Merge bn.h and ossl_common.h to ossl_utils.hpp, and remove unused code.

rnpgp · Nov 28, 2024 · fd15512 · fd15512
1 parent 9be8d3c
commit fd15512
Show file tree

Hide file tree

Showing 14 changed files with 30 additions and 205 deletions.
diff --git a/src/lib/CMakeLists.txt b/src/lib/CMakeLists.txt
@@ -241,7 +241,6 @@ configure_file(config.h.in config.h)
 
 if(CRYPTO_BACKEND_OPENSSL)
   set(CRYPTO_SOURCES
-    crypto/bn_ossl.cpp
     crypto/dsa_common.cpp
     crypto/dsa_ossl.cpp
     crypto/ec_curves.cpp

diff --git a/src/lib/crypto/backend_version.cpp b/src/lib/crypto/backend_version.cpp
@@ -31,7 +31,6 @@
 #elif defined(CRYPTO_BACKEND_OPENSSL)
 #include <openssl/opensslv.h>
 #include <openssl/crypto.h>
-#include "ossl_common.h"
 #if defined(CRYPTO_BACKEND_OPENSSL3)
 #include <openssl/provider.h>
 #endif

diff --git a/src/lib/crypto/bn_ossl.cpp b/src/lib/crypto/bn_ossl.cpp
diff --git a/src/lib/crypto/dl_ossl.cpp b/src/lib/crypto/dl_ossl.cpp
@@ -27,10 +27,9 @@
 #include <cstdlib>
 #include <string>
 #include <cassert>
-#include "bn.h"
 #include "dl_ossl.h"
-#include "ossl_common.h"
 #include "utils.h"
+#include "ossl_utils.hpp"
 #include <openssl/dh.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
@@ -206,7 +205,8 @@ dl_validate_key(rnp::ossl::evp::PKey &pkey, const pgp::mpi *x)
     }
     int res = EVP_PKEY_param_check(ctx.get());
     if (res < 0) {
-        RNP_LOG("Param validation error: %lu (%s)", ERR_peek_last_error(), ossl_latest_err());
+        RNP_LOG(
+          "Param validation error: %lu (%s)", ERR_peek_last_error(), rnp::ossl::latest_err());
     }
     if (res < 1) {
         /* ElGamal specification doesn't seem to restrict P to the safe prime */

diff --git a/src/lib/crypto/dl_ossl.h b/src/lib/crypto/dl_ossl.h
@@ -27,12 +27,9 @@
 #ifndef DL_OSSL_H_
 #define DL_OSSL_H_
 
-#include "types.h"
-#include "config.h"
-#include <rnp/rnp_def.h>
 #include "mpi.h"
-#include "bn.h"
-#include <openssl/evp.h>
+#include <rnp/rnp_def.h>
+#include "ossl_utils.hpp"
 
 rnp::ossl::evp::PKey dl_load_key(const pgp::mpi &mp,
                                  const pgp::mpi *mq,

diff --git a/src/lib/crypto/dsa_ossl.cpp b/src/lib/crypto/dsa_ossl.cpp
@@ -27,7 +27,6 @@
 #include <stdlib.h>
 #include <string.h>
 #include <rnp/rnp_def.h>
-#include "bn.h"
 #include "dsa.h"
 #include "dl_ossl.h"
 #include "utils.h"

diff --git a/src/lib/crypto/ec_ossl.cpp b/src/lib/crypto/ec_ossl.cpp
@@ -28,11 +28,10 @@
 #include <cassert>
 #include "ec.h"
 #include "ec_ossl.h"
-#include "bn.h"
-#include "ossl_common.h"
 #include "types.h"
 #include "mem.h"
 #include "utils.h"
+#include "ossl_utils.hpp"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/err.h>
@@ -297,7 +296,7 @@ load_key(const pgp::mpi &keyp, const pgp::mpi *keyx, pgp_curve_t curve)
         /* LCOV_EXCL_START */
         RNP_LOG("Failed to create EC key with group %s: %s",
                 curv_desc->openssl_name,
-                ossl_latest_err());
+                rnp::ossl::latest_err());
         return NULL;
         /* LCOV_EXCL_END */
     }

diff --git a/src/lib/crypto/ec_ossl.h b/src/lib/crypto/ec_ossl.h
@@ -30,7 +30,7 @@
 #include "types.h"
 #include "ec.h"
 #include <openssl/evp.h>
-#include "bn.h"
+#include "ossl_utils.hpp"
 
 namespace pgp {
 namespace ec {

diff --git a/src/lib/crypto/ecdsa_ossl.cpp b/src/lib/crypto/ecdsa_ossl.cpp
@@ -27,7 +27,6 @@
 #include "ecdsa.h"
 #include "utils.h"
 #include <string.h>
-#include "bn.h"
 #include "ec_ossl.h"
 #include <openssl/evp.h>
 #include <openssl/err.h>

diff --git a/src/lib/crypto/eddsa_ossl.cpp b/src/lib/crypto/eddsa_ossl.cpp
@@ -30,7 +30,7 @@
 #include "ec.h"
 #include "ec_ossl.h"
 #include "utils.h"
-#include "bn.h"
+#include "ossl_utils.hpp"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/err.h>

diff --git a/src/lib/crypto/elgamal_ossl.cpp b/src/lib/crypto/elgamal_ossl.cpp
@@ -31,8 +31,8 @@
 #include "elgamal.h"
 #include "dl_ossl.h"
 #include "utils.h"
-#include "bn.h"
 #include "mem.h"
+#include "ossl_utils.hpp"
 #include <openssl/bn.h>
 #include <openssl/dh.h>
 #include <openssl/err.h>

diff --git a/src/lib/crypto/ossl_common.h b/src/lib/crypto/ossl_common.h
diff --git a/src/lib/crypto/bn.h → src/lib/crypto/ossl_utils.hpp b/src/lib/crypto/bn.h → src/lib/crypto/ossl_utils.hpp
@@ -24,18 +24,17 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#ifndef RNP_BN_H_
-#define RNP_BN_H_
+#ifndef RNP_OSSL_UTILS_HPP_
+#define RNP_OSSL_UTILS_HPP_
 
