Files
itgmania212121/stepmania/src/CryptManager.cpp
T

445 lines
11 KiB
C++
Raw Normal View History

2004-02-15 04:47:32 +00:00
#include "global.h"
#include "CryptManager.h"
#include "RageUtil.h"
#include "RageLog.h"
2005-09-03 21:26:04 +00:00
#include "RageFile.h"
#include "PrefsManager.h"
2004-05-22 19:50:16 +00:00
#include "RageFileManager.h"
2007-01-24 07:36:25 +00:00
#include "libtomcrypt/src/headers/tomcrypt.h"
2005-04-27 01:17:47 +00:00
CryptManager* CRYPTMAN = NULL; // global and accessable from anywhere in our program
2006-01-22 01:00:06 +00:00
static const RString PRIVATE_KEY_PATH = "Data/private.rsa";
static const RString PUBLIC_KEY_PATH = "Data/public.rsa";
static const RString ALTERNATE_PUBLIC_KEY_DIR = "Data/keys/";
2005-04-27 01:17:47 +00:00
2007-01-24 09:39:55 +00:00
static bool HashFile( RageFile &f, unsigned char buf_hash[20], int iHash )
{
hash_state hash;
int iRet = hash_descriptor[iHash].init( &hash );
ASSERT_M( iRet == CRYPT_OK, error_to_string(iRet) );
RString s;
while( !f.AtEOF() )
{
if( f.Read(s, 1024*4) == -1 )
{
LOG->Warn( "Error reading %s: %s", f.GetPath().c_str(), f.GetError().c_str() );
hash_descriptor[iHash].done( &hash, buf_hash );
return false;
}
iRet = hash_descriptor[iHash].process( &hash, (const unsigned char *) s.data(), s.size() );
ASSERT_M( iRet == CRYPT_OK, error_to_string(iRet) );
}
iRet = hash_descriptor[iHash].done( &hash, buf_hash );
ASSERT_M( iRet == CRYPT_OK, error_to_string(iRet) );
return true;
}
2007-01-24 09:38:51 +00:00
#if defined(DISABLE_CRYPTO)
2005-04-27 01:17:47 +00:00
CryptManager::CryptManager() { }
CryptManager::~CryptManager() { }
2006-01-22 01:00:06 +00:00
void CryptManager::GenerateRSAKey( unsigned int keyLength, RString privFilename, RString pubFilename, RString seed ) { }
void CryptManager::SignFileToFile( RString sPath, RString sSignatureFile ) { }
bool CryptManager::VerifyFileWithFile( RString sPath, RString sSignatureFile, RString sPublicKeyFile ) { return true; }
bool CryptManager::VerifyFileWithFile( RString sPath, RString sSignatureFile )
2005-04-27 01:17:47 +00:00
{
return true;
}
2006-12-20 23:17:57 +00:00
void CryptManager::GetRandomBytes( void *pData, int iBytes )
{
uint8_t *pBuf = (uint8_t *) pData;
while( iBytes-- )
*pBuf++ = (uint8_t) RandomInt( 256 );
}
2005-04-27 01:17:47 +00:00
#else
2004-02-15 04:47:32 +00:00
2004-02-17 22:25:13 +00:00
static const int KEY_LENGTH = 1024;
2004-05-22 19:50:16 +00:00
#define MAX_SIGNATURE_SIZE_BYTES 1024 // 1 KB
2004-02-17 22:25:13 +00:00
2007-01-24 07:36:25 +00:00
/*
openssl genrsa -out testing -outform DER
openssl rsa -in testing -out testing2 -outform DER
openssl rsa -in testing -out testing2 -pubout -outform DER
openssl pkcs8 -inform DER -outform DER -nocrypt -in private.rsa -out private.der
*
*/
2007-01-24 07:39:19 +00:00
class PRNGWrapper
2007-01-24 07:36:25 +00:00
{
public:
2007-01-24 07:39:19 +00:00
PRNGWrapper( const struct ltc_prng_descriptor *pPRNGDescriptor )
2007-01-24 07:36:25 +00:00
{
m_iPRNG = register_prng( pPRNGDescriptor );
ASSERT( m_iPRNG >= 0 );
int iRet = rng_make_prng( 128, m_iPRNG, &m_PRNG, NULL );
ASSERT_M( iRet == CRYPT_OK, error_to_string(iRet) );
}
2007-01-24 07:39:19 +00:00
~PRNGWrapper()
2007-01-24 07:36:25 +00:00
{
if( m_iPRNG != -1 )
prng_descriptor[m_iPRNG].done( &m_PRNG );
}
void AddEntropy( const RString &sBuf )
{
