diff --git a/src/cpp/Crypto/DRRandom.cpp b/src/cpp/Crypto/DRRandom.cpp new file mode 100644 index 000000000..b2b3b5144 --- /dev/null +++ b/src/cpp/Crypto/DRRandom.cpp @@ -0,0 +1,286 @@ +#include "DRRandom.h" +#include "Obfus_array.h" + +/* This program by D E Knuth is in the public domain and freely copyable. + * It is explained in Seminumerical Algorithms, 3rd edition, Section 3.6 + * (or in the errata to the 2nd edition --- see + * http://www-cs-faculty.stanford.edu/~knuth/taocp.html + * in the changes to Volume 2 on pages 171 and following). */ + +/* N.B. The MODIFICATIONS introduced in the 9th printing (2002) are + included here; there's no backwards compatibility with the original. */ + +/* This version also adopts Brendan McKay's suggestion to + accommodate naive users who forget to call ran_start(seed). */ + +/* If you find any bugs, please report them immediately to + * taocp@cs.stanford.edu + * (and you will be rewarded if the bug is genuine). Thanks! */ + +/************ see the book for explanations and caveats! *******************/ +/************ in particular, you need two's complement arithmetic **********/ +// Random-Array +#define KK 100 /* the long lag */ +#define LL 37 /* the short lag */ +#define MM (1L<<30) /* the modulus */ +#define mod_diff(x,y) (((x)-(y))&(MM-1)) /* subtraction mod MM */ +#define mod_sum(x,y) (((x)+(y))-(int)((x)+(y))) /* (x+y) mod 1.0 */ +#ifndef __STDC__ +#define __STDC__ +#endif + +long ran_x[KK]; /* the generator state */ +double ran_u[KK]; /* the generator state */ + +#ifdef __STDC__ +void ran_array(long aa[],int n) +#else +void ran_array(aa,n) /* put n new random numbers in aa */ + long *aa; /* destination */ + int n; /* array length (must be at least KK) */ +#endif +{ + register int i,j; + DISASM_MISALIGN; + for (j=0;j=MM) ss-=MM-2; /* cyclic shift 29 bits */ + } + x[1]++; /* make x[1] (and only x[1]) odd */ + for (ss=seed&(MM-1),t=TT-1; t; ) { + for (j=KK-1;j>0;j--) x[j+j]=x[j], x[j+j-1]=0; /* "square" */ + for (j=KK+KK-2;j>=KK;j--) + x[j-(KK-LL)]=mod_diff(x[j-(KK-LL)],x[j]), + x[j-KK]=mod_diff(x[j-KK],x[j]); + if (is_odd(ss)) { /* "multiply by z" */ + for (j=KK;j>0;j--) x[j]=x[j-1]; + x[0]=x[KK]; /* shift the buffer cyclically */ + x[LL]=mod_diff(x[LL],x[KK]); + } + if (ss) ss>>=1; else t--; + } + DISASM_MISALIGN; + for (j=0;j=0? *ran_arr_ptr++: ran_arr_cycle()) +long ran_arr_cycle() +{ + if (ran_arr_ptr==&ran_arr_dummy) + ran_start(314159L); /* the user forgot to initialize */ + ran_array(ran_arr_buf,QUALITY); + ran_arr_buf[KK]=-1; + ran_arr_ptr=ran_arr_buf+1; + return ran_arr_buf[0]; +} + +// ************************************************************************************************************** +// ************************************************************************************************************** + +// Random-Float Array + +#ifdef __STDC__ +void ranf_array(double aa[], int n) +#else +void ranf_array(aa,n) /* put n new random fractions in aa */ + double *aa; /* destination */ + int n; /* array length (must be at least KK) */ +#endif +{ + register int i,j; + DISASM_MISALIGN; + for (j=0;j=1.0) ss-=1.0-2*ulp; /* cyclic