From 7972de13caf21647c8cc2e82c499a344f7191a22 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Thu, 25 Feb 2016 14:34:30 -0800 Subject: backtrace openssl_verify errors so that we can find bad keys - as there is very little relevant context available at this level. --- include/crypto.php | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'include/crypto.php') diff --git a/include/crypto.php b/include/crypto.php index 494a2a5b9..50ec2a3a6 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -21,6 +21,21 @@ function rsa_verify($data,$sig,$key,$alg = 'sha256') { if(intval(OPENSSL_ALGO_SHA256) && $alg === 'sha256') $alg = OPENSSL_ALGO_SHA256; $verify = openssl_verify($data,$sig,$key,$alg); + + if(! $verify) { + logger('openssl_verify: ' . openssl_error_string(),LOGGER_NORMAL,LOG_ERR); + logger('openssl_verify: key: ' . $key, LOGGER_DEBUG, LOG_ERR); + // provide a backtrace so that we can debug key issues + if(version_compare(PHP_VERSION, '5.4.0') >= 0) { + $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS); + if($stack) { + foreach($stack as $s) { + logger('stack: ' . basename($s['file']) . ':' . $s['line'] . ':' . $s['function'] . '()',LOGGER_DEBUG,LOG_ERR); + } + } + } + } + return $verify; } -- cgit v1.2.3