validate canons without yatest_common

author: qrort <qrort@yandex-team.com> 2022-11-30 23:47:12 +0300
committer: qrort <qrort@yandex-team.com> 2022-11-30 23:47:12 +0300
commit: 22f8ae0e3f5d68b92aecccdf96c1d841a0334311 (patch)
tree: bffa27765faf54126ad44bcafa89fadecb7a73d7 /library/cpp/openssl/crypto
parent: 332b99e2173f0425444abb759eebcb2fafaa9209 (diff)
download: ydb-22f8ae0e3f5d68b92aecccdf96c1d841a0334311.tar.gz
4 files changed, 230 insertions, 0 deletions
diff --git a/library/cpp/openssl/crypto/rsa.cpp b/library/cpp/openssl/crypto/rsa.cpp
new file mode 100644
index 00000000000..4b1d6648268
--- /dev/null
+++ b/library/cpp/openssl/crypto/rsa.cpp
@@ -0,0 +1,56 @@
+#include "rsa.h"
+
+#include <library/cpp/openssl/big_integer/big_integer.h>
+#include <library/cpp/openssl/init/init.h>
+
+#include <util/generic/yexception.h>
+#include <util/generic/buffer.h>
+
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+
+using namespace NOpenSsl;
+using namespace NOpenSsl::NRsa;
+
+namespace {
+    struct TInit {
+        inline TInit() {
+            InitOpenSSL();
+        }
+    } INIT;
+}
+
+TPublicKey::TPublicKey(const TBigInteger& e, const TBigInteger& n)
+    : Key_(RSA_new())
+{
+    Y_ENSURE(Key_, "RSA_new() failed");
+
+    RSA_set0_key(Key_, BN_dup(n.Impl()), BN_dup(e.Impl()), nullptr);
+}
+
+TPublicKey::~TPublicKey() noexcept {
+    RSA_free(Key_);
+}
+
+size_t TPublicKey::OutputLength() const noexcept {
+    return RSA_size(Key_);
+}
+
+size_t TPublicKey::EncryptNoPad(void* dst, const void* src, size_t size) const {
+    auto len = RSA_public_encrypt(size, (const ui8*)src, (ui8*)dst, Key_, RSA_NO_PADDING);
+
+    Y_ENSURE(len >= 0, "RSA_public_encrypt() failed");
+
+    return len;
+}
+
+TBigInteger TPublicKey::EncryptNoPad(const TBigInteger& src) const {
+    const auto len1 = OutputLength();
+    const auto len2 = src.NumBytes();
+    TBuffer buf(len1 + len2);
+
+    char* buf1 = (char*)buf.Data();
+    char* buf2 = buf1 + len1;
+
+    return TBigInteger::FromRegion(buf1, EncryptNoPad(buf1, buf2, src.ToRegion(buf2)));
+}
diff --git a/library/cpp/openssl/crypto/rsa.h b/library/cpp/openssl/crypto/rsa.h
new file mode 100644
index 00000000000..3bf9e4a233c
--- /dev/null
+++ b/library/cpp/openssl/crypto/rsa.h
@@ -0,0 +1,34 @@
+#pragma once
+
+#include <util/generic/utility.h>
+#include <util/generic/noncopyable.h>
+
+struct rsa_st;
+
+namespace NOpenSsl {
+    class TBigInteger;
+
+    namespace NRsa {
+        class TPublicKey: public TNonCopyable {
+        public:
+            inline TPublicKey(TPublicKey&& other) noexcept {
+                Swap(other);
+            }
+
+            TPublicKey(const TBigInteger& e, const TBigInteger& n);
+            ~TPublicKey() noexcept;
+
+            size_t OutputLength() const noexcept;
+
+            TBigInteger EncryptNoPad(const TBigInteger& src) const;
+            size_t EncryptNoPad(void* dst, const void* src, size_t size) const;
+
+            inline void Swap(TPublicKey& other) noexcept {
+                DoSwap(Key_, other.Key_);
+            }
+
+        private:
+            rsa_st* Key_ = nullptr;
+        };
+    };
+}
diff --git a/library/cpp/openssl/crypto/sha.cpp b/library/cpp/openssl/crypto/sha.cpp
new file mode 100644
index 00000000000..c142b6635e1
--- /dev/null
+++ b/library/cpp/openssl/crypto/sha.cpp
@@ -0,0 +1,62 @@
+#include "sha.h"
+
+#include <util/generic/yexception.h>
+
+#include <openssl/sha.h>
+
+namespace NOpenSsl {
+    namespace NSha1 {
+        static_assert(DIGEST_LENGTH == SHA_DIGEST_LENGTH);
+
+        TDigest Calc(const void* data, size_t dataSize) {
+            TDigest digest;
+            Y_ENSURE(SHA1(static_cast<const ui8*>(data), dataSize, digest.data()) != nullptr);