shift of 51 bits */ + } + u[1]+=ulp; /* make u[1] (and only u[1]) "odd" */ + for (s=seed&0x3fffffff,t=TT-1; t; ) { + for (j=KK-1;j>0;j--) + u[j+j]=u[j],u[j+j-1]=0.0; /* "square" */ + for (j=KK+KK-2;j>=KK;j--) { + u[j-(KK-LL)]=mod_sum(u[j-(KK-LL)],u[j]); + u[j-KK]=mod_sum(u[j-KK],u[j]); + } + if (is_odd(s)) { /* "multiply by z" */ + for (j=KK;j>0;j--) u[j]=u[j-1]; + u[0]=u[KK]; /* shift the buffer cyclically */ + u[LL]=mod_sum(u[LL],u[KK]); + } + if (s) s>>=1; else t--; + } + for (j=0;j=0? *ranf_arr_ptr++: ranf_arr_cycle()) +double ranf_arr_cycle() +{ + if (ranf_arr_ptr==&ranf_arr_dummy) + ranf_start(314159L); /* the user forgot to initialize */ + ranf_array(ranf_arr_buf,QUALITY); + ranf_arr_buf[KK]=-1; + ranf_arr_ptr=ranf_arr_buf+1; + return ranf_arr_buf[0]; +} + +// ************************************************************************************************************** +// ************************************************************************************************************** +#ifndef u32 +typedef Poco::UInt32 u32; +typedef Poco::UInt32 uint; +#endif +// XORshift Quelle: http://de.wikipedia.org/wiki/Xorshift +u32 xorshift_x = 123456789; +u32 xorshift_y = 362436069; +u32 xorshift_z = 521288629; +u32 xorshift_w = 88675123; +u32 xorshift() +{ + /* 32 Bit periodenlänge + xorshiftSeed ^= xorshiftSeed << 13; + xorshiftSeed ^= xorshiftSeed >> 17; + xorshiftSeed ^= xorshiftSeed << 5; + return xorshiftSeed; + * */ + + u32 t = xorshift_x ^ (xorshift_x << 11); + xorshift_x = xorshift_y; xorshift_y = xorshift_z; xorshift_z = xorshift_w; + xorshift_w ^= (xorshift_w >> 19) ^ t ^ (t >> 8); + + return xorshift_w; +} +void xorshift_seed(u32 seed) +{ + xorshift_x = seed; + xorshift(); +} + +// ************************************************************************************************************** +// ************************************************************************************************************** + +// static vars +long random_buffer[KK]; +uint rand_buffer_cursor = KK; +double randomf_buffer[KK]; +uint randf_buffer_cursor = KK; + +//*************************************************************************************************************** +void DRRandom::seed(long seed) +{ + //DRLog.writeToLog("[DRRandom::seed] seed reinit: %d\n", seed); + ran_start(seed); + xorshift_seed(seed); + DISASM_FALSERET; + rand_buffer_cursor = KK; + seedf(seed); +} + +void DRRandom::seedf(long seed) +{ + ranf_start(seed); + randf_buffer_cursor = KK; +} + +long DRRandom::core2_rand() +{ + // return xorshift(); + if(rand_buffer_cursor >= KK) + { + rand_buffer_cursor = 0; + ran_array(random_buffer, KK); + } + NULLPAD_10; + return random_buffer[rand_buffer_cursor++]; +} + +double DRRandom::core2_randf() +{ + if(randf_buffer_cursor >= KK) + { + randf_buffer_cursor = 0; + ranf_array(randomf_buffer, KK); + } + return randomf_buffer[randf_buffer_cursor++]; +} + +Poco::Int64 DRRandom::r64() +{ + Poco::Int64 r1 = core2_rand(); + Poco::Int64 r2 = core2_rand();///*0x00000000ffffffff &*/ (core2_rand() << 8); + //u64 r12 = r1 | (r2 << 8); + //printf("r1: %lld, %llx, r2: %lld, %llx, r1|2: %lld, %llx\n", r1, r1, r2, r2, r12, r12); + DISASM_FALSERET; + return r1 | (r2 << 8); +} +double DRRandom::rDouble(double max, double min) +{ + double value = core2_randf(); + //printf("rDouble: %f\n", value); + return min + (max - min) * value; +} + +int DRRandom::rInt(int max, int min) +{ + return min + (core2_rand() % (max-min+1)); +} \ No newline at end of file diff --git a/src/cpp/Crypto/DRRandom.h b/src/cpp/Crypto/DRRandom.h new file mode 100644 index 000000000..12505467a --- /dev/null +++ b/src/cpp/Crypto/DRRandom.h @@ -0,0 +1,58 @@ +/*/************************************************************************* + * * + * Core, Core-Lib for my programs, Core doesn't need any libraries * + * Copyright (C) 2012, 2013, 2014 Dario Rekowski * + * Email: ***REMOVED*** Web: ***REMOVED*** * + * * + * This program is free software: you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation, either version 3 of the License, or * + * any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +/* + * File: DRRandom.h + * Author: dario + * + * Created on 25. August 2011, 13:28 + */ + +#ifndef __DR_CORE2_RANDOM__ +#define __DR_CORE2_RANDOM__ + +#include "Poco/Types.h" + +class DRRandom +{ +public: + DRRandom() {} + + static long core2_rand(); + static double core2_randf(); + static Poco::Int64 r64(); + static double rDouble(double max, double min); + static float rReal(float fMax, float fMin) + { + return static_cast(rDouble(fMax, fMin)); + } + + static int rInt(int max, int min); + + + static void seed(long seed); + static void seedf(long seed); +private: +}; + + +#endif /* __DR_CORE2_RANDOM__ */ + diff --git a/src/cpp/Crypto/Obfus_array.cpp b/src/cpp/Crypto/Obfus_array.cpp index 6d01c5149..19f19473e 100644 --- a/src/cpp/Crypto/Obfus_array.cpp +++ b/src/cpp/Crypto/Obfus_array.cpp @@ -21,6 +21,8 @@ ObfusArray::ObfusArray(size_t size, const unsigned char * data) size_t dMax = (size_t)floorf(m_arraySize / 4.0f); //printf("d start by: %lld, dMax: %u\n", d, dMax); + size_t i = 0; + DISASM_MISALIGN; for (size_t i = 0; i < dMax; i++) { d[i] = randombytes_random(); } @@ -28,11 +30,42 @@ ObfusArray::ObfusArray(size_t size, const unsigned char * data) m_Data[i] = (unsigned char)randombytes_random(); } //d[m_arraySize - 4] = randombytes_random(); - + DISASM_FALSERET; + /* other stuff can be done here that won't be disassembled */ memcpy(&m_Data[m_offsetSize], data, size); //printf("[ObfusArray] data: %lld\n", (int64_t)m_Data); } +ObfusArray::ObfusArray(size_t size) + : m_arraySize(0), m_offsetSize(0), m_dataSize(size), m_Data(nullptr) +{ + m_arraySize = size + 2 + randombytes_random() % (int)roundf(size*0.25f); + m_Data = (unsigned char*)malloc(m_arraySize); + + m_offsetSize = randombytes_random() % (int)roundf((m_arraySize - m_dataSize) * 0.8f); + + //printf("[ObfusArray::ObfusArray] array_size: %d, start by: %lld, size: %u, offset: %u\n", + //m_arraySize, m_Data, size, m_offsetSize); + + assert(m_arraySize - m_offsetSize >= size); + + uint32_t* d = (uint32_t*)m_Data; + size_t dMax = (size_t)floorf(m_arraySize / 4.0f); + + //printf("d start by: %lld, dMax: %u\n", d, dMax); + size_t i = 0; + DISASM_MISALIGN; + for (size_t i = 0; i < dMax; i++) { + d[i] = randombytes_random(); + } + DISASM_FALSERET; + for (size_t i = m_arraySize - 4; i < m_arraySize; i++) { + m_Data[i] = (unsigned char)randombytes_random(); + } + //d[m_arraySize - 4] = randombytes_random(); + +} + /* ObfusArray::ObfusArray(size_t size, const unsigned char * data) : m_arraySize(64), m_offsetSize(0), m_dataSize(size) @@ -53,4 +86,12 @@ ObfusArray::~ObfusArray() } //printf("[ObfusArray::~ObfusArray] finish\n"); +} + +void ObfusArray::put(size_t i, Poco::UInt64 value) +{ + if ((i + 1) * 8 >= m_dataSize) return; + DISASM_FALSERET; + unsigned char* p = &m_Data[m_offsetSize + (i * 8)]; + memcpy(p, &value, sizeof(Poco::UInt64)); } \ No newline at end of file diff --git a/src/cpp/Crypto/Obfus_array.h b/src/cpp/Crypto/Obfus_array.h index 8beb7e8d4..9c8e4507d 100644 --- a/src/cpp/Crypto/Obfus_array.h +++ b/src/cpp/Crypto/Obfus_array.h @@ -2,17 +2,70 @@ #define GRADIDO_LOGIN_SERVER_CRYPTO_OBFUS_ARRAY #include +#include "Poco/Types.h" + +#ifdef _ENABLE_ASSEMBLER_OBFUS //_MSC_VER +// Quelle: https://mycomputersciencebooks.files.wordpress.com/2017/08/secure-programming-in-c-and-c.pdf +// Kapitel 12.16 +#define NULLPAD_START __asm { + pushl %eax + movl %esp, %eax +} +#define NULLPAD __asm { + addb %al, (%eax) +} +#define NULLPAD_END __asm { + popl %eax +} +#define NULLPAD_10 NULLPAD_START; NULLPAD; NULLPAD; NULLPAD; NULLPAD; NULLPAD; NULLPAD_END + + +#define DISASM_MISALIGN __asm __volatile ( \ + " pushl %eax \n" \ + " cmpl %eax, %eax \n" \ + " jz 0f \n" \ + " .byte 0x0F \n" \ + "0: \n" \ + " popl %eax \n") + +#define DISASM_FALSERET __asm __volatile ( \ + " pushl %ecx /* save registers */\n" \ + " pushl %ebx \n" \ + " pushl %edx \n" \ + " movl %esp, %ebx /* save ebp, esp */\n" \ + " movl %ebp, %esp \n" \ + " popl %ebp /* save old %ebp */\n" \ + " popl %ecx /* save return addr */\n" \ + " lea 0f, %edx /* edx = addr of 0: */\n" \ + " pushl %edx /* return addr = edx */\n" \ + " ret \n" \ + " .byte 0x0F /* off-by-one byte */\n" \ + "0: \n" \ + " pushl %ecx /* restore ret addr */\n" \ + " pushl %ebp /* restore old &ebp */\n" \ + " movl %esp, %ebp /* restore ebp, esp */\n" \ + " movl %ebx, %esp \n" \ + " popl %ebx \n" \ + " popl %ecx \n") +#else +#define NULLPAD_10 +#define DISASM_MISALIGN +#define DISASM_FALSERET +#endif class ObfusArray { public: ObfusArray(size_t size, const unsigned char * data); + ObfusArray(size_t size); ~ObfusArray(); inline operator const unsigned char*() const {return &m_Data[m_offsetSize];} inline size_t size() const { return m_dataSize;} + void put(size_t i, Poco::UInt64 value); + private: size_t m_arraySize; size_t m_offsetSize; diff --git a/src/cpp/Crypto/ServerCrypto.cpp b/src/cpp/Crypto/ServerCrypto.cpp new file mode 100644 index 000000000..e69de29bb diff --git a/src/cpp/Crypto/ServerCrypto.h b/src/cpp/Crypto/ServerCrypto.h new file mode 100644 index 000000000..292e1f642 --- /dev/null +++ b/src/cpp/Crypto/ServerCrypto.h @@ -0,0 +1,9 @@ +#ifndef GRADIDO_LOGIN_SERVER_CRYPTO_SERVER_CRYPTO +#define GRADIDO_LOGIN_SERVER_CRYPTO_SERVER_CRYPTO + +class ServerCrypto +{ + +}; + +#endif // GRADIDO_LOGIN_SERVER_CRYPTO_SERVER_CRYPTO \ No newline at end of file diff --git a/src/cpp/Crypto/mnemonic.cpp b/src/cpp/Crypto/mnemonic.cpp index 1d6bf747b..d213e672d 100644 --- a/src/cpp/Crypto/mnemonic.cpp +++ b/src/cpp/Crypto/mnemonic.cpp @@ -5,6 +5,8 @@ #include #include "../dependencies/tinf/src/tinf.h" +#include "DRRandom.h" + Mnemonic::Mnemonic() { memset(mWords, 0, 2048); @@ -47,6 +49,9 @@ int Mnemonic::init(void(*fill_words_func)(unsigned char*), unsigned int original else { free(buffer); + DRRandom::seed(compressed_size); + + //printf("c[Mnemonic::%s] uncompressing success\n", __FUNCTION__); // fill words in array and hashList int cursor = 0; diff --git a/src/cpp/Gradido_LoginServer.cpp b/src/cpp/Gradido_LoginServer.cpp index 1bca8ee80..d1049686a 100644 --- a/src/cpp/Gradido_LoginServer.cpp +++ b/src/cpp/Gradido_LoginServer.cpp @@ -92,6 +92,10 @@ int Gradido_LoginServer::main(const std::vector& args) return Application::EXIT_CONFIG; } + Poco::Int64 i1 = randombytes_random(); + Poco::Int64 i2 = randombytes_random(); + ServerConfig::g_ServerKeySeed->put(1, i1 | (i2 << 8)); + ServerConfig::initEMailAccount(config()); // start cpu scheduler @@ -156,6 +160,14 @@ int Gradido_LoginServer::main(const std::vector& args) // set-up a HTTPServer instance Poco::ThreadPool& pool = Poco::ThreadPool::defaultPool(); Poco::Net::HTTPServer srv(new PageRequestHandlerFactory, svs, new Poco::Net::HTTPServerParams); + ServerConfig::g_ServerKeySeed->put(7, 918276611); + Poco::Int64 key[6]; + const unsigned char* seed = *ServerConfig::g_ServerKeySeed; + // skip first two values + seed += 16; + memcpy(key, seed, 6 * 8); + printf("key: 0x%llx 0x%llx 0x%llx 0x%llx 0x%llx 0x%llx\n", + key[0], key[1], key[2], key[3], key[4], key[5]); // start the HTTPServer srv.start(); printf("[Gradido_LoginServer::main] started in %s\n", usedTime.string().data()); diff --git a/src/cpp/HTTPInterface/PageRequestHandlerFactory.cpp b/src/cpp/HTTPInterface/PageRequestHandlerFactory.cpp index 199557ee9..c49462732 100644 --- a/src/cpp/HTTPInterface/PageRequestHandlerFactory.cpp +++ b/src/cpp/HTTPInterface/PageRequestHandlerFactory.cpp @@ -20,10 +20,13 @@ #include "../model/Profiler.h" +#include "../ServerConfig.h" +#include "../Crypto/DRRandom.h" + PageRequestHandlerFactory::PageRequestHandlerFactory() : mRemoveGETParameters("^/([a-zA-Z0-9_-]*)"), mLogging(Poco::Logger::get("requestLog")) { - + ServerConfig::g_ServerKeySeed->put(8, DRRandom::r64()); } Poco::Net::HTTPRequestHandler* PageRequestHandlerFactory::createRequestHandler(const Poco::Net::HTTPServerRequest& request) diff --git a/src/cpp/MySQL/Connector.cpp b/src/cpp/MySQL/Connector.cpp index d3a86e30c..dc170cacb 100644 --- a/src/cpp/MySQL/Connector.cpp +++ b/src/cpp/MySQL/Connector.cpp @@ -18,6 +18,8 @@ #include "Poco/Exception.h" #include +#include "../ServerConfig.h" +#include "../Crypto/DRRandom.h" namespace Poco { namespace Data { @@ -56,6 +58,7 @@ void Connector::registerConnector() { throw Exception("mysql_library_init error"); } + ServerConfig::g_ServerKeySeed->put(4, DRRandom::r64()); Poco::Data::SessionFactory::instance().add(new