summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
4f30408)
logging based on DEBUG_X flags. also fixed bug; turns out the rsa libraries are not
the slightest bit thread safe. has that problem always been there??? they have in the
past occasionally crashed, but hopefully they will no longer do this. and since i had
turned on the ssl debugging, they were kind of always crashing in the threaded tests,
so that was a bit of a signal.
#include <stdlib.h>
#ifdef __UNIX__
#include <stdlib.h>
#ifdef __UNIX__
ret = pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_RECURSIVE_NP);
#endif
if (ret != 0) {
ret = pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_RECURSIVE_NP);
#endif
if (ret != 0) {
-//printf("failed to initialize mutex attributes!\n"); fflush(NIL);
+ printf("failed to initialize mutex attributes!\n"); fflush(NIL);
}
c_os_mutex = (pthread_mutex_t *)malloc(sizeof(pthread_mutex_t));
pthread_mutex_init((pthread_mutex_t *)c_os_mutex, &attr);
}
c_os_mutex = (pthread_mutex_t *)malloc(sizeof(pthread_mutex_t));
pthread_mutex_init((pthread_mutex_t *)c_os_mutex, &attr);
#undef set_key
// get rid of a macro we don't want.
#undef set_key
// get rid of a macro we don't want.
-#undef LOG
-#define LOG(t) CLASS_EMERGENCY_LOG(program_wide_logger::get(), t)
-
//#define DEBUG_BLOWFISH
// uncomment for noisier version.
//#define DEBUG_BLOWFISH
// uncomment for noisier version.
+#ifdef DEBUG_BLOWFISH
+ #undef LOG
+ #define LOG(t) CLASS_EMERGENCY_LOG(program_wide_logger::get(), t)
+#else
+ #undef LOG
+ #define LOG(t)
+#endif
+
#ifdef DEBUG_BLOWFISH
// this macro checks on the validity of the key sizes (in bits).
#define DISCUSS_KEY_SIZE(key_size) \
#ifdef DEBUG_BLOWFISH
// this macro checks on the validity of the key sizes (in bits).
#define DISCUSS_KEY_SIZE(key_size) \
: _key_size(key_size),
_key(new byte_array)
{
: _key_size(key_size),
_key(new byte_array)
{
-// FUNCDEF("constructor [int]");
static_ssl_initializer();
static_ssl_initializer();
+ LOG("prior to key size discuss");
DISCUSS_KEY_SIZE(key_size);
if (key_size < minimum_key_size())
_key_size = minimum_key_size();
if (key_size > maximum_key_size())
_key_size = maximum_key_size();
DISCUSS_KEY_SIZE(key_size);
if (key_size < minimum_key_size())
_key_size = minimum_key_size();
if (key_size > maximum_key_size())
_key_size = maximum_key_size();
+ LOG("prior to generate key");
generate_key(_key_size, *_key);
generate_key(_key_size, *_key);
+ LOG("after generate key");
}
blowfish_crypto::blowfish_crypto(const byte_array &key, int key_size)
: _key_size(key_size),
_key(new byte_array(key))
{
}
blowfish_crypto::blowfish_crypto(const byte_array &key, int key_size)
: _key_size(key_size),
_key(new byte_array(key))
{
-// FUNCDEF("constructor [byte_array/int]");
+ FUNCDEF("ctor(byte_array,int)");
// any problems with the key provided are horrid. they will yield a
// non-working blowfish object.
// any problems with the key provided are horrid. they will yield a
// non-working blowfish object.
