof(EVP_PKEY      *)) ;
-
-	    memset(encryption_context.ek  ,0,keys.size()*sizeof(unsigned char *)) ;
-	    memset(encryption_context.ekl ,0,keys.size()*sizeof(int            )) ;
-
-	    for(uint32_t i=0;i<keys.size();++i)
-	    {
-		    RSA *tmpkey = ::extractPublicKey(keys[i]) ;
-		    RSA *rsa_publish_pub = RSAPublicKey_dup(tmpkey) ;
-		    RSA_free(tmpkey) ;
-
-		    if(rsa_publish_pub == NULL)
-			    throw std::runtime_error("Wrong key in input key table. Cannot extract public key.") ;
-
-		    pubk[i] = EVP_PKEY_new();
-		    EVP_PKEY_assign_RSA(pubk[i], rsa_publish_pub);
-
-		    int max_evp_key_size = EVP_PKEY_size(pubk[i]);
-
-		    encryption_context.ek [i] = (unsigned char*)malloc(max_evp_key_size);
-		    encryption_context.ekl[i] = max_evp_key_size ;
-		    encryption_context.ids[i] = keys[i].keyId ;
-	    }
-
-	    EVP_CIPHER_CTX_init(&encryption_context.ctx);
-
-	    const EVP_CIPHER *cipher = EVP_aes_128_cbc();
-
-	    // intialize context and send store encrypted cipher key in ek
-
-	    if(!EVP_SealInit(&encryption_context.ctx, cipher, encryption_context.ek, encryption_context.ekl, encryption_context.iv, pubk, keys.size())) 
-		    throw std::runtime_error("Error in EVP_SealInit. Cannot init encryption. Something's wrong.") ;
-            
-            return true ;
-    }
-    catch(std::exception& e)
-    {
-	    std::cerr << "(EE) cannot init encryption context: " << e.what() << std::endl;
-	    encryption_context.clear() ;
-	    return false ;
-    }
-}
-
-bool GxsSecurity::encrypt(uint8_t *& out, uint32_t &outlen, const uint8_t *in, uint32_t inlen, GxsSecurity::MultiEncryptionContext& encryption_context)
-{
-    // encrypting for a single security key. This is a proxy function.
-    
-    out = NULL ;
-    
-    try
-    {
-	    int eklen, net_ekl;
-	    int out_currOffset = 0;
-	    int out_offset = 0;
-
-	    int size_net_ekl = sizeof(net_ekl);
-
-	    const EVP_CIPHER *cipher = EVP_CIPHER_CTX_cipher(&encryption_context.ctx) ;
-	    int cipher_block_size = EVP_CIPHER_block_size(cipher);
-	    int max_outlen = inlen + cipher_block_size ;
-
-	    // now assign memory to out accounting for data, and cipher block size, key length, and key length val
-        
-	    out = (uint8_t*)malloc(max_outlen) ;
-
-	    if(out == NULL)
-		throw std::runtime_error("GxsSecurity::encrypt(): cannot allocate memory") ;
-
-	    // now encrypt actual data
-            
-	    if(!EVP_SealUpdate(&encryption_context.ctx, (unsigned char*)out, &out_currOffset, (unsigned char*) in, inlen)) 
-            	throw std::runtime_error("(EE) EVP_SealUpdate failed. Cannot encrypt.") ;
-
-	    // move along to partial block space
-	    out_offset += out_currOffset;
-	    out_currOffset = 0 ;
-
-	    // add padding
-	    if(!EVP_SealFinal(&encryption_context.ctx, (unsigned char*)&out[out_offset], &out_currOffset)) 
-            	throw std::runtime_error("(EE) EVP_SealFinal failed. Cannot encrypt.") ;
-
-	    // move to end
-	    out_offset += out_currOffset;
-
-	    // make sure offset has not gone passed valid memory bounds
-	    if(out_offset > max_outlen) 
-            	throw std::runtime_error("(EE) GxsSecurity::encrypt(): exceeded memory bounds! This is a serious bug.") ;
-
-	    outlen = out_offset;
-        
-	    return true;
-    }
-    catch(std::exception& e)
-    {
-        if(out)
-            free(out) ;
-        
-        return false ;
-    }
-}
-#endif
-
 bool GxsSecurity::encrypt(uint8_t *& out, uint32_t &outlen, const uint8_t *in, uint32_t inlen, const RsTlvSecurityKey& key)
 {
 #ifdef DISTRIB_DEBUG
@@ -782,94 +666,6 @@ bool GxsSecurity::encrypt(uint8_t *& out, uint32_t &outlen, const uint8_t *in, u
     }
 }
 
-#ifdef TO_REMOVE
-bool GxsSecurity::initDecryption(GxsSecurity::MultiEncryptionContext& encryption_context, const RsTlvSecurityKey& key,unsigned char *IV,uint32_t IV_size,unsigned char *encrypted_session_key,uint32_t encrypted_session_key_size)
-{
-	// prepare an array of encrypted keys ek and public keys puk
-
-	try
-	{
-		encryption_context.clear() ;
-
-		encryption_context.ek  = new unsigned char *[1] ;
-		encryption_context.ekl = new int            [1] ;
-
-		RSA *rsa_publish = extractPrivateKey(key) ;
-
-		if(rsa_publish == NULL)
-		{
-#ifdef DISTRIB_DEBUG
-			std::cerr << "GxsSecurity(): Could not generate publish key " << grpId
-			          << std::endl;
-#endif
-			return false;
-		}
-
-		EVP_PKEY *privateKey = EVP_PKEY_new();
-		EVP_PKEY_assign_RSA(privateKey, rsa_publish);
-
-		encryption_context.ek[0]  = (unsigned char*)malloc(EVP_PKEY_size(privateKey));
-		encryption_context.ekl[0] = encrypted_session_key_size ;
-
-		memcpy(encryption_context.ek[0],encrypted_session_key,encrypted_session_key_size) ;
-
-		EVP_CIPHER_CTX_init(&encryption_context.ctx);
-
-		const EVP_CIPHER* cipher = EVP_aes_128_cbc();
-
-		if(!EVP_OpenInit(&encryption_context.ctx, cipher, encryption_context.ek[0], encryption_context.ekl[0], IV, privateKey)) 
-		{
-			std::cerr << "(EE) Cannot decrypt data. Most likely reason: private GXS key is missing." << std::endl;
-			encryption_context.clear() ;
-			return false;
-		}
-		return true ;
-	}
-	catch(std::exception& e)
-	{
-		std::cerr << "(EE) cannot init decryption context: " << e.what() << std::endl;
-		encryption_context.clear() ;
-		return false ;
-	}
-}
-
-bool GxsSecurity::decrypt(uint8_t *&out, uint32_t &outlen, const uint8_t *in, uint32_t inlen, MultiEncryptionContext& encryption_context) 
-{
-    out = (uint8_t*)malloc(inlen);	// this is conservative
-
-    if(out == NULL)
-    {
-	    std::cerr << "gxssecurity::decrypt(): cannot allocate memory of size " << inlen << " to decrypt data." << std::endl;
-	    return false;
-    }
-
-    int out_currOffset = 0 ;
-
-    if(!EVP_OpenUpdate(&encryption_context.ctx, (unsigned char*) out, &out_currOffset, (unsigned char*)in, inlen)) 
-    {
-	    std::cerr << "(EE) EVP_OpenUpdate failed! Decryption context is probably not inited correctly" << std::endl;
-	    free(out) ;
-	    out = NULL ;
-	    outlen=0 ;
-	    return false;
-    }
-
-    outlen = out_currOffset;
-
-    if(!EVP_OpenFinal(&encryption_context.ctx, (unsigned char*)out + out_currOffset, &out_currOffset)) 
-    {
-	    free(out) ;
-	    out = NULL ;
-	    outlen=0 ;
-	    return false;
-    }
-
-    outlen += out_currOffset;
-
-    return true ;
-}
-#endif
-
 bool GxsSecurity::decrypt(uint8_t *& out, uint32_t & outlen, const uint8_t *in, uint32_t inlen, const RsTlvSecurityKey& key)
 {
 	// Decrypts (in,inlen) into (out,outlen) using the given RSA public key.
diff --git a/libretroshare/src/gxs/gxssecurity.h b/libretroshare/src/gxs/gxssecurity.h
index d872b076e..22ac03b98 100644
--- a/libretroshare/src/gxs/gxssecurity.h
+++ b/libretroshare/src/gxs/gxssecurity.h
@@ -42,53 +42,6 @@
 class GxsSecurity 
 {
 	public:
-    	    /*!
