Fixed fatal bug causing deletion of stack-allocated cryptographic keyset: keyset is no longer stack-allocated :P

AsyncKeys destructor now completely deletes keydata
2017-10-16 21:01:18 +02:00 · 2017-10-16 21:01:18 +02:00 · 88928ba722
commit 88928ba722
parent 04ef028372
3 changed files with 18 additions and 10 deletions
--- a/CPPTools/Crypto.cpp
+++ b/CPPTools/Crypto.cpp
@ -165,7 +165,6 @@ namespace Crypto {
 	namespace RSA {
 		// -------- RSA START --------
 		KeyData* rsa_gen_keys() {
-			KeyData* k = new KeyData();

 			CryptoPP::InvertibleRSAFunction params;
 			CryptoPP::RandomPool rng;
@ -174,8 +173,8 @@ namespace Crypto {
 			rng.IncorporateEntropy((const byte*)&t, sizeof(t) * 8);

 			params.GenerateRandomWithKeySize(rng, 3072);
-			k->privKey = CryptoPP::RSA::PrivateKey(params);
-			k->publKey = CryptoPP::RSA::PublicKey(params);
+
+			KeyData* k = new KeyData{ new CryptoPP::RSA::PrivateKey(params), new CryptoPP::RSA::PublicKey(params) };
 			return k;
 		}

--- a/CPPTools/Crypto.h
+++ b/CPPTools/Crypto.h
@ -50,8 +50,8 @@ namespace Crypto {

 	namespace RSA {
 		struct KeyData {
-			CryptoPP::RSA::PrivateKey privKey;
-			CryptoPP::RSA::PublicKey publKey;
+			CryptoPP::RSA::PrivateKey *privKey;
+			CryptoPP::RSA::PublicKey *publKey;
 		};

 		char* serializeKey(CryptoPP::RSA::PublicKey&, ulong_64b* rSize);
--- a/CPPTools/Net.cpp
+++ b/CPPTools/Net.cpp
@ -7,6 +7,7 @@
 #include <time.h>
 #include <windows.h>
 #include <ws2tcpip.h>
+#include <iostream>


 namespace IO {
@ -23,9 +24,17 @@ namespace IO {
 		done = suppressDelete = true;
 		keys = predef;
 	}
-	AsyncKeys::~AsyncKeys() { if (!suppressDelete) delete keys; }
+	AsyncKeys::~AsyncKeys() {
+		if (!suppressDelete) {
+			delete keys->privKey;
+			delete keys->publKey;
+			delete keys;
+		}
+	}
 	Crypto::RSA::KeyData* AsyncKeys::get() {
-		if (!done) keys = gen.get();
+		if (!done) {
+			keys = gen.get();
+		}
 		return keys;
 	}

@ -275,7 +284,7 @@ namespace IO {
 			delete[] size;

 			p.message = readSparse(sparse, p.size);
-			if (encrypted) p.message = Crypto::full_auto_decrypt(p.message, keyData->get()->privKey, &p.size);
+			if (encrypted) p.message = Crypto::full_auto_decrypt(p.message, *keyData->get()->privKey, &p.size);

 			p.packetUID = p.message[0];
 			if (p.packetUID != expectedNextPUID) continue; // Detect packet replay/mismatch
@ -308,12 +317,12 @@ namespace IO {
 						}
 						else {
 							ulong_64b size;
-							char* c = Crypto::RSA::serializeKey(keyData->get()->publKey, &size);
+							char* c = Crypto::RSA::serializeKey(*keyData->get()->publKey, &size);
 							_write(c, size); // This shouldn't be encrypted
 							delete[] c;
 						}
 					}
-					else throw new _exception(); // Incompatible cryptographic requirements!
+					else throw new std::exception(); // Incompatible cryptographic requirements!
 				}
 				if (fm_neg_hasLevel && !fm_neg_hasSize && encrypted && sparse->size() >= sizeof(ulong_64b)) {
 					fm_neg_hasSize = true;