Connector()); } diff --git a/src/cpp/ServerConfig.cpp b/src/cpp/ServerConfig.cpp index 7ac07941c..e914e5466 100644 --- a/src/cpp/ServerConfig.cpp +++ b/src/cpp/ServerConfig.cpp @@ -1,8 +1,10 @@ #include "ServerConfig.h" #include "Crypto/mnemonic_german.h" #include "Crypto/mnemonic_bip0039.h" +#include "Crypto/DRRandom.h" #include "sodium.h" + #include "Poco/Net/SSLManager.h" #include "Poco/Net/KeyConsoleHandler.h" #include "Poco/Net/RejectCertificateHandler.h" @@ -28,6 +30,7 @@ namespace ServerConfig { Mnemonic g_Mnemonic_WordLists[MNEMONIC_MAX]; ObfusArray* g_ServerCryptoKey = nullptr; + ObfusArray* g_ServerKeySeed = nullptr; // std::string g_ServerAdminPublic; UniLib::controller::CPUSheduler* g_CPUScheduler = nullptr; UniLib::controller::CPUSheduler* g_CryptoCPUScheduler = nullptr; @@ -66,6 +69,7 @@ namespace ServerConfig { auto serverKey = cfg.getString("crypto.server_key"); unsigned char key[crypto_shorthash_KEYBYTES]; size_t realBinSize = 0; + NULLPAD_10; if (sodium_hex2bin(key, crypto_shorthash_KEYBYTES, serverKey.data(), serverKey.size(), nullptr, &realBinSize, nullptr)) { printf("[%s] serverKey isn't valid hex: %s\n", __FUNCTION__, serverKey.data()); return false; @@ -76,9 +80,14 @@ namespace ServerConfig { return false; } g_ServerCryptoKey = new ObfusArray(realBinSize, key); + g_ServerKeySeed = new ObfusArray(9*8); + Poco::Int64 i1 = randombytes_random(); + Poco::Int64 i2 = randombytes_random(); + g_ServerKeySeed->put(0, i1 | (i2 << 8)); //g_ServerAdminPublic = cfg.getString("crypto.server_admin_public"); + DISASM_FALSERET; g_SessionTimeout = cfg.getInt("session.timeout", SESSION_TIMEOUT_DEFAULT); g_serverPath = cfg.getString("loginServer.path", ""); return true; @@ -91,7 +100,8 @@ namespace ServerConfig { g_EmailAccount.password = cfg.getString("email.password"); g_EmailAccount.url = cfg.getString("email.smtp.url"); g_EmailAccount.port = cfg.getInt("email.smtp.port"); - + DISASM_FALSERET; + g_ServerKeySeed->put(3, DRRandom::r64()); return true; } @@ -116,9 +126,11 @@ namespace ServerConfig { printf("[ServerConfig::initSSLClientContext] error init ssl context, maybe no cacert.pem found?\nPlease make sure you have cacert.pem (CA/root certificates) next to binary from https://curl.haxx.se/docs/caextract.html\n"); return false; } - + DISASM_FALSERET; SSLManager::instance().initializeClient(0, pCert, g_SSL_CLient_Context); + g_ServerKeySeed->put(5, DRRandom::r64()); + return true; } @@ -126,6 +138,9 @@ namespace ServerConfig { if (g_ServerCryptoKey) { delete g_ServerCryptoKey; } + if (g_ServerKeySeed) { + delete g_ServerKeySeed; + } if (g_CPUScheduler) { delete g_CPUScheduler; } diff --git a/src/cpp/ServerConfig.h b/src/cpp/ServerConfig.h index 16820431b..f8dd5cf4b 100644 --- a/src/cpp/ServerConfig.h +++ b/src/cpp/ServerConfig.h @@ -2,7 +2,7 @@ #include "Crypto/Obfus_array.h" #include "Poco/Util/LayeredConfiguration.h" #include "Poco/Net/Context.h" - +#include "Poco/Types.h" #include "tasks/CPUSheduler.h" @@ -23,7 +23,10 @@ namespace ServerConfig { }; extern Mnemonic g_Mnemonic_WordLists[MNEMONIC_MAX]; + extern ObfusArray* g_ServerCryptoKey; + extern