cuberite-2a/src/mbedTLS++/RsaPrivateKey.cpp


// RsaPrivateKey.cpp

#include "Globals.h"
#include "RsaPrivateKey.h"
#include "mbedtls/pk.h"


cRsaPrivateKey::cRsaPrivateKey(void)
{
	mbedtls_rsa_init(&m_Rsa);
	m_CtrDrbg.Initialize("RSA", 3);
}


cRsaPrivateKey::cRsaPrivateKey(const cRsaPrivateKey & a_Other)
{
	mbedtls_rsa_init(&m_Rsa);
	mbedtls_rsa_copy(&m_Rsa, &a_Other.m_Rsa);
	m_CtrDrbg.Initialize("RSA", 3);
}


cRsaPrivateKey::~cRsaPrivateKey()
{
	mbedtls_rsa_free(&m_Rsa);
}


bool cRsaPrivateKey::Generate(unsigned a_KeySizeBits)
{
	int res = mbedtls_rsa_gen_key(&m_Rsa, mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal(), a_KeySizeBits, 65537);
	if (res != 0)
	{
		LOG("RSA key generation failed: -0x%x", -res);
		return false;
	}

	return true;
}


ContiguousByteBuffer cRsaPrivateKey::GetPubKeyDER(void)
{
	class cPubKey
	{
	public:
		cPubKey(mbedtls_rsa_context * a_Rsa) :
			m_IsValid(false)
		{
			mbedtls_pk_init(&m_Key);
			if (mbedtls_pk_setup(&m_Key, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) != 0)
			{
				ASSERT(!"Cannot init PrivKey context");
				return;
			}
			if (mbedtls_rsa_copy(mbedtls_pk_rsa(m_Key), a_Rsa) != 0)
			{
				ASSERT(!"Cannot copy PrivKey to PK context");
				return;
			}
			m_IsValid = true;
		}

		~cPubKey()
		{
			if (m_IsValid)
			{
				mbedtls_pk_free(&m_Key);
			}
		}

		operator mbedtls_pk_context * (void) { return &m_Key; }

	protected:
		bool m_IsValid;
		mbedtls_pk_context m_Key;
	} PkCtx(&m_Rsa);

	unsigned char buf[3000];
	int res = mbedtls_pk_write_pubkey_der(PkCtx, buf, sizeof(buf));
	if (res < 0)
	{
		return {};
	}
	return { reinterpret_cast<const std::byte *>(buf + sizeof(buf) - res), static_cast<size_t>(res) };
}


int cRsaPrivateKey::Decrypt(const ContiguousByteBufferView a_EncryptedData, Byte * a_DecryptedData, size_t a_DecryptedMaxLength)
{
	const auto KeyLength = mbedtls_rsa_get_len(&m_Rsa);
	if (a_EncryptedData.size() < KeyLength)
	{
		LOGD("%s: Invalid a_EncryptedLength: got %zu, exp at least %zu", __FUNCTION__, a_EncryptedData.size(), KeyLength);
		ASSERT(!"Invalid a_DecryptedMaxLength!");
		return -1;
	}
	if (a_DecryptedMaxLength < KeyLength)
	{
		LOGD("%s: Invalid a_DecryptedMaxLength: got %zu, exp at least %zu", __FUNCTION__, a_DecryptedMaxLength, KeyLength);
		ASSERT(!"Invalid a_DecryptedMaxLength!");
		return -1;
	}
	size_t DecryptedLength;
	int res = mbedtls_rsa_pkcs1_decrypt(
		&m_Rsa, mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal(), &DecryptedLength,
		reinterpret_cast<const unsigned char *>(a_EncryptedData.data()), a_DecryptedData, a_DecryptedMaxLength
	);
	if (res != 0)
	{
		return -1;
	}
	return static_cast<int>(DecryptedLength);
}
Removed UTF-8 BOM (#4033) 2017-09-19 04:34:08 -04:00
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`// RsaPrivateKey.cpp`

			`#include "Globals.h"`
			`#include "RsaPrivateKey.h"`
Update mbedtls to 2.5.1 (#3964) * Renaming changes: * macro prefix "POLARSSL" -> "MBEDTLS" * functions now prefixed with "mbedtls_" * rename PolarSSL++ -> mbedTLS++ * rename polarssl submodule * Use mbedtls' AES-CFB8 implementation. * Add cSslConfig to wrap mbedtls_ssl_config * Update cTCPLink and cBlockingSslClientSocket to use cSslConfig * Use cSslConfig in cHTTPServer * Use cSslConfig for cMojangAPI::SecureRequest * CI Fixes * Set -fomit-frame-pointer on the right target 2017-08-30 10:00:06 -04:00			`#include "mbedtls/pk.h"`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00




