-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use OpenSSL instead of crypto++ #4655
Conversation
This is a very good call IMO. Cryptopp dropped the support of CMake, which makes this PR all the more valuable! |
aff, too bad openssl interface is pain |
I haven't kept up to date with the tibia protocol for many years, but last i checked, RSA is only used for login, and XTEA is used for in-game communication, is this still the case? (If that's the case, the performance between crypto++ and openssl is a non-factor) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
me likey.
openssl was already implicitly required by mariadb-dev in most cases
That's still the case. RSA is only for the XTEA key, so 128 bytes once per connection. XTEA is now fast enough to be negligible. |
Use OpenSSL for SHA1 hashing and RSA encryption, which is more readily available in all systems than crypto++
Would like a few ✅ especially from those on Windows, since installing and using OpenSSL on Linux is a piece of cake 😆 Also: gonna add some tests |
I know that no one is probably compiling that way, but getting rid of crypto++ will make it possible to build with cmake on windows again so it's another reason to go with this pr 👍 |
auto expectedPrivateExponent = | ||
"5418925373928586701966836677512206800734033866457254764400459929804603458528232352199600575306819650618162351643553279676157387691020051542771655878881953"; | ||
BOOST_TEST(actualPrivateExponent == expectedPrivateExponent, | ||
"expected d = " << expectedPrivateExponent << ", got " << actualPrivateExponent); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think I'll remove the checks below this line, only n
, e
and d
are useful for RSA and the rest is just extra information but isn't used to encrypt/decrypt
@ranisalt
if (transformToSHA1(password) != result->getString("password")) { Is there missing conversion to hex format after these changes? I added this function to convert std::string bin2hex(std::string_view binary)
{
const unsigned char *hash = reinterpret_cast<const unsigned char*>(binary.data());
char hex[binary.size() * 2 + 1];
for (int i = 0; i < binary.size(); ++i) {
sprintf(&hex[i * 2], "%02x", (unsigned int) hash[i]);
}
return std::string(hex, binary.size() * 2);
} |
It was basicly resolved in #4669 with using |
No particular reason to do that, although due to small string optimization the 20-byte string may be faster by avoiding the heap. Not significant, but cool 😎 |
Pull Request Prelude
Changes Proposed
Use OpenSSL for SHA1 hashing and RSA encryption, which is more readily available in all systems than crypto++