alecksey/navicat-keygen-2023
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

make code compatible with openssl 3.x

Browse Source 
Signed-off-by: Double Sine <xiao_ai_yu@live.cn>
This commit is contained in:
Double Sine 2022-05-08 00:11:02 +08:00
parent b3046b43f0
commit 47c84363b5
No known key found for this signature in database
GPG Key ID: 44460E4F43EA8633
10 changed files with 437 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
CMakeLists.txt
View File

@ -1,8 +1,12 @@
cmake_minimum_required(VERSION 3.18) cmake_minimum_required(VERSION 3.18)
project(navicat_keygen) project(navicat-keygen)
set(CMAKE_CXX_STANDARD 17) set(CMAKE_CXX_STANDARD 17)
find_package(fmt REQUIRED)
find_package(RapidJSON REQUIRED)
find_package(OpenSSL REQUIRED)
include(FetchContent) include(FetchContent)
set(KEYSTONE_BUILD_STATIC_RUNTIME ON CACHE BOOL "" FORCE) set(KEYSTONE_BUILD_STATIC_RUNTIME ON CACHE BOOL "" FORCE)
set(BUILD_LIBS_ONLY ON CACHE BOOL "" FORCE) set(BUILD_LIBS_ONLY ON CACHE BOOL "" FORCE)
@ -38,6 +42,11 @@ set(
./common/resource_traits/openssl/bio.hpp ./common/resource_traits/openssl/bio.hpp
./common/resource_traits/openssl/bio_chain.hpp ./common/resource_traits/openssl/bio_chain.hpp
./common/resource_traits/openssl/rsa.hpp ./common/resource_traits/openssl/rsa.hpp
./common/resource_traits/openssl/evp_pkey.hpp
./common/resource_traits/openssl/evp_pkey_ctx.hpp
./common/resource_traits/openssl/evp_cipher_ctx.hpp
./common/resource_traits/openssl/encoder_ctx.hpp
./common/resource_traits/openssl/decoder_ctx.hpp
./common/resource_traits/unicorn/unicorn_handle.hpp ./common/resource_traits/unicorn/unicorn_handle.hpp
./common/resource_traits/unicorn/unicorn_alloc.hpp ./common/resource_traits/unicorn/unicorn_alloc.hpp
./common/resource_traits/unix_os/file_descriptor.hpp ./common/resource_traits/unix_os/file_descriptor.hpp
@ -76,9 +85,9 @@ set(
) )
add_executable(navicat-keygen ${NKG_COMMON_SOURCE} ${NKG_KEYGEN_SOURCE}) add_executable(navicat-keygen ${NKG_COMMON_SOURCE} ${NKG_KEYGEN_SOURCE})
target_include_directories(navicat-keygen PRIVATE ./common) target_include_directories(navicat-keygen PRIVATE ./common ${RAPIDJSON_INCLUDE_DIRS})
target_link_libraries(navicat-keygen fmt crypto) target_link_libraries(navicat-keygen fmt::fmt OpenSSL::Crypto)
add_executable(navicat-patcher ${NKG_COMMON_SOURCE} ${NKG_PATCHER_SOURCE}) add_executable(navicat-patcher ${NKG_COMMON_SOURCE} ${NKG_PATCHER_SOURCE})
target_include_directories(navicat-patcher PRIVATE ./common ${keystone_SOURCE_DIR}/include) target_include_directories(navicat-patcher PRIVATE ./common ${keystone_SOURCE_DIR}/include)
target_link_libraries(navicat-patcher fmt crypto keystone unicorn pthread) target_link_libraries(navicat-patcher fmt::fmt OpenSSL::Crypto keystone unicorn pthread)

21
common/resource_traits/openssl/decoder_ctx.hpp Normal file
View File

@ -0,0 +1,21 @@
#pragma once
#include <openssl/decoder.h>
namespace nkg::resource_traits::openssl {
struct decoder_ctx {
using handle_t = OSSL_DECODER_CTX*;
static constexpr handle_t invalid_value = nullptr;
[[nodiscard]]
static bool is_valid(const handle_t& handle) noexcept {
return handle != invalid_value;
}
static void release(const handle_t& handle) noexcept {
OSSL_DECODER_CTX_free(handle);
}
};
}

21
common/resource_traits/openssl/encoder_ctx.hpp Normal file
View File

@ -0,0 +1,21 @@
#pragma once
#include <openssl/encoder.h>
namespace nkg::resource_traits::openssl {
struct encoder_ctx {
using handle_t = OSSL_ENCODER_CTX*;
static constexpr handle_t invalid_value = nullptr;
[[nodiscard]]
static bool is_valid(const handle_t& handle) noexcept {
return handle != invalid_value;
}
static void release(const handle_t& handle) noexcept {
OSSL_ENCODER_CTX_free(handle);
}
};
}

