hush3/src/hush/utiltls.cpp

// Copyright (c) 2017 The Zen Core developers
// Copyright (c) 2016-2020 The Hush developers
// Distributed under the GPLv3 software license, see the accompanying
// file COPYING or https://www.gnu.org/licenses/gpl-3.0.en.html

#include <stdio.h>
#include <vector>

#include <wolfssl/options.h>
#include <wolfssl/ssl.h>
#include "../util.h"
#include "utiltls.h"

namespace hush {

// Generates EC keypair
//
WOLFSSL_EVP_PKEY* GenerateEcKey(int nid)
{
    WOLFSSL_EVP_PKEY *evpPrivKey = NULL;
    WOLFSSL_EC_KEY *privKey = wolfSSL_EC_KEY_new_by_curve_name(nid);
    if (privKey) {
        wolfSSL_EC_KEY_set_asn1_flag(privKey, OPENSSL_EC_NAMED_CURVE);
        if (wolfSSL_EC_KEY_generate_key(privKey)) {
            if ((evpPrivKey = wolfSSL_EVP_PKEY_new())) {
                if (!wolfSSL_EVP_PKEY_assign_EC_KEY(evpPrivKey, privKey)) {
                    wolfSSL_EVP_PKEY_free(evpPrivKey);
                    evpPrivKey = NULL;
                }
            }
        }

        if(!evpPrivKey) {
            wolfSSL_EC_KEY_free(privKey);
            evpPrivKey = NULL;
        }   
    }

    return evpPrivKey;
}

// Generates certificate for a specified public key using a corresponding private key (both of them should be specified in the 'keypair').
//
WOLFSSL_X509* GenerateCertificate(WOLFSSL_EVP_PKEY *keypair)
{
    if (!keypair) {
        return NULL;
    } 

    WOLFSSL_X509 *cert = wolfSSL_X509_new();
    if (cert) {
        bool bCertSigned = false;
        long sn = 0;
        
        if (wolfSSL_RAND_bytes((unsigned char*)&sn, sizeof(sn)) &&wolfSSL_ASN1_INTEGER_set(wolfSSL_X509_get_serialNumber(cert), sn)) {
            wolfSSL_X509_gmtime_adj(wolfSSL_X509_get_notBefore(cert), 0);
            wolfSSL_X509_gmtime_adj(wolfSSL_X509_get_notAfter(cert), (60 * 60 * 24 * CERT_VALIDITY_DAYS));

            // setting a public key from the keypair
            if (wolfSSL_X509_set_pubkey(cert, keypair)) {
                // private key from keypair is used; signature will be set inside of the cert
                bCertSigned = wolfSSL_X509_sign(cert, keypair, wolfSSL_EVP_sha512());
            }
        }

        if (!bCertSigned) {
            wolfSSL_X509_free(cert);
            cert = NULL;
        }
    }
    
    return cert;
}

}
tls implemented 4 years ago			`// Copyright (c) 2017 The Zen Core developers`
update copyrights 3 years ago			`// Copyright (c) 2016-2020 The Hush developers`
Hush Full Node is now GPLv3 Any projects which want to use Hush code from now on will need to be licensed as GPLv3 or we will send the lawyers: https://www.softwarefreedom.org/ Notably, Komodo (KMD) is licensed as GPLv2 and is no longer compatible to receive code changes, without causing legal issues. MIT projects, such as Zcash, also cannot pull in changes from the Hush Full Node without permission from The Hush Developers, which may in some circumstances grant an MIT license on a case-by-case basis. 4 years ago			`// Distributed under the GPLv3 software license, see the accompanying`
			`// file COPYING or https://www.gnu.org/licenses/gpl-3.0.en.html`
tls implemented 4 years ago
			`#include <stdio.h>`
			`#include <vector>`

OpenSSL replaced by WolfSSL 4 years ago			`#include <wolfssl/options.h>`
			`#include <wolfssl/ssl.h>`
tls rework 4 years ago			`#include "../util.h"`
tls implemented 4 years ago			`#include "utiltls.h"`