+ LOG("prior to key size discuss");
DISCUSS_KEY_SIZE(key_size);
DISCUSS_KEY_SIZE(key_size);
+ LOG("prior to provided key discuss");
DISCUSS_PROVIDED_KEY(key_size, key);
DISCUSS_PROVIDED_KEY(key_size, key);
+ LOG("prior to ssl static init");
static_ssl_initializer();
static_ssl_initializer();
+ LOG("after ssl static init");
}
blowfish_crypto::blowfish_crypto(const blowfish_crypto &to_copy)
: root_object(),
_key_size(to_copy._key_size),
_key(new byte_array(*to_copy._key))
}
blowfish_crypto::blowfish_crypto(const blowfish_crypto &to_copy)
: root_object(),
_key_size(to_copy._key_size),
_key(new byte_array(*to_copy._key))
-{ static_ssl_initializer(); }
+{
+ FUNCDEF("copy ctor");
+ static_ssl_initializer();
+ LOG("after ssl static init");
+}
blowfish_crypto::~blowfish_crypto()
{
blowfish_crypto::~blowfish_crypto()
{
+ FUNCDEF("dtor");
+ LOG("prior to key whack");
+ LOG("after key whack");
}
int blowfish_crypto::key_size() const { return _key_size; }
}
int blowfish_crypto::key_size() const { return _key_size; }
bool blowfish_crypto::set_key(const byte_array &new_key, int key_size)
{
bool blowfish_crypto::set_key(const byte_array &new_key, int key_size)
{
if (!new_key.length()) return false;
DISCUSS_KEY_SIZE(key_size);
DISCUSS_PROVIDED_KEY(key_size, new_key);
if (!new_key.length()) return false;
DISCUSS_KEY_SIZE(key_size);
DISCUSS_PROVIDED_KEY(key_size, new_key);
void blowfish_crypto::generate_key(int size, byte_array &new_key)
{
void blowfish_crypto::generate_key(int size, byte_array &new_key)
{
-// FUNCDEF("generate_key");
+ FUNCDEF("generate_key");
DISCUSS_KEY_SIZE(size);
if (size < minimum_key_size())
size = minimum_key_size();
DISCUSS_KEY_SIZE(size);
if (size < minimum_key_size())
size = minimum_key_size();
const byte_array &blowfish_crypto::init_vector()
{
const byte_array &blowfish_crypto::init_vector()
{
+ FUNCDEF("init_vector");
auto_synchronizer locking(__vector_init_lock());
static byte_array to_return(EVP_MAX_IV_LENGTH);
static bool initted = false;
auto_synchronizer locking(__vector_init_lock());
static byte_array to_return(EVP_MAX_IV_LENGTH);
static bool initted = false;
+ LOG("prior to initted check");
+ LOG("actually doing init");
for (int i = 0; i < EVP_MAX_IV_LENGTH; i++)
to_return[i] = 214 - i;
initted = true;
}
for (int i = 0; i < EVP_MAX_IV_LENGTH; i++)
to_return[i] = 214 - i;
initted = true;
}
+ LOG("leaving init check");
to_return = false;
} else {
// chop any extra space off.
to_return = false;
} else {
// chop any extra space off.
-// LOG(a_sprintf("encrypting bytes %d to %d.\n", i, edge));
+ LOG(a_sprintf("chopping bytes %d to %d.\n", encoded_len, encoded.last()));
encoded.zap(encoded_len, encoded.last());
target = encoded;
}
encoded.zap(encoded_len, encoded.last());
target = encoded;
}
"failed, result=%d.", enc_ret));
to_return = false;
} else {
"failed, result=%d.", enc_ret));
to_return = false;
} else {
-// LOG(a_sprintf("padding added %d bytes.\n", pad_len));
+ LOG(a_sprintf("padding added %d bytes.\n", pad_len));
encoded.zap(pad_len, encoded.last());
target += encoded;
}
encoded.zap(pad_len, encoded.last());
target += encoded;
}
bool to_return = true;
EVP_CIPHER_CTX session;
EVP_CIPHER_CTX_init(&session);
bool to_return = true;
EVP_CIPHER_CTX session;
EVP_CIPHER_CTX_init(&session);
-//LOG(a_sprintf("key size %d bits.\n", BITS_PER_BYTE * _key->length()));
+ LOG(a_sprintf("key size %d bits.\n", BITS_PER_BYTE * _key->length()));
EVP_DecryptInit_ex(&session, EVP_bf_cbc(), NIL, _key->observe(),
init_vector().observe());
EVP_CIPHER_CTX_set_key_length(&session, _key_size);
EVP_DecryptInit_ex(&session, EVP_bf_cbc(), NIL, _key->observe(),
init_vector().observe());
EVP_CIPHER_CTX_set_key_length(&session, _key_size);
continuable_error(class_name(), func, "decryption failed.");
to_return = false;
} else {
continuable_error(class_name(), func, "decryption failed.");
to_return = false;
} else {
-// LOG(a_sprintf(" decrypted size in bytes is %d.\n", decoded_len));
+ LOG(a_sprintf(" decrypted size in bytes is %d.\n", decoded_len));
decoded.zap(decoded_len, decoded.last());
target = decoded;
}
decoded.zap(decoded_len, decoded.last());
target = decoded;
}
decoded.reset(FUDGE); // reinflate for padding.
int pad_len = 0;
dec_ret = EVP_DecryptFinal_ex(&session, decoded.access(), &pad_len);
decoded.reset(FUDGE); // reinflate for padding.
