diff options
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/bullet/SCsub | 4 | ||||
| -rw-r--r-- | modules/bullet/space_bullet.cpp | 22 | ||||
| -rw-r--r-- | modules/csg/csg.cpp | 8 | ||||
| -rw-r--r-- | modules/mbedtls/crypto_mbedtls.cpp | 148 | ||||
| -rw-r--r-- | modules/mbedtls/crypto_mbedtls.h | 15 |
5 files changed, 164 insertions, 33 deletions
diff --git a/modules/bullet/SCsub b/modules/bullet/SCsub index b853ebfc63..21bdcca18e 100644 --- a/modules/bullet/SCsub +++ b/modules/bullet/SCsub @@ -201,8 +201,8 @@ if env["builtin_bullet"]: env_bullet.Append(CPPFLAGS=["-isystem", Dir(thirdparty_dir).path]) else: env_bullet.Prepend(CPPPATH=[thirdparty_dir]) - # if env['target'] == "debug" or env['target'] == "release_debug": - # env_bullet.Append(CPPDEFINES=['BT_DEBUG']) + if env["target"] == "debug" or env["target"] == "release_debug": + env_bullet.Append(CPPDEFINES=["DEBUG"]) env_bullet.Append(CPPDEFINES=["BT_USE_OLD_DAMPING_METHOD"]) diff --git a/modules/bullet/space_bullet.cpp b/modules/bullet/space_bullet.cpp index 99f58e7059..cfe8cd5322 100644 --- a/modules/bullet/space_bullet.cpp +++ b/modules/bullet/space_bullet.cpp @@ -123,6 +123,7 @@ int BulletPhysicsDirectSpaceState::intersect_shape(const RID &p_shape, const Tra } ShapeBullet *shape = space->get_physics_server()->get_shape_owner()->getornull(p_shape); + ERR_FAIL_COND_V(!shape, 0); btCollisionShape *btShape = shape->create_bt_shape(p_xform.basis.get_scale_abs(), p_margin); if (!btShape->isConvex()) { @@ -152,7 +153,17 @@ int BulletPhysicsDirectSpaceState::intersect_shape(const RID &p_shape, const Tra } bool BulletPhysicsDirectSpaceState::cast_motion(const RID &p_shape, const Transform &p_xform, const Vector3 &p_motion, float p_margin, float &r_closest_safe, float &r_closest_unsafe, const Set<RID> &p_exclude, uint32_t p_collision_mask, bool p_collide_with_bodies, bool p_collide_with_areas, ShapeRestInfo *r_info) { + r_closest_safe = 0.0f; + r_closest_unsafe = 0.0f; + btVector3 bt_motion; + G_TO_B(p_motion, bt_motion); + + if (bt_motion.fuzzyZero()) { + return false; + } + ShapeBullet *shape = space->get_physics_server()->get_shape_owner()->getornull(p_shape); + ERR_FAIL_COND_V(!shape, false); btCollisionShape *btShape = shape->create_bt_shape(p_xform.basis.get_scale(), p_margin); if (!btShape->isConvex()) { @@ -162,9 +173,6 @@ bool BulletPhysicsDirectSpaceState::cast_motion(const RID &p_shape, const Transf } btConvexShape *bt_convex_shape = static_cast<btConvexShape *>(btShape); - btVector3 bt_motion; - G_TO_B(p_motion, bt_motion); - btTransform bt_xform_from; G_TO_B(p_xform, bt_xform_from); UNSCALE_BT_BASIS(bt_xform_from); @@ -178,9 +186,6 @@ bool BulletPhysicsDirectSpaceState::cast_motion(const RID &p_shape, const Transf space->dynamicsWorld->convexSweepTest(bt_convex_shape, bt_xform_from, bt_xform_to, btResult, space->dynamicsWorld->getDispatchInfo().m_allowedCcdPenetration); - r_closest_unsafe = 1.0; - r_closest_safe = 1.0; - if (btResult.hasHit()) { const btScalar l = bt_motion.length(); r_closest_unsafe = btResult.m_closestHitFraction; @@ -196,6 +201,9 @@ bool BulletPhysicsDirectSpaceState::cast_motion(const