summaryrefslogtreecommitdiff
path: root/ext/openssl/ossl_pkey_rsa.c
diff options
context:
space:
mode:
authornahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2011-09-01 07:42:29 +0000
committernahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2011-09-01 07:42:29 +0000
commitd3507e3ea697be7aab4e9344c379d6b277cf81cf (patch)
treea904f68bf5e20831cf6717663f887b5de702d321 /ext/openssl/ossl_pkey_rsa.c
parentca3b4133fd011b0077ea99b92bbd92c4e5cb7797 (diff)
* Release GVL while OpenSSL's public key generation.
t = Thread.new { print "."; sleep 0.1 } key = OpenSSL::PKey::RSA.new(2048) #=> Thread t works in parallel with public key generation if OS/machine allows it. This works with OpenSSL >= 0.9.8. From this version, it has new public key generation function which allows us to interrupt the execution while pkey generation iterations. * ext/openssl/extconf.rb: Check existence of OpenSSL's new public key generation function. (DH_generate_parameters_ex, DSA_generate_parameters_ex and RSA_generate_key_ex. * ext/openssl/ossl_pkey.{h,c} (ossl_generate_cb_2, ossl_generate_cb_stop): Added new callback function for OpenSSL pkey generation which handles Thread interruption by Ruby. ossl_generate_cb_stop is the unblock function(ubf) for Ruby which sets a stop flag. New pkey generation callback ossl_generate_cb_2 checks the stop flag at each iterations of OpenSSL and interrupts pkey generation when the flag is set. * ext/openssl/ossl_pkey_dsa.c (dsa_generate): Call rb_thread_blocking_region with the above unblock function to release GVL while pkey generation. * ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto. * ext/openssl/ossl_pkey_dh.c (dh_generate): ditto. * test/openssl/test_pkey_{dh,dsa,rsa}.rb: Test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33155 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl_pkey_rsa.c')
-rw-r--r--ext/openssl/ossl_pkey_rsa.c70
1 files changed, 67 insertions, 3 deletions
diff --git a/ext/openssl/ossl_pkey_rsa.c b/ext/openssl/ossl_pkey_rsa.c
index eba693b..d6ae8d2 100644
--- a/ext/openssl/ossl_pkey_rsa.c
+++ b/ext/openssl/ossl_pkey_rsa.c
@@ -76,12 +76,76 @@ ossl_rsa_new(EVP_PKEY *pkey)
/*
* Private
*/
+#if defined(HAVE_RSA_GENERATE_KEY_EX) && HAVE_BN_GENCB
+struct rsa_blocking_gen_arg {
+ RSA *rsa;
+ BIGNUM *e;
+ int size;
+ BN_GENCB *cb;
+ int result;
+};
+
+static void
+rsa_blocking_gen(void *arg)
+{
+ struct rsa_blocking_gen_arg *gen = (struct rsa_blocking_gen_arg *)arg;
+ gen->result = RSA_generate_key_ex(gen->rsa, gen->size, gen->e, gen->cb);
+}
+#endif
+
static RSA *
rsa_generate(int size, int exp)
{
- return RSA_generate_key(size, exp,
- rb_block_given_p() ? ossl_generate_cb : NULL,
- NULL);
+#if defined(HAVE_RSA_GENERATE_KEY_EX) && HAVE_BN_GENCB
+ int i;
+ BN_GENCB cb;
+ struct ossl_generate_cb_arg cb_arg;
+ struct rsa_blocking_gen_arg gen_arg;
+ RSA *rsa = RSA_new();
+ BIGNUM *e = BN_new();
+
+ if (!rsa || !e) {
+ if (e) BN_free(e);
+ if (rsa) RSA_free(rsa);
+ return 0;
+ }
+ for (i = 0; i < (int)sizeof(exp); ++i) {
+ if (exp & (1 << i)) {
+ if (BN_set_bit(e, i) == 0) {
+ BN_free(e);
+ RSA_free(rsa);
+ return 0;
+ }
+ }
+ }
+
+ memset(&cb_arg, 0, sizeof(struct ossl_generate_cb_arg));
+ if (rb_block_given_p())
+ cb_arg.yield = 1;
+ BN_GENCB_set(&cb, ossl_generate_cb_2, &cb_arg);
+ gen_arg.rsa = rsa;
+ gen_arg.e = e;
+ gen_arg.size = size;
+ gen_arg.cb = &cb;
+ if (cb_arg.yield == 1) {
+ /* we cannot release GVL when callback proc is supplied */
+ rsa_blocking_gen(&gen_arg);
+ } else {
+ /* there's a chance to unblock */
+ rb_thread_blocking_region(rsa_blocking_gen, &gen_arg, ossl_generate_cb_stop, &cb_arg);
+ }
+ if (!gen_arg.result) {
+ BN_free(e);
+ RSA_free(rsa);
+ if (cb_arg.state) rb_jump_tag(cb_arg.state);
+ return 0;
+ }
+
+ BN_free(e);
+ return rsa;
+#else
+ return RSA_generate_key(size, exp, rb_block_given_p() ? ossl_generate_cb : NULL, NULL);
+#endif
}
/*