0
0
Fork 0
mirror of https://github.com/matrix-construct/construct synced 2024-11-05 05:18:54 +01:00
construct/ircd/openssl.cc

2649 lines
51 KiB
C++
Raw Normal View History

2018-02-04 03:22:01 +01:00
// Matrix Construct
//
// Copyright (C) Matrix Construct Developers, Authors & Contributors
// Copyright (C) 2016-2018 Jason Volk <jason@zemos.net>
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice is present in all copies. The
// full license for this software is available in the LICENSE file.
#include <RB_INC_OPENSSL_ERR_H
#include <RB_INC_OPENSSL_ASN1_H
#include <RB_INC_OPENSSL_SHA_H
#include <RB_INC_OPENSSL_HMAC_H
#include <RB_INC_OPENSSL_SSL_H
#include <RB_INC_OPENSSL_EC_H
#include <RB_INC_OPENSSL_RSA_H
#include <RB_INC_OPENSSL_X509_H
#include <RB_INC_OPENSSL_EVP_H
#include <RB_INC_OPENSSL_RIPEMD_H
#include <RB_INC_OPENSSL_DH_H
#include <RB_INC_OPENSSL_TLS1_H
#if defined(LIBRESSL_VERSION_NUMBER)
static time_t ASN1_TIME_seconds(const ASN1_TIME *);
static int ASN1_TIME_diff(int *, int *, const ASN1_TIME *, const ASN1_TIME *);
#endif
namespace ircd::openssl
{
template<class exception = openssl::error>
2017-11-26 17:03:12 +01:00
[[noreturn]] static void throw_error(const ulong &);
template<class exception = openssl::error>
2017-11-26 17:03:12 +01:00
[[noreturn]] static void throw_error();
template<class exception = openssl::error,
int ERR_CODE = 0,
class function,
class... args>
static int call(function&& f, args&&... a);
static int genprime_cb(const int, const int, BN_GENCB *const) noexcept;
}
///////////////////////////////////////////////////////////////////////////////
//
// openssl.h
//
//
// SNI
//
void
ircd::openssl::server_name(SSL &ssl,
const string_view &name)
{
thread_local char buf[256];
strlcpy(buf, name);
call(::SSL_ctrl, &ssl, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, buf);
}
ircd::string_view
ircd::openssl::server_name(const SSL &ssl)
{
const int type(::SSL_get_servername_type(&ssl));
return ::SSL_get_servername(&ssl, type);
}
//
// Cipher suite
//
void
ircd::openssl::set_curves(SSL &ssl,
std::string list)
{
auto data(const_cast<char *>(list.data()));
call(::SSL_ctrl, &ssl, SSL_CTRL_SET_CURVES_LIST, 0, data);
}
void
ircd::openssl::set_curves(SSL_CTX &ssl,
std::string list)
{
auto data(const_cast<char *>(list.data()));
call(::SSL_CTX_ctrl, &ssl, SSL_CTRL_SET_CURVES_LIST, 0, data);
}
void
ircd::openssl::set_tmp_ecdh(SSL_CTX &ssl,
EC_KEY &key)
{
auto data(reinterpret_cast<char *>(&key));
call(::SSL_CTX_ctrl, &ssl, SSL_CTRL_SET_TMP_ECDH, 0, data);
}
void
ircd::openssl::set_ecdh_auto(SSL &ssl,
const bool &on)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L
long _on(on);
call(::SSL_ctrl, &ssl, SSL_CTRL_SET_ECDH_AUTO, _on, nullptr);
#endif
}
void
ircd::openssl::set_ecdh_auto(SSL_CTX &ssl,
const bool &on)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L
long _on(on);
call(::SSL_CTX_ctrl, &ssl, SSL_CTRL_SET_ECDH_AUTO, _on, nullptr);
#endif
}
void
ircd::openssl::set_cipher_list(SSL_CTX &ssl,
const std::string &list)
{
call(::SSL_CTX_set_cipher_list, &ssl, list.c_str());
}
void
ircd::openssl::set_cipher_list(SSL &ssl,
const std::string &list)
{
call(::SSL_set_cipher_list, &ssl, list.c_str());
}
std::string
ircd::openssl::cipher_list(const SSL_CTX &ctx,
const int &priority)
{
const custom_ptr<SSL> ssl
{
SSL_new(const_cast<SSL_CTX *>(&ctx)), SSL_free
};
std::stringstream ret;
for(int i(priority); priority? i <= priority : true; ++i)
{
const auto cipher(cipher_list(*ssl, i));
if(!empty(cipher))
ret << cipher << ':';
else
break;
}
return ret.str();
}
ircd::string_view
ircd::openssl::cipher_list(const SSL &ssl,
const int &priority)
{
return SSL_get_cipher_list(&ssl, priority);
}
ircd::string_view
ircd::openssl::shared_ciphers(const mutable_buffer &buf,
const SSL &ssl)
{
return SSL_get_shared_ciphers(&ssl, data(buf), size(buf));
}
const SSL_CIPHER *
ircd::openssl::current_cipher(const SSL &ssl)
{
return SSL_get_current_cipher(&ssl);
}
ircd::string_view
ircd::openssl::name(const SSL_CIPHER &cipher)
{
return SSL_CIPHER_get_name(&cipher);
}
//
// X509
//
namespace ircd::openssl
{
time_t get_time(const ASN1_TIME &);
using x509_name_entry_closure = std::function<bool (const string_view &, const string_view &)>;
bool for_each(const X509_NAME &name, const x509_name_entry_closure &);
void append(X509_NAME &name, const string_view &key, const string_view &val);
void append(X509_NAME &name, const json::object &entries);
void append_entries(X509 &cert, const json::object &opts);
}
X509 &
ircd::openssl::current_cert(X509_STORE_CTX &cx)
{
auto *const ret
{
X509_STORE_CTX_get_current_cert(&cx)
};
2018-05-15 11:58:04 +02:00
if(unlikely(!ret))
throw error
{
"No current certificate"
};
return *ret;
}
const X509 &
ircd::openssl::current_cert(const X509_STORE_CTX &cx)
{
auto &mcx{const_cast<X509_STORE_CTX &>(cx)};
const auto *const ret
{
X509_STORE_CTX_get_current_cert(&mcx)
};
2018-05-15 11:58:04 +02:00
if(unlikely(!ret))
throw error
{
"No current certificate"
};
return *ret;
}
uint
ircd::openssl::get_error_depth(const X509_STORE_CTX &cx)
{
auto &mcx{const_cast<X509_STORE_CTX &>(cx)};
const int ret
{
X509_STORE_CTX_get_error_depth(&mcx)
};
assert(ret >= 0);
return ret;
}
const char *
ircd::openssl::get_error_string(const X509_STORE_CTX &cx)
{
return cert_error_string(get_error(cx));
}
const char *
ircd::openssl::cert_error_string(const long &n)
{
return X509_verify_cert_error_string(n);
}
int
ircd::openssl::get_error(const X509_STORE_CTX &cx)
{
auto &mcx{const_cast<X509_STORE_CTX &>(cx)};
return X509_STORE_CTX_get_error(&mcx);
}
2018-01-05 06:59:39 +01:00
X509 &
ircd::openssl::peer_cert(SSL &ssl)
{
auto *const ret
{
SSL_get_peer_certificate(&ssl)
};
assert(ret);
if(unlikely(!ret))
throw error
{
"No X509 certificate for peer"
};
2018-01-05 06:59:39 +01:00
return *ret;
}
const X509 &
ircd::openssl::peer_cert(const SSL &ssl)
{
const auto *const ret
{
SSL_get_peer_certificate(&ssl)
};
assert(ret);
if(unlikely(!ret))
throw error
{
"No X509 certificate for peer"
};
2018-01-05 06:59:39 +01:00
return *ret;
}
2018-01-12 07:00:41 +01:00
namespace ircd::openssl
{
static void genx509_readkeys(EVP_PKEY &, const json::object &);
}
ircd::string_view
2018-01-12 07:00:41 +01:00
