diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 024becf28d..99da056d64 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -74,7 +74,7 @@ jobs: backend: [ 'botan' ] shared_libs: [ 'on' ] include: - - { os: 'macos-11', backend: 'openssl@1.1', shared_libs: 'on' } + - { os: 'macos-12', backend: 'openssl@1.1', shared_libs: 'on' } - { os: 'macos-14', backend: 'openssl@3', shared_libs: 'on' } - { os: 'macos-14', backend: 'botan', shared_libs: 'off' } - { os: 'macos-14', backend: 'botan3', shared_libs: 'on' } diff --git a/src/lib/crypto.cpp b/src/lib/crypto.cpp index 0e2cce29b0..a6f4a0ff40 100644 --- a/src/lib/crypto.cpp +++ b/src/lib/crypto.cpp @@ -243,20 +243,19 @@ key_material_equal(const pgp_key_material_t *key1, const pgp_key_material_t *key case PGP_PKA_RSA: case PGP_PKA_RSA_ENCRYPT_ONLY: case PGP_PKA_RSA_SIGN_ONLY: - return mpi_equal(&key1->rsa.n, &key2->rsa.n) && mpi_equal(&key1->rsa.e, &key2->rsa.e); + return (key1->rsa.n == key2->rsa.n) && (key1->rsa.e == key2->rsa.e); case PGP_PKA_DSA: - return mpi_equal(&key1->dsa.p, &key2->dsa.p) && - mpi_equal(&key1->dsa.q, &key2->dsa.q) && - mpi_equal(&key1->dsa.g, &key2->dsa.g) && mpi_equal(&key1->dsa.y, &key2->dsa.y); + return (key1->dsa.p == key2->dsa.p) && (key1->dsa.q == key2->dsa.q) && + (key1->dsa.g == key2->dsa.g) && (key1->dsa.y == key2->dsa.y); case PGP_PKA_ELGAMAL: case PGP_PKA_ELGAMAL_ENCRYPT_OR_SIGN: - return mpi_equal(&key1->eg.p, &key2->eg.p) && mpi_equal(&key1->eg.g, &key2->eg.g) && - mpi_equal(&key1->eg.y, &key2->eg.y); + return (key1->eg.p == key2->eg.p) && (key1->eg.g == key2->eg.g) && + (key1->eg.y == key2->eg.y); case PGP_PKA_EDDSA: case PGP_PKA_ECDH: case PGP_PKA_ECDSA: case PGP_PKA_SM2: - return (key1->ec.curve == key2->ec.curve) && mpi_equal(&key1->ec.p, &key2->ec.p); + return (key1->ec.curve == key2->ec.curve) && (key1->ec.p == key2->ec.p); #if defined(ENABLE_CRYPTO_REFRESH) case PGP_PKA_ED25519: return (key1->ed25519.pub == key2->ed25519.pub); diff --git a/src/lib/crypto/bn.cpp b/src/lib/crypto/bn.cpp index d5ae6b4a94..2e42e56ddb 100644 --- a/src/lib/crypto/bn.cpp +++ b/src/lib/crypto/bn.cpp @@ -46,7 +46,7 @@ bn_bn2bin(const bignum_t *a, unsigned char *b) } bignum_t * -mpi2bn(const pgp_mpi_t *val) +mpi2bn(const pgp::mpi *val) { assert(val); if (!val) { @@ -65,7 +65,7 @@ mpi2bn(const pgp_mpi_t *val) } bool -bn2mpi(const bignum_t *bn, pgp_mpi_t *val) +bn2mpi(const bignum_t *bn, pgp::mpi *val) { val->len = bn_num_bytes(*bn); if (val->len > PGP_MPINT_SIZE) { diff --git a/src/lib/crypto/bn.h b/src/lib/crypto/bn.h index a4cfa1acd2..8e541c6bba 100644 --- a/src/lib/crypto/bn.h +++ b/src/lib/crypto/bn.h @@ -55,9 +55,9 @@ void bn_free(bignum_t * /*a*/); int bn_bn2bin(const bignum_t * /*a*/, unsigned char * /*b*/); -bignum_t *mpi2bn(const pgp_mpi_t *val); +bignum_t *mpi2bn(const pgp::mpi *val); -bool bn2mpi(const bignum_t *bn, pgp_mpi_t *val); +bool bn2mpi(const bignum_t *bn, pgp::mpi *val); size_t bn_num_bytes(const bignum_t &a); @@ -71,7 +71,7 @@ class bn { { } - bn(const pgp_mpi_t &val) : _bn(mpi2bn(&val)) + bn(const pgp::mpi &val) : _bn(mpi2bn(&val)) { } @@ -88,7 +88,7 @@ class bn { } void - set(const pgp_mpi_t &val) noexcept + set(const pgp::mpi &val) noexcept { BN_free(_bn); _bn = mpi2bn(&val); @@ -131,7 +131,7 @@ class bn { } bool - mpi(pgp_mpi_t &mpi) const noexcept + mpi(pgp::mpi &mpi) const noexcept { return bn2mpi(_bn, &mpi); } diff --git a/src/lib/crypto/bn_ossl.cpp b/src/lib/crypto/bn_ossl.cpp index 34e1a3e205..3cffe69b40 100644 --- a/src/lib/crypto/bn_ossl.cpp +++ b/src/lib/crypto/bn_ossl.cpp @@ -40,7 +40,7 @@ bn_bn2bin(const bignum_t *a, unsigned char *b) } bignum_t * -mpi2bn(const pgp_mpi_t *val) +mpi2bn(const pgp::mpi *val) { assert(val); if (!val) { @@ -59,7 +59,7 @@ mpi2bn(const pgp_mpi_t *val) } bool -bn2mpi(const bignum_t *bn, pgp_mpi_t *val) +bn2mpi(const bignum_t *bn, pgp::mpi *val) { val->len = bn_num_bytes(*bn); return bn_bn2bin(bn, val->mpi) == 0; diff --git a/src/lib/crypto/dl_ossl.cpp b/src/lib/crypto/dl_ossl.cpp index 4845baad82..3182558165 100644 --- a/src/lib/crypto/dl_ossl.cpp +++ b/src/lib/crypto/dl_ossl.cpp @@ -63,11 +63,11 @@ dl_build_params(bignum_t *p, bignum_t *q, bignum_t *g, bignum_t *y, bignum_t *x) #endif EVP_PKEY * -dl_load_key(const pgp_mpi_t &mp, - const pgp_mpi_t *mq, - const pgp_mpi_t &mg, - const pgp_mpi_t &my, - const pgp_mpi_t *mx) +dl_load_key(const pgp::mpi &mp, + const pgp::mpi *mq, + const pgp::mpi &mg, + const pgp::mpi &my, + const pgp::mpi *mx) { EVP_PKEY *evpkey = NULL; rnp::bn p(mpi2bn(&mp)); @@ -153,7 +153,7 @@ dl_load_key(const pgp_mpi_t &mp, #if !defined(CRYPTO_BACKEND_OPENSSL3) static rnp_result_t -dl_validate_secret_key(EVP_PKEY *dlkey, const pgp_mpi_t &mx) +dl_validate_secret_key(EVP_PKEY *dlkey, const pgp::mpi &mx) { const DH *dh = EVP_PKEY_get0_DH(dlkey); assert(dh); @@ -217,7 +217,7 @@ dl_validate_secret_key(EVP_PKEY *dlkey, const pgp_mpi_t &mx) #endif rnp_result_t -dl_validate_key(EVP_PKEY *pkey, const pgp_mpi_t *x) +dl_validate_key(EVP_PKEY *pkey, const pgp::mpi *x) { rnp_result_t ret = RNP_ERROR_GENERIC; EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey, NULL); diff --git a/src/lib/crypto/dl_ossl.h b/src/lib/crypto/dl_ossl.h index fcafc0ac9a..eeda9cd373 100644 --- a/src/lib/crypto/dl_ossl.h +++ b/src/lib/crypto/dl_ossl.h @@ -33,12 +33,12 @@ #include "mpi.h" #include -EVP_PKEY *dl_load_key(const pgp_mpi_t &mp, - const pgp_mpi_t *mq, - const pgp_mpi_t &mg, - const pgp_mpi_t &my, - const pgp_mpi_t *mx); +EVP_PKEY *dl_load_key(const pgp::mpi &mp, + const pgp::mpi *mq, + const pgp::mpi &mg, + const pgp::mpi &my, + const pgp::mpi *mx); -rnp_result_t dl_validate_key(EVP_PKEY *pkey, const pgp_mpi_t *mx); +rnp_result_t dl_validate_key(EVP_PKEY *pkey, const pgp::mpi *mx); #endif diff --git a/src/lib/crypto/dsa.cpp b/src/lib/crypto/dsa.cpp index 8763f00400..575c1c9f99 100644 --- a/src/lib/crypto/dsa.cpp +++ b/src/lib/crypto/dsa.cpp @@ -160,7 +160,6 @@ dsa_sign(rnp::RNG * rng, { botan_privkey_t dsa_key = NULL; botan_pk_op_sign_t sign_op = NULL; - size_t q_order = 0; uint8_t sign_buf[2 * BITS_TO_BYTES(DSA_MAX_Q_BITLEN)] = {0}; bignum_t * p = NULL, *q = NULL, *g = NULL, *x = NULL; rnp_result_t ret = RNP_ERROR_SIGNING_FAILED; @@ -169,7 +168,7 @@ dsa_sign(rnp::RNG * rng, size_t z_len = 0; memset(sig, 0, sizeof(*sig)); - q_order = mpi_bytes(&key->q); + size_t q_order = key->q.bytes(); if ((2 * q_order) > sizeof(sign_buf)) { RNP_LOG("wrong q order"); return RNP_ERROR_BAD_PARAMETERS; @@ -209,8 +208,7 @@ dsa_sign(rnp::RNG * rng, } // Now load the DSA (r,s) values from the signature. - if (!mem2mpi(&sig->r, sign_buf, q_order) || - !mem2mpi(&sig->s, sign_buf + q_order, q_order)) { + if (!sig->r.from_mem(sign_buf, q_order) || !sig->s.from_mem(sign_buf + q_order, q_order)) { goto end; } ret = RNP_SUCCESS; @@ -234,30 +232,27 @@ dsa_verify(const pgp_dsa_signature_t *sig, botan_pubkey_t dsa_key = NULL; botan_pk_op_verify_t verify_op = NULL; uint8_t sign_buf[2 * BITS_TO_BYTES(DSA_MAX_Q_BITLEN)] = {0}; - size_t q_order = 0; - size_t r_blen, s_blen; - bignum_t * p = NULL, *q = NULL, *g = NULL, *y = NULL; rnp_result_t ret = RNP_ERROR_GENERIC; size_t z_len = 0; - q_order = mpi_bytes(&key->q); + size_t q_order = key->q.bytes(); if ((2 * q_order) > sizeof(sign_buf)) { return RNP_ERROR_BAD_PARAMETERS; } z_len = hash_len < q_order ? hash_len : q_order; - r_blen = mpi_bytes(&sig->r); - s_blen = mpi_bytes(&sig->s); + size_t r_blen = sig->r.bytes(); + size_t s_blen = sig->s.bytes(); if ((r_blen > q_order) || (s_blen > q_order)) { RNP_LOG("Wrong signature"); return RNP_ERROR_BAD_PARAMETERS; } - p = mpi2bn(&key->p); - q = mpi2bn(&key->q); - g = mpi2bn(&key->g); - y = mpi2bn(&key->y); + bignum_t *p = mpi2bn(&key->p); + bignum_t *q = mpi2bn(&key->q); + bignum_t *g = mpi2bn(&key->g); + bignum_t *y = mpi2bn(&key->y); if (!p || !q || !g || !y) { RNP_LOG("out of memory"); @@ -271,8 +266,8 @@ dsa_verify(const pgp_dsa_signature_t *sig, goto end; } - mpi2mem(&sig->r, sign_buf + q_order - r_blen); - mpi2mem(&sig->s, sign_buf + 2 * q_order - s_blen); + sig->r.to_mem(sign_buf + q_order - r_blen); + sig->s.to_mem(sign_buf + 2 * q_order - s_blen); if (botan_pk_op_verify_create(&verify_op, dsa_key, "Raw", 0)) { RNP_LOG("Can't create verifier"); diff --git a/src/lib/crypto/dsa.h b/src/lib/crypto/dsa.h index 52a186ac2b..52eaae3bb7 100644 --- a/src/lib/crypto/dsa.h +++ b/src/lib/crypto/dsa.h @@ -37,17 +37,17 @@ #include "crypto/mpi.h" typedef struct pgp_dsa_key_t { - pgp_mpi_t p; - pgp_mpi_t q; - pgp_mpi_t g; - pgp_mpi_t y; + pgp::mpi p; + pgp::mpi q; + pgp::mpi g; + pgp::mpi y; /* secret mpi */ - pgp_mpi_t x; + pgp::mpi x; } pgp_dsa_key_t; typedef struct pgp_dsa_signature_t { - pgp_mpi_t r; - pgp_mpi_t s; + pgp::mpi r; + pgp::mpi s; } pgp_dsa_signature_t; /** diff --git a/src/lib/crypto/dsa_ossl.cpp b/src/lib/crypto/dsa_ossl.cpp index 3f91b72a9a..c0b124f6b8 100644 --- a/src/lib/crypto/dsa_ossl.cpp +++ b/src/lib/crypto/dsa_ossl.cpp @@ -215,7 +215,7 @@ dsa_sign(rnp::RNG * rng, size_t hash_len, const pgp_dsa_key_t *key) { - if (mpi_bytes(&key->x) == 0) { + if (!key->x.bytes()) { RNP_LOG("private key not set"); return RNP_ERROR_BAD_PARAMETERS; } @@ -283,7 +283,7 @@ dsa_verify(const pgp_dsa_signature_t *sig, RNP_LOG("Failed to initialize verify: %lu", ERR_peek_last_error()); goto done; } - pgp_mpi_t sigbuf; + pgp::mpi sigbuf; if (!dsa_encode_sig(sigbuf.mpi, &sigbuf.len, *sig)) { goto done; } diff --git a/src/lib/crypto/ec.h b/src/lib/crypto/ec.h index 4314954cab..2b85844007 100644 --- a/src/lib/crypto/ec.h +++ b/src/lib/crypto/ec.h @@ -77,17 +77,17 @@ typedef struct ec_curve_desc_t { typedef struct pgp_ec_key_t { pgp_curve_t curve; - pgp_mpi_t p; + pgp::mpi p; /* secret mpi */ - pgp_mpi_t x; + pgp::mpi x; /* ecdh params */ pgp_hash_alg_t kdf_hash_alg; /* Hash used by kdf */ pgp_symm_alg_t key_wrap_alg; /* Symmetric algorithm used to wrap KEK*/ } pgp_ec_key_t; typedef struct pgp_ec_signature_t { - pgp_mpi_t r; - pgp_mpi_t s; + pgp::mpi r; + pgp::mpi s; } pgp_ec_signature_t; #if defined(ENABLE_CRYPTO_REFRESH) || defined(ENABLE_PQC) diff --git a/src/lib/crypto/ec_ossl.cpp b/src/lib/crypto/ec_ossl.cpp index 46c46771d2..49eb141e5f 100644 --- a/src/lib/crypto/ec_ossl.cpp +++ b/src/lib/crypto/ec_ossl.cpp @@ -122,7 +122,7 @@ ec_write_raw_seckey(EVP_PKEY *pkey, pgp_ec_key_t *key) } static bool -ec_write_seckey(EVP_PKEY *pkey, pgp_mpi_t &key) +ec_write_seckey(EVP_PKEY *pkey, pgp::mpi &key) { #if defined(CRYPTO_BACKEND_OPENSSL3) rnp::bn x; @@ -182,17 +182,17 @@ ec_generate(rnp::RNG * rng, } static EVP_PKEY * -ec_load_raw_key(const pgp_mpi_t &keyp, const pgp_mpi_t *keyx, int nid) +ec_load_raw_key(const pgp::mpi &keyp, const pgp::mpi *keyx, int nid) { if (!keyx) { /* as per RFC, EdDSA & 25519 keys must use 0x40 byte for encoding */ - if ((mpi_bytes(&keyp) != 33) || (keyp.mpi[0] != 0x40)) { + if ((keyp.bytes() != 33) || (keyp.mpi[0] != 0x40)) { RNP_LOG("Invalid 25519 public key."); return NULL; } EVP_PKEY *evpkey = - EVP_PKEY_new_raw_public_key(nid, NULL, &keyp.mpi[1], mpi_bytes(&keyp) - 1); + EVP_PKEY_new_raw_public_key(nid, NULL, &keyp.mpi[1], keyp.bytes() - 1); if (!evpkey) { RNP_LOG("Failed to load public key: %lu", ERR_peek_last_error()); // LCOV_EXCL_LINE } @@ -229,7 +229,7 @@ ec_load_raw_key(const pgp_mpi_t &keyp, const pgp_mpi_t *keyx, int nid) #if defined(CRYPTO_BACKEND_OPENSSL3) static OSSL_PARAM * -ec_build_params(const pgp_mpi_t &p, bignum_t *x, const char *curve) +ec_build_params(const pgp::mpi &p, bignum_t *x, const char *curve) { OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new(); if (!bld) { @@ -249,8 +249,8 @@ ec_build_params(const pgp_mpi_t &p, bignum_t *x, const char *curve) } static EVP_PKEY * -ec_load_key_openssl3(const pgp_mpi_t & keyp, - const pgp_mpi_t * keyx, +ec_load_key_openssl3(const pgp::mpi & keyp, + const pgp::mpi * keyx, const ec_curve_desc_t *curv_desc) { rnp::bn x(keyx ? mpi2bn(keyx) : NULL); @@ -286,7 +286,7 @@ ec_load_key_openssl3(const pgp_mpi_t & keyp, #endif EVP_PKEY * -ec_load_key(const pgp_mpi_t &keyp, const pgp_mpi_t *keyx, pgp_curve_t curve) +ec_load_key(const pgp::mpi &keyp, const pgp::mpi *keyx, pgp_curve_t curve) { const ec_curve_desc_t *curv_desc = get_curve_desc(curve); if (!curv_desc) { @@ -392,10 +392,10 @@ ec_validate_key(const pgp_ec_key_t &key, bool secret) if (key.curve == PGP_CURVE_25519) { /* No key check implementation for x25519 in the OpenSSL yet, so just basic size checks */ - if ((mpi_bytes(&key.p) != 33) || (key.p.mpi[0] != 0x40)) { + if ((key.p.bytes() != 33) || (key.p.mpi[0] != 0x40)) { return RNP_ERROR_BAD_PARAMETERS; } - if (secret && mpi_bytes(&key.x) != 32) { + if (secret && key.x.bytes() != 32) { return RNP_ERROR_BAD_PARAMETERS; } return RNP_SUCCESS; @@ -430,7 +430,7 @@ ec_validate_key(const pgp_ec_key_t &key, bool secret) } bool -ec_write_pubkey(EVP_PKEY *pkey, pgp_mpi_t &mpi, pgp_curve_t curve) +ec_write_pubkey(EVP_PKEY *pkey, pgp::mpi &mpi, pgp_curve_t curve) { if (ec_is_raw_key(curve)) { /* EdDSA and X25519 keys are saved in a different way */ diff --git a/src/lib/crypto/ec_ossl.h b/src/lib/crypto/ec_ossl.h index f16afe8bd5..121d89b772 100644 --- a/src/lib/crypto/ec_ossl.h +++ b/src/lib/crypto/ec_ossl.h @@ -31,12 +31,12 @@ #include "ec.h" #include -EVP_PKEY *ec_load_key(const pgp_mpi_t &keyp, const pgp_mpi_t *keyx, pgp_curve_t curve); +EVP_PKEY *ec_load_key(const pgp::mpi &keyp, const pgp::mpi *keyx, pgp_curve_t curve); rnp_result_t ec_validate_key(const pgp_ec_key_t &key, bool secret); EVP_PKEY *ec_generate_pkey(const pgp_pubkey_alg_t alg_id, const pgp_curve_t curve); -bool ec_write_pubkey(EVP_PKEY *key, pgp_mpi_t &mpi, pgp_curve_t curve); +bool ec_write_pubkey(EVP_PKEY *key, pgp::mpi &mpi, pgp_curve_t curve); #endif diff --git a/src/lib/crypto/ecdh.cpp b/src/lib/crypto/ecdh.cpp index afa1dbc004..024a759e0d 100644 --- a/src/lib/crypto/ecdh.cpp +++ b/src/lib/crypto/ecdh.cpp @@ -43,7 +43,7 @@ compute_kek(uint8_t * kek, const uint8_t * other_info, size_t other_info_size, const ec_curve_desc_t *curve_desc, - const pgp_mpi_t * ec_pubkey, + const pgp::mpi * ec_pubkey, const botan_privkey_t ec_prvkey, const pgp_hash_alg_t hash_alg) { @@ -98,7 +98,7 @@ ecdh_load_public_key(botan_pubkey_t *pubkey, const pgp_ec_key_t *key) return !botan_pubkey_load_x25519(pubkey, pkey.data()); } - if (!mpi_bytes(&key->p) || (key->p.mpi[0] != 0x04)) { + if (!key->p.bytes() || (key->p.mpi[0] != 0x04)) { RNP_LOG("Failed to load public key"); return false; } @@ -302,7 +302,7 @@ ecdh_decrypt_pkcs5(uint8_t * out, const pgp_ec_key_t * key, const pgp_fingerprint_t & fingerprint) { - if (!out_len || !in || !key || !mpi_bytes(&key->x)) { + if (!out_len || !in || !key || !key->x.bytes()) { return RNP_ERROR_BAD_PARAMETERS; } diff --git a/src/lib/crypto/ecdh.h b/src/lib/crypto/ecdh.h index 712c052708..1ac35ccf79 100644 --- a/src/lib/crypto/ecdh.h +++ b/src/lib/crypto/ecdh.h @@ -41,9 +41,9 @@ typedef struct pgp_fingerprint_t pgp_fingerprint_t; typedef struct pgp_ecdh_encrypted_t { - pgp_mpi_t p; - uint8_t m[ECDH_WRAPPED_KEY_SIZE]; - size_t mlen; + pgp::mpi p; + uint8_t m[ECDH_WRAPPED_KEY_SIZE]; + size_t mlen; } pgp_ecdh_encrypted_t; rnp_result_t ecdh_validate_key(rnp::RNG *rng, const pgp_ec_key_t *key, bool secret); diff --git a/src/lib/crypto/ecdh_ossl.cpp b/src/lib/crypto/ecdh_ossl.cpp index 566031870a..979bd85a5d 