From 90d6c5c5bb0541d50fa3c1faff77c76d0ed6c072 Mon Sep 17 00:00:00 2001 From: orignal Date: Mon, 23 Nov 2015 09:26:32 -0500 Subject: [PATCH] fixed race condition --- Signature.cpp | 39 ++++++++++++++++++++++++--------------- Signature.h | 4 ---- 2 files changed, 24 insertions(+), 19 deletions(-) diff --git a/Signature.cpp b/Signature.cpp index 6a92eff6..13151508 100644 --- a/Signature.cpp +++ b/Signature.cpp @@ -396,27 +396,32 @@ namespace crypto } - EDDSA25519Verifier::EDDSA25519Verifier (const uint8_t * signingKey): - m_Ctx (BN_CTX_new ()), - m_PublicKey (GetEd25519 ()->DecodePublicKey (signingKey, m_Ctx)) + EDDSA25519Verifier::EDDSA25519Verifier (const uint8_t * signingKey) { memcpy (m_PublicKeyEncoded, signingKey, EDDSA25519_PUBLIC_KEY_LENGTH); + BN_CTX * ctx = BN_CTX_new (); + m_PublicKey = GetEd25519 ()->DecodePublicKey (m_PublicKeyEncoded, ctx); + BN_CTX_free (ctx); } bool EDDSA25519Verifier::Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const { - SHA512_CTX ctx; - SHA512_Init (&ctx); - SHA512_Update (&ctx, signature, EDDSA25519_SIGNATURE_LENGTH/2); // R - SHA512_Update (&ctx, m_PublicKeyEncoded, EDDSA25519_PUBLIC_KEY_LENGTH); // public key - SHA512_Update (&ctx, buf, len); // data uint8_t digest[64]; - SHA512_Final (digest, &ctx); - return GetEd25519 ()->Verify (m_PublicKey, digest, signature, m_Ctx); + { + SHA512_CTX ctx; + SHA512_Init (&ctx); + SHA512_Update (&ctx, signature, EDDSA25519_SIGNATURE_LENGTH/2); // R + SHA512_Update (&ctx, m_PublicKeyEncoded, EDDSA25519_PUBLIC_KEY_LENGTH); // public key + SHA512_Update (&ctx, buf, len); // data + SHA512_Final (digest, &ctx); + } + BN_CTX * ctx = BN_CTX_new (); + bool passed = GetEd25519 ()->Verify (m_PublicKey, digest, signature, ctx); + BN_CTX_free (ctx); + return passed; } - EDDSA25519Signer::EDDSA25519Signer (const uint8_t * signingPrivateKey): - m_Ctx (BN_CTX_new ()) + EDDSA25519Signer::EDDSA25519Signer (const uint8_t * signingPrivateKey) { // expand key SHA512 (signingPrivateKey, EDDSA25519_PRIVATE_KEY_LENGTH, m_ExpandedPrivateKey); @@ -424,13 +429,17 @@ namespace crypto m_ExpandedPrivateKey[EDDSA25519_PRIVATE_KEY_LENGTH - 1] &= 0x1F; // drop first 3 bits m_ExpandedPrivateKey[EDDSA25519_PRIVATE_KEY_LENGTH - 1] |= 0x40; // set second bit // generate and encode public key - auto publicKey = GetEd25519 ()->GeneratePublicKey (m_ExpandedPrivateKey, m_Ctx); - GetEd25519 ()->EncodePublicKey (publicKey, m_PublicKeyEncoded, m_Ctx); + BN_CTX * ctx = BN_CTX_new (); + auto publicKey = GetEd25519 ()->GeneratePublicKey (m_ExpandedPrivateKey, ctx); + GetEd25519 ()->EncodePublicKey (publicKey, m_PublicKeyEncoded, ctx); + BN_CTX_free (ctx); } void EDDSA25519Signer::Sign (const uint8_t * buf, int len, uint8_t * signature) const { - GetEd25519 ()->Sign (m_ExpandedPrivateKey, m_PublicKeyEncoded, buf, len, signature, m_Ctx); + BN_CTX * ctx = BN_CTX_new (); + GetEd25519 ()->Sign (m_ExpandedPrivateKey, m_PublicKeyEncoded, buf, len, signature, ctx); + BN_CTX_free (ctx); } } } diff --git a/Signature.h b/Signature.h index 9f60d406..f46193aa 100644 --- a/Signature.h +++ b/Signature.h @@ -410,7 +410,6 @@ namespace crypto public: EDDSA25519Verifier (const uint8_t * signingKey); - ~EDDSA25519Verifier () { BN_CTX_free (m_Ctx); }; bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const; size_t GetPublicKeyLen () const { return EDDSA25519_PUBLIC_KEY_LENGTH; }; @@ -418,7 +417,6 @@ namespace crypto private: - BN_CTX * m_Ctx; EDDSAPoint m_PublicKey; uint8_t m_PublicKeyEncoded[EDDSA25519_PUBLIC_KEY_LENGTH]; }; @@ -428,13 +426,11 @@ namespace crypto public: EDDSA25519Signer (const uint8_t * signingPrivateKey); - ~EDDSA25519Signer () { BN_CTX_free (m_Ctx); }; void Sign (const uint8_t * buf, int len, uint8_t * signature) const; const uint8_t * GetPublicKey () const { return m_PublicKeyEncoded; }; private: - BN_CTX * m_Ctx; uint8_t m_ExpandedPrivateKey[64]; uint8_t m_PublicKeyEncoded[EDDSA25519_PUBLIC_KEY_LENGTH]; };