-             * \brief The MultiEncryptionContext struct
-             * 
-             * This structure is used to store encryption keys generated when encrypting for multiple keys at once, so that
-             * the client doesn't need to know about all the libcrypto variables involved.
-             * Typically, the client will first ask to init a MultiEncryptionContext by providing several GXS ids,
-             * and then pass the structure as a parameter to encrypt some data with the same key.
-             */
-    		class MultiEncryptionContext
-	    	{
-	    	public:
-		   	 MultiEncryptionContext()  { ekl=NULL;ek=NULL;}
-		   	 ~MultiEncryptionContext() { clear() ;}
-
-		   	 void clear() 
-			 {
-				 for(uint32_t i=0;i<ids.size();++i)
-					 free(ek[i]) ;
-
-				 if(ekl)
-					 free(ekl) ;
-				 if(ek)
-					 free(ek) ;
-
-				 ekl = NULL ;
-				 ek = NULL ;
-
-				 ids.clear() ;
-			 }
-
-		   	 // The functions below give access to the encrypted symmetric key to be used.
-		   	 // 
-		   	 int            n_encrypted_keys() const { return ids.size();}
-		   	 RsGxsId        encrypted_key_id  (int i) const { return ids[i];}
-		   	 unsigned char *encrypted_key_data(int i) const { return ek[i];}
-		   	 int            encrypted_key_size(int i) { return ekl[i] ; }
-		   	 const unsigned char *initialisation_vector() const { return iv ; }
-
-	    	protected:
-		   	 std::vector<RsGxsId> ids;		// array of destination ids
-		   	 int *ekl ;                           // array of encrypted keys length 
-		   	 unsigned char **ek ;                 // array of encrypted keys 
-		   	 EVP_CIPHER_CTX ctx;                  // EVP encryption context
-		   	 unsigned char iv[EVP_MAX_IV_LENGTH]; // initialization vector of the cipher.
-             
-             		friend class GxsSecurity ;
-	    	};
 		/*!
 		 * Extracts a public key from a private key.
 		 */
@@ -112,21 +65,6 @@ class GxsSecurity
 		 */
 		static bool encrypt(uint8_t *&out, uint32_t &outlen, const uint8_t *in, uint32_t inlen, const RsTlvSecurityKey& key) ;
 		static bool encrypt(uint8_t *&out, uint32_t &outlen, const uint8_t *in, uint32_t inlen, const std::vector<RsTlvSecurityKey>& keys) ;
-#ifdef TO_REMOVE
-		/*!
-		 * Encrypts/decrypt data using envelope encryption using the key pre-computed in the encryption context passed as
-		 * parameter.
-		 */
-		static bool initEncryption(MultiEncryptionContext& encryption_context, const std::vector<RsTlvSecurityKey> &keys) ;
-		static bool initDecryption(MultiEncryptionContext& encryption_context, const RsTlvSecurityKey& key, unsigned char *IV, uint32_t IV_size, unsigned char *encrypted_session_key, uint32_t encrypted_session_key_size) ;
-        
-		/*!
-		 * Encrypts/decrypt data using envelope encryption using the key pre-computed in the encryption context passed as
-		 * parameter.
-		 */
-		static bool encrypt(uint8_t *&out, uint32_t &outlen, const uint8_t *in, uint32_t inlen, MultiEncryptionContext& encryption_context) ;
-		static bool decrypt(uint8_t *&out, uint32_t &outlen, const uint8_t *in, uint32_t inlen, MultiEncryptionContext& encryption_context) ;
-#endif
 
 		/**
 		 * Decrypts data using evelope decryption (taken from open ssl's evp_sealinit )
diff --git a/libretroshare/src/gxs/rsgxsnetservice.cc b/libretroshare/src/gxs/rsgxsnetservice.cc
index dc6d4ddf5..915a5c43b 100644
--- a/libretroshare/src/gxs/rsgxsnetservice.cc
+++ b/libretroshare/src/gxs/rsgxsnetservice.cc
@@ -3629,176 +3629,6 @@ bool RsGxsNetService::encryptSingleNxsItem(RsNxsItem *item, const RsGxsCircleId&
 	return true ;
 }
 
-#ifdef TO_REMOVE
-bool RsGxsNetService::encryptTransaction(NxsTransaction *tr)
-{
-#ifdef NXS_NET_DEBUG_7
-    RsPeerId peerId = tr->mTransaction->PeerId() ;
-    GXSNETDEBUG_P_ (peerId) << "Service " << std::hex << ((mServiceInfo.mServiceType >> 8)& 0xffff) << std::dec << " - Encrypting transaction for peer " << peerId << ", for circle ID " << tr->destination_circle  << std::endl;
-#endif
-    std::cerr << "RsGxsNetService::encryptTransaction()" << std::endl;
-         
-    // 1 - Find out the list of GXS ids to encrypt for
-    //     We could do smarter things (like see if the peer_id owns one of the circle's identities
-    //     but for now we aim at the simplest solution: encrypt for all identities in the circle.
