diff options
| author | cerevra <cerevra@yandex-team.ru> | 2022-02-10 16:45:58 +0300 |
|---|---|---|
| committer | Daniil Cherednik <dcherednik@yandex-team.ru> | 2022-02-10 16:45:58 +0300 |
| commit | bf41dd01f6c920583e9faae7cd55ed25e547e052 (patch) | |
| tree | ec7c8c285ffa648a5c5efeff453787a15ab811ac /library/cpp/tvmauth/src/rw | |
| parent | e2c3e3004f7cd68441cefcfa4aaccd3d8051c846 (diff) | |
| download | ydb-bf41dd01f6c920583e9faae7cd55ed25e547e052.tar.gz | |
Restoring authorship annotation for <cerevra@yandex-team.ru>. Commit 1 of 2.
Diffstat (limited to 'library/cpp/tvmauth/src/rw')
| -rw-r--r-- | library/cpp/tvmauth/src/rw/keys.cpp | 188 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/keys.h | 58 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/rw.h | 146 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/rw_asn1.c | 62 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/rw_key.c | 50 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/rw_lib.c | 70 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/rw_ossl.c | 166 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/rw_pss.c | 128 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/rw_pss_sign.c | 148 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/rw_sign.c | 40 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/ut/rw_ut.cpp | 102 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/ut/ya.make | 12 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/ut_large/gen/main.cpp | 62 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/ut_large/gen/ya.make | 26 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/ut_large/test.py | 70 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/ut_large/ya.make | 22 | ||||
| -rw-r--r-- | library/cpp/tvmauth/src/rw/ya.make | 16 |
17 files changed, 683 insertions, 683 deletions
diff --git a/library/cpp/tvmauth/src/rw/keys.cpp b/library/cpp/tvmauth/src/rw/keys.cpp index 5395287f5c..d37587c451 100644 --- a/library/cpp/tvmauth/src/rw/keys.cpp +++ b/library/cpp/tvmauth/src/rw/keys.cpp @@ -2,137 +2,137 @@ #include "rw.h" -#include <library/cpp/openssl/init/init.h> - +#include <library/cpp/openssl/init/init.h> + #include <contrib/libs/openssl/include/openssl/evp.h> #include <util/generic/strbuf.h> -#include <util/generic/yexception.h> - -namespace { - struct TInit { - TInit() { - InitOpenSSL(); - } - } INIT; -} - -namespace NTvmAuth { +#include <util/generic/yexception.h> + +namespace { + struct TInit { + TInit() { + InitOpenSSL(); + } + } INIT; +} + +namespace NTvmAuth { namespace NRw { - namespace NPrivate { - void TRwDestroyer::Destroy(TRwInternal* o) { - RwFree(o); - } - - class TArrayDestroyer { - public: - static void Destroy(unsigned char* o) { - free(o); - } - }; - } - - static TString SerializeRW(TRwKey* rw, int (*func)(const TRwKey*, unsigned char**)) { + namespace NPrivate { + void TRwDestroyer::Destroy(TRwInternal* o) { + RwFree(o); + } + + class TArrayDestroyer { + public: + static void Destroy(unsigned char* o) { + free(o); + } + }; + } + + static TString SerializeRW(TRwKey* rw, int (*func)(const TRwKey*, unsigned char**)) { unsigned char* buf = nullptr; int size = func(rw, &buf); - THolder<unsigned char, NPrivate::TArrayDestroyer> guard(buf); + THolder<unsigned char, NPrivate::TArrayDestroyer> guard(buf); return TString((char*)buf, size); } - TKeyPair GenKeyPair(size_t size) { - TRw rw(RwNew()); - RwGenerateKey(rw.Get(), size); - - TRw skey(RwPrivateKeyDup(rw.Get())); - TRw vkey(RwPublicKeyDup(rw.Get())); - - TKeyPair res; - res.Private = SerializeRW(skey.Get(), &i2d_RWPrivateKey); - res.Public = SerializeRW(vkey.Get(), &i2d_RWPublicKey); - - TRwPrivateKey prKey(res.Private, 0); - TRwPublicKey pubKey(res.Public); - - const TStringBuf msg = "Test test test test test"; - - Y_ENSURE(pubKey.CheckSign(msg, prKey.SignTicket(msg)), "Failed to gen keys"); - - return res; + TKeyPair GenKeyPair(size_t size) { + TRw rw(RwNew()); + RwGenerateKey(rw.Get(), size); + + TRw skey(RwPrivateKeyDup(rw.Get())); + TRw vkey(RwPublicKeyDup(rw.Get())); + + TKeyPair res; + res.Private = SerializeRW(skey.Get(), &i2d_RWPrivateKey); + res.Public = SerializeRW(vkey.Get(), &i2d_RWPublicKey); + + TRwPrivateKey prKey(res.Private, 0); + TRwPublicKey pubKey(res.Public); + + const TStringBuf msg = "Test test test test test"; + + Y_ENSURE(pubKey.CheckSign(msg, prKey.SignTicket(msg)), "Failed to gen keys"); + + return res; } TRwPrivateKey::TRwPrivateKey(TStringBuf body, TKeyId id) - : Id_(id) - , Rw_(Deserialize(body)) - , SignLen_(RwModSize(Rw_.Get())) + : Id_(id) + , Rw_(Deserialize(body)) + , SignLen_(RwModSize(Rw_.Get())) { - Y_ENSURE(SignLen_ > 0, "Private key has bad len: " << SignLen_); + Y_ENSURE(SignLen_ > 0, "Private key has bad len: " << SignLen_); } TKeyId TRwPrivateKey::GetId() const { - return Id_; + return Id_; } TString TRwPrivateKey::SignTicket(TStringBuf ticket) const { - TString res(SignLen_, 0x00); - - int len = RwPssrSignMsg(ticket.size(), - (const unsigned char*)ticket.data(), - (unsigned char*)res.data(), - Rw_.Get(), - (EVP_MD*)EVP_sha256()); - - Y_ENSURE(len > 0 && len <= SignLen_, "Signing failed. len: " << len); - - res.resize(len); - return res; + TString res(SignLen_, 0x00); + + int len = RwPssrSignMsg(ticket.size(), + (const unsigned char*)ticket.data(), + (unsigned char*)res.data(), + Rw_.Get(), + (EVP_MD*)EVP_sha256()); + + Y_ENSURE(len > 0 && len <= SignLen_, "Signing failed. len: " << len); + + res.resize(len); + return res; } TRw TRwPrivateKey::Deserialize(TStringBuf key) { - TRwKey* rw = nullptr; + TRwKey* rw = nullptr; auto data = reinterpret_cast<const unsigned char*>(key.data()); if (!d2i_RWPrivateKey(&rw, &data, key.size())) { - ythrow yexception() << "Private key is malformed"; + ythrow yexception() << "Private key is malformed"; } - return TRw(rw); + return TRw(rw); } TRwPublicKey::TRwPublicKey(TStringBuf body) - : Rw_(Deserialize(body)) + : Rw_(Deserialize(body)) { } bool TRwPublicKey::CheckSign(TStringBuf ticket, TStringBuf sign) const { - int result = RwPssrVerifyMsg(ticket.size(), - (const unsigned char*)ticket.data(), - (unsigned char*)sign.data(), - sign.size(), - Rw_.Get(), - (EVP_MD*)EVP_sha256()); - - Y_ENSURE(result >= 0, "Failed to check sign: " << result); + int result = RwPssrVerifyMsg(ticket.size(), + (const unsigned char*)ticket.data(), + (unsigned char*)sign.data(), + sign.size(), + Rw_.Get(), + (EVP_MD*)EVP_sha256()); + + Y_ENSURE(result >= 0, "Failed to check sign: " << result); return result; } TRw TRwPublicKey::Deserialize(TStringBuf key) { - TRwKey* rw = nullptr; + TRwKey* rw = nullptr; auto data = reinterpret_cast<const unsigned char*>(key.data()); - auto status = d2i_RWPublicKey(&rw, &data, key.size()); - - TRw res(rw); - Y_ENSURE(status, "Public key is malformed: " << key); - return res; - } - - TSecureHeap::TSecureHeap(size_t totalSize, int minChunkSize) { - CRYPTO_secure_malloc_init(totalSize, minChunkSize); - } - - TSecureHeap::~TSecureHeap() { - CRYPTO_secure_malloc_done(); - } - - void TSecureHeap::Init(size_t totalSize, int minChunkSize) { - Singleton<TSecureHeap>(totalSize, minChunkSize); + auto status = d2i_RWPublicKey(&rw, &data, key.size()); + + TRw res(rw); + Y_ENSURE(status, "Public key is malformed: " << key); + return res; } + + TSecureHeap::TSecureHeap(size_t totalSize, int minChunkSize) { + CRYPTO_secure_malloc_init(totalSize, minChunkSize); + } + + TSecureHeap::~TSecureHeap() { + CRYPTO_secure_malloc_done(); + } + + void TSecureHeap::Init(size_t totalSize, int minChunkSize) { + Singleton<TSecureHeap>(totalSize, minChunkSize); + } } } diff --git a/library/cpp/tvmauth/src/rw/keys.h b/library/cpp/tvmauth/src/rw/keys.h index e02b7e72a1..1070b78358 100644 --- a/library/cpp/tvmauth/src/rw/keys.h +++ b/library/cpp/tvmauth/src/rw/keys.h @@ -1,29 +1,29 @@ #pragma once -#include <util/generic/ptr.h> -#include <util/generic/string.h> +#include <util/generic/ptr.h> +#include <util/generic/string.h> #include <unordered_map> -struct TRwInternal; +struct TRwInternal; -namespace NTvmAuth { +namespace NTvmAuth { namespace NRw { - namespace NPrivate { - class TRwDestroyer { - public: - static void Destroy(TRwInternal* o); - }; - } - - using TRw = THolder<TRwInternal, NPrivate::TRwDestroyer>; - using TKeyId = ui32; - + namespace NPrivate { + class