summaryrefslogtreecommitdiff
path: root/src/common/crypto.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2005-10-18 21:58:19 +0000
committerNick Mathewson <nickm@torproject.org>2005-10-18 21:58:19 +0000
commitedf56984749e86badfceabb644d5d2fdc0bc6d76 (patch)
tree191b7ace58e2ce3343277142a79f60ba12d20312 /src/common/crypto.c
parent102df4a9823020cd7e2da4a2d37466f6fb91cb36 (diff)
downloadtor-edf56984749e86badfceabb644d5d2fdc0bc6d76.tar.gz
tor-edf56984749e86badfceabb644d5d2fdc0bc6d76.zip
Start dividing log messages into logging domains. No, LD_ is not the best of identifiers. src/or has not been converted yet. Domains dont do anything yet.
svn:r5284
Diffstat (limited to 'src/common/crypto.c')
-rw-r--r--src/common/crypto.c64
1 files changed, 33 insertions, 31 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 4ec48ee7da..4857175e74 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -165,9 +165,9 @@ crypto_log_errors(int severity, const char *doing)
func = (const char*)ERR_func_error_string(err);
if (!msg) msg = "(null)";
if (doing) {
- log(severity, "crypto error while %s: %s (in %s:%s)", doing, msg, lib, func);
+ log(severity, LD_CRYPTO, "crypto error while %s: %s (in %s:%s)", doing, msg, lib, func);
} else {
- log(severity, "crypto error: %s (in %s:%s)", msg, lib, func);
+ log(severity, LD_CRYPTO, "crypto error: %s (in %s:%s)", msg, lib, func);
}
}
}
@@ -180,10 +180,10 @@ log_engine(const char *fn, ENGINE *e)
const char *name, *id;
name = ENGINE_get_name(e);
id = ENGINE_get_id(e);
- log(LOG_NOTICE, "Using OpenSSL engine %s [%s] for %s",
+ log(LOG_NOTICE, LD_CRYPTO, "Using OpenSSL engine %s [%s] for %s",
name?name:"?", id?id:"?", fn);
} else {
- log(LOG_INFO, "Using default implementation for %s", fn);
+ log(LOG_INFO, LD_CRYPTO, "Using default implementation for %s", fn);
}
}
#endif
@@ -201,8 +201,8 @@ crypto_global_init(int useAccel)
#ifndef NO_ENGINES
if (useAccel) {
if (useAccel < 0)
- log_fn(LOG_WARN, "Initializing OpenSSL via tor_tls_init().");
- log_fn(LOG_INFO, "Initializing OpenSSL engine support.");
+ warn(LD_CRYPTO, "Initializing OpenSSL via tor_tls_init().");
+ info(LD_CRYPTO, "Initializing OpenSSL engine support.");
ENGINE_load_builtin_engines();
if (!ENGINE_register_all_complete())
return -1;
@@ -342,7 +342,7 @@ crypto_create_init_cipher(const char *key, int encrypt_mode)
crypto_cipher_env_t *crypto = NULL;
if (! (crypto = crypto_new_cipher_env())) {
- log_fn(LOG_WARN, "Unable to allocate crypto object");
+ warn(LD_CRYPTO, "Unable to allocate crypto object");
return NULL;
}
@@ -452,7 +452,7 @@ crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env, const char *keyfi
/* Read the file into a string. */
contents = read_file_to_str(keyfile, 0);
if (!contents) {
- log_fn(LOG_WARN, "Error reading private key from \"%s\"", keyfile);
+ warn(LD_CRYPTO, "Error reading private key from \"%s\"", keyfile);
return -1;
}
@@ -592,7 +592,7 @@ crypto_pk_DER64_encode_public_key(crypto_pk_env_t *env, char **out)
}
