Browse Source

use EVP_PKEY for signing

pull/2108/head
orignal 2 months ago
parent
commit
88a5f8b125
  1. 45
      libi2pd/Family.cpp

45
libi2pd/Family.cpp

@ -136,34 +136,29 @@ namespace data
if (ret) if (ret)
{ {
SSL * ssl = SSL_new (ctx); SSL * ssl = SSL_new (ctx);
EVP_PKEY * pkey = SSL_get_privatekey (ssl); auto pkey = SSL_get_privatekey (ssl);
EC_KEY * ecKey = EVP_PKEY_get1_EC_KEY (pkey); if (pkey)
if (ecKey)
{ {
auto group = EC_KEY_get0_group (ecKey); uint8_t buf[100], signature[128];
if (group) size_t len = family.length ();
memcpy (buf, family.c_str (), len);
memcpy (buf + len, (const uint8_t *)ident, 32);
len += 32;
size_t l = 128;
EVP_MD_CTX * mdctx = EVP_MD_CTX_create ();
EVP_DigestSignInit (mdctx, NULL, NULL, NULL, pkey);
if (EVP_DigestSign (mdctx, signature, &l, buf, len))
{ {
int curve = EC_GROUP_get_curve_name (group); len = Base64EncodingBufferSize (l);
if (curve == NID_X9_62_prime256v1) char * b64 = new char[len+1];
{ len = ByteStreamToBase64 (signature, l, b64, len);
uint8_t signingPrivateKey[32], buf[50], signature[64]; b64[len] = 0;
i2p::crypto::bn2buf (EC_KEY_get0_private_key (ecKey), signingPrivateKey, 32); sig = b64;
i2p::crypto::ECDSAP256Signer signer (signingPrivateKey); delete[] b64;
size_t len = family.length ();
memcpy (buf, family.c_str (), len);
memcpy (buf + len, (const uint8_t *)ident, 32);
len += 32;
signer.Sign (buf, len, signature);
len = Base64EncodingBufferSize (64);
char * b64 = new char[len+1];
len = ByteStreamToBase64 (signature, 64, b64, len);
b64[len] = 0;
sig = b64;
delete[] b64;
}
else
LogPrint (eLogWarning, "Family: elliptic curve ", curve, " is not supported");
} }
else
LogPrint (eLogError, "Family: signing failed");
EVP_MD_CTX_destroy (mdctx);
} }
SSL_free (ssl); SSL_free (ssl);
} }

Loading…
Cancel
Save