TRwDestroyer { + public: + static void Destroy(TRwInternal* o); + }; + } + + using TRw = THolder<TRwInternal, NPrivate::TRwDestroyer>; + using TKeyId = ui32; + struct TKeyPair { - TString Private; - TString Public; + TString Private; + TString Public; }; - TKeyPair GenKeyPair(size_t size); + TKeyPair GenKeyPair(size_t size); class TRwPrivateKey { public: @@ -35,9 +35,9 @@ namespace NTvmAuth { private: static TRw Deserialize(TStringBuf key); - TKeyId Id_; - TRw Rw_; - int SignLen_; + TKeyId Id_; + TRw Rw_; + int SignLen_; }; class TRwPublicKey { @@ -49,17 +49,17 @@ namespace NTvmAuth { private: static TRw Deserialize(TStringBuf key); - TRw Rw_; + TRw Rw_; }; using TPublicKeys = std::unordered_map<TKeyId, TRwPublicKey>; - - class TSecureHeap { - public: - TSecureHeap(size_t totalSize, int minChunkSize); - ~TSecureHeap(); - - static void Init(size_t totalSize = 16 * 1024 * 1024, int minChunkSize = 16); - }; + + class TSecureHeap { + public: + TSecureHeap(size_t totalSize, int minChunkSize); + ~TSecureHeap(); + + static void Init(size_t totalSize = 16 * 1024 * 1024, int minChunkSize = 16); + }; } } diff --git a/library/cpp/tvmauth/src/rw/rw.h b/library/cpp/tvmauth/src/rw/rw.h index cbff96b85d..1f8805dab3 100644 --- a/library/cpp/tvmauth/src/rw/rw.h +++ b/library/cpp/tvmauth/src/rw/rw.h @@ -7,79 +7,79 @@ extern "C" { #endif - typedef struct { - BIGNUM* S; - } TRwSignature; - - /*Rabin–Williams*/ - typedef struct TRwInternal TRwKey; - - typedef struct { - TRwSignature* (*RwSign)(const unsigned char* dgst, const int dlen, TRwKey* rw); - int (*RwVerify)(const unsigned char* dgst, int dgst_len, TRwSignature* sig, const TRwKey* rw); - int (*RwApply)(BIGNUM* r, BIGNUM* x, BN_CTX* ctx, const TRwKey* rw); - } TRwMethod; - - struct TRwInternal { - /* first private multiplier */ - BIGNUM* P; - /* second private multiplier */ - BIGNUM* Q; - /* n = p*q - RW modulus */ - BIGNUM* N; - /* precomputed 2^((3q-5)/8) mod q */ - BIGNUM* Twomq; - /* precomputed 2^((9p-11)/8) mod p*/ - BIGNUM* Twomp; - /* precomputed q^(p-2) == q^(-1) mod p */ - BIGNUM* Iqmp; - /* (q+1) / 8 */ - BIGNUM* Dq; - /* (p-3) / 8 */ - BIGNUM* Dp; - /* functions for working with RW */ - const TRwMethod* Meth; - }; - - TRwSignature* RwSignatureNew(void); - void RwSignatureFree(TRwSignature* a); - - /* RW signing functions */ - /* the function can put some tmp values to rw */ - int RwPssrSignHash(const unsigned char* from, unsigned char* to, TRwKey* rw, const EVP_MD* md); - int RwPssrSignMsg(const int msgLen, const unsigned char* msg, unsigned char* to, TRwKey* rw, const EVP_MD* md); - - /* RW-PSS verification functions */ - int RwPssrVerifyHash(const unsigned char* from, const unsigned char* sig, const int sig_len, const TRwKey* rw, const EVP_MD* md); - int RwPssrVerifyMsg(const int msgLen, const unsigned char* msg, const unsigned char* sig, const int sig_len, const TRwKey* rw, const EVP_MD* md); - - /* internal functions, use them only if you know what you're doing */ - int RwNoPaddingSign(int flen, const unsigned char* from, unsigned char* to, TRwKey* rw); - int RwApply(const int flen, const unsigned char* from, unsigned char* to, const TRwKey* rw); - - const TRwMethod* RwDefaultMethods(void); - - TRwKey* RwNew(void); - void RwFree(TRwKey* r); - int RwSize(const TRwKey* rw); - int RwModSize(const TRwKey* rw); - - TRwKey* RwPublicKeyDup(TRwKey* rw); - TRwKey* RwPrivateKeyDup(TRwKey* rw); - - // NOLINTNEXTLINE(readability-identifier-naming) - TRwKey* d2i_RWPublicKey(TRwKey** a, const unsigned char** pp, long length); - // NOLINTNEXTLINE(readability-identifier-naming) - TRwKey* d2i_RWPrivateKey(TRwKey** a, const unsigned char** pp, long length); - - int RwGenerateKey(TRwKey* a, int bits); - // NOLINTNEXTLINE(readability-identifier-naming) - int i2d_RWPublicKey(const TRwKey* a, unsigned char** pp); - // NOLINTNEXTLINE(readability-identifier-naming) - int i2d_RWPrivateKey(const TRwKey* a, unsigned char** pp); - - int RwPaddingAddPssr(const TRwKey* rw, unsigned char* EM, const unsigned char* mHash, const EVP_MD* Hash, int sLen); - int RwVerifyPssr(const TRwKey* rw, const unsigned char* mHash, const EVP_MD* Hash, const unsigned char* EM, int sLen); + typedef struct { + BIGNUM* S; + } TRwSignature; + + /*Rabin–Williams*/ + typedef struct TRwInternal TRwKey; + + typedef struct { + TRwSignature* (*RwSign)(const unsigned char* dgst, const int dlen, TRwKey* rw); + int (*RwVerify)(const unsigned char* dgst, int dgst_len, TRwSignature* sig, const TRwKey* rw); + int (*RwApply)(BIGNUM* r, BIGNUM* x, BN_CTX* ctx, const TRwKey* rw); + } TRwMethod; + + struct TRwInternal { + /* first private multiplier */ + BIGNUM* P; + /* second private multiplier */ + BIGNUM* Q; + /* n = p*q - RW modulus */ + BIGNUM* N; + /* precomputed 2^((3q-5)/8) mod q */ + BIGNUM* Twomq; + /* precomputed 2^((9p-11)/8) mod p*/ + BIGNUM* Twomp; + /* precomputed q^(p-2) == q^(-1) mod p */ + BIGNUM* Iqmp; + /* (q+1) / 8 */ + BIGNUM* Dq; + /* (p-3) / 8 */ + BIGNUM* Dp; + /* functions for working with RW */ + const TRwMethod* Meth; + }; + + TRwSignature* RwSignatureNew(void); + void RwSignatureFree(TRwSignature* a); + + /* RW signing functions */ + /* the function can put some tmp values to rw */ + int RwPssrSignHash(const unsigned char* from, unsigned char* to, TRwKey* rw, const EVP_MD* md); + int RwPssrSignMsg(const int msgLen, const unsigned char* msg, unsigned char* to, TRwKey* rw, const EVP_MD* md); + + /* RW-PSS verification functions */ + int RwPssrVerifyHash(const unsigned char* from, const unsigned char* sig, const int sig_len, const TRwKey* rw, const EVP_MD* md); + int RwPssrVerifyMsg(const int msgLen, const unsigned char* msg, const unsigned char* sig, const int sig_len, const TRwKey* rw, const EVP_MD* md); + + /* internal functions, use them only if you know what you're doing */ + int RwNoPaddingSign(int flen, const unsigned char* from, unsigned char* to, TRwKey* rw); + int RwApply(const int flen, const unsigned char* from, unsigned char* to, const TRwKey* rw); + + const TRwMethod* RwDefaultMethods(void); + + TRwKey* RwNew(void); + void RwFree(TRwKey* r); + int RwSize(const TRwKey* rw); + int RwModSize(const TRwKey* rw); + + TRwKey* RwPublicKeyDup(TRwKey* rw); + TRwKey* RwPrivateKeyDup(TRwKey* rw); + + // NOLINTNEXTLINE(readability-identifier-naming) + TRwKey* d2i_RWPublicKey(TRwKey** a, const unsigned char** pp, long length); + // NOLINTNEXTLINE(readability-identifier-naming) + TRwKey* d2i_RWPrivateKey(TRwKey** a, const unsigned char** pp, long length); + + int RwGenerateKey(TRwKey* a, int bits); + // NOLINTNEXTLINE(readability-identifier-naming) + int i2d_RWPublicKey(const TRwKey* a, unsigned char** pp); + // NOLINTNEXTLINE(readability-identifier-naming) + int i2d_RWPrivateKey(const TRwKey* a, unsigned char** pp); + + int RwPaddingAddPssr(const TRwKey* rw, unsigned char* EM, const unsigned char* mHash, const EVP_MD* Hash, int sLen); + int RwVerifyPssr(const TRwKey* rw, const unsigned char* mHash, const EVP_MD* Hash, const unsigned char* EM, int sLen); #ifdef __cplusplus } diff --git a/library/cpp/tvmauth/src/rw/rw_asn1.c b/library/cpp/tvmauth/src/rw/rw_asn1.c index 76682dcff4..0eb7134fdb 100644 --- a/library/cpp/tvmauth/src/rw/rw_asn1.c +++ b/library/cpp/tvmauth/src/rw/rw_asn1.c @@ -8,16 +8,16 @@ /* Override the default new methods */ /* This callback is used by OpenSSL's ASN.1 parser */ -static int SignatureCallback(int operation, ASN1_VALUE** pval, const ASN1_ITEM* it, void* exarg) { +static int SignatureCallback(int operation, ASN1_VALUE** pval, const ASN1_ITEM* it, void* exarg) { (void)it; (void)exarg; if (operation == ASN1_OP_NEW_PRE) { - TRwSignature* sig; - sig = OPENSSL_malloc(sizeof(TRwSignature)); + TRwSignature* sig; + sig = OPENSSL_malloc(sizeof(TRwSignature)); if (!sig) return 0; - sig->S = NULL; + sig->S = NULL; *pval = (ASN1_VALUE*)sig; return 2; } @@ -25,25 +25,25 @@ static int SignatureCallback(int operation, ASN1_VALUE** pval, const ASN1_ITEM* } /* ASN.1 structure representing RW signature value */ -ASN1_SEQUENCE_cb(TRwSignature, SignatureCallback) = { - ASN1_SIMPLE(TRwSignature, S, BIGNUM), -} ASN1_SEQUENCE_END_cb(TRwSignature, TRwSignature) +ASN1_SEQUENCE_cb(TRwSignature, SignatureCallback) = { + ASN1_SIMPLE(TRwSignature, S, BIGNUM), +} ASN1_SEQUENCE_END_cb(TRwSignature, TRwSignature) - /* i2d_ and d2i functions implementation for RW */ - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(TRwSignature, TRwSignature, TRwSignature) + /* i2d_ and d2i functions implementation for RW */ + IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(TRwSignature, TRwSignature, TRwSignature) /* Override the default free and new methods */ - static int RwCallback(int operation, ASN1_VALUE** pval, const ASN1_ITEM* it, void* exarg) { + static int RwCallback(int operation, ASN1_VALUE** pval, const ASN1_ITEM* it, void* exarg) { (void)it; (void)exarg; if (operation == ASN1_OP_NEW_PRE) { - *pval = (ASN1_VALUE*)RwNew(); + *pval = (ASN1_VALUE*)RwNew(); if (*pval) return 2; return 0; } else if (operation == ASN1_OP_FREE_PRE) { - RwFree((TRwKey*)*pval); + RwFree((TRwKey*)*pval); *pval = NULL; return 2; } @@ -51,31 +51,31 @@ ASN1_SEQUENCE_cb(TRwSignature, SignatureCallback) = { } /* ASN.1 representation of RW's private key */ -ASN1_SEQUENCE_cb(RWPrivateKey, RwCallback) = { - ASN1_SIMPLE(TRwKey, N, BIGNUM), - ASN1_SIMPLE(TRwKey, P, CBIGNUM), - ASN1_SIMPLE(TRwKey, Q, CBIGNUM), - ASN1_SIMPLE(TRwKey, Iqmp, CBIGNUM), - ASN1_SIMPLE(TRwKey, Dq, CBIGNUM), - ASN1_SIMPLE(TRwKey, Dp, CBIGNUM), - ASN1_SIMPLE(TRwKey, Twomp, CBIGNUM), - ASN1_SIMPLE(TRwKey, Twomq, CBIGNUM)} ASN1_SEQUENCE_END_cb(TRwKey, RWPrivateKey); +ASN1_SEQUENCE_cb(RWPrivateKey, RwCallback) = { + ASN1_SIMPLE(TRwKey, N, BIGNUM), + ASN1_SIMPLE(TRwKey, P, CBIGNUM), + ASN1_SIMPLE(TRwKey, Q, CBIGNUM), + ASN1_SIMPLE(TRwKey, Iqmp, CBIGNUM), + ASN1_SIMPLE(TRwKey, Dq, CBIGNUM), + ASN1_SIMPLE(TRwKey, Dp, CBIGNUM), + ASN1_SIMPLE(TRwKey, Twomp, CBIGNUM), + ASN1_SIMPLE(TRwKey, Twomq, CBIGNUM)} ASN1_SEQUENCE_END_cb(TRwKey, RWPrivateKey); -/* i2d_ and d2i_ functions for RW's private key */ -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(TRwKey, RWPrivateKey, RWPrivateKey); +/* i2d_ and d2i_ functions for RW's private key */ +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(TRwKey, RWPrivateKey, RWPrivateKey); -/* ASN.1 representation of RW public key */ -ASN1_SEQUENCE_cb(RWPublicKey, RwCallback) = { - ASN1_SIMPLE(TRwKey, N, BIGNUM), -} ASN1_SEQUENCE_END_cb(TRwKey, RWPublicKey); +/* ASN.1 representation of RW public key */ +ASN1_SEQUENCE_cb(RWPublicKey, RwCallback) = { + ASN1_SIMPLE(TRwKey, N, BIGNUM), +} ASN1_SEQUENCE_END_cb(TRwKey, RWPublicKey); -/* i2d_ and d2i functions for RW public key */ -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(TRwKey, RWPublicKey, RWPublicKey); +/* i2d_ and d2i functions for RW public key */ +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(TRwKey, RWPublicKey, RWPublicKey); -TRwKey* RwPublicKeyDup(TRwKey* rw) { +TRwKey* RwPublicKeyDup(TRwKey* rw) { return ASN1_item_dup(ASN1_ITEM_rptr(RWPublicKey), rw); } -TRwKey* RwPrivateKeyDup(TRwKey* rw) { +TRwKey* RwPrivateKeyDup(TRwKey* rw) { return ASN1_item_dup(ASN1_ITEM_rptr(RWPrivateKey), rw); } diff --git a/library/cpp/tvmauth/src/rw/rw_key.c b/library/cpp/tvmauth/src/rw/rw_key.c index 8375c3ca20..35a7b60112 100644 --- a/library/cpp/tvmauth/src/rw/rw_key.c +++ b/library/cpp/tvmauth/src/rw/rw_key.c @@ -2,7 +2,7 @@ #include <contrib/libs/openssl/include/openssl/rand.h> -int RwGenerateKey(TRwKey* rw, int bits) { +int RwGenerateKey(TRwKey* rw, int bits) { int ok = 0; BN_CTX* ctx = NULL; @@ -13,25 +13,25 @@ int RwGenerateKey(TRwKey* rw, int bits) { int bitsq = bits - bitsp; /* make sure that all components are not null */ - if ((ctx = BN_CTX_secure_new()) == NULL) + if ((ctx = BN_CTX_secure_new()) == NULL) goto err; if (!rw) goto err; - if (!rw->N && ((rw->N = BN_new()) == NULL)) + if (!rw->N && ((rw->N = BN_new()) == NULL)) goto err; - if (!rw->P && ((rw->P = BN_new()) == NULL)) + if (!rw->P && ((rw->P = BN_new()) == NULL)) goto err; - if (!rw->Q && ((rw->Q = BN_new()) == NULL)) + if (!rw->Q && ((rw->Q = BN_new()) == NULL)) goto err; - if (!rw->Iqmp && ((rw->Iqmp = BN_new()) == NULL)) + if (!rw->Iqmp && ((rw->Iqmp = BN_new()) == NULL)) goto err; - if (!rw->Twomq && ((rw->Twomq = BN_new()) == NULL)) + if (!rw->Twomq && ((rw->Twomq = BN_new()) == NULL)) goto err; - if (!rw->Twomp && ((rw->Twomp = BN_new()) == NULL)) + if (!rw->Twomp && ((rw->Twomp = BN_new()) == NULL)) goto err; - if (!rw->Dq && ((rw->Dq = BN_new()) == NULL)) + if (!rw->Dq && ((rw->Dq = BN_new()) == NULL)) goto err; - if (!rw->Dp && ((rw->Dp = BN_new()) == NULL)) + if (!rw->Dp && ((rw->Dp = BN_new()) == NULL)) goto err; BN_CTX_start(ctx); @@ -60,32 +60,32 @@ int RwGenerateKey(TRwKey* rw, int bits) { /* add == 8 */ /* rem == 3 */ /* safe == 0 as we don't need (p-1)/2 to be also prime */ - if (!BN_generate_prime_ex(rw->P, bitsp, 0, mod8, rem3, NULL)) + if (!BN_generate_prime_ex(rw->P, bitsp, 0, mod8, rem3, NULL)) goto err; /* generate q */ /* add == 8 */ /* rem == 7 */ /* safe == 0 */ - if (!BN_generate_prime_ex(rw->Q, bitsq, 0, mod8, rem7, NULL)) + if (!BN_generate_prime_ex(rw->Q, bitsq, 0, mod8, rem7, NULL)) goto err; /* n == p*q */ - if (!BN_mul(rw->N, rw->P, rw->Q, ctx)) + if (!BN_mul(rw->N, rw->P, rw->Q, ctx)) goto err; /* n == 5 mod 8 ? */ - if (!BN_nnmod(nmod, rw->N, mod8, ctx)) + if (!BN_nnmod(nmod, rw->N, mod8, ctx)) goto err; if (BN_ucmp(rem5, nmod) != 0) goto err; /* q^(-1) mod p */ - if (!BN_mod_inverse(rw->Iqmp, rw->Q, rw->P, ctx)) + if (!BN_mod_inverse(rw->Iqmp, rw->Q, rw->P, ctx)) goto err; /* twomqexp = (3q-5)/8 */ - if (!BN_copy(twomqexp, rw->Q)) + if (!BN_copy(twomqexp, rw->Q)) goto err; if (!BN_mul_word(twomqexp, 3)) goto err; @@ -93,11 +93,11 @@ int RwGenerateKey(TRwKey* rw, int bits) { goto err; if (!BN_rshift(twomqexp, twomqexp, 3)) goto err; - if (!BN_mod_exp(rw->Twomq, two, twomqexp, rw->Q, ctx)) + if (!BN_mod_exp(rw->Twomq, two, twomqexp, rw->Q, ctx)) goto err; /* twompexp = (9p-11)/8 */ - if (!BN_copy(twompexp, rw->P)) + if (!BN_copy(twompexp, rw->P)) goto err; if (!BN_mul_word(twompexp, 9)) goto err; @@ -105,23 +105,23 @@ int RwGenerateKey(TRwKey* rw, int bits) { goto err; if (!BN_rshift(twompexp, twompexp, 3)) goto err; - if (!BN_mod_exp(rw->Twomp, two, twompexp, rw->P, ctx)) + if (!BN_mod_exp(rw->Twomp, two, twompexp, rw->P, ctx)) goto err; /* dp = (p-3) / 8 */ - if (!BN_copy(rw->Dp, rw->P)) + if (!BN_copy(rw->Dp, rw->P)) goto err; - if (!BN_sub_word(rw->Dp, 3)) + if (!BN_sub_word(rw->Dp, 3)) goto err; - if (!BN_rshift(rw->Dp, rw->Dp, 3)) + if (!BN_rshift(rw->Dp, rw->Dp, 3)) goto err; /* dq = (q+1) / 8 */ - if (!BN_copy(rw->Dq, rw->Q)) + if (!BN_copy(rw->Dq, rw->Q)) goto err; - if (!BN_add_word(rw->Dq, 1)) + if (!BN_add_word(rw->Dq, 1)) goto err; - if (!BN_rshift(rw->Dq, rw->Dq, 3)) + if (!BN_rshift(rw->Dq, rw->Dq, 3)) goto err; ok = 1; diff --git a/library/cpp/tvmauth/src/rw/rw_lib.c b/library/cpp/tvmauth/src/rw/rw_lib.c index 94d94caa4a..d4b1e06766 100644 --- a/library/cpp/tvmauth/src/rw/rw_lib.c +++ b/library/cpp/tvmauth/src/rw/rw_lib.c @@ -4,52 +4,52 @@ #include <stdio.h> -TRwKey* RwNew(void) { - TRwKey* ret = NULL; +TRwKey* RwNew(void) { + TRwKey* ret = NULL; - ret = (TRwKey*)malloc(sizeof(TRwKey)); + ret = (TRwKey*)malloc(sizeof(TRwKey)); if (ret == NULL) { return (NULL); } - ret->Meth = RwDefaultMethods(); + ret->Meth = RwDefaultMethods(); - ret->P = NULL; - ret->Q = NULL; - ret->N = NULL; - ret->Iqmp = NULL; - ret->Twomq = NULL; - ret->Twomp = NULL; - ret->Dp = NULL; - ret->Dq = NULL; + ret->P = NULL; + ret->Q = NULL; + ret->N = NULL; + ret->Iqmp = NULL; + ret->Twomq = NULL; + ret->Twomp = NULL; + ret->Dp = NULL; + ret->Dq = NULL; return ret; } -void RwFree(TRwKey* r) { +void RwFree(TRwKey* r) { if (r == NULL) return; - if (r->P != NULL) - BN_clear_free(r->P); - if (r->Q != NULL) - BN_clear_free(r->Q); - if (r->N != NULL) - BN_clear_free(r->N); - if (r->Iqmp != NULL) - BN_clear_free(r->Iqmp); - if (r->Dp != NULL) - BN_clear_free(r->Dp); - if (r->Dq != NULL) - BN_clear_free(r->Dq); - if (r->Twomp != NULL) - BN_clear_free(r->Twomp); - if (r->Twomq != NULL) - BN_clear_free(r->Twomq); + if (r->P != NULL) + BN_clear_free(r->P); + if (r->Q != NULL) + BN_clear_free(r->Q); + if (r->N != NULL) + BN_clear_free(r->N); + if (r->Iqmp != NULL) + BN_clear_free(r->Iqmp); + if (r->Dp != NULL) + BN_clear_free(r->Dp); + if (r->Dq != NULL) + BN_clear_free(r->Dq); + if (r->Twomp != NULL) + BN_clear_free(r->Twomp); + if (r->Twomq != NULL) + BN_clear_free(r->Twomq); - free(r); + free(r); } -int RwSize(const