100644 --- a/src/lib/crypto/ecdh_ossl.cpp +++ b/src/lib/crypto/ecdh_ossl.cpp @@ -367,7 +367,7 @@ ecdh_decrypt_pkcs5(uint8_t * out, const pgp_ec_key_t * key, const pgp_fingerprint_t & fingerprint) { - if (!out || !out_len || !in || !key || !mpi_bytes(&key->x)) { + if (!out || !out_len || !in || !key || !key->x.bytes()) { return RNP_ERROR_BAD_PARAMETERS; } diff --git a/src/lib/crypto/ecdsa.cpp b/src/lib/crypto/ecdsa.cpp index 3a96cae3a9..8fed5cd9c5 100644 --- a/src/lib/crypto/ecdsa.cpp +++ b/src/lib/crypto/ecdsa.cpp @@ -44,9 +44,8 @@ ecdsa_load_public_key(botan_pubkey_t *pubkey, const pgp_ec_key_t *keydata) } const size_t curve_order = BITS_TO_BYTES(curve->bitlen); - if (!mpi_bytes(&keydata->p) || (keydata->p.mpi[0] != 0x04)) { - RNP_LOG( - "Failed to load public key: %zu, %02x", mpi_bytes(&keydata->p), keydata->p.mpi[0]); + if (!keydata->p.bytes() || (keydata->p.mpi[0] != 0x04)) { + RNP_LOG("Failed to load public key: %zu, %02x", keydata->p.bytes(), keydata->p.mpi[0]); return false; } @@ -183,8 +182,8 @@ ecdsa_sign(rnp::RNG * rng, } // Allocate memory and copy results - if (mem2mpi(&sig->r, out_buf, curve_order) && - mem2mpi(&sig->s, out_buf + curve_order, curve_order)) { + if (sig->r.from_mem(out_buf, curve_order) && + sig->s.from_mem(out_buf + curve_order, curve_order)) { ret = RNP_SUCCESS; } end: @@ -226,8 +225,8 @@ ecdsa_verify(const pgp_ec_signature_t *sig, goto end; } - r_blen = mpi_bytes(&sig->r); - s_blen = mpi_bytes(&sig->s); + r_blen = sig->r.bytes(); + s_blen = sig->s.bytes(); if ((r_blen > curve_order) || (s_blen > curve_order) || (curve_order > MAX_CURVE_BYTELEN)) { ret = RNP_ERROR_BAD_PARAMETERS; @@ -235,8 +234,8 @@ ecdsa_verify(const pgp_ec_signature_t *sig, } // Both can't fail - mpi2mem(&sig->r, &sign_buf[curve_order - r_blen]); - mpi2mem(&sig->s, &sign_buf[curve_order + curve_order - s_blen]); + sig->r.to_mem(&sign_buf[curve_order - r_blen]); + sig->s.to_mem(&sign_buf[curve_order + curve_order - s_blen]); if (!botan_pk_op_verify_finish(verifier, sign_buf, curve_order * 2)) { ret = RNP_SUCCESS; diff --git a/src/lib/crypto/ecdsa_ossl.cpp b/src/lib/crypto/ecdsa_ossl.cpp index 534811ad32..d0e1f8e1bb 100644 --- a/src/lib/crypto/ecdsa_ossl.cpp +++ b/src/lib/crypto/ecdsa_ossl.cpp @@ -92,7 +92,7 @@ ecdsa_sign(rnp::RNG * rng, size_t hash_len, const pgp_ec_key_t *key) { - if (mpi_bytes(&key->x) == 0) { + if (!key->x.bytes()) { RNP_LOG("private key not set"); return RNP_ERROR_BAD_PARAMETERS; } @@ -157,7 +157,7 @@ ecdsa_verify(const pgp_ec_signature_t *sig, RNP_LOG("Failed to initialize verify: %lu", ERR_peek_last_error()); goto done; } - pgp_mpi_t sigbuf; + pgp::mpi sigbuf; if (!ecdsa_encode_sig(sigbuf.mpi, &sigbuf.len, *sig)) { goto done; } diff --git a/src/lib/crypto/eddsa.cpp b/src/lib/crypto/eddsa.cpp index 8669180861..80a4259c76 100644 --- a/src/lib/crypto/eddsa.cpp +++ b/src/lib/crypto/eddsa.cpp @@ -38,7 +38,7 @@ eddsa_load_public_key(botan_pubkey_t *pubkey, const pgp_ec_key_t *keydata) /* * See draft-ietf-openpgp-rfc4880bis-01 section 13.3 */ - if ((mpi_bytes(&keydata->p) != 33) || (keydata->p.mpi[0] != 0x40)) { + if ((keydata->p.bytes() != 33) || (keydata->p.mpi[0] != 0x40)) { return false; } if (botan_pubkey_load_ed25519(pubkey, keydata->p.mpi + 1)) { @@ -51,17 +51,15 @@ eddsa_load_public_key(botan_pubkey_t *pubkey, const pgp_ec_key_t *keydata) static bool eddsa_load_secret_key(botan_privkey_t *seckey, const pgp_ec_key_t *keydata) { - uint8_t keybuf[32] = {0}; - size_t sz; - if (keydata->curve != PGP_CURVE_ED25519) { return false; } - sz = mpi_bytes(&keydata->x); + size_t sz = keydata->x.bytes(); if (!sz || (sz > 32)) { return false; } - mpi2mem(&keydata->x, keybuf + 32 - sz); + uint8_t keybuf[32] = {0}; + keydata->x.to_mem(keybuf + 32 - sz); if (botan_privkey_load_ed25519(seckey, keybuf)) { return false; } @@ -115,10 +113,10 @@ eddsa_generate(rnp::RNG *rng, pgp_ec_key_t *key) // First 32 bytes of key_bits are the EdDSA seed (private key) // Second 32 bytes are the EdDSA public key - mem2mpi(&key->x, key_bits, 32); + key->x.from_mem(key_bits, 32); // insert the required 0x40 prefix on the public key key_bits[31] = 0x40; - mem2mpi(&key->p, key_bits + 31, 33); + key->p.from_mem(key_bits + 31, 33); key->curve = PGP_CURVE_ED25519; ret = RNP_SUCCESS; @@ -152,11 +150,11 @@ eddsa_verify(const pgp_ec_signature_t *sig, } // Unexpected size for Ed25519 signature - if ((mpi_bytes(&sig->r) > 32) || (mpi_bytes(&sig->s) > 32)) { + if ((sig->r.bytes() > 32) || (sig->s.bytes() > 32)) { goto done; } - mpi2mem(&sig->r, &bn_buf[32 - mpi_bytes(&sig->r)]); - mpi2mem(&sig->s, &bn_buf[64 - mpi_bytes(&sig->s)]); + sig->r.to_mem(&bn_buf[32 - sig->r.bytes()]); + sig->s.to_mem(&bn_buf[64 - sig->s.bytes()]); if (botan_pk_op_verify_finish(verify_op, bn_buf, 64) == 0) { ret = RNP_SUCCESS; @@ -202,8 +200,8 @@ eddsa_sign(rnp::RNG * rng, goto done; } - mem2mpi(&sig->r, bn_buf, 32); - mem2mpi(&sig->s, bn_buf + 32, 32); + sig->r.from_mem(bn_buf, 32); + sig->s.from_mem(bn_buf + 32, 32); ret = RNP_SUCCESS; done: botan_pk_op_sign_destroy(sign_op); diff --git a/src/lib/crypto/eddsa_ossl.cpp b/src/lib/crypto/eddsa_ossl.cpp index 16d8fad704..4558fbe6c9 100644 --- a/src/lib/crypto/eddsa_ossl.cpp +++ b/src/lib/crypto/eddsa_ossl.cpp @@ -40,10 +40,10 @@ rnp_result_t eddsa_validate_key(rnp::RNG *rng, const pgp_ec_key_t *key, bool secret) { /* Not implemented in the OpenSSL, so just do basic size checks. */ - if ((mpi_bytes(&key->p) != 33) || (key->p.mpi[0] != 0x40)) { + if ((key->p.bytes() != 33) || (key->p.mpi[0] != 0x40)) { return RNP_ERROR_BAD_PARAMETERS; } - if (secret && mpi_bytes(&key->x) > 32) { + if (secret && key->x.bytes() > 32) { return RNP_ERROR_BAD_PARAMETERS; } return RNP_SUCCESS; @@ -65,11 +65,11 @@ eddsa_verify(const pgp_ec_signature_t *sig, size_t hash_len, const pgp_ec_key_t * key) { - if ((mpi_bytes(&sig->r) > 32) || (mpi_bytes(&sig->s) > 32)) { + if ((sig->r.bytes() > 32) || (sig->s.bytes() > 32)) { RNP_LOG("Invalid EdDSA signature."); return RNP_ERROR_BAD_PARAMETERS; } - if ((mpi_bytes(&key->p) != 33) || (key->p.mpi[0] != 0x40)) { + if ((key->p.bytes() != 33) || (key->p.mpi[0] != 0x40)) { RNP_LOG("Invalid EdDSA public key."); return RNP_ERROR_BAD_PARAMETERS; } @@ -93,8 +93,8 @@ eddsa_verify(const pgp_ec_signature_t *sig, RNP_LOG("Failed to initialize signing: %lu", ERR_peek_last_error()); goto done; } - mpi2mem(&sig->r, &sigbuf[32 - mpi_bytes(&sig->r)]); - mpi2mem(&sig->s, &sigbuf[64 - mpi_bytes(&sig->s)]); + sig->r.to_mem(&sigbuf[32 - sig->r.bytes()]); + sig->s.to_mem(&sigbuf[64 - sig->s.bytes()]); if (EVP_DigestVerify(md, sigbuf, 64, hash, hash_len) > 0) { ret = RNP_SUCCESS; @@ -113,7 +113,7 @@ eddsa_sign(rnp::RNG * rng, size_t hash_len, const pgp_ec_key_t *key) { - if (!mpi_bytes(&key->x)) { + if (!key->x.bytes()) { RNP_LOG("private key not set"); return RNP_ERROR_BAD_PARAMETERS; } diff --git a/src/lib/crypto/elgamal.cpp b/src/lib/crypto/elgamal.cpp index 4946b70518..ec9b7597b2 100644 --- a/src/lib/crypto/elgamal.cpp +++ b/src/lib/crypto/elgamal.cpp @@ -47,7 +47,7 @@ elgamal_load_public_key(botan_pubkey_t *pubkey, const pgp_eg_key_t *keydata) bool res = false; // Check if provided public key byte size is not greater than ELGAMAL_MAX_P_BYTELEN. - if (mpi_bytes(&keydata->p) > ELGAMAL_MAX_P_BYTELEN) { + if (keydata->p.bytes() > ELGAMAL_MAX_P_BYTELEN) { goto done; } @@ -74,7 +74,7 @@ elgamal_load_secret_key(botan_privkey_t *seckey, const pgp_eg_key_t *keydata) bool res = false; // Check if provided secret key byte size is not greater than ELGAMAL_MAX_P_BYTELEN. - if (mpi_bytes(&keydata->p) > ELGAMAL_MAX_P_BYTELEN) { + if (keydata->p.bytes() > ELGAMAL_MAX_P_BYTELEN) { goto