21
common/resource_traits/openssl/evp_cipher_ctx.hpp Normal file
View File

@ -0,0 +1,21 @@
#pragma once
#include <openssl/evp.h>
namespace nkg::resource_traits::openssl {
struct evp_cipher_ctx {
using handle_t = EVP_CIPHER_CTX*;
static constexpr handle_t invalid_value = nullptr;
[[nodiscard]]
static bool is_valid(const handle_t& handle) noexcept {
return handle != invalid_value;
}
static void release(const handle_t& handle) noexcept {
EVP_CIPHER_CTX_free(handle);
}
};
}

21
common/resource_traits/openssl/evp_pkey.hpp Normal file
View File

@ -0,0 +1,21 @@
#pragma once
#include <openssl/evp.h>
namespace nkg::resource_traits::openssl {
struct evp_pkey {
using handle_t = EVP_PKEY*;
static constexpr handle_t invalid_value = nullptr;
[[nodiscard]]
static bool is_valid(const handle_t& handle) noexcept {
return handle != invalid_value;
}
static void release(const handle_t& handle) noexcept {
EVP_PKEY_free(handle);
}
};
}

21
common/resource_traits/openssl/evp_pkey_ctx.hpp Normal file
View File

@ -0,0 +1,21 @@
#pragma once
#include <openssl/evp.h>
namespace nkg::resource_traits::openssl {
struct evp_pkey_ctx {
using handle_t = EVP_PKEY_CTX*;
static constexpr handle_t invalid_value = nullptr;
[[nodiscard]]
static bool is_valid(const handle_t& handle) noexcept {
return handle != invalid_value;
}
static void release(const handle_t& handle) noexcept {
EVP_PKEY_CTX_free(handle);
}
};
}

