CHANGE: added new release native as an universal way how to release internal resources available thru handles. Removed all non universal ways of releasing crypt keys!

Oldes · Oldes · commit 070c6b213360 · 2022-02-21T13:09:36.000+01:00
diff --git a/src/boot/natives.reb b/src/boot/natives.reb
@@ -247,6 +247,11 @@ recycle: native [
 	/torture {Constant recycle (for internal debugging)}
 ]
 
+release: native [
+	"Release internal resources of the handle. Returns true on success."
+	handle [handle!]
+]
+
 reduce: native [
 	{Evaluates expressions and returns multiple results.}
 	value
diff --git a/src/core/n-crypt.c b/src/core/n-crypt.c
@@ -320,7 +320,7 @@ static int myrand(void *rng_state, unsigned char *output, size_t len)
 //  rsa: native [
 //		"Encrypt/decrypt/sign/verify data using RSA cryptosystem. Only one refinement must be used!"
 //		rsa-key [handle!] "RSA context created using `rsa-init` function"
-//		data    [binary! none!] "Data to work with. Use NONE to release the RSA handle resources!"
+//		data    [binary!] "Data to work with."
 //		/encrypt  "Use public key to encrypt data"
 //		/decrypt  "Use private key to decrypt data"
 //		/sign     "Use private key to sign data. Result is PKCS1 v1.5 binary"
@@ -369,12 +369,6 @@ static int myrand(void *rng_state, unsigned char *output, size_t len)
 
 	rsa = (RSA_CTX*)VAL_HANDLE_CONTEXT_DATA(key);
 
-	if (IS_NONE(val_data)) {
-		// release RSA key resources
-		Free_Hob(VAL_HANDLE_CTX(key));
-		return R_TRUE;
-	}
-
 	if(
 		(mbedtls_rsa_check_pubkey(rsa) != 0) ||
 		((refDecrypt || refSign) && (mbedtls_rsa_check_privkey(rsa) != 0))
@@ -510,18 +504,16 @@ static int myrand(void *rng_state, unsigned char *output, size_t len)
 //  dh: native [
 //		"Diffie-Hellman key exchange"
 //		dh-key [handle!] "DH key created using `dh-init` function"
-//		/release "Releases internal DH key resources"
 //		/public  "Returns public key as a binary"
 //		/secret  "Computes secret result using peer's public key"
 //			public-key [binary!] "Peer's public key"
 //  ]
 ***********************************************************************/
 {
 	REBVAL *key        = D_ARG(1);
-	REBOOL  refRelease = D_REF(2);
-	REBOOL  refPublic  = D_REF(3);
-	REBOOL  refSecret  = D_REF(4);
-	REBVAL *gy         = D_ARG(5);
+	REBOOL  refPublic  = D_REF(2);
+	REBOOL  refSecret  = D_REF(3);
+	REBVAL *gy         = D_ARG(4);
 
 	REBSER  *out = NULL;
 	REBINT   err;
@@ -556,10 +548,6 @@ static int myrand(void *rng_state, unsigned char *output, size_t len)
 		if (err) goto error;
 		BIN_LEN(out) = olen;
 	}
-	if (refRelease) {
-		Free_Hob(VAL_HANDLE_CTX(key));
-		if (!out) return R_TRUE;
-	}
 	SET_BINARY(D_RET, out);
 	return R_RET;
 error:
@@ -582,7 +570,6 @@ static int myrand(void *rng_state, unsigned char *output, size_t len)
 //		/public "Returns public key as a binary"
 //		/secret  "Computes secret result using peer's public key"
 //			public-key [binary!] "Peer's public key"
-//		/release "Releases internal ECDH key resources"
 //  ]
 ***********************************************************************/
 {
@@ -593,7 +580,6 @@ static int myrand(void *rng_state, unsigned char *output, size_t len)
 	REBOOL  ref_public  = D_REF(5);
 	REBOOL  ref_secret  = D_REF(6);
 	REBVAL *val_public  = D_ARG(7);
-	REBOOL  ref_release = D_REF(8);
 
 
 	ECDH_CTX *ctx;
@@ -605,7 +591,7 @@ static int myrand(void *rng_state, unsigned char *output, size_t len)
 
 	// make sure that only valid combination of refinements is used!
 	if (
-		(ref_type   && (ref_public || ref_secret || ref_release)) ||
+		(ref_type   && (ref_public || ref_secret )) ||
 		(ref_public && (ref_type   || ref_secret )) ||
 		(ref_secret && (ref_public || ref_type   ))
 	) {
@@ -677,10 +663,6 @@ static int myrand(void *rng_state, unsigned char *output, size_t len)
 		SET_BINARY(D_RET, bin);
 		BIN_LEN(bin) = olen;
 	}
-	if (ref_release) {
-		Free_Hob(VAL_HANDLE_CTX(val_handle));
-		if (bin == NULL) return R_TRUE;
-	}
 	return R_RET;
 
 error:
diff --git a/src/core/n-system.c b/src/core/n-system.c
@@ -68,7 +68,6 @@
 	DEAD_END;
 }
 