ircd::openssl::genX509_rsa(const mutable_buffer &out,
const json::object &opts)
{
2018-01-12 07:00:41 +01:00
const custom_ptr<RSA> priv
{
2018-01-31 07:52:10 +01:00
RSA_new(), RSA_free
};
const custom_ptr<EVP_PKEY> pk
{
2018-01-31 07:52:10 +01:00
EVP_PKEY_new(), EVP_PKEY_free
};
2018-01-12 07:00:41 +01:00
set(*pk, *priv);
genx509_readkeys(*pk, opts);
check(*EVP_PKEY_get1_RSA(pk.get()));
2018-01-12 07:00:41 +01:00
return genX509(out, *pk, opts);
}
2018-01-12 07:00:41 +01:00
ircd::string_view
ircd::openssl::genX509_ec(const mutable_buffer &out,
const json::object &opts)
{
const custom_ptr<EC_KEY> priv
{
2018-01-31 07:52:10 +01:00
EC_KEY_new(), EC_KEY_free
};
2018-01-12 07:00:41 +01:00
const custom_ptr<EVP_PKEY> pk
{
2018-01-31 07:52:10 +01:00
EVP_PKEY_new(), EVP_PKEY_free
2018-01-12 07:00:41 +01:00
};
set(*pk, *priv);
genx509_readkeys(*pk, opts);
check(*EVP_PKEY_get1_EC_KEY(pk.get()));
2018-01-12 07:00:41 +01:00
return genX509(out, *pk, opts);
}
2018-01-12 07:00:41 +01:00
void
ircd::openssl::genx509_readkeys(EVP_PKEY &pk,
const json::object &opts)
{
const std::string private_key_path
{
unquote(opts.at("private_key_pem_path"))
};
const std::string public_key_path
{
unquote(opts.get("public_key_pem_path", private_key_path + ".pub"))
2018-01-12 07:00:41 +01:00
};
bio::read_file(private_key_path, [&pk](const string_view &pem)
{
read_pem_priv(pk, pem);
});
2018-01-12 07:00:41 +01:00
bio::read_file(public_key_path, [&pk](const string_view &pem)
{
read_pem_pub(pk, pem);
});
}
2018-01-12 07:00:41 +01:00
ircd::string_view
ircd::openssl::genX509(const mutable_buffer &out,
EVP_PKEY &pk,
const json::object &opts)
{
2017-12-02 22:04:11 +01:00
const custom_ptr<X509> x509
{
2018-01-31 07:52:10 +01:00
X509_new(), X509_free
2017-12-02 22:04:11 +01:00
};
2018-01-12 07:00:41 +01:00
call(::X509_set_pubkey, x509.get(), &pk);
append_entries(*x509, opts);
2018-01-12 07:00:41 +01:00
call(::X509_sign, x509.get(), &pk, EVP_sha256());
return write_pem(out, *x509);
}
std::string
ircd::openssl::stringify(const X509 &cert_)
{
auto &cert{const_cast<X509 &>(cert_)};
// issuer
std::vector<json::member> issuer_json;
X509_NAME *const issuer{X509_get_issuer_name(&cert)};
for_each(*issuer, [&](const string_view &key, const string_view &val)
{
const json::member member{key, val};
issuer_json.emplace_back(member);
return true;
});
// subject
std::vector<json::member> subject_json;
X509_NAME *const subject{X509_get_subject_name(&cert)};
for_each(*subject, [&](const string_view &key, const string_view &val)
{
const json::member member{key, val};
subject_json.emplace_back(member);
return true;
});
return json::strung{json::members
{
{ "issuer", { issuer_json.data(), issuer_json.size() } },
{ "subject", { subject_json.data(), subject_json.size() } },
{ "notBefore", not_before(cert) },
{ "notAfter", not_after(cert) },
}};
}
void
ircd::openssl::append_entries(X509 &cert,
const json::object &opts)
{
// version
call(::X509_set_version, &cert, opts.get<long>("version", 2));
// notBefore
{
const long value
{
opts.get<long>("notBefore", 0)
};
ASN1_TIME *const notBefore{X509_get_notBefore(&cert)};
assert(notBefore != nullptr);
X509_gmtime_adj(notBefore, value);
}
// notAfter
{
const long value
{
opts.get<long>("notAfter", 0)?:
60 * 60 * 24 * opts.get<long>("days", 60L)
};
ASN1_TIME *const notAfter{X509_get_notAfter(&cert)};
assert(notAfter != nullptr);
X509_gmtime_adj(notAfter, value);
}
// subject
if(opts.has("subject"))
{
const json::object subject_opts
{
opts["subject"]
};
X509_NAME *const subject
{
X509_get_subject_name(&cert)
};
assert(subject != nullptr);
append(*subject, subject_opts);
}
// issuer
if(opts.has("issuer"))
{
const json::object issuer_opts
{
opts["issuer"]
};
X509_NAME *const issuer
{
X509_get_issuer_name(&cert)
};
assert(issuer != nullptr);
append(*issuer, issuer_opts);
}
else if(opts.has("subject")) // self-signed; issuer is subject
{
X509_NAME *const subject
{
X509_get_subject_name(&cert)
};
assert(subject != nullptr);
call(::X509_set_issuer_name, &cert, subject);
}
}
void
ircd::openssl::append(X509_NAME &name,
const json::object &entries)
{
for(const auto &member : entries)
append(name, unquote(member.first), unquote(member.second));
}
void
ircd::openssl::append(X509_NAME &name,
const string_view &key,
const string_view &val)
try
{
call(::X509_NAME_add_entry_by_txt,
&name,
std::string{key}.c_str(), // key (has to be null terminated)
MBSTRING_ASC, // type
(const uint8_t *)val.data(), // data
val.size(), // len
-1, // loc (-1 = append)
0); // set (0 = new RDN created)
}
catch(const error &e)
{
throw error
{
"Failed to append X509 NAME entry '%s' (%zu bytes): %s",
key,
val.size(),
e.what()
};
}
bool
ircd::openssl::for_each(const X509_NAME &name_,
const x509_name_entry_closure &closure)
{
const auto name(const_cast<X509_NAME *>(&name_));
const auto cnt(X509_NAME_entry_count(name));
for(auto i(0); i < cnt; ++i)
{
const auto entry(X509_NAME_get_entry(name, i));
const auto obj(X509_NAME_ENTRY_get_object(entry));
thread_local char keybuf[128];
const ssize_t keylen(OBJ_obj2txt(keybuf, sizeof(keybuf), obj, 0));
if(unlikely(keylen < 0))
continue;
thread_local char valbuf[1024];
const ssize_t vallen(X509_NAME_get_text_by_OBJ(name, obj, valbuf, sizeof(valbuf)));
if(unlikely(vallen < 0))
continue;
const string_view key{keybuf, size_t(keylen)};
const string_view val{valbuf, size_t(vallen)};
if(!closure(key, val))
return false;
}
return true;
}
time_t
ircd::openssl::not_before(const X509 &cert_)
{
auto &cert{const_cast<X509 &>(cert_)};
ASN1_TIME *const notBefore{X509_get_notBefore(&cert)};
return get_time(*notBefore);
}
time_t
ircd::openssl::not_after(const X509 &cert_)
{
auto &cert{const_cast<X509 &>(cert_)};
ASN1_TIME *const notAfter{X509_get_notAfter(&cert)};
return get_time(*notAfter);
}
ircd::string_view
ircd::openssl::subject_common_name(const mutable_buffer &out,
const X509 &cert)
{
X509_NAME *const subject
{
X509_get_subject_name(const_cast<X509 *>(&cert))
};
if(!subject)
return {};
const auto len
{
X509_NAME_get_text_by_NID(subject, NID_commonName, data(out), size(out))
};
// NID_commonName does not exist in subject.
if(len < 0)
return {};
// Terminating NULL is written to buffer but is not counted in len.