-    
-    std::list<RsGxsId> recipients ;
-    
-    if(!mCircles->recipients(tr->destination_circle,recipients))
-    {
-        std::cerr << "  (EE) Cannot encrypt transaction: recipients list not available." << std::endl;
-        return false ;
-    }
-    
-#ifdef NXS_NET_DEBUG_7
-    GXSNETDEBUG_P_ (peerId) << "  Dest  Ids: " << std::endl;
-#endif
-    std::vector<RsTlvSecurityKey> recipient_keys ;
-    
-    for(std::list<RsGxsId>::const_iterator it(recipients.begin());it!=recipients.end();++it)
-    {
-        RsTlvSecurityKey pkey ;
-        
-       	if(!mGixs->getKey(*it,pkey))
-        {
-            std::cerr  << "(EE) Cannot retrieve public key " << *it << " for circle encryption." << std::endl;
-            // we should probably request the key.
-            continue ;
-        }
-#ifdef NXS_NET_DEBUG_7
-        GXSNETDEBUG_P_ (peerId) << "    added key " << *it << std::endl;
-#endif
-        
-        recipient_keys.push_back(pkey) ;
-    }
-    
-    // 2 - call GXSSecurity to make a header item that encrypts for the given list of peers.
-    
-#ifdef NXS_NET_DEBUG_7
-    GXSNETDEBUG_P_ (peerId) << "  Encrypting..." << std::endl;
-#endif
-    
-#ifdef USE_MULTI_ENCRYPTION_WITH_SESSION_KEY
-    GxsSecurity::MultiEncryptionContext muctx ; 
-    GxsSecurity::initEncryption(muctx,recipient_keys);
-    
-    uint32_t trNumber = 0 ;
-            
-    // 3 - serialise and encrypt each message, converting it into a NxsEncryptedDataItem
-    
-    std::list<RsNxsItem*> encrypted_items ;
-    
-    for(std::list<RsNxsItem*>::const_iterator it(tr->mItems.begin());it!=tr->mItems.end();++it)
-    {
-        uint32_t size = (*it)->serial_size() ;
-        RsTemporaryMemory tempmem( size ) ;
-        
-        if(!(*it)->serialise(tempmem,size))
-        {
-            std::cerr << "  (EE) Cannot serialise item. Something went wrong." << std::endl;
-            continue ;
-        }
-        
-        unsigned char *encrypted_data = NULL ;
-        uint32_t encrypted_len  = 0 ;
-        
-        if(!GxsSecurity::encrypt(encrypted_data, encrypted_len,tempmem,size,muctx))
-        {
-            std::cerr << "  (EE) Cannot multi-encrypt item. Something went wrong." << std::endl;
-            continue ;
-        }
-        
-        RsNxsEncryptedDataItem *enc_item = new RsNxsEncryptedDataItem(mServType) ;
-        
-        enc_item->aes_encrypted_data.bin_len  = encrypted_len ;
-        enc_item->aes_encrypted_data.bin_data = encrypted_data ;
-        enc_item->transactionNumber = (*it)->transactionNumber ;
-        enc_item->PeerId((*it)->PeerId()) ;
-        
-        trNumber= (*it)->transactionNumber ;
-        
-        encrypted_items.push_back(enc_item) ;
-#ifdef NXS_NET_DEBUG_7
-        GXSNETDEBUG_P_(peerId) << "    encrypted item of size " << encrypted_len << std::endl;
-#endif
-    }
-        
-    // 4 - put back in transaction.
