Skip to content

Commit 941dbc9

Browse files
committed
修改:统一异常处理为try-catch
1 parent ed3909a commit 941dbc9

File tree

4 files changed

+175
-169
lines changed

4 files changed

+175
-169
lines changed

devapi/abe/abe_crypto.cc

Lines changed: 42 additions & 64 deletions
Original file line numberDiff line numberDiff line change
@@ -16,85 +16,75 @@ namespace mysqlx{
1616
MYSQLX_ABI_BEGIN(2,0)
1717
namespace abe{
1818

19-
bool abe_crypto::encrypt(std::string pt, std::string policy, std::string &ct){
19+
void abe_crypto::encrypt(std::string pt, std::string policy, std::string &ct){
2020

2121
oabe::InitializeOpenABE();
2222
oabe::OpenABECryptoContext cpabe("CP-ABE");
2323
cpabe.importPublicParams(mpk);
2424
cpabe.encrypt(policy.c_str(), pt, ct);
2525
oabe::ShutdownOpenABE();
26-
27-
// std::cout<<"encrypt succefully!"<<std::endl;
28-
return true;
2926
}
3027

31-
bool abe_crypto::decrypt(const std::string ct, std::string &pt){
28+
void abe_crypto::decrypt(const std::string ct, std::string &pt){
3229

3330
if(!check_abe_key()){
34-
return false;
31+
ABE_ERROR("no abe key!");
3532
}
3633

3734
oabe::InitializeOpenABE();
3835
oabe::OpenABECryptoContext cpabe("CP-ABE");
3936
cpabe.importPublicParams(mpk);
4037
cpabe.importUserKey(user.user_id.c_str(), user.user_key);
4138
if(!cpabe.decrypt(user.user_id.c_str(), ct, pt)){
42-
pt = "can't decrypt.";
39+
oabe::ShutdownOpenABE();
40+
ABE_ERROR("abe: can't decrypt.");
4341
}
44-
// std::cout << "Recovered message: " << pt << std::endl;
4542
oabe::ShutdownOpenABE();
46-
47-
return true;
4843
}
4944

5045
bool abe_crypto::check_abe_key(){
5146
if(user.user_key == ""){
52-
ABE_ERROR("there is no abe_key, please run:\n\tshow current_abe_key;\nto get from database");
5347
return false;
5448
}
5549
return true;
5650
}
5751

5852

59-
bool abe_crypto::init(std::string mpk_path, std::string key_path,
53+
void abe_crypto::init(std::string mpk_path, std::string key_path,
6054
std::string kms_cert_path, std::string db_cert_path,
6155
std::string rsa_sk_path){
62-
if(!(import_mpk(mpk_path)
63-
&& import_db_cert(db_cert_path) && import_kms_cert(kms_cert_path)
64-
&& import_sk(rsa_sk_path))){
65-
return false;
66-
}
56+
import_mpk(mpk_path);
57+
import_db_cert(db_cert_path);
58+
import_kms_cert(kms_cert_path);
59+
import_sk(rsa_sk_path);
6760
if(!import_user_key(key_path)){ //abe_user_key可以之后获取
6861
user.user_key = "";
6962
}
70-
return true;
7163
}
7264

73-
bool abe_crypto::import_mpk(std::string mpk_path){
65+
void abe_crypto::import_mpk(std::string mpk_path){
7466
//读入mpk
7567
std::ifstream ifs_mpk(mpk_path, std::ios::in);
7668
if(!ifs_mpk){
69+
ifs_mpk.close();
7770
ABE_ERROR2("error opening security pameter (mpk) file.\nmpk_path=", mpk_path);
78-
return false;
7971
}
8072
ifs_mpk>>mpk;
8173
ifs_mpk.close();
82-
return true;
8374
}
8475

