|
|
|
@ -327,60 +327,45 @@ void Crypt::rsaGenerateKey(int bits, int e)
|
|
|
|
void Crypt::rsaSetPublicKey(const std::string& n, const std::string& e)
|
|
|
|
void Crypt::rsaSetPublicKey(const std::string& n, const std::string& e)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100005L
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100005L
|
|
|
|
BN_dec2bn(&m_rsa->n, n.c_str());
|
|
|
|
BN_dec2bn(&m_rsa->n, n.c_str());
|
|
|
|
BN_dec2bn(&m_rsa->e, e.c_str());
|
|
|
|
BN_dec2bn(&m_rsa->e, e.c_str());
|
|
|
|
// clear rsa cache
|
|
|
|
// clear rsa cache
|
|
|
|
if (m_rsa->_method_mod_n)
|
|
|
|
if(m_rsa->_method_mod_n) {
|
|
|
|
{
|
|
|
|
BN_MONT_CTX_free(m_rsa->_method_mod_n);
|
|
|
|
BN_MONT_CTX_free(m_rsa->_method_mod_n);
|
|
|
|
m_rsa->_method_mod_n = nullptr;
|
|
|
|
m_rsa->_method_mod_n = NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
#else
|
|
|
|
#else
|
|
|
|
{
|
|
|
|
BIGNUM *bn, *be;
|
|
|
|
BIGNUM *bn=NULL;
|
|
|
|
BN_dec2bn(&bn, n.c_str());
|
|
|
|
BIGNUM *be=NULL;
|
|
|
|
BN_dec2bn(&be, e.c_str());
|
|
|
|
BN_dec2bn(&bn, n.c_str());
|
|
|
|
RSA_set0_key(m_rsa, bn, be, nullptr);
|
|
|
|
BN_dec2bn(&be, e.c_str());
|
|
|
|
|
|
|
|
RSA_set0_key(m_rsa,bn,be,NULL);
|
|
|
|
|
|
|
|
// note, not supposed to free bn/be here, that's m_rsa's destructor's job
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void Crypt::rsaSetPrivateKey(const std::string& p, const std::string& q, const std::string& d)
|
|
|
|
void Crypt::rsaSetPrivateKey(const std::string& p, const std::string& q, const std::string& d)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100005L
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100005L
|
|
|
|
BN_dec2bn(&m_rsa->p, p.c_str());
|
|
|
|
BN_dec2bn(&m_rsa->p, p.c_str());
|
|
|
|
BN_dec2bn(&m_rsa->q, q.c_str());
|
|
|
|
BN_dec2bn(&m_rsa->q, q.c_str());
|
|
|
|
BN_dec2bn(&m_rsa->d, d.c_str());
|
|
|
|
BN_dec2bn(&m_rsa->d, d.c_str());
|
|
|
|
// clear rsa cache
|
|
|
|
// clear rsa cache
|
|
|
|
if (m_rsa->_method_mod_p)
|
|
|
|
if (m_rsa->_method_mod_p)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
BN_MONT_CTX_free(m_rsa->_method_mod_p);
|
|
|
|
BN_MONT_CTX_free(m_rsa->_method_mod_p);
|
|
|
|
m_rsa->_method_mod_p = NULL;
|
|
|
|
m_rsa->_method_mod_p = nullptr;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (m_rsa->_method_mod_q)
|
|
|
|
if (m_rsa->_method_mod_q)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
BN_MONT_CTX_free(m_rsa->_method_mod_q);
|
|
|
|
BN_MONT_CTX_free(m_rsa->_method_mod_q);
|
|
|
|
m_rsa->_method_mod_q = NULL;
|
|
|
|
m_rsa->_method_mod_q = nullptr;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#else
|
|
|
|
#else
|
|
|
|
{
|
|
|
|
BIGNUM *bp, *bq, *bd;
|
|
|
|
|
|
|
|
BN_dec2bn(&bp, p.c_str());
|
|
|
|
if(d.length()> 0)
|
|
|
|
BN_dec2bn(&bq, q.c_str());
|
|
|
|
{
|
|
|
|
BN_dec2bn(&bd, d.c_str());
|
|
|
|
BIGNUM *bd=NULL;
|
|
|
|
RSA_set0_key(m_rsa, nullptr, nullptr, bd);
|
|
|
|
BN_dec2bn(&bd, d.c_str());
|
|
|
|
