Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-06-20 12:24:24 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

fixed bug in private key extraction

Browse source
This commit is contained in:
csoler 2016-06-16 21:27:28 -04:00
parent dbd78d2401
commit 8d54603b02
1 changed files with 14 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

26
libretroshare/src/gxs/gxssecurity.cc
View file

@ -96,14 +96,15 @@ static void setRSAPublicKeyData(RsTlvPublicRSAKey& key, RSA *rsa_pub)
free(data) ; free(data) ;
} }
static void setRSAPrivateKeyData(RsTlvPrivateRSAKey& key, RSA *rsa_pub) static void setRSAPrivateKeyData(RsTlvPrivateRSAKey& key, RSA *rsa_priv)
{ {
assert(key.keyFlags & RSTLV_KEY_TYPE_FULL) ; assert(key.keyFlags & RSTLV_KEY_TYPE_FULL) ;
unsigned char *data = NULL ; // this works for OpenSSL > 0.9.7 unsigned char *data = NULL ; // this works for OpenSSL > 0.9.7
int reqspace = i2d_RSAPublicKey(rsa_pub, &data); int reqspace = i2d_RSAPrivateKey(rsa_priv, &data);
key.keyData.setBinData(data, reqspace); key.keyData.setBinData(data, reqspace);
key.keyId = getRsaKeyFingerprint(rsa_pub); key.keyId = getRsaKeyFingerprint(rsa_priv);
free(data) ; free(data) ;
} }
@ -180,16 +181,17 @@ bool GxsSecurity::generateKeyPair(RsTlvPublicRSAKey& public_key,RsTlvPrivateRSAK
RSA *rsa = RSA_generate_key(2048, 65537, NULL, NULL); RSA *rsa = RSA_generate_key(2048, 65537, NULL, NULL);
RSA *rsa_pub = RSAPublicKey_dup(rsa); RSA *rsa_pub = RSAPublicKey_dup(rsa);
public_key.keyFlags = RSTLV_KEY_TYPE_PUBLIC_ONLY ;
private_key.keyFlags = RSTLV_KEY_TYPE_FULL ;
setRSAPublicKeyData(public_key, rsa_pub); setRSAPublicKeyData(public_key, rsa_pub);
setRSAPrivateKeyData(private_key, rsa); setRSAPrivateKeyData(private_key, rsa);
public_key.startTS = time(NULL); public_key.startTS = time(NULL);
public_key.endTS = public_key.startTS + 60 * 60 * 24 * 365 * 5; /* approx 5 years */ public_key.endTS = public_key.startTS + 60 * 60 * 24 * 365 * 5; /* approx 5 years */
public_key.keyFlags = RSTLV_KEY_TYPE_PUBLIC_ONLY ;
private_key.startTS = public_key.startTS; private_key.startTS = public_key.startTS;
private_key.endTS = 0; /* no end */ private_key.endTS = 0; /* no end */
private_key.keyFlags = RSTLV_KEY_TYPE_FULL ;
// clean up // clean up
RSA_free(rsa); RSA_free(rsa);
@ -250,28 +252,28 @@ bool GxsSecurity::extractPublicKey(const RsTlvPrivateRSAKey &private_key, RsTlvP
bool GxsSecurity::getSignature(const char *data, uint32_t data_len, const RsTlvPrivateRSAKey &privKey, RsTlvKeySignature& sign) bool GxsSecurity::getSignature(const char *data, uint32_t data_len, const RsTlvPrivateRSAKey &privKey, RsTlvKeySignature& sign)
{ {
RSA* rsa_pub = extractPrivateKey(privKey); RSA* rsa_priv = extractPrivateKey(privKey);
if(!rsa_pub) if(!rsa_priv)
{ {
std::cerr << "GxsSecurity::getSignature(): Cannot create signature. Keydata is incomplete." << std::endl; std::cerr << "GxsSecurity::getSignature(): Cannot create signature. Keydata is incomplete." << std::endl;
return false ; return false ;
} }
EVP_PKEY *key_pub = EVP_PKEY_new(); EVP_PKEY *key_priv = EVP_PKEY_new();
EVP_PKEY_assign_RSA(key_pub, rsa_pub); EVP_PKEY_assign_RSA(key_priv, rsa_priv);
/* calc and check signature */ /* calc and check signature */
EVP_MD_CTX *mdctx = EVP_MD_CTX_create(); EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
bool ok = EVP_SignInit(mdctx, EVP_sha1()) == 1; bool ok = EVP_SignInit(mdctx, EVP_sha1()) == 1;
ok &= EVP_SignUpdate(mdctx, data, data_len) == 1; ok &= EVP_SignUpdate(mdctx, data, data_len) == 1;
unsigned int siglen = EVP_PKEY_size(key_pub); unsigned int siglen = EVP_PKEY_size(key_priv);
unsigned char sigbuf[siglen]; unsigned char sigbuf[siglen];
ok &= EVP_SignFinal(mdctx, sigbuf, &siglen, key_pub) == 1; ok &= EVP_SignFinal(mdctx, sigbuf, &siglen, key_priv) == 1;
// clean up // clean up
EVP_MD_CTX_destroy(mdctx); EVP_MD_CTX_destroy(mdctx);
EVP_PKEY_free(key_pub); EVP_PKEY_free(key_priv);
sign.signData.setBinData(sigbuf, siglen); sign.signData.setBinData(sigbuf, siglen);
sign.keyId = RsGxsId(privKey.keyId); sign.keyId = RsGxsId(privKey.keyId);