			`cRsaPrivateKey::cRsaPrivateKey(void)`
			`{`
Update to mybed 3.0.0 (#5275) 2021-07-27 16:34:14 -04:00			`mbedtls_rsa_init(&m_Rsa);`
Added missing initialization. 2014-04-29 05:17:47 -04:00			`m_CtrDrbg.Initialize("RSA", 3);`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`}`





			`cRsaPrivateKey::cRsaPrivateKey(const cRsaPrivateKey & a_Other)`
			`{`
Update to mybed 3.0.0 (#5275) 2021-07-27 16:34:14 -04:00			`mbedtls_rsa_init(&m_Rsa);`
Update mbedtls to 2.5.1 (#3964) * Renaming changes: * macro prefix "POLARSSL" -> "MBEDTLS" * functions now prefixed with "mbedtls_" * rename PolarSSL++ -> mbedTLS++ * rename polarssl submodule * Use mbedtls' AES-CFB8 implementation. * Add cSslConfig to wrap mbedtls_ssl_config * Update cTCPLink and cBlockingSslClientSocket to use cSslConfig * Use cSslConfig in cHTTPServer * Use cSslConfig for cMojangAPI::SecureRequest * CI Fixes * Set -fomit-frame-pointer on the right target 2017-08-30 10:00:06 -04:00			`mbedtls_rsa_copy(&m_Rsa, &a_Other.m_Rsa);`
Added missing initialization. 2014-04-29 05:17:47 -04:00			`m_CtrDrbg.Initialize("RSA", 3);`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`}`





			`cRsaPrivateKey::~cRsaPrivateKey()`
			`{`
Update mbedtls to 2.5.1 (#3964) * Renaming changes: * macro prefix "POLARSSL" -> "MBEDTLS" * functions now prefixed with "mbedtls_" * rename PolarSSL++ -> mbedTLS++ * rename polarssl submodule * Use mbedtls' AES-CFB8 implementation. * Add cSslConfig to wrap mbedtls_ssl_config * Update cTCPLink and cBlockingSslClientSocket to use cSslConfig * Use cSslConfig in cHTTPServer * Use cSslConfig for cMojangAPI::SecureRequest * CI Fixes * Set -fomit-frame-pointer on the right target 2017-08-30 10:00:06 -04:00			`mbedtls_rsa_free(&m_Rsa);`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`}`





			`bool cRsaPrivateKey::Generate(unsigned a_KeySizeBits)`
			`{`
Update mbedtls to 2.5.1 (#3964) * Renaming changes: * macro prefix "POLARSSL" -> "MBEDTLS" * functions now prefixed with "mbedtls_" * rename PolarSSL++ -> mbedTLS++ * rename polarssl submodule * Use mbedtls' AES-CFB8 implementation. * Add cSslConfig to wrap mbedtls_ssl_config * Update cTCPLink and cBlockingSslClientSocket to use cSslConfig * Use cSslConfig in cHTTPServer * Use cSslConfig for cMojangAPI::SecureRequest * CI Fixes * Set -fomit-frame-pointer on the right target 2017-08-30 10:00:06 -04:00			`int res = mbedtls_rsa_gen_key(&m_Rsa, mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal(), a_KeySizeBits, 65537);`
Added missing initialization. 2014-04-29 05:17:47 -04:00			`if (res != 0)`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`{`
Added missing initialization. 2014-04-29 05:17:47 -04:00			`LOG("RSA key generation failed: -0x%x", -res);`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`return false;`
			`}`

