mirror of
https://github.com/PurpleI2P/i2pd
synced 2024-11-09 15:50:26 +03:00
fixed race condition with openssl 3.2.0
This commit is contained in:
parent
69ee6112b3
commit
302af823a3
@ -18,12 +18,10 @@ namespace crypto
|
||||
EDDSA25519Verifier::EDDSA25519Verifier ():
|
||||
m_Pkey (nullptr)
|
||||
{
|
||||
m_MDCtx = EVP_MD_CTX_create ();
|
||||
}
|
||||
|
||||
EDDSA25519Verifier::~EDDSA25519Verifier ()
|
||||
{
|
||||
EVP_MD_CTX_destroy (m_MDCtx);
|
||||
EVP_PKEY_free (m_Pkey);
|
||||
}
|
||||
|
||||
@ -35,8 +33,17 @@ namespace crypto
|
||||
|
||||
bool EDDSA25519Verifier::Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const
|
||||
{
|
||||
EVP_DigestVerifyInit (m_MDCtx, NULL, NULL, NULL, m_Pkey);
|
||||
return EVP_DigestVerify (m_MDCtx, signature, 64, buf, len);
|
||||
if (m_Pkey)
|
||||
{
|
||||
EVP_MD_CTX * ctx = EVP_MD_CTX_create ();
|
||||
EVP_DigestVerifyInit (ctx, NULL, NULL, NULL, m_Pkey);
|
||||
auto ret = EVP_DigestVerify (ctx, signature, 64, buf, len);
|
||||
EVP_MD_CTX_destroy (ctx);
|
||||
return ret;
|
||||
}
|
||||
else
|
||||
LogPrint (eLogError, "EdDSA verification key is not set");
|
||||
return false;
|
||||
}
|
||||
|
||||
#else
|
||||
@ -101,7 +108,7 @@ namespace crypto
|
||||
|
||||
#if OPENSSL_EDDSA
|
||||
EDDSA25519Signer::EDDSA25519Signer (const uint8_t * signingPrivateKey, const uint8_t * signingPublicKey):
|
||||
m_MDCtx (nullptr), m_Pkey (nullptr), m_Fallback (nullptr)
|
||||
m_Pkey (nullptr), m_Fallback (nullptr)
|
||||
{
|
||||
m_Pkey = EVP_PKEY_new_raw_private_key (EVP_PKEY_ED25519, NULL, signingPrivateKey, 32);
|
||||
uint8_t publicKey[EDDSA25519_PUBLIC_KEY_LENGTH];
|
||||
@ -111,30 +118,35 @@ namespace crypto
|
||||
{
|
||||
LogPrint (eLogWarning, "EdDSA public key mismatch. Fallback");
|
||||
m_Fallback = new EDDSA25519SignerCompat (signingPrivateKey, signingPublicKey);
|
||||
EVP_PKEY_free (m_Pkey);
|
||||
m_Pkey = nullptr;
|
||||
}
|
||||
else
|
||||
m_MDCtx = EVP_MD_CTX_create ();
|
||||
}
|
||||
|
||||
EDDSA25519Signer::~EDDSA25519Signer ()
|
||||
{
|
||||
if (m_Fallback) delete m_Fallback;
|
||||
EVP_MD_CTX_destroy (m_MDCtx);
|
||||
EVP_PKEY_free (m_Pkey);
|
||||
if (m_Pkey) EVP_PKEY_free (m_Pkey);
|
||||
}
|
||||
|
||||
void EDDSA25519Signer::Sign (const uint8_t * buf, int len, uint8_t * signature) const
|
||||
{
|
||||
if (m_Fallback) return m_Fallback->Sign (buf, len, signature);
|
||||
else
|
||||
if (m_Fallback)
|
||||
return m_Fallback->Sign (buf, len, signature);
|
||||
else if (m_Pkey)
|
||||
{
|
||||
|
||||
EVP_MD_CTX * ctx = EVP_MD_CTX_create ();
|
||||
size_t l = 64;
|
||||
uint8_t sig[64]; // temporary buffer for signature. openssl issue #7232
|
||||
EVP_DigestSignInit (m_MDCtx, NULL, NULL, NULL, m_Pkey);
|
||||
if (!EVP_DigestSign (m_MDCtx, sig, &l, buf, len))
|
||||
EVP_DigestSignInit (ctx, NULL, NULL, NULL, m_Pkey);
|
||||
if (!EVP_DigestSign (ctx, sig, &l, buf, len))
|
||||
LogPrint (eLogError, "EdDSA signing failed");
|
||||
memcpy (signature, sig, 64);
|
||||
EVP_MD_CTX_destroy (ctx);
|
||||
}
|
||||
else
|
||||
LogPrint (eLogError, "EdDSA signing key is not set");
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
@ -304,7 +304,6 @@ namespace crypto
|
||||
private:
|
||||
|
||||
#if OPENSSL_EDDSA
|
||||
EVP_MD_CTX * m_MDCtx;
|
||||
EVP_PKEY * m_Pkey;
|
||||
#else
|
||||
EDDSAPoint m_PublicKey;
|
||||
@ -342,7 +341,6 @@ namespace crypto
|
||||
|
||||
private:
|
||||
|
||||
EVP_MD_CTX * m_MDCtx;
|
||||
EVP_PKEY * m_Pkey;
|
||||
EDDSA25519SignerCompat * m_Fallback;
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user