TRwKey* r) { +int RwSize(const TRwKey* r) { int ret = 0, i = 0; ASN1_INTEGER bs; unsigned char buf[4]; /* 4 bytes looks really small. @@ -57,7 +57,7 @@ int RwSize(const TRwKey* r) { beyond the first byte, as long as the second parameter is NULL. */ - i = BN_num_bits(r->N); + i = BN_num_bits(r->N); bs.length = (i + 7) / 8; bs.data = buf; bs.type = V_ASN1_INTEGER; @@ -70,8 +70,8 @@ int RwSize(const TRwKey* r) { return ret; } -int RwModSize(const TRwKey* rw) { - if (rw == NULL || rw->N == NULL) +int RwModSize(const TRwKey* rw) { + if (rw == NULL || rw->N == NULL) return 0; - return BN_num_bytes(rw->N); + return BN_num_bytes(rw->N); } diff --git a/library/cpp/tvmauth/src/rw/rw_ossl.c b/library/cpp/tvmauth/src/rw/rw_ossl.c index 951752bdb3..cfac5eb28a 100644 --- a/library/cpp/tvmauth/src/rw/rw_ossl.c +++ b/library/cpp/tvmauth/src/rw/rw_ossl.c @@ -7,19 +7,19 @@ //#define FAULT_TOLERANCE_CHECK #ifdef RW_PRINT_DEBUG - #include <stdio.h> + #include <stdio.h> #endif -static TRwSignature* RwDoSign(const unsigned char* dgst, int dlen, TRwKey* rw); -static int RwDoVerify(const unsigned char* dgst, int dgst_len, TRwSignature* sig, const TRwKey* rw); -static int RwDoApply(BIGNUM* r, BIGNUM* x, BN_CTX* ctx, const TRwKey* rw); +static TRwSignature* RwDoSign(const unsigned char* dgst, int dlen, TRwKey* rw); +static int RwDoVerify(const unsigned char* dgst, int dgst_len, TRwSignature* sig, const TRwKey* rw); +static int RwDoApply(BIGNUM* r, BIGNUM* x, BN_CTX* ctx, const TRwKey* rw); -static TRwMethod rw_default_meth = { - RwDoSign, - RwDoVerify, - RwDoApply}; +static TRwMethod rw_default_meth = { + RwDoSign, + RwDoVerify, + RwDoApply}; -const TRwMethod* RwDefaultMethods(void) { +const TRwMethod* RwDefaultMethods(void) { return &rw_default_meth; } @@ -33,29 +33,29 @@ static void print_bn(char* name, BIGNUM* value) { OPENSSL_free(str_repr); } - #define DEBUG_PRINT_BN(s, x) \ - do { \ - print_bn((s), (x)); \ - } while (0); - #define DEBUG_PRINT_RW(r) \ - do { \ - DEBUG_PRINT_BN("rw->p", (r)->p); \ - DEBUG_PRINT_BN("rw->q", (r)->q); \ - DEBUG_PRINT_BN("rw->n", (r)->n); \ - DEBUG_PRINT_BN("rw->iqmp", (r)->iqmp); \ - DEBUG_PRINT_BN("rw->twomp", (r)->twomp); \ - DEBUG_PRINT_BN("rw->twomq", (r)->twomq); \ - DEBUG_PRINT_BN("rw->dp", (r)->dp); \ - DEBUG_PRINT_BN("rw->dq", (r)->dq); \ - } while (0); - #define DEBUG_PRINTF(s, v) \ - do { \ - printf((s), (v)); \ - } while (0); + #define DEBUG_PRINT_BN(s, x) \ + do { \ + print_bn((s), (x)); \ + } while (0); + #define DEBUG_PRINT_RW(r) \ + do { \ + DEBUG_PRINT_BN("rw->p", (r)->p); \ + DEBUG_PRINT_BN("rw->q", (r)->q); \ + DEBUG_PRINT_BN("rw->n", (r)->n); \ + DEBUG_PRINT_BN("rw->iqmp", (r)->iqmp); \ + DEBUG_PRINT_BN("rw->twomp", (r)->twomp); \ + DEBUG_PRINT_BN("rw->twomq", (r)->twomq); \ + DEBUG_PRINT_BN("rw->dp", (r)->dp); \ + DEBUG_PRINT_BN("rw->dq", (r)->dq); \ + } while (0); + #define DEBUG_PRINTF(s, v) \ + do { \ + printf((s), (v)); \ + } while (0); #else - #define DEBUG_PRINT_BN(s, x) - #define DEBUG_PRINT_RW(r) - #define DEBUG_PRINTF(s, v) + #define DEBUG_PRINT_BN(s, x) + #define DEBUG_PRINT_RW(r) + #define DEBUG_PRINTF(s, v) #endif /* @@ -73,18 +73,18 @@ static void print_bn(char* name, BIGNUM* value) { * 8. Compute s = Y^2 mod pq * 9. Fault tolerance: if efs^2 mod pq != h start over */ -static TRwSignature* RwDoSign(const unsigned char* dgst, int dlen, TRwKey* rw) { +static TRwSignature* RwDoSign(const unsigned char* dgst, int dlen, TRwKey* rw) { BIGNUM *m, *U, *V, *tmp, *m_q, *m_p, *tmp2; /* additional variables to avoid "if" statements */ BIGNUM *tmp_mp, *tmp_U, *tmp_V; - TRwSignature* ret = NULL; + TRwSignature* ret = NULL; BN_CTX* ctx = NULL; int ok = 0, e = 0, f = 0; - if (!rw || !rw->P || !rw->Q || !rw->N || !rw->Iqmp || !rw->Dp || !rw->Dq || !rw->Twomp || !rw->Twomq) + if (!rw || !rw->P || !rw->Q || !rw->N || !rw->Iqmp || !rw->Dp || !rw->Dq || !rw->Twomp || !rw->Twomq) goto err; - if ((ctx = BN_CTX_secure_new()) == NULL) + if ((ctx = BN_CTX_secure_new()) == NULL) goto err; BN_CTX_start(ctx); @@ -105,40 +105,40 @@ static TRwSignature* RwDoSign(const unsigned char* dgst, int dlen, TRwKey* rw) { if (!BN_bin2bn(dgst, dlen, m)) goto err; - if (BN_ucmp(m, rw->N) >= 0) + if (BN_ucmp(m, rw->N) >= 0) goto err; /* check if m % 16 == 12 */ - if (BN_mod_word(m, 16) != 12) + if (BN_mod_word(m, 16) != 12) goto err; DEBUG_PRINT_BN("m", m) /* TODO: optimization to avoid memory allocation? */ - if ((ret = RwSignatureNew()) == NULL) + if ((ret = RwSignatureNew()) == NULL) goto err; /* memory allocation */ - if ((ret->S = BN_new()) == NULL) + if ((ret->S = BN_new()) == NULL) goto err; /* m_q = m mod q */ - if (!BN_nnmod(m_q, m, rw->Q, ctx)) + if (!BN_nnmod(m_q, m, rw->Q, ctx)) goto err; /* m_p = m mod p */ - if (!BN_nnmod(m_p, m, rw->P, ctx)) + if (!BN_nnmod(m_p, m, rw->P, ctx)) goto err; DEBUG_PRINT_BN("m_p", m_p) DEBUG_PRINT_BN("m_q", m_q) /* U = h ** ((q+1)/8) mod q */ - if (!BN_mod_exp(U, m_q, rw->Dq, rw->Q, ctx)) + if (!BN_mod_exp(U, m_q, rw->Dq, rw->Q, ctx)) goto err; DEBUG_PRINT_BN("U", U) /* tmp = U^4 - h mod q */ - if (!BN_mod_sqr(tmp, U, rw->Q, ctx)) + if (!BN_mod_sqr(tmp, U, rw->Q, ctx)) goto err; - if (!BN_mod_sqr(tmp, tmp, rw->Q, ctx)) + if (!BN_mod_sqr(tmp, tmp, rw->Q, ctx)) goto err; DEBUG_PRINT_BN("U**4 mod q", tmp) @@ -151,35 +151,35 @@ static TRwSignature* RwDoSign(const unsigned char* dgst, int dlen, TRwKey* rw) { if e == -1: m_p = tmp_mp if e == 1: m_p = m_p */ - if (!BN_sub(tmp_mp, rw->P, m_p)) + if (!BN_sub(tmp_mp, rw->P, m_p)) goto err; m_p = (BIGNUM*)((1 - ((1 + e) >> 1)) * (BN_ULONG)tmp_mp + ((1 + e) >> 1) * (BN_ULONG)m_p); DEBUG_PRINT_BN("eh mod p", m_p) /* V = (eh) ** ((p-3)/8) */ - if (!BN_mod_exp(V, m_p, rw->Dp, rw->P, ctx)) + if (!BN_mod_exp(V, m_p, rw->Dp, rw->P, ctx)) goto err; DEBUG_PRINT_BN("V == ((eh) ** ((p-3)/8))", V) /* (eh) ** 2 */ - if (!BN_mod_sqr(tmp2, m_p, rw->P, ctx)) + if (!BN_mod_sqr(tmp2, m_p, rw->P, ctx)) goto err; DEBUG_PRINT_BN("(eh)**2", tmp2) /* V ** 4 */ - if (!BN_mod_sqr(tmp, V, rw->P, ctx)) + if (!BN_mod_sqr(tmp, V, rw->P, ctx)) goto err; - if (!BN_mod_sqr(tmp, tmp, rw->P, ctx)) + if (!BN_mod_sqr(tmp, tmp, rw->P, ctx)) goto err; DEBUG_PRINT_BN("V**4", tmp) /* V**4 * (eh)**2 */ - if (!BN_mod_mul(tmp, tmp, tmp2, rw->P, ctx)) + if (!BN_mod_mul(tmp, tmp, tmp2, rw->P, ctx)) goto err; DEBUG_PRINT_BN("tmp = (V**4 * (eh)**2) mod p", tmp) /* tmp = tmp - eh mod p */ - if (!BN_mod_sub(tmp, tmp, m_p, rw->P, ctx)) + if (!BN_mod_sub(tmp, tmp, m_p, rw->P, ctx)) goto err; /* f = 1 if zero else 2 */ @@ -198,7 +198,7 @@ static TRwSignature* RwDoSign(const unsigned char* dgst, int dlen, TRwKey* rw) { #else if (f == 2) { - if (!BN_mod_mul(U, U, rw->Twomq, rw->Q, ctx)) + if (!BN_mod_mul(U, U, rw->Twomq, rw->Q, ctx)) goto err; } @@ -207,14 +207,14 @@ static TRwSignature* RwDoSign(const unsigned char* dgst, int dlen, TRwKey* rw) { DEBUG_PRINT_BN("W", U) /* V ** 3 */ - if (!BN_mod_sqr(tmp, V, rw->P, ctx)) + if (!BN_mod_sqr(tmp, V, rw->P, ctx)) goto err; - if (!BN_mod_mul(V, V, tmp, rw->P, ctx)) + if (!BN_mod_mul(V, V, tmp, rw->P, ctx)) goto err; DEBUG_PRINT_BN("V**3", V) /* *(eh) */ - if (!BN_mod_mul(V, V, m_p, rw->P, ctx)) + if (!BN_mod_mul(V, V, m_p, rw->P, ctx)) goto err; DEBUG_PRINT_BN("V**3 * (eh) mod p", V) @@ -228,7 +228,7 @@ static TRwSignature* RwDoSign(const unsigned char* dgst, int dlen, TRwKey* rw) { #else if (f == 2) { - if (!BN_mod_mul(V, V, rw->Twomp, rw->P, ctx)) + if (!BN_mod_mul(V, V, rw->Twomp, rw->P, ctx)) goto err; } @@ -237,24 +237,24 @@ static TRwSignature* RwDoSign(const unsigned char* dgst, int dlen, TRwKey* rw) { DEBUG_PRINT_BN("X", V) /* W = U, X = V */ - if (!BN_mod_sub(V, V, U, rw->P, ctx)) + if (!BN_mod_sub(V, V, U, rw->P, ctx)) goto err; DEBUG_PRINT_BN("X - W mod p", V) - if (!BN_mod_mul(V, V, rw->Iqmp, rw->P, ctx)) + if (!BN_mod_mul(V, V, rw->Iqmp, rw->P, ctx)) goto err; DEBUG_PRINT_BN("q**(p-2) * (X-W) mod p", V) - if (!BN_mul(V, V, rw->Q, ctx)) + if (!BN_mul(V, V, rw->Q, ctx)) goto err; DEBUG_PRINT_BN("q * prev mod p", V) - if (!BN_mod_add(V, U, V, rw->N, ctx)) + if (!BN_mod_add(V, U, V, rw->N, ctx)) goto err; DEBUG_PRINT_BN("Y", V) /* now V = Y */ - if (!BN_mod_sqr(V, V, rw->N, ctx)) + if (!BN_mod_sqr(V, V, rw->N, ctx)) goto err; DEBUG_PRINT_BN("s", V) @@ -287,13 +287,13 @@ static TRwSignature* RwDoSign(const unsigned char* dgst, int