Home Explore Help
Sign In
mirrors
/
snac2
mirror of https://codeberg.org/grunfink/snac2.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Deleted OpenSSL that uses deprecated functions.

default 2 years ago
parent
c83b601f90
commit
b19c68622d
3 changed files with 28 additions and 86 deletions
Split View Show Diff Stats
  1. 1 1
      utils.c
  2. 26 84
      xs_openssl.h
  3. 1 1
      xs_version.h

+ 1 - 1
utils.c
View File 

@@ -295,7 +295,7 @@ int adduser(const char *uid)
 
     }
 
 
     printf("\nCreating RSA key...\n");
 
-    key = xs_rsa_genkey(4096);
 
+    key = xs_evp_genkey(4096);
 
     printf("Done.\n");
 
 
     xs *kfn = xs_fmt("%s/key.json", basedir);

+ 26 - 84
xs_openssl.h
View File 

@@ -11,9 +11,7 @@ xs_str *_xs_digest(const xs_val *input, int size, const char *digest, int as_hex
 
 #define xs_sha256_hex(input, size)    _xs_digest(input, size, "sha256", 1)
 
 #define xs_sha256_base64(input, size) _xs_digest(input, size, "sha256", 0)
 
 
-xs_dict *xs_rsa_genkey(int bits);
 
-xs_str *xs_rsa_sign(const char *secret, const char *mem, int size);
 
-int xs_rsa_verify(const char *pubkey, const char *mem, int size, const char *b64sig);
 
+xs_dict *xs_evp_genkey(int bits);
 
 xs_str *xs_evp_sign(const char *secret, const char *mem, int size);
 
 int xs_evp_verify(const char *pubkey, const char *mem, int size, const char *b64sig);
 
 
@@ -47,98 +45,42 @@ xs_str *_xs_digest(const xs_val *input, int size, const char *digest, int as_hex
 
 }
 
 
 
-xs_dict *xs_rsa_genkey(int bits)
 
-/* generates an RSA keypair */
 
+xs_dict *xs_evp_genkey(int bits)
 
+/* generates an RSA keypair using the EVP interface */
 
 {
 
-    BIGNUM *bne;
 
-    RSA *rsa;
 
     xs_dict *keypair = NULL;
 
+    EVP_PKEY_CTX *ctx;
 
+    EVP_PKEY *pkey = NULL;
 
 
-    if ((bne = BN_new()) != NULL) {
 
-        if (BN_set_word(bne, RSA_F4) == 1) {
 
-            if ((rsa = RSA_new()) != NULL) {
 
-                if (RSA_generate_key_ex(rsa, bits, bne, NULL) == 1) {
 
-                    BIO *bs = BIO_new(BIO_s_mem());
 
-                    BIO *bp = BIO_new(BIO_s_mem());
 
-                    BUF_MEM *sptr;
 
-                    BUF_MEM *pptr;
 
+    if ((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL)
 
+        goto end;
 
 
-                    PEM_write_bio_RSAPrivateKey(bs, rsa, NULL, NULL, 0, 0, NULL);
 
-                    BIO_get_mem_ptr(bs, &sptr);
 
+    if (EVP_PKEY_keygen_init(ctx) <= 0 ||
 
+        EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) <= 0 ||
 
+        EVP_PKEY_keygen(ctx, &pkey) <= 0)
 
+        goto end;
 
 
-                    PEM_write_bio_RSA_PUBKEY(bp, rsa);
 
-                    BIO_get_mem_ptr(bp, &pptr);
 
+    BIO *bs = BIO_new(BIO_s_mem());
 
+    BIO *bp = BIO_new(BIO_s_mem());
 
+    BUF_MEM *sptr;
 
+    BUF_MEM *pptr;
 
 
-                    keypair = xs_dict_new();
 
+    PEM_write_bio_PrivateKey(bs, pkey, NULL, NULL, 0, 0, NULL);
 
+    BIO_get_mem_ptr(bs, &sptr);
 
 
-                    keypair = xs_dict_append(keypair, "secret", sptr->data);
 
-                    keypair = xs_dict_append(keypair, "public", pptr->data);
 
+    PEM_write_bio_PUBKEY(bp, pkey);
 
+    BIO_get_mem_ptr(bp, &pptr);
 
 
-                    BIO_free(bs);
 
-                    BIO_free(bp);
 
-                }
 
-            }
 
-        }
 
-    }
 
-
 
-    return keypair;    
-}
 
-
 
-
 
-xs_str *xs_rsa_sign(const char *secret, const char *mem, int size)
 
-/* signs a memory block (secret is in PEM format) */
 
-{
 
-    xs_str *signature = NULL;
 
-    BIO *b;
 
-    RSA *rsa;
 
-    unsigned char *sig;
 
-    unsigned int sig_len;
 
-
 
-    /* un-PEM the key */
 
-    b = BIO_new_mem_buf(secret, strlen(secret));
 
-    rsa = PEM_read_bio_RSAPrivateKey(b, NULL, NULL, NULL);
 
-
 
-    /* alloc space */
 
-    sig = xs_realloc(NULL, RSA_size(rsa));
 
-
 
-    if (RSA_sign(NID_sha256, (unsigned char *)mem, size, sig, &sig_len, rsa) == 1)
 
-        signature = xs_base64_enc((char *)sig, sig_len);
 
-
 
-    BIO_free(b);
 
-    RSA_free(rsa);
 
-    xs_free(sig);
 
+    keypair = xs_dict_new();
 
 
-    return signature;
 
-}
 
+    keypair = xs_dict_append(keypair, "secret", sptr->data);
 
+    keypair = xs_dict_append(keypair, "public", pptr->data);
 
 
+    BIO_free(bs);
 
+    BIO_free(bp);
 
 
-int xs_rsa_verify(const char *pubkey, const char *mem, int size, const char *b64sig)
 
-/* verifies a base64 block, returns non-zero on ok */
 
-{
 
-    int r = 0;
 
-    BIO *b;
 
-    RSA *rsa;
 
-
 
-    /* un-PEM the key */
 
-    b = BIO_new_mem_buf(pubkey, strlen(pubkey));
 
-    rsa = PEM_read_bio_RSA_PUBKEY(b, NULL, NULL, NULL);
 
-
 
-    if (rsa != NULL) {
 
-        xs *sig = NULL;
 
-        int s_size;
 
-
 
-        /* de-base64 */
 
-        sig = xs_base64_dec(b64sig,  &s_size);
 
-
 
-        if (sig != NULL)
 
-            r = RSA_verify(NID_sha256, (unsigned char *)mem, size,
 
-                           (unsigned char *)sig, s_size, rsa);
 
-    }
 
-
 
-    BIO_free(b);
 
-    RSA_free(rsa);
 
-
 
-    return r;
 
+end:
 
+    return keypair;
 
 }

+ 1 - 1
xs_version.h
View File 

@@ -1 +1 @@
 
-/* fe95bda22e514fa188c50438cce0eee0c6919911 */
 
+/* b4afa5f823a998a263159ebfe9be67b81a8cc774 */