From 0d49d923ed17a81cec957d15906f9700a88133d5 Mon Sep 17 00:00:00 2001 From: "Fred T. Hamster" Date: Thu, 26 Feb 2026 22:14:39 -0500 Subject: [PATCH] openssl closer to working but still fubar got it to actually do *some* encryptions and decryptions, after finding that they've really broken the new version in terms of how you have to set up the encryption process. but it's failing a bunch still too! at this point, i wonder if my padding code is incorrect, except that the code NEVER failed before this set of recent releases (where they hid blowfish in the legacy provider, and now with ubuntu 24.04 where they've made it a dance across razor blades to get *anything* to work properly, even with the legacy provider loaded). --- graphiq/applications/makefile | 7 +++ graphiq/library/makefile | 5 +- nucleus/library/crypto/blowfish_crypto.cpp | 63 ++++++++++++++++--- nucleus/library/crypto/ssl_init.cpp | 28 ++++++--- nucleus/library/crypto/ssl_init.h | 6 ++ .../library/geometric/angle.h | 0 .../library/geometric/cartesian_objects.h | 0 .../library/geometric/circle.cpp | 0 .../library/geometric/circle.h | 0 .../library/geometric/ellipse.cpp | 0 .../library/geometric/ellipse.h | 0 {graphiq => nucleus}/library/geometric/line.h | 0 .../library/geometric/makefile | 0 .../library/geometric/math_bits.cpp | 0 .../library/geometric/math_bits.h | 0 .../library/geometric/point.h | 0 .../library/geometric/polygon.cpp | 0 .../library/geometric/polygon.h | 0 .../library/geometric/rectangle.h | 0 .../library/geometric/screen_rectangle.cpp | 0 .../library/geometric/screen_rectangle.h | 0 .../library/geometric/triangle.cpp | 0 .../library/geometric/triangle.h | 0 .../library/geometric/warper.h | 0 nucleus/library/makefile | 2 + .../library/tests_geometric/makefile | 0 .../library/tests_geometric/test_angle.cpp | 0 .../test_ccri_angle_average.cpp | 0 .../library/tests_geometric/test_ellipse.cpp | 0 .../library/tests_geometric/test_geometry.cpp | 0 .../library/tests_geometric/test_point.cpp | 0 .../library/tests_geometric/test_warper.cpp | 0 32 files changed, 89 insertions(+), 22 deletions(-) create mode 100644 graphiq/applications/makefile rename {graphiq => nucleus}/library/geometric/angle.h (100%) rename {graphiq => nucleus}/library/geometric/cartesian_objects.h (100%) rename {graphiq => nucleus}/library/geometric/circle.cpp (100%) rename {graphiq => nucleus}/library/geometric/circle.h (100%) rename {graphiq => nucleus}/library/geometric/ellipse.cpp (100%) rename {graphiq => nucleus}/library/geometric/ellipse.h (100%) rename {graphiq => nucleus}/library/geometric/line.h (100%) rename {graphiq => nucleus}/library/geometric/makefile (100%) rename {graphiq => nucleus}/library/geometric/math_bits.cpp (100%) rename {graphiq => nucleus}/library/geometric/math_bits.h (100%) rename {graphiq => nucleus}/library/geometric/point.h (100%) rename {graphiq => nucleus}/library/geometric/polygon.cpp (100%) rename {graphiq => nucleus}/library/geometric/polygon.h (100%) rename {graphiq => nucleus}/library/geometric/rectangle.h (100%) rename {graphiq => nucleus}/library/geometric/screen_rectangle.cpp (100%) rename {graphiq => nucleus}/library/geometric/screen_rectangle.h (100%) rename {graphiq => nucleus}/library/geometric/triangle.cpp (100%) rename {graphiq => nucleus}/library/geometric/triangle.h (100%) rename {graphiq => nucleus}/library/geometric/warper.h (100%) rename {graphiq => nucleus}/library/tests_geometric/makefile (100%) rename {graphiq => nucleus}/library/tests_geometric/test_angle.cpp (100%) rename {graphiq => nucleus}/library/tests_geometric/test_ccri_angle_average.cpp (100%) rename {graphiq => nucleus}/library/tests_geometric/test_ellipse.cpp (100%) rename {graphiq => nucleus}/library/tests_geometric/test_geometry.cpp (100%) rename {graphiq => nucleus}/library/tests_geometric/test_point.cpp (100%) rename {graphiq => nucleus}/library/tests_geometric/test_warper.cpp (100%) diff --git a/graphiq/applications/makefile b/graphiq/applications/makefile new file mode 100644 index 00000000..54db5eb9 --- /dev/null +++ b/graphiq/applications/makefile @@ -0,0 +1,7 @@ +include variables.def + +PROJECT = graphical_apps +BUILD_BEFORE = + +include rules.def + diff --git a/graphiq/library/makefile b/graphiq/library/makefile index 39f2fd14..45a5610a 100644 --- a/graphiq/library/makefile +++ b/graphiq/library/makefile @@ -1,8 +1,9 @@ include variables.def PROJECT = graphical_libraries -BUILD_BEFORE = geometric \ - user_interface \ +BUILD_BEFORE = user_interface +#wrong hierarchical considerations having geometric here. +#geometric \ tests_geometric include rules.def diff --git a/nucleus/library/crypto/blowfish_crypto.cpp b/nucleus/library/crypto/blowfish_crypto.cpp index 532d3392..7703fe20 100644 --- a/nucleus/library/crypto/blowfish_crypto.cpp +++ b/nucleus/library/crypto/blowfish_crypto.cpp @@ -24,6 +24,7 @@ #include #include +#include #include using namespace basis; @@ -41,9 +42,11 @@ const int FUDGE = 128; //#undef set_key // get rid of a macro we don't want. -//#define DEBUG_BLOWFISH +#define DEBUG_BLOWFISH // uncomment for noisier version. +#undef ALWAYS_LOG +#define ALWAYS_LOG(t) CLASS_EMERGENCY_LOG(program_wide_logger::get(), t) #ifdef DEBUG_BLOWFISH #undef LOG #define LOG(t) CLASS_EMERGENCY_LOG(program_wide_logger::get(), t) @@ -52,6 +55,10 @@ const int FUDGE = 128; #define LOG(t) #endif +// helpful macro for the error string of last failure. +#define GET_SSL_ERROR() \ + ERR_error_string(ERR_get_error(), NULL_POINTER) + #ifdef DEBUG_BLOWFISH // this macro checks on the validity of the key sizes (in bits). #define DISCUSS_KEY_SIZE(key_size) \ @@ -101,6 +108,7 @@ blowfish_crypto::blowfish_crypto(const byte_array &key, int key_size) _key(new byte_array(key)) { FUNCDEF("ctor(byte_array,int)"); + static_ssl_initializer(); // any problems with the key provided are horrid. they will yield a // non-working blowfish object. LOG("prior to key size discuss"); @@ -108,7 +116,6 @@ blowfish_crypto::blowfish_crypto(const byte_array &key, int key_size) LOG("prior to provided key discuss"); DISCUSS_PROVIDED_KEY(key_size, key); LOG("prior to ssl static init"); - static_ssl_initializer(); LOG("after ssl static init"); } @@ -163,6 +170,7 @@ bool blowfish_crypto::set_key(const byte_array &new_key, int key_size) void blowfish_crypto::generate_key(int size, byte_array &new_key) { FUNCDEF("generate_key"); + static_ssl_initializer(); DISCUSS_KEY_SIZE(size); if (size < minimum_key_size()) size = minimum_key_size(); @@ -180,6 +188,7 @@ SAFE_STATIC(mutex, __vector_init_lock, ) const byte_array &blowfish_crypto::init_vector() { FUNCDEF("init_vector"); + static_ssl_initializer(); auto_synchronizer locking(__vector_init_lock()); static byte_array to_return(EVP_MAX_IV_LENGTH); static bool initted = false; @@ -206,9 +215,30 @@ bool