assert(size_t(len) < size(out));
return { data(out), size_t(len) };
}
ircd::string_view
ircd::openssl::print_subject(const mutable_buffer &buf,
const string_view &pem,
ulong flags)
{
const custom_ptr<X509> x509
{
2018-01-31 07:52:10 +01:00
X509_new(), X509_free
};
return print_subject(buf, read_pem(*x509, pem), flags);
}
ircd::string_view
ircd::openssl::print_subject(const mutable_buffer &buf,
const X509 &cert,
ulong flags)
{
if(flags == ulong(-1))
flags = XN_FLAG_ONELINE;
else
flags = 0;
const X509_NAME *const subject
{
X509_get_subject_name(const_cast<X509 *>(&cert))
};
return bio::write(buf, [&subject, &flags]
(BIO *const &bio)
{
X509_NAME_print_ex(bio, const_cast<X509_NAME *>(subject), 0, flags);
});
}
ircd::string_view
ircd::openssl::printX509(const mutable_buffer &buf,
const string_view &pem,
ulong flags)
{
const custom_ptr<X509> x509
{
2018-01-31 07:52:10 +01:00
X509_new(), X509_free
};
return print(buf, read_pem(*x509, pem), flags);
}
ircd::string_view
ircd::openssl::print(const mutable_buffer &buf,
const X509 &cert,
ulong flags)
{
if(flags == ulong(-1))
flags = XN_FLAG_ONELINE;
else
flags = 0;
return bio::write(buf, [&cert, &flags]
(BIO *const &bio)
{
X509_print_ex(bio, const_cast<X509 *>(&cert), 0, flags);
});
}
ircd::const_buffer
ircd::openssl::cert2d(const mutable_buffer &out,
const string_view &pem)
{
const custom_ptr<X509> x509
{
2018-01-31 07:52:10 +01:00
X509_new(), X509_free
};
return i2d(out, read_pem(*x509, pem));
}
X509 &
ircd::openssl::read_pem(X509 &out_,
const string_view &pem)
{
X509 *ret{nullptr}, *out{&out_};
bio::read(pem, [&ret, &out]
(BIO *const &bio)
{
ret = PEM_read_bio_X509(bio, &out, nullptr, nullptr);
});
if(unlikely(ret != out))
2017-12-30 09:07:23 +01:00
throw error
{
"Failed to read X509 PEM @ %p (len: %zu)", pem.data(), pem.length()
};
return *ret;
}
ircd::string_view
ircd::openssl::write_pem(const mutable_buffer &out,
const X509 &cert)
{
return bio::write(out, [&cert]
(BIO *const &bio)
{
call(::PEM_write_bio_X509, bio, const_cast<X509 *>(&cert));
});
}
ircd::const_buffer
ircd::openssl::i2d(const mutable_buffer &buf,
const X509 &_cert)
{
auto &cert
{
const_cast<X509 &>(_cert)
};
const int len
{
i2d_X509(&cert, nullptr)
};
if(unlikely(len < 0))
throw_error();
if(unlikely(size(buf) < size_t(len)))
throw error
{
"DER requires a %zu byte buffer, you supplied %zu bytes", len, size(buf)
};
auto *out(reinterpret_cast<uint8_t *>(data(buf)));
const const_buffer ret
{
2017-11-26 17:03:12 +01:00
data(buf), size_t(i2d_X509(&cert, &out))
};
if(unlikely(size(ret) != size_t(len)))
throw error();
assert(out - reinterpret_cast<uint8_t *>(data(buf)) == len);
return ret;
}
time_t
ircd::openssl::get_time(const ASN1_TIME &t)
{
int pday, psec;
ASN1_TIME_diff(&pday, &psec, nullptr, &t);
const time_t sec
{
pday * 60L * 60L * 24L + psec
};
return ircd::time() + sec;
}
//
// DH
//
decltype(ircd::openssl::rfc3526_dh_params_pem)
ircd::openssl::rfc3526_dh_params_pem
{R"(
2048-bit DH parameters taken from rfc3526
-----BEGIN DH PARAMETERS-----
MIIBCAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg==
-----END DH PARAMETERS-----
)"};
decltype(ircd::openssl::DH_DEFAULT_BITS)
ircd::openssl::DH_DEFAULT_BITS
{
2048
};
decltype(ircd::openssl::DH_DEFAULT_GEN)
ircd::openssl::DH_DEFAULT_GEN
{
5
};
void
ircd::openssl::gendh(const string_view &dhfile,
const uint &bits,
const uint &gen)
{
bio::write_file(dhfile, [&bits, &gen]
(const mutable_buffer &buf)
{
return gendh(buf, bits, gen);
});
}
ircd::string_view
ircd::openssl::gendh(const mutable_buffer &buf,
const uint &bits,
const uint &gen)
{
const custom_ptr<DH> dh
{
DH_new(), DH_free
};
gendh(*dh, bits, gen);
return bio::write(buf, [&dh]
(BIO *const &bio)
{
call(::DHparams_print, bio, dh.get());
});
}
DH &
ircd::openssl::gendh(DH &dh,
const uint &bits,
const uint &gen)
{
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
const custom_ptr<BN_GENCB> gencb
{
BN_GENCB_new(), BN_GENCB_free
};
#else
const std::unique_ptr<BN_GENCB> gencb
{
std::make_unique<BN_GENCB>()
};
memset(gencb.get(), 0x0, sizeof(BN_GENCB));
#endif
void *const arg{nullptr}; // privdata passed to cb
BN_GENCB_set(gencb.get(), &ircd::openssl::genprime_cb, arg);
call<error, 0>(::DH_generate_parameters_ex, &dh, bits, gen, gencb.get());
return dh;
}
2018-01-12 07:00:41 +01:00
//
// EC
//
namespace ircd::openssl
{
void ec_init();
void ec_fini() noexcept;
}
const EC_GROUP *
ircd::openssl::secp256k1
{};
void
ircd::openssl::ec_init()
{
EC_GROUP *_secp256k1;
if(!(_secp256k1 = EC_GROUP_new_by_curve_name(OBJ_sn2nid("secp256k1"))))
throw error{"Failed to initialize EC_GROUP secp256k1"};
EC_GROUP_set_asn1_flag(_secp256k1, OPENSSL_EC_NAMED_CURVE);
EC_GROUP_set_point_conversion_form(_secp256k1, POINT_CONVERSION_COMPRESSED);
secp256k1 = _secp256k1;
}
void
ircd::openssl::ec_fini()
noexcept
{
EC_GROUP_free(const_cast<EC_GROUP *>(secp256k1));
}
void
ircd::openssl::genec(const string_view &skfile,
const string_view &pkfile,
const EC_GROUP *const &group)
{
const custom_ptr<EC_KEY> key
{
2018-01-31 07:52:10 +01:00
EC_KEY_new(), EC_KEY_free
2018-01-12 07:00:41 +01:00
};
const custom_ptr<EVP_PKEY> pk
{
2018-01-31 07:52:10 +01:00
EVP_PKEY_new(), EVP_PKEY_free
2018-01-12 07:00:41 +01:00
};
const auto write_priv{[&pk](const mutable_buffer &out)
{
return write_pem_priv(out, *pk);
}};
const auto write_pub{[&pk](const mutable_buffer &out)
{
return write_pem_pub(out, *pk);
}};
assert(group);
assert(EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE);
call(::EC_KEY_set_group, key.get(), group);
call(::EC_KEY_generate_key, key.get());
assert(EC_KEY_get0_public_key(key.get()));
2018-01-12 07:00:41 +01:00
set(*pk, *key);
bio::write_file(skfile, write_priv);
bio::write_file(pkfile, write_pub);
}
ircd::string_view
ircd::openssl::print(const mutable_buffer &buf,
const EC_KEY &key,
