From 37bff6e839f3e7581edc1ec6699f5b529d648b54 Mon Sep 17 00:00:00 2001
From: "Fred T. Hamster" <fred@gruntose.com>
Date: Fri, 27 Feb 2026 11:27:44 -0500
Subject: [PATCH] smorkish

---
 nucleus/library/crypto/blowfish_crypto.cpp    | 39 +++++++++++--------
 .../tests_crypto/test_blowfish_crypto.cpp     | 20 ++++++----
 2 files changed, 34 insertions(+), 25 deletions(-)

diff --git a/nucleus/library/crypto/blowfish_crypto.cpp b/nucleus/library/crypto/blowfish_crypto.cpp
index 7703fe20..b68c7d45 100644
--- a/nucleus/library/crypto/blowfish_crypto.cpp
+++ b/nucleus/library/crypto/blowfish_crypto.cpp
@@ -63,12 +63,12 @@ const int FUDGE = 128;
   // this macro checks on the validity of the key sizes (in bits).
   #define DISCUSS_KEY_SIZE(key_size) \
     if (key_size < minimum_key_size()) { \
-      continuable_error(static_class_name(), func, \
+      deadly_error(static_class_name(), func, \
           a_sprintf("key size (%d bits) is less than minimum key size %d.", \
               key_size, minimum_key_size())); \
       } \
   if (key_size > maximum_key_size()) { \
-      continuable_error(static_class_name(), func, \
+      deadly_error(static_class_name(), func, \
           a_sprintf("key size (%d bits) is greater than maximum key size %d.", \
               key_size, maximum_key_size())); \
     }
@@ -77,7 +77,7 @@ const int FUDGE = 128;
   // the key size bits.
   #define DISCUSS_PROVIDED_KEY(key_size, key) \
     if (key.length() * BITS_PER_BYTE < key_size) { \
-      continuable_error(static_class_name(), func, \
+      deadly_error(static_class_name(), func, \
           a_sprintf("key array length (%d) is less than required by key size " \
               "(%d bits).", key.length(), key_size)); \
     }
@@ -192,7 +192,6 @@ const byte_array &blowfish_crypto::init_vector()
   auto_synchronizer locking(__vector_init_lock());
   static byte_array to_return(EVP_MAX_IV_LENGTH);
   static bool initted = false;
-  LOG("prior to initted check");
   if (!initted) {
     LOG("actually doing init");
     for (int i = 0; i < to_return.length(); i++)
@@ -200,7 +199,6 @@ const byte_array &blowfish_crypto::init_vector()
     initted = true;
     LOG("finished init process");
   }
-  LOG("leaving init check");
   return to_return;
 }
 
@@ -208,10 +206,13 @@ bool blowfish_crypto::encrypt(const byte_array &source,
     byte_array &target) const
 {
   FUNCDEF("encrypt");
+ALWAYS_LOG(">>encrypt>>");
   target.reset();
   if (!_key->length() || !source.length()) return false;
   bool to_return = true;
 
