QuasarApp/easyssl
4
1
Fork 0
mirror of https://github.com/QuasarApp/easyssl.git synced 2025-04-26 13:04:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix generate keys (ecdsa)

Browse Source
This commit is contained in:
Andrei Yankovich 2023-07-16 11:56:11 +02:00
parent 73ed5b9b82
commit b0d1dd5a94
3 changed files with 98 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
src/lib/src/public/easyssl/ecdsassl.cpp
View File

@ -20,25 +20,39 @@
#include <easysslutils.h>
#include <QDebug>
#include <openssl/pem.h>
#include <openssl/core_names.h>
namespace EasySSL {
ECDSASSL::ECDSASSL() {}
ECDSASSL::ECDSASSL(EllipticCurveStandart curveStandart) {
setCurve(curveStandart);
}
EVP_PKEY * ECDSASSL::makeRawKeys() const {
EVP_PKEY *pkey = nullptr;
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(nullptr, "EC", nullptr);
if (!pctx) {
qCritical() << "Error reading public key";
EasySSLUtils::printlastOpenSSlError();
return nullptr;
}
EVP_PKEY_keygen_init(pctx);
OSSL_PARAM params[2];
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
const_cast<char*>(getCStr(_curve)),
0);
params[1] = OSSL_PARAM_construct_end();
EVP_PKEY_CTX_set_params(pctx, params);
EVP_PKEY_generate(pctx, &pkey);
EVP_PKEY_CTX_free(pctx);
if (!pkey) {
EasySSLUtils::printlastOpenSSlError();
return nullptr;
}
return pkey;
}
@ -61,6 +75,7 @@ QByteArray ECDSASSL::signMessage(const QByteArray &inputData,
if (!ecPrivateKey) {
qCritical() << "Error reading private key";
EasySSLUtils::printlastOpenSSlError();
return {};
}
@ -71,6 +86,8 @@ QByteArray ECDSASSL::signMessage(const QByteArray &inputData,
// Initialize the signing operation
if (EVP_DigestSignInit(mdctx, nullptr, EVP_sha256(), nullptr, ecPrivateKey) != 1) {
EasySSLUtils::printlastOpenSSlError();
EVP_MD_CTX_free(mdctx);
return {};
}
@ -80,6 +97,8 @@ QByteArray ECDSASSL::signMessage(const QByteArray &inputData,
// Provide the message to be signed
if (EVP_DigestSignUpdate(mdctx, hash.data(), hash.size()) != 1) {
EasySSLUtils::printlastOpenSSlError();
EVP_MD_CTX_free(mdctx);
return {};
}
@ -87,6 +106,8 @@ QByteArray ECDSASSL::signMessage(const QByteArray &inputData,
size_t signatureLength = 0;
// Determine the length of the signature
if (EVP_DigestSignFinal(mdctx, nullptr, &signatureLength) != 1) {
EasySSLUtils::printlastOpenSSlError();
EVP_MD_CTX_free(mdctx);
return {};
}
@ -95,6 +116,8 @@ QByteArray ECDSASSL::signMessage(const QByteArray &inputData,
// Perform the final signing operation and obtain the signature
if (EVP_DigestSignFinal(mdctx, reinterpret_cast<unsigned char*>(signature.data()), &signatureLength) != 1) {
EasySSLUtils::printlastOpenSSlError();
EVP_MD_CTX_free(mdctx);
return {};
}
@ -119,6 +142,8 @@ bool ECDSASSL::checkSign(const QByteArray &inputData,
// Initialize the verification operation
if (EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, rsaPublickKey) != 1) {
EasySSLUtils::printlastOpenSSlError();
EVP_MD_CTX_free(mdctx);
return false;
}
@ -128,6 +153,8 @@ bool ECDSASSL::checkSign(const QByteArray &inputData,
// Provide the message to be verified
if (EVP_DigestVerifyUpdate(mdctx, hash.data(), hash.size()) != 1) {
EasySSLUtils::printlastOpenSSlError();
EVP_MD_CTX_free(mdctx);
return false;
}
@ -151,4 +178,24 @@ QByteArray ECDSASSL::encrypt(const QByteArray &, const QByteArray &) {
return {};
}
ECDSASSL::EllipticCurveStandart ECDSASSL::curve() const {
return _curve;
}
void ECDSASSL::setCurve(EllipticCurveStandart newCurve) {
_curve = newCurve;
}
const char *ECDSASSL::getCStr(EllipticCurveStandart value) const {
switch (value) {
case P_256: return "P-256";
case P_384: return "P-384";
case P_521: return "P-521";
case X448: return "X448";
case X25519: return "X25519";
default: return nullptr;
}
}
}

