diff --git a/changes/bug13286 b/changes/bug13286 new file mode 100644 index 0000000000..0a7f9d7931 --- /dev/null +++ b/changes/bug13286 @@ -0,0 +1,2 @@ + o Removed features: + Remove the --disable-curve25519 configure option. diff --git a/configure.ac b/configure.ac index 4c7da5d76a..b722854195 100644 --- a/configure.ac +++ b/configure.ac @@ -39,8 +39,6 @@ AC_ARG_ENABLE(static-zlib, AS_HELP_STRING(--enable-static-zlib, Link against a static zlib library. Requires --with-zlib-dir)) AC_ARG_ENABLE(static-tor, AS_HELP_STRING(--enable-static-tor, Create an entirely static Tor binary. Requires --with-openssl-dir and --with-libevent-dir and --with-zlib-dir)) -AC_ARG_ENABLE(curve25519, - AS_HELP_STRING(--disable-curve25519, Build Tor with no curve25519 elliptic-curve crypto support)) AC_ARG_ENABLE(unittests, AS_HELP_STRING(--disable-unittests, [Don't build unit tests for Tor. Risky!])) AC_ARG_ENABLE(coverage, @@ -765,101 +763,92 @@ dnl ============================================================ dnl We need an implementation of curve25519. dnl set these defaults. -have_a_curve25519=no build_curve25519_donna=no build_curve25519_donna_c64=no use_curve25519_donna=no use_curve25519_nacl=no CURVE25519_LIBS= -if test x$enable_curve25519 != xno; then +dnl The best choice is using curve25519-donna-c64, but that requires +dnl that we +AC_CACHE_CHECK([whether we can use curve25519-donna-c64], + tor_cv_can_use_curve25519_donna_c64, + [AC_RUN_IFELSE( + [AC_LANG_PROGRAM([dnl + #include + typedef unsigned uint128_t __attribute__((mode(TI))); + int func(uint64_t a, uint64_t b) { + uint128_t c = ((uint128_t)a) * b; + int ok = ((uint64_t)(c>>96)) == 522859 && + (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L && + (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L && + (((uint64_t)(c))&0xffffffffL) == 0; + return ok; + } + ], [dnl + int ok = func( ((uint64_t)2000000000) * 1000000000, + ((uint64_t)1234567890) << 24); + return !ok; + ])], + [tor_cv_can_use_curve25519_donna_c64=yes], + [tor_cv_can_use_curve25519_donna_c64=no], + [AC_LINK_IFELSE( + [AC_LANG_PROGRAM([dnl + #include + typedef unsigned uint128_t __attribute__((mode(TI))); + int func(uint64_t a, uint64_t b) { + uint128_t c = ((uint128_t)a) * b; + int ok = ((uint64_t)(c>>96)) == 522859 && + (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L && + (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L && + (((uint64_t)(c))&0xffffffffL) == 0; + return ok; + } + ], [dnl + int ok = func( ((uint64_t)2000000000) * 1000000000, + ((uint64_t)1234567890) << 24); + return !ok; + ])], + [tor_cv_can_use_curve25519_donna_c64=cross], + [tor_cv_can_use_curve25519_donna_c64=no])])]) - dnl The best choice is using curve25519-donna-c64, but that requires - dnl that we - AC_CACHE_CHECK([whether we can use curve25519-donna-c64], - tor_cv_can_use_curve25519_donna_c64, - [AC_RUN_IFELSE( - [AC_LANG_PROGRAM([dnl - #include - typedef unsigned uint128_t __attribute__((mode(TI))); - int func(uint64_t a, uint64_t b) { - uint128_t c = ((uint128_t)a) * b; - int ok = ((uint64_t)(c>>96)) == 522859 && - (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L && - (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L && - (((uint64_t)(c))&0xffffffffL) == 0; - return ok; - } - ], [dnl - int ok = func( ((uint64_t)2000000000) * 1000000000, - ((uint64_t)1234567890) << 24); - return !ok; - ])], - [tor_cv_can_use_curve25519_donna_c64=yes], - [tor_cv_can_use_curve25519_donna_c64=no], - [AC_LINK_IFELSE( - [AC_LANG_PROGRAM([dnl - #include - typedef unsigned uint128_t __attribute__((mode(TI))); - int func(uint64_t a, uint64_t b) { - uint128_t c = ((uint128_t)a) * b; - int ok = ((uint64_t)(c>>96)) == 522859 && - (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L && - (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L && - (((uint64_t)(c))&0xffffffffL) == 0; - return ok; - } - ], [dnl - int ok = func( ((uint64_t)2000000000) * 1000000000, - ((uint64_t)1234567890) << 24); - return !ok; - ])], - [tor_cv_can_use_curve25519_donna_c64=cross], - [tor_cv_can_use_curve25519_donna_c64=no])])]) +AC_CHECK_HEADERS([crypto_scalarmult_curve25519.h \ + nacl/crypto_scalarmult_curve25519.h]) - AC_CHECK_HEADERS([crypto_scalarmult_curve25519.h \ - nacl/crypto_scalarmult_curve25519.h]) +AC_CACHE_CHECK([for nacl