You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by sc...@apache.org on 2008/09/19 18:36:31 UTC
svn commit: r697146 - in /xml/security/trunk/c/src/enc/OpenSSL:
OpenSSLCryptoKeyDSA.cpp OpenSSLCryptoKeyRSA.cpp
Author: scantor
Date: Fri Sep 19 09:36:31 2008
New Revision: 697146
URL: http://svn.apache.org/viewvc?rev=697146&view=rev
Log:
https://issues.apache.org/bugzilla/show_bug.cgi?id=45828
Modified:
xml/security/trunk/c/src/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp
xml/security/trunk/c/src/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp
Modified: xml/security/trunk/c/src/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp?rev=697146&r1=697145&r2=697146&view=diff
==============================================================================
--- xml/security/trunk/c/src/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp (original)
+++ xml/security/trunk/c/src/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp Fri Sep 19 09:36:31 2008
@@ -35,18 +35,14 @@
#include <openssl/dsa.h>
-OpenSSLCryptoKeyDSA::OpenSSLCryptoKeyDSA() {
-
- // Create a new key to be loaded as we go
-
- mp_dsaKey = DSA_new();
-
+OpenSSLCryptoKeyDSA::OpenSSLCryptoKeyDSA() : mp_dsaKey(NULL) {
};
+
OpenSSLCryptoKeyDSA::~OpenSSLCryptoKeyDSA() {
// If we have a DSA, delete it
- // OpenSSL will ensure the memory holding any private key is overwritten
+ // OpenSSL will ensure the memory holding any private key is freed.
if (mp_dsaKey)
DSA_free(mp_dsaKey);
@@ -126,7 +122,7 @@
// Create a new key to be loaded as we go
mp_dsaKey = DSA_new();
-
+
if (k == NULL || k->type != EVP_PKEY_DSA)
return; // Nothing to do with us
@@ -148,7 +144,7 @@
// Verify a signature encoded as a Base64 string
// --------------------------------------------------------------------------------
-bool OpenSSLCryptoKeyDSA::verifyBase64Signature(unsigned char * hashBuf,
+bool OpenSSLCryptoKeyDSA::verifyBase64Signature(unsigned char * hashBuf,
unsigned int hashLen,
char * base64Signature,
unsigned int sigLen) {
@@ -169,10 +165,10 @@
int rc;
EVP_DecodeInit(&m_dctx);
- rc = EVP_DecodeUpdate(&m_dctx,
- sigVal,
- &sigValLen,
- (unsigned char *) base64Signature,
+ rc = EVP_DecodeUpdate(&m_dctx,
+ sigVal,
+ &sigValLen,
+ (unsigned char *) base64Signature,
sigLen);
if (rc < 0) {
@@ -182,7 +178,7 @@
}
int t = 0;
- EVP_DecodeFinal(&m_dctx, &sigVal[sigValLen], &t);
+ EVP_DecodeFinal(&m_dctx, &sigVal[sigValLen], &t);
sigValLen += t;
@@ -229,7 +225,7 @@
sigValTranslatedLen = i2d_DSA_SIG(dsa_sig, &sigValTranslated);
// Now we have a signature and a key - lets check
-
+
err = DSA_do_verify(hashBuf, hashLen, dsa_sig, mp_dsaKey);
DSA_SIG_free(dsa_sig);
@@ -279,7 +275,7 @@
unsigned int rawLen;
rawLen = BN_bn2bin(dsa_sig->r, rawSigBuf);
-
+
if (rawLen <= 0) {
throw XSECCryptoException(XSECCryptoException::DSAError,
Modified: xml/security/trunk/c/src/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp?rev=697146&r1=697145&r2=697146&view=diff
==============================================================================
--- xml/security/trunk/c/src/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp (original)
+++ xml/security/trunk/c/src/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp Fri Sep 19 09:36:31 2008
@@ -43,14 +43,11 @@
#include <memory.h>
OpenSSLCryptoKeyRSA::OpenSSLCryptoKeyRSA() :
+mp_rsaKey(NULL),
mp_oaepParams(NULL),
m_oaepParamsLen(0) {
-
- // Create a new key to be loaded as we go