-#include <stdio.h>
-#include <stdint.h>
+#include <cstdio>
+#include <cstdint>
 #include "config.h"
 #include "mpi.h"
-
-#if defined(CRYPTO_BACKEND_OPENSSL)
 #include <cassert>
 #include <openssl/bn.h>
 #include <openssl/evp.h>
+#include <openssl/err.h>
 #if defined(CRYPTO_BACKEND_OPENSSL3)
 #include <openssl/core_names.h>
 #include <openssl/param_build.h>
@@ -45,28 +44,6 @@
 #include <openssl/ec.h>
 #endif
 
-#define bignum_t BIGNUM
-#elif defined(CRYPTO_BACKEND_BOTAN)
-#else
-#error "Unknown crypto backend."
-#endif
-
-#if defined(CRYPTO_BACKEND_OPENSSL)
-bignum_t *bn_new(void);
-void      bn_free(bignum_t * /*a*/);
-
-int bn_bn2bin(const bignum_t * /*a*/, unsigned char * /*b*/);
-
-bignum_t *mpi2bn(const pgp::mpi *val);
-
-bignum_t *mpi2bn(const pgp::mpi &val);
-
-bool bn2mpi(const bignum_t *bn, pgp::mpi *val);
-
-bool bn2mpi(const bignum_t *bn, pgp::mpi &val);
-
-size_t bn_num_bytes(const bignum_t &a);
-
 namespace rnp {
 class bn {
     BIGNUM *      _bn;
@@ -130,24 +107,11 @@ class bn {
         return c_get();
     }
 
-    void
-    set(BIGNUM *val = NULL) noexcept
-    {
-        BN_free(_bn);
-        _bn = val;
-    }
-
-    void
-    set(const pgp::mpi &val) noexcept
-    {
-        BN_free(_bn);
-        _bn = mpi2bn(&val);
-    }
-
     BIGNUM **
     ptr() noexcept
     {
-        set();
+        BN_free(_bn);
+        _bn = NULL;
         return &_bn;
     }
 
@@ -637,9 +601,15 @@ class ParamBld {
     }
 };
 #endif
+
+inline const char *
+latest_err()
+{
+    return ERR_error_string(ERR_peek_last_error(), NULL);
+}
+
 } // namespace ossl
 
 } // namespace rnp
-#endif
 
-#endif
+#endif
diff --git a/src/lib/crypto/rsa_ossl.cpp b/src/lib/crypto/rsa_ossl.cpp
@@ -30,8 +30,7 @@
 #include "crypto/rsa.h"
 #include "config.h"
 #include "utils.h"
-#include "bn.h"
-#include "ossl_common.h"
+#include "ossl_utils.hpp"
 #include <openssl/rsa.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
@@ -276,13 +275,13 @@ Key::validate(rnp::RNG &rng, bool secret) const noexcept
         rnp::ossl::evp::Ctx ctx(init_context(*this, secret));
         if (!ctx) {
             /* LCOV_EXCL_START */
-            RNP_LOG("Failed to init context: %s", ossl_latest_err());
+            RNP_LOG("Failed to init context: %s", rnp::ossl::latest_err());
             return RNP_ERROR_GENERIC;
             /* LCOV_EXCL_END */
         }
         int res = EVP_PKEY_check(ctx.get());
         if (res <= 0) {
-            RNP_LOG("Key validation error: %s", ossl_latest_err()); // LCOV_EXCL_LINE
+            RNP_LOG("Key validation error: %s", rnp::ossl::latest_err()); // LCOV_EXCL_LINE
         }
         return res > 0 ? RNP_SUCCESS : RNP_ERROR_GENERIC;
     }
@@ -335,7 +334,7 @@ setup_signature_hash(rnp::ossl::evp::Ctx &ctx,
     }
     if (EVP_PKEY_CTX_set_signature_md(ctx.get(), hash_tp) <= 0) {
         if ((hash_alg != PGP_HASH_SHA1)) {
-            RNP_LOG("Failed to set digest %s: %s", hash_name, ossl_latest_err());
+            RNP_LOG("Failed to set digest %s: %s", hash_name, rnp::ossl::latest_err());
             return false;
         }
         enc = &PKCS1_SHA1_ENCODING[0];
@@ -412,7 +411,7 @@ Key::verify_pkcs1(const Signature &sig,
         res = EVP_PKEY_verify(ctx.get(), sig.s.mpi, sig.s.len, hash, hash_len);
     }
     if (res <= 0) {
-        RNP_LOG("RSA verification failure: %s", ossl_latest_err());
+        RNP_LOG("RSA verification failure: %s", rnp::ossl::latest_err());
         return RNP_ERROR_SIGNATURE_INVALID;
     }
     return RNP_SUCCESS;