RID &p_shape, const Transf r_info->collider_id = collision_object->get_instance_id(); r_info->shape = btResult.m_shapeId; } + } else { + r_closest_safe = 1.0f; + r_closest_unsafe = 1.0f; } bulletdelete(bt_convex_shape); @@ -209,6 +217,7 @@ bool BulletPhysicsDirectSpaceState::collide_shape(RID p_shape, const Transform & } ShapeBullet *shape = space->get_physics_server()->get_shape_owner()->getornull(p_shape); + ERR_FAIL_COND_V(!shape, false); btCollisionShape *btShape = shape->create_bt_shape(p_shape_xform.basis.get_scale_abs(), p_margin); if (!btShape->isConvex()) { @@ -240,6 +249,7 @@ bool BulletPhysicsDirectSpaceState::collide_shape(RID p_shape, const Transform & bool BulletPhysicsDirectSpaceState::rest_info(RID p_shape, const Transform &p_shape_xform, float p_margin, ShapeRestInfo *r_info, const Set<RID> &p_exclude, uint32_t p_collision_mask, bool p_collide_with_bodies, bool p_collide_with_areas) { ShapeBullet *shape = space->get_physics_server()->get_shape_owner()->getornull(p_shape); + ERR_FAIL_COND_V(!shape, false); btCollisionShape *btShape = shape->create_bt_shape(p_shape_xform.basis.get_scale_abs(), p_margin); if (!btShape->isConvex()) { diff --git a/modules/csg/csg.cpp b/modules/csg/csg.cpp index ded0b970dc..d0c9bf5d38 100644 --- a/modules/csg/csg.cpp +++ b/modules/csg/csg.cpp @@ -904,8 +904,12 @@ void CSGBrushOperation::Build2DFaces::_merge_faces(const Vector<int> &p_segment_ vertices[p_segment_indices[closest_idx]].point }; if (are_segements_parallel(edge1, edge2, vertex_snap2)) { - degenerate_points.push_back(outer_edge_idx[0]); - degenerate_points.push_back(outer_edge_idx[1]); + if (!degenerate_points.find(outer_edge_idx[0])) { + degenerate_points.push_back(outer_edge_idx[0]); + } + if (!degenerate_points.find(outer_edge_idx[1])) { + degenerate_points.push_back(outer_edge_idx[1]); + } continue; } diff --git a/modules/mbedtls/crypto_mbedtls.cpp b/modules/mbedtls/crypto_mbedtls.cpp index 1f9d8c2aa3..501bfff075 100644 --- a/modules/mbedtls/crypto_mbedtls.cpp +++ b/modules/mbedtls/crypto_mbedtls.cpp @@ -50,7 +50,7 @@ CryptoKey *CryptoKeyMbedTLS::create() { return memnew(CryptoKeyMbedTLS); } -Error CryptoKeyMbedTLS::load(String p_path) { +Error CryptoKeyMbedTLS::load(String p_path, bool p_public_only) { ERR_FAIL_COND_V_MSG(locks, ERR_ALREADY_IN_USE, "Key is in use"); PackedByteArray out; @@ -59,42 +59,81 @@ Error CryptoKeyMbedTLS::load(String p_path) { int flen = f->get_len(); out.resize(flen + 1); - { - uint8_t *w = out.ptrw(); - f->get_buffer(w, flen); - w[flen] = 0; //end f string - } + f->get_buffer(out.ptrw(), flen); + out.write[flen] = 0; // string terminator memdelete(f); - int ret = mbedtls_pk_parse_key(&pkey, out.ptr(), out.size(), nullptr, 0); + int ret = 0; + if (p_public_only) { + ret = mbedtls_pk_parse_public_key(&pkey, out.ptr(), out.size()); + } else { + ret = mbedtls_pk_parse_key(&pkey, out.ptr(), out.size(), nullptr, 0); + } // We MUST zeroize the memory for safety! mbedtls_platform_zeroize(out.ptrw(), out.size()); - ERR_FAIL_COND_V_MSG(ret, FAILED, "Error parsing private key '" + itos(ret) + "'."); + ERR_FAIL_COND_V_MSG(ret, FAILED, "Error