			`return true;`
			`}`





zlib -> libdeflate (#5085) + Use libdeflate + Use std::byte * Fix passing temporary to string_view + Emulate make_unique_for_overwrite 2021-01-11 11:39:43 -05:00			`ContiguousByteBuffer cRsaPrivateKey::GetPubKeyDER(void)`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`{`
			`class cPubKey`
			`{`
			`public:`
Update mbedtls to 2.5.1 (#3964) * Renaming changes: * macro prefix "POLARSSL" -> "MBEDTLS" * functions now prefixed with "mbedtls_" * rename PolarSSL++ -> mbedTLS++ * rename polarssl submodule * Use mbedtls' AES-CFB8 implementation. * Add cSslConfig to wrap mbedtls_ssl_config * Update cTCPLink and cBlockingSslClientSocket to use cSslConfig * Use cSslConfig in cHTTPServer * Use cSslConfig for cMojangAPI::SecureRequest * CI Fixes * Set -fomit-frame-pointer on the right target 2017-08-30 10:00:06 -04:00			`cPubKey(mbedtls_rsa_context * a_Rsa) :`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`m_IsValid(false)`
			`{`
Update mbedtls to 2.5.1 (#3964) * Renaming changes: * macro prefix "POLARSSL" -> "MBEDTLS" * functions now prefixed with "mbedtls_" * rename PolarSSL++ -> mbedTLS++ * rename polarssl submodule * Use mbedtls' AES-CFB8 implementation. * Add cSslConfig to wrap mbedtls_ssl_config * Update cTCPLink and cBlockingSslClientSocket to use cSslConfig * Use cSslConfig in cHTTPServer * Use cSslConfig for cMojangAPI::SecureRequest * CI Fixes * Set -fomit-frame-pointer on the right target 2017-08-30 10:00:06 -04:00			`mbedtls_pk_init(&m_Key);`
			`if (mbedtls_pk_setup(&m_Key, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) != 0)`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`{`
			`ASSERT(!"Cannot init PrivKey context");`
			`return;`
			`}`
Update mbedtls to 2.5.1 (#3964) * Renaming changes: * macro prefix "POLARSSL" -> "MBEDTLS" * functions now prefixed with "mbedtls_" * rename PolarSSL++ -> mbedTLS++ * rename polarssl submodule * Use mbedtls' AES-CFB8 implementation. * Add cSslConfig to wrap mbedtls_ssl_config * Update cTCPLink and cBlockingSslClientSocket to use cSslConfig * Use cSslConfig in cHTTPServer * Use cSslConfig for cMojangAPI::SecureRequest * CI Fixes * Set -fomit-frame-pointer on the right target 2017-08-30 10:00:06 -04:00			`if (mbedtls_rsa_copy(mbedtls_pk_rsa(m_Key), a_Rsa) != 0)`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`{`
			`ASSERT(!"Cannot copy PrivKey to PK context");`
			`return;`
			`}`
			`m_IsValid = true;`
			`}`
Bulk clearing of whitespace 2016-02-05 16:45:45 -05:00
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`~cPubKey()`
			`{`
			`if (m_IsValid)`
			`{`
Update mbedtls to 2.5.1 (#3964) * Renaming changes: * macro prefix "POLARSSL" -> "MBEDTLS" * functions now prefixed with "mbedtls_" * rename PolarSSL++ -> mbedTLS++ * rename polarssl submodule * Use mbedtls' AES-CFB8 implementation. * Add cSslConfig to wrap mbedtls_ssl_config * Update cTCPLink and cBlockingSslClientSocket to use cSslConfig * Use cSslConfig in cHTTPServer * Use cSslConfig for cMojangAPI::SecureRequest * CI Fixes * Set -fomit-frame-pointer on the right target 2017-08-30 10:00:06 -04:00			`mbedtls_pk_free(&m_Key);`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`}`
			`}`
Bulk clearing of whitespace 2016-02-05 16:45:45 -05:00
Update mbedtls to 2.5.1 (#3964) * Renaming changes: * macro prefix "POLARSSL" -> "MBEDTLS" * functions now prefixed with "mbedtls_" * rename PolarSSL++ -> mbedTLS++ * rename polarssl submodule * Use mbedtls' AES-CFB8 implementation. * Add cSslConfig to wrap mbedtls_ssl_config * Update cTCPLink and cBlockingSslClientSocket to use cSslConfig * Use cSslConfig in cHTTPServer * Use cSslConfig for cMojangAPI::SecureRequest * CI Fixes * Set -fomit-frame-pointer on the right target 2017-08-30 10:00:06 -04:00			`operator mbedtls_pk_context * (void) { return &m_Key; }`
Bulk clearing of whitespace 2016-02-05 16:45:45 -05:00
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`protected:`
			`bool m_IsValid;`
Update mbedtls to 2.5.1 (#3964) * Renaming changes: * macro prefix "POLARSSL" -> "MBEDTLS" * functions now prefixed with "mbedtls_" * rename PolarSSL++ -> mbedTLS++ * rename polarssl submodule * Use mbedtls' AES-CFB8 implementation. * Add cSslConfig to wrap mbedtls_ssl_config * Update cTCPLink and cBlockingSslClientSocket to use cSslConfig * Use cSslConfig in cHTTPServer * Use cSslConfig for cMojangAPI::SecureRequest * CI Fixes * Set -fomit-frame-pointer on the right target 2017-08-30 10:00:06 -04:00			`mbedtls_pk_context m_Key;`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`} PkCtx(&m_Rsa);`
Bulk clearing of whitespace 2016-02-05 16:45:45 -05:00
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`unsigned char buf[3000];`
Update mbedtls to 2.5.1 (#3964) * Renaming changes: * macro prefix "POLARSSL" -> "MBEDTLS" * functions now prefixed with "mbedtls_" * rename PolarSSL++ -> mbedTLS++ * rename polarssl submodule * Use mbedtls' AES-CFB8 implementation. * Add cSslConfig to wrap mbedtls_ssl_config * Update cTCPLink and cBlockingSslClientSocket to use cSslConfig * Use cSslConfig in cHTTPServer * Use cSslConfig for cMojangAPI::SecureRequest * CI Fixes * Set -fomit-frame-pointer on the right target 2017-08-30 10:00:06 -04:00			`int res = mbedtls_pk_write_pubkey_der(PkCtx, buf, sizeof(buf));`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`if (res < 0)`
			`{`
zlib -> libdeflate (#5085) + Use libdeflate + Use std::byte * Fix passing temporary to string_view + Emulate make_unique_for_overwrite 2021-01-11 11:39:43 -05:00			`return {};`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`}`
zlib -> libdeflate (#5085) + Use libdeflate + Use std::byte * Fix passing temporary to string_view + Emulate make_unique_for_overwrite 2021-01-11 11:39:43 -05:00			`return { reinterpret_cast<const std::byte *>(buf + sizeof(buf) - res), static_cast<size_t>(res) };`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`}`