done; } @@ -96,7 +96,7 @@ bool elgamal_validate_key(const pgp_eg_key_t *key, bool secret) { // Check if provided public key byte size is not greater than ELGAMAL_MAX_P_BYTELEN. - if (mpi_bytes(&key->p) > ELGAMAL_MAX_P_BYTELEN) { + if (key->p.bytes() > ELGAMAL_MAX_P_BYTELEN) { return false; } @@ -162,7 +162,7 @@ elgamal_encrypt_pkcs1(rnp::RNG * rng, * Successful call to botan's ElGamal encryption will return output that's * always 2*pubkey size. */ - p_len = mpi_bytes(&key->p) * 2; + p_len = key->p.bytes() * 2; if (botan_pk_op_encrypt_create(&op_ctx, b_key, "PKCS1v15", 0) || botan_pk_op_encrypt(op_ctx, rng->handle(), enc_buf, &p_len, in, in_len)) { @@ -182,7 +182,7 @@ elgamal_encrypt_pkcs1(rnp::RNG * rng, * memory corruption) */ p_len /= 2; - if (mem2mpi(&out->g, enc_buf, p_len) && mem2mpi(&out->m, enc_buf + p_len, p_len)) { + if (out->g.from_mem(enc_buf, p_len) && out->m.from_mem(enc_buf + p_len, p_len)) { ret = RNP_SUCCESS; } end: @@ -206,15 +206,15 @@ elgamal_decrypt_pkcs1(rnp::RNG * rng, size_t g_len; size_t m_len; - if (!mpi_bytes(&key->x)) { + if (!key->x.bytes()) { RNP_LOG("empty secret key"); goto end; } // Check if provided public key byte size is not greater than ELGAMAL_MAX_P_BYTELEN. - p_len = mpi_bytes(&key->p); - g_len = mpi_bytes(&in->g); - m_len = mpi_bytes(&in->m); + p_len = key->p.bytes(); + g_len = in->g.bytes(); + m_len = in->m.bytes(); if ((2 * p_len > sizeof(enc_buf)) || (g_len > p_len) || (m_len > p_len)) { RNP_LOG("Unsupported/wrong public key or encrypted data"); diff --git a/src/lib/crypto/elgamal.h b/src/lib/crypto/elgamal.h index 42d05550fb..ce35a958a4 100644 --- a/src/lib/crypto/elgamal.h +++ b/src/lib/crypto/elgamal.h @@ -32,23 +32,23 @@ #include "crypto/mpi.h" typedef struct pgp_eg_key_t { - pgp_mpi_t p; - pgp_mpi_t g; - pgp_mpi_t y; + pgp::mpi p; + pgp::mpi g; + pgp::mpi y; /* secret mpi */ - pgp_mpi_t x; + pgp::mpi x; } pgp_eg_key_t; typedef struct pgp_eg_signature_t { /* This is kept only for packet reading. Implementation MUST * not create elgamal signatures */ - pgp_mpi_t r; - pgp_mpi_t s; + pgp::mpi r; + pgp::mpi s; } pgp_eg_signature_t; typedef struct pgp_eg_encrypted_t { - pgp_mpi_t g; - pgp_mpi_t m; + pgp::mpi g; + pgp::mpi m; } pgp_eg_encrypted_t; bool elgamal_validate_key(const pgp_eg_key_t *key, bool secret); diff --git a/src/lib/crypto/elgamal_ossl.cpp b/src/lib/crypto/elgamal_ossl.cpp index 9de82a6cae..1d179f4d39 100644 --- a/src/lib/crypto/elgamal_ossl.cpp +++ b/src/lib/crypto/elgamal_ossl.cpp @@ -183,7 +183,7 @@ elgamal_encrypt_pkcs1(rnp::RNG * rng, size_t in_len, const pgp_eg_key_t *key) { - pgp_mpi_t mm = {}; + pgp::mpi mm = {}; mm.len = key->p.len; if (!pkcs1v15_pad(mm.mpi, mm.len, in, in_len)) { /* LCOV_EXCL_START */ @@ -280,7 +280,7 @@ elgamal_decrypt_pkcs1(rnp::RNG * rng, const pgp_eg_encrypted_t *in, const pgp_eg_key_t * key) { - if (!mpi_bytes(&key->x)) { + if (!key->x.bytes()) { RNP_LOG("Secret key not set."); return RNP_ERROR_BAD_PARAMETERS; } @@ -291,7 +291,7 @@ elgamal_decrypt_pkcs1(rnp::RNG * rng, return RNP_ERROR_OUT_OF_MEMORY; /* LCOV_EXCL_END */ } - pgp_mpi_t mm = {}; + pgp::mpi mm = {}; size_t padlen = 0; rnp_result_t ret = RNP_ERROR_GENERIC; BN_CTX_start(ctx); diff --git a/src/lib/crypto/hash.hpp b/src/lib/crypto/hash.hpp index 7bf763e6ba..c771302e9d 100644 --- a/src/lib/crypto/hash.hpp +++ b/src/lib/crypto/hash.hpp @@ -59,7 +59,7 @@ class Hash { virtual void add(const void *buf, size_t len) = 0; virtual void add(const std::vector &val); virtual void add(uint32_t val); - virtual void add(const pgp_mpi_t &mpi); + virtual void add(const pgp::mpi &mpi); virtual size_t finish(uint8_t *digest = NULL) = 0; virtual ~Hash(); diff --git a/src/lib/crypto/hash_common.cpp b/src/lib/crypto/hash_common.cpp index 8a45f229ab..92a4d01c39 100644 --- a/src/lib/crypto/hash_common.cpp +++ b/src/lib/crypto/hash_common.cpp @@ -115,9 +115,9 @@ Hash::add(uint32_t val) } void -Hash::add(const pgp_mpi_t &val) +Hash::add(const pgp::mpi &val) { - size_t len = mpi_bytes(&val); + size_t len = val.bytes(); size_t idx = 0; while ((idx < len) && (!val.mpi[idx])) { idx++; diff --git a/src/lib/crypto/mpi.cpp b/src/lib/crypto/mpi.cpp index 813202340f..f4e9d1291d 100644 --- a/src/lib/crypto/mpi.cpp +++ b/src/lib/crypto/mpi.cpp @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2018 Ribose Inc. + * Copyright (c) 2018, 2024 Ribose Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -30,18 +30,20 @@ #include "mem.h" #include "utils.h" +namespace pgp { + size_t -mpi_bits(const pgp_mpi_t *val) +mpi::bits() const noexcept { size_t bits = 0; size_t idx = 0; uint8_t bt; - for (idx = 0; (idx < val->len) && !val->mpi[idx]; idx++) + for (idx = 0; (idx < len) && !mpi[idx]; idx++) ; - if (idx < val->len) { - for (bits = (val->len - idx - 1) << 3, bt = val->mpi[idx]; bt; bits++, bt = bt >> 1) + if (idx < len) { + for (bits = (len - idx - 1) << 3, bt = mpi[idx]; bt; bits++, bt = bt >> 1) ; } @@ -49,48 +51,50 @@ mpi_bits(const pgp_mpi_t *val) } size_t -mpi_bytes(const pgp_mpi_t *val) +mpi::bytes() const noexcept { - return val->len; + return len; } bool -mem2mpi(pgp_mpi_t *val, const void *mem, size_t len) +mpi::from_mem(const void *mem, size_t mlen) noexcept { - if (len > sizeof(val->mpi)) { + if (mlen > sizeof(mpi)) { return false; } - memcpy(val->mpi, mem, len); - val->len = len; + memcpy(mpi, mem, mlen); + len = mlen; return true; } void -mpi2mem(const pgp_mpi_t *val, void *mem) +mpi::to_mem(void *mem) const noexcept { - memcpy(mem, val->mpi, val->len); + memcpy(mem, mpi, len); } bool -mpi_equal(const pgp_mpi_t *val1, const pgp_mpi_t *val2) +mpi::operator==(const struct mpi &src) const { size_t idx1 = 0; size_t idx2 = 0; - for (idx1 = 0; (idx1 < val1->len) && !val1->mpi[idx1]; idx1++) + for (idx1 = 0; (idx1 < this->len) && !this->mpi[idx1]; idx1++) ; - for (idx2 = 0; (idx2 < val2->len) && !val2->mpi[idx2]; idx2++) + for (idx2 = 0; (idx2 < src.len) && !src.mpi[idx2]; idx2++) ; - return ((val1->len - idx1) == (val2->len - idx2) && - !memcmp(val1->mpi + idx1, val2->mpi + idx2, val1->len - idx1)); + return ((this->len - idx1) == (src.len - idx2) && + !memcmp(this->mpi + idx1, src.mpi + idx2, this->len - idx1)); } void -mpi_forget(pgp_mpi_t *val) +mpi::forget() noexcept { - secure_clear(val, sizeof(*val)); - val->len = 0; + secure_clear(mpi, sizeof(mpi)); + len = 0; } + +} // namespace pgp diff --git a/src/lib/crypto/mpi.h b/src/lib/crypto/mpi.h index 64c62f6031..b587326e3b 100644 --- a/src/lib/crypto/mpi.h +++ b/src/lib/crypto/mpi.h @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2018 Ribose Inc. + * Copyright (c) 2018, 2024 Ribose Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -36,21 +36,22 @@ #define PGP_MPINT_SIZE (PGP_MPINT_BITS >> 3) /** multi-precision integer, used in signatures and public/secret keys */ -typedef struct pgp_mpi_t { +namespace pgp { + +typedef struct mpi { + /* Change this to vector once opaqueness is not required anymore */ uint8_t mpi[PGP_MPINT_SIZE]; size_t len; -} pgp_mpi_t; - -bool mem2mpi(pgp_mpi_t *val, const void *mem, size_t len); - -void mpi2mem(const pgp_mpi_t *val, void *mem); - -size_t mpi_bits(const pgp_mpi_t *val); -size_t mpi_bytes(const pgp_mpi_t *val); + bool operator==(const struct mpi &src) const; -bool mpi_equal(const pgp_mpi_t *val1, const pgp_mpi_t *val2); + bool from_mem(const void *mem, size_t len) noexcept; + void to_mem(void *mem) const noexcept; + size_t bits() const noexcept; + size_t bytes() const noexcept; + void forget() noexcept; +} mpi; -void mpi_forget(pgp_mpi_t *val); +} // namespace pgp #endif // MPI_H_ diff --git a/src/lib/crypto/rsa.cpp b/src/lib/crypto/rsa.cpp index 83fa0445b2..cdfc91ce51 