dlen, TRwKey* rw) { #endif /* making the "principal square root" to be "|principal| square root" */ - if (!BN_sub(tmp, rw->N, V)) + if (!BN_sub(tmp, rw->N, V)) goto err; /* if tmp = MIN(V, rw->n - V) */ tmp = BN_ucmp(tmp, V) >= 0 ? V : tmp; - if (!BN_copy(ret->S, tmp)) + if (!BN_copy(ret->S, tmp)) goto err; ok = 1; @@ -304,23 +304,23 @@ err: BN_CTX_free(ctx); } if (!ok) { - RwSignatureFree(ret); + RwSignatureFree(ret); ret = NULL; } return ret; } -static int RwDoVerify(const unsigned char* dgst, int dgst_len, TRwSignature* sig, const TRwKey* rw) { +static int RwDoVerify(const unsigned char* dgst, int dgst_len, TRwSignature* sig, const TRwKey* rw) { BIGNUM *m = NULL, *x = NULL, *t1 = NULL, *t2 = NULL, *t1d = NULL, *t2d = NULL; BN_CTX* ctx = NULL; BN_ULONG rest1 = 0, rest2 = 0; int retval = 0; - if (!rw || !rw->N || !sig || !sig->S) + if (!rw || !rw->N || !sig || !sig->S) goto err; - if ((ctx = BN_CTX_secure_new()) == NULL) + if ((ctx = BN_CTX_secure_new()) == NULL) goto err; BN_CTX_start(ctx); @@ -333,7 +333,7 @@ static int RwDoVerify(const unsigned char* dgst, int dgst_len, TRwSignature* sig if (!BN_bin2bn(dgst, dgst_len, m)) goto err; /* dgst too big */ - if (!BN_copy(t1, rw->N)) + if (!BN_copy(t1, rw->N)) goto err; if (!BN_sub_word(t1, 1)) goto err; @@ -341,28 +341,28 @@ static int RwDoVerify(const unsigned char* dgst, int dgst_len, TRwSignature* sig goto err; /* check m and rw->n relation */ - if (BN_ucmp(m, rw->N) >= 0) + if (BN_ucmp(m, rw->N) >= 0) goto err; rest1 = BN_mod_word(m, 16); if (rest1 != 12) goto err; - if (BN_ucmp(t1, sig->S) < 0) + if (BN_ucmp(t1, sig->S) < 0) goto err; - if (BN_is_negative(sig->S)) + if (BN_is_negative(sig->S)) goto err; - if (!BN_mod_sqr(t1, sig->S, rw->N, ctx)) + if (!BN_mod_sqr(t1, sig->S, rw->N, ctx)) goto err; - if (!BN_sub(t2, rw->N, t1)) + if (!BN_sub(t2, rw->N, t1)) goto err; if (!BN_lshift1(t1d, t1)) goto err; if (!BN_lshift1(t2d, t2)) goto err; - rest1 = BN_mod_word(t1, 16); - rest2 = BN_mod_word(t2, 16); + rest1 = BN_mod_word(t1, 16); + rest2 = BN_mod_word(t2, 16); /* mod 16 */ if (rest1 == 12) { @@ -396,12 +396,12 @@ err: return retval; } -static int RwDoApply(BIGNUM* r, BIGNUM* x, BN_CTX* ctx, const TRwKey* rw) { +static int RwDoApply(BIGNUM* r, BIGNUM* x, BN_CTX* ctx, const TRwKey* rw) { BIGNUM *t1 = NULL, *t2 = NULL, *t1d = NULL, *t2d = NULL, *rs = NULL; BN_ULONG rest1 = 0, rest2 = 0; int retval = 0; - if (!rw || !rw->N || !x || !ctx || !r) + if (!rw || !rw->N || !x || !ctx || !r) goto err; DEBUG_PRINT_BN("Signature = x = ", x) @@ -414,7 +414,7 @@ static int RwDoApply(BIGNUM* r, BIGNUM* x, BN_CTX* ctx, const TRwKey* rw) { t1d = BN_CTX_get(ctx); t2d = BN_CTX_get(ctx); - if (!BN_copy(t1, rw->N)) + if (!BN_copy(t1, rw->N)) goto err; if (!BN_sub_word(t1, 1)) goto err; @@ -422,7 +422,7 @@ static int RwDoApply(BIGNUM* r, BIGNUM* x, BN_CTX* ctx, const TRwKey* rw) { goto err; /* check m and rw->n relation */ - if (BN_ucmp(x, rw->N) >= 0) + if (BN_ucmp(x, rw->N) >= 0) goto err; if (BN_ucmp(t1, x) < 0) @@ -430,11 +430,11 @@ static int RwDoApply(BIGNUM* r, BIGNUM* x, BN_CTX* ctx, const TRwKey* rw) { if (BN_is_negative(x)) goto err; - if (!BN_mod_sqr(t1, x, rw->N, ctx)) + if (!BN_mod_sqr(t1, x, rw->N, ctx)) goto err; DEBUG_PRINT_BN("x**2 mod n", t1) - if (!BN_sub(t2, rw->N, t1)) + if (!BN_sub(t2, rw->N, t1)) goto err; DEBUG_PRINT_BN("n - x**2", t2) @@ -443,8 +443,8 @@ static int RwDoApply(BIGNUM* r, BIGNUM* x, BN_CTX* ctx, const TRwKey* rw) { if (!BN_lshift1(t2d, t2)) goto err; - rest1 = BN_mod_word(t1, 16); - rest2 = BN_mod_word(t2, 16); + rest1 = BN_mod_word(t1, 16); + rest2 = BN_mod_word(t2, 16); /* mod 16 */ if (rest1 == 12) { diff --git a/library/cpp/tvmauth/src/rw/rw_pss.c b/library/cpp/tvmauth/src/rw/rw_pss.c index 3bf6e2b99a..4535cd236c 100644 --- a/library/cpp/tvmauth/src/rw/rw_pss.c +++ b/library/cpp/tvmauth/src/rw/rw_pss.c @@ -72,21 +72,21 @@ static const unsigned char zeroes[] = { 0, 0, 0, 0, 0, 0, 0, 0 }; -static int PkcS1MgF1(unsigned char *mask, const int len, const unsigned char *seed, const int seedlen, const EVP_MD *dgst) { - int i, outlen = 0; +static int PkcS1MgF1(unsigned char *mask, const int len, const unsigned char *seed, const int seedlen, const EVP_MD *dgst) { + int i, outlen = 0; unsigned char cnt[4]; - EVP_MD_CTX* c = EVP_MD_CTX_create(); + EVP_MD_CTX* c = EVP_MD_CTX_create(); unsigned char md[EVP_MAX_MD_SIZE]; int mdlen; int rv = -1; - if (!c) { - return rv; - } - + if (!c) { + return rv; + } + mdlen = EVP_MD_size(dgst); - if (mdlen < 0 || seedlen < 0) + if (mdlen < 0 || seedlen < 0) goto err; for (i = 0; outlen < len; i++) { @@ -95,15 +95,15 @@ static int PkcS1MgF1(unsigned char *mask, const int len, const unsigned char *se cnt[2] = (unsigned char)((i >> 8)) & 255; cnt[3] = (unsigned char)(i & 255); - if (!EVP_DigestInit_ex(c,dgst, NULL) || !EVP_DigestUpdate(c, seed, seedlen) || !EVP_DigestUpdate(c, cnt, 4)) + if (!EVP_DigestInit_ex(c,dgst, NULL) || !EVP_DigestUpdate(c, seed, seedlen) || !EVP_DigestUpdate(c, cnt, 4)) goto err; if (outlen + mdlen <= len) { - if (!EVP_DigestFinal_ex(c, mask + outlen, NULL)) + if (!EVP_DigestFinal_ex(c, mask + outlen, NULL)) goto err; outlen += mdlen; } else { - if (!EVP_DigestFinal_ex(c, md, NULL)) + if (!EVP_DigestFinal_ex(c, md, NULL)) goto err; memcpy(mask + outlen, md, len - outlen); outlen = len; @@ -112,22 +112,22 @@ static int PkcS1MgF1(unsigned char *mask, const int len, const unsigned char *se rv = 0; err: - EVP_MD_CTX_destroy(c); + EVP_MD_CTX_destroy(c); return rv; } -int RwVerifyPssr(const TRwKey *rw, const unsigned char *mHash, const EVP_MD *Hash, const unsigned char *EM, int sLen) { +int RwVerifyPssr(const TRwKey *rw, const unsigned char *mHash, const EVP_MD *Hash, const unsigned char *EM, int sLen) { int i = 0, ret = 0, hLen = 0, maskedDBLen = 0, MSBits = 0, emLen = 0; const unsigned char *H = NULL; unsigned char *DB = NULL; - EVP_MD_CTX* ctx = NULL; + EVP_MD_CTX* ctx = NULL; unsigned char H_[EVP_MAX_MD_SIZE]; const EVP_MD *mgf1Hash = Hash; - ctx = EVP_MD_CTX_create(); - if (!ctx) { - return ret; - } + ctx = EVP_MD_CTX_create(); + if (!ctx) { + return ret; + } hLen = EVP_MD_size(Hash); if (hLen < 0) @@ -143,14 +143,14 @@ int RwVerifyPssr(const TRwKey *rw, const unsigned char *mHash, const EVP_MD *Has else if (sLen < -2) goto err; - { - int bits = BN_num_bits(rw->N); - if (bits <= 0) - goto err; - - MSBits = (bits - 1) & 0x7; - } - emLen = RwModSize(rw); + { + int bits = BN_num_bits(rw->N); + if (bits <= 0) + goto err; + + MSBits = (bits - 1) & 0x7; + } + emLen = RwModSize(rw); if (EM[0] & (0xFF << MSBits)) { goto err; @@ -164,23 +164,23 @@ int RwVerifyPssr(const TRwKey *rw, const unsigned char *mHash, const EVP_MD *Has if (emLen < (hLen + sLen + 2)) /* sLen can be small negative */ goto err; - if (emLen < 1) - goto err; - + if (emLen < 1) + goto err; + if (EM[emLen - 1] != 0xbc) goto err; maskedDBLen = emLen - hLen - 1; - if (maskedDBLen <= 0) - goto err; - + if (maskedDBLen <= 0) + goto err; + H = EM + maskedDBLen; - DB = malloc(maskedDBLen); + DB = malloc(maskedDBLen); if (!DB) goto err; - if (PkcS1MgF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0) + if (PkcS1MgF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0) goto err; for (i = 0; i < maskedDBLen; i++) @@ -197,24 +197,24 @@ int RwVerifyPssr(const TRwKey *rw, const unsigned char *mHash, const EVP_MD *Has if (sLen >= 0 && (maskedDBLen - i) != sLen) goto err; - if (!EVP_DigestInit_ex(ctx, Hash, NULL) || !EVP_DigestUpdate(ctx, zeroes, sizeof zeroes) || !EVP_DigestUpdate(ctx, mHash, hLen)) + if (!EVP_DigestInit_ex(ctx, Hash, NULL) || !EVP_DigestUpdate(ctx, zeroes, sizeof zeroes) || !EVP_DigestUpdate(ctx, mHash, hLen)) goto err; if (maskedDBLen - i) { - if (!EVP_DigestUpdate(ctx, DB + i, maskedDBLen - i)) + if (!EVP_DigestUpdate(ctx, DB + i, maskedDBLen - i)) goto err; } - if (!EVP_DigestFinal_ex(ctx, H_, NULL)) + if (!EVP_DigestFinal_ex(ctx, H_, NULL)) goto err; ret = memcmp(H, H_, hLen) ? 