IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

change AuthenticatedEncryption to use auto ptr, if password will be calculated (changed password) and use to decrpyt it could be lead to an error

Browse Source
This commit is contained in:
Dario 2020-06-24 10:34:00 +02:00
parent 337bf554f5
commit b8e93e8142
3 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/cpp/Crypto/AuthenticatedEncryption.h
View File

@ -3,9 +3,11 @@
#include "../SingletonManager/MemoryManager.h" #include "../SingletonManager/MemoryManager.h"
#include "../lib/AutoPtrContainer.h"
#include <shared_mutex> #include <shared_mutex>
#include <vector> #include <vector>
/*! /*!
* *
* \author: Dario Rekowski * \author: Dario Rekowski
@ -18,7 +20,7 @@
typedef Poco::UInt64 KeyHashed; typedef Poco::UInt64 KeyHashed;
class AuthenticatedEncryption class AuthenticatedEncryption : public AutoPtrContainer
{ {
public: public:
@ -42,9 +44,10 @@ public:
inline KeyHashed getKeyHashed() const { std::shared_lock<std::shared_mutex> _lock(mWorkingMutex); return mEncryptionKeyHash; } inline KeyHashed getKeyHashed() const { std::shared_lock<std::shared_mutex> _lock(mWorkingMutex); return mEncryptionKeyHash; }
inline bool operator == (const AuthenticatedEncryption& b) const { inline bool operator == (const Poco::AutoPtr<AuthenticatedEncryption>& b) const {
std::shared_lock<std::shared_mutex> _lock(mWorkingMutex); std::shared_lock<std::shared_mutex> _lock(mWorkingMutex);
return mEncryptionKeyHash == b.getKeyHashed(); if (b.isNull()) return false;
return mEncryptionKeyHash == b->getKeyHashed();
} }
inline bool operator == (const KeyHashed& hash) const { inline bool operator == (const KeyHashed& hash) const {
return mEncryptionKeyHash == hash; return mEncryptionKeyHash == hash;

8
src/cpp/Crypto/KeyPairEd25519.cpp
View File

@ -37,11 +37,11 @@ KeyPairEd25519::~KeyPairEd25519()
} }
} }
KeyPairEd25519* KeyPairEd25519::create(const Passphrase* passphrase) KeyPairEd25519* KeyPairEd25519::create(const Poco::AutoPtr<Passphrase> passphrase)
{ {
//auto er = ErrorManager::getInstance(); //auto er = ErrorManager::getInstance();
auto mm = MemoryManager::getInstance(); auto mm = MemoryManager::getInstance();
assert(passphrase); assert(!passphrase.isNull());
// libsodium doc: https://libsodium.gitbook.io/doc/advanced/hmac-sha2 // libsodium doc: https://libsodium.gitbook.io/doc/advanced/hmac-sha2
// https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki // https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki
@ -152,9 +152,9 @@ MemoryBin* KeyPairEd25519::sign(const MemoryBin* message) const
} }
MemoryBin* KeyPairEd25519::getCryptedPrivKey(const AuthenticatedEncryption* password) const MemoryBin* KeyPairEd25519::getCryptedPrivKey(const Poco::AutoPtr<AuthenticatedEncryption> password) const
{ {
if (!password) return nullptr; if (password.isNull()) return nullptr;
if (!mSodiumSecret) return nullptr; if (!mSodiumSecret) return nullptr;
MemoryBin* encryptedKey = nullptr; MemoryBin* encryptedKey = nullptr;

4
src/cpp/Crypto/KeyPairEd25519.h
View File

@ -29,7 +29,7 @@ public:
//! \param passphrase must contain word indices //! \param passphrase must contain word indices
//! \return create KeyPairEd25519, caller muss call delete at return after finish //! \return create KeyPairEd25519, caller muss call delete at return after finish
static KeyPairEd25519* create(const Passphrase* passphrase); static KeyPairEd25519* create(const Poco::AutoPtr<Passphrase> passphrase);
//! \return caller take ownership of return value //! \return caller take ownership of return value
MemoryBin* sign(const MemoryBin* message) const; MemoryBin* sign(const MemoryBin* message) const;
@ -60,7 +60,7 @@ public:
inline bool hasPrivateKey() const { return mSodiumSecret != nullptr; } inline bool hasPrivateKey() const { return mSodiumSecret != nullptr; }
//! \brief only way to get a private key.. encrypted //! \brief only way to get a private key.. encrypted
MemoryBin* getCryptedPrivKey(const AuthenticatedEncryption* password) const; MemoryBin* getCryptedPrivKey(const Poco::AutoPtr<AuthenticatedEncryption> password) const;
protected: protected: