fix #5968, but not active

author: Christian Grothoff <christian@grothoff.org> 2019-11-15 19:16:20 +0100
committer: Christian Grothoff <christian@grothoff.org> 2019-11-15 19:16:20 +0100
commit: 3cb670b171017db733d6cfcbf8e7e6be9fd7cd11 (patch)
tree: bfbad8f7cb9add2494ad39f4bca24b49fa58084c /src/util/crypto_rsa.c
parent: 3d3c271c20f795c78867e2c0b9c771695a6ad0ef (diff)
download: gnunet-3cb670b171017db733d6cfcbf8e7e6be9fd7cd11.tar.gz
gnunet-3cb670b171017db733d6cfcbf8e7e6be9fd7cd11.zip
1 files changed, 153 insertions, 0 deletions
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c
index 5c18e0b15..b34f919ec 100644
--- a/src/util/crypto_rsa.c
+++ b/src/util/crypto_rsa.c
@@ -309,6 +309,32 @@ GNUNET_CRYPTO_rsa_public_key_free (struct GNUNET_CRYPTO_RsaPublicKey *key)
 }
+GNUNET_NETWORK_STRUCT_BEGIN
+/**
+ * Format of the header of a serialized RSA public key.
+ */
+struct GNUNET_CRYPTO_RsaPublicKeyHeaderP
+{
+  /**
+   * length of modulus 'n' in bytes, in NBO
+   */
+  uint16_t modulus_length GNUNET_PACKED;
+  /**
+   * length of exponent in bytes, in NBO
+   */
+  uint16_t public_exponent_length GNUNET_PACKED;
+  /* followed by variable-size modulus and
+     public exponent follows as big-endian encoded
+     integers */
+};
+GNUNET_NETWORK_STRUCT_END
+#define NEW_CRYPTO 0
 /**
 * Encode the public key in a format suitable for
 * storing it into a file.
@@ -322,6 +348,69 @@ GNUNET_CRYPTO_rsa_public_key_encode (const struct
                                     GNUNET_CRYPTO_RsaPublicKey *key,
                                     char **buffer)
 {
+#if NEW_CRYPTO
+  gcry_mpi_t ne[2];
+  size_t n_size;
+  size_t e_size;
+  size_t rsize;
+  size_t buf_size;
+  char *buf;
+  struct GNUNET_CRYPTO_RsaPublicKeyHeaderP hdr;
+  int ret;
+/* SEE #5398 / #5968 */
+  ret = key_from_sexp (ne, key->sexp, "public-key", "ne");
+  if (0 != ret)
+    ret = key_from_sexp (ne, key->sexp, "rsa", "ne");
+  if (0 != ret)
+  {
+    GNUNET_break (0);
+    *buffer = NULL;
+    return 0;
+  }
+  gcry_mpi_print (GCRYMPI_FMT_USG,
+                  NULL,
+                  0,
+                  &n_size,
+                  ne[0]);
+  gcry_mpi_print (GCRYMPI_FMT_USG,
+                  NULL,
+                  0,
+                  &e_size,
+                  ne[1]);
+  if ( (e_size > UINT16_MAX) ||
+       (n_size > UINT16_MAX) )
+  {
+    GNUNET_break (0);
+    *buffer = NULL;
+    gcry_mpi_release (ne[0]);
+    gcry_mpi_release (ne[1]);
+    return 0;
+  }
+  buf_size = n_size + e_size + sizeof (hdr);
+  buf = GNUNET_malloc (buf_size);
+  hdr.modulus_length = htons ((uint16_t) n_size);
+  hdr.public_exponent_length = htons ((uint16_t) e_size);
+  memcpy (buf, &hdr, sizeof (hdr));
+  GNUNET_assert (0 ==
+                 gcry_mpi_print (GCRYMPI_FMT_USG,
+                                 (unsigned char *) &buf[sizeof (hdr)],
+                                 n_size,
+                                 &rsize,
+                                 ne[0]));
+  GNUNET_assert (0 ==
+                 gcry_mpi_print (GCRYMPI_FMT_USG,
+                                 (unsigned char *) &buf[sizeof (hdr) + n_size],
+                                 e_size,
+                                 &rsize,
+                                 ne[1]));
+  *buffer = buf;
+  gcry_mpi_release (ne[0]);
+  gcry_mpi_release (ne[1]);
+  return buf_size;
+#else
  size_t n;
  char *b;
@@ -337,6 +426,7 @@ GNUNET_CRYPTO_rsa_public_key_encode (const struct