253
common/rsa_cipher.cpp
View File

@ -5,11 +5,20 @@
#include "resource_traits/openssl/bio.hpp" #include "resource_traits/openssl/bio.hpp"
#include "resource_traits/openssl/bignum.hpp" #include "resource_traits/openssl/bignum.hpp"
#if (OPENSSL_VERSION_NUMBER & 0xf0000000) == 0x30000000 // for openssl 3.x.x
#include <openssl/encoder.h>
#include <openssl/decoder.h>
#include "resource_traits/openssl/encoder_ctx.hpp"
#include "resource_traits/openssl/decoder_ctx.hpp"
#endif
#define NKG_CURRENT_SOURCE_FILE() u8".\\common\\rsa_cipher.cpp" #define NKG_CURRENT_SOURCE_FILE() u8".\\common\\rsa_cipher.cpp"
#define NKG_CURRENT_SOURCE_LINE() __LINE__ #define NKG_CURRENT_SOURCE_LINE() __LINE__
namespace nkg { namespace nkg {
#if (OPENSSL_VERSION_NUMBER & 0xf0000000) < 0x30000000 // for openssl < 3.0.0
[[nodiscard]]
RSA* rsa_cipher::_read_private_key_from_bio(BIO* p_bio) { RSA* rsa_cipher::_read_private_key_from_bio(BIO* p_bio) {
resource_wrapper new_rsa resource_wrapper new_rsa
{ resource_traits::openssl::rsa{}, PEM_read_bio_RSAPrivateKey(p_bio, nullptr, nullptr, nullptr) }; { resource_traits::openssl::rsa{}, PEM_read_bio_RSAPrivateKey(p_bio, nullptr, nullptr, nullptr) };
@ -22,6 +31,7 @@ namespace nkg {
} }
} }
[[nodiscard]]
RSA* rsa_cipher::_read_public_key_pem_from_bio(BIO* p_bio) { RSA* rsa_cipher::_read_public_key_pem_from_bio(BIO* p_bio) {
resource_wrapper new_rsa resource_wrapper new_rsa
{ resource_traits::openssl::rsa{}, PEM_read_bio_RSA_PUBKEY(p_bio, nullptr, nullptr, nullptr) }; { resource_traits::openssl::rsa{}, PEM_read_bio_RSA_PUBKEY(p_bio, nullptr, nullptr, nullptr) };
@ -34,6 +44,7 @@ namespace nkg {
} }
} }
[[nodiscard]]
RSA* rsa_cipher::_read_public_key_pkcs1_from_bio(BIO* p_bio) { RSA* rsa_cipher::_read_public_key_pkcs1_from_bio(BIO* p_bio) {
resource_wrapper new_rsa resource_wrapper new_rsa
{ resource_traits::openssl::rsa{}, PEM_read_bio_RSAPublicKey(p_bio, nullptr, nullptr, nullptr) }; { resource_traits::openssl::rsa{}, PEM_read_bio_RSAPublicKey(p_bio, nullptr, nullptr, nullptr) };
@ -67,24 +78,130 @@ namespace nkg {
} }
} }
rsa_cipher::rsa_cipher() : m_rsa(RSA_new()) { rsa_cipher::rsa_cipher() :
m_rsa(RSA_new())
{
if (!m_rsa.is_valid()) { if (!m_rsa.is_valid()) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), ERR_get_error(), u8"RSA_new failed."); throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), ERR_get_error(), u8"RSA_new failed.");
} }
} }
#elif (OPENSSL_VERSION_NUMBER & 0xf0000000) == 0x30000000 // for openssl 3.x.x
[[nodiscard]]
EVP_PKEY* rsa_cipher::_read_private_key_from_bio(BIO* p_bio) {
resource_wrapper new_rsa{ resource_traits::openssl::evp_pkey{} };
resource_wrapper decoder_context
{ resource_traits::openssl::decoder_ctx{}, OSSL_DECODER_CTX_new_for_pkey(new_rsa.unsafe_addressof(), "PEM", "pkcs1", "RSA", OSSL_KEYMGMT_SELECT_PRIVATE_KEY, nullptr, nullptr) };
if (!decoder_context.is_valid()) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"OSSL_DECODER_CTX_new_for_pkey failed.");
}
if (!OSSL_DECODER_from_bio(decoder_context.get(), p_bio)) { // 1 on success, 0 on failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"OSSL_DECODER_from_bio failed.");
}
return new_rsa.transfer();
}
[[nodiscard]]
EVP_PKEY* rsa_cipher::_read_public_key_pem_from_bio(BIO* p_bio) {
resource_wrapper new_rsa{ resource_traits::openssl::evp_pkey{} };
resource_wrapper decoder_context
{ resource_traits::openssl::decoder_ctx{}, OSSL_DECODER_CTX_new_for_pkey(new_rsa.unsafe_addressof(), "PEM", "SubjectPublicKeyInfo", "RSA", OSSL_KEYMGMT_SELECT_PUBLIC_KEY, nullptr, nullptr) };
if (!decoder_context.is_valid()) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"OSSL_DECODER_CTX_new_for_pkey failed.");
}
if (!OSSL_DECODER_from_bio(decoder_context.get(), p_bio)) { // 1 on success, 0 on failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"OSSL_DECODER_from_bio failed.");
}
return new_rsa.transfer();
}
[[nodiscard]]
EVP_PKEY* rsa_cipher::_read_public_key_pkcs1_from_bio(BIO* p_bio) {
resource_wrapper new_rsa{ resource_traits::openssl::evp_pkey{} };
resource_wrapper decoder_context
{ resource_traits::openssl::decoder_ctx{}, OSSL_DECODER_CTX_new_for_pkey(new_rsa.unsafe_addressof(), "PEM", "pkcs1", "RSA", OSSL_KEYMGMT_SELECT_PUBLIC_KEY, nullptr, nullptr) };
if (!decoder_context.is_valid()) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"OSSL_DECODER_CTX_new_for_pkey failed.");
}
if (!OSSL_DECODER_from_bio(decoder_context.get(), p_bio)) { // 1 on success, 0 on failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"OSSL_DECODER_from_bio failed.");