-
 /***********************************************************************
 **
 */	REBNATIVE(recycle)
@@ -103,6 +102,20 @@
 	return R_RET;
 }
 
+/***********************************************************************
+**
+*/	REBNATIVE(release)
+/*
+***********************************************************************/
+{
+	REBVAL *val = D_ARG(1);
+
+	if (IS_CONTEXT_HANDLE(val)) {
+		Free_Hob(VAL_HANDLE_CTX(val));
+		return R_TRUE;
+	}
+	return R_FALSE;
+}
 
 /***********************************************************************
 **
diff --git a/src/mezz/prot-tls.reb b/src/mezz/prot-tls.reb
@@ -929,7 +929,7 @@ client-key-exchange: function [
 				key-data: rsa/encrypt rsa-key pre-secret
 				key-data-len-bytes: 2
 				log-more ["W[" seq-write "] key-data:" mold key-data]
-				rsa rsa-key none ;@@ releases the internal RSA data, should be done by GC one day!
+				release :rsa-key ; don't wait on GC and release it immediately
 			]
 			DHE_DSS
 			DHE_RSA [
@@ -1747,7 +1747,7 @@ TLS-parse-handshake-message: function [
 							;decrypt the `signature` with server's public key
 							rsa-key: apply :rsa-init ctx/server-certs/1/public-key/rsaEncryption
 							also rsa/verify/hash rsa-key message signature hash-algorithm
-							     rsa rsa-key none ;@@ releases the internal RSA data, should be done by GC one day!
+							     release :rsa-key ; release it immediately, don't wait on GC
 						]
 						rsa_fixed_dh [
 							log-more "Checking signature using RSA_fixed_DH"
@@ -1775,18 +1775,21 @@ TLS-parse-handshake-message: function [
 			if dh_p [
 				dh-key: dh-init dh_g dh_p
 				ctx/pre-secret: dh/secret dh-key pub_key
-				log-more ["DH common secret:" ctx/pre-secret]
-				ctx/key-data: dh/public/release dh-key
+				log-more ["DH common secret:" mold ctx/pre-secret]
+				ctx/key-data: dh/public :dh-key
+				; release immediately, don't wait on GC
+				release :dh-key dh-key: none
 			]
 			if curve [
 				;- elyptic curve init
 				;curve is defined above (sent from server as well as server's public key)
 				dh-key: ecdh/init none curve
 				ctx/pre-secret: ecdh/secret dh-key pub_key
-				log-more ["ECDH common secret:^[[32m" ctx/pre-secret]
+				log-more ["ECDH common secret:^[[32m" mold  ctx/pre-secret]
 				; resolve the public key to supply it to server
-				ctx/key-data: ecdh/public/release dh-key
-				dh-key: none
+				ctx/key-data: ecdh/public :dh-key
+				; release immediately, don't wait on GC
+				release :dh-key dh-key: none
 			]
 		]
 		CLIENT_KEY_EXCHANGE [
diff --git a/src/tests/units/crypt-test.r3 b/src/tests/units/crypt-test.r3
@@ -156,7 +156,7 @@ YYFw8pfGesIFoEuVth4HKyF8k1y4mRUnYHP1XNMNMJl1JcEArC2asV8sHf6zSPVffozZ
 	--assert block? Load-PKIX pkix
 	--assert binary? Load-PKIX/binary pkix
 	--assert "#[handle! rsa]" = mold key: decode 'ssh-key pkix
-	rsa key none ; release key
+	release key ; don't wait on GC, release it now
 
 --test-- "SSH-public-key-2"	
 	pkix:
@@ -223,28 +223,34 @@ sY29ouezv4Xz2PuMch5VGPP+CDqzCM4loWgV
 ===start-group=== "SSH-key codec"
 --test-- "Init RSA key from file"
 	--assert handle? try [key: decode 'ssh-key read %units/files/rebol-public.ppk]
-	rsa key none ; release it, as it is not GCed yet.
+	release key ; don't wait on GC, release it now
 
 --test-- "Init public DH params from file"
 	--assert all [
 		handle? key: load %units/files/dhparam2048.key
 		'dhm = query/mode key 'type
-		dh/release key
+		release key ; release it now (don't wait on GC)
 	]
 ===end-group===
 
