diff options
author | Tiger Wang <ziwei.tiger@outlook.com> | 2021-07-27 22:34:14 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-07-27 22:34:14 +0200 |
commit | 6a4460383e98fbdbdf568c0cb154dafec833ed44 (patch) | |
tree | e8288a866ab335fee9e7d8f959c703916db3b6e4 | |
parent | Update Core (#5274) (diff) | |
download | cuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.tar cuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.tar.gz cuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.tar.bz2 cuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.tar.lz cuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.tar.xz cuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.tar.zst cuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.zip |
m--------- | lib/mbedtls | 0 | ||||
-rw-r--r-- | src/mbedTLS++/CryptoKey.cpp | 9 | ||||
-rw-r--r-- | src/mbedTLS++/RsaPrivateKey.cpp | 19 |
3 files changed, 11 insertions, 17 deletions
diff --git a/lib/mbedtls b/lib/mbedtls -Subproject c0a234b9e74d8d804c2844092abad1e5d7804c1 +Subproject cd171df33610f2b181b62c6e8bf877d4c5568e0 diff --git a/src/mbedTLS++/CryptoKey.cpp b/src/mbedTLS++/CryptoKey.cpp index d9f04e20f..742d9c73c 100644 --- a/src/mbedTLS++/CryptoKey.cpp +++ b/src/mbedTLS++/CryptoKey.cpp @@ -124,14 +124,15 @@ int cCryptoKey::ParsePrivate(const void * a_Data, size_t a_NumBytes, const AStri if (a_Password.empty()) { - return mbedtls_pk_parse_key(&m_Pk, reinterpret_cast<const unsigned char *>(keyData.data()), a_NumBytes + 1, nullptr, 0); + return mbedtls_pk_parse_key(&m_Pk, reinterpret_cast<const unsigned char *>(keyData.data()), a_NumBytes + 1, nullptr, 0, mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal()); } else { return mbedtls_pk_parse_key( &m_Pk, reinterpret_cast<const unsigned char *>(keyData.data()), a_NumBytes + 1, - reinterpret_cast<const unsigned char *>(a_Password.c_str()), a_Password.size() + reinterpret_cast<const unsigned char *>(a_Password.c_str()), a_Password.size(), + mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal() ); } } @@ -144,7 +145,3 @@ bool cCryptoKey::IsValid(void) const { return (mbedtls_pk_get_type(&m_Pk) != MBEDTLS_PK_NONE); } - - - - diff --git a/src/mbedTLS++/RsaPrivateKey.cpp b/src/mbedTLS++/RsaPrivateKey.cpp index 3fd429dc0..d0c5b7c8b 100644 --- a/src/mbedTLS++/RsaPrivateKey.cpp +++ b/src/mbedTLS++/RsaPrivateKey.cpp @@ -11,7 +11,7 @@ cRsaPrivateKey::cRsaPrivateKey(void) { - mbedtls_rsa_init(&m_Rsa, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_rsa_init(&m_Rsa); m_CtrDrbg.Initialize("RSA", 3); } @@ -21,7 +21,7 @@ cRsaPrivateKey::cRsaPrivateKey(void) cRsaPrivateKey::cRsaPrivateKey(const cRsaPrivateKey & a_Other) { - mbedtls_rsa_init(&m_Rsa, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_rsa_init(&m_Rsa); mbedtls_rsa_copy(&m_Rsa, &a_Other.m_Rsa); m_CtrDrbg.Initialize("RSA", 3); } @@ -107,25 +107,22 @@ ContiguousByteBuffer cRsaPrivateKey::GetPubKeyDER(void) int cRsaPrivateKey::Decrypt(const ContiguousByteBufferView a_EncryptedData, Byte * a_DecryptedData, size_t a_DecryptedMaxLength) { - if (a_EncryptedData.size() < m_Rsa.len) + const auto KeyLength = mbedtls_rsa_get_len(&m_Rsa); + if (a_EncryptedData.size() < KeyLength) { - LOGD("%s: Invalid a_EncryptedLength: got %u, exp at least %u", - __FUNCTION__, static_cast<unsigned>(a_EncryptedData.size()), static_cast<unsigned>(m_Rsa.len) - ); + LOGD("%s: Invalid a_EncryptedLength: got %zu, exp at least %zu", __FUNCTION__, a_EncryptedData.size(), KeyLength); ASSERT(!"Invalid a_DecryptedMaxLength!"); return -1; } - if (a_DecryptedMaxLength < m_Rsa.len) + if (a_DecryptedMaxLength < KeyLength) { - LOGD("%s: Invalid a_DecryptedMaxLength: got %u, exp at least %u", - __FUNCTION__, static_cast<unsigned>(a_DecryptedMaxLength), static_cast<unsigned>(m_Rsa.len) - ); + LOGD("%s: Invalid a_DecryptedMaxLength: got %zu, exp at least %zu", __FUNCTION__, a_DecryptedMaxLength, KeyLength); ASSERT(!"Invalid a_DecryptedMaxLength!"); return -1; } size_t DecryptedLength; int res = mbedtls_rsa_pkcs1_decrypt( - &m_Rsa, mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal(), MBEDTLS_RSA_PRIVATE, &DecryptedLength, + &m_Rsa, mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal(), &DecryptedLength, reinterpret_cast<const unsigned char *>(a_EncryptedData.data()), a_DecryptedData, a_DecryptedMaxLength ); if (res != 0) |