}
return new_rsa.transfer();
}
void rsa_cipher::_write_private_key_to_bio(EVP_PKEY* p_rsa, BIO* p_bio) {
resource_wrapper encoder_context
{ resource_traits::openssl::encoder_ctx{}, OSSL_ENCODER_CTX_new_for_pkey(p_rsa, OSSL_KEYMGMT_SELECT_PRIVATE_KEY, "PEM", "pkcs1", nullptr) };
if (!encoder_context.is_valid()) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"OSSL_ENCODER_CTX_new_for_pkey failed.");
}
if (!OSSL_ENCODER_to_bio(encoder_context.get(), p_bio)) { // 1 on success, 0 on failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"OSSL_ENCODER_to_bio failed.");
}
}
void rsa_cipher::_write_public_key_pem_to_bio(EVP_PKEY* p_rsa, BIO* p_bio) {
resource_wrapper encoder_context
{ resource_traits::openssl::encoder_ctx{}, OSSL_ENCODER_CTX_new_for_pkey(p_rsa, OSSL_KEYMGMT_SELECT_PUBLIC_KEY, "PEM", "SubjectPublicKeyInfo", nullptr) };
if (!encoder_context.is_valid()) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"OSSL_ENCODER_CTX_new_for_pkey failed.");
}
if (!OSSL_ENCODER_to_bio(encoder_context.get(), p_bio)) { // 1 on success, 0 on failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"OSSL_ENCODER_to_bio failed.");
}
}
void rsa_cipher::_write_public_key_pkcs1_to_bio(EVP_PKEY* p_rsa, BIO* p_bio) {
resource_wrapper encoder_context
{ resource_traits::openssl::encoder_ctx{}, OSSL_ENCODER_CTX_new_for_pkey(p_rsa, OSSL_KEYMGMT_SELECT_PUBLIC_KEY, "PEM", "pkcs1", nullptr) };
if (!encoder_context.is_valid()) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"OSSL_ENCODER_CTX_new_for_pkey failed.");
}
if (!OSSL_ENCODER_to_bio(encoder_context.get(), p_bio)) { // 1 on success, 0 on failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"OSSL_ENCODER_to_bio failed.");
}
}
rsa_cipher::rsa_cipher() = default;
#else
#error "rsa_cipher.cpp: Unexpected OpenSSL version."
#endif
[[nodiscard]] [[nodiscard]]
size_t rsa_cipher::bits() const { size_t rsa_cipher::bits() const {
#if (OPENSSL_VERSION_NUMBER & 0xffff0000) == 0x10000000 // openssl 1.0.x #if (OPENSSL_VERSION_NUMBER & 0xfff00000) == 0x10000000 // openssl 1.0.x
if (m_rsa->n) { if (m_rsa->n) {
return BN_num_bits(m_rsa->n); return BN_num_bits(m_rsa->n);
} else { } else {
throw no_key_assigned_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"RSA modulus has not been set."); throw no_key_assigned_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"RSA key has not been set yet.");
} }
#elif (OPENSSL_VERSION_NUMBER & 0xffff0000) == 0x10100000 // openssl 1.1.x #elif (OPENSSL_VERSION_NUMBER & 0xfff00000) == 0x10100000 // openssl 1.1.x
return RSA_bits(m_rsa.get()); return RSA_bits(m_rsa.get());
#elif (OPENSSL_VERSION_NUMBER & 0xf0000000) == 0x30000000 // openssl 3.x.x
if (m_rsa.is_valid()) {
return EVP_PKEY_get_bits(m_rsa.get());
} else {
throw no_key_assigned_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"RSA key has not been set yet.");
}
#else #else
#error "rsa_cipher.cpp: uexpected OpenSSL version" #error "rsa_cipher.cpp: Unexpected OpenSSL version."
#endif #endif
} }
@ -99,9 +216,38 @@ namespace nkg {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"BN_set_word failed."); throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"BN_set_word failed.");
} }
#if (OPENSSL_VERSION_NUMBER & 0xf0000000) < 0x30000000 // for openssl < 3.0.0
if (RSA_generate_key_ex(m_rsa.get(), bits, bn_e.get(), nullptr) == 0) { if (RSA_generate_key_ex(m_rsa.get(), bits, bn_e.get(), nullptr) == 0) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), ERR_get_error(), u8"RSA_generate_key_ex failed."); throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), ERR_get_error(), u8"RSA_generate_key_ex failed.");
} }
#elif (OPENSSL_VERSION_NUMBER & 0xf0000000) == 0x30000000 // for openssl 3.x.x
resource_wrapper evp_pkey_context{ resource_traits::openssl::evp_pkey_ctx{}, EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, nullptr) };
if (!evp_pkey_context.is_valid()) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_CTX_new_id failed.");
}
if (EVP_PKEY_keygen_init(evp_pkey_context.get()) <= 0) { // 1 for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_keygen_init failed.");
}
if (EVP_PKEY_CTX_set_rsa_keygen_bits(evp_pkey_context.get(), bits) <= 0) { // return a positive value for success and 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_CTX_set_rsa_keygen_bits failed.");
}