*out = tor_malloc(len * 2); /* too long, but safe. */
if (base64_encode(*out, len*2, buf, len) < 0) {
- log_fn(LOG_WARN, "Error base64-encoding DER-encoded key");
+ warn(LD_CRYPTO, "Error base64-encoding DER-encoded key");
tor_free(*out);
return -1;
}
@@ -628,7 +628,7 @@ crypto_pk_DER64_decode_public_key(const char *in)
return NULL;
len = base64_decode(buf, sizeof(buf), partitioned, strlen(partitioned));
if (len<0) {
- log_fn(LOG_WARN,"Error base-64 decoding key");
+ warn(LD_CRYPTO,"Error base-64 decoding key");
return NULL;
}
return crypto_pk_asn1_decode(buf, len);
@@ -785,16 +785,16 @@ crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
tor_assert(sig);
if (crypto_digest(digest,data,datalen)<0) {
- log_fn(LOG_WARN, "couldn't compute digest");
+ warn(LD_CRYPTO, "couldn't compute digest");
return -1;
}
r = crypto_pk_public_checksig(env,buf,sig,siglen);
if (r != DIGEST_LEN) {
- log_fn(LOG_WARN, "Invalid signature");
+ warn(LD_CRYPTO, "Invalid signature");
return -1;
}
if (memcmp(buf, digest, DIGEST_LEN)) {
- log_fn(LOG_WARN, "Signature mismatched with digest.");
+ warn(LD_CRYPTO, "Signature mismatched with digest.");
return -1;
}
@@ -942,11 +942,13 @@ crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
}
outlen = crypto_pk_private_decrypt(env,buf,from,pkeylen,padding,warnOnFailure);
if (outlen<0) {
- log_fn(warnOnFailure?LOG_WARN:LOG_DEBUG, "Error decrypting public-key data");
+ log_fn(warnOnFailure?LOG_WARN:LOG_DEBUG, LD_CRYPTO,
+ "Error decrypting public-key data");
return -1;
}
if (outlen < CIPHER_KEY_LEN) {
- log_fn(warnOnFailure?LOG_WARN:LOG_INFO, "No room for a symmetric key");
+ log_fn(warnOnFailure?LOG_WARN:LOG_INFO, LD_CRYPTO,
+ "No room for a symmetric key");
return -1;
}
cipher = crypto_create_init_cipher(buf, 0);
@@ -1398,7 +1400,7 @@ crypto_dh_generate_public(crypto_dh_env_t *dh)
return -1;
}
if (tor_check_dh_key(dh->dh->pub_key)<0) {
- log_fn(LOG_WARN, "Weird! Our own DH key was invalid. I guess once-in-the-universe chances really do happen. Trying again.");
+ warn(LD_CRYPTO, "Weird! Our own DH key was invalid. I guess once-in-the-universe chances really do happen. Trying again.");
/* Free and clear the keys, so openssl will actually try again. */
BN_free(dh->dh->pub_key);
BN_free(dh->dh->priv_key);
@@ -1426,7 +1428,7 @@ crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey, size_t pubkey_len)
bytes = BN_num_bytes(dh->dh->pub_key);
tor_assert(bytes >= 0);
if (pubkey_len < (size_t)bytes) {
- log_fn(LOG_WARN, "Weird! pubkey_len (%d) was smaller than DH_BYTES (%d)", (int) pubkey_len, bytes);
+ warn(LD_CRYPTO, "Weird! pubkey_len (%d) was smaller than DH_BYTES (%d)", (int) pubkey_len, bytes);
return -1;
}
@@ -1457,11 +1459,11 @@ tor_check_dh_key(BIGNUM *bn)
if (!dh_param_p)
init_dh_param();
if (bn->neg) {
- log_fn(LOG_WARN, "Rejecting DH key < 0");
+ warn(LD_CRYPTO, "Rejecting DH key < 0");
return -1;
}
if (BN_cmp(bn, dh_param_p)>=0) {
- log_fn(LOG_WARN, "Rejecting DH key >= p");
+ warn(LD_CRYPTO, "Rejecting DH key >= p");