ObfusArray* g_ServerKeySeed; + //extern unsigned char g_ServerAdminPublic[]; extern UniLib::controller::CPUSheduler* g_CPUScheduler; extern UniLib::controller::CPUSheduler* g_CryptoCPUScheduler; @@ -32,6 +35,7 @@ namespace ServerConfig { extern int g_SessionTimeout; extern std::string g_serverPath; + bool loadMnemonicWordLists(); bool initServerCrypto(const Poco::Util::LayeredConfiguration& cfg); bool initEMailAccount(const Poco::Util::LayeredConfiguration& cfg); diff --git a/src/cpp/SingletonManager/SessionManager.cpp b/src/cpp/SingletonManager/SessionManager.cpp index c66b43aba..0edbe5ada 100644 --- a/src/cpp/SingletonManager/SessionManager.cpp +++ b/src/cpp/SingletonManager/SessionManager.cpp @@ -1,6 +1,7 @@ #include "SessionManager.h" #include "ErrorManager.h" #include "../ServerConfig.h" +#include "../Crypto/DRRandom.h" #include @@ -28,7 +29,9 @@ SessionManager::~SessionManager() bool SessionManager::init() { mWorkingMutex.lock(); - for (int i = 0; i < VALIDATE_MAX; i++) { + int i; + DISASM_MISALIGN; + for (i = 0; i < VALIDATE_MAX; i++) { switch (i) { //case VALIDATE_NAME: mValidations[i] = new Poco::RegularExpression("/^[a-zA-Z_ -]{3,}$/"); break; case VALIDATE_NAME: mValidations[i] = new Poco::RegularExpression("^[a-zA-Z]{3,}$"); break; @@ -37,11 +40,15 @@ bool SessionManager::init() case VALIDATE_PASSPHRASE: mValidations[i] = new Poco::RegularExpression("^(?:[a-z]* ){23}[a-z]*\s*$"); break; case VALIDATE_HAS_NUMBER: mValidations[i] = new Poco::RegularExpression(".*[0-9].*"); break; case VALIDATE_HAS_SPECIAL_CHARACTER: mValidations[i] = new Poco::RegularExpression(".*[@$!%*?&+-].*"); break; - case VALIDATE_HAS_UPPERCASE_LETTER: mValidations[i] = new Poco::RegularExpression(".*[A-Z].*"); break; + case VALIDATE_HAS_UPPERCASE_LETTER: + mValidations[i] = new Poco::RegularExpression(".*[A-Z].*"); + ServerConfig::g_ServerKeySeed->put(i, DRRandom::r64()); + break; case VALIDATE_HAS_LOWERCASE_LETTER: mValidations[i] = new Poco::RegularExpression(".*[a-z].*"); break; default: printf("[SessionManager::%s] unknown validation type\n", __FUNCTION__); } } + mInitalized = true; mWorkingMutex.unlock(); diff --git a/src/cpp/tasks/CPUSheduler.cpp b/src/cpp/tasks/CPUSheduler.cpp index acc518ce0..c06814e5b 100644 --- a/src/cpp/tasks/CPUSheduler.cpp +++ b/src/cpp/tasks/CPUSheduler.cpp @@ -3,6 +3,8 @@ #include "CPUTask.h" #include +#include "../ServerConfig.h" + namespace UniLib { namespace controller { @@ -14,6 +16,8 @@ namespace UniLib { uint8_t len = strlen(name); if(len > 7) len = 7; memcpy(nameBuffer, name, len); + int i = 0; + ServerConfig::g_ServerKeySeed->put(threadCount, 1726199827); for(int i = 0; i < threadCount; i++) { sprintf(&nameBuffer[len], "%.2d", i); mThreads[i] = new CPUShedulerThread(this, nameBuffer); diff --git a/src/cpp/tasks/CPUShedulerThread.cpp b/src/cpp/tasks/CPUShedulerThread.cpp index b7eff7fb5..893fdceac 100644 --- a/src/cpp/tasks/CPUShedulerThread.cpp +++ b/src/cpp/tasks/CPUShedulerThread.cpp @@ -10,6 +10,7 @@ #endif //_UNI_LIB_DEBUG + namespace UniLib { namespace controller { CPUShedulerThread::CPUShedulerThread(CPUSheduler* parent, const char* name)