-
- mp_rsaKey = RSA_new();
-
};
+
OpenSSLCryptoKeyRSA::~OpenSSLCryptoKeyRSA() {
@@ -141,7 +138,7 @@
m_oaepParamsLen = 0;
mp_rsaKey = RSA_new();
-
+
if (k == NULL || k->type != EVP_PKEY_RSA)
return; // Nothing to do with us
@@ -175,7 +172,7 @@
// Verify a signature encoded as a Base64 string
// --------------------------------------------------------------------------------
-bool OpenSSLCryptoKeyRSA::verifySHA1PKCS1Base64Signature(const unsigned char * hashBuf,
+bool OpenSSLCryptoKeyRSA::verifySHA1PKCS1Base64Signature(const unsigned char * hashBuf,
unsigned int hashLen,
const char * base64Signature,
unsigned int sigLen,
@@ -198,15 +195,15 @@
char * cleanedBase64Signature;
unsigned int cleanedBase64SignatureLen = 0;
- cleanedBase64Signature =
+ cleanedBase64Signature =
XSECCryptoBase64::cleanBuffer(base64Signature, sigLen, cleanedBase64SignatureLen);
ArrayJanitor<char> j_cleanedBase64Signature(cleanedBase64Signature);
EVP_DecodeInit(&m_dctx);
- rc = EVP_DecodeUpdate(&m_dctx,
- sigVal,
- &sigValLen,
- (unsigned char *) cleanedBase64Signature,
+ rc = EVP_DecodeUpdate(&m_dctx,
+ sigVal,
+ &sigValLen,
+ (unsigned char *) cleanedBase64Signature,
cleanedBase64SignatureLen);
if (rc < 0) {
@@ -216,7 +213,7 @@
}
int t = 0;
- EVP_DecodeFinal(&m_dctx, &sigVal[sigValLen], &t);
+ EVP_DecodeFinal(&m_dctx, &sigVal[sigValLen], &t);
sigValLen += t;
@@ -235,8 +232,8 @@
// padding should be and what the message digest OID should
// be.
- int decryptSize = RSA_public_decrypt(sigValLen,
- sigVal,
+ int decryptSize = RSA_public_decrypt(sigValLen,
+ sigVal,
decryptBuf,
mp_rsaKey,
RSA_PKCS1_PADDING);
@@ -252,7 +249,7 @@
/* Check the OID */
int oidLen = 0;
unsigned char * oid = getRSASigOID(hm, oidLen);
-
+
if (oid == NULL) {
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA::verify() - Unsupported HASH algorithm for RSA");
@@ -261,11 +258,11 @@
if (decryptSize != (int) (oidLen + hashLen) || hashLen != oid[oidLen-1]) {
return false;
-
+
}
for (t = 0; t < oidLen; ++t) {
-
+
if (oid[t] != decryptBuf[t]) {
return false;
@@ -316,9 +313,9 @@
int oidLen;
int encryptLen;
int preEncryptLen;
-
+
oid = getRSASigOID(hm, oidLen);
-
+
if (oid == NULL) {
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA::sign() - Unsupported HASH algorithm for RSA");
@@ -386,7 +383,7 @@
// --------------------------------------------------------------------------------
unsigned int OpenSSLCryptoKeyRSA::privateDecrypt(const unsigned char * inBuf,
- unsigned char * plainBuf,
+ unsigned char * plainBuf,
unsigned int inLength,
unsigned int maxOutLength,
PaddingType padding,
@@ -429,7 +426,7 @@
plainBuf,
mp_rsaKey,
RSA_PKCS1_PADDING);
-
+
if (decryptSize < 0) {
throw XSECCryptoException(XSECCryptoException::RSAError,
@@ -516,7 +513,7 @@
// --------------------------------------------------------------------------------
unsigned int OpenSSLCryptoKeyRSA::publicEncrypt(const unsigned char * inBuf,
- unsigned char * cipherBuf,
+ unsigned char * cipherBuf,
unsigned int inLength,
unsigned int maxOutLength,
PaddingType padding,
@@ -544,7 +541,7 @@
cipherBuf,
mp_rsaKey,
RSA_PKCS1_PADDING);
-
+
if (encryptSize < 0) {
throw XSECCryptoException(XSECCryptoException::RSAError,
@@ -592,7 +589,7 @@
cipherBuf,
mp_rsaKey,
RSA_NO_PADDING);
-
+
if (encryptSize < 0) {
@@ -650,7 +647,7 @@
ret->m_oaepParamsLen = 0;
}
- // Duplicate parameters
+ // Duplicate parameters
if (mp_rsaKey->n)
ret->mp_rsaKey->n = BN_dup(mp_rsaKey->n);