const off_t &offset)
{
return bio::write(buf, [&key, &offset]
(BIO *const &bio)
{
call(::EC_KEY_print, bio, &key, offset);
});
}
void
ircd::openssl::check(const EC_KEY &key)
{
if(!check(key, std::nothrow))
throw error{"Invalid Elliptic Curve Key"};
}
bool
ircd::openssl::check(const EC_KEY &key,
const std::nothrow_t)
{
return EC_KEY_check_key(&key) == 1;
}
//
// RSA
//
void
ircd::openssl::genrsa(const string_view &skfile,
const string_view &pkfile,
const json::object &opts)
{
const auto bits
{
opts.get<uint>("bits", 2048)
};
const auto e
{
opts.get<uint>("e", 65537)
};
const custom_ptr<RSA> rsa
{
2018-01-31 07:52:10 +01:00
RSA_new(), RSA_free
};
const custom_ptr<EVP_PKEY> pk
{
2018-01-31 07:52:10 +01:00
EVP_PKEY_new(), EVP_PKEY_free
};
genrsa(*rsa, bits, e);
check(*rsa);
set(*pk, *rsa);
bio::write_file(skfile, [&pk]
(const mutable_buffer &out)
{
return write_pem_priv(out, *pk);
});
bio::write_file(pkfile, [&pk]
(const mutable_buffer &out)
{
return write_pem_pub(out, *pk);
});
}
RSA &
ircd::openssl::genrsa(RSA &out,
const uint &bits,
const uint &exp)
{
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
const custom_ptr<BN_GENCB> gencb
{
BN_GENCB_new(), BN_GENCB_free
};
#else
const std::unique_ptr<BN_GENCB> gencb
{
std::make_unique<BN_GENCB>()
};
memset(gencb.get(), 0x0, sizeof(BN_GENCB));
#endif
void *const arg{nullptr}; // privdata passed to cb
BN_GENCB_set(gencb.get(), &ircd::openssl::genprime_cb, arg);
bignum e{exp};
call(::RSA_generate_key_ex, &out, bits, e, gencb.get());
return out;
}
ircd::string_view
ircd::openssl::print(const mutable_buffer &buf,
const RSA &rsa,
const off_t &offset)
{
return bio::write(buf, [&rsa, &offset]
(BIO *const &bio)
{
RSA_print(bio, const_cast<RSA *>(&rsa), offset);
});
}
size_t
ircd::openssl::size(const RSA &key)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L
assert(key.n != nullptr);
#endif
return RSA_size(&key);
}
void
ircd::openssl::check(const RSA &key)
{
if(call<error, -1>(::RSA_check_key, const_cast<RSA *>(&key)) == 0)
2017-12-30 09:07:23 +01:00
throw error{"Invalid RSA"};
}
bool
ircd::openssl::check(const RSA &key,
const std::nothrow_t)
{
return RSA_check_key(const_cast<RSA *>(&key)) == 1;
}
//
// Envelope
//
2018-01-12 07:00:41 +01:00
void
ircd::openssl::set(EVP_PKEY &out,
RSA &in)
{
call(::EVP_PKEY_set1_RSA, &out, &in);
}
void
ircd::openssl::set(EVP_PKEY &out,
EC_KEY &in)
{
call(::EVP_PKEY_set1_EC_KEY, &out, &in);
}
ircd::string_view
ircd::openssl::write_pem_priv(const mutable_buffer &out,
const EVP_PKEY &evp)
{
EVP_CIPHER *const enc{nullptr};
uint8_t *const kstr{nullptr};
const int klen{0};
pem_password_cb *const pwcb{nullptr};
void *const u{nullptr};
auto *const p{const_cast<EVP_PKEY *>(&evp)};
return bio::write(out, [&evp, &p, &enc, &kstr, &klen, &pwcb, &u]
(BIO *const &bio)
{
switch(EVP_PKEY_type(EVP_PKEY_id(&evp)))
{
case EVP_PKEY_RSA:
call(::PEM_write_bio_RSAPrivateKey, bio, EVP_PKEY_get1_RSA(p), enc, kstr, klen, pwcb, u);
break;
2018-01-12 07:00:41 +01:00
case EVP_PKEY_EC:
call(::PEM_write_bio_ECPrivateKey, bio, EVP_PKEY_get1_EC_KEY(p), enc, kstr, klen, pwcb, u);
2018-01-12 07:00:41 +01:00
break;
default:
call(::PEM_write_bio_PrivateKey, bio, p, enc, kstr, klen, pwcb, u);
break;
}
});
}
ircd::string_view
ircd::openssl::write_pem_pub(const mutable_buffer &out,
const EVP_PKEY &evp)
{
auto *const p{const_cast<EVP_PKEY *>(&evp)};
return bio::write(out, [&evp, &p]
(BIO *const &bio)
{
switch(EVP_PKEY_type(EVP_PKEY_id(&evp)))
{
case EVP_PKEY_RSA:
call(::PEM_write_bio_RSAPublicKey, bio, EVP_PKEY_get1_RSA(p));
break;
2018-01-12 07:00:41 +01:00
case EVP_PKEY_EC:
call(::PEM_write_bio_EC_PUBKEY, bio, EVP_PKEY_get1_EC_KEY(p));
2018-01-12 07:00:41 +01:00
break;
default:
call(::PEM_write_bio_PUBKEY, bio, p);
break;
}
});
}
EVP_PKEY &
ircd::openssl::read_pem_priv(EVP_PKEY &out_,
const string_view &pem)
{
void *ret{nullptr};
EVP_PKEY *out{&out_};
pem_password_cb *const pwcb{nullptr};
void *const u{nullptr};
bio::read(pem, [&ret, &out, &pwcb, &u]
(BIO *const &bio)
{
switch(EVP_PKEY_type(EVP_PKEY_id(out)))
{
case EVP_PKEY_RSA:
{
RSA *rsa(EVP_PKEY_get1_RSA(out));
ret = PEM_read_bio_RSAPrivateKey(bio, &rsa, pwcb, u);
call(::EVP_PKEY_set1_RSA, out, rsa);
break;
}
2018-01-12 07:00:41 +01:00
case EVP_PKEY_EC:
{
EC_KEY *ec_key(EVP_PKEY_get1_EC_KEY(out));
ret = PEM_read_bio_ECPrivateKey(bio, &ec_key, pwcb, u);
EC_KEY_set_asn1_flag(EVP_PKEY_get1_EC_KEY(out), OPENSSL_EC_NAMED_CURVE);
call(::EVP_PKEY_set1_EC_KEY, out, ec_key);
2018-01-12 07:00:41 +01:00
break;
}
2018-01-12 07:00:41 +01:00
default:
ret = PEM_read_bio_PrivateKey(bio, &out, pwcb, u);
break;
}
});
if(unlikely(!ret))
2017-12-30 09:07:23 +01:00
throw error
{
"Failed to read Private Key PEM @ %p (len: %zu)", pem.data(), pem.length()
};
return *out;
}
EVP_PKEY &
ircd::openssl::read_pem_pub(EVP_PKEY &out_,
const string_view &pem)
{
void *ret{nullptr};
EVP_PKEY *out{&out_};
pem_password_cb *const pwcb{nullptr};
void *const u{nullptr};
bio::read(pem, [&ret, &out, &pwcb, &u]
(BIO *const &bio)
{
switch(EVP_PKEY_type(EVP_PKEY_id(out)))
{
case EVP_PKEY_RSA:
{
RSA *rsa(EVP_PKEY_get1_RSA(out));
ret = PEM_read_bio_RSAPublicKey(bio, &rsa, pwcb, u);
call(::EVP_PKEY_set1_RSA, out, rsa);
break;
}
2018-01-12 07:00:41 +01:00
case EVP_PKEY_EC:
{
EC_KEY *ec_key(EVP_PKEY_get1_EC_KEY(out));
ret = PEM_read_bio_EC_PUBKEY(bio, &ec_key, pwcb, u);
EC_KEY_set_asn1_flag(ec_key, OPENSSL_EC_NAMED_CURVE);
call(::EVP_PKEY_set1_EC_KEY, out, ec_key);
2018-01-12 07:00:41 +01:00
break;
}
2018-01-12 07:00:41 +01:00
default:
ret = PEM_read_bio_PUBKEY(bio, &out, pwcb, u);
break;
}
});
if(unlikely(!ret))
2017-12-30 09:07:23 +01:00
throw error
{
"Failed to read Public Key PEM @ %p (len: %zu)", pem.data(), pem.length()
};
return *out;
}
//
// lib generale
//
void
ircd::openssl::clear_error()
{