33
src/lib/src/public/easyssl/ecdsassl.h
View File

@ -19,9 +19,24 @@ namespace EasySSL {
*/
class EASYSSL_EXPORT ECDSASSL: public EasySSL::ICrypto
{
/**
* @brief The EllipticCurveStandart enum List of supported Elliptic Curve Standarts
*/
enum EllipticCurveStandart {
/// Private key (point on Elliptic Curve ) based on 256 bit prime number
P_256,
/// Private key (point on Elliptic Curve ) based on 384 bit prime number
P_384,
/// Private key (point on Elliptic Curve ) based on 521 bit prime number
P_521,
/// based on elliptic curve potentially offering 224 bits of security and designed for use with the elliptic-curve DiffieHellman (ECDH) key agreement scheme
X448,
/// base on an elliptic curve used in elliptic-curve cryptography (ECC) offering 128 bits of security (256-bit key size) and designed for use with the elliptic curve DiffieHellman (ECDH) key agreement scheme. It is one of the fastest curves in ECC, and is not covered by any known patents.
X25519
};
public:
ECDSASSL();
ECDSASSL(EllipticCurveStandart curveStandart = EllipticCurveStandart::P_256);
EVP_PKEY * makeRawKeys() const override;
Features supportedFeatures() const override;
QSsl::KeyAlgorithm keyAlgorithm() const override;
@ -41,6 +56,22 @@ public:
*/
QByteArray encrypt(const QByteArray &message, const QByteArray &key) override;
/**
* @brief curve This method return current curve method. using only for generate new pair keys.
* @return current cursve type.
* @see EllipticCurveStandart
*/
EllipticCurveStandart curve() const;
/**
* @brief setCurve This method sets new curve standart value.
* @param newCurve this is new value of curve standart.
*/
void setCurve(EllipticCurveStandart newCurve);
private:
const char *getCStr(EllipticCurveStandart value) const;
EllipticCurveStandart _curve = EllipticCurveStandart::P_256;
};
}

19
src/lib/src/public/easyssl/rsassl.cpp
View File

@ -54,6 +54,7 @@ QByteArray RSASSL::signMessage(const QByteArray &inputData, const QByteArray &ke
if (!rsaPrivateKey) {
qCritical() << "Error reading private key";
EasySSLUtils::printlastOpenSSlError();
return {};
}
@ -64,6 +65,7 @@ QByteArray RSASSL::signMessage(const QByteArray &inputData, const QByteArray &ke
// Initialize the signing operation
if (EVP_DigestSignInit(mdctx, nullptr, EVP_sha256(), nullptr, rsaPrivateKey) != 1) {
EasySSLUtils::printlastOpenSSlError();
EVP_MD_CTX_free(mdctx);
return {};
}
@ -73,6 +75,7 @@ QByteArray RSASSL::signMessage(const QByteArray &inputData, const QByteArray &ke
// Provide the message to be signed
if (EVP_DigestSignUpdate(mdctx, hash.data(), hash.size()) != 1) {
EasySSLUtils::printlastOpenSSlError();
EVP_MD_CTX_free(mdctx);
return {};
}
@ -80,6 +83,7 @@ QByteArray RSASSL::signMessage(const QByteArray &inputData, const QByteArray &ke
size_t signatureLength = 0;
// Determine the length of the signature
if (EVP_DigestSignFinal(mdctx, nullptr, &signatureLength) != 1) {
EasySSLUtils::printlastOpenSSlError();
EVP_MD_CTX_free(mdctx);
return {};
}
@ -88,6 +92,7 @@ QByteArray RSASSL::signMessage(const QByteArray &inputData, const QByteArray &ke
// Perform the final signing operation and obtain the signature
if (EVP_DigestSignFinal(mdctx, reinterpret_cast<unsigned char*>(signature.data()), &signatureLength) != 1) {
EasySSLUtils::printlastOpenSSlError();
EVP_MD_CTX_free(mdctx);
return {};
}
@ -108,6 +113,7 @@ bool RSASSL::checkSign(const QByteArray &inputData, const QByteArray &signature,
// Initialize the verification operation
if (EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, rsaPublickKey) != 1) {
EasySSLUtils::printlastOpenSSlError();
EVP_MD_CTX_free(mdctx);
return false;
}
@ -117,6 +123,7 @@ bool RSASSL::checkSign(const QByteArray &inputData, const QByteArray &signature,
// Provide the message to be verified
if (EVP_DigestVerifyUpdate(mdctx, hash.data(), hash.size()) != 1) {
EasySSLUtils::printlastOpenSSlError();
EVP_MD_CTX_free(mdctx);
return false;
}
@ -137,8 +144,9 @@ QByteArray RSASSL::decrypt(const QByteArray &message, const QByteArray &key) {
auto rsaPrivateKey = PEM_read_bio_PrivateKey(pkey, nullptr, nullptr, nullptr);
BIO_free(pkey);
if (!rsaPrivateKey) {
if (!rsaPrivateKey) {
qCritical() << "Error reading private key";
EasySSLUtils::printlastOpenSSlError();
return {};
}
@ -158,12 +166,15 @@ QByteArray RSASSL::decrypt(const QByteArray &message, const QByteArray &key) {
}
if (EVP_PKEY_decrypt_init(ctx) <= 0) {
EasySSLUtils::printlastOpenSSlError();
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(rsaPrivateKey);
EVP_PKEY_free(rsaPrivateKey);
return {};
}
if (EVP_PKEY_CTX_set_rsa_padding(ctx, getRawOpenSSLPandingValue(_padding)) <= 0) {
EasySSLUtils::printlastOpenSSlError();
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(rsaPrivateKey);
return {};
@ -203,22 +214,26 @@ QByteArray RSASSL::encrypt(const QByteArray &message, const QByteArray &key) {
if (!rsaPublicKey) {
qCritical() << "Error reading public key";
EasySSLUtils::printlastOpenSSlError();
return {};
}
EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(rsaPublicKey, nullptr);
if (ctx == nullptr) {
EasySSLUtils::printlastOpenSSlError();
EVP_PKEY_free(rsaPublicKey);
return {};
}
if (EVP_PKEY_encrypt_init(ctx) <= 0) {
EasySSLUtils::printlastOpenSSlError();
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(rsaPublicKey);
return {};
}
if (EVP_PKEY_CTX_set_rsa_padding(ctx, getRawOpenSSLPandingValue(_padding)) <= 0) {
EasySSLUtils::printlastOpenSSlError();
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(rsaPublicKey);
return {};