int pad_len = 0;
dec_ret = EVP_DecryptFinal_ex(&session, decoded.access(), &pad_len);
-// LOG(a_sprintf("padding added %d bytes.\n", pad_len));
+ LOG(a_sprintf("padding added %d bytes.\n", pad_len));
if (dec_ret != 1) {
continuable_error(class_name(), func, a_sprintf("finalizing decryption "
"failed, result=%d, padlen=%d, target had %d bytes.", dec_ret,
if (dec_ret != 1) {
continuable_error(class_name(), func, a_sprintf("finalizing decryption "
"failed, result=%d, padlen=%d, target had %d bytes.", dec_ret,
-/*****************************************************************************\
-* *
-* Name : RSA public key encryption *
-* Author : Chris Koeritz *
-* *
-* Purpose: *
-* *
-* Supports public (and private) key encryption and decryption using the *
-* OpenSSL package's support for RSA encryption. *
-* *
-*******************************************************************************
+/*
+* Name : RSA public key encryption
+* Author : Chris Koeritz
+* Purpose:
+* Supports public (and private) key encryption and decryption using the
+* OpenSSL package's support for RSA encryption.
+****
* Copyright (c) 2005-$now By Author. This program is free software; you can *
* redistribute it and/or modify it under the terms of the GNU General Public *
* License as published by the Free Software Foundation; either version 2 of *
* the License or (at your option) any later version. This is online at: *
* http://www.fsf.org/copyleft/gpl.html *
* Please send any updates to: fred@gruntose.com *
* Copyright (c) 2005-$now By Author. This program is free software; you can *
* redistribute it and/or modify it under the terms of the GNU General Public *
* License as published by the Free Software Foundation; either version 2 of *
* the License or (at your option) any later version. This is online at: *
* http://www.fsf.org/copyleft/gpl.html *
* Please send any updates to: fred@gruntose.com *
-\*****************************************************************************/
+*/
+
+//note: rsa crypto provides a nice printing method... RSA_print_fp(stdout, private_key, 0);
+
+// notes from openssl docs: length to be encrypted in a chunk must be less than
+// RSA_size(rsa) - 11 for the PKCS #1 v1.5 based padding modes, less than
+// RSA_size(rsa) - 41 for RSA_PKCS1_OAEP_PADDING and exactly RSA_size(rsa)
+// for RSA_NO_PADDING.
#include "rsa_crypto.h"
#include "ssl_init.h"
#include <basis/functions.h>
#include <loggers/critical_events.h>
#include "rsa_crypto.h"
#include "ssl_init.h"
#include <basis/functions.h>
#include <loggers/critical_events.h>
+#include <loggers/program_wide_logger.h>
#include <mathematics/chaos.h>
#include <structures/object_packers.h>
#include <mathematics/chaos.h>
#include <structures/object_packers.h>
+#include <structures/static_memory_gremlin.h>
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/bn.h>
#include <openssl/rsa.h>
-// notes from openssl docs: length to be encrypted in a chunk must be less than
-// RSA_size(rsa) - 11 for the PKCS #1 v1.5 based padding modes, less than
-// RSA_size(rsa) - 41 for RSA_PKCS1_OAEP_PADDING and exactly RSA_size(rsa)
-// for RSA_NO_PADDING.
+//#define DEBUG_RSA_CRYPTO
+ // uncomment for noisier version.
-#undef LOG
-#define LOG(s) CLASS_EMERGENCY_LOG(program_wide_logger::get(), s)
+#ifdef DEBUG_RSA_CRYPTO
+ #undef LOG
+ #define LOG(s) CLASS_EMERGENCY_LOG(program_wide_logger::get(), s)
+#else
+ #undef LOG
+ #define LOG(s)
+#endif
-//nice printing method... RSA_print_fp(stdout, private_key, 0);
+SAFE_STATIC(mutex, __single_stepper, )
+ // protects unsafe areas of rsa crypto from access by multiple threads at once.
rsa_crypto::rsa_crypto(int key_size)
: _key(NIL)
{
rsa_crypto::rsa_crypto(int key_size)
: _key(NIL)
{
+ FUNCDEF("ctor(int)");
+ LOG("prior to generating key");
_key = generate_key(key_size); // generate_key initializes ssl for us.
_key = generate_key(key_size); // generate_key initializes ssl for us.
