move ECDH_CTX into cpp
Change-Id: Ib28e0d0586f9e89fe2aaaaa3c6311ffd0325f8ad
diff --git a/src/crypto-support/crypto-helper.cpp b/src/crypto-support/crypto-helper.cpp
index 2920fdb..286490d 100644
--- a/src/crypto-support/crypto-helper.cpp
+++ b/src/crypto-support/crypto-helper.cpp
@@ -36,9 +36,20 @@
const size_t HASH_SIZE = 32;
-NDN_LOG_INIT(ndncert.crypto-support);
+NDN_LOG_INIT(ndncert.cryptosupport);
+
+struct ECDHState::ECDH_CTX {
+ int EC_NID;
+ EVP_PKEY_CTX* ctx_params;
+ EVP_PKEY_CTX* ctx_keygen;
+ EVP_PKEY* privkey;
+ EVP_PKEY* peerkey;
+ EVP_PKEY* params;
+};
ECDHState::ECDHState()
+ : m_publicKeyLen(0)
+ , m_sharedSecretLen(0)
{
OpenSSL_add_all_algorithms();
context = std::make_unique<ECDH_CTX>();
@@ -123,15 +134,15 @@
auto ecPoint = EC_KEY_get0_public_key(privECKey);
const EC_GROUP* group = EC_KEY_get0_group(privECKey);
- context->publicKeyLen = EC_POINT_point2oct(group, ecPoint, POINT_CONVERSION_COMPRESSED,
- context->publicKey, 256, nullptr);
+ m_publicKeyLen = EC_POINT_point2oct(group, ecPoint, POINT_CONVERSION_COMPRESSED,
+ m_publicKey, 256, nullptr);
EC_KEY_free(privECKey);
- if (context->publicKeyLen == 0) {
+ if (m_publicKeyLen == 0) {
handleErrors("Could not convert EC_POINTS to octet string when calling EC_POINT_point2oct.");
return nullptr;
}
- return context->publicKey;
+ return m_publicKey;
}
std::string
@@ -139,12 +150,11 @@
{
namespace t = ndn::security::transform;
- if (context->publicKeyLen == 0) {
+ if (m_publicKeyLen == 0) {
this->getRawSelfPubKey();
}
-
std::ostringstream os;
- t::bufferSource(context->publicKey, context->publicKeyLen) >> t::base64Encode(false) >> t::streamSink(os);
+ t::bufferSource(m_publicKey, m_publicKeyLen) >> t::base64Encode(false) >> t::streamSink(os);
return os.str();
}
@@ -167,15 +177,14 @@
handleErrors("Cannot convert peer's key into a EC point when calling EC_POINT_oct2point()");
}
- if (-1 == (context->sharedSecretLen = ECDH_compute_key(context->sharedSecret, 256,
- peerPoint, privECKey, nullptr))) {
+ if (-1 == (m_sharedSecretLen = ECDH_compute_key(m_sharedSecret, 256, peerPoint, privECKey, nullptr))) {
EC_POINT_free(peerPoint);
EC_KEY_free(privECKey);
handleErrors("Cannot generate ECDH secret when calling ECDH_compute_key()");
}
EC_POINT_free(peerPoint);
EC_KEY_free(privECKey);
- return context->sharedSecret;
+ return m_sharedSecret;
}
uint8_t*
@@ -192,8 +201,8 @@
int
hmac_sha256(const uint8_t* data, const unsigned data_length,
- const uint8_t* key, const unsigned key_length,
- uint8_t* result)
+ const uint8_t* key, const unsigned key_length,
+ uint8_t* result)
{
HMAC(EVP_sha256(), key, key_length,
(unsigned char*)data, data_length,
diff --git a/src/crypto-support/crypto-helper.hpp b/src/crypto-support/crypto-helper.hpp
index 3af83af..eb4122c 100644
--- a/src/crypto-support/crypto-helper.hpp
+++ b/src/crypto-support/crypto-helper.hpp
@@ -37,19 +37,6 @@
using std::runtime_error::runtime_error;
};
-struct ECDH_CTX {
- int EC_NID;
- EVP_PKEY_CTX* ctx_params;
- EVP_PKEY_CTX* ctx_keygen;
- EVP_PKEY* privkey;
- EVP_PKEY* peerkey;
- EVP_PKEY* params;
- uint8_t publicKey[256];
- int publicKeyLen;
- uint8_t sharedSecret[256];
- int sharedSecretLen;
-};
-
class ECDHState {
public:
ECDHState();
@@ -61,7 +48,10 @@
uint8_t*
deriveSecret(const std::string& peerKeyStr);
- unique_ptr<ECDH_CTX> context;
+ uint8_t m_publicKey[256];
+ size_t m_publicKeyLen;
+ uint8_t m_sharedSecret[256];
+ size_t m_sharedSecretLen;
PUBLIC_WITH_TESTS_ELSE_PRIVATE:
uint8_t*
@@ -69,6 +59,10 @@
uint8_t*
getRawSelfPubKey();
+
+private:
+ struct ECDH_CTX;
+ unique_ptr<ECDH_CTX> context;
};
/**