0 : 1; err: if (DB) - free(DB); + free(DB); - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_destroy(ctx); return ret; } @@ -226,14 +226,14 @@ err: Hash - EVP_MD() that will be used to pad sLen - random salt len (usually == hashLen) */ -int RwPaddingAddPssr(const TRwKey *rw, unsigned char *EM, const unsigned char *mHash, const EVP_MD *Hash, int sLen) { +int RwPaddingAddPssr(const TRwKey *rw, unsigned char *EM, const unsigned char *mHash, const EVP_MD *Hash, int sLen) { int i = 0, ret = 0, hLen = 0, maskedDBLen = 0, MSBits = 0, emLen = 0; unsigned char *H = NULL, *salt = NULL, *p = NULL; const EVP_MD *mgf1Hash = Hash; - EVP_MD_CTX* ctx = EVP_MD_CTX_create(); - if (!ctx) { - return ret; - } + EVP_MD_CTX* ctx = EVP_MD_CTX_create(); + if (!ctx) { + return ret; + } hLen = EVP_MD_size(Hash); if (hLen < 0) @@ -249,20 +249,20 @@ int RwPaddingAddPssr(const TRwKey *rw, unsigned char *EM, const unsigned char *m else if (sLen < -2) goto err; - { - int bits = BN_num_bits(rw->N); - if (bits <= 0) - goto err; - MSBits = (bits - 1) & 0x7; - } - emLen = RwModSize(rw); - if (emLen <= 0) - goto err; + { + int bits = BN_num_bits(rw->N); + if (bits <= 0) + goto err; + MSBits = (bits - 1) & 0x7; + } + emLen = RwModSize(rw); + if (emLen <= 0) + goto err; if (MSBits == 0) { *EM++ = 0; emLen--; - fprintf(stderr, "MSBits == 0\n"); + fprintf(stderr, "MSBits == 0\n"); } if (sLen == -2) { @@ -272,28 +272,28 @@ int RwPaddingAddPssr(const TRwKey *rw, unsigned char *EM, const unsigned char *m goto err; if (sLen > 0) { - salt = malloc(sLen); + salt = malloc(sLen); if (!salt) goto err; if (RAND_bytes(salt, sLen) <= 0) goto err; } maskedDBLen = emLen - hLen - 1; - if (maskedDBLen < 0) - goto err; + if (maskedDBLen < 0) + goto err; H = EM + maskedDBLen; - if (!EVP_DigestInit_ex(ctx, Hash, NULL) || !EVP_DigestUpdate(ctx, zeroes, sizeof zeroes) || !EVP_DigestUpdate(ctx, mHash, hLen)) + if (!EVP_DigestInit_ex(ctx, Hash, NULL) || !EVP_DigestUpdate(ctx, zeroes, sizeof zeroes) || !EVP_DigestUpdate(ctx, mHash, hLen)) goto err; - if (sLen && !EVP_DigestUpdate(ctx, salt, sLen)) + if (sLen && !EVP_DigestUpdate(ctx, salt, sLen)) goto err; - if (!EVP_DigestFinal_ex(ctx, H, NULL)) + if (!EVP_DigestFinal_ex(ctx, H, NULL)) goto err; /* Generate dbMask in place then perform XOR on it */ - if (PkcS1MgF1(EM, maskedDBLen, H, hLen, mgf1Hash)) + if (PkcS1MgF1(EM, maskedDBLen, H, hLen, mgf1Hash)) goto err; p = EM; @@ -319,10 +319,10 @@ int RwPaddingAddPssr(const TRwKey *rw, unsigned char *EM, const unsigned char *m ret = 1; err: - EVP_MD_CTX_destroy(ctx); - + EVP_MD_CTX_destroy(ctx); + if (salt) - free(salt); + free(salt); return ret; } diff --git a/library/cpp/tvmauth/src/rw/rw_pss_sign.c b/library/cpp/tvmauth/src/rw/rw_pss_sign.c index 59897f1cf5..f1ae46f140 100644 --- a/library/cpp/tvmauth/src/rw/rw_pss_sign.c +++ b/library/cpp/tvmauth/src/rw/rw_pss_sign.c @@ -2,44 +2,44 @@ #include <contrib/libs/openssl/include/openssl/evp.h> -//#define DBG_FUZZING - -int RwApply(const int flen, const unsigned char* from, unsigned char* to, const TRwKey* rw) { +//#define DBG_FUZZING + +int RwApply(const int flen, const unsigned char* from, unsigned char* to, const TRwKey* rw) { int i, j, num, k, r = -1; BN_CTX* ctx = NULL; BIGNUM *f = NULL, *ret = NULL; - if ((ctx = BN_CTX_secure_new()) == NULL) + if ((ctx = BN_CTX_secure_new()) == NULL) goto err; BN_CTX_start(ctx); f = BN_CTX_get(ctx); ret = BN_CTX_get(ctx); - num = BN_num_bytes(rw->N); - - if (num <= 0) - goto err; + num = BN_num_bytes(rw->N); + if (num <= 0) + goto err; + if (!f || !ret) goto err; if (BN_bin2bn(from, flen, f) == NULL) goto err; - if (BN_ucmp(f, rw->N) >= 0) + if (BN_ucmp(f, rw->N) >= 0) goto err; - if (!rw->Meth->RwApply(ret, f, ctx, rw)) + if (!rw->Meth->RwApply(ret, f, ctx, rw)) goto err; j = BN_num_bytes(ret); - if (num < j || j < 0) - goto err; - - i = BN_bn2bin(ret, to + num - j); - if (i < 0 || i > num) - goto err; - + if (num < j || j < 0) + goto err; + + i = BN_bn2bin(ret, to + num - j); + if (i < 0 || i > num) + goto err; + for (k = 0; k < (num - i); k++) to[k] = 0; r = num; @@ -52,46 +52,46 @@ err: return r; } -int RwPssrSignHash(const unsigned char* from, unsigned char* to, TRwKey* rw, const EVP_MD* md) { - unsigned char* padding = NULL; +int RwPssrSignHash(const unsigned char* from, unsigned char* to, TRwKey* rw, const EVP_MD* md) { + unsigned char* padding = NULL; int result = 0; if (from == NULL || to == NULL || rw == NULL || md == NULL) return 0; - int digest_size = EVP_MD_size(md); - int sig_size = RwModSize(rw); - - if (digest_size <= 0 || sig_size <= 0) - return 0; - - int tries = 50; - do { - if (padding != NULL) { - free(padding); -#ifdef DBG_FUZZING - fprintf(stderr, "Padding regenerating required\n"); -#endif - } - - padding = malloc(sig_size); - if (padding == NULL) - return 0; - - if (!RwPaddingAddPssr(rw, padding, from, md, digest_size)) - goto err; - } while (padding[0] == 0x00 && tries-- > 0); - - result = RwNoPaddingSign(sig_size, padding, to, rw); + int digest_size = EVP_MD_size(md); + int sig_size = RwModSize(rw); + + if (digest_size <= 0 || sig_size <= 0) + return 0; + + int tries = 50; + do { + if (padding != NULL) { + free(padding); +#ifdef DBG_FUZZING + fprintf(stderr, "Padding regenerating required\n"); +#endif + } + + padding = malloc(sig_size); + if (padding == NULL) + return 0; + + if (!RwPaddingAddPssr(rw, padding, from, md, digest_size)) + goto err; + } while (padding[0] == 0x00 && tries-- > 0); + + result = RwNoPaddingSign(sig_size, padding, to, rw); err: if (padding != NULL) - free(padding); + free(padding); return result; } -int RwPssrSignMsg(const int msgLen, const unsigned char* msg, unsigned char* to, TRwKey* rw, const EVP_MD* md) { +int RwPssrSignMsg(const int msgLen, const unsigned char* msg, unsigned char* to, TRwKey* rw, const EVP_MD* md) { EVP_MD_CTX* mdctx = NULL; unsigned char* digest = NULL; unsigned int digestLen; @@ -100,7 +100,7 @@ int RwPssrSignMsg(const int msgLen, const unsigned char* msg, unsigned char* to, if (msg == NULL || to == NULL || rw == NULL || md == NULL) goto err; - if (rw->P == NULL || rw->Q == NULL) + if (rw->P == NULL || rw->Q == NULL) goto err; if ((mdctx = EVP_MD_CTX_create()) == NULL) @@ -112,63 +112,63 @@ int RwPssrSignMsg(const int msgLen, const unsigned char* msg, unsigned char* to, if (1 != EVP_DigestUpdate(mdctx, msg, msgLen)) goto err; - if ((digest = (unsigned char*)malloc(EVP_MD_size(md))) == NULL) + if ((digest = (unsigned char*)malloc(EVP_MD_size(md))) == NULL) goto err; if (1 != EVP_DigestFinal_ex(mdctx, digest, &digestLen)) goto err; - result = RwPssrSignHash(digest, to, rw, md); + result = RwPssrSignHash(digest, to, rw, md); err: if (mdctx != NULL) EVP_MD_CTX_destroy(mdctx); if (digest != NULL) - free(digest); + free(digest); return result; } -int RwPssrVerifyHash(const unsigned char* from, const unsigned char* sig, const int sig_len, const TRwKey* rw, const EVP_MD* md) { +int RwPssrVerifyHash(const unsigned char* from, const unsigned char* sig, const int sig_len, const TRwKey* rw, const EVP_MD* md) { unsigned char* buffer = NULL; int buffer_len; - int salt_size; + int salt_size; int result = 0; if (from == NULL || sig == NULL || rw == NULL || md == NULL) return 0; - if (rw->N == NULL || rw->Meth == NULL) + if (rw->N == NULL || rw->Meth == NULL) return 0; salt_size = EVP_MD_size(md); - if (salt_size <= 0) - return 0; - - buffer_len = RwModSize(rw); - if (buffer_len <= 0) - return 0; - - buffer = (unsigned char*)malloc(buffer_len); - if (buffer == NULL) - return 0; + if (salt_size <= 0) + return 0; + + buffer_len = RwModSize(rw); + if (buffer_len <= 0) + return 0; + + buffer = (unsigned char*)malloc(buffer_len); + if (buffer == NULL) + return 0; - if (RwApply(sig_len, sig, buffer, rw) <= 0) + if (RwApply(sig_len, sig, buffer, rw) <= 0) goto err; - if (RwVerifyPssr(rw, from, md, buffer, salt_size) <= 0) + if (RwVerifyPssr(rw, from, md, buffer, salt_size) <= 0) goto err; result = 1; err: if (buffer != NULL) - free(buffer); + free(buffer); return result; } -int RwPssrVerifyMsg(const int msgLen, const unsigned char* msg, const unsigned char* sig, const int sig_len, const TRwKey* rw, const EVP_MD* md) { +int RwPssrVerifyMsg(const int msgLen, const unsigned char* msg, const unsigned char* sig, const int sig_len, const TRwKey* rw, const EVP_MD* md) { EVP_MD_CTX* mdctx = NULL; unsigned char* digest = NULL; unsigned int digestLen = 0; @@ -177,7 +177,7 @@ int RwPssrVerifyMsg(const int msgLen, const unsigned char* msg, const unsigned c if (msg == NULL || msgLen == 0 || sig == NULL || rw == NULL || md == NULL) goto err; - if (rw->N == NULL) + if (rw->N == NULL) goto err; if ((mdctx = EVP_MD_CTX_create()) == NULL) @@ -186,26 +186,26 @@ int RwPssrVerifyMsg(const int msgLen, const unsigned char* msg, const unsigned c if (1 != EVP_DigestInit_ex(mdctx, md, NULL)) goto err; - int size_to_alloc = EVP_MD_size(md); - if (size_to_alloc <= 0) - goto err; - - if ((digest = (unsigned char*)malloc(size_to_alloc)) == NULL) + int size_to_alloc = EVP_MD_size(md); + if (size_to_alloc <= 0) goto err; + if ((digest = (unsigned char*)malloc(size_to_alloc)) == NULL) + goto err; + if (1 != EVP_DigestUpdate(mdctx, msg, msgLen)) goto err; if (1 != EVP_DigestFinal_ex(mdctx, digest, &digestLen)) goto err; - result = RwPssrVerifyHash(digest, sig, sig_len, rw, md); + result = RwPssrVerifyHash(digest, sig, sig_len, rw, md); err: if (mdctx != NULL) EVP_MD_CTX_destroy(mdctx); if (digest != NULL) - free(digest); + free(digest); return result; } diff --git a/library/cpp/tvmauth/src/rw/rw_sign.c b/library/cpp/tvmauth/src/rw/rw_sign.c index e320808dd3..e070d6e7c1 100644 --- a/library/cpp/tvmauth/src/rw/rw_sign.c +++ b/library/cpp/tvmauth/src/rw/rw_sign.c @@ -1,36 +1,36 @@ #include "rw.h" -TRwSignature* RwSignatureNew(void) { - TRwSignature* sig = NULL; - sig = malloc(sizeof(TRwSignature)); +TRwSignature* RwSignatureNew(void) { + TRwSignature* sig = NULL; + sig = malloc(sizeof(TRwSignature)); if (!sig) return NULL; - sig->S = NULL; + sig->S = NULL; return sig; } -void RwSignatureFree(TRwSignature* sig) { +void RwSignatureFree(TRwSignature* sig) { if (sig) { - if (sig->S) - BN_free(sig->S); - free(sig); + if (sig->S) + BN_free(sig->S); + free(sig); } } -int RwNoPaddingSign(int flen, const unsigned char* from, unsigned char* to, TRwKey* rw) { - int i = 0, r = 0, num = -1; - TRwSignature* sig = NULL; +int RwNoPaddingSign(int flen, const unsigned char* from, unsigned char* to, TRwKey* rw) { + int i = 0, r = 0, num = -1; + TRwSignature* sig = NULL; - if (!rw || !rw->N || !rw->Meth || !rw->Meth->RwSign || !from || !to) + if (!rw || !rw->N || !rw->Meth || !rw->Meth->RwSign || !from || !to) + goto err; + + if ((sig = rw->Meth->RwSign(from, flen, rw)) == NULL) goto err; + num = BN_num_bytes(rw->N); - if ((sig = rw->Meth->RwSign(from, flen, rw)) == NULL) - goto err; - num = BN_num_bytes(rw->N); - - r = BN_bn2bin(sig->S, to); - if (r < 0) - goto err; + r = BN_bn2bin(sig->S, to); + if (r < 0) + goto err; /* put zeroes to the rest of the 'to' buffer */ for (i = r; i < num; i++) { @@ -39,7 +39,7 @@ int RwNoPaddingSign(int flen, const unsigned char* from, unsigned char* to, TRwK err: if (sig != NULL) { - RwSignatureFree(sig); + RwSignatureFree(sig); } return r; diff --git a/library/cpp/tvmauth/src/rw/ut/rw_ut.cpp b/library/cpp/tvmauth/src/rw/ut/rw_ut.cpp index 73f1b1d769..bef9d9d25a 100644 --- a/library/cpp/tvmauth/src/rw/ut/rw_ut.cpp +++ b/library/cpp/tvmauth/src/rw/ut/rw_ut.cpp @@ -1,5 +1,5 @@ -#include <library/cpp/tvmauth/src/rw/keys.h> -#include <library/cpp/tvmauth/src/rw/rw.h> +#include <library/cpp/tvmauth/src/rw/keys.h> +#include <library/cpp/tvmauth/src/rw/rw.h> #include <library/cpp/string_utils/base64/base64.h> #include <library/cpp/testing/unittest/registar.h> @@ -7,36 +7,36 @@ #include <contrib/libs/openssl/include/openssl/bn.h> #include <contrib/libs/openssl/include/openssl/evp.h> -namespace NTvmAuth { +namespace NTvmAuth { /* returns 0 in case of error */ - int MakeKeysRw(TRwKey** skey, TRwKey** vkey) { + int MakeKeysRw(TRwKey** skey, TRwKey** vkey) { int result = 0; - TRwKey* rw = RwNew(); + TRwKey* rw = RwNew(); do { - RwGenerateKey(rw, 2048); + RwGenerateKey(rw, 2048); if (rw == nullptr) { - printf("RwGenerateKey failed\n"); + printf("RwGenerateKey failed\n"); break; /* failed */ } - printf("RW key bits: %d\n", BN_num_bits(rw->N)); + printf("RW key bits: %d\n", BN_num_bits(rw->N)); /* Set signing key */ - *skey = RwPrivateKeyDup(rw); + *skey = RwPrivateKeyDup(rw); if (*skey == nullptr) { - printf("RwPrivateKeyDup failed\n"); + printf("RwPrivateKeyDup failed\n"); break; } /* Set verifier key */ - *vkey = RwPublicKeyDup(rw); + *vkey = RwPublicKeyDup(rw); if (*vkey == nullptr) { - printf("RwPublicKeyDup failed\n"); + printf("RwPublicKeyDup failed\n"); break; } @@ -45,14 +45,14 @@ namespace NTvmAuth { } while (0); if (rw) { - RwFree(rw); + RwFree(rw); rw = nullptr; } return result; } - static void PrintIt(const char* label, const unsigned char* buff, size_t len) { + static void PrintIt(const char* label, const unsigned char* buff, size_t len) { if (!buff || !len) return; @@ -65,26 +65,26 @@ namespace NTvmAuth { printf("\n"); } - int TestSignVerify() { - TRwKey *skey = nullptr, *vkey = nullptr; + int TestSignVerify() { + TRwKey *skey = nullptr, *vkey = nullptr; const char* msg = "Test test test test test"; unsigned int msg_len = 0; int res = 0; msg_len = (unsigned int)strlen(msg); - if (MakeKeysRw(&skey, &vkey)) { - unsigned char* sign = new unsigned char[RwModSize(skey) + 10]; - int sign_len; - printf("RwModSize(skey) returned %d\n", RwModSize(skey)); - memset(sign, 0x00, RwModSize(skey) + 10); + if (MakeKeysRw(&skey, &vkey)) { + unsigned char* sign = new unsigned char[RwModSize(skey) + 10]; + int sign_len; + printf("RwModSize(skey) returned %d\n", RwModSize(skey)); + memset(sign, 0x00, RwModSize(skey) + 10); printf("--- Signing call ---\n"); - if ((sign_len = RwPssrSignMsg(msg_len, (unsigned char*)msg, sign, skey, (EVP_MD*)EVP_sha256())) != 0) { + if ((sign_len = RwPssrSignMsg(msg_len, (unsigned char*)msg, sign, skey, (EVP_MD*)EVP_sha256())) != 0) { #ifdef RW_PRINT_DEBUG BIGNUM* s = BN_new(); #endif printf("\n"); - PrintIt("Signature", sign, RwModSize(skey)); + PrintIt("Signature", sign, RwModSize(skey)); #ifdef RW_PRINT_DEBUG BN_bin2bn(sign, RW_mod_size(skey), s); @@ -95,42 +95,42 @@ namespace NTvmAuth { #endif printf("--- Verification call ---\n"); - if (RwPssrVerifyMsg(msg_len, (unsigned char*)msg, sign, sign_len, vkey, (EVP_MD*)EVP_sha256())) { + if (RwPssrVerifyMsg(msg_len, (unsigned char*)msg, sign, sign_len, vkey, (EVP_MD*)EVP_sha256())) { printf("Verification: success!\n"); res = 1; } else { printf("Verification: failed!\n"); - printf("RwPssrVerifyMsg failed!\n"); + printf("RwPssrVerifyMsg failed!\n"); return 1; } } else { - printf("RwPssrSignMsg failed!\n"); + printf("RwPssrSignMsg failed!\n"); return 1; } if (sign != nullptr) - delete[] sign; + delete[] sign; } else { - printf("MakeKeysRw failed!\n"); + printf("MakeKeysRw failed!\n"); return 1; } if (skey != nullptr) { - RwFree(skey); + RwFree(skey); } if (vkey != nullptr) - RwFree(vkey); + RwFree(vkey); return res; } } -using namespace NTvmAuth; +using namespace NTvmAuth; Y_UNIT_TEST_SUITE(Rw) { Y_UNIT_TEST(SignVerify) { for (int i = 1; i < 10; ++i) { - UNIT_ASSERT_VALUES_EQUAL(1, TestSignVerify()); + UNIT_ASSERT_VALUES_EQUAL(1, TestSignVerify()); } } @@ -142,10 +142,10 @@ Y_UNIT_TEST_SUITE(Rw) { NRw::TRwPrivateKey priv3(Base64Decode("MIICVAKBgF9t2YJGAJkRRFq6fWhi3m1TFW1UOE0f6ZrfYhHAkpqGlKlh0QVfeTNPpeJhi75xXzCe6oReRUm-0DbqDNhTShC7uGUv1INYnRBQWH6E-5Fc5XrbDFSuGQw2EYjNfHy_HefHJXxQKAqPvxBDKMKkHgV58WtM6rC8jRi9sdX_ig2NAkEAg1xBDL_UkHy347HwioMscJFP-6eKeim3LoG9rd1EvOycxkoStZ4299OdyzzEXC9cjLdq401BXe-LairiMUgZawJBALn5ziBCc2ycMaYjZDon2EN55jBEe0tJdUy4mOi0ozTV9OLcBANds0nMYPjZFOY3QymzU0LcOa_An3JknI0C2ucCQGxtwTb3h7ux5Ld8jkeRYzkNoB2Y6Is5fqCYVRIJZmz0IcQFb2iW0EX92U7_BpgVuKlvSDTP9LuaxuPfmY6WXEECQBc_OcQITm2ThjTEbIdE-whvPMYIj2lpLqmXEx0WlGaavpxbgIBrtmk5jB8bIpzG6GU2amhbhzX4E-5Mk5GgW10CQBBriCGX-pIPlvx2PhFQZY4SKf908U9FNuXQN7W7qJedk5jJQlazxt76c7lnmIuF65GW7VxpqCu98W1FXEYpAy0CQG-lpihdvxaZ8SkHqNFZGnXhELT2YesLs7GehZSTwuUwx1iTpVm88PVROLYBDZqoGM316s9aZEJBALe5zEpxQTQCQQCDMszX1cQlbBCP08isuMQ2ac3S-qNd0mfRXDCRfMm4s7iuJ5MeHU3uPUVlA_MR4ULRbg1d97TGio912z4KPgjE"), 0); - UNIT_ASSERT_EXCEPTION(NRw::TRwPrivateKey("asdzxcv", 0), yexception); + UNIT_ASSERT_EXCEPTION(NRw::TRwPrivateKey("asdzxcv", 0), yexception); UNIT_ASSERT_EXCEPTION(NRw::TRwPrivateKey(Base64Decode("AKBgF9t2YJGAJkRRFq6fWhi3m1TFW1UOE0f6ZrfYhHAkpqGlKlh0QVfeTNPpeJhi75xXzCe6oReRUm-0DbqDNhTShC7uGUv1INYnRBQWH6E-5Fc5XrbDFSuGQw2EYjNfHy_HefHJXxQKAqPvxBDKMKkHgV58WtM6rC8jRi9sdX_ig2NAkEAg1xBDL_UkHy347HwioMscJFP-6eKeim3LoG9rd1EvOycxkoStZ4299OdyzzEXC9cjLdq401BXe-LairiMUgZawJBALn5ziBCc2ycMaYjZDon2EN55jBEe0tJdUy4mOi0ozTV9OLcBANds0nMYPjZFOY3QymzU0LcOa_An3JknI0C2ucCQGxtwTb3h7ux5Ld8jkeRYzkNoB2Y6Is5fqCYVRIJZmz0IcQFb2iW0EX92U7_BpgVuKlvSDTP9LuaxuPfmY6WXEECQBc_OcQITm2ThjTEbIdE-whvPMYIj2lpLqmXEx0WlGaavpxbgIBrtmk5jB8bIpzG6GU2amhbhzX4E-5Mk5GgW10CQBBriCGX-pIPlvx2PhFQZY4SKf908U9FNuXQN7W7qJedk5jJQlazxt76c7lnmIuF65GW7VxpqCu98W1FXEYpAy0CQG-lpihdvxaZ8SkHqNFZGnXhELT2YesLs7GehZSTwuUwx1iTpVm88PVROLYBDZqoGM316s9aZEJBALe5zEpxQTQCQQCDMszX1cQlbBCP08isuMQ2ac3S-qNd0mfRXDCRfMm4s7iuJ5MeHU3uPUVlA_MR4ULRbg1d97TGio912z4KP"), 