zlib -> libdeflate (#5085) + Use libdeflate + Use std::byte * Fix passing temporary to string_view + Emulate make_unique_for_overwrite 2021-01-11 11:39:43 -05:00			`int cRsaPrivateKey::Decrypt(const ContiguousByteBufferView a_EncryptedData, Byte * a_DecryptedData, size_t a_DecryptedMaxLength)`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`{`
Update to mybed 3.0.0 (#5275) 2021-07-27 16:34:14 -04:00			`const auto KeyLength = mbedtls_rsa_get_len(&m_Rsa);`
			`if (a_EncryptedData.size() < KeyLength)`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`{`
Update to mybed 3.0.0 (#5275) 2021-07-27 16:34:14 -04:00			`LOGD("%s: Invalid a_EncryptedLength: got %zu, exp at least %zu", __FUNCTION__, a_EncryptedData.size(), KeyLength);`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`ASSERT(!"Invalid a_DecryptedMaxLength!");`
			`return -1;`
			`}`
Update to mybed 3.0.0 (#5275) 2021-07-27 16:34:14 -04:00			`if (a_DecryptedMaxLength < KeyLength)`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`{`
Update to mybed 3.0.0 (#5275) 2021-07-27 16:34:14 -04:00			`LOGD("%s: Invalid a_DecryptedMaxLength: got %zu, exp at least %zu", __FUNCTION__, a_DecryptedMaxLength, KeyLength);`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`ASSERT(!"Invalid a_DecryptedMaxLength!");`
			`return -1;`
			`}`
			`size_t DecryptedLength;`
Update mbedtls to 2.5.1 (#3964) * Renaming changes: * macro prefix "POLARSSL" -> "MBEDTLS" * functions now prefixed with "mbedtls_" * rename PolarSSL++ -> mbedTLS++ * rename polarssl submodule * Use mbedtls' AES-CFB8 implementation. * Add cSslConfig to wrap mbedtls_ssl_config * Update cTCPLink and cBlockingSslClientSocket to use cSslConfig * Use cSslConfig in cHTTPServer * Use cSslConfig for cMojangAPI::SecureRequest * CI Fixes * Set -fomit-frame-pointer on the right target 2017-08-30 10:00:06 -04:00			`int res = mbedtls_rsa_pkcs1_decrypt(`
Update to mybed 3.0.0 (#5275) 2021-07-27 16:34:14 -04:00			`&m_Rsa, mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal(), &DecryptedLength,`
zlib -> libdeflate (#5085) + Use libdeflate + Use std::byte * Fix passing temporary to string_view + Emulate make_unique_for_overwrite 2021-01-11 11:39:43 -05:00			`reinterpret_cast<const unsigned char *>(a_EncryptedData.data()), a_DecryptedData, a_DecryptedMaxLength`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`);`
			`if (res != 0)`
			`{`
			`return -1;`
			`}`
Fix old style casts and implicit conversions 2015-08-04 18:24:59 -04:00			`return static_cast<int>(DecryptedLength);`
Moved cRsaPrivateKey to PolarSSL++, rewritten using existing objects. 2014-04-29 05:04:54 -04:00			`}`