summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTiger Wang <ziwei.tiger@outlook.com>2021-07-27 22:34:14 +0200
committerGitHub <noreply@github.com>2021-07-27 22:34:14 +0200
commit6a4460383e98fbdbdf568c0cb154dafec833ed44 (patch)
treee8288a866ab335fee9e7d8f959c703916db3b6e4
parentUpdate Core (#5274) (diff)
downloadcuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.tar
cuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.tar.gz
cuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.tar.bz2
cuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.tar.lz
cuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.tar.xz
cuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.tar.zst
cuberite-6a4460383e98fbdbdf568c0cb154dafec833ed44.zip
Diffstat (limited to '')
m---------lib/mbedtls0
-rw-r--r--src/mbedTLS++/CryptoKey.cpp9
-rw-r--r--src/mbedTLS++/RsaPrivateKey.cpp19
3 files changed, 11 insertions, 17 deletions
diff --git a/lib/mbedtls b/lib/mbedtls
-Subproject c0a234b9e74d8d804c2844092abad1e5d7804c1
+Subproject cd171df33610f2b181b62c6e8bf877d4c5568e0
diff --git a/src/mbedTLS++/CryptoKey.cpp b/src/mbedTLS++/CryptoKey.cpp
index d9f04e20f..742d9c73c 100644
--- a/src/mbedTLS++/CryptoKey.cpp
+++ b/src/mbedTLS++/CryptoKey.cpp
@@ -124,14 +124,15 @@ int cCryptoKey::ParsePrivate(const void * a_Data, size_t a_NumBytes, const AStri
if (a_Password.empty())
{
- return mbedtls_pk_parse_key(&m_Pk, reinterpret_cast<const unsigned char *>(keyData.data()), a_NumBytes + 1, nullptr, 0);
+ return mbedtls_pk_parse_key(&m_Pk, reinterpret_cast<const unsigned char *>(keyData.data()), a_NumBytes + 1, nullptr, 0, mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal());
}
else
{
return mbedtls_pk_parse_key(
&m_Pk,
reinterpret_cast<const unsigned char *>(keyData.data()), a_NumBytes + 1,
- reinterpret_cast<const unsigned char *>(a_Password.c_str()), a_Password.size()
+ reinterpret_cast<const unsigned char *>(a_Password.c_str()), a_Password.size(),
+ mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal()
);
}
}
@@ -144,7 +145,3 @@ bool cCryptoKey::IsValid(void) const
{
return (mbedtls_pk_get_type(&m_Pk) != MBEDTLS_PK_NONE);
}
-
-
-
-
diff --git a/src/mbedTLS++/RsaPrivateKey.cpp b/src/mbedTLS++/RsaPrivateKey.cpp
index 3fd429dc0..d0c5b7c8b 100644
--- a/src/mbedTLS++/RsaPrivateKey.cpp
+++ b/src/mbedTLS++/RsaPrivateKey.cpp
@@ -11,7 +11,7 @@
cRsaPrivateKey::cRsaPrivateKey(void)
{
- mbedtls_rsa_init(&m_Rsa, MBEDTLS_RSA_PKCS_V15, 0);
+ mbedtls_rsa_init(&m_Rsa);
m_CtrDrbg.Initialize("RSA", 3);
}
@@ -21,7 +21,7 @@ cRsaPrivateKey::cRsaPrivateKey(void)
cRsaPrivateKey::cRsaPrivateKey(const cRsaPrivateKey & a_Other)
{
- mbedtls_rsa_init(&m_Rsa, MBEDTLS_RSA_PKCS_V15, 0);
+ mbedtls_rsa_init(&m_Rsa);
mbedtls_rsa_copy(&m_Rsa, &a_Other.m_Rsa);
m_CtrDrbg.Initialize("RSA", 3);
}
@@ -107,25 +107,22 @@ ContiguousByteBuffer cRsaPrivateKey::GetPubKeyDER(void)
int cRsaPrivateKey::Decrypt(const ContiguousByteBufferView a_EncryptedData, Byte * a_DecryptedData, size_t a_DecryptedMaxLength)
{
- if (a_EncryptedData.size() < m_Rsa.len)
+ const auto KeyLength = mbedtls_rsa_get_len(&m_Rsa);
+ if (a_EncryptedData.size() < KeyLength)
{
- LOGD("%s: Invalid a_EncryptedLength: got %u, exp at least %u",
- __FUNCTION__, static_cast<unsigned>(a_EncryptedData.size()), static_cast<unsigned>(m_Rsa.len)
- );
+ LOGD("%s: Invalid a_EncryptedLength: got %zu, exp at least %zu", __FUNCTION__, a_EncryptedData.size(), KeyLength);
ASSERT(!"Invalid a_DecryptedMaxLength!");
return -1;
}
- if (a_DecryptedMaxLength < m_Rsa.len)
+ if (a_DecryptedMaxLength < KeyLength)
{
- LOGD("%s: Invalid a_DecryptedMaxLength: got %u, exp at least %u",
- __FUNCTION__, static_cast<unsigned>(a_DecryptedMaxLength), static_cast<unsigned>(m_Rsa.len)
- );
+ LOGD("%s: Invalid a_DecryptedMaxLength: got %zu, exp at least %zu", __FUNCTION__, a_DecryptedMaxLength, KeyLength);
ASSERT(!"Invalid a_DecryptedMaxLength!");
return -1;
}
size_t DecryptedLength;
int res = mbedtls_rsa_pkcs1_decrypt(
- &m_Rsa, mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal(), MBEDTLS_RSA_PRIVATE, &DecryptedLength,
+ &m_Rsa, mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal(), &DecryptedLength,
reinterpret_cast<const unsigned char *>(a_EncryptedData.data()), a_DecryptedData, a_DecryptedMaxLength
);
if (res != 0)