int iRet = prng_descriptor[m_iPRNG].add_entropy( (const unsigned char *) sBuf.data(), sBuf.size(), &m_PRNG );
ASSERT_M( iRet == CRYPT_OK, error_to_string(iRet) );
iRet = prng_descriptor[m_iPRNG].ready( &m_PRNG );
ASSERT_M( iRet == CRYPT_OK, error_to_string(iRet) );
}
int m_iPRNG;
prng_state m_PRNG;
};
2007-01-24 07:39:19 +00:00
static PRNGWrapper *g_pPRNG = NULL;
2007-01-24 07:36:25 +00:00
2007-01-24 07:39:19 +00:00
class RSAKeyWrapper
2007-01-24 07:36:25 +00:00
{
public:
2007-01-24 07:39:19 +00:00
RSAKeyWrapper()
2007-01-24 07:36:25 +00:00
{
}
2007-01-24 07:39:19 +00:00
~RSAKeyWrapper()
2007-01-24 07:36:25 +00:00
{
rsa_free( &m_Key );
}
2007-01-24 07:39:19 +00:00
void Generate( PRNGWrapper &prng, int iKeyLenBits )
2007-01-24 07:36:25 +00:00
{
int iRet = rsa_make_key( &prng.m_PRNG, prng.m_iPRNG, iKeyLenBits / 8, 65537, &m_Key );
2007-01-24 07:39:19 +00:00
ASSERT( iRet == CRYPT_OK );
2007-01-24 07:36:25 +00:00
}
bool Load( const RString &sKey )
{
int iRet = rsa_import( (const unsigned char *) sKey.data(), sKey.size(), &m_Key );
if( iRet != CRYPT_OK )
{
LOG->Warn( "Error loading RSA Key: %s", error_to_string(iRet) );
return false;
}
return true;
}
rsa_key m_Key;
};
CryptManager::CryptManager()
{
2007-01-24 07:36:25 +00:00
ltc_mp = ltm_desc;
2007-01-24 07:39:19 +00:00
g_pPRNG = new PRNGWrapper( &yarrow_desc );
2007-01-24 07:36:25 +00:00
//
// generate keys if none are available
//
2004-05-13 06:02:32 +00:00
if( PREFSMAN->m_bSignProfileData )
2004-02-20 02:28:23 +00:00
{
2004-05-13 06:02:32 +00:00
if( !DoesFileExist(PRIVATE_KEY_PATH) || !DoesFileExist(PUBLIC_KEY_PATH) )
{
LOG->Warn( "Keys missing. Generating new keys" );
GenerateRSAKey( KEY_LENGTH, PRIVATE_KEY_PATH, PUBLIC_KEY_PATH, "aoksdjaksd" );
FlushDirCache();
}
2004-02-20 02:28:23 +00:00
}
}
2004-02-15 04:47:32 +00:00
CryptManager::~CryptManager()
{
2007-01-24 07:36:25 +00:00
SAFE_DELETE( g_pPRNG );
}
2004-02-15 04:47:32 +00:00
2006-01-22 01:00:06 +00:00
static bool WriteFile( RString sFile, RString sBuf )
{
RageFile output;
if( !output.Open(sFile, RageFile::WRITE) )
{
LOG->Warn( "WriteFile: opening %s failed: %s", sFile.c_str(), output.GetError().c_str() );
return false;
}
if( output.Write(sBuf) == -1 || output.Flush() == -1 )
{
LOG->Warn( "WriteFile: writing %s failed: %s", sFile.c_str(), output.GetError().c_str() );
output.Close();
FILEMAN->Remove( sFile );
return false;
}
return true;
}
2006-01-22 01:00:06 +00:00
void CryptManager::GenerateRSAKey( unsigned int keyLength, RString privFilename, RString pubFilename, RString seed )
2004-02-15 04:47:32 +00:00
{
ASSERT( PREFSMAN->m_bSignProfileData );
2007-01-24 07:36:25 +00:00
g_pPRNG->AddEntropy( seed );
int iRet;
2007-01-24 07:36:25 +00:00
rsa_key key;
iRet = rsa_make_key( &g_pPRNG->m_PRNG, g_pPRNG->m_iPRNG, keyLength / 8, 65537, &key );
if( iRet != CRYPT_OK )
{
LOG->Warn( "GenerateRSAKey(%i) error: %s", keyLength, error_to_string(iRet) );
return;
}
unsigned char buf[1024];
unsigned long iSize = sizeof(buf);
iRet = rsa_export( buf, &iSize, PK_PUBLIC, &key );
if( iRet != CRYPT_OK )
{
LOG->Warn( "Export error: %s", error_to_string(iRet) );
return;
2007-01-24 07:36:25 +00:00
}
RString sPubKey( (const char *) buf, iSize );
iSize = sizeof(buf);
iRet = rsa_export( buf, &iSize, PK_PRIVATE, &key );
if( iRet != CRYPT_OK )
{
LOG->Warn( "Export error: %s", error_to_string(iRet) );
return;
}
RString sPrivKey( (const char *) buf, iSize );