0), - yexception); + yexception); UNIT_ASSERT(!priv.SignTicket("").empty()); } @@ -155,8 +155,8 @@ Y_UNIT_TEST_SUITE(Rw) { NRw::TRwPublicKey pub2(Base64Decode("MIIBBQKCAQEA4RATOfumLD1n6ICrW5biaAl9VldinczmkNPjpUWwc3gs8PnkCrtdnPFmpBwW3gjHdSNU1OuEg5A6K1o1xiGv9sU-jd88zQBOdK6E2zwnJnkK6bNusKE2H2CLqg3aMWCmTa9JbzSy1uO7wa-xCqqNUuCko-2lyv12HhL1ICIH951SHDa4qO1U5xZhhlUAnqWi9R4tYDeMiF41WdOjwT2fg8UkbusThmxa3yjCXjD7OyjshPtukN8Tl3UyGtV_s2CLnE3f28VAi-AVW8FtgL22xbGhuyEplXRrtF1E5oV7NSqxH1FS0SYROA8ffYQGV5tfx5WDFHiXDEP6BzoVfeBDRQ==")); NRw::TRwPublicKey pub3(Base64Decode("MIGDAoGAX23ZgkYAmRFEWrp9aGLebVMVbVQ4TR_pmt9iEcCSmoaUqWHRBV95M0-l4mGLvnFfMJ7qhF5FSb7QNuoM2FNKELu4ZS_Ug1idEFBYfoT7kVzletsMVK4ZDDYRiM18fL8d58clfFAoCo-_EEMowqQeBXnxa0zqsLyNGL2x1f-KDY0=")); - UNIT_ASSERT_EXCEPTION(NRw::TRwPublicKey("asdzxcv"), yexception); - UNIT_ASSERT_EXCEPTION(NRw::TRwPublicKey(Base64Decode("AoGAX23ZgkYAmRFEWrp9aGLebVMVbVQ4TR_pmt9iEcCSmoaUqWHRBV95M0-l4mGLvnFfMJ7qhF5FSb7QNuoM2FNKELu4ZS_Ug1idEFBYfoT7kVzletsMVK40")), yexception); + UNIT_ASSERT_EXCEPTION(NRw::TRwPublicKey("asdzxcv"), yexception); + UNIT_ASSERT_EXCEPTION(NRw::TRwPublicKey(Base64Decode("AoGAX23ZgkYAmRFEWrp9aGLebVMVbVQ4TR_pmt9iEcCSmoaUqWHRBV95M0-l4mGLvnFfMJ7qhF5FSb7QNuoM2FNKELu4ZS_Ug1idEFBYfoT7kVzletsMVK40")), yexception); UNIT_ASSERT(!pub.CheckSign("~~~", "~~~")); } @@ -181,20 +181,20 @@ Y_UNIT_TEST_SUITE(Rw) { } Y_UNIT_TEST(Keygen) { - for (size_t idx = 0; idx < 100; ++idx) { - NRw::TKeyPair pair = NRw::GenKeyPair(1024); - NRw::TRwPrivateKey priv(pair.Private, 0); - NRw::TRwPublicKey pub(pair.Public); - - const TString data = "my magic data"; - TStringStream s; - s << "data='" << data << "'."; - s << "private='" << Base64Encode(pair.Private) << "'."; - s << "public='" << Base64Encode(pair.Public) << "'."; - TString sign; - UNIT_ASSERT_NO_EXCEPTION_C(sign = priv.SignTicket(data), s.Str()); - s << "sign='" << Base64Encode(sign) << "'."; - UNIT_ASSERT_C(pub.CheckSign(data, sign), s.Str()); - } + for (size_t idx = 0; idx < 100; ++idx) { + NRw::TKeyPair pair = NRw::GenKeyPair(1024); + NRw::TRwPrivateKey priv(pair.Private, 0); + NRw::TRwPublicKey pub(pair.Public); + + const TString data = "my magic data"; + TStringStream s; + s << "data='" << data << "'."; + s << "private='" << Base64Encode(pair.Private) << "'."; + s << "public='" << Base64Encode(pair.Public) << "'."; + TString sign; + UNIT_ASSERT_NO_EXCEPTION_C(sign = priv.SignTicket(data), s.Str()); + s << "sign='" << Base64Encode(sign) << "'."; + UNIT_ASSERT_C(pub.CheckSign(data, sign), s.Str()); + } } } diff --git a/library/cpp/tvmauth/src/rw/ut/ya.make b/library/cpp/tvmauth/src/rw/ut/ya.make index 81dda79641..eccbf89bc1 100644 --- a/library/cpp/tvmauth/src/rw/ut/ya.make +++ b/library/cpp/tvmauth/src/rw/ut/ya.make @@ -1,10 +1,10 @@ -UNITTEST_FOR(library/cpp/tvmauth/src/rw) +UNITTEST_FOR(library/cpp/tvmauth/src/rw) -OWNER( - g:passport_infra - e-sidorov - ezaitov -) +OWNER( + g:passport_infra + e-sidorov + ezaitov +) SRCS( rw_ut.cpp diff --git a/library/cpp/tvmauth/src/rw/ut_large/gen/main.cpp b/library/cpp/tvmauth/src/rw/ut_large/gen/main.cpp index 31a599c996..792308f48b 100644 --- a/library/cpp/tvmauth/src/rw/ut_large/gen/main.cpp +++ b/library/cpp/tvmauth/src/rw/ut_large/gen/main.cpp @@ -1,32 +1,32 @@ -#include <library/cpp/tvmauth/src/rw/keys.h> - +#include <library/cpp/tvmauth/src/rw/keys.h> + #include <library/cpp/string_utils/base64/base64.h> - -#include <util/generic/yexception.h> - -using namespace NTvmAuth; - -const TString DATA = "my magic data"; - -int main(int, char**) { - const NRw::TKeyPair pair = NRw::GenKeyPair(1024); - const NRw::TRwPrivateKey priv(pair.Private, 0); - const NRw::TRwPublicKey pub(pair.Public); - - Cout << "data='" << DATA << "'." - << "private='" << Base64Encode(pair.Private) << "'." - << "public='" << Base64Encode(pair.Public) << "'."; - - TString sign; - try { - sign = priv.SignTicket(DATA); - Cout << "sign='" << Base64Encode(sign) << "'."; - Y_ENSURE(pub.CheckSign(DATA, sign)); - } catch (const std::exception& e) { - Cout << "what='" << e.what() << "'" << Endl; - return 1; - } - Cout << Endl; - - return 0; -} + +#include <util/generic/yexception.h> + +using namespace NTvmAuth; + +const TString DATA = "my magic data"; + +int main(int, char**) { + const NRw::TKeyPair pair = NRw::GenKeyPair(1024); + const NRw::TRwPrivateKey priv(pair.Private, 0); + const NRw::TRwPublicKey pub(pair.Public); + + Cout << "data='" << DATA << "'." + << "private='" << Base64Encode(pair.Private) << "'." + << "public='" << Base64Encode(pair.Public) << "'."; + + TString sign; + try { + sign = priv.SignTicket(DATA); + Cout << "sign='" << Base64Encode(sign) << "'."; + Y_ENSURE(pub.CheckSign(DATA, sign)); + } catch (const std::exception& e) { + Cout << "what='" << e.what() << "'" << Endl; + return 1; + } + Cout << Endl; + + return 0; +} diff --git a/library/cpp/tvmauth/src/rw/ut_large/gen/ya.make b/library/cpp/tvmauth/src/rw/ut_large/gen/ya.make index 7b62d5c726..cfe165160a 100644 --- a/library/cpp/tvmauth/src/rw/ut_large/gen/ya.make +++ b/library/cpp/tvmauth/src/rw/ut_large/gen/ya.make @@ -1,14 +1,14 @@ -PROGRAM() - -OWNER(g:passport_infra) - -SRCS( - main.cpp -) - -PEERDIR( +PROGRAM() + +OWNER(g:passport_infra) + +SRCS( + main.cpp +) + +PEERDIR( library/cpp/string_utils/base64 - library/cpp/tvmauth/src/rw -) - -END() + library/cpp/tvmauth/src/rw +) + +END() diff --git a/library/cpp/tvmauth/src/rw/ut_large/test.py b/library/cpp/tvmauth/src/rw/ut_large/test.py index 0cf95d9848..8fb0c0f91c 100644 --- a/library/cpp/tvmauth/src/rw/ut_large/test.py +++ b/library/cpp/tvmauth/src/rw/ut_large/test.py @@ -1,35 +1,35 @@ -from __future__ import print_function - -import os -import subprocess -import sys - -import yatest.common as yc - - -def test_fuzzing(): - errfile = './errfile' - outfile = './outfile' - env = os.environ.copy() - - for number in range(25000): - with open(errfile, 'w') as fe: - with open(outfile, 'w') as fo: - p = subprocess.Popen( - [ - yc.build_path('library/cpp/tvmauth/src/rw/ut_large/gen/gen'), - ], - env=env, - stdout=fo, - stderr=fe, - ) - code = p.wait() - - with open(errfile) as fe: - all = fe.read() - if all != '': - with open(outfile) as fo: - print(fo.read(), file=sys.stderr) - assert all == '' - - assert code == 0 +from __future__ import print_function + +import os +import subprocess +import sys + +import yatest.common as yc + + +def test_fuzzing(): + errfile = './errfile' + outfile = './outfile' + env = os.environ.copy() + + for number in range(25000): + with open(errfile, 'w') as fe: + with open(outfile, 'w') as fo: + p = subprocess.Popen( + [ + yc.build_path('library/cpp/tvmauth/src/rw/ut_large/gen/gen'), + ], + env=env, + stdout=fo, + stderr=fe, + ) + code = p.wait() + + with open(errfile) as fe: + all = fe.read() + if all != '': + with open(outfile) as fo: + print(fo.read(), file=sys.stderr) + assert all == '' + + assert code == 0 diff --git a/library/cpp/tvmauth/src/rw/ut_large/ya.make b/library/cpp/tvmauth/src/rw/ut_large/ya.make index 54f82065e7..f4095eef29 100644 --- a/library/cpp/tvmauth/src/rw/ut_large/ya.make +++ b/library/cpp/tvmauth/src/rw/ut_large/ya.make @@ -1,17 +1,17 @@ PY2TEST() - -OWNER(g:passport_infra) - + +OWNER(g:passport_infra) + TEST_SRCS(test.py) + +DEPENDS(library/cpp/tvmauth/src/rw/ut_large/gen) + +TAG(ya:fat) -DEPENDS(library/cpp/tvmauth/src/rw/ut_large/gen) - -TAG(ya:fat) - -SIZE(LARGE) - -END() - +SIZE(LARGE) + +END() + RECURSE( gen ) diff --git a/library/cpp/tvmauth/src/rw/ya.make b/library/cpp/tvmauth/src/rw/ya.make index e2ef68d416..fffadceb30 100644 --- a/library/cpp/tvmauth/src/rw/ya.make +++ b/library/cpp/tvmauth/src/rw/ya.make @@ -1,14 +1,14 @@ LIBRARY(ticket_parser) OWNER( - g:passport_infra + g:passport_infra e-sidorov - ezaitov + ezaitov ) PEERDIR( contrib/libs/openssl - library/cpp/openssl/init + library/cpp/openssl/init ) SRCS( @@ -23,8 +23,8 @@ SRCS( ) END() - -RECURSE_FOR_TESTS( - ut - ut_large -) + +RECURSE_FOR_TESTS( + ut + ut_large +) |