100644 --- a/src/lib/crypto/rsa.cpp +++ b/src/lib/crypto/rsa.cpp @@ -272,26 +272,25 @@ rsa_sign_pkcs1(rnp::RNG * rng, size_t hash_len, const pgp_rsa_key_t *key) { - char padding_name[64] = {0}; - botan_privkey_t rsa_key; - botan_pk_op_sign_t sign_op; - rnp_result_t ret = RNP_ERROR_GENERIC; - - if (mpi_bytes(&key->q) == 0) { + if (!key->q.bytes()) { RNP_LOG("private key not set"); - return ret; + return RNP_ERROR_GENERIC; } + botan_privkey_t rsa_key; if (!rsa_load_secret_key(&rsa_key, key)) { RNP_LOG("failed to load key"); return RNP_ERROR_OUT_OF_MEMORY; } + char padding_name[64] = {0}; snprintf(padding_name, sizeof(padding_name), "EMSA-PKCS1-v1_5(Raw,%s)", rnp::Hash_Botan::name_backend(hash_alg)); + rnp_result_t ret = RNP_ERROR_GENERIC; + botan_pk_op_sign_t sign_op; if (botan_pk_op_sign_create(&sign_op, rsa_key, padding_name, 0) != 0) { goto done; } @@ -319,21 +318,20 @@ rsa_decrypt_pkcs1(rnp::RNG * rng, const pgp_rsa_encrypted_t *in, const pgp_rsa_key_t * key) { - botan_privkey_t rsa_key = NULL; - botan_pk_op_decrypt_t decrypt_op = NULL; - rnp_result_t ret = RNP_ERROR_GENERIC; - - if (mpi_bytes(&key->q) == 0) { + if (!key->q.bytes()) { RNP_LOG("private key not set"); - return ret; + return RNP_ERROR_GENERIC; } + botan_privkey_t rsa_key = NULL; if (!rsa_load_secret_key(&rsa_key, key)) { RNP_LOG("failed to load key"); return RNP_ERROR_OUT_OF_MEMORY; } - size_t skip = 0; + size_t skip = 0; + botan_pk_op_decrypt_t decrypt_op = NULL; + rnp_result_t ret = RNP_ERROR_GENERIC; if (botan_pk_op_decrypt_create(&decrypt_op, rsa_key, "PKCS1v15", 0)) { goto done; } diff --git a/src/lib/crypto/rsa.h b/src/lib/crypto/rsa.h index 6b1b615374..998742812e 100644 --- a/src/lib/crypto/rsa.h +++ b/src/lib/crypto/rsa.h @@ -37,21 +37,21 @@ #include "crypto/mpi.h" typedef struct pgp_rsa_key_t { - pgp_mpi_t n; - pgp_mpi_t e; + pgp::mpi n; + pgp::mpi e; /* secret mpis */ - pgp_mpi_t d; - pgp_mpi_t p; - pgp_mpi_t q; - pgp_mpi_t u; + pgp::mpi d; + pgp::mpi p; + pgp::mpi q; + pgp::mpi u; } pgp_rsa_key_t; typedef struct pgp_rsa_signature_t { - pgp_mpi_t s; + pgp::mpi s; } pgp_rsa_signature_t; typedef struct pgp_rsa_encrypted_t { - pgp_mpi_t m; + pgp::mpi m; } pgp_rsa_encrypted_t; /* diff --git a/src/lib/crypto/rsa_ossl.cpp b/src/lib/crypto/rsa_ossl.cpp index 445974c117..b1836e6cd7 100644 --- a/src/lib/crypto/rsa_ossl.cpp +++ b/src/lib/crypto/rsa_ossl.cpp @@ -432,7 +432,7 @@ rsa_verify_pkcs1(const pgp_rsa_signature_t *sig, int res; if (sig->s.len < key->n.len) { /* OpenSSL doesn't like signatures smaller then N */ - pgp_mpi_t sn; + pgp::mpi sn; sn.len = key->n.len; size_t diff = key->n.len - sig->s.len; memset(sn.mpi, 0, diff); @@ -460,7 +460,7 @@ rsa_sign_pkcs1(rnp::RNG * rng, const pgp_rsa_key_t *key) { rnp_result_t ret = RNP_ERROR_GENERIC; - if (mpi_bytes(&key->q) == 0) { + if (!key->q.bytes()) { RNP_LOG("private key not set"); return ret; } @@ -508,7 +508,7 @@ rsa_decrypt_pkcs1(rnp::RNG * rng, const pgp_rsa_key_t * key) { rnp_result_t ret = RNP_ERROR_GENERIC; - if (mpi_bytes(&key->q) == 0) { + if (!key->q.bytes()) { RNP_LOG("private key not set"); return ret; } diff --git a/src/lib/crypto/sm2.cpp b/src/lib/crypto/sm2.cpp index 2af537d5f2..11bd1ddd3e 100644 --- a/src/lib/crypto/sm2.cpp +++ b/src/lib/crypto/sm2.cpp @@ -45,7 +45,7 @@ sm2_load_public_key(botan_pubkey_t *pubkey, const pgp_ec_key_t *keydata) } const size_t sign_half_len = BITS_TO_BYTES(curve->bitlen); - sz = mpi_bytes(&keydata->p); + sz = keydata->p.bytes(); if (!sz || (sz != (2 * sign_half_len + 1)) || (keydata->p.mpi[0] != 0x04)) { goto end; } @@ -202,8 +202,8 @@ sm2_sign(rnp::RNG * rng, } // Allocate memory and copy results - if (mem2mpi(&sig->r, out_buf, sign_half_len) && - mem2mpi(&sig->s, out_buf + sign_half_len, sign_half_len)) { + if (sig->r.from_mem(out_buf, sign_half_len) && + sig->s.from_mem(out_buf + sign_half_len, sign_half_len)) { // All good now ret = RNP_SUCCESS; } @@ -262,8 +262,8 @@ sm2_verify(const pgp_ec_signature_t *sig, goto end; } - mpi2mem(&sig->r, sign_buf + sign_half_len - r_blen); - mpi2mem(&sig->s, sign_buf + 2 * sign_half_len - s_blen); + sig->r.to_mem(sign_buf + sign_half_len - r_blen); + sig->s.to_mem(sign_buf + 2 * sign_half_len - s_blen); if (!botan_pk_op_verify_finish(verifier, sign_buf, sign_half_len * 2)) { ret = RNP_SUCCESS; @@ -343,17 +343,15 @@ sm2_decrypt(uint8_t * out, const pgp_sm2_encrypted_t *in, const pgp_ec_key_t * key) { - const ec_curve_desc_t *curve; - botan_pk_op_decrypt_t decrypt_op = NULL; - botan_privkey_t b_key = NULL; - size_t in_len; - rnp_result_t ret = RNP_ERROR_GENERIC; - uint8_t hash_id; - const char * hash_name = NULL; - - curve = get_curve_desc(key->curve); - in_len = mpi_bytes(&in->m); - if (curve == NULL || in_len < 64) { + botan_pk_op_decrypt_t decrypt_op = NULL; + botan_privkey_t b_key = NULL; + rnp_result_t ret = RNP_ERROR_GENERIC; + uint8_t hash_id; + const char * hash_name = NULL; + + auto curve = get_curve_desc(key->curve); + size_t in_len = in->m.bytes(); + if (!curve || in_len < 64) { goto done; } diff --git a/src/lib/crypto/sm2.h b/src/lib/crypto/sm2.h index a16f7fad83..28627acdb7 100644 --- a/src/lib/crypto/sm2.h +++ b/src/lib/crypto/sm2.h @@ -31,7 +31,7 @@ #include "ec.h" typedef struct pgp_sm2_encrypted_t { - pgp_mpi_t m; + pgp::mpi m; } pgp_sm2_encrypted_t; namespace rnp { diff --git a/src/lib/fingerprint.cpp b/src/lib/fingerprint.cpp index 80655794cb..bc5c9cfec3 100644 --- a/src/lib/fingerprint.cpp +++ b/src/lib/fingerprint.cpp @@ -91,7 +91,7 @@ pgp_keyid(pgp_key_id_t &keyid, const pgp_key_pkt_t &key) RNP_LOG("bad algorithm"); return RNP_ERROR_NOT_SUPPORTED; } - size_t n = mpi_bytes(&key.material.rsa.n); + size_t n = key.material.rsa.n.bytes(); (void) memcpy(keyid.data(), key.material.rsa.n.mpi + n - keyid.size(), keyid.size()); return RNP_SUCCESS; } diff --git a/src/lib/pgp-key.cpp b/src/lib/pgp-key.cpp index a9bd3d1288..83f792ece9 100644 --- a/src/lib/pgp-key.cpp +++ b/src/lib/pgp-key.cpp @@ -511,7 +511,7 @@ pgp_hash_adjust_alg_to_key(pgp_hash_alg_t hash, const pgp_key_pkt_t *pubkey) if (pubkey->alg == PGP_PKA_ECDSA) { hash_min = ecdsa_get_min_hash(pubkey->material.ec.curve); } else { - hash_min = dsa_get_min_hash(mpi_bits(&pubkey->material.dsa.q)); + hash_min = dsa_get_min_hash(pubkey->material.dsa.q.bits()); } if (rnp::Hash::size(hash) < rnp::Hash::size(hash_min)) { @@ -2980,12 +2980,12 @@ pgp_key_material_t::bits() const case PGP_PKA_RSA: case PGP_PKA_RSA_ENCRYPT_ONLY: case PGP_PKA_RSA_SIGN_ONLY: - return 8 * mpi_bytes(&rsa.n); + return 8 * rsa.n.bytes(); case PGP_PKA_DSA: - return 8 * mpi_bytes(&dsa.p); + return 8 * dsa.p.bytes(); case PGP_PKA_ELGAMAL: case PGP_PKA_ELGAMAL_ENCRYPT_OR_SIGN: - return 8 * mpi_bytes(&eg.y); + return 8 * eg.y.bytes(); case PGP_PKA_ECDH: FALLTHROUGH_STATEMENT; case PGP_PKA_ECDSA: @@ -3043,7 +3043,7 @@ pgp_key_material_t::qbits() const if (alg != PGP_PKA_DSA) { return 0; } - return 8 * mpi_bytes(&dsa.q); + return 8 * dsa.q.bytes(); } void @@ -3065,9 +3065,9 @@ pgp_key_material_t::valid() const namespace { void -grip_hash_mpi(rnp::Hash &hash, const pgp_mpi_t &val, const char name, bool lzero = true) +grip_hash_mpi(rnp::Hash &hash, const pgp::mpi &val, const char name, bool lzero = true) { - size_t len = mpi_bytes(&val); + size_t len = val.bytes(); size_t idx = 0; for (idx = 0; (idx < len) && !val.mpi[idx]; idx++) ; @@ -3099,7 +3099,7 @@ grip_hash_mpi(rnp::Hash &hash, const pgp_mpi_t &val, const char name, bool lzero void grip_hash_ecc_hex(rnp::Hash &hash, const char *hex, char name) { - pgp_mpi_t mpi = {}; + pgp::mpi mpi = {}; mpi.len = rnp::hex_decode(hex, mpi.mpi, sizeof(mpi.mpi)); if (!mpi.len) { RNP_LOG("wrong