ERR_clear_error();
}
ulong
ircd::openssl::get_error()
{
return ERR_get_error();
}
ulong
ircd::openssl::peek_error()
{
return ERR_peek_error();
}
ircd::string_view
ircd::openssl::error_string(const mutable_buffer &buf,
const ulong &e)
{
ERR_error_string_n(e, data(buf), size(buf));
return { data(buf), strnlen(data(buf), size(buf)) };
}
std::pair<ircd::string_view, ircd::string_view>
ircd::openssl::version()
{
return
{
OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION)
};
}
//
// bio
//
void
ircd::openssl::bio::read_file(const string_view &path,
const cb_closure &closure)
{
const size_t size
{
fs::size(path)
};
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
const custom_ptr<void> buf
{
OPENSSL_secure_malloc(size), [&size]
(void *const buf)
{
OPENSSL_secure_free(buf);
}
};
#else
const custom_ptr<void> buf
{
2018-01-31 07:52:10 +01:00
OPENSSL_malloc_locked(size), [&size]
(void *const buf)
{
OPENSSL_cleanse(buf, size);
OPENSSL_free_locked(buf);
}
};
#endif
const mutable_buffer mb
{
reinterpret_cast<char *>(buf.get()), size
};
closure(fs::read(path, mb));
}
void
ircd::openssl::bio::write_file(const string_view &path,
const mb_closure &closure,
const size_t &size)
{
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
const custom_ptr<void> buf
{
OPENSSL_secure_malloc(size), [&size]
(void *const buf)
{
OPENSSL_secure_free(buf);
}
};
#else
const custom_ptr<void> buf
{
2018-01-31 07:52:10 +01:00
OPENSSL_malloc_locked(size), [&size]
(void *const buf)
{
OPENSSL_cleanse(buf, size);
OPENSSL_free_locked(buf);
}
};
#endif
const mutable_buffer mb
{
reinterpret_cast<char *>(buf.get()), size
};
fs::overwrite(path, closure(mb));
}
void
ircd::openssl::bio::read(const const_buffer &buf,
const closure &closure)
{
const custom_ptr<BIO> bp
{
2018-10-29 16:37:51 +01:00
// OpenSSL branch
#if !defined(LIBRESSL_VERSION_NUMBER)
2018-01-31 07:52:10 +01:00
BIO_new_mem_buf(data(buf), size(buf)), BIO_free
2018-10-29 16:37:51 +01:00
// LibreSSL branch
#else
BIO_new_mem_buf((void *)data(buf), size(buf)), BIO_free
#endif
};
closure(bp.get());
}
ircd::string_view
ircd::openssl::bio::write(const mutable_buffer &buf,
const closure &closure)
{
const custom_ptr<BIO> bp
{
2018-01-31 07:52:10 +01:00
BIO_new(BIO_s_mem()), BIO_free
};
//TODO: XXX: BAD: if the buffer is too small:
// I saw this try to realloc() our buffer. It did not respect
// the max size. I'd expect either truncation or error, so wtf?
BUF_MEM bm {0};
bm.data = data(buf);
bm.max = size(buf);
call(::BIO_ctrl, bp.get(), BIO_C_SET_BUF_MEM, BIO_NOCLOSE, &bm);
closure(bp.get());
assert(size_t(bm.length) <= size(buf));
return { data(buf), size_t(bm.length) };
}
//
// bignum
//
ircd::string_view
ircd::openssl::u2a(const mutable_buffer &out,
const BIGNUM *const &a)
{
const unique_buffer<mutable_buffer> tmp
{
size(a)
};
return ircd::u2a(out, data(tmp, a));
}
ircd::mutable_buffer
ircd::openssl::data(const mutable_buffer &out,
const BIGNUM *const &a)
{
if(!a)
return { data(out), 0UL };
if(unlikely(size(out) < size(a)))
throw buffer_error
{
"buffer size %zu short for BIGNUM of size %zu", size(out), size(a)
};
const auto len
{
BN_bn2bin(a, reinterpret_cast<uint8_t *>(data(out)))
};
reverse(out);
assert(len <= ssize_t(size(out)));
return { data(out), size_t(len) };
}
size_t
ircd::openssl::size(const BIGNUM *const &a)
{
return BN_num_bytes(a);
}
//
// bignum::bignum
//
ircd::openssl::bignum::bignum(const uint128_t &val)
:bignum
{
const_buffer
{
reinterpret_cast<const char *>(&val), sizeof(val)
}
}
{
}
ircd::openssl::bignum::bignum(const const_buffer &bin)
:a{[&bin]
{
// Our binary buffer is little endian.
thread_local char tmp[64_KiB];
2018-01-12 03:41:27 +01:00
const critical_assertion ca;
const size_t buf_size
{
#if defined(__HAVE_BUILTIN_SPECULATION_SAFE_VALUE)
__builtin_speculation_safe_value(size(bin))
#else
size(bin)
#endif
};
const mutable_buffer buf{tmp, buf_size};
if(unlikely(size(bin) > sizeof(tmp)))
throw buffer_error
{
"buffer input of %zu for bignum > tmp %zu",
size(bin),
sizeof(tmp)
};
reverse(buf, bin);
return BN_bin2bn(reinterpret_cast<uint8_t *>(data(buf)), size(buf), nullptr);
}()}
{
if(unlikely(!a))
throw error
{
"Error creating bignum from binary buffer..."
};
}
ircd::openssl::bignum::bignum(const BIGNUM &a)
:a{BN_dup(&a)}
{
}
ircd::openssl::bignum::bignum(const bignum &o)
:a{BN_dup(o.a)}
{
}
ircd::openssl::bignum::bignum(bignum &&o)
noexcept
:a{std::move(o.a)}
{
o.a = nullptr;
}
ircd::openssl::bignum &
ircd::openssl::bignum::operator=(const bignum &o)
{
if(unlikely(!BN_copy(a, o.a)))
2017-12-30 09:07:23 +01:00
throw error
{
"Failed to copy bignum from %p to %p", &o, this
};
return *this;
}
ircd::openssl::bignum &
ircd::openssl::bignum::operator=(bignum &&o)
noexcept
{
this->~bignum();
a = std::move(o.a);
o.a = nullptr;
return *this;
}
ircd::openssl::bignum::~bignum()
noexcept
{
BN_free(a);
}
ircd::openssl::bignum::operator
ircd::uint128_t()
const
{
uint128_t ret{0};
const mutable_buffer buf
{
reinterpret_cast<char *>(&ret), sizeof(ret)
};
data(buf, a);
return ret;
}
ircd::openssl::bignum::operator
BIGNUM &()
{
assert(a != nullptr);
return *a;
}
ircd::openssl::bignum::operator
BIGNUM *const &()
{
return a;
}
ircd::openssl::bignum::operator
BIGNUM **()
{
return &a;
}
ircd::openssl::bignum::operator
const BIGNUM &()
const
{
assert(a != nullptr);
return *a;
}
ircd::openssl::bignum::operator
const BIGNUM *()
const
{
return a;
}
size_t
ircd::openssl::bignum::bytes()
const
{
return BN_num_bytes(get());
}
size_t
ircd::openssl::bignum::bits()
const
{
return BN_num_bits(get());
}
BIGNUM *
ircd::openssl::bignum::release()
{
BIGNUM *const a{this->a};
this->a = nullptr;
return a;
}
BIGNUM *
ircd::openssl::bignum::get()
{
return a;
}
const BIGNUM *
ircd::openssl::bignum::get()
const
{
return a;
}
//
// init
//
ircd::openssl::init::init()