if( !WriteFile(pubFilename, sPubKey) )
return;
if( !WriteFile(privFilename, sPrivKey) )
{
FILEMAN->Remove( privFilename );
return;
}
2004-02-15 04:47:32 +00:00
}
2006-01-22 01:00:06 +00:00
void CryptManager::SignFileToFile( RString sPath, RString sSignatureFile )
2004-02-15 04:47:32 +00:00
{
ASSERT( PREFSMAN->m_bSignProfileData );
2006-01-22 01:00:06 +00:00
RString sPrivFilename = PRIVATE_KEY_PATH;
RString sMessageFilename = sPath;
2004-05-13 06:02:32 +00:00
if( sSignatureFile.empty() )
sSignatureFile = sPath + SIGNATURE_APPEND;
2006-01-22 01:00:06 +00:00
RString sPrivKey;
2005-05-20 00:58:09 +00:00
if( !GetFileContents(sPrivFilename, sPrivKey) )
return;
2004-05-13 06:02:32 +00:00
if( !IsAFile(sMessageFilename) )
2005-04-24 22:04:39 +00:00
{
LOG->Trace( "SignFileToFile: \"%s\" doesn't exist", sMessageFilename.c_str() );
2004-02-15 04:47:32 +00:00
return;
2005-04-24 22:04:39 +00:00
}
2004-02-15 04:47:32 +00:00
RageFile file;
if( !file.Open(sMessageFilename) )
{
2007-01-24 07:36:25 +00:00
LOG->Warn( "SignFileToFile: open(%s) failed: %s", sPath.c_str(), file.GetError().c_str() );
return;
}
2007-01-24 07:39:19 +00:00
RSAKeyWrapper key;
2007-01-24 07:36:25 +00:00
if( !key.Load(sPrivKey) )
return;
int iHash = register_hash( &sha1_desc );
ASSERT( iHash >= 0 );
unsigned char buf_hash[20];
if( !HashFile(file, buf_hash, iHash) )
return;
unsigned char signature[256];
unsigned long signature_len = sizeof(signature);
int iRet = rsa_sign_hash_ex(
buf_hash, sizeof(buf_hash),
signature, &signature_len,
LTC_PKCS_1_V1_5, &g_pPRNG->m_PRNG, g_pPRNG->m_iPRNG, iHash,
0, &key.m_Key);
if( iRet != CRYPT_OK )
{
2007-01-24 07:36:25 +00:00
LOG->Warn( "SignFileToFile error: %s", error_to_string(iRet) );
return;
}
2007-01-24 07:36:25 +00:00
RString sSignature( (const char *) signature, signature_len );
WriteFile( sSignatureFile, sSignature );
}
2006-01-22 01:00:06 +00:00
bool CryptManager::VerifyFileWithFile( RString sPath, RString sSignatureFile )
2004-02-15 04:47:32 +00:00
{
ASSERT( PREFSMAN->m_bSignProfileData );
2005-05-19 21:27:14 +00:00
if( VerifyFileWithFile(sPath, sSignatureFile, PUBLIC_KEY_PATH) )
return true;
2006-01-22 01:00:06 +00:00
vector<RString> asKeys;
2005-05-19 21:27:14 +00:00
GetDirListing( ALTERNATE_PUBLIC_KEY_DIR, asKeys, false, true );
for( unsigned i = 0; i < asKeys.size(); ++i )
{
2006-01-22 01:00:06 +00:00
const RString &sKey = asKeys[i];
2005-05-19 21:27:14 +00:00
LOG->Trace( "Trying alternate key \"%s\" ...", sKey.c_str() );
if( VerifyFileWithFile(sPath, sSignatureFile, sKey) )
return true;
}
return false;
}
2006-01-22 01:00:06 +00:00
bool CryptManager::VerifyFileWithFile( RString sPath, RString sSignatureFile, RString sPublicKeyFile )
2005-05-19 21:27:14 +00:00
{
ASSERT( PREFSMAN->m_bSignProfileData );
2004-05-13 06:02:32 +00:00
if( sSignatureFile.empty() )
sSignatureFile = sPath + SIGNATURE_APPEND;
2006-01-22 01:00:06 +00:00
RString sPublicKey;
if( !GetFileContents(sPublicKeyFile, sPublicKey) )
2004-02-15 04:47:32 +00:00
return false;
2004-05-22 19:50:16 +00:00
int iBytes = FILEMAN->GetFileSizeInBytes( sSignatureFile );
if( iBytes > MAX_SIGNATURE_SIZE_BYTES )
return false;
2006-01-22 01:00:06 +00:00
RString sSignature;
2005-05-20 01:02:56 +00:00
if( !GetFileContents(sSignatureFile, sSignature) )
return false;
2007-01-24 07:36:25 +00:00
return Verify( sPath, sSignature, sPublicKey );
}
