Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor low-level crypto to C++ style. #2292

Merged
merged 24 commits into from
Dec 10, 2024
Merged

Refactor low-level crypto to C++ style. #2292

merged 24 commits into from
Dec 10, 2024

Conversation

ni4
Copy link
Contributor

@ni4 ni4 commented Nov 13, 2024
edited
Loading

This is rather huge PR, which would do simple things:

  • avoid plain C structs and functions by replacing those with C++ classes/methods
  • use references instead of pointers
  • avoid static fixed-size buffer in favor of std::vector
  • use C++ wrappers with destructors for proper Botan/OpenSSL objects deallocation.

@codecov Codecov
Copy link

codecov bot commented Nov 13, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 85.69528% with 215 lines in your changes missing coverage. Please review.

Project coverage is 84.88%. Comparing base (ddcbaa9) to head (858ad09).
Report is 24 commits behind head on main.

Files with missing lines Patch % Lines
src/lib/crypto/sm2.cpp 77.67% 25 Missing ⚠️
src/lib/crypto/elgamal.cpp 77.50% 18 Missing ⚠️
src/lib/crypto/rsa_ossl.cpp 88.75% 18 Missing ⚠️
src/lib/crypto/dsa.cpp 81.39% 16 Missing ⚠️
src/lib/crypto/dsa_ossl.cpp 84.15% 16 Missing ⚠️
src/lib/crypto/ecdh.cpp 84.94% 14 Missing ⚠️
src/lib/crypto/ossl_utils.hpp 82.05% 14 Missing ⚠️
src/lib/crypto/rsa.cpp 86.86% 13 Missing ⚠️
src/lib/crypto/ec.cpp 75.55% 11 Missing ⚠️
src/lib/crypto/ecdsa_ossl.cpp 73.80% 11 Missing ⚠️
... and 11 more
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #2292      +/-   ##
==========================================
+ Coverage   84.81%   84.88%   +0.06%     
==========================================
  Files         116      114       -2     
  Lines       23346    22783     -563     
==========================================
- Hits        19802    19339     -463     
+ Misses       3544     3444     -100

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@ni4 ni4 force-pushed the ni4-refactor-low-level-crypto branch from 2a228c3 to 9f78304 Compare November 13, 2024 19:58
@ni4 ni4 force-pushed the ni4-refactor-low-level-crypto branch 9 times, most recently from 02f053d to 32a11db Compare November 19, 2024 10:44
@ni4 ni4 force-pushed the ni4-refactor-low-level-crypto branch 5 times, most recently from 7a9f582 to da9d709 Compare November 28, 2024 14:47
ni4 added 13 commits November 29, 2024 12:50
@ni4
Refactor RSA crypto to use references instead of pointers.
0e20f32
@ni4
Add classes pgp::rsa::Key, pgp::rsa::Encrypted and pgp::rsa::Signatur…
efe3186 
…e to use instead of structs.
@ni4
Use helper classes for Botan FFI objects in RSA.
6933d39
@ni4
Refactor DSA types and functions to be closer to C++ style.
7a558c1
@ni4
Refactor ElGamal code to be closer to C++ style.
7d02160
@ni4
Use auto for const ec_curve_desc_t * variable where applicable.
915dac8
@ni4
Use std::vector<uint8_t> to store curve's OID.
31ebece
@ni4
Use std::vector instead of fixed buffer for ECDH other_info serializa…
aea7fd7 
…tion.
@ni4
EC crypto code to be closer to C++ style.
ef4f186
@ni4
Remove no longer needed BN code which is superceded by botan_utils.hpp.
604095e
@ni4
Update OpenSSL wrappers
66c3fd3
@ni4
Use OpenSSL wrappers for DSA code.
8c4ac1a
@ni4
Use OpenSSL wrappers for RSA code.
78a6396
@ni4 ni4 force-pushed the ni4-refactor-low-level-crypto branch from da9d709 to bd9aa80 Compare November 29, 2024 11:05
@ni4 ni4 marked this pull request as ready for review November 29, 2024 11:07
desvxx
desvxx approved these changes Nov 30, 2024
View reviewed changes
src/lib/crypto/botan_utils.hpp Show resolved Hide resolved
src/lib/crypto/ecdh_ossl.cpp
RNP_LOG("Failed to derive kek: %s", e.what());
return RNP_ERROR_GENERIC;
/* LCOV_EXCL_END */
for (size_t i = 1; i <= reps; i++) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can't have exception here anymore?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't need to handle it here and now allow to pass it up. Check was added during initial transition from C to C++, when FFI didn't handle exceptions or something like that.

maxirmx
maxirmx approved these changes Dec 2, 2024
View reviewed changes
Copy link
Member

@maxirmx maxirmx left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. IMHO wrappers in botan_utils.hpp and ossl_utils.hpp look like derivatives of unique_ptr with custom Deleter
    I am not at all saying that it shall be changed, just noting that it is a kind of reimplementation of standard library

  2. Purists would say that in the newer files nullptr shall be used and not NULL

@ni4
Copy link
Contributor Author

ni4 commented Dec 5, 2024

@maxirmx

  1. IMHO wrappers in botan_utils.hpp and ossl_utils.hpp look like derivatives of unique_ptr with custom Deleter
    I am not at all saying that it shall be changed, just noting that it is a kind of reimplementation of standard library

Thanks for this suggestion! Somehow I missed the idea to use unique_ptr with custom deleter, with it it looks much better and cleaner, so updated the code.

2. Purists would say that in the newer files `nullptr` shall be used and not `NULL`

Agree, missed this as well, updated code fore C++ return types.

@ni4 ni4 force-pushed the ni4-refactor-low-level-crypto branch from 37b27b7 to 1397044 Compare December 5, 2024 17:30
@ni4 ni4 force-pushed the ni4-refactor-low-level-crypto branch from 1397044 to e75157c Compare December 5, 2024 17:36
@ni4 ni4 force-pushed the ni4-refactor-low-level-crypto branch from e75157c to 2052e7c Compare December 5, 2024 17:40
@maxirmx
Copy link
Member

maxirmx commented Dec 5, 2024

macos-12 GHA runner is not available anymore
I have changed it to macos-13, thought it was faster tne making a comment

@ni4
Copy link
Contributor Author

ni4 commented Dec 10, 2024

@maxirmx Is this good to merge now?

@maxirmx maxirmx merged commit bd601d5 into main Dec 10, 2024
123 checks passed
@maxirmx maxirmx deleted the ni4-refactor-low-level-crypto branch December 10, 2024 12:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@desvxx desvxx desvxx approved these changes

@maxirmx maxirmx maxirmx approved these changes

@ronaldtse ronaldtse Awaiting requested review from ronaldtse

@antonsviridenko antonsviridenko Awaiting requested review from antonsviridenko

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ni4 @maxirmx @desvxx