hex mpi"); @@ -3120,7 +3120,7 @@ grip_hash_ec(rnp::Hash &hash, const pgp_ec_key_t &key) } /* build uncompressed point from gx and gy */ - pgp_mpi_t g = {}; + pgp::mpi g = {}; g.mpi[0] = 0x04; g.len = 1; size_t len = rnp::hex_decode(desc->gx, g.mpi + g.len, sizeof(g.mpi) - g.len); diff --git a/src/lib/rnp.cpp b/src/lib/rnp.cpp index 4316f7e08b..7b7b96183b 100644 --- a/src/lib/rnp.cpp +++ b/src/lib/rnp.cpp @@ -7675,7 +7675,7 @@ add_json_mpis(json_object *jso, ...) va_start(ap, jso); while ((name = va_arg(ap, const char *))) { - pgp_mpi_t *val = va_arg(ap, pgp_mpi_t *); + pgp::mpi *val = va_arg(ap, pgp::mpi *); if (!val) { ret = RNP_ERROR_BAD_PARAMETERS; goto done; diff --git a/src/librekey/g23_sexp.hpp b/src/librekey/g23_sexp.hpp index b062c52f19..0fb5c5144a 100644 --- a/src/librekey/g23_sexp.hpp +++ b/src/librekey/g23_sexp.hpp @@ -52,7 +52,7 @@ class gnupg_sexp_t : public sexp::sexp_list_t { }; void add(unsigned u); p_gnupg_sexp add_sub(); - void add_mpi(const std::string &name, const pgp_mpi_t &val); + void add_mpi(const std::string &name, const pgp::mpi &val); void add_curve(const std::string &name, const pgp_ec_key_t &key); void add_pubkey(const pgp_key_pkt_t &key); void add_seckey(const pgp_key_pkt_t &key); diff --git a/src/librekey/key_store_g10.cpp b/src/librekey/key_store_g10.cpp index e646f02fb2..576ca0853b 100644 --- a/src/librekey/key_store_g10.cpp +++ b/src/librekey/key_store_g10.cpp @@ -286,7 +286,7 @@ lookup_var_data(const sexp_list_t *list, const std::string &name) noexcept } static bool -read_mpi(const sexp_list_t *list, const std::string &name, pgp_mpi_t &val) noexcept +read_mpi(const sexp_list_t *list, const std::string &name, pgp::mpi &val) noexcept { const sexp_string_t *data = lookup_var_data(list, name); if (!data) { @@ -296,9 +296,9 @@ read_mpi(const sexp_list_t *list, const std::string &name, pgp_mpi_t &val) noexc /* strip leading zero */ const auto &bytes = data->get_string(); if ((bytes.size() > 1) && !bytes[0] && (bytes[1] & 0x80)) { - return mem2mpi(&val, bytes.data() + 1, bytes.size() - 1); + return val.from_mem(bytes.data() + 1, bytes.size() - 1); } - return mem2mpi(&val, bytes.data(), bytes.size()); + return val.from_mem(bytes.data(), bytes.size()); } static bool @@ -321,7 +321,7 @@ read_curve(const sexp_list_t *list, const std::string &name, pgp_ec_key_t &key) } void -gnupg_sexp_t::add_mpi(const std::string &name, const pgp_mpi_t &mpi) +gnupg_sexp_t::add_mpi(const std::string &name, const pgp::mpi &mpi) { auto sub_s_exp = add_sub(); sub_s_exp->push_back(std::make_shared(name)); @@ -329,7 +329,7 @@ gnupg_sexp_t::add_mpi(const std::string &name, const pgp_mpi_t &mpi) sub_s_exp->push_back(value_block); sexp_simple_string_t data; - size_t len = mpi_bytes(&mpi); + size_t len = mpi.bytes(); size_t idx; for (idx = 0; (idx < len) && !mpi.mpi[idx]; idx++) diff --git a/src/librepgp/stream-dump.cpp b/src/librepgp/stream-dump.cpp index 5aafb80147..ad9157d254 100644 --- a/src/librepgp/stream-dump.cpp +++ b/src/librepgp/stream-dump.cpp @@ -329,14 +329,14 @@ vsnprinthex(char *str, size_t slen, const uint8_t *buf, size_t buflen) } static void -dst_print_mpi(pgp_dest_t *dst, const char *name, pgp_mpi_t *mpi, bool dumpbin) +dst_print_mpi(pgp_dest_t *dst, const char *name, const pgp::mpi &mpi, bool dumpbin) { - char hex[5000]; if (!dumpbin) { - dst_printf(dst, "%s: %d bits\n", name, (int) mpi_bits(mpi)); + dst_printf(dst, "%s: %zu bits\n", name, mpi.bits()); } else { - vsnprinthex(hex, sizeof(hex), mpi->mpi, mpi->len); - dst_printf(dst, "%s: %d bits, %s\n", name, (int) mpi_bits(mpi), hex); + char hex[5000]; + vsnprinthex(hex, sizeof(hex), mpi.mpi, mpi.len); + dst_printf(dst, "%s: %zu bits, %s\n", name, mpi.bits(), hex); } } @@ -805,23 +805,23 @@ stream_dump_signature_pkt(rnp_dump_ctx_t *ctx, pgp_signature_t *sig, pgp_dest_t case PGP_PKA_RSA: case PGP_PKA_RSA_ENCRYPT_ONLY: case PGP_PKA_RSA_SIGN_ONLY: - dst_print_mpi(dst, "rsa s", &material.rsa.s, ctx->dump_mpi); + dst_print_mpi(dst, "rsa s", material.rsa.s, ctx->dump_mpi); break; case PGP_PKA_DSA: - dst_print_mpi(dst, "dsa r", &material.dsa.r, ctx->dump_mpi); - dst_print_mpi(dst, "dsa s", &material.dsa.s, ctx->dump_mpi); + dst_print_mpi(dst, "dsa r", material.dsa.r, ctx->dump_mpi); + dst_print_mpi(dst, "dsa s", material.dsa.s, ctx->dump_mpi); break; case PGP_PKA_EDDSA: case PGP_PKA_ECDSA: case PGP_PKA_SM2: case PGP_PKA_ECDH: - dst_print_mpi(dst, "ecc r", &material.ecc.r, ctx->dump_mpi); - dst_print_mpi(dst, "ecc s", &material.ecc.s, ctx->dump_mpi); + dst_print_mpi(dst, "ecc r", material.ecc.r, ctx->dump_mpi); + dst_print_mpi(dst, "ecc s", material.ecc.s, ctx->dump_mpi); break; case PGP_PKA_ELGAMAL: case PGP_PKA_ELGAMAL_ENCRYPT_OR_SIGN: - dst_print_mpi(dst, "eg r", &material.eg.r, ctx->dump_mpi); - dst_print_mpi(dst, "eg s", &material.eg.s, ctx->dump_mpi); + dst_print_mpi(dst, "eg r", material.eg.r, ctx->dump_mpi); + dst_print_mpi(dst, "eg s", material.eg.s, ctx->dump_mpi); break; #if defined(ENABLE_CRYPTO_REFRESH) case PGP_PKA_ED25519: @@ -918,32 +918,32 @@ stream_dump_key(rnp_dump_ctx_t *ctx, pgp_source_t *src, pgp_dest_t *dst) case PGP_PKA_RSA: case PGP_PKA_RSA_ENCRYPT_ONLY: case PGP_PKA_RSA_SIGN_ONLY: - dst_print_mpi(dst, "rsa n", &key.material.rsa.n, ctx->dump_mpi); - dst_print_mpi(dst, "rsa e", &key.material.rsa.e, ctx->dump_mpi); + dst_print_mpi(dst, "rsa n", key.material.rsa.n, ctx->dump_mpi); + dst_print_mpi(dst, "rsa e", key.material.rsa.e, ctx->dump_mpi); break; case PGP_PKA_DSA: - dst_print_mpi(dst, "dsa p", &key.material.dsa.p, ctx->dump_mpi); - dst_print_mpi(dst, "dsa q", &key.material.dsa.q, ctx->dump_mpi); - dst_print_mpi(dst, "dsa g", &key.material.dsa.g, ctx->dump_mpi); - dst_print_mpi(dst, "dsa y", &key.material.dsa.y, ctx->dump_mpi); + dst_print_mpi(dst, "dsa p", key.material.dsa.p, ctx->dump_mpi); + dst_print_mpi(dst, "dsa q", key.material.dsa.q, ctx->dump_mpi); + dst_print_mpi(dst, "dsa g", key.material.dsa.g, ctx->dump_mpi); + dst_print_mpi(dst, "dsa y", key.material.dsa.y, ctx->dump_mpi); break; case PGP_PKA_ELGAMAL: case PGP_PKA_ELGAMAL_ENCRYPT_OR_SIGN: - dst_print_mpi(dst, "eg p", &key.material.eg.p, ctx->dump_mpi); - dst_print_mpi(dst, "eg g", &key.material.eg.g, ctx->dump_mpi); - dst_print_mpi(dst, "eg y", &key.material.eg.y, ctx->dump_mpi); + dst_print_mpi(dst, "eg p", key.material.eg.p, ctx->dump_mpi); + dst_print_mpi(dst, "eg g", key.material.eg.g, ctx->dump_mpi); + dst_print_mpi(dst, "eg y", key.material.eg.y, ctx->dump_mpi); break; case PGP_PKA_ECDSA: case PGP_PKA_EDDSA: case PGP_PKA_SM2: { const ec_curve_desc_t *cdesc = get_curve_desc(key.material.ec.curve); - dst_print_mpi(dst, "ecc p", &key.material.ec.p, ctx->dump_mpi); + dst_print_mpi(dst, "ecc p", key.material.ec.p, ctx->dump_mpi); dst_printf(dst, "ecc curve: %s\n", cdesc ? cdesc->pgp_name : "unknown"); break; } case PGP_PKA_ECDH: { const ec_curve_desc_t *cdesc = get_curve_desc(key.material.ec.curve); - dst_print_mpi(dst, "ecdh p", &key.material.ec.p, ctx->dump_mpi); + dst_print_mpi(dst, "ecdh p", key.material.ec.p, ctx->dump_mpi); dst_printf(dst, "ecdh curve: %s\n", cdesc ? cdesc->pgp_name : "unknown"); dst_print_halg(dst, "ecdh hash algorithm", key.material.ec.kdf_hash_alg); dst_printf(dst, "ecdh key wrap algorithm: %d\n", (int) key.material.ec.key_wrap_alg); @@ -1149,18 +1149,18 @@ stream_dump_pk_session_key(rnp_dump_ctx_t *ctx, pgp_source_t *src, pgp_dest_t *d case PGP_PKA_RSA: case PGP_PKA_RSA_ENCRYPT_ONLY: case PGP_PKA_RSA_SIGN_ONLY: - dst_print_mpi(dst, "rsa m", &material.rsa.m, ctx->dump_mpi); + dst_print_mpi(dst, "rsa m", material.rsa.m, ctx->dump_mpi); break; case PGP_PKA_ELGAMAL: case PGP_PKA_ELGAMAL_ENCRYPT_OR_SIGN: - dst_print_mpi(dst, "eg g", &material.eg.g, ctx->dump_mpi); - dst_print_mpi(dst, "eg m", &material.eg.m, ctx->dump_mpi); + dst_print_mpi(dst, "eg g", material.eg.g, ctx->dump_mpi); + dst_print_mpi(dst, "eg m", material.eg.m, ctx->dump_mpi); break; case PGP_PKA_SM2: - dst_print_mpi(dst, "sm2 m", &material.sm2.m, ctx->dump_mpi); + dst_print_mpi(dst, "sm2 m", material.sm2.m, ctx->dump_mpi); break; case PGP_PKA_ECDH: - dst_print_mpi(dst, "ecdh p", &material.ecdh.p, ctx->dump_mpi); + dst_print_mpi(dst, "ecdh p", material.ecdh.p, ctx->dump_mpi); if (ctx->dump_mpi) { dst_print_hex(dst, "ecdh m", material.ecdh.m, material.ecdh.mlen, true); } else { @@ -1637,18 +1637,18 @@ obj_add_intstr_json(json_object *obj, const char *name, int val, const id_str_pa } static bool -obj_add_mpi_json(json_object *obj, const char *name, const pgp_mpi_t *mpi, bool contents) +obj_add_mpi_json(json_object *obj, const char *name, const pgp::mpi &mpi, bool contents) { char strname[64] = {0}; snprintf(strname, sizeof(strname), "%s.bits", name); - if (!json_add(obj, strname, (int) mpi_bits(mpi))) { + if (!json_add(obj, strname, (int) mpi.bits())) { return false; // LCOV_EXCL_LINE } if (!contents) { return true; } snprintf(strname, sizeof(strname), "%s.raw", name); - return json_add_hex(obj, strname, mpi->mpi, mpi->len); + return json_add_hex(obj, strname, mpi.mpi, mpi.len); } static bool @@ -1972,13 +1972,13 @@ stream_dump_signature_pkt_json(rnp_dump_ctx_t * ctx, case PGP_PKA_RSA: case PGP_PKA_RSA_ENCRYPT_ONLY: case PGP_PKA_RSA_SIGN_ONLY: - if (!obj_add_mpi_json(material, "s", &sigmaterial.rsa.s, ctx->dump_mpi)) { + if (!obj_add_mpi_json(material, "s", sigmaterial.rsa.s, ctx->dump_mpi)) { return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE } break; case PGP_PKA_DSA: - if (!obj_add_mpi_json(material, "r", &sigmaterial.dsa.r, ctx->dump_mpi) || - !obj_add_mpi_json(material, "s", &sigmaterial.dsa.s, ctx->dump_mpi)) { + if (!obj_add_mpi_json(material, "r", sigmaterial.dsa.r, ctx->dump_mpi) || + !obj_add_mpi_json(material, "s", sigmaterial.dsa.s, ctx->dump_mpi)) { return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE } break; @@ -1986,15 +1986,15 @@ stream_dump_signature_pkt_json(rnp_dump_ctx_t * ctx, case PGP_PKA_ECDSA: case PGP_PKA_SM2: case PGP_PKA_ECDH: - if (!obj_add_mpi_json(material, "r", &sigmaterial.ecc.r, ctx->dump_mpi) || - !obj_add_mpi_json(material, "s", &sigmaterial.ecc.s, ctx->dump_mpi)) { + if (!obj_add_mpi_json(material, "r", sigmaterial.ecc.r, ctx->dump_mpi) || + !obj_add_mpi_json(material, "s", sigmaterial.ecc.s, ctx->dump_mpi)) { return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE } break; case PGP_PKA_ELGAMAL: case PGP_PKA_ELGAMAL_ENCRYPT_OR_SIGN: - if (!obj_add_mpi_json(material, "r", &sigmaterial.eg.r, ctx->dump_mpi) || - !obj_add_mpi_json(material, "s", &sigmaterial.eg.s, ctx->dump_mpi)) { + if (!obj_add_mpi_json(material, "r", sigmaterial.eg.r, ctx->dump_mpi) || + !obj_add_mpi_json(material, "s", sigmaterial.eg.s, ctx->dump_mpi)) { return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE } break; @@ -2092,24 +2092,24 @@ stream_dump_key_json(rnp_dump_ctx_t *ctx, pgp_source_t *src, json_object *pkt) case PGP_PKA_RSA: case PGP_PKA_RSA_ENCRYPT_ONLY: case PGP_PKA_RSA_SIGN_ONLY: - if (!obj_add_mpi_json(material, "n", &key.material.rsa.n, ctx->dump_mpi) || - !obj_add_mpi_json(material, "e", &key.material.rsa.e, ctx->dump_mpi)) { + if (!obj_add_mpi_json(material, "n", key.material.rsa.n, ctx->dump_mpi) || + !obj_add_mpi_json(material, "e", key.material.rsa.e, ctx->dump_mpi)) { return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE } break; case PGP_PKA_DSA: - if (!obj_add_mpi_json(material, "p", &key.material.dsa.p, ctx->dump_mpi) || - !obj_add_mpi_json(material, "q", &key.material.dsa.q, ctx->dump_mpi) || - !obj_add_mpi_json(material, "g", &key.material.dsa.g, ctx->dump_mpi) || - !obj_add_mpi_json(material, "y", &key.material.dsa.y, ctx->dump_mpi)) { + if (!obj_add_mpi_json(material, "p", key.material.dsa.p, ctx->dump_mpi) || + !obj_add_mpi_json(material, "q", key.material.dsa.q, ctx->dump_mpi) || + !obj_add_mpi_json(material, "g", key.material.dsa.g, ctx->dump_mpi) || + !obj_add_mpi_json(material, "y", key.material.dsa.y, ctx->dump_mpi)) { return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE } break; case PGP_PKA_ELGAMAL: case PGP_PKA_ELGAMAL_ENCRYPT_OR_SIGN: - if (!obj_add_mpi_json(material, "p", &key.material.eg.p, ctx->dump_mpi) || - !obj_add_mpi_json(material, "g", &key.material.eg.g, ctx->dump_mpi) || - !obj_add_mpi_json(material, "y", &key.material.eg.y, ctx->dump_mpi)) { + if (!obj_add_mpi_json(material, "p", key.material.eg.p, ctx->dump_mpi) || + !obj_add_mpi_json(material, "g", key.material.eg.g, ctx->dump_mpi) || + !obj_add_mpi_json(material, "y", key.material.eg.y, ctx->dump_mpi)) { return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE } break; @@ -2117,7 +2117,7 @@ stream_dump_key_json(rnp_dump_ctx_t *ctx, pgp_source_t *src, json_object *pkt) case PGP_PKA_EDDSA: case PGP_PKA_SM2: { const ec_curve_desc_t *cdesc = get_curve_desc(key.material.ec.curve); - if (!obj_add_mpi_json(material, "p", &key.material.ec.p, ctx->dump_mpi)) { + if (!obj_add_mpi_json(material, "p", key.material.ec.p, ctx->dump_mpi)) { return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE } if (!json_add(material, "curve", cdesc ? cdesc->pgp_name : "unknown")) { @@ -2127,7 +2127,7 @@ stream_dump_key_json(rnp_dump_ctx_t *ctx, pgp_source_t *src, json_object *pkt) } case PGP_PKA_ECDH: { const ec_curve_desc_t *cdesc = get_curve_desc(key.material.ec.curve); - if (!obj_add_mpi_json(material, "p", &key.material.ec.p, ctx->dump_mpi)) { + if (!obj_add_mpi_json(material, "p", key.material.ec.p, ctx->dump_mpi)) { return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE } if (!json_add(material, "curve", cdesc ? cdesc->pgp_name : "unknown")) { @@ -2291,24 +2291,24 @@ stream_dump_pk_session_key_json(rnp_dump_ctx_t *ctx, pgp_source_t *src, json_obj case PGP_PKA_RSA: case PGP_PKA_RSA_ENCRYPT_ONLY: case PGP_PKA_RSA_SIGN_ONLY: - if (!obj_add_mpi_json(material, "m", &pkmaterial.rsa.m, ctx->dump_mpi)) { + if (!obj_add_mpi_json(material, "m", pkmaterial.rsa.m, ctx->dump_mpi)) { return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE } break; case PGP_PKA_ELGAMAL: case PGP_PKA_ELGAMAL_ENCRYPT_OR_SIGN: - if (!obj_add_mpi_json(material, "g", &pkmaterial.eg.g, ctx->dump_mpi) || - !obj_add_mpi_json(material, "m", &pkmaterial.eg.m, ctx->dump_mpi)) { + if (!obj_add_mpi_json(material, "g", pkmaterial.eg.g, ctx->dump_mpi) || + !obj_add_mpi_json(material, "m", pkmaterial.eg.m, ctx->dump_mpi)) { return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE } break; case PGP_PKA_SM2: - if (!obj_add_mpi_json(material, "m", &pkmaterial.sm2.m, ctx->dump_mpi)) { + if (!obj_add_mpi_json(material, "m", pkmaterial.sm2.m, ctx->dump_mpi)) { return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE } break; case PGP_PKA_ECDH: - if (!obj_add_mpi_json(material, "p", &pkmaterial.ecdh.p, ctx->dump_mpi) || + if (!obj_add_mpi_json(material, "p", pkmaterial.ecdh.p, ctx->dump_mpi) || !json_add(material, "m.bytes", (int) pkmaterial.ecdh.mlen)) { return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE } diff --git a/src/librepgp/stream-key.cpp b/src/librepgp/stream-key.cpp index 4e1695c3ab..ae31cf9ca6 100644 --- a/src/librepgp/stream-key.cpp +++ b/src/librepgp/stream-key.cpp @@ -1003,23 +1003,23 @@ forget_secret_key_fields(pgp_key_material_t *key) case PGP_PKA_RSA: case PGP_PKA_RSA_ENCRYPT_ONLY: case PGP_PKA_RSA_SIGN_ONLY: - mpi_forget(&key->rsa.d); - mpi_forget(&key->rsa.p); - mpi_forget(&key->rsa.q); - mpi_forget(&key->rsa.u); + key->rsa.d.forget(); + key->rsa.p.forget(); + key->rsa.q.forget(); + key->rsa.u.forget(); break; case PGP_PKA_DSA: - mpi_forget(&key->dsa.x); + key->dsa.x.forget(); break; case PGP_PKA_ELGAMAL: case PGP_PKA_ELGAMAL_ENCRYPT_OR_SIGN: - mpi_forget(&key->eg.x); + key->eg.x.forget(); break; case PGP_PKA_ECDSA: case PGP_PKA_EDDSA: case PGP_PKA_SM2: case PGP_PKA_ECDH: - mpi_forget(&key->ec.x); + key->ec.x.forget(); break; #if defined(ENABLE_CRYPTO_REFRESH) case PGP_PKA_ED25519: diff --git a/src/librepgp/stream-packet.cpp b/src/librepgp/stream-packet.cpp index 8c86aa614b..4ad28dfe01 100644 --- a/src/librepgp/stream-packet.cpp +++ b/src/librepgp/stream-packet.cpp @@ -560,7 +560,7 @@ pgp_packet_body_t::get(pgp_key_id_t &val) noexcept } bool -pgp_packet_body_t::get(pgp_mpi_t &val) noexcept +pgp_packet_body_t::get(pgp::mpi &val) noexcept { uint16_t bits = 0; if (!get(bits)) { @@ -581,7 +581,7 @@ pgp_packet_body_t::get(pgp_mpi_t &val) noexcept } /* check the mpi bit count */ val.len = len; - size_t mbits = mpi_bits(&val); + size_t mbits = val.bits(); if (mbits != bits) { RNP_LOG( "Warning! Wrong mpi bit count: got %" PRIu16 ", but actual is %zu", bits, mbits); @@ -726,7 +726,7 @@ pgp_packet_body_t::add(const pgp_key_id_t &val) } void -pgp_packet_body_t::add(const pgp_mpi_t &val) +pgp_packet_body_t::add(const pgp::mpi &val) { if (!val.len) { throw rnp::rnp_exception(RNP_ERROR_BAD_PARAMETERS); diff --git a/src/librepgp/stream-packet.h b/src/librepgp/stream-packet.h index 8090e2cd9c..a412eb17e9 100644 --- a/src/librepgp/stream-packet.h +++ b/src/librepgp/stream-packet.h @@ -117,7 +117,7 @@ typedef struct pgp_packet_body_t { * @return true on success or false otherwise (if end of the packet is reached * or mpi is ill-formed) **/ - bool get(pgp_mpi_t &val) noexcept; + bool get(pgp::mpi &val) noexcept; /** @brief Read ECC key curve and convert it to pgp_curve_t */ bool get(pgp_curve_t &val) noexcept; /** @brief read s2k from the packet */ @@ -135,7 +135,7 @@ typedef struct pgp_packet_body_t { /** @brief append keyid to the packet body */ void add(const pgp_key_id_t &val); /** @brief add pgp mpi (including header) to the packet body */ - void add(const pgp_mpi_t &val); + void add(const pgp::mpi &val); /** * @brief add pgp signature subpackets (including their length) to the packet body * @param sig signature, containing subpackets diff --git a/src/tests/cipher.cpp b/src/tests/cipher.cpp index b72422943c..616133da13 100644 --- a/src/tests/cipher.cpp +++ b/src/tests/cipher.cpp @@ -162,7 +162,7 @@ TEST_F(rnp_tests, rnp_test_eddsa) assert_rnp_failure(eddsa_verify(&sig, hash, sizeof(hash) - 1, &seckey.material.ec)); // swap r/s -> invalid sig - pgp_mpi_t tmp = sig.r; + pgp::mpi tmp = sig.r; sig.r = sig.s; sig.s = tmp; assert_rnp_failure(eddsa_verify(&sig, hash, sizeof(hash), &seckey.material.ec)); diff --git a/src/tests/key-protect.cpp b/src/tests/key-protect.cpp index db283b61b6..d22960d838 100644 --- a/src/tests/key-protect.cpp +++ b/src/tests/key-protect.cpp @@ -116,10 +116,10 @@ TEST_F(rnp_tests, test_key_protect_load_pgp) assert_false(mpi_empty(key->material().rsa.u)); // save the secret MPIs for some later comparisons - pgp_mpi_t d = key->material().rsa.d; - pgp_mpi_t p = key->material().rsa.p; - pgp_mpi_t q = key->material().rsa.q; - pgp_mpi_t u = key->material().rsa.u; + pgp::mpi d = key->material().rsa.d; + pgp::mpi p = key->material().rsa.p; + pgp::mpi q = key->material().rsa.q; + pgp::mpi u = key->material().rsa.u; // confirm that packets[0] is no longer encrypted { @@ -146,12 +146,12 @@ TEST_F(rnp_tests, test_key_protect_load_pgp) assert_false(mpi_empty(reloaded_key->material().rsa.u)); // compare MPIs of the reloaded key, with the unlocked key from earlier - assert_true(mpi_equal(&key->material().rsa.d, &reloaded_key->material().rsa.d)); - assert_true(mpi_equal(&key->material().rsa.p, &reloaded_key->material().rsa.p)); - assert_true(mpi_equal(&key->material().rsa.q, &reloaded_key->material().rsa.q)); - assert_true(mpi_equal(&key->material().rsa.u, &reloaded_key->material().rsa.u)); + assert_true(key->material().rsa.d == reloaded_key->material().rsa.d); + assert_true(key->material().rsa.p == reloaded_key->material().rsa.p); + assert_true(key->material().rsa.q == reloaded_key->material().rsa.q); + assert_true(key->material().rsa.u == reloaded_key->material().rsa.u); // negative test to try to ensure the above is a valid test - assert_false(mpi_equal(&key->material().rsa.d, &reloaded_key->material().rsa.p)); + assert_false(key->material().rsa.d == reloaded_key->material().rsa.p); // lock it assert_true(reloaded_key->lock()); @@ -166,10 +166,10 @@ TEST_F(rnp_tests, test_key_protect_load_pgp) assert_true(reloaded_key->unlock(pprov)); assert_false(reloaded_key->is_locked()); // compare MPIs of the reloaded key, with the unlocked key from earlier - assert_true(mpi_equal(&key->material().rsa.d, &reloaded_key->material().rsa.d)); - assert_true(mpi_equal(&key->material().rsa.p, &reloaded_key->material().rsa.p)); - assert_true(mpi_equal(&key->material().rsa.q, &reloaded_key->material().rsa.q)); - assert_true(mpi_equal(&key->material().rsa.u, &reloaded_key->material().rsa.u)); + assert_true(key->material().rsa.d == reloaded_key->material().rsa.d); + assert_true(key->material().rsa.p == reloaded_key->material().rsa.p); + assert_true(key->material().rsa.q == reloaded_key->material().rsa.q); + assert_true(key->material().rsa.u == reloaded_key->material().rsa.u); delete ks; } @@ -212,10 +212,10 @@ TEST_F(rnp_tests, test_key_protect_load_pgp) assert_false(key->is_locked()); // compare secret MPIs with those from earlier - assert_true(mpi_equal(&key->material().rsa.d, &d)); - assert_true(mpi_equal(&key->material().rsa.p, &p)); - assert_true(mpi_equal(&key->material().rsa.q, &q)); - assert_true(mpi_equal(&key->material().rsa.u, &u)); + assert_true(key->material().rsa.d == d); + assert_true(key->material().rsa.p == p); + assert_true(key->material().rsa.q == q); + assert_true(key->material().rsa.u == u); // cleanup delete key; diff --git a/src/tests/support.cpp b/src/tests/support.cpp index 08c3b41779..1f6bc32bf2 100644 --- a/src/tests/support.cpp +++ b/src/tests/support.cpp @@ -367,10 +367,10 @@ bin_eq_hex(const uint8_t *data, size_t len, const char *val) } bool -hex2mpi(pgp_mpi_t *val, const char *hex) +hex2mpi(pgp::mpi *val, const char *hex) { auto hexbin = rnp::hex_to_bin(hex); - return mem2mpi(val, hexbin.data(), hexbin.size()); + return val->from_mem(hexbin.data(), hexbin.size()); } bool @@ -396,9 +396,9 @@ test_ffi_init(rnp_ffi_t *ffi) } bool -mpi_empty(const pgp_mpi_t &val) +mpi_empty(const pgp::mpi &val) { - pgp_mpi_t zero{}; + pgp::mpi zero{}; return (val.len == 0) && !memcmp(val.mpi, zero.mpi, PGP_MPINT_SIZE); } diff --git a/src/tests/support.h b/src/tests/support.h index 36ecd7888f..62a04422db 100644 --- a/src/tests/support.h +++ b/src/tests/support.h @@ -121,7 +121,7 @@ void clean_temp_dir(const char *path); /* check whether bin value is equals hex string */ bool bin_eq_hex(const uint8_t *data, size_t len, const char *val); -bool hex2mpi(pgp_mpi_t *val, const char *hex); +bool hex2mpi(pgp::mpi *val, const char *hex); /* check whether key id is equal to hex string */ bool cmp_keyid(const pgp_key_id_t &id, const std::string &val); @@ -131,7 +131,7 @@ bool cmp_keyfp(const pgp_fingerprint_t &fp, const std::string &val); void test_ffi_init(rnp_ffi_t *ffi); -bool mpi_empty(const pgp_mpi_t &val); +bool mpi_empty(const pgp::mpi &val); bool write_pass_to_pipe(int fd, size_t count); /* Setup readable pipe with default password inside */