+ LOG("after generating key");
}
rsa_crypto::rsa_crypto(const byte_array &key)
: _key(NIL)
{
}
rsa_crypto::rsa_crypto(const byte_array &key)
: _key(NIL)
{
+ FUNCDEF("ctor(byte_array)");
static_ssl_initializer();
byte_array key_copy = key;
static_ssl_initializer();
byte_array key_copy = key;
+ LOG("prior to set key");
}
rsa_crypto::rsa_crypto(rsa_st *key)
: _key(NIL)
{
}
rsa_crypto::rsa_crypto(rsa_st *key)
: _key(NIL)
{
+ FUNCDEF("ctor(rsa_st)");
static_ssl_initializer();
static_ssl_initializer();
+ LOG("prior to set key");
}
rsa_crypto::rsa_crypto(const rsa_crypto &to_copy)
: root_object(),
_key(NIL)
{
}
rsa_crypto::rsa_crypto(const rsa_crypto &to_copy)
: root_object(),
_key(NIL)
{
static_ssl_initializer();
static_ssl_initializer();
+ LOG("prior to set key");
}
rsa_crypto::~rsa_crypto()
{
}
rsa_crypto::~rsa_crypto()
{
+ FUNCDEF("dtor");
+ LOG("prior to rsa free");
+ auto_synchronizer mutt(__single_stepper());
}
const rsa_crypto &rsa_crypto::operator = (const rsa_crypto &to_copy)
}
const rsa_crypto &rsa_crypto::operator = (const rsa_crypto &to_copy)
FUNCDEF("generate_key");
if (key_size < 4) key_size = 4; // laughable lower default.
static_ssl_initializer();
FUNCDEF("generate_key");
if (key_size < 4) key_size = 4; // laughable lower default.
static_ssl_initializer();
+ LOG("prior to generate key");
+ auto_synchronizer mutt(__single_stepper());
rsa_st *to_return = RSA_generate_key(key_size, 65537, NIL, NIL);
if (!to_return) {
continuable_error(static_class_name(), func,
a_sprintf("failed to generate a key of %d bits.", key_size));
}
rsa_st *to_return = RSA_generate_key(key_size, 65537, NIL, NIL);
if (!to_return) {
continuable_error(static_class_name(), func,
a_sprintf("failed to generate a key of %d bits.", key_size));
}
+ LOG("after generate key");
-bool rsa_crypto::check_key(rsa_st *key) { return RSA_check_key(key) == 1; }
+bool rsa_crypto::check_key(rsa_st *key)
+{
+ auto_synchronizer mutt(__single_stepper());
+ return RSA_check_key(key) == 1;
+}
bool rsa_crypto::set_key(byte_array &key)
{
FUNCDEF("set_key [byte_array]");
if (!key.length()) return false;
bool rsa_crypto::set_key(byte_array &key)
{
FUNCDEF("set_key [byte_array]");
if (!key.length()) return false;
+ auto_synchronizer mutt(__single_stepper());
if (_key) RSA_free(_key);
_key = RSA_new();
abyte type;
if (_key) RSA_free(_key);
_key = RSA_new();
abyte type;
FUNCDEF("set_key [rsa_st]");
if (!key) return NIL;
// test the incoming key.
FUNCDEF("set_key [rsa_st]");
if (!key) return NIL;
// test the incoming key.
+ auto_synchronizer mutt(__single_stepper());
int check = RSA_check_key(key);
if (check != 1) return false;
// clean out the old key.
int check = RSA_check_key(key);
if (check != 1) return false;
// clean out the old key.
bool rsa_crypto::public_key(byte_array &pubkey) const
{
bool rsa_crypto::public_key(byte_array &pubkey) const
{
-// FUNCDEF("public_key");
if (!_key) return false;
structures::attach(pubkey, abyte('u')); // signal a public key.
// convert the two public portions into binary.
if (!_key) return false;
structures::attach(pubkey, abyte('u')); // signal a public key.
// convert the two public portions into binary.
bool rsa_crypto::private_key(byte_array &privkey) const
{
bool rsa_crypto::private_key(byte_array &privkey) const
{
-// FUNCDEF("private_key");
+ FUNCDEF("private_key");
if (!_key) return false;
int posn = privkey.length();
bool worked = public_key(privkey); // get the public pieces first.
if (!_key) return false;
int posn = privkey.length();
bool worked = public_key(privkey); // get the public pieces first.
