From 843e62630aef569dca319469eb3c143095561eb9 Mon Sep 17 00:00:00 2001 From: Luke1410 Date: Wed, 10 Jul 2019 22:24:39 +0200 Subject: [PATCH] - Crypto - added CMake support for crypto functionality (#255) - small corrections/fixes for CSecureString (#255) - fixed compile error on non-Windows platforms (#255) --- Lib/DLL/CMakeLists.txt | 3 ++- Lib/LibStatic/CMakeLists.txt | 3 ++- Source/include/slikenet/crypto/ifileencrypter.h | 10 +++++++--- Source/include/slikenet/crypto/securestring.h | 1 + Source/src/crypto/cryptomanager.cpp | 6 ++++++ Source/src/crypto/securestring.cpp | 5 +++-- 6 files changed, 21 insertions(+), 7 deletions(-) diff --git a/Lib/DLL/CMakeLists.txt b/Lib/DLL/CMakeLists.txt index 03fc3da79..2d1e07881 100644 --- a/Lib/DLL/CMakeLists.txt +++ b/Lib/DLL/CMakeLists.txt @@ -17,8 +17,9 @@ FILE(GLOB ALL_HEADER_SRCS ${SLikeNet_SOURCE_DIR}/Source/include/slikenet/*.h) FILE(GLOB ALL_COMPATIBILITY_HEADER_SRC ${SLikeNet_SOURCE_DIR}/Source/*.h) FILE(GLOB ALL_COMPATIBILITY_HEADER_SRC_2 ${SLikeNet_SOURCE_DIR}/Source/slikenet/*.h) FILE(GLOB ALL_CPP_SRCS ${SLikeNet_SOURCE_DIR}/Source/src/*.cpp) +FILE(GLOB CRYPTO_CPP_SRCS ${SLikeNet_SOURCE_DIR}/Source/src/crypto/*.cpp) -add_library(SLikeNetDLL SHARED ${ALL_CPP_SRCS} ${ALL_HEADER_SRCS}) +add_library(SLikeNetDLL SHARED ${ALL_CPP_SRCS} ${CRYPTO_CPP_SRCS} ${ALL_HEADER_SRCS}) #if(NOT (CMAKE_VERSION VERSION_LESS 2.8)) # target_include_directories is only supported since CMake 2.8 diff --git a/Lib/LibStatic/CMakeLists.txt b/Lib/LibStatic/CMakeLists.txt index 44b6f98e7..955a99dec 100644 --- a/Lib/LibStatic/CMakeLists.txt +++ b/Lib/LibStatic/CMakeLists.txt @@ -17,8 +17,9 @@ FILE(GLOB ALL_HEADER_SRCS ${SLikeNet_SOURCE_DIR}/Source/include/slikenet/*.h) FILE(GLOB ALL_COMPATIBILITY_HEADER_SRC ${SLikeNet_SOURCE_DIR}/Source/*.h) FILE(GLOB ALL_COMPATIBILITY_HEADER_SRC_2 ${SLikeNet_SOURCE_DIR}/Source/slikenet/*.h) FILE(GLOB ALL_CPP_SRCS ${SLikeNet_SOURCE_DIR}/Source/src/*.cpp) +FILE(GLOB CRYPTO_CPP_SRCS ${SLikeNet_SOURCE_DIR}/Source/src/crypto/*.cpp) -add_library(SLikeNetLibStatic STATIC ${ALL_CPP_SRCS} ${ALL_HEADER_SRCS}) +add_library(SLikeNetLibStatic STATIC ${ALL_CPP_SRCS} ${CRYPTO_CPP_SRCS} ${ALL_HEADER_SRCS}) #if(NOT (CMAKE_VERSION VERSION_LESS 2.8)) # target_include_directories is only supported since CMake 2.8 diff --git a/Source/include/slikenet/crypto/ifileencrypter.h b/Source/include/slikenet/crypto/ifileencrypter.h index 6387a8106..1e04b585b 100644 --- a/Source/include/slikenet/crypto/ifileencrypter.h +++ b/Source/include/slikenet/crypto/ifileencrypter.h @@ -1,11 +1,13 @@ /* - * Copyright (c) 2018, SLikeSoft UG (haftungsbeschränkt) + * Copyright (c) 2018-2019, SLikeSoft UG (haftungsbeschränkt) * * This source code is licensed under the MIT-style license found in the license.txt * file in the root directory of this source tree. */ #pragma once +#include // required for size_t + namespace SLNet { namespace Experimental @@ -22,8 +24,10 @@ namespace SLNet // signing methods public: - virtual const char* SignData(const char* data) = 0; - virtual bool VerifyData(const char *data, const size_t dataLength, const unsigned char *signature, const size_t signatureLength) = 0; + virtual const unsigned char* SignData(const unsigned char* data, const size_t dataLength) = 0; + virtual const char* SignDataBase64(const unsigned char* data, const size_t dataLength) = 0; + virtual bool VerifyData(const unsigned char *data, const size_t dataLength, const unsigned char *signature, const size_t signatureLength) = 0; + virtual bool VerifyDataBase64(const unsigned char *data, const size_t dataLength, const char *signature, const size_t signatureLength) = 0; }; } } diff --git a/Source/include/slikenet/crypto/securestring.h b/Source/include/slikenet/crypto/securestring.h index 52836a5dc..85e672908 100644 --- a/Source/include/slikenet/crypto/securestring.h +++ b/Source/include/slikenet/crypto/securestring.h @@ -6,6 +6,7 @@ */ #pragma once +#include // required for size_t namespace SLNet { diff --git a/Source/src/crypto/cryptomanager.cpp b/Source/src/crypto/cryptomanager.cpp index da8ff8e7d..6cb000521 100644 --- a/Source/src/crypto/cryptomanager.cpp +++ b/Source/src/crypto/cryptomanager.cpp @@ -33,8 +33,14 @@ namespace SLNet ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); +#ifdef _WIN32 + // #med - once OpenSSL support for older OpenSSL versions is dropped, just remove this call - newer OpenSSL versions provide proper entropy + // also on Windows platforms - https://security.stackexchange.com/questions/7718/openssl-rand-poll-good-enough + // RAND_screen() is only required on Windows - on Linux RAND_poll() will be used (called implicitly by the following RAND_bytes()-call) and + // provides OS-specific entropy quality. // #high - replace with EGADS RAND_screen(); +#endif if (RAND_bytes(m_sessionKey, EVP_MAX_KEY_LENGTH) == 0) { return false; // failed to initialize the random session key diff --git a/Source/src/crypto/securestring.cpp b/Source/src/crypto/securestring.cpp index 237def6c5..3b874e0e8 100644 --- a/Source/src/crypto/securestring.cpp +++ b/Source/src/crypto/securestring.cpp @@ -11,7 +11,8 @@ #include "slikenet/assert.h" // used for assert() (via SLNET_VERIFY) #include "slikenet/memoryoverride.h" // used for OP_NEW_ARRAY -#include // used for std::numeric_limits +#include // used for std::memcpy +#include // used for std::numeric_limits namespace SLNet { @@ -116,7 +117,7 @@ namespace SLNet return 0; } } - memcpy_s(m_UnencryptedBuffer + m_numBufferUsed, m_UnencryptedBufferSize - m_numBufferUsed, character, charSize); + memcpy(m_UnencryptedBuffer + m_numBufferUsed, character, charSize); m_numBufferUsed += charSize; // clear the source data