                                   n));
  *buffer = b;
  return n;
+#endif
 }
@@ -375,9 +465,71 @@ GNUNET_CRYPTO_rsa_public_key_decode (const char *buf,
                                     size_t len)
 {
  struct GNUNET_CRYPTO_RsaPublicKey *key;
+#if NEW_CRYPTO
+  struct GNUNET_CRYPTO_RsaPublicKeyHeaderP hdr;
+  size_t e_size;
+  size_t n_size;
+  gcry_mpi_t n;
+  gcry_mpi_t e;
+  gcry_sexp_t data;
+  if (len < sizeof (hdr))
+  {
+    GNUNET_break_op (0);
+    return NULL;
+  }
+  memcpy (&hdr, buf, sizeof (hdr));
+  n_size = ntohs (hdr.modulus_length);
+  e_size = ntohs (hdr.public_exponent_length);
+  if (len != sizeof (hdr) + e_size + n_size)
+  {
+    GNUNET_break_op (0);
+    return NULL;
+  }
+  if (0 !=
+      gcry_mpi_scan (&n,
+                     GCRYMPI_FMT_USG,
+                     &buf[sizeof (hdr)],
+                     n_size,
+                     NULL))
+  {
+    GNUNET_break_op (0);
+    return NULL;
+  }
+  if (0 !=
+      gcry_mpi_scan (&e,
+                     GCRYMPI_FMT_USG,
+                     &buf[sizeof (hdr) + n_size],
+                     e_size,
+                     NULL))
+  {
+    GNUNET_break_op (0);
+    gcry_mpi_release (n);
+    return NULL;
+  }
+  if (0 !=
+      gcry_sexp_build (&data,
+                       NULL,
+                       "(public-key(rsa(n %m)(e %m)))",
+                       n,
+                       e))
+  {
+    GNUNET_break (0);
+    gcry_mpi_release (n);
+    gcry_mpi_release (e);
+    return NULL;
+  }
+  gcry_mpi_release (n);
+  gcry_mpi_release (e);
+  key = GNUNET_new (struct GNUNET_CRYPTO_RsaPublicKey);
+  key->sexp = data;
+  return key;
+#else
  gcry_mpi_t n;
  int ret;
  key = GNUNET_new (struct GNUNET_CRYPTO_RsaPublicKey);
  if (0 !=
      gcry_sexp_new (&key->sexp,
@@ -403,6 +555,7 @@ GNUNET_CRYPTO_rsa_public_key_decode (const char *buf,
  }
  gcry_mpi_release (n);
  return key;
+#endif
 }
author	Christian Grothoff <christian@grothoff.org>	2019-11-15 19:16:20 +0100
committer	Christian Grothoff <christian@grothoff.org>	2019-11-15 19:16:20 +0100
commit	3cb670b171017db733d6cfcbf8e7e6be9fd7cd11 (patch)
tree	bfbad8f7cb9add2494ad39f4bca24b49fa58084c /src/util/crypto_rsa.c
parent	3d3c271c20f795c78867e2c0b9c771695a6ad0ef (diff)
download	gnunet-3cb670b171017db733d6cfcbf8e7e6be9fd7cd11.tar.gz gnunet-3cb670b171017db733d6cfcbf8e7e6be9fd7cd11.zip

diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index 5c18e0b15..b34f919ec 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c
@@ -309,6 +309,32 @@ GNUNET_CRYPTO_rsa_public_key_free (struct GNUNET_CRYPTO_RsaPublicKey *key)
309	}	309	}
310		310
311		311
		312	GNUNET_NETWORK_STRUCT_BEGIN
		313
		314	/**
		315	* Format of the header of a serialized RSA public key.
		316	*/
		317	struct GNUNET_CRYPTO_RsaPublicKeyHeaderP
		318	{
		319	/**
		320	* length of modulus 'n' in bytes, in NBO
		321	*/
		322	uint16_t modulus_length GNUNET_PACKED;
		323
		324	/**
		325	* length of exponent in bytes, in NBO
		326	*/
		327	uint16_t public_exponent_length GNUNET_PACKED;
		328
		329	/* followed by variable-size modulus and
		330	public exponent follows as big-endian encoded
		331	integers */
		332	};
		333
		334	GNUNET_NETWORK_STRUCT_END
		335
		336	#define NEW_CRYPTO 0
		337
312	/**	338	/**
313	* Encode the public key in a format suitable for	339	* Encode the public key in a format suitable for
314	* storing it into a file.	340	* storing it into a file.
