fix the ssl dh key size assert error, key size maybe 127, not always 128. 0.9.195

2025-02-15 04:42:04 +00:00 · 2014-08-13 18:09:35 +08:00 · 2014-08-13 18:09:35 +08:00 · b15ee26a48
commit b15ee26a48
parent 67ab0fb5e0
2 changed files with 30 additions and 15 deletions
--- a/trunk/src/core/srs_core.hpp
+++ b/trunk/src/core/srs_core.hpp
@ -31,7 +31,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 // current release version
 #define VERSION_MAJOR "0"
 #define VERSION_MINOR "9"
-#define VERSION_REVISION "194"
+#define VERSION_REVISION "195"
 #define RTMP_SIG_SRS_VERSION VERSION_MAJOR"."VERSION_MINOR"."VERSION_REVISION
 // server info.
 #define RTMP_SIG_SRS_KEY "SRS"
--- a/trunk/src/rtmp/srs_protocol_handshake.cpp
+++ b/trunk/src/rtmp/srs_protocol_handshake.cpp
@ -198,9 +198,9 @@ namespace _srs_internal
        }
        
        // copy public key to bytes.
-        // TODO: FIXME: please finger it out.
+        // sometimes, the key_size is 127, seems ok.
        int32_t key_size = BN_num_bytes(pdh->pub_key);
-        srs_assert(key_size == size);
+        srs_assert(key_size > 0);
        
        if (BN_bn2bin(pdh->pub_key, (unsigned char*)public_key) != size) {
            //("Unable to copy key"); return ret;
@ -211,6 +211,31 @@ namespace _srs_internal
        return ret;
    }
    /**
+    * use exists DH to create and copy the 128bytes shared key.
+    * the peer public key used to generate the shared key.
+    */
+    int __openssl_copy_shared_key(DH* pdh, const char* peer_pub_key, int ppk_size, char* shared_key)
+    {
+        int ret = ERROR_SUCCESS;
+        
+        BIGNUM* ppk = NULL;
+        if ((ppk = BN_bin2bn((const unsigned char*)peer_pub_key, ppk_size, 0)) == NULL) {
+            ret = ERROR_OpenSslGetPeerPublicKey;
+            return ret;
+        }
+        
+        // if failed, donot return, do cleanup.
+        if (DH_compute_key((unsigned char*)shared_key, ppk, pdh) < 0) {
+            ret = ERROR_OpenSslComputeSharedKey;
+        }
+        
+        if (ppk) {
+            BN_free(ppk);
+        }
+        
+        return ret;
+    }
+    /**
    * create DH and copy the 128bytes public key,
    * generate and copy the shared key.
    */
@ -223,21 +248,11 @@ namespace _srs_internal
            return ret;
        }
        
-        BIGNUM* ppk = NULL;
-        if ((ppk = BN_bin2bn((const unsigned char*)peer_pub_key, ppk_size, 0)) == NULL) {
-            ret = ERROR_OpenSslGetPeerPublicKey;
+        // generate and copy the shared key
+        if ((ret = __openssl_copy_shared_key(pdh, peer_pub_key, ppk_size, shared_key)) != ERROR_SUCCESS) {
            return ret;
        }
        
-        // if failed, donot return, do cleanup.
-        if (DH_compute_key((unsigned char*)shared_key, ppk, pdh) < 0) {
-            ret = ERROR_OpenSslComputeSharedKey;
-        }
-        
-        if (ppk) {
-            BN_free(ppk);
-        }
-        
        return ret;
    }
    void __openssl_free(DH* pdh)