8576
bool abe_crypto::import_user_key(std::string key_path){
8677
//读入abe_user_key
8778
std::ifstream ifs_key(key_path, std::ios::in);
8879
if(!ifs_key){
89-
ABE_ERROR("there is no abe_key, please run:\n\tshow current_abe_key;\nto get from database");
9080
return false;
9181
}
9282
ifs_key>>user.user_key;
9383
ifs_key.close();
9484
return true;
9585
}
9686

97-
bool abe_crypto::save_user_key(std::string key_path, std::string key_str_b64){
87+
void abe_crypto::save_user_key(std::string key_path, std::string key_str_b64){
9888
std::string pt;
9989

10090
//key_str为base64编码
@@ -107,32 +97,25 @@ bool abe_crypto::save_user_key(std::string key_path, std::string key_str_b64){
10797
if(!rsa_decrypt(ct, pt)){
10898
free(key_str);
10999
ABE_ERROR("failed to decrypt abe user key");
110-
return false;
111100
}
112101
free(key_str);
113102

114-
if(pt == ""){
115-
return false;
116-
}
117103
//写入abe_user_key
118104
std::ofstream ofs_key(key_path, std::ios::out);
119105
if(!ofs_key){
120106
ABE_ERROR2("error opening user key-file.\nkey_path=" , key_path);
121-
return false;
122107
}
123108
ofs_key << pt;
124109
user.user_key = pt;
125110
ofs_key.close();
126-
return true;
127111
}
128112

129-
bool abe_crypto::import_sk(std::string rsa_sk_path){
113+
void abe_crypto::import_sk(std::string rsa_sk_path){
130114
// 导入rsa密钥文件并读取密钥
131115
FILE *hPriKeyFile = fopen(rsa_sk_path.c_str(), "rb");
132116
if (hPriKeyFile == NULL)
133117
{
134-
// assert(false);
135-
return false;
118+
ABE_ERROR2("read file failed, file_path=", rsa_sk_path);
136119
}
137120
std::string strRet;
138121
RSA *pRSAPriKey = RSA_new();
@@ -141,11 +124,10 @@ bool abe_crypto::import_sk(std::string rsa_sk_path){
141124
// assert(false);
142125
RSA_free(pRSAPriKey);
143126
fclose(hPriKeyFile);
144-
return false;
127+
ABE_ERROR2("read rsa prikey failed, file_path=", rsa_sk_path);
145128
}
146129
sk = pRSAPriKey;
147130
fclose(hPriKeyFile);
148-
return true;
149131
}
150132

151133
RSA * abe_crypto::import_pk(const std::string cert_path, std::string &err_msg){
@@ -184,28 +166,24 @@ RSA * abe_crypto::import_pk(const std::string cert_path, std::string &err_msg){
184166
return pk;
185167
}
186168

187-
bool abe_crypto::import_db_cert(std::string db_cert_path){
169+
void abe_crypto::import_db_cert(std::string db_cert_path){
188170
std::string err_msg;
189171
RSA *pk = import_pk(db_cert_path, err_msg);
190172
if(pk == NULL){
191173
err_msg += ":" + db_cert_path;
192-
ABE_ERROR(err_msg);
193-
return false;
174+
ABE_ERROR(err_msg.c_str());
194175
}
195176
db_pk = pk;
196-
return true;
197177
}
198178

199-
bool abe_crypto::import_kms_cert(std::string kms_cert_path){
179+
void abe_crypto::import_kms_cert(std::string kms_cert_path){
200180
std::string err_msg;
201181
RSA *pk = import_pk(kms_cert_path, err_msg);
202182
if(pk == NULL){
203183
err_msg += ":" + kms_cert_path;
204-
ABE_ERROR(err_msg);
205-
return false;
184+
ABE_ERROR(err_msg.c_str());
206185
}
207186
kms_pk = pk;
208-
return true;
209187
}
210188

211189
abe_crypto::~abe_crypto(){
@@ -214,43 +192,41 @@ abe_crypto::~abe_crypto(){
214192
if(sk != NULL) RSA_free(sk);
215193
}
216194

217-
bool abe_crypto::verify_sig(RSA *pk, unsigned char * msg, size_t msg_length, unsigned char * sig, size_t sig_length){
195+
void abe_crypto::verify_sig(RSA *pk, unsigned char * msg, size_t msg_length, unsigned char * sig, size_t sig_length){
218196
unsigned char digest[SHA512_DIGEST_LENGTH];
219197
// 对输入进行hash
220198
SHA512(msg, msg_length, digest);
221199

222200
// 对签名进行认证
223201
int ret = RSA_verify(NID_sha512, digest, SHA512_DIGEST_LENGTH, sig, sig_length, pk);
224202
if (ret != 1){
225-
ABE_ERROR("verify error");
226203
unsigned long ulErr = ERR_get_error();
227204
char szErrMsg[1024] = {0};
228-
ABE_ERROR2("error number:" , ulErr);
229205
ERR_error_string(ulErr, szErrMsg); // 格式:error:errId:库:函数:原因
230-
std::cout << szErrMsg << std::endl;
231-
return false;
206+
ABE_ERROR2("abe_key verify error: ", szErrMsg);
232207
}
233-
return true;
234208

235209
}
236210

237-
bool abe_crypto::verify_db_sig(const std::string msg, const std::string sig_b64){
211+
void abe_crypto::verify_db_sig(const std::string msg, const std::string sig_b64){
238212
//sig是base64编码,需要先解码
239213
size_t sig_b64_length = sig_b64.length();
240214
unsigned char * sig = (unsigned char*)malloc(base64_utils::b64_dec_len(sig_b64_length));
241215
size_t sig_length = base64_utils::b64_decode(sig_b64.c_str(), sig_b64_length, (char*)sig);
242216

243-
if(!verify_sig(db_pk, (unsigned char *)msg.c_str(), msg.length(), sig, sig_length)){
217+
try{
218+
verify_sig(db_pk, (unsigned char *)msg.c_str(), msg.length(), sig, sig_length);
244219
free(sig);
245-
ABE_ERROR("db_sig: verify failed");
246-
return false;
220+
}catch(const ::mysqlx::abe::Error& e){
221+
free(sig);
222+
ABE_ERROR2("db_sig:", e.what());
223+
}catch(...){
224+
free(sig);
225+
ABE_ERROR("nknown exception");
247226
}
248-
ABE_LOG("db_sig: verify success");
249-
free(sig);
250-
return true;
251227
}
252228

253-
bool abe_crypto::verify_kms_sig(const std::string msg_b64, const std::string sig_b64){
229+
void abe_crypto::verify_kms_sig(const std::string msg_b64, const std::string sig_b64){
254230

255231
//msg和sig都是base64编码,需要先解码
256232
size_t msg_b64_length = msg_b64.length();
@@ -261,17 +237,19 @@ bool abe_crypto::verify_kms_sig(const std::string msg_b64, const std::string sig
261237
unsigned char * sig = (unsigned char*)malloc(base64_utils::b64_dec_len(sig_b64_length));
262238
size_t sig_length = base64_utils::b64_decode(sig_b64.c_str(), sig_b64_length, (char*)sig);
263239

264-
if(!verify_sig(kms_pk, msg, msg_length, sig, sig_length)){
240+
try{
241+
verify_sig(kms_pk, msg, msg_length, sig, sig_length);
265242
free(msg);
266243
free(sig);
267-
ABE_ERROR("kms_sig: verify failed");
268-
return false;
244+
}catch(const ::mysqlx::abe::Error& e){
245+
free(msg);
246+
free(sig);
247+
ABE_ERROR2("kms_sig:", e.what());
248+
}catch(...){
249+
free(msg);
250+
free(sig);
251+
ABE_ERROR("nknown exception");
269252
}
270-
271-
ABE_LOG("kms_sig: verify success");
272-
free(msg);
273-
free(sig);
274-
return true;
275253
}
276254

277255
//注意ct初始化时必须指定长度,否则ct.length会因为0x00而截断

0 commit comments

Comments
 (0)