parsing key '" + itos(ret) + "'."); + public_only = p_public_only; return OK; } -Error CryptoKeyMbedTLS::save(String p_path) { +Error CryptoKeyMbedTLS::save(String p_path, bool p_public_only) { FileAccess *f = FileAccess::open(p_path, FileAccess::WRITE); ERR_FAIL_COND_V_MSG(!f, ERR_INVALID_PARAMETER, "Cannot save CryptoKeyMbedTLS file '" + p_path + "'."); unsigned char w[16000]; memset(w, 0, sizeof(w)); - int ret = mbedtls_pk_write_key_pem(&pkey, w, sizeof(w)); + int ret = 0; + if (p_public_only) { + ret = mbedtls_pk_write_pubkey_pem(&pkey, w, sizeof(w)); + } else { + ret = mbedtls_pk_write_key_pem(&pkey, w, sizeof(w)); + } if (ret != 0) { memdelete(f); - memset(w, 0, sizeof(w)); // Zeroize anything we might have written. + mbedtls_platform_zeroize(w, sizeof(w)); // Zeroize anything we might have written. ERR_FAIL_V_MSG(FAILED, "Error writing key '" + itos(ret) + "'."); } size_t len = strlen((char *)w); f->store_buffer(w, len); memdelete(f); - memset(w, 0, sizeof(w)); // Zeroize temporary buffer. + mbedtls_platform_zeroize(w, sizeof(w)); // Zeroize temporary buffer. return OK; } +Error CryptoKeyMbedTLS::load_from_string(String p_string_key, bool p_public_only) { + int ret = 0; + if (p_public_only) { + ret = mbedtls_pk_parse_public_key(&pkey, (unsigned char *)p_string_key.utf8().get_data(), p_string_key.utf8().size()); + } else { + ret = mbedtls_pk_parse_key(&pkey, (unsigned char *)p_string_key.utf8().get_data(), p_string_key.utf8().size(), nullptr, 0); + } + ERR_FAIL_COND_V_MSG(ret, FAILED, "Error parsing key '" + itos(ret) + "'."); + + public_only = p_public_only; + return OK; +} + +String CryptoKeyMbedTLS::save_to_string(bool p_public_only) { + unsigned char w[16000]; + memset(w, 0, sizeof(w)); + + int ret = 0; + if (p_public_only) { + ret = mbedtls_pk_write_pubkey_pem(&pkey, w, sizeof(w)); + } else { + ret = mbedtls_pk_write_key_pem(&pkey, w, sizeof(w)); + } + if (ret != 0) { + mbedtls_platform_zeroize(w, sizeof(w)); + ERR_FAIL_V_MSG("", "Error saving key '" + itos(ret) + "'."); + } + String s = String::utf8((char *)w); + return s; +} + X509Certificate *X509CertificateMbedTLS::create() { return memnew(X509CertificateMbedTLS); } @@ -108,11 +147,8 @@ Error X509CertificateMbedTLS::load(String p_path) { int flen = f->get_len(); out.resize(flen + 1); - { - uint8_t *w = out.ptrw(); - f->get_buffer(w, flen); - w[flen] = 0; //end f string - } + f->get_buffer(out.ptrw(), flen); + out.write[flen] = 0; // string terminator memdelete(f); int ret = mbedtls_x509_crt_parse(&cert, out.ptr(), out.size()); @@ -211,9 +247,8 @@ void CryptoMbedTLS::load_default_certificates(String p_path) { // Use builtin certs only if user did not override it in project settings. PackedByteArray out; out.resize(_certs_uncompressed_size + 1); - uint8_t *w = out.ptrw(); - Compression::decompress(w, _certs_uncompressed_size, _certs_compressed, _certs_compressed_size, Compression::MODE_DEFLATE); - w[_certs_uncompressed_size] = 0; // Make sure it ends with string terminator + Compression::decompress(out.ptrw(), _certs_uncompressed_size, _certs_compressed, _certs_compressed_size, Compression::MODE_DEFLATE); + out.write[_certs_uncompressed_size] = 