mirror
/
openwrt-packages
mirror of https://git.openwrt.org/feed/packages.git
1
0
Fork 0
Code Releases Activity

Merge 51121dcf37 into eb35a3be13

This commit is contained in:
qosmio 2024-04-18 10:43:17 -04:00 committed by GitHub
parent eb35a3be13 51121dcf37
commit 6d1ca39b9c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 59 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
net/nginx-util/Makefile
View File

@ -1,8 +1,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=nginx-util
PKG_VERSION:=1.6
PKG_RELEASE:=20
PKG_VERSION:=1.7
PKG_RELEASE:=1
PKG_MAINTAINER:=Peter Stadler <peter.stadler@student.uibk.ac.at>
include $(INCLUDE_DIR)/package.mk
@ -11,8 +11,6 @@ include $(INCLUDE_DIR)/cmake.mk
CMAKE_OPTIONS+= -DUBUS=y
CMAKE_OPTIONS+= -DVERSION=$(PKG_VERSION)
TARGET_CFLAGS+= -Wno-error=deprecated-declarations
define Package/nginx-ssl-util/default
SECTION:=net
CATEGORY:=Network

168
net/nginx-util/src/px5g-openssl.hpp
View File

@ -7,6 +7,7 @@
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include <openssl/evp.h>
#include <unistd.h>
#include <memory>
#include <stdexcept>
@ -22,7 +23,7 @@ auto checkend(const std::string& crtpath, time_t seconds = 0, bool use_pem = tru
auto gen_eckey(int curve) -> EVP_PKEY_ptr;
auto gen_rsakey(int keysize, BN_ULONG exponent = RSA_F4) -> EVP_PKEY_ptr;
auto gen_rsakey(int keysize) -> EVP_PKEY_ptr;
void write_key(const EVP_PKEY_ptr& pkey, const std::string& keypath = "", bool use_pem = true);
@ -88,42 +89,45 @@ auto gen_eckey(const int curve) -> EVP_PKEY_ptr
}
EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
EC_GROUP_set_point_conversion_form(group, POINT_CONVERSION_UNCOMPRESSED);
auto* eckey = EC_KEY_new();
EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, nullptr);
if (eckey != nullptr) {
if ((EC_KEY_set_group(eckey, group) == 0) || (EC_KEY_generate_key(eckey) == 0)) {
EC_KEY_free(eckey);
eckey = nullptr;
}
if (!EVP_PKEY_paramgen_init(ctx)) {
throw std::runtime_error("Could not init paramgen");
}
EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, curve);
EVP_PKEY* params = nullptr;
EVP_PKEY_paramgen(ctx, &params);
EVP_PKEY_CTX* key_gen_ctx = EVP_PKEY_CTX_new(params, nullptr);
if (EVP_PKEY_keygen_init(key_gen_ctx) <= 0) {
std::string errmsg{"gen_eckey error: cannot initialize key generation context\n"};
ERR_print_errors_cb(print_error, &errmsg);
throw std::runtime_error(errmsg);
}
EVP_PKEY* pkey = nullptr;
if (!EVP_PKEY_keygen(key_gen_ctx, &pkey)) {
EVP_PKEY_CTX_free(key_gen_ctx);
EC_GROUP_free(group);
std::string errmsg{"gen_eckey error: cannot generate key pair\n"};
ERR_print_errors_cb(print_error, &errmsg);
throw std::runtime_error(errmsg);
}
EVP_PKEY_CTX_free(ctx);
EC_GROUP_free(group);
if (eckey == nullptr) {
std::string errmsg{"gen_eckey error: cannot build key with curve id "};
errmsg += std::to_string(curve) + "\n";
ERR_print_errors_cb(print_error, &errmsg);
throw std::runtime_error(errmsg);
}
EVP_PKEY_ptr pkey_ptr{pkey, ::EVP_PKEY_free};
EVP_PKEY_ptr pkey{EVP_PKEY_new(), ::EVP_PKEY_free};
// EVP_PKEY_assign_EC_KEY is a macro casting eckey to char *:
// NOLINTNEXTLINE(cppcoreguidelines-pro-type-cstyle-cast)
if (!EVP_PKEY_assign_EC_KEY(pkey.get(), eckey)) {
EC_KEY_free(eckey);
std::string errmsg{"gen_eckey error: cannot assign EC key to EVP\n"};
ERR_print_errors_cb(print_error, &errmsg);
throw std::runtime_error(errmsg);
}
return pkey;
return pkey_ptr;
}
auto gen_rsakey(const int keysize, const BN_ULONG exponent) -> EVP_PKEY_ptr
auto gen_rsakey(const int keysize) -> EVP_PKEY_ptr
{
if (keysize < rsa_min_modulus_bits || keysize > OPENSSL_RSA_MAX_MODULUS_BITS) {
std::string errmsg{"gen_rsakey error: RSA keysize ("};
@ -131,42 +135,12 @@ auto gen_rsakey(const int keysize, const BN_ULONG exponent) -> EVP_PKEY_ptr
errmsg += std::to_string(OPENSSL_RSA_MAX_MODULUS_BITS) + "]";
throw std::runtime_error(errmsg);