blowfish_crypto::encrypt(const byte_array &source, // initialize an encoding session. EVP_CIPHER_CTX *session = EVP_CIPHER_CTX_new(); EVP_CIPHER_CTX_init(session); - EVP_EncryptInit_ex(session, EVP_bf_cbc(), NULL_POINTER, _key->observe(), init_vector().observe()); + +//new rules! +//EVP_EncryptInit to set the cipher, but leave key and IV null and unset +//EVP_CIPHER_CTX_set_key_length and EVP_CTRL_AEAD_SET_IVLEN +//EVP_EncryptInit again. This time leave cipher null, because you've already set it, and set the key and IV. + + int initret = EVP_EncryptInit_ex(session, EVP_bf_cbc(), NULL_POINTER, NULL_POINTER, NULL_POINTER); + if (!initret) { + // zero means a failure of the initialization. + ALWAYS_LOG(a_sprintf("failure in calling EVP_EncryptInit_ex, with error %s", GET_SSL_ERROR())); + exit(1); + } LOG(a_sprintf("calling set key len with key size of %d", _key_size)); + // new fancy footwork needed to keep openssl from blowing up and claiming we didn't set the key. +//hmmm: check returns on these setters? EVP_CIPHER_CTX_set_key_length(session, _key_size); + EVP_CIPHER_CTX_ctrl(session, EVP_CTRL_AEAD_SET_IVLEN, init_vector().length(), NULL); + // and round and round we go... + initret = EVP_EncryptInit_ex(session, NULL_POINTER, NULL_POINTER, _key->observe(), init_vector().observe()); + if (!initret) { + // zero means a failure of the initialization. + ALWAYS_LOG(a_sprintf("second phase failure in calling EVP_EncryptInit_ex, with error %s", GET_SSL_ERROR())); + exit(1); + } // allocate temporary space for encrypted data. byte_array encoded(source.length() + FUDGE); @@ -219,7 +249,7 @@ bool blowfish_crypto::encrypt(const byte_array &source, source.observe(), source.length()); if (enc_ret != 1) { continuable_error(class_name(), func, a_sprintf("encryption failed, " - "result=%d.", enc_ret)); + "result=%d with error=%s.", enc_ret, GET_SSL_ERROR())); to_return = false; } else { // chop any extra space off. @@ -236,7 +266,7 @@ bool blowfish_crypto::encrypt(const byte_array &source, enc_ret = EVP_EncryptFinal_ex(session, encoded.access(), &pad_len); if (enc_ret != 1) { continuable_error(class_name(), func, a_sprintf("finalizing encryption " - "failed, result=%d.", enc_ret)); + "failed, result=%d with error=%s.", enc_ret, GET_SSL_ERROR())); to_return = false; } else { LOG(a_sprintf("padding added %d bytes.\n", pad_len)); @@ -260,9 +290,22 @@ bool blowfish_crypto::decrypt(const byte_array &source, EVP_CIPHER_CTX *session = EVP_CIPHER_CTX_new(); EVP_CIPHER_CTX_init(session); LOG(a_sprintf("key size %d bits.\n", BITS_PER_BYTE * _key->length())); - EVP_DecryptInit_ex(session, EVP_bf_cbc(), NULL_POINTER, _key->observe(), - init_vector().observe()); + int initret = EVP_DecryptInit_ex(session, EVP_bf_cbc(), NULL_POINTER, NULL_POINTER, NULL_POINTER); + if (!initret) { + // zero means a failure of the initialization. + ALWAYS_LOG(a_sprintf("failure in calling EVP_DecryptInit_ex, with error %s", GET_SSL_ERROR())); + exit(1); + } + // more fancy fupwork. +//hmmm: check returns on these setters? EVP_CIPHER_CTX_set_key_length(session, _key_size); + EVP_CIPHER_CTX_ctrl(session, EVP_CTRL_AEAD_SET_IVLEN, init_vector().length(), NULL); + initret = EVP_DecryptInit_ex(session, NULL_POINTER, NULL_POINTER, _key->observe(), init_vector().observe()); + if (!initret) { + // zero means a failure of the initialization. + ALWAYS_LOG(a_sprintf("second phase failure in calling EVP_DecryptInit_ex, with