From 2321a897f5ec89ab18f8b206c7191293ece0df3d Mon Sep 17 00:00:00 2001 From: orignal Date: Wed, 9 Oct 2024 08:48:24 -0400 Subject: [PATCH] rollback --- libi2pd/Family.cpp | 49 +++++++++++++++++++++++++--------------------- 1 file changed, 27 insertions(+), 22 deletions(-) diff --git a/libi2pd/Family.cpp b/libi2pd/Family.cpp index 26750e7d..89e825f1 100644 --- a/libi2pd/Family.cpp +++ b/libi2pd/Family.cpp @@ -136,30 +136,35 @@ namespace data if (ret) { SSL * ssl = SSL_new (ctx); - auto pkey = SSL_get_privatekey (ssl); - if (pkey) + EVP_PKEY * pkey = SSL_get_privatekey (ssl); + EC_KEY * ecKey = EVP_PKEY_get1_EC_KEY (pkey); + if (ecKey) { - uint8_t buf[100], signature[128]; - size_t len = family.length (); - memcpy (buf, family.c_str (), len); - memcpy (buf + len, (const uint8_t *)ident, 32); - len += 32; - size_t l = 128; - EVP_MD_CTX * mdctx = EVP_MD_CTX_create (); - EVP_DigestSignInit (mdctx, NULL, NULL, NULL, pkey); - if (EVP_DigestSign (mdctx, signature, &l, buf, len)) + auto group = EC_KEY_get0_group (ecKey); + if (group) { - len = Base64EncodingBufferSize (l); - char * b64 = new char[len+1]; - len = ByteStreamToBase64 (signature, l, b64, len); - b64[len] = 0; - sig = b64; - delete[] b64; - } - else - LogPrint (eLogError, "Family: signing failed"); - EVP_MD_CTX_destroy (mdctx); - } + int curve = EC_GROUP_get_curve_name (group); + if (curve == NID_X9_62_prime256v1) + { + uint8_t signingPrivateKey[32], buf[50], signature[64]; + i2p::crypto::bn2buf (EC_KEY_get0_private_key (ecKey), signingPrivateKey, 32); + i2p::crypto::ECDSAP256Signer signer (signingPrivateKey); + size_t len = family.length (); + memcpy (buf, family.c_str (), len); + memcpy (buf + len, (const uint8_t *)ident, 32); + len += 32; + signer.Sign (buf, len, signature); + len = Base64EncodingBufferSize (64); + char * b64 = new char[len+1]; + len = ByteStreamToBase64 (signature, 64, b64, len); + b64[len] = 0; + sig = b64; + delete[] b64; + } + else + LogPrint (eLogWarning, "Family: elliptic curve ", curve, " is not supported"); + } + } SSL_free (ssl); } else