}
auto* bignum = BN_new();
if (bignum == nullptr) {
std::string errmsg{"gen_rsakey error: cannot get big number struct\n"};
ERR_print_errors_cb(print_error, &errmsg);
throw std::runtime_error(errmsg);
}
EVP_PKEY_ptr pkey = {EVP_RSA_gen(keysize), EVP_PKEY_free};
auto* rsa = RSA_new();
if (rsa != nullptr) {
if ((BN_set_word(bignum, exponent) == 0) ||
(RSA_generate_key_ex(rsa, keysize, bignum, nullptr) == 0))
{
RSA_free(rsa);
rsa = nullptr;
}
}
BN_free(bignum);
if (rsa == nullptr) {
std::string errmsg{"gen_rsakey error: cannot create RSA key with size"};
errmsg += std::to_string(keysize) + " and exponent ";
errmsg += std::to_string(exponent) + "\n";
ERR_print_errors_cb(print_error, &errmsg);
throw std::runtime_error(errmsg);
}
EVP_PKEY_ptr pkey{EVP_PKEY_new(), ::EVP_PKEY_free};
// EVP_PKEY_assign_RSA is a macro casting rsa to char *:
// NOLINTNEXTLINE(cppcoreguidelines-pro-type-cstyle-cast)
if (!EVP_PKEY_assign_RSA(pkey.get(), rsa)) {
RSA_free(rsa);
std::string errmsg{"gen_rsakey error: cannot assign RSA key to EVP\n"};
if (!pkey) {
std::string errmsg{"gen_rsakey error: unable to generate RSA key with size: "};
errmsg += std::to_string(keysize);
ERR_print_errors_cb(print_error, &errmsg);
throw std::runtime_error(errmsg);
}
@ -179,31 +153,10 @@ void write_key(const EVP_PKEY_ptr& pkey, const std::string& keypath, const bool
BIO* bio = nullptr;
if (keypath.empty()) {
bio = _BIO_new_fp(stdout, use_pem);
bio = BIO_new_fp(stdout, BIO_NOCLOSE);
}
else { // BIO_new_file(keypath.c_str(), (use_pem ? "w" : "wb") );
static constexpr auto mask = 0600;
// auto fd = open(keypath.c_str(), O_WRONLY | O_CREAT | O_TRUNC, mask);
// creat has no cloexec, alt. triggers cppcoreguidelines-pro-type-vararg
// NOLINTNEXTLINE(android-cloexec-creat)
auto fd = creat(keypath.c_str(), mask); // the same without va_args.
if (fd >= 0) {
auto* fp = fdopen(fd, (use_pem ? "w" : "wb"));
if (fp != nullptr) {
bio = _BIO_new_fp(fp, use_pem, true);
if (bio == nullptr) {
// NOLINTNEXTLINE(cppcoreguidelines-owning-memory) fp owns fd:
fclose(fp);
}
}
else {
close(fd);
}
}
else {
bio = BIO_new_file(keypath.c_str(), use_pem ? "w" : "wb");
}
if (bio == nullptr) {
@ -214,35 +167,28 @@ void write_key(const EVP_PKEY_ptr& pkey, const std::string& keypath, const bool
throw std::runtime_error(errmsg);
}
int len = 0;
auto* key = pkey.get();
switch (EVP_PKEY_base_id(key)) { // use same format as px5g:
case EVP_PKEY_EC:
len = use_pem ? PEM_write_bio_ECPrivateKey(bio, EVP_PKEY_get0_EC_KEY(key), nullptr,
nullptr, 0, nullptr, nullptr)
: i2d_ECPrivateKey_bio(bio, EVP_PKEY_get0_EC_KEY(key));
break;
case EVP_PKEY_RSA:
len = use_pem ? PEM_write_bio_RSAPrivateKey(bio, EVP_PKEY_get0_RSA(key), nullptr,
nullptr, 0, nullptr, nullptr)
: i2d_RSAPrivateKey_bio(bio, EVP_PKEY_get0_RSA(key));
break;
default:
len = use_pem
? PEM_write_bio_PrivateKey(bio, key, nullptr, nullptr, 0, nullptr, nullptr)
: i2d_PrivateKey_bio(bio, key);
if (use_pem) {
if (PEM_write_bio_PrivateKey(bio, pkey.get(), nullptr, nullptr, 0, nullptr, nullptr) != 1) {
BIO_free_all(bio);
std::string errmsg{"write_key error: cannot write EVP pkey to "};
errmsg += keypath.empty() ? "stdout" : keypath;
errmsg += "\n";
ERR_print_errors_cb(print_error, &errmsg);
throw std::runtime_error(errmsg);
}
}
else {
if (i2d_PrivateKey_bio(bio, pkey.get()) != 1) {
BIO_free_all(bio);
std::string errmsg{"write_key error: cannot write EVP pkey to "};
errmsg += keypath.empty() ? "stdout" : keypath;
errmsg += "\n";
ERR_print_errors_cb(print_error, &errmsg);
throw std::runtime_error(errmsg);
}
}
BIO_free_all(bio);
if (len == 0) {
std::string errmsg{"write_key error: cannot write EVP pkey to "};
errmsg += keypath.empty() ? "stdout" : keypath;
errmsg += "\n";
ERR_print_errors_cb(print_error, &errmsg);
throw std::runtime_error(errmsg);
}
}
auto subject2name(const std::string& subject) -> X509_NAME_ptr