+            return digest;
+        }
+
+        TCalcer::TCalcer()
+            : Context{new SHAstate_st} {
+            Y_ENSURE(SHA1_Init(Context.Get()) == 1);
+        }
+
+        TCalcer::~TCalcer() {
+        }
+
+        void TCalcer::Update(const void* data, size_t dataSize) {
+            Y_ENSURE(SHA1_Update(Context.Get(), data, dataSize) == 1);
+        }
+
+        TDigest TCalcer::Final() {
+            TDigest digest;
+            Y_ENSURE(SHA1_Final(digest.data(), Context.Get()) == 1);
+            return digest;
+        }
+    }
+    namespace NSha256 {
+        static_assert(DIGEST_LENGTH == SHA256_DIGEST_LENGTH);
+
+        TDigest Calc(const void* data, size_t dataSize) {
+            TDigest digest;
+            Y_ENSURE(SHA256(static_cast<const ui8*>(data), dataSize, digest.data()) != nullptr);
+            return digest;
+        }
+
+        TCalcer::TCalcer()
+            : Context{new SHA256state_st} {
+            Y_ENSURE(SHA256_Init(Context.Get()) == 1);
+        }
+
+        TCalcer::~TCalcer() {
+        }
+
+        void TCalcer::Update(const void* data, size_t dataSize) {
+            Y_ENSURE(SHA256_Update(Context.Get(), data, dataSize) == 1);
+        }
+
+        TDigest TCalcer::Final() {
+            TDigest digest;
+            Y_ENSURE(SHA256_Final(digest.data(), Context.Get()) == 1);
+            return digest;
+        }
+    }
+}
diff --git a/library/cpp/openssl/crypto/sha.h b/library/cpp/openssl/crypto/sha.h
new file mode 100644
index 00000000000..dbc2dfa526d
--- /dev/null
+++ b/library/cpp/openssl/crypto/sha.h
@@ -0,0 +1,78 @@
+#pragma once
+
+#include <util/generic/ptr.h>
+#include <util/generic/strbuf.h>
+#include <util/system/types.h>
+
+#include <array>
+
+struct SHAstate_st;
+struct SHA256state_st;
+
+namespace NOpenSsl::NSha1 {
+    constexpr size_t DIGEST_LENGTH = 20;
+    using TDigest = std::array<ui8, DIGEST_LENGTH>;
+
+    // not fragmented input
+    TDigest Calc(const void* data, size_t dataSize);
+
+    inline TDigest Calc(TStringBuf s) {
+        return Calc(s.data(), s.length());
+    }
+
+    // fragmented input
+    class TCalcer {
+    public:
+        TCalcer();
+        ~TCalcer();
+        void Update(const void* data, size_t dataSize);
+
+        void Update(TStringBuf s) {
+            Update(s.data(), s.length());
+        }
+
+        template <typename T>
+        void UpdateWithPodValue(const T& value) {
+            Update(&value, sizeof(value));
+        }
+
+        TDigest Final();
+
+    private:
+        THolder<SHAstate_st> Context;
+    };
+}
+
+namespace NOpenSsl::NSha256 {
+    constexpr size_t DIGEST_LENGTH = 32;
+    using TDigest = std::array<ui8, DIGEST_LENGTH>;
+
+    // not fragmented input
+    TDigest Calc(const void* data, size_t dataSize);
+
+    inline TDigest Calc(TStringBuf s) {
+        return Calc(s.data(), s.length());
+    }
+
+    // fragmented input
+    class TCalcer {
+    public:
+        TCalcer();
+        ~TCalcer();
+        void Update(const void* data, size_t dataSize);
+
+        void Update(TStringBuf s) {
+            Update(s.data(), s.length());
+        }
+
+        template <typename T>
+        void UpdateWithPodValue(const T& value) {
+            Update(&value, sizeof(value));
+        }
+
+        TDigest Final();
+
+    private:
+        THolder<SHA256state_st> Context;
+    };
+}
author	qrort <qrort@yandex-team.com>	2022-11-30 23:47:12 +0300
committer	qrort <qrort@yandex-team.com>	2022-11-30 23:47:12 +0300
commit	22f8ae0e3f5d68b92aecccdf96c1d841a0334311 (patch)
tree	bffa27765faf54126ad44bcafa89fadecb7a73d7 /library/cpp/openssl/crypto
parent	332b99e2173f0425444abb759eebcb2fafaa9209 (diff)
download	ydb-22f8ae0e3f5d68b92aecccdf96c1d841a0334311.tar.gz