@@ -322,6 +348,69 @@ GNUNET_CRYPTO_rsa_public_key_encode (const struct
322	GNUNET_CRYPTO_RsaPublicKey *key,	348	GNUNET_CRYPTO_RsaPublicKey *key,
323	char **buffer)	349	char **buffer)
324	{	350	{
		351	#if NEW_CRYPTO
		352	gcry_mpi_t ne[2];
		353	size_t n_size;
		354	size_t e_size;
		355	size_t rsize;
		356	size_t buf_size;
		357	char *buf;
		358	struct GNUNET_CRYPTO_RsaPublicKeyHeaderP hdr;
		359	int ret;
		360
		361	/* SEE #5398 / #5968 */
		362	ret = key_from_sexp (ne, key->sexp, "public-key", "ne");
		363	if (0 != ret)
		364	ret = key_from_sexp (ne, key->sexp, "rsa", "ne");
		365	if (0 != ret)
		366	{
		367	GNUNET_break (0);
		368	*buffer = NULL;
		369	return 0;
		370	}
		371
		372	gcry_mpi_print (GCRYMPI_FMT_USG,
		373	NULL,
		374	0,
		375	&n_size,
		376	ne[0]);
		377	gcry_mpi_print (GCRYMPI_FMT_USG,
		378	NULL,
		379	0,
		380	&e_size,
		381	ne[1]);
		382	if ( (e_size > UINT16_MAX) \|\|
		383	(n_size > UINT16_MAX) )
		384	{
		385	GNUNET_break (0);
		386	*buffer = NULL;
		387	gcry_mpi_release (ne[0]);
		388	gcry_mpi_release (ne[1]);
		389	return 0;
		390	}
		391	buf_size = n_size + e_size + sizeof (hdr);
		392	buf = GNUNET_malloc (buf_size);
		393	hdr.modulus_length = htons ((uint16_t) n_size);
		394	hdr.public_exponent_length = htons ((uint16_t) e_size);
		395	memcpy (buf, &hdr, sizeof (hdr));
		396	GNUNET_assert (0 ==
		397	gcry_mpi_print (GCRYMPI_FMT_USG,
		398	(unsigned char *) &buf[sizeof (hdr)],
		399	n_size,
		400	&rsize,
		401	ne[0]));
		402
		403	GNUNET_assert (0 ==
		404	gcry_mpi_print (GCRYMPI_FMT_USG,
		405	(unsigned char *) &buf[sizeof (hdr) + n_size],
		406	e_size,
		407	&rsize,
		408	ne[1]));
		409	*buffer = buf;
		410	gcry_mpi_release (ne[0]);
		411	gcry_mpi_release (ne[1]);
		412	return buf_size;
		413	#else
325	size_t n;	414	size_t n;
326	char *b;	415	char *b;
327		416
@@ -337,6 +426,7 @@ GNUNET_CRYPTO_rsa_public_key_encode (const struct
337	n));	426	n));
338	*buffer = b;	427	*buffer = b;
339	return n;	428	return n;
		429	#endif
340	}	430	}
341		431
342		432
@@ -375,9 +465,71 @@ GNUNET_CRYPTO_rsa_public_key_decode (const char *buf,
375	size_t len)	465	size_t len)
376	{	466	{
377	struct GNUNET_CRYPTO_RsaPublicKey *key;	467	struct GNUNET_CRYPTO_RsaPublicKey *key;
		468	#if NEW_CRYPTO
		469	struct GNUNET_CRYPTO_RsaPublicKeyHeaderP hdr;
		470	size_t e_size;
		471	size_t n_size;
		472	gcry_mpi_t n;
		473	gcry_mpi_t e;
		474	gcry_sexp_t data;
		475
		476	if (len < sizeof (hdr))
		477	{
		478	GNUNET_break_op (0);
		479	return NULL;
		480	}
		481	memcpy (&hdr, buf, sizeof (hdr));
		482	n_size = ntohs (hdr.modulus_length);
		483	e_size = ntohs (hdr.public_exponent_length);
		484	if (len != sizeof (hdr) + e_size + n_size)
		485	{
		486	GNUNET_break_op (0);
		487	return NULL;
		488	}
		489	if (0 !=
		490	gcry_mpi_scan (&n,
		491	GCRYMPI_FMT_USG,
		492	&buf[sizeof (hdr)],
		493	n_size,
		494	NULL))
		495	{
		496	GNUNET_break_op (0);
		497	return NULL;
		498	}
		499	if (0 !=
		500	gcry_mpi_scan (&e,
		501	GCRYMPI_FMT_USG,
		502	&buf[sizeof (hdr) + n_size],
		503	e_size,
		504	NULL))
		505	{
		506	GNUNET_break_op (0);
		507	gcry_mpi_release (n);
		508	return NULL;
		509	}
		510
		511	if (0 !=
		512	gcry_sexp_build (&data,
		513	NULL,
		514	"(public-key(rsa(n %m)(e %m)))",
		515	n,
		516	e))
		517	{
		518	GNUNET_break (0);
		519	gcry_mpi_release (n);
		520	gcry_mpi_release (e);
		521	return NULL;
		522	}
		523	gcry_mpi_release (n);
		524	gcry_mpi_release (e);
		525	key = GNUNET_new (struct GNUNET_CRYPTO_RsaPublicKey);
		526	key->sexp = data;
		527	return key;
		528	#else
378	gcry_mpi_t n;	529	gcry_mpi_t n;
379	int ret;	530	int ret;
380		531
		532
381	key = GNUNET_new (struct GNUNET_CRYPTO_RsaPublicKey);	533	key = GNUNET_new (struct GNUNET_CRYPTO_RsaPublicKey);
382	if (0 !=	534	if (0 !=
383	gcry_sexp_new (&key->sexp,	535	gcry_sexp_new (&key->sexp,
@@ -403,6 +555,7 @@ GNUNET_CRYPTO_rsa_public_key_decode (const char *buf,
403	}	555	}
404	gcry_mpi_release (n);	556	gcry_mpi_release (n);
405	return key;	557	return key;
		558	#endif
406	}	559	}
407		560
408		561