+LOG(a_sprintf("  encrypting %d bytes", source.length()));
+
   // initialize an encoding session.
   EVP_CIPHER_CTX *session = EVP_CIPHER_CTX_new();
   EVP_CIPHER_CTX_init(session);
@@ -227,7 +228,7 @@ bool blowfish_crypto::encrypt(const byte_array &source,
     ALWAYS_LOG(a_sprintf("failure in calling EVP_EncryptInit_ex, with error %s", GET_SSL_ERROR()));
     exit(1);
   }
-  LOG(a_sprintf("calling set key len with key size of %d", _key_size));
+  LOG(a_sprintf("  calling set key len with key size of %d", _key_size));
   // new fancy footwork needed to keep openssl from blowing up and claiming we didn't set the key.
 //hmmm: check returns on these setters?
   EVP_CIPHER_CTX_set_key_length(session, _key_size);
@@ -248,12 +249,12 @@ bool blowfish_crypto::encrypt(const byte_array &source,
   int enc_ret = EVP_EncryptUpdate(session, encoded.access(), &encoded_len,
       source.observe(), source.length());
   if (enc_ret != 1) {
-    continuable_error(class_name(), func, a_sprintf("encryption failed, "
+    deadly_error(class_name(), func, a_sprintf("encryption failed, "
         "result=%d with error=%s.", enc_ret, GET_SSL_ERROR()));
     to_return = false;
   } else {
     // chop any extra space off.
-    LOG(a_sprintf("chopping bytes %d to %d.\n", encoded_len, encoded.last()));
+    LOG(a_sprintf("  chopping extra bytes %d to %d.", encoded_len, encoded.last()));
     encoded.zap(encoded_len, encoded.last());
     target = encoded;
   }
@@ -265,11 +266,11 @@ bool blowfish_crypto::encrypt(const byte_array &source,
     int pad_len = 0;
     enc_ret = EVP_EncryptFinal_ex(session, encoded.access(), &pad_len);
     if (enc_ret != 1) {
-      continuable_error(class_name(), func, a_sprintf("finalizing encryption "
+      deadly_error(class_name(), func, a_sprintf("finalizing encryption "
           "failed, result=%d with error=%s.", enc_ret, GET_SSL_ERROR()));
       to_return = false;
     } else {
-      LOG(a_sprintf("padding added %d bytes.\n", pad_len));
+      LOG(a_sprintf("  padding added %d bytes.", pad_len));
       encoded.zap(pad_len, encoded.last());
       target += encoded;
     }
@@ -277,6 +278,7 @@ bool blowfish_crypto::encrypt(const byte_array &source,
 
   EVP_CIPHER_CTX_cleanup(session);
   EVP_CIPHER_CTX_free(session);
+ALWAYS_LOG("<<encrypt<<");
   return to_return;
 }
 
@@ -284,15 +286,18 @@ bool blowfish_crypto::decrypt(const byte_array &source,
     byte_array &target) const
 {
   FUNCDEF("decrypt");
+ALWAYS_LOG(">>decrypt>>");
   target.reset();
   if (!_key->length() || !source.length()) return false;
   bool to_return = true;
   EVP_CIPHER_CTX *session = EVP_CIPHER_CTX_new();
   EVP_CIPHER_CTX_init(session);
-  LOG(a_sprintf("key size %d bits.\n", BITS_PER_BYTE * _key->length()));
+  LOG(a_sprintf("  using key size with %d bits.", _key_size));
+///NOOOOOOO BITS_PER_BYTE * _key->length()));
   int initret = EVP_DecryptInit_ex(session, EVP_bf_cbc(), NULL_POINTER, NULL_POINTER, NULL_POINTER);
   if (!initret) {
     // zero means a failure of the initialization.
+//hmmm: below approach is called a deadly error.  use that instead, throughout.
     ALWAYS_LOG(a_sprintf("failure in calling EVP_DecryptInit_ex, with error %s", GET_SSL_ERROR()));
     exit(1);
   }
@@ -314,10 +319,10 @@ bool blowfish_crypto::decrypt(const byte_array &source,
   int dec_ret = EVP_DecryptUpdate(session, decoded.access(), &decoded_len,
       source.observe(), source.length());
   if (dec_ret != 1) {
-    continuable_error(class_name(), func, a_sprintf("decryption failed with error=%s", GET_SSL_ERROR()));
+    deadly_error(class_name(), func, a_sprintf("decryption failed with error=%s", GET_SSL_ERROR()));
     to_return = false;
   } else {
-    LOG(a_sprintf("  decrypted size in bytes is %d.\n", decoded_len));
+    LOG(a_sprintf("  first part decrypted size in bytes is %d.", decoded_len));
     decoded.zap(decoded_len, decoded.last());
     target = decoded;
   }
@@ -327,21 +332,21 @@ bool blowfish_crypto::decrypt(const byte_array &source,
     decoded.reset(FUDGE);  // reinflate for padding.
     int pad_len = 0;
     dec_ret = EVP_DecryptFinal_ex(session, decoded.access(), &pad_len);
-    LOG(a_sprintf("padding added %d bytes.\n", pad_len));
     if (dec_ret != 1) {
-      continuable_error(class_name(), func, a_sprintf("finalizing decryption "
+      deadly_error(class_name(), func, a_sprintf("finalizing decryption "
           "failed, result=%d, padlen=%d, target had %d bytes, error=%s.", dec_ret,
           pad_len, target.length(), GET_SSL_ERROR()));
       to_return = false;
     } else {
-      int dec_size = pad_len;
-      decoded.zap(dec_size, decoded.last());
+      LOG(a_sprintf("  padding added %d bytes.", pad_len));
+      decoded.zap(pad_len, decoded.last());
       target += decoded;
     }
   }
 