			`namespace hush {`

tls rework 4 years ago			`// Generates EC keypair`
			`//`
tls shape-up 4 years ago			`WOLFSSL_EVP_PKEY* GenerateEcKey(int nid)`
tls rework 4 years ago			`{`
OpenSSL replaced by WolfSSL 4 years ago			`WOLFSSL_EVP_PKEY *evpPrivKey = NULL;`
			`WOLFSSL_EC_KEY *privKey = wolfSSL_EC_KEY_new_by_curve_name(nid);`
			`if (privKey) {`
			`wolfSSL_EC_KEY_set_asn1_flag(privKey, OPENSSL_EC_NAMED_CURVE);`
			`if (wolfSSL_EC_KEY_generate_key(privKey)) {`
			`if ((evpPrivKey = wolfSSL_EVP_PKEY_new())) {`
			`if (!wolfSSL_EVP_PKEY_assign_EC_KEY(evpPrivKey, privKey)) {`
			`wolfSSL_EVP_PKEY_free(evpPrivKey);`
ECDSA certificate generation 4 years ago			`evpPrivKey = NULL;`
tls rework 4 years ago			`}`
			`}`
			`}`
ECDSA certificate generation 4 years ago
OpenSSL replaced by WolfSSL 4 years ago			`if(!evpPrivKey) {`
			`wolfSSL_EC_KEY_free(privKey);`
tls shape-up 4 years ago			`evpPrivKey = NULL;`
OpenSSL replaced by WolfSSL 4 years ago			`}`
tls rework 4 years ago			`}`

			`return evpPrivKey;`
			`}`

tls implemented 4 years ago			`// Generates certificate for a specified public key using a corresponding private key (both of them should be specified in the 'keypair').`
			`//`
tls shape-up 4 years ago			`WOLFSSL_X509* GenerateCertificate(WOLFSSL_EVP_PKEY *keypair)`
tls implemented 4 years ago			`{`
OpenSSL replaced by WolfSSL 4 years ago			`if (!keypair) {`
tls implemented 4 years ago			`return NULL;`
OpenSSL replaced by WolfSSL 4 years ago			`}`
tls implemented 4 years ago
OpenSSL replaced by WolfSSL 4 years ago			`WOLFSSL_X509 *cert = wolfSSL_X509_new();`
			`if (cert) {`
tls implemented 4 years ago			`bool bCertSigned = false;`
			`long sn = 0;`
OpenSSL replaced by WolfSSL 4 years ago
			`if (wolfSSL_RAND_bytes((unsigned char*)&sn, sizeof(sn)) &&wolfSSL_ASN1_INTEGER_set(wolfSSL_X509_get_serialNumber(cert), sn)) {`
			`wolfSSL_X509_gmtime_adj(wolfSSL_X509_get_notBefore(cert), 0);`
			`wolfSSL_X509_gmtime_adj(wolfSSL_X509_get_notAfter(cert), (60 * 60 * 24 * CERT_VALIDITY_DAYS));`
tls implemented 4 years ago
			`// setting a public key from the keypair`
OpenSSL replaced by WolfSSL 4 years ago			`if (wolfSSL_X509_set_pubkey(cert, keypair)) {`
			`// private key from keypair is used; signature will be set inside of the cert`
			`bCertSigned = wolfSSL_X509_sign(cert, keypair, wolfSSL_EVP_sha512());`
tls implemented 4 years ago			`}`
			`}`

OpenSSL replaced by WolfSSL 4 years ago			`if (!bCertSigned) {`
			`wolfSSL_X509_free(cert);`
tls implemented 4 years ago			`cert = NULL;`
			`}`
			`}`
OpenSSL replaced by WolfSSL 4 years ago
tls shape-up 4 years ago			`return cert;`
tls implemented 4 years ago			`}`

			`}`