bool CryptManager::Verify( RString sPath, RString sSignature, RString sPublicKey )
{
ASSERT( PREFSMAN->m_bSignProfileData );
RageFile file;
if( !file.Open(sPath) )
{
2007-01-24 07:36:25 +00:00
LOG->Warn( "Verify: open(%s) failed: %s", sPath.c_str(), file.GetError().c_str() );
return false;
}
2007-01-24 07:39:19 +00:00
RSAKeyWrapper key;
2007-01-24 07:36:25 +00:00
if( !key.Load(sPublicKey) )
return false;
int iHash = register_hash( &sha1_desc );
ASSERT( iHash >= 0 );
unsigned char buf_hash[20];
HashFile( file, buf_hash, iHash );
int iMatch;
int iRet = rsa_verify_hash_ex( (const unsigned char *) sSignature.data(), sSignature.size(),
buf_hash, sizeof(buf_hash),
LTC_PKCS_1_EMSA, iHash, 0, &iMatch, &key.m_Key );
if( iRet != CRYPT_OK )
{
2007-01-24 07:36:25 +00:00
LOG->Warn( "Verify(%s) failed: %s", sPath.c_str(), error_to_string(iRet) );
return false;
}
if( !iMatch )
{
LOG->Warn( "Verify(%s) failed: signature mismatch", sPath.c_str() );
return false;
}
return true;
}
2007-01-24 09:39:55 +00:00
void CryptManager::GetRandomBytes( void *pData, int iBytes )
{
int iRet = prng_descriptor[g_pPRNG->m_iPRNG].read( (unsigned char *) pData, iBytes, &g_pPRNG->m_PRNG );
ASSERT( iRet == iBytes );
}
2005-04-27 01:17:47 +00:00
#endif
2004-02-17 01:16:57 +00:00
RString CryptManager::GetMD5ForFile( RString fn )
2004-02-15 04:47:32 +00:00
{
2006-02-14 11:30:53 +00:00
RageFile file;
if( !file.Open( fn, RageFile::READ ) )
{
LOG->Warn( "GetMD5: Failed to open file '%s'", fn.c_str() );
return RString();
}
2007-01-24 07:36:25 +00:00
int iHash = register_hash( &md5_desc );
ASSERT( iHash >= 0 );
2006-02-14 11:30:53 +00:00
2007-01-24 07:36:25 +00:00
unsigned char digest[16];
HashFile( file, digest, iHash );
2006-02-14 11:30:53 +00:00
return BinaryToHex( digest, sizeof(digest) );
2004-02-15 04:47:32 +00:00
}
2004-02-16 05:35:06 +00:00
RString CryptManager::GetMD5ForString( RString sData )
{
unsigned char digest[16];
2007-01-24 07:36:25 +00:00
int iHash = register_hash( &md5_desc );
hash_state hash;
int iRet = hash_descriptor[iHash].init( &hash );
iRet = hash_descriptor[iHash].process( &hash, (const unsigned char *) sData.data(), sData.size() );
iRet = hash_descriptor[iHash].done( &hash, digest );
return BinaryToHex( digest, sizeof(digest) );
}
2006-01-22 01:00:06 +00:00
RString CryptManager::GetPublicKeyFileName()
2004-02-16 05:35:06 +00:00
{
ASSERT( PREFSMAN->m_bSignProfileData );
2004-02-16 05:35:06 +00:00
return PUBLIC_KEY_PATH;
}
2004-06-08 01:24:17 +00:00
/*
2007-01-24 07:36:25 +00:00
* (c) 2004-2007 Chris Danford, Glenn Maynard
2004-06-08 01:24:17 +00:00
* All rights reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the
* "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish,
* distribute, and/or sell copies of the Software, and to permit persons to
* whom the Software is furnished to do so, provided that the above
* copyright notice(s) and this permission notice appear in all copies of
* the Software and that both the above copyright notice(s) and this
* permission notice appear in supporting documentation.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF
* THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS
* INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL INDIRECT
* OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
* OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
* OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/