 ===start-group=== "PPK codec"
 --test-- "Init RSA key from PPK file"
-	--assert handle? try [key: load %units/files/rebol-private-no-pass.ppk]
-	rsa key none ; release it, as it is not GCed yet.
+	--assert all [
+		handle? try [key: load %units/files/rebol-private-no-pass.ppk]
+		release key ; don't wait on GC, release it now
+	]
 
 --test-- "Init RSA key from encrypted PPK file"
-	--assert handle? try [key: codecs/ppk/decode/password %units/files/rebol-private.ppk "Rebol"]
-	rsa key none ; release it, as it is not GCed yet.
+	--assert all [
+		handle? try [key: codecs/ppk/decode/password %units/files/rebol-private.ppk "Rebol"]
+		release key ; don't wait on GC, release it now
+	]
 
 --test-- "Init public RSA key from SSH2 PPK file"
-	--assert handle? try [key: load %units/files/rebol-public.ppk]
-	rsa key none ; release it, as it is not GCed yet.
+	--assert all [
+		handle? try [key: load %units/files/rebol-public.ppk]
+		release key ; don't wait on GC, release it now
+	]
 ===end-group===
 
 
diff --git a/src/tests/units/dh-test.r3 b/src/tests/units/dh-test.r3
@@ -57,13 +57,12 @@ C79E915C3277361FBFA587C6DC06FEDE0B7E57FEC0B68F96B3AD651D54264357
 
 	;- Once done with the exchange, the DH key must be released!
 
-	--assert true? dh/release k-Alice
+	--assert true? release k-Alice
 	--assert none? dh/public k-Alice
 	
-	;- the release may be also used while getting the secret
-	
-	--assert binary? secret-Boban-2: dh/secret/release k-Boban pub-Alice
+	--assert binary? secret-Boban-2: dh/secret k-Boban pub-Alice
 	--assert secret-Boban = secret-Boban-2
+	--assert true? release k-Boban
 	
 	;- once released, the secret and public will be unavailable
 
@@ -95,16 +94,18 @@ foreach ecurve system/catalog/elliptic-curves [
 		;- These keys should be same on both sides
 		--assert secret-Alice = secret-Boban
 		;- Once done with the exchange, the ECDH key must be released!
-		--assert true? ecdh/release k-Alice
+		--assert true? release k-Alice
 		--assert none? ecdh/public k-Alice
 
 		;- re-initialization...
 		--assert handle? ecdh/init k-Alice ecurve ;- using existing key for a new init
 		--assert binary? pub-Alice: ecdh/public k-Alice
-		;- /release may be used with /secret
-		--assert binary? secret-Alice: ecdh/secret/release k-Alice pub-Boban
-		--assert binary? secret-Boban: ecdh/secret/release k-Boban pub-Alice
+		--assert binary? secret-Alice: ecdh/secret k-Alice pub-Boban
+		--assert binary? secret-Boban: ecdh/secret k-Boban pub-Alice
 		--assert secret-Alice = secret-Boban
+		; It is safe not to release (it would be done on GC), but it's better to do it
+		--assert true? release k-Alice
+		--assert true? release k-Boban
 
 	if find [curve25519 curve448] ecurve [
 		; these curves are not for signing
diff --git a/src/tests/units/rsa-test.r3 b/src/tests/units/rsa-test.r3
@@ -97,9 +97,10 @@ Rebol [
 		--assert rsa/verify key-pri bin-data sign-hash
 
 	--test-- "RSA key release"
-		;once RSA key is not needed, release the resources using NONE data
-		--assert rsa key-pub none
-		--assert rsa key-pri none
+		;once RSA key is not needed, release its resources
+		;(it is safe not to manually release it. It would be released by GC, when unused)
+		--assert release key-pub
+		--assert release key-pri
 		; released handle is now unusable:
 		--assert error? try [rsa/verify/hash key-pub bin-data signature 'SHA512]
 
@@ -139,18 +140,18 @@ Rebol [
 	; so she knows, that data were not modified
 
 	; used keys should be released by GC, when not referenced, but we can release them immediately:
-	rsa public-key  none
-	rsa private-key none
+	release public-key 
+	release private-key
 ===end-group===
 
 ===start-group=== "RSA initialization from file"
 	--test-- "RSA private key from OpenSSL format (RSA PRIVATE KEY)"
 	--assert handle? try [private-key: load %units/files/rebol-private-no-pass.key]
-	rsa private-key none
+	release private-key
 	--test-- "RSA private key from OpenSSL x509 format (PRIVATE KEY)"
 	; openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out MyCertificate.crt -keyout MyKey.key
 	--assert handle? try [private-key: load %units/files/MyKey.key]
-	rsa private-key none
+	release private-key
 ===end-group===
 
 