if (EVP_PKEY_CTX_set1_rsa_keygen_pubexp(evp_pkey_context.get(), bn_e.get()) <= 0) { // return a positive value for success and 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_CTX_set1_rsa_keygen_pubexp failed.");
}
resource_wrapper new_rsa{ resource_traits::openssl::evp_pkey{} };
if (EVP_PKEY_keygen(evp_pkey_context.get(), new_rsa.unsafe_addressof()) <= 0) { // 1 for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_keygen failed.");
}
m_rsa = std::move(new_rsa);
#else
#error "rsa_cipher.cpp: Unexpected OpenSSL version."
#endif
} }
void rsa_cipher::export_private_key_file(std::string_view file_path) const { void rsa_cipher::export_private_key_file(std::string_view file_path) const {
@ -261,6 +407,7 @@ namespace nkg {
} }
size_t rsa_cipher::public_encrypt(const void* plaintext, size_t plaintext_size, void* ciphertext, int padding) const { size_t rsa_cipher::public_encrypt(const void* plaintext, size_t plaintext_size, void* ciphertext, int padding) const {
#if (OPENSSL_VERSION_NUMBER & 0xf0000000) < 0x30000000 // for openssl < 3.0.0
if (plaintext_size <= INT_MAX) { if (plaintext_size <= INT_MAX) {
int bytes_written = int bytes_written =
RSA_public_encrypt(static_cast<int>(plaintext_size), reinterpret_cast<const unsigned char*>(plaintext), reinterpret_cast<unsigned char*>(ciphertext), m_rsa.get(), padding); RSA_public_encrypt(static_cast<int>(plaintext_size), reinterpret_cast<const unsigned char*>(plaintext), reinterpret_cast<unsigned char*>(ciphertext), m_rsa.get(), padding);
@ -273,9 +420,33 @@ namespace nkg {
} else { } else {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"plaintext_size > INT_MAX"); throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"plaintext_size > INT_MAX");
} }
#elif (OPENSSL_VERSION_NUMBER & 0xf0000000) == 0x30000000 // for openssl 3.x.x
resource_wrapper evp_pkey_context{ resource_traits::openssl::evp_pkey_ctx{}, EVP_PKEY_CTX_new(m_rsa.get(), nullptr) };
if (!evp_pkey_context.is_valid()) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_CTX_new failed.");
}
if (EVP_PKEY_encrypt_init(evp_pkey_context.get()) <= 0) { // return 1 for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_encrypt_init failed.");
}
if (EVP_PKEY_CTX_set_rsa_padding(evp_pkey_context.get(), padding) <= 0) { // return a positive value for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_CTX_set_rsa_padding failed.");
}
size_t ciphertext_size = 0;
if (EVP_PKEY_encrypt(evp_pkey_context.get(), reinterpret_cast<unsigned char*>(ciphertext), &ciphertext_size, reinterpret_cast<const unsigned char*>(plaintext), plaintext_size) <= 0) { // return 1 for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_encrypt failed.");
}
return ciphertext_size;
#else
#error "rsa_cipher.cpp: Unexpected OpenSSL version."
#endif
} }
size_t rsa_cipher::private_encrypt(const void* plaintext, size_t plaintext_size, void* ciphertext, int padding) const { size_t rsa_cipher::private_encrypt(const void* plaintext, size_t plaintext_size, void* ciphertext, int padding) const {
#if (OPENSSL_VERSION_NUMBER & 0xf0000000) < 0x30000000 // for openssl < 3.0.0
if (plaintext_size <= INT_MAX) { if (plaintext_size <= INT_MAX) {
int bytes_written = int bytes_written =
RSA_private_encrypt(static_cast<int>(plaintext_size), reinterpret_cast<const unsigned char*>(plaintext), reinterpret_cast<unsigned char*>(ciphertext), m_rsa.get(), padding); RSA_private_encrypt(static_cast<int>(plaintext_size), reinterpret_cast<const unsigned char*>(plaintext), reinterpret_cast<unsigned char*>(ciphertext), m_rsa.get(), padding);
@ -288,9 +459,33 @@ namespace nkg {
} else { } else {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"plaintext_size > INT_MAX"); throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"plaintext_size > INT_MAX");
} }
#elif (OPENSSL_VERSION_NUMBER & 0xf0000000) == 0x30000000 // for openssl 3.x.x
resource_wrapper evp_pkey_context{ resource_traits::openssl::evp_pkey_ctx{}, EVP_PKEY_CTX_new(m_rsa.get(), nullptr) };
if (!evp_pkey_context.is_valid()) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_CTX_new failed.");
}
if (EVP_PKEY_sign_init(evp_pkey_context.get()) <= 0) { // return 1 for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_sign_init failed.");
}
if (EVP_PKEY_CTX_set_rsa_padding(evp_pkey_context.get(), padding) <= 0) { // return a positive value for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_CTX_set_rsa_padding failed.");
}
size_t ciphertext_size = 0;