error %s", GET_SSL_ERROR())); + exit(1); + } // allocate enough space for decoded bytes. byte_array decoded(source.length() + FUDGE); @@ -271,7 +314,7 @@ bool blowfish_crypto::decrypt(const byte_array &source, int dec_ret = EVP_DecryptUpdate(session, decoded.access(), &decoded_len, source.observe(), source.length()); if (dec_ret != 1) { - continuable_error(class_name(), func, "decryption failed."); + continuable_error(class_name(), func, a_sprintf("decryption failed with error=%s", GET_SSL_ERROR())); to_return = false; } else { LOG(a_sprintf(" decrypted size in bytes is %d.\n", decoded_len)); @@ -287,8 +330,8 @@ bool blowfish_crypto::decrypt(const byte_array &source, LOG(a_sprintf("padding added %d bytes.\n", pad_len)); if (dec_ret != 1) { continuable_error(class_name(), func, a_sprintf("finalizing decryption " - "failed, result=%d, padlen=%d, target had %d bytes.", dec_ret, - pad_len, target.length())); + "failed, result=%d, padlen=%d, target had %d bytes, error=%s.", dec_ret, + pad_len, target.length(), GET_SSL_ERROR())); to_return = false; } else { int dec_size = pad_len; diff --git a/nucleus/library/crypto/ssl_init.cpp b/nucleus/library/crypto/ssl_init.cpp index a5c98a28..ea9d45b1 100644 --- a/nucleus/library/crypto/ssl_init.cpp +++ b/nucleus/library/crypto/ssl_init.cpp @@ -35,6 +35,7 @@ namespace crypto { // uncomment to cause more debugging information to be generated, plus // more checking to be performed in the SSL support. +#undef ALWAYS_LOG #define ALWAYS_LOG(s) CLASS_EMERGENCY_LOG(program_wide_logger::get(), s) #ifdef DEBUG_SSL #undef LOG @@ -51,24 +52,25 @@ const int SEED_SIZE = 100; SAFE_STATIC_CONST(ssl_init, static_ssl_initializer, ) ssl_init::ssl_init() -: c_rando() +: c_rando(), + c_default_provider(NULL_POINTER), + c_legacy_provider(NULL_POINTER) { FUNCDEF("ctor"); LOG("prior to provider setup"); - // also load the default provider or the standard, still accepted, algorithms will not be available. - OSSL_PROVIDER *default_provider = OSSL_PROVIDER_load(NULL_POINTER, "default"); - if (!default_provider) { - ALWAYS_LOG("failed to load default openssl provider! mega flopsweat fail!"); - exit(1); - } // new code needed because blowfish is considered legacy code now. ugh. - OSSL_PROVIDER *legacy_provider = OSSL_PROVIDER_load(NULL_POINTER, "legacy"); - if (!legacy_provider) { + c_legacy_provider = OSSL_PROVIDER_load(NULL_POINTER, "legacy"); + if (!c_legacy_provider) { ALWAYS_LOG("failed to load legacy openssl provider! mega boofer fail!"); exit(1); } -//hmmm: do we need to clean up those providers? + // also load the default provider or the standard, still accepted, algorithms will not be available. + c_default_provider = OSSL_PROVIDER_load(NULL_POINTER, "default"); + if (!c_default_provider) { + ALWAYS_LOG("failed to load default openssl provider! mega flopsweat fail!"); + exit(1); + } LOG("after provider setup"); LOG("prior to rand seed"); @@ -80,6 +82,12 @@ ssl_init::~ssl_init() { FUNCDEF("destructor"); LOG("prior to crypto cleanup"); + + // clean up the providers again. not super necessary since the program will + // exit shortly, but it's good to be tidy. + if (c_default_provider) OSSL_PROVIDER_unload(c_default_provider); + if (c_legacy_provider) OSSL_PROVIDER_unload(c_legacy_provider); + CRYPTO_cleanup_all_ex_data(); } diff --git a/nucleus/library/crypto/ssl_init.h b/nucleus/library/crypto/ssl_init.h index 27b52d96..fbda4516 100644 --- a/nucleus/library/crypto/ssl_init.h +++ b/nucleus/library/crypto/ssl_init.h @@ -20,6 +20,9 @@ #include +// forward. +struct ossl_provider_st; + namespace crypto { //! provides some initialization for the RSA and blowfish crypto. @@ -52,6 +55,9 @@ public: private: mathematics::chaos c_rando; //!