RSA_set0_factors(m_rsa, bp, bq);
|
|
|
|
RSA_set0_key(m_rsa,NULL,NULL,bd);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
BIGNUM *bp=NULL;
|
|
|
|
|
|
|
|
BIGNUM *bq=NULL;
|
|
|
|
|
|
|
|
BN_dec2bn(&bp, p.c_str());
|
|
|
|
|
|
|
|
BN_dec2bn(&bq, q.c_str());
|
|
|
|
|
|
|
|
RSA_set0_factors(m_rsa,bp,bq);
|
|
|
|
|
|
|
|
// note, not supposed to free bp/bq/bd here, that's m_rsa's destructor's job
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@ -393,34 +378,28 @@ bool Crypt::rsaCheckKey()
|
|
|
|
|
|
|
|
|
|
|
|
BIGNUM *r1 = BN_CTX_get(ctx), *r2 = BN_CTX_get(ctx);
|
|
|
|
BIGNUM *r1 = BN_CTX_get(ctx), *r2 = BN_CTX_get(ctx);
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100005L
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100005L
|
|
|
|
BN_mod(m_rsa->dmp1, m_rsa->d, r1, ctx);
|
|
|
|
BN_mod(m_rsa->dmp1, m_rsa->d, r1, ctx);
|
|
|
|
BN_mod(m_rsa->dmq1, m_rsa->d, r2, ctx);
|
|
|
|
BN_mod(m_rsa->dmq1, m_rsa->d, r2, ctx);
|
|
|
|
BN_mod_inverse(m_rsa->iqmp, m_rsa->q, m_rsa->p, ctx);
|
|
|
|
BN_mod_inverse(m_rsa->iqmp, m_rsa->q, m_rsa->p, ctx);
|
|
|
|
#else
|
|
|
|
#else
|
|
|
|
{
|
|
|
|
const BIGNUM *dmp1_c, *d, *dmq1_c, *iqmp_c, *q, *p;
|
|
|
|
const BIGNUM *dmp1_c=NULL;
|
|
|
|
|
|
|
|
const BIGNUM *d=NULL;
|
|
|
|
RSA_get0_key(m_rsa, nullptr, nullptr, &d);
|
|
|
|
const BIGNUM *dmq1_c=NULL;
|
|
|
|
RSA_get0_factors(m_rsa, &p, &q);
|
|
|
|
const BIGNUM *iqmp_c=NULL;
|
|
|
|
RSA_get0_crt_params(m_rsa, &dmp1_c, &dmq1_c, &iqmp_c);
|
|
|
|
const BIGNUM *q=NULL;
|
|
|
|
|
|
|
|
const BIGNUM *p=NULL;
|
|
|
|
BIGNUM *dmp1 = BN_dup(dmp1_c), *dmq1 = BN_dup(dmq1_c), *iqmp = BN_dup(iqmp_c);
|
|
|
|
RSA_get0_key(m_rsa,NULL, NULL, &d);
|
|
|
|
|
|
|
|
RSA_get0_factors(m_rsa, &p, &q);
|
|
|
|
BN_mod(dmp1, d, r1, ctx);
|
|
|
|
RSA_get0_crt_params(m_rsa,&dmp1_c,&dmq1_c,&iqmp_c);
|
|
|
|
BN_mod(dmq1, d, r2, ctx);
|
|
|
|
BIGNUM *dmp1=BN_dup(dmp1_c);
|
|
|
|
BN_mod_inverse(iqmp, q, p, ctx);
|
|
|
|
BIGNUM *dmq1=BN_dup(dmq1_c);
|
|
|
|
RSA_set0_crt_params(m_rsa, dmp1, dmq1, iqmp);
|
|
|
|
BIGNUM *iqmp=BN_dup(iqmp_c);
|
|
|
|
|
|
|
|
BN_mod(dmp1, d, r1, ctx);
|
|
|
|
|
|
|
|
BN_mod(dmq1, d, r2, ctx);
|
|
|
|
|
|
|
|
BN_mod_inverse(iqmp, q, p, ctx);
|
|
|
|
|
|
|
|
RSA_set0_crt_params(m_rsa, dmp1, dmq1, iqmp);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif
|
|
|
|
#endif
|
|
|
|
return true;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
else {
|
|
|
|
ERR_load_crypto_strings();
|
|
|
|
ERR_load_crypto_strings();
|
|
|
|
g_logger.error(stdext::format("RSA check failed - %s", ERR_error_string(ERR_get_error(), NULL)));
|
|
|
|
g_logger.error(stdext::format("RSA check failed - %s", ERR_error_string(ERR_get_error(), nullptr)));
|
|
|
|
return false;
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@ -443,4 +422,3 @@ int Crypt::rsaGetSize()
|
|
|
|
{
|
|
|
|
{
|
|
|
|
return RSA_size(m_rsa);
|
|
|
|
return RSA_size(m_rsa);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
Konrad Kuśnierz
5 years ago
committed by