   EVP_CIPHER_CTX_cleanup(session);
   EVP_CIPHER_CTX_free(session);
+ALWAYS_LOG("<<decrypt<<");
   return to_return;
 }
 
diff --git a/nucleus/library/tests_crypto/test_blowfish_crypto.cpp b/nucleus/library/tests_crypto/test_blowfish_crypto.cpp
index db3c92a5..abf9f7d8 100644
--- a/nucleus/library/tests_crypto/test_blowfish_crypto.cpp
+++ b/nucleus/library/tests_crypto/test_blowfish_crypto.cpp
@@ -46,11 +46,14 @@ using namespace unit_test;
 #define DEBUG_BLOWFISH
   // uncomment for noisier run.
 
-const int TEST_RUNS_PER_KEY = 5;  // encryption test cycles done on each key.
+//const int TEST_RUNS_PER_KEY = 5;  // encryption test cycles done on each key.
+const int TEST_RUNS_PER_KEY = 1008;  // encryption test cycles done on each key.
 
-const int THREAD_COUNT = 10;  // number of threads testing blowfish at once.
+//const int THREAD_COUNT = 10;  // number of threads testing blowfish at once.
+const int THREAD_COUNT = 1;  // number of threads testing blowfish at once.
 
-const int ITERATIONS = 4;  // number of test runs in our testing threads.
+//const int ITERATIONS = 4;  // number of test runs in our testing threads.
+const int ITERATIONS = 80;  // number of test runs in our testing threads.
 
 const int MAX_STRING = 20000;  // largest chunk that we'll try to encrypt.
 
@@ -138,9 +141,9 @@ void blowfish_thread::perform_activity(void *)
         (blowfish_crypto::minimum_key_size(),
          blowfish_crypto::maximum_key_size()));
 #ifdef DEBUG_BLOWFISH
-//    LOG(a_sprintf("%d bit key has:", bc.key_size()));
-//    astring dumped_key = byte_formatter::text_dump(bc.get_key());
-//    LOG(a_sprintf("%s", dumped_key.s()));
+    LOG(a_sprintf("%d bit key has:", bc.key_size()));
+    astring dumped_key = byte_formatter::text_dump(bc.get_key());
+    LOG(a_sprintf("%s", dumped_key.s()));
 #endif
     int key_dur = int(time_stamp().value() - key_start.value());
 #ifdef DEBUG_BLOWFISH
@@ -148,8 +151,9 @@ void blowfish_thread::perform_activity(void *)
 #endif
 
     for (int i = 0; i < TEST_RUNS_PER_KEY; i++) {
-      byte_array key;
-      byte_array iv;
+///      byte_array key;
+///      byte_array iv;
+LOG(a_sprintf("test run %d on this key.", i+1));
       int string_start = _parent.randomizer().inclusive(0, MAX_STRING - 1);
       int string_end = _parent.randomizer().inclusive(0, MAX_STRING - 1);
       flip_increasing(string_start, string_end);
-- 
2.43.0