return -1;
}
n_bits = BN_num_bits(bn);
@@ -1471,18 +1473,18 @@ tor_check_dh_key(BIGNUM *bn)
++n_set;
}
if (n_set < MIN_DIFFERING_BITS || n_set >= n_bits-MIN_DIFFERING_BITS) {
- log_fn(LOG_WARN, "Too few/many bits in DH key (%d)", n_set);
+ warn(LD_CRYPTO, "Too few/many bits in DH key (%d)", n_set);
goto err;
}
BN_set_word(x, MIN_DIST_FROM_EDGE);
if (BN_cmp(bn,x)<=0) {
- log_fn(LOG_WARN, "DH key is too close to 0");
+ warn(LD_CRYPTO, "DH key is too close to 0");
goto err;
}
BN_copy(x,dh_param_p);
BN_sub_word(x, MIN_DIST_FROM_EDGE);
if (BN_cmp(bn,x)>=0) {
- log_fn(LOG_WARN, "DH key is too close to p");
+ warn(LD_CRYPTO, "DH key is too close to p");
goto err;
}
BN_free(x);
@@ -1490,7 +1492,7 @@ tor_check_dh_key(BIGNUM *bn)
err:
BN_free(x);
s = BN_bn2hex(bn);
- log_fn(LOG_WARN, "Rejecting invalid DH key [%s]", s);
+ warn(LD_CRYPTO, "Rejecting invalid DH key [%s]", s);
OPENSSL_free(s);
return -1;
}
@@ -1525,13 +1527,13 @@ crypto_dh_compute_secret(crypto_dh_env_t *dh,
goto error;
if (tor_check_dh_key(pubkey_bn)<0) {
/* Check for invalid public keys. */
- log_fn(LOG_WARN,"Rejected invalid g^x");
+ warn(LD_CRYPTO,"Rejected invalid g^x");
goto error;
}
secret_tmp = tor_malloc(crypto_dh_get_bytes(dh)+1);
result = DH_compute_key((unsigned char*)secret_tmp, pubkey_bn, dh->dh);
if (result < 0) {
- log_fn(LOG_WARN,"DH_compute_key() failed.");
+ warn(LD_CRYPTO,"DH_compute_key() failed.");
goto error;
}
secret_len = result;
@@ -1612,7 +1614,7 @@ crypto_seed_rng(void)
* functions. If one succeeds, we'll accept the RNG as seeded. */
rand_poll_status = RAND_poll();
if (rand_poll_status == 0)
- log_fn(LOG_WARN, "RAND_poll() failed.");
+ warn(LD_CRYPTO, "RAND_poll() failed.");
#else
rand_poll_status = 0;
#endif
@@ -1621,14 +1623,14 @@ crypto_seed_rng(void)
if (!provider_set) {
if (!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
if (GetLastError() != NTE_BAD_KEYSET) {
- log_fn(LOG_WARN, "Can't get CryptoAPI provider [1]");
+ warn(LD_CRYPTO, "Can't get CryptoAPI provider [1]");
return rand_poll_status ? 0 : -1;
}
}
provider_set = 1;
}
if (!CryptGenRandom(provider, sizeof(buf), buf)) {
- log_fn(LOG_WARN, "Can't get entropy from CryptoAPI.");
+ warn(LD_CRYPTO, "Can't get entropy from CryptoAPI.");
return rand_poll_status ? 0 : -1;
}
RAND_seed(buf, sizeof(buf));
@@ -1637,18 +1639,18 @@ crypto_seed_rng(void)
for (i = 0; filenames[i]; ++i) {
fd = open(filenames[i], O_RDONLY, 0);
if (fd<0) continue;
- log_fn(LOG_INFO, "Seeding RNG from \"%s\"", filenames[i]);
+ info(LD_CRYPTO, "Seeding RNG from \"%s\"", filenames[i]);
n = read_all(fd, buf, sizeof(buf), 0);
close(fd);
if (n != sizeof(buf)) {
- log_fn(LOG_WARN, "Error reading from entropy source");
+ warn(LD_CRYPTO, "Error reading from entropy source");
return -1;
}
RAND_seed(buf, sizeof(buf));
return 0;
}
- log_fn(LOG_WARN, "Cannot seed RNG -- no entropy source found.");
+ warn(LD_CRYPTO, "Cannot seed RNG -- no entropy source found.");
return rand_poll_status ? 0 : -1;
#endif
}