{
const auto v(version());
if(v.first != v.second)
log::warning
{
"Linked OpenSSL version '%s' is not the compiled OpenSSL version '%s'",
v.first,
v.second
};
OPENSSL_init();
ERR_load_crypto_strings();
ERR_load_ERR_strings();
2018-01-12 07:00:41 +01:00
ec_init();
/*
const auto their_id_callback
{
CRYPTO_THREADID_get_callback()
};
assert(their_id_callback == nullptr);
CRYPTO_THREADID_set_callback(locking::id_callback);
*/
/*
const auto their_locking_callback
{
CRYPTO_get_locking_callback()
};
if(their_locking_callback)
throw error("Overwrite their locking callback @ %p ???",
their_locking_callback);
CRYPTO_set_locking_callback(locking::callback);
*/
}
ircd::openssl::init::~init()
{
2018-01-12 07:00:41 +01:00
ec_fini();
//assert(CRYPTO_get_locking_callback() == locking::callback);
//assert(CRYPTO_THREADID_get_callback() == locking::id_callback);
ERR_free_strings();
}
///////////////////////////////////////////////////////////////////////////////
//
2019-01-19 20:59:51 +01:00
// crh.h
//
2019-01-19 21:46:44 +01:00
//
// hmac
//
#if OPENSSL_VERSION_NUMBER < 0x10100000L
2019-01-19 21:46:44 +01:00
struct ircd::crh::hmac::ctx
:HMAC_CTX
{
static constexpr const size_t &MAX_CTXS {64};
static thread_local allocator::fixed<ctx, MAX_CTXS> ctxs;
static void *operator new(const size_t count);
static void operator delete(void *const ptr, const size_t count);
ctx(const string_view &algorithm, const const_buffer &key);
~ctx() noexcept;
};
#else
struct ircd::crh::hmac::ctx
:custom_ptr<HMAC_CTX>
{
static constexpr const size_t &MAX_CTXS {64};
static thread_local allocator::fixed<ctx, MAX_CTXS> ctxs;
static void *operator new(const size_t count);
static void operator delete(void *const ptr, const size_t count);
ctx(const string_view &algorithm, const const_buffer &key);
~ctx() noexcept;
};
#endif
2019-01-19 21:46:44 +01:00
decltype(ircd::crh::hmac::ctx::ctxs)
thread_local ircd::crh::hmac::ctx::ctxs
{};
void *
ircd::crh::hmac::ctx::operator new(const size_t bytes)
{
assert(bytes > 0);
assert(bytes % sizeof(ctx) == 0);
return ctxs().allocate(bytes / sizeof(ctx));
}
void
ircd::crh::hmac::ctx::operator delete(void *const ptr,
const size_t bytes)
{
if(!ptr)
return;
assert(bytes % sizeof(ctx) == 0);
ctxs().deallocate(reinterpret_cast<ctx *>(ptr), bytes / sizeof(ctx));
}
//
// hmac::ctx::ctx
//
ircd::crh::hmac::ctx::ctx(const string_view &algorithm,
const const_buffer &key)
#if OPENSSL_VERSION_NUMBER < 0x10100000L
2019-01-19 21:46:44 +01:00
:HMAC_CTX{0}
#else
:custom_ptr<HMAC_CTX>
{
HMAC_CTX_new(), HMAC_CTX_free
}
#endif
2019-01-19 21:46:44 +01:00
{
const EVP_MD *const md
{
iequals(algorithm, "sha1")?
EVP_sha1():
iequals(algorithm, "sha256")?
EVP_sha256():
nullptr
};
if(unlikely(!md))
throw error
{
"Algorithm '%s' not supported for HMAC", algorithm
};
#if OPENSSL_VERSION_NUMBER < 0x10100000L
2019-01-19 21:46:44 +01:00
HMAC_CTX_init(this);
openssl::call(::HMAC_Init_ex, this, data(key), size(key), md, nullptr);
#else
openssl::call(::HMAC_Init_ex, this->get(), data(key), size(key), md, nullptr);
#endif
2019-01-19 21:46:44 +01:00
}
ircd::crh::hmac::ctx::~ctx()
noexcept
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L
2019-01-19 21:46:44 +01:00
HMAC_CTX_cleanup(this);
#endif
2019-01-19 21:46:44 +01:00
}
//
// hmac::hmac
//
ircd::crh::hmac::hmac(const string_view &algorithm,
const const_buffer &key)
:ctx
{
std::make_unique<struct ctx>(algorithm, key)
}
{
}
ircd::crh::hmac::~hmac()
noexcept
{
}
void
ircd::crh::hmac::update(const const_buffer &buf)
{
assert(bool(ctx));
const auto ptr
{
reinterpret_cast<const uint8_t *>(data(buf))
};
#if OPENSSL_VERSION_NUMBER < 0x10100000L
2019-01-19 21:46:44 +01:00
openssl::call(::HMAC_Update, ctx.get(), ptr, size(buf));
#else
openssl::call(::HMAC_Update, ctx->get(), ptr, size(buf));
#endif
2019-01-19 21:46:44 +01:00
}
ircd::const_buffer
ircd::crh::hmac::finalize(const mutable_buffer &buf)
{
assert(bool(ctx));
const auto ptr
{
reinterpret_cast<uint8_t *>(data(buf))
};
uint len;
#if OPENSSL_VERSION_NUMBER < 0x10100000L
2019-01-19 21:46:44 +01:00
openssl::call(::HMAC_Final, ctx.get(), ptr, &len);
#else
openssl::call(::HMAC_Final, ctx->get(), ptr, &len);
#endif
2019-01-19 21:46:44 +01:00
return {data(buf), len};
}
size_t
ircd::crh::hmac::length()
const
{
assert(bool(ctx));
#if OPENSSL_VERSION_NUMBER < 0x10100000L
2019-01-19 21:46:44 +01:00
return HMAC_size(ctx.get());
#else
return HMAC_size(ctx->get());
#endif
2019-01-19 21:46:44 +01:00
}
2019-01-19 20:59:51 +01:00
//
// sha1
//
namespace ircd::crh
{
static void finalize(struct sha1::ctx *const &, const mutable_buffer &);
}
struct ircd::crh::sha1::ctx
:SHA_CTX
{
static constexpr const size_t &MAX_CTXS {64};
static thread_local allocator::fixed<ctx, MAX_CTXS> ctxs;
static void *operator new(const size_t count);
static void operator delete(void *const ptr, const size_t count);
ctx();
~ctx() noexcept;
};
decltype(ircd::crh::sha1::ctx::ctxs)
thread_local ircd::crh::sha1::ctx::ctxs
{};
void *
ircd::crh::sha1::ctx::operator new(const size_t bytes)
{
assert(bytes > 0);
assert(bytes % sizeof(ctx) == 0);
return ctxs().allocate(bytes / sizeof(ctx));
}
void
ircd::crh::sha1::ctx::operator delete(void *const ptr,
const size_t bytes)
{
if(!ptr)
return;
assert(bytes % sizeof(ctx) == 0);
ctxs().deallocate(reinterpret_cast<ctx *>(ptr), bytes / sizeof(ctx));
}
//
// sha1::ctx::ctx
//
ircd::crh::sha1::ctx::ctx()
{
openssl::call(::SHA1_Init, this);
}
ircd::crh::sha1::ctx::~ctx()
noexcept
{
}
//
// sha1::sha1
//
ircd::crh::sha1::sha1()
:ctx{std::make_unique<struct ctx>()}
{
}
/// One-shot functor. Immediately calls update(); no output
ircd::crh::sha1::sha1(const const_buffer &in)
:sha1{}
{
update(in);
}
/// One-shot functor. Immediately calls operator(). NOTE: This hashing context
/// cannot be used again after this ctor.