if (EVP_PKEY_sign(evp_pkey_context.get(), reinterpret_cast<unsigned char*>(ciphertext), &ciphertext_size, reinterpret_cast<const unsigned char*>(plaintext), plaintext_size) <= 0) { // return 1 for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_sign failed.");
}
return ciphertext_size;
#else
#error "rsa_cipher.cpp: Unexpected OpenSSL version."
#endif
} }
size_t rsa_cipher::public_decrypt(const void* ciphertext, size_t ciphertext_size, void* plaintext, int padding) const { size_t rsa_cipher::public_decrypt(const void* ciphertext, size_t ciphertext_size, void* plaintext, int padding) const {
#if (OPENSSL_VERSION_NUMBER & 0xf0000000) < 0x30000000 // for openssl < 3.0.0
if (ciphertext_size <= INT_MAX) { if (ciphertext_size <= INT_MAX) {
int bytes_written = int bytes_written =
RSA_public_decrypt(static_cast<int>(ciphertext_size), reinterpret_cast<const unsigned char*>(ciphertext), reinterpret_cast<unsigned char*>(plaintext), m_rsa.get(), padding); RSA_public_decrypt(static_cast<int>(ciphertext_size), reinterpret_cast<const unsigned char*>(ciphertext), reinterpret_cast<unsigned char*>(plaintext), m_rsa.get(), padding);
@ -304,9 +499,33 @@ namespace nkg {
} else { } else {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"ciphertext_size > INT_MAX"); throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"ciphertext_size > INT_MAX");
} }
#elif (OPENSSL_VERSION_NUMBER & 0xf0000000) == 0x30000000 // for openssl 3.x.x
resource_wrapper evp_pkey_context{ resource_traits::openssl::evp_pkey_ctx{}, EVP_PKEY_CTX_new(m_rsa.get(), nullptr) };
if (!evp_pkey_context.is_valid()) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_CTX_new failed.");
}
if (EVP_PKEY_verify_recover_init(evp_pkey_context.get())) { // return 1 for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_verify_recover_init failed.");
}
if (EVP_PKEY_CTX_set_rsa_padding(evp_pkey_context.get(), padding) <= 0) { // return a positive value for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_CTX_set_rsa_padding failed.");
}
size_t plaintext_size = 0;
if (EVP_PKEY_verify_recover(evp_pkey_context.get(), reinterpret_cast<unsigned char*>(plaintext), &plaintext_size, reinterpret_cast<const unsigned char*>(ciphertext), ciphertext_size) <= 0) { // return 1 for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_verify_recover failed.");
}
return plaintext_size;
#else
#error "rsa_cipher.cpp: Unexpected OpenSSL version."
#endif
} }
size_t rsa_cipher::private_decrypt(const void* ciphertext, size_t ciphertext_size, void* plaintext, int padding) const { size_t rsa_cipher::private_decrypt(const void* ciphertext, size_t ciphertext_size, void* plaintext, int padding) const {
#if (OPENSSL_VERSION_NUMBER & 0xf0000000) < 0x30000000 // for openssl < 3.0.0
if (ciphertext_size <= INT_MAX) { if (ciphertext_size <= INT_MAX) {
int bytes_written = int bytes_written =
RSA_private_decrypt(static_cast<int>(ciphertext_size), reinterpret_cast<const unsigned char*>(ciphertext), reinterpret_cast<unsigned char*>(plaintext), m_rsa.get(), padding); RSA_private_decrypt(static_cast<int>(ciphertext_size), reinterpret_cast<const unsigned char*>(ciphertext), reinterpret_cast<unsigned char*>(plaintext), m_rsa.get(), padding);
@ -320,7 +539,31 @@ namespace nkg {
} else { } else {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"ciphertext_size > INT_MAX"); throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"ciphertext_size > INT_MAX");
} }
#elif (OPENSSL_VERSION_NUMBER & 0xf0000000) == 0x30000000 // for openssl 3.x.x
resource_wrapper evp_pkey_context{ resource_traits::openssl::evp_pkey_ctx{}, EVP_PKEY_CTX_new(m_rsa.get(), nullptr) };
if (!evp_pkey_context.is_valid()) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_CTX_new failed.");
}
if (EVP_PKEY_decrypt_init(evp_pkey_context.get()) <= 0) { // return 1 for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_decrypt_init failed.");
}
if (EVP_PKEY_CTX_set_rsa_padding(evp_pkey_context.get(), padding) <= 0) { // return a positive value for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_CTX_set_rsa_padding failed.");
}
size_t plaintext_size = 0;
if (EVP_PKEY_decrypt(evp_pkey_context.get(), reinterpret_cast<unsigned char*>(plaintext), &plaintext_size, reinterpret_cast<const unsigned char*>(ciphertext), ciphertext_size) <= 0) { // return 1 for success, 0 or a negative value for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_PKEY_decrypt failed.");
}
return plaintext_size;
#else
#error "rsa_cipher.cpp: Unexpected OpenSSL version."
#endif
} }
} }
#undef NKG_CURRENT_SOURCE_FILE #undef NKG_CURRENT_SOURCE_FILE