0; // Make sure it ends with string terminator #ifdef DEBUG_ENABLED print_verbose("Loaded builtin certs"); #endif @@ -228,6 +263,7 @@ Ref<CryptoKey> CryptoMbedTLS::generate_rsa(int p_bytes) { int ret = mbedtls_pk_setup(&(out->pkey), mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)); ERR_FAIL_COND_V(ret != 0, nullptr); ret = mbedtls_rsa_gen_key(mbedtls_pk_rsa(out->pkey), mbedtls_ctr_drbg_random, &ctr_drbg, p_bytes, 65537); + out->public_only = false; ERR_FAIL_COND_V(ret != 0, nullptr); return out; } @@ -281,3 +317,75 @@ PackedByteArray CryptoMbedTLS::generate_random_bytes(int p_bytes) { mbedtls_ctr_drbg_random(&ctr_drbg, out.ptrw(), p_bytes); return out; } + +mbedtls_md_type_t CryptoMbedTLS::_md_type_from_hashtype(HashingContext::HashType p_hash_type, int &r_size) { + switch (p_hash_type) { + case HashingContext::HASH_MD5: + r_size = 16; + return MBEDTLS_MD_MD5; + case HashingContext::HASH_SHA1: + r_size = 20; + return MBEDTLS_MD_SHA1; + case HashingContext::HASH_SHA256: + r_size = 32; + return MBEDTLS_MD_SHA256; + default: + r_size = 0; + ERR_FAIL_V_MSG(MBEDTLS_MD_NONE, "Invalid hash type."); + } +} + +Vector<uint8_t> CryptoMbedTLS::sign(HashingContext::HashType p_hash_type, Vector<uint8_t> p_hash, Ref<CryptoKey> p_key) { + int size; + mbedtls_md_type_t type = _md_type_from_hashtype(p_hash_type, size); + ERR_FAIL_COND_V_MSG(type == MBEDTLS_MD_NONE, Vector<uint8_t>(), "Invalid hash type."); + ERR_FAIL_COND_V_MSG(p_hash.size() != size, Vector<uint8_t>(), "Invalid hash provided. Size must be " + itos(size)); + Ref<CryptoKeyMbedTLS> key = static_cast<Ref<CryptoKeyMbedTLS>>(p_key); + ERR_FAIL_COND_V_MSG(!key.is_valid(), Vector<uint8_t>(), "Invalid key provided."); + ERR_FAIL_COND_V_MSG(key->is_public_only(), Vector<uint8_t>(), "Invalid key provided. Cannot sign with public_only keys."); + size_t sig_size = 0; + unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; + Vector<uint8_t> out; + int ret = mbedtls_pk_sign(&(key->pkey), type, p_hash.ptr(), size, buf, &sig_size, mbedtls_ctr_drbg_random, &ctr_drbg); + ERR_FAIL_COND_V_MSG(ret, out, "Error while signing: " + itos(ret)); + out.resize(sig_size); + copymem(out.ptrw(), buf, sig_size); + return out; +} + +bool CryptoMbedTLS::verify(HashingContext::HashType p_hash_type, Vector<uint8_t> p_hash, Vector<uint8_t> p_signature, Ref<CryptoKey> p_key) { + int size; + mbedtls_md_type_t type = _md_type_from_hashtype(p_hash_type, size); + ERR_FAIL_COND_V_MSG(type == MBEDTLS_MD_NONE, false, "Invalid hash type."); + ERR_FAIL_COND_V_MSG(p_hash.size() != size, false, "Invalid hash provided. Size must be " + itos(size)); + Ref<CryptoKeyMbedTLS> key = static_cast<Ref<CryptoKeyMbedTLS>>(p_key); + ERR_FAIL_COND_V_MSG(!key.is_valid(), false, "Invalid key provided."); + return mbedtls_pk_verify(&(key->pkey), type, p_hash.ptr(), size, p_signature.ptr(), p_signature.size()) == 0; +} + +Vector<uint8_t> CryptoMbedTLS::encrypt(Ref<CryptoKey> p_key, Vector<uint8_t> p_plaintext) { + Ref<CryptoKeyMbedTLS> key = static_cast<Ref<CryptoKeyMbedTLS>>(p_key); + ERR_FAIL_COND_V_MSG(!key.is_valid(), Vector<uint8_t>(), "Invalid key provided."); + uint8_t buf[1024]; + size_t size; + Vector<uint8_t> out; + int ret = mbedtls_pk_encrypt(&(key->pkey), p_plaintext.ptr(), p_plaintext.size(), buf, &size, sizeof(buf), mbedtls_ctr_drbg_random, &ctr_drbg); + ERR_FAIL_COND_V_MSG(ret, out, "Error while encrypting: " + itos(ret)); + out.resize(size); + copymem(out.ptrw(), buf, size); + return out; +} + +Vector<uint8_t> CryptoMbedTLS::decrypt(Ref<CryptoKey> p_key, Vector<uint8_t> p_ciphertext) { + Ref<CryptoKeyMbedTLS> key = static_cast<Ref<CryptoKeyMbedTLS>>(p_key); + ERR_FAIL_COND_V_MSG(!key.is_valid(), Vector<uint8_t>(), "Invalid key provided."); + ERR_FAIL_COND_V_MSG(key->is_public_only(), Vector<uint8_t>(), "Invalid key provided. Cannot decrypt using a public_only key."); + uint8_t buf[2048]; + size_t size; + Vector<uint8_t> out; + int ret = mbedtls_pk_decrypt(&(key->pkey), p_ciphertext.ptr(), p_ciphertext.size(), buf, &size, sizeof(buf), mbedtls_ctr_drbg_random, &ctr_drbg); + ERR_FAIL_COND_V_MSG(ret, out, "Error while decrypting: " + itos(ret)); + out.resize(size); + copymem(out.ptrw(), buf, size); + return out; +} diff --git a/modules/mbedtls/crypto_mbedtls.h b/modules/mbedtls/crypto_mbedtls.h index 48855d082a..2a446f9d48 100644 --- a/modules/mbedtls/crypto_mbedtls.h +++ b/modules/mbedtls/crypto_mbedtls.h @@ -43,15 +43,19 @@ class SSLContextMbedTLS; class CryptoKeyMbedTLS : public CryptoKey { private: mbedtls_pk_context pkey; - int locks; + int locks = 0; + bool public_only = true; public: static CryptoKey *create(); static void make_default() { CryptoKey::_create = create; } static void finalize() { CryptoKey::_create = nullptr; } - virtual Error load(String p_path); - virtual Error save(String p_path); + virtual Error load(String p_path, bool p_public_only); + virtual Error save(String p_path, bool p_public_only); + virtual String save_to_string(bool p_public_only); + virtual Error load_from_string(String p_string_key, bool p_public_only); + virtual bool is_public_only() const { return public_only; }; CryptoKeyMbedTLS() { mbedtls_pk_init(&pkey); @@ -102,6 +106,7 @@ private: mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; static X509CertificateMbedTLS *default_certs; + mbedtls_md_type_t _md_type_from_hashtype(HashingContext::HashType p_hash_type, int &r_size); public: static Crypto *create(); @@ -113,6 +118,10 @@ public: virtual PackedByteArray generate_random_bytes(int p_bytes); virtual Ref<CryptoKey> generate_rsa(int p_bytes); virtual Ref<X509Certificate> generate_self_signed_certificate(Ref<CryptoKey> p_key, String p_issuer_name, String p_not_before, String p_not_after); + virtual Vector<uint8_t> sign(HashingContext::HashType p_hash_type, Vector<uint8_t> p_hash, Ref<CryptoKey> p_key); + virtual bool verify(HashingContext::HashType p_hash_type, Vector<uint8_t> p_hash, Vector<uint8_t> p_signature, Ref<CryptoKey> p_key); + virtual Vector<uint8_t> encrypt(Ref<CryptoKey> p_key, Vector<uint8_t> p_plaintext); + virtual Vector<uint8_t> decrypt(Ref<CryptoKey> p_key, Vector<uint8_t> p_ciphertext); CryptoMbedTLS(); ~CryptoMbedTLS(); |