< used for generating random numbers. + // we hang onto our providers so we can clean them up on exit. + ossl_provider_st *c_default_provider; + ossl_provider_st *c_legacy_provider; }; extern const ssl_init &static_ssl_initializer(); diff --git a/graphiq/library/geometric/angle.h b/nucleus/library/geometric/angle.h similarity index 100% rename from graphiq/library/geometric/angle.h rename to nucleus/library/geometric/angle.h diff --git a/graphiq/library/geometric/cartesian_objects.h b/nucleus/library/geometric/cartesian_objects.h similarity index 100% rename from graphiq/library/geometric/cartesian_objects.h rename to nucleus/library/geometric/cartesian_objects.h diff --git a/graphiq/library/geometric/circle.cpp b/nucleus/library/geometric/circle.cpp similarity index 100% rename from graphiq/library/geometric/circle.cpp rename to nucleus/library/geometric/circle.cpp diff --git a/graphiq/library/geometric/circle.h b/nucleus/library/geometric/circle.h similarity index 100% rename from graphiq/library/geometric/circle.h rename to nucleus/library/geometric/circle.h diff --git a/graphiq/library/geometric/ellipse.cpp b/nucleus/library/geometric/ellipse.cpp similarity index 100% rename from graphiq/library/geometric/ellipse.cpp rename to nucleus/library/geometric/ellipse.cpp diff --git a/graphiq/library/geometric/ellipse.h b/nucleus/library/geometric/ellipse.h similarity index 100% rename from graphiq/library/geometric/ellipse.h rename to nucleus/library/geometric/ellipse.h diff --git a/graphiq/library/geometric/line.h b/nucleus/library/geometric/line.h similarity index 100% rename from graphiq/library/geometric/line.h rename to nucleus/library/geometric/line.h diff --git a/graphiq/library/geometric/makefile b/nucleus/library/geometric/makefile similarity index 100% rename from graphiq/library/geometric/makefile rename to nucleus/library/geometric/makefile diff --git a/graphiq/library/geometric/math_bits.cpp b/nucleus/library/geometric/math_bits.cpp similarity index 100% rename from graphiq/library/geometric/math_bits.cpp rename to nucleus/library/geometric/math_bits.cpp diff --git a/graphiq/library/geometric/math_bits.h b/nucleus/library/geometric/math_bits.h similarity index 100% rename from graphiq/library/geometric/math_bits.h rename to nucleus/library/geometric/math_bits.h diff --git a/graphiq/library/geometric/point.h b/nucleus/library/geometric/point.h similarity index 100% rename from graphiq/library/geometric/point.h rename to nucleus/library/geometric/point.h diff --git a/graphiq/library/geometric/polygon.cpp b/nucleus/library/geometric/polygon.cpp similarity index 100% rename from graphiq/library/geometric/polygon.cpp rename to nucleus/library/geometric/polygon.cpp diff --git a/graphiq/library/geometric/polygon.h b/nucleus/library/geometric/polygon.h similarity index 100% rename from graphiq/library/geometric/polygon.h rename to nucleus/library/geometric/polygon.h diff --git a/graphiq/library/geometric/rectangle.h b/nucleus/library/geometric/rectangle.h similarity index 100% rename from graphiq/library/geometric/rectangle.h