28
common/rsa_cipher.hpp
View File

@ -6,7 +6,14 @@
#include <openssl/rsa.h> #include <openssl/rsa.h>
#include "resource_wrapper.hpp" #include "resource_wrapper.hpp"
#if (OPENSSL_VERSION_NUMBER & 0xf0000000) < 0x30000000 // for openssl < 3.0.0
#include "resource_traits/openssl/rsa.hpp" #include "resource_traits/openssl/rsa.hpp"
#elif (OPENSSL_VERSION_NUMBER & 0xf0000000) == 0x30000000 // for openssl 3.x.x
#include "resource_traits/openssl/evp_pkey_ctx.hpp"
#include "resource_traits/openssl/evp_pkey.hpp"
#else
#error "rsa_cipher.hpp: Unexpected OpenSSL version."
#endif
#include "exception.hpp" #include "exception.hpp"
@ -21,6 +28,7 @@ namespace nkg {
class no_key_assigned_error; class no_key_assigned_error;
private: private:
#if (OPENSSL_VERSION_NUMBER & 0xf0000000) < 0x30000000 // for openssl < 3.0.0
resource_wrapper<resource_traits::openssl::rsa> m_rsa; resource_wrapper<resource_traits::openssl::rsa> m_rsa;
[[nodiscard]] [[nodiscard]]
@ -37,6 +45,26 @@ namespace nkg {
static void _write_public_key_pem_to_bio(RSA* p_rsa, BIO* p_bio); static void _write_public_key_pem_to_bio(RSA* p_rsa, BIO* p_bio);
static void _write_public_key_pkcs1_to_bio(RSA* p_rsa, BIO* p_bio); static void _write_public_key_pkcs1_to_bio(RSA* p_rsa, BIO* p_bio);
#elif (OPENSSL_VERSION_NUMBER & 0xf0000000) == 0x30000000 // for openssl 3.x.x
resource_wrapper<resource_traits::openssl::evp_pkey> m_rsa;
[[nodiscard]]
static EVP_PKEY* _read_private_key_from_bio(BIO* p_bio);
[[nodiscard]]
static EVP_PKEY* _read_public_key_pem_from_bio(BIO* p_bio);
[[nodiscard]]
static EVP_PKEY* _read_public_key_pkcs1_from_bio(BIO* p_bio);
static void _write_private_key_to_bio(EVP_PKEY* p_rsa, BIO* p_bio);
static void _write_public_key_pem_to_bio(EVP_PKEY* p_rsa, BIO* p_bio);
static void _write_public_key_pkcs1_to_bio(EVP_PKEY* p_rsa, BIO* p_bio);
#else
#error "rsa_cipher.hpp: Unexpected OpenSSL version."
#endif
public: public:
rsa_cipher(); rsa_cipher();