bool rsa_crypto::public_encrypt(const byte_array &source,
byte_array &target) const
{
bool rsa_crypto::public_encrypt(const byte_array &source,
byte_array &target) const
{
-// FUNCDEF("public_encrypt");
+ FUNCDEF("public_encrypt");
target.reset();
if (!source.length()) return false;
target.reset();
if (!source.length()) return false;
+
+ auto_synchronizer mutt(__single_stepper());
const int max_chunk = RSA_size(_key) - 12;
byte_array encoded(RSA_size(_key));
const int max_chunk = RSA_size(_key) - 12;
byte_array encoded(RSA_size(_key));
bool rsa_crypto::private_decrypt(const byte_array &source,
byte_array &target) const
{
bool rsa_crypto::private_decrypt(const byte_array &source,
byte_array &target) const
{
-// FUNCDEF("private_decrypt");
+ FUNCDEF("private_decrypt");
target.reset();
if (!source.length()) return false;
target.reset();
if (!source.length()) return false;
+
+ auto_synchronizer mutt(__single_stepper());
const int max_chunk = RSA_size(_key);
byte_array decoded(max_chunk);
const int max_chunk = RSA_size(_key);
byte_array decoded(max_chunk);
bool rsa_crypto::private_encrypt(const byte_array &source,
byte_array &target) const
{
bool rsa_crypto::private_encrypt(const byte_array &source,
byte_array &target) const
{
-// FUNCDEF("private_encrypt");
+ FUNCDEF("private_encrypt");
target.reset();
if (!source.length()) return false;
target.reset();
if (!source.length()) return false;
+
+ auto_synchronizer mutt(__single_stepper());
const int max_chunk = RSA_size(_key) - 12;
byte_array encoded(RSA_size(_key));
const int max_chunk = RSA_size(_key) - 12;
byte_array encoded(RSA_size(_key));
bool rsa_crypto::public_decrypt(const byte_array &source,
byte_array &target) const
{
bool rsa_crypto::public_decrypt(const byte_array &source,
byte_array &target) const
{
-// FUNCDEF("public_decrypt");
+ FUNCDEF("public_decrypt");
target.reset();
if (!source.length()) return false;
target.reset();
if (!source.length()) return false;
+
+ auto_synchronizer mutt(__single_stepper());
const int max_chunk = RSA_size(_key);
byte_array decoded(max_chunk);
const int max_chunk = RSA_size(_key);
byte_array decoded(max_chunk);
#include <basis/functions.h>
#include <basis/mutex.h>
#include <basis/functions.h>
#include <basis/mutex.h>
+#include <loggers/program_wide_logger.h>
#include <structures/static_memory_gremlin.h>
#include <openssl/crypto.h>
#include <structures/static_memory_gremlin.h>
#include <openssl/crypto.h>
#include <openssl/rand.h>
using namespace basis;
#include <openssl/rand.h>
using namespace basis;
+using namespace loggers;
using namespace mathematics;
using namespace structures;
namespace crypto {
using namespace mathematics;
using namespace structures;
namespace crypto {
-#define LOG(s) CLASS_EMERGENCY_LOG(program_wide_logger::get(), s)
+//#define DEBUG_SSL
+ // uncomment to cause more debugging information to be generated, plus
+ // more checking to be performed in the SSL support.
+
+#ifdef DEBUG_SSL
+ #undef LOG
+ #define LOG(s) CLASS_EMERGENCY_LOG(program_wide_logger::get(), s)
+#else
+ #undef LOG
+ #define LOG(s)
+#endif
const int SEED_SIZE = 100;
// the size of the random seed that we'll use.
const int SEED_SIZE = 100;
// the size of the random seed that we'll use.
// our global initialization object.
SAFE_STATIC_CONST(ssl_init, static_ssl_initializer, )
// our global initialization object.
SAFE_STATIC_CONST(ssl_init, static_ssl_initializer, )
-#define DEBUG_SSL
- // uncomment to cause more debugging information to be generated, plus
- // more checking to be performed in the SSL support.
-
ssl_init::ssl_init()
: c_rando()
{
ssl_init::ssl_init()
: c_rando()
{
+ LOG("prior to crypto debug init");
CRYPTO_malloc_debug_init();
CRYPTO_malloc_debug_init();
+ LOG("prior to dbg set options");
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+ LOG("prior to mem ctrl");
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
#endif
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
#endif
+ LOG("prior to rand seed");
RAND_seed(random_bytes(SEED_SIZE).observe(), SEED_SIZE);
RAND_seed(random_bytes(SEED_SIZE).observe(), SEED_SIZE);
+ LOG("after rand seed");
}
ssl_init::~ssl_init()
{
}
ssl_init::~ssl_init()
{
+ FUNCDEF("dtor");
+ LOG("prior to crypto cleanup");
CRYPTO_cleanup_all_ex_data();
CRYPTO_cleanup_all_ex_data();
+ LOG("prior to err remove state");
+ LOG("prior to mem leaks fp");
CRYPTO_mem_leaks_fp(stderr);
CRYPTO_mem_leaks_fp(stderr);
+ LOG("after mem leaks fp");
}
const chaos &ssl_init::randomizer() const { return c_rando; }
}
const chaos &ssl_init::randomizer() const { return c_rando; }
--- /dev/null
+include variables.def
+
+PROJECT = crypto_libraries
+BUILD_BEFORE = crypto \
+ tests_crypto
+
+include rules.def
+