ircd::crh::sha1::sha1(const mutable_buffer &out,
const const_buffer &in)
:sha1{}
{
operator()(out, in);
}
ircd::crh::sha1::~sha1()
noexcept
{
}
void
ircd::crh::sha1::update(const const_buffer &buf)
{
assert(bool(ctx));
openssl::call(::SHA1_Update, ctx.get(), data(buf), size(buf));
}
void
ircd::crh::sha1::digest(const mutable_buffer &buf)
const
{
assert(bool(ctx));
auto copy(*ctx);
crh::finalize(&copy, buf);
}
void
ircd::crh::sha1::finalize(const mutable_buffer &buf)
{
assert(bool(ctx));
crh::finalize(ctx.get(), buf);
}
size_t
ircd::crh::sha1::length()
const
{
return digest_size;
}
void
ircd::crh::finalize(struct sha1::ctx *const &ctx,
const mutable_buffer &buf)
{
assert(size(buf) >= sha1::digest_size);
uint8_t *const md
{
reinterpret_cast<uint8_t *>(data(buf))
};
openssl::call(::SHA1_Final, md, ctx);
}
2018-04-08 18:27:10 +02:00
//
// sha256
//
namespace ircd::crh
{
static void finalize(struct sha256::ctx *const &, const mutable_buffer &);
}
struct ircd::crh::sha256::ctx
:SHA256_CTX
{
static constexpr const size_t &MAX_CTXS {64};
static thread_local allocator::fixed<ctx, MAX_CTXS> ctxs;
static void *operator new(const size_t count);
static void operator delete(void *const ptr, const size_t count);
ctx();
~ctx() noexcept;
};
decltype(ircd::crh::sha256::ctx::ctxs)
thread_local ircd::crh::sha256::ctx::ctxs
{};
void *
ircd::crh::sha256::ctx::operator new(const size_t bytes)
{
assert(bytes > 0);
assert(bytes % sizeof(ctx) == 0);
return ctxs().allocate(bytes / sizeof(ctx));
}
void
ircd::crh::sha256::ctx::operator delete(void *const ptr,
const size_t bytes)
{
if(!ptr)
return;
assert(bytes % sizeof(ctx) == 0);
ctxs().deallocate(reinterpret_cast<ctx *>(ptr), bytes / sizeof(ctx));
}
//
// sha256::ctx::ctx
//
ircd::crh::sha256::ctx::ctx()
{
openssl::call(::SHA256_Init, this);
}
ircd::crh::sha256::ctx::~ctx()
noexcept
{
}
//
// sha256::sha256
//
ircd::crh::sha256::sha256()
:ctx{std::make_unique<struct ctx>()}
{
}
/// One-shot functor. Immediately calls update(); no output
ircd::crh::sha256::sha256(const const_buffer &in)
:sha256{}
{
update(in);
}
/// One-shot functor. Immediately calls operator(). NOTE: This hashing context
/// cannot be used again after this ctor.
ircd::crh::sha256::sha256(const mutable_buffer &out,
const const_buffer &in)
:sha256{}
{
operator()(out, in);
}
ircd::crh::sha256::~sha256()
noexcept
{
}
void
ircd::crh::sha256::update(const const_buffer &buf)
{
assert(bool(ctx));
openssl::call(::SHA256_Update, ctx.get(), data(buf), size(buf));
}
void
ircd::crh::sha256::digest(const mutable_buffer &buf)
const
{
assert(bool(ctx));
auto copy(*ctx);
crh::finalize(&copy, buf);
}
void
ircd::crh::sha256::finalize(const mutable_buffer &buf)
{
assert(bool(ctx));
crh::finalize(ctx.get(), buf);
}
size_t
ircd::crh::sha256::length()
const
{
return digest_size;
}
void
ircd::crh::finalize(struct sha256::ctx *const &ctx,
const mutable_buffer &buf)
{
assert(size(buf) >= sha256::digest_size);
uint8_t *const md
{
reinterpret_cast<uint8_t *>(data(buf))
};
openssl::call(::SHA256_Final, md, ctx);
}
2018-04-08 18:27:10 +02:00
//
// ripemd160
//
namespace ircd::crh
{
static void finalize(struct ripemd160::ctx *const &, const mutable_buffer &);
}
struct ircd::crh::ripemd160::ctx
:RIPEMD160_CTX
{
static constexpr const size_t &MAX_CTXS {64};
static thread_local allocator::fixed<ctx, MAX_CTXS> ctxs;
static void *operator new(const size_t count);
static void operator delete(void *const ptr, const size_t count);
2018-04-08 18:27:10 +02:00
ctx();
~ctx() noexcept;
};
decltype(ircd::crh::ripemd160::ctx::ctxs)
thread_local ircd::crh::ripemd160::ctx::ctxs
{};
void *
ircd::crh::ripemd160::ctx::operator new(const size_t bytes)
{
assert(bytes > 0);
assert(bytes % sizeof(ctx) == 0);
return ctxs().allocate(bytes / sizeof(ctx));
}
void
ircd::crh::ripemd160::ctx::operator delete(void *const ptr,
const size_t bytes)
{
if(!ptr)
return;
assert(bytes % sizeof(ctx) == 0);
ctxs().deallocate(reinterpret_cast<ctx *>(ptr), bytes / sizeof(ctx));
}
//
// ripemd160::ctx::ctx
//
2018-04-08 18:27:10 +02:00
ircd::crh::ripemd160::ctx::ctx()
{
openssl::call(::RIPEMD160_Init, this);
}
ircd::crh::ripemd160::ctx::~ctx()
noexcept
{
}
//
// ripemd160::ripemd160
//
2018-04-08 18:27:10 +02:00
ircd::crh::ripemd160::ripemd160()
:ctx{std::make_unique<struct ctx>()}
{
}
/// One-shot functor. Immediately calls update(); no output
ircd::crh::ripemd160::ripemd160(const const_buffer &in)
:ripemd160{}
{
update(in);
}
/// One-shot functor. Immediately calls operator(). NOTE: This hashing context
/// cannot be used again after this ctor.
2018-04-08 18:27:10 +02:00
ircd::crh::ripemd160::ripemd160(const mutable_buffer &out,
const const_buffer &in)
:ripemd160{}
2018-04-08 18:27:10 +02:00
{
operator()(out, in);
}
ircd::crh::ripemd160::~ripemd160()
noexcept
{
}
void
ircd::crh::ripemd160::update(const const_buffer &buf)
{
assert(bool(ctx));
2018-04-08 18:27:10 +02:00
openssl::call(::RIPEMD160_Update, ctx.get(), data(buf), size(buf));
}
void
ircd::crh::ripemd160::digest(const mutable_buffer &buf)
const
{
assert(bool(ctx));
auto copy(*ctx);
crh::finalize(&copy, buf);
}
void
ircd::crh::ripemd160::finalize(const mutable_buffer &buf)
{
assert(bool(ctx));
2018-04-08 18:27:10 +02:00
crh::finalize(ctx.get(), buf);
}
size_t
ircd::crh::ripemd160::length()
const
{
return digest_size;
}
void
ircd::crh::finalize(struct ripemd160::ctx *const &ctx,
const mutable_buffer &buf)
{
assert(size(buf) >= ripemd160::digest_size);
2018-04-08 18:27:10 +02:00
uint8_t *const md
{
reinterpret_cast<uint8_t *>(data(buf))
};
openssl::call(::RIPEMD160_Final, md, ctx);
}
///////////////////////////////////////////////////////////////////////////////
//
// Internal section for OpenSSL locking.
//
// This is delicate because we really shouldn't need this, and as a library it
// is not nice to other libraries to assume this interface for ourselves.
// Nevertheless, I have specified it here foremost for debugging and if at some
// point in the future we really require it.
//
namespace ircd::openssl::locking
{
const int READ_LOCK { CRYPTO_LOCK + CRYPTO_READ };
const int WRITE_LOCK { CRYPTO_LOCK + CRYPTO_WRITE };
const int READ_UNLOCK { CRYPTO_UNLOCK + CRYPTO_READ };
const int WRITE_UNLOCK { CRYPTO_UNLOCK + CRYPTO_WRITE };
std::vector<std::shared_mutex> mutex
{
CRYPTO_num_locks() >= 0?