40
navicat-keygen/navicat_serial_generator.cpp
View File

@ -1,7 +1,14 @@
#include "navicat_serial_generator.hpp" #include "navicat_serial_generator.hpp"
#include <fmt/format.h>
#include <openssl/rand.h>
#include <algorithm> #include <algorithm>
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/provider.h>
#include "resource_wrapper.hpp"
#include "resource_traits/openssl/evp_cipher_ctx.hpp"
#include <fmt/format.h>
#include "base32_rfc4648.hpp" #include "base32_rfc4648.hpp"
#define NKG_CURRENT_SOURCE_FILE() u8".\\navicat-keygen\\navicat_serial_generator.cpp" #define NKG_CURRENT_SOURCE_FILE() u8".\\navicat-keygen\\navicat_serial_generator.cpp"
@ -121,9 +128,13 @@ namespace nkg {
void navicat_serial_generator::set_software_version(int ver) { void navicat_serial_generator::set_software_version(int ver) {
if (11 <= ver && ver < 16) { if (11 <= ver && ver < 16) {
static_assert(sizeof(m_des_key) == sizeof(s_des_key0));
m_data[8] = static_cast<std::uint8_t>((ver << 4) | (m_data[8] & 0x0f)); m_data[8] = static_cast<std::uint8_t>((ver << 4) | (m_data[8] & 0x0f));
memcpy(m_des_key, s_des_key0, sizeof(s_des_key0)); memcpy(m_des_key, s_des_key0, sizeof(s_des_key0));
} else if (16 <= ver && ver < 32) { } else if (16 <= ver && ver < 32) {
static_assert(sizeof(m_des_key) == sizeof(s_des_key1));
m_data[8] = static_cast<std::uint8_t>(((ver - 16) << 4) | (m_data[8] & 0x0f)); m_data[8] = static_cast<std::uint8_t>(((ver - 16) << 4) | (m_data[8] & 0x0f));
memcpy(m_des_key, s_des_key1, sizeof(s_des_key1)); memcpy(m_des_key, s_des_key1, sizeof(s_des_key1));
} else { } else {
@ -134,9 +145,28 @@ namespace nkg {
void navicat_serial_generator::generate() { void navicat_serial_generator::generate() {
RAND_bytes(m_data + 2, 3); RAND_bytes(m_data + 2, 3);
DES_key_schedule schedule; #if (OPENSSL_VERSION_NUMBER & 0xf0000000) == 0x30000000 // for openssl 3.x.x
DES_set_key_unchecked(&m_des_key, &schedule); if (!OSSL_PROVIDER_available(nullptr, "legacy")) {
DES_ecb_encrypt(reinterpret_cast<const_DES_cblock*>(m_data + 2), reinterpret_cast<const_DES_cblock*>(m_data + 2), &schedule, DES_ENCRYPT); if (OSSL_PROVIDER_load(nullptr, "legacy") == nullptr) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"OSSL_PROVIDER_load failed.");
}
}
#else
#error "navicat_serial_generator.cpp: Unexpected OpenSSL version."
#endif
resource_wrapper evp_cipher_context{ resource_traits::openssl::evp_cipher_ctx{}, EVP_CIPHER_CTX_new() };
if (!evp_cipher_context.is_valid()) {
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_CIPHER_CTX_new failed.");
}
if (EVP_EncryptInit_ex(evp_cipher_context.get(), EVP_des_ecb(), nullptr, m_des_key, nullptr) <= 0) { // return 1 for success and 0 for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_EncryptInit failed.");
}
if (int _; EVP_EncryptUpdate(evp_cipher_context.get(), m_data + 2, &_, m_data + 2, 8) <= 0) { // return 1 for success and 0 for failure
throw backend_error(NKG_CURRENT_SOURCE_FILE(), NKG_CURRENT_SOURCE_LINE(), u8"EVP_EncryptUpdate failed.");
}
m_serial_number = base32_rfc4648::encode(m_data, sizeof(m_data)); m_serial_number = base32_rfc4648::encode(m_data, sizeof(m_data));
std::transform(m_serial_number.begin(), m_serial_number.end(), m_serial_number.begin(), _replace_confusing_chars); std::transform(m_serial_number.begin(), m_serial_number.end(), m_serial_number.begin(), _replace_confusing_chars);

12
navicat-keygen/navicat_serial_generator.hpp
View File

@ -1,7 +1,6 @@
#pragma once #pragma once
#include <string> #include <string>
#include <vector> #include <vector>
#include <openssl/des.h>
#include "exception.hpp" #include "exception.hpp"
namespace nkg { namespace nkg {
@ -36,13 +35,14 @@ namespace nkg {
class navicat_serial_generator { class navicat_serial_generator {
public: public:
class version_error; class version_error;
class backend_error;
private: private:
static inline const DES_cblock s_des_key0 = { 0x64, 0xAD, 0xF3, 0x2F, 0xAE, 0xF2, 0x1A, 0x27 }; static inline const uint8_t s_des_key0[8] = { 0x64, 0xAD, 0xF3, 0x2F, 0xAE, 0xF2, 0x1A, 0x27 };
static inline const DES_cblock s_des_key1 = { 0xE9, 0x7F, 0xB0, 0x60, 0x77, 0x45, 0x90, 0xAE }; static inline const uint8_t s_des_key1[8] = { 0xE9, 0x7F, 0xB0, 0x60, 0x77, 0x45, 0x90, 0xAE };
uint8_t m_data[10]; uint8_t m_data[10];
DES_cblock m_des_key; uint8_t m_des_key[8];
std::string m_serial_number; std::string m_serial_number;
std::string m_serial_number_formatted; std::string m_serial_number_formatted;
@ -72,4 +72,8 @@ namespace nkg {
using ::nkg::exception::exception; using ::nkg::exception::exception;
}; };
class navicat_serial_generator::backend_error : public ::nkg::exception {
using ::nkg::exception::exception;
};
} }