rename to nucleus/library/geometric/rectangle.h diff --git a/graphiq/library/geometric/screen_rectangle.cpp b/nucleus/library/geometric/screen_rectangle.cpp similarity index 100% rename from graphiq/library/geometric/screen_rectangle.cpp rename to nucleus/library/geometric/screen_rectangle.cpp diff --git a/graphiq/library/geometric/screen_rectangle.h b/nucleus/library/geometric/screen_rectangle.h similarity index 100% rename from graphiq/library/geometric/screen_rectangle.h rename to nucleus/library/geometric/screen_rectangle.h diff --git a/graphiq/library/geometric/triangle.cpp b/nucleus/library/geometric/triangle.cpp similarity index 100% rename from graphiq/library/geometric/triangle.cpp rename to nucleus/library/geometric/triangle.cpp diff --git a/graphiq/library/geometric/triangle.h b/nucleus/library/geometric/triangle.h similarity index 100% rename from graphiq/library/geometric/triangle.h rename to nucleus/library/geometric/triangle.h diff --git a/graphiq/library/geometric/warper.h b/nucleus/library/geometric/warper.h similarity index 100% rename from graphiq/library/geometric/warper.h rename to nucleus/library/geometric/warper.h diff --git a/nucleus/library/makefile b/nucleus/library/makefile index 6b6045fb..a9a05545 100644 --- a/nucleus/library/makefile +++ b/nucleus/library/makefile @@ -6,6 +6,7 @@ BUILD_BEFORE = algorithms \ structures \ timely \ mathematics \ + geometric \ textual \ nodes \ filesystem \ @@ -19,6 +20,7 @@ BUILD_BEFORE = algorithms \ tests_structures \ tests_filesystem \ tests_mathematics \ + tests_geometric \ tests_processes \ tests_nodes \ tests_textual \ diff --git a/graphiq/library/tests_geometric/makefile b/nucleus/library/tests_geometric/makefile similarity index 100% rename from graphiq/library/tests_geometric/makefile rename to nucleus/library/tests_geometric/makefile diff --git a/graphiq/library/tests_geometric/test_angle.cpp b/nucleus/library/tests_geometric/test_angle.cpp similarity index 100% rename from graphiq/library/tests_geometric/test_angle.cpp rename to nucleus/library/tests_geometric/test_angle.cpp diff --git a/graphiq/library/tests_geometric/test_ccri_angle_average.cpp b/nucleus/library/tests_geometric/test_ccri_angle_average.cpp similarity index 100% rename from graphiq/library/tests_geometric/test_ccri_angle_average.cpp rename to nucleus/library/tests_geometric/test_ccri_angle_average.cpp diff --git a/graphiq/library/tests_geometric/test_ellipse.cpp b/nucleus/library/tests_geometric/test_ellipse.cpp similarity index 100% rename from graphiq/library/tests_geometric/test_ellipse.cpp rename to nucleus/library/tests_geometric/test_ellipse.cpp diff --git a/graphiq/library/tests_geometric/test_geometry.cpp b/nucleus/library/tests_geometric/test_geometry.cpp similarity index 100% rename from graphiq/library/tests_geometric/test_geometry.cpp rename to nucleus/library/tests_geometric/test_geometry.cpp diff --git a/graphiq/library/tests_geometric/test_point.cpp b/nucleus/library/tests_geometric/test_point.cpp similarity index 100% rename from graphiq/library/tests_geometric/test_point.cpp rename to nucleus/library/tests_geometric/test_point.cpp diff --git a/graphiq/library/tests_geometric/test_warper.cpp b/nucleus/library/tests_geometric/test_warper.cpp similarity index 100% rename from graphiq/library/tests_geometric/test_warper.cpp rename to nucleus/library/tests_geometric/test_warper.cpp -- 2.43.0