size_t(CRYPTO_num_locks()): 0UL
};
static ircd::string_view reflect(const int &mode);
static std::string debug(const int, const int, const char *const, const int);
static void callback(const int, const int, const char *const, const int) noexcept;
static void id_callback(CRYPTO_THREADID *const tid) noexcept;
}
void
ircd::openssl::locking::id_callback(CRYPTO_THREADID *const tid)
noexcept try
{
const auto ttid
{
std::this_thread::get_id()
};
const auto otid
{
uint32_t(std::hash<std::thread::id>{}(ttid)) % std::numeric_limits<uint32_t>::max()
};
// log::debug("OpenSSL thread id callback: setting %p to %u",
// (const void *)tid,
// otid);
CRYPTO_THREADID_set_numeric(tid, otid);
}
catch(const std::exception &e)
{
log::critical("OpenSSL thread id callback (tid=%p): %s",
(const void *)tid,
e.what());
ircd::terminate();
}
void
ircd::openssl::locking::callback(const int mode,
const int num,
const char *const file,
const int line)
noexcept try
{
log::debug("OpenSSL: %s", debug(mode, num, file, line));
auto &mutex
{
locking::mutex[num]
};
switch(mode)
{
case CRYPTO_LOCK:
case WRITE_LOCK: mutex.lock(); break;
case READ_LOCK: mutex.lock_shared(); break;
case CRYPTO_UNLOCK:
case WRITE_UNLOCK: mutex.unlock(); break;
case READ_UNLOCK: mutex.unlock_shared(); break;
}
}
catch(const std::exception &e)
{
log::critical("OpenSSL locking callback (%s): %s",
debug(mode, num, file, line),
e.what());
ircd::terminate();
}
std::string
ircd::openssl::locking::debug(const int mode,
const int num,
const char *const file,
const int line)
{
return fmt::snstringf
{
1024, "[%02d] %-15s main thread: %d ctx: %u %s %d",
num,
reflect(mode),
is_main_thread(),
ctx::id(),
file,
line
};
}
ircd::string_view
ircd::openssl::locking::reflect(const int &mode)
{
switch(mode)
{
case CRYPTO_LOCK: return "LOCK";
case WRITE_LOCK: return "WRITE_LOCK";
case READ_LOCK: return "READ_LOCK";
case CRYPTO_UNLOCK: return "UNLOCK";
case WRITE_UNLOCK: return "WRITE_UNLOCK";
case READ_UNLOCK: return "READ_UNLOCK";
}
return "?????";
}
//
// internal util
//
// This callback can be used to integrate generating with ircd::ctx
// or ctx::offload/thread or some status update. For now we just eat
// the milliseconds of prime generation on main.
// return false causes call(RSA_generate_key_ex) to throw
int
ircd::openssl::genprime_cb(const int stat,
const int ith,
BN_GENCB *const ctx)
noexcept try
{
assert(ctx != nullptr);
#if OPENSSL_VERSION_NUMBER < 0x10100000L
auto &arg{ctx->arg};
#else
auto *const &arg(BN_GENCB_get_arg(ctx));
#endif
const auto yield_point{[]
{
if(ctx::current)
ctx::yield();
}};
switch(stat)
{
case 0: // generating i-th potential prime
return true;
case 1: // testing i-th potential prime
{
yield_point();
return true;
}
case 2: // found i-th potential prime but rejected for RSA
{
yield_point();
return true;
}
case 3: switch(ith) // found for RSA...
{
case 0: // found P
return true;
case 1: // found Q
return true;
default:
return false;
}
default:
return false;
}
}
catch(...)
{
return false;
}
//
// call()
//
template<class exception,
int ERR_CODE,
class function,
class... args>
static int
ircd::openssl::call(function&& f,
args&&... a)
{
const auto ret
{
f(std::forward<args>(a)...)
};
if(unlikely(ret == ERR_CODE))
throw_error<exception>();
return ret;
}
template<class exception>
static void
ircd::openssl::throw_error(const unsigned long &code)
{
2017-11-26 17:03:12 +01:00
const auto &msg
{
ERR_reason_error_string(code)?: "UNKNOWN ERROR"
};
2017-12-30 09:07:23 +01:00
throw exception
{
"OpenSSL #%lu: %s", code, msg
};
}
template<class exception>
static void
ircd::openssl::throw_error()
{
2017-11-26 17:03:12 +01:00
const auto code
{
get_error()
};
throw_error(code);
}
#if defined(LIBRESSL_VERSION_NUMBER)
///////////////////////////////////////////////////////////////////////////////
//
// Contributed by Danilo Spinella (DanySpin97) for LibreSSL.
// Author credits to TJ Saunders (Castaglia):
// https://github.com/proftpd/proftpd/commit/a3d65e868
//
/* We need to provide our own backport of the ASN1_TIME_diff() function. */
static time_t ASN1_TIME_seconds(const ASN1_TIME *a) {
static const int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 };
static const int max[9] = { 99, 99, 12, 31, 23, 59, 59, 12, 59 };
time_t t = 0;
char *text;
int text_len;
int i, j, n;
unsigned int nyears, nmons, nhours, nmins, nsecs;
if (a->type != V_ASN1_GENERALIZEDTIME) {
return 0;
}
text_len = a->length;
text = (char *) a->data;
/* GENERALIZEDTIME is similar to UTCTIME except the year is represented
* as YYYY. This stuff treats everything as a two digit field so make
* first two fields 00 to 99
*/
if (text_len < 13) {
return 0;
}
nyears = nmons = nhours = nmins = nsecs = 0;
for (i = 0, j = 0; i < 7; i++) {
if (i == 6 &&
(text[j] == 'Z' ||
text[j] == '+' ||
text[j] == '-')) {
i++;
break;
}
if (text[j] < '0' ||
text[j] > '9') {
return 0;
}
n = text[j] - '0';
if (++j > text_len) {
return 0;
}
if (text[j] < '0' ||
text[j] > '9') {
return 0;
}
n = (n * 10) + (text[j] - '0');
if (++j > text_len) {
return 0;
}
if (n < min[i] ||
n > max[i]) {
return 0;
}
switch (i) {
case 0:
/* Years */
nyears = (n * 100);
break;
case 1:
/* Years */
nyears += n;
break;
case 2:
/* Month */
nmons = n - 1;
break;
case 3:
/* Day of month; ignored */
break;
case 4:
/* Hours */
nhours = n;
break;
case 5:
/* Minutes */
nmins = n;
break;
case 6:
/* Seconds */
nsecs = n;
break;
}
}
/* Yes, this is not calendrical accurate. It only needs to be a good
* enough estimation, as it is used (currently) only for determining the
* validity window of an OCSP request (in seconds).
*/
t = (nyears * 365 * 86400) + (nmons * 30 * 86400) * (nhours * 3600) + nsecs;
/* Optional fractional seconds: decimal point followed by one or more
* digits.
*/
if (text[j] == '.') {
if (++j > text_len) {
return 0;
}
i = j;
while (text[j] >= '0' &&
text[j] <= '9' &&
j <= text_len) {
j++;
}
/* Must have at least one digit after decimal point */
if (i == j) {
return 0;
}
}
if (text[j] == 'Z') {
j++;
} else if (text[j] == '+' ||
text[j] == '-') {
int offsign, offset = 0;
offsign = text[j] == '-' ? -1 : 1;
j++;
if (j + 4 > text_len) {
return 0;
}
for (i = 7; i < 9; i++) {
if (text[j] < '0' ||
text[j] > '9') {
return 0;
}
n = text[j] - '0';
j++;
if (text[j] < '0' ||
text[j] > '9') {
return 0;
}
n = (n * 10) + text[j] - '0';
if (n < min[i] ||
n > max[i]) {
return 0;
}
if (i == 7) {
offset = n * 3600;
} else if (i == 8) {
offset += n * 60;
}
j++;
}
if (offset > 0) {
t += (offset * offsign);
}
} else if (text[j]) {
/* Missing time zone information. */
return 0;
}
return t;
}
static int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
const ASN1_TIME *to) {
time_t from_secs, to_secs, diff_secs;
long diff_days;
from_secs = ASN1_TIME_seconds(from);
if (from_secs == 0) {
return 0;
}
to_secs = ASN1_TIME_seconds(to);
if (to_secs == 0) {
return 0;
}
if (to_secs > from_secs) {
diff_secs = to_secs - from_secs;
} else {
diff_secs = from_secs - to_secs;
}
/* The ASN1_TIME_diff() API in OpenSSL-1.0.2+ offers days and seconds,
* possibly to handle LARGE time differences without overflowing the data
* type for seconds. So we do the same.
*/
diff_days = diff_secs % 86400;
diff_secs -= (diff_days * 86400);
if (pday) {
*pday = (int) diff_days;
}
if (psec) {
*psec = diff_secs;
}
return 1;
}
#endif /* Before OpenSSL-1.0.2 */