-    
-    for(std::list<RsNxsItem*>::const_iterator it(tr->mItems.begin());it!=tr->mItems.end();++it)
-        delete *it ;
-    
-    tr->mItems = encrypted_items ;
-    
-    // 5 - make session key item and push it front.
-    
-#ifdef NXS_NET_DEBUG_7
-    GXSNETDEBUG_P_(peerId) << "  Creating session key" << std::endl;
-#endif
-    RsNxsSessionKeyItem *session_key_item = new RsNxsSessionKeyItem(mServType) ;
-    session_key_item->PeerId(tr->mTransaction->PeerId()) ;
-    session_key_item->transactionNumber = trNumber ;
-    
-    memcpy(session_key_item->iv,muctx.initialisation_vector(),EVP_MAX_IV_LENGTH) ;
-    
-    for(int i=0;i<muctx.n_encrypted_keys();++i)
-    {
-#ifdef NXS_NET_DEBUG_7
-        GXSNETDEBUG_P_(peerId) << "     addign session key for ID " << muctx.encrypted_key_id(i) << std::endl;
-#endif
-        RsTlvBinaryData data ;
-        
-        data.setBinData(muctx.encrypted_key_data(i), muctx.encrypted_key_size(i)) ;
-        
-        session_key_item->encrypted_session_keys[muctx.encrypted_key_id(i)] = data ;
-    }
-    
-    tr->mItems.push_front(session_key_item) ;
-#else
-    std::list<RsNxsItem*> encrypted_items ;
-    
-    for(std::list<RsNxsItem*>::const_iterator it(tr->mItems.begin());it!=tr->mItems.end();++it)
-    {
-        uint32_t size = (*it)->serial_size() ;
-        RsTemporaryMemory tempmem( size ) ;
-        
-        if(!(*it)->serialise(tempmem,size))
-        {
-            std::cerr << "  (EE) Cannot serialise item. Something went wrong." << std::endl;
-            continue ;
-        }
-        
-        unsigned char *encrypted_data = NULL ;
-        uint32_t encrypted_len  = 0 ;
-        
-        if(!GxsSecurity::encrypt(encrypted_data, encrypted_len,tempmem,size,recipient_keys))
-        {
-            std::cerr << "  (EE) Cannot multi-encrypt item. Something went wrong." << std::endl;
-            continue ;
-        }
-        
-        RsNxsEncryptedDataItem *enc_item = new RsNxsEncryptedDataItem(mServType) ;
-        
-        enc_item->encrypted_data.bin_len  = encrypted_len ;
-        enc_item->encrypted_data.bin_data = encrypted_data ;
-        enc_item->transactionNumber = (*it)->transactionNumber ;
-        enc_item->PeerId((*it)->PeerId()) ;
-        
-        encrypted_items.push_back(enc_item) ;
-#ifdef NXS_NET_DEBUG_7
-        GXSNETDEBUG_P_(peerId) << "    encrypted item of size " << encrypted_len << std::endl;
-#endif
-    }
-    for(std::list<RsNxsItem*>::const_iterator it(tr->mItems.begin());it!=tr->mItems.end();++it)
-        delete *it ;
-    
-    tr->mItems = encrypted_items ;
-#endif
- 
-    return true ;
-}
-#endif
-
 // Tries to decrypt the transaction. First load the keys and process all items.
 // If keys are loaded, encrypted items that cannot be decrypted are discarded.
 // Otherwise the transaction is untouched for retry later.
diff --git a/libretroshare/src/gxs/rsgxsnetservice.h b/libretroshare/src/gxs/rsgxsnetservice.h
index f4007faf8..95725322e 100644
--- a/libretroshare/src/gxs/rsgxsnetservice.h
+++ b/libretroshare/src/gxs/rsgxsnetservice.h
@@ -452,9 +452,6 @@ private:
     /*!
     * encrypts/decrypts the transaction for the destination circle id.
     */
-#ifdef TO_REMOVE
-    bool encryptTransaction(NxsTransaction *tr);
-#endif
     bool encryptSingleNxsItem(RsNxsItem *item, const RsGxsCircleId& destination_circle, RsNxsItem *& encrypted_item, uint32_t &status) ;
     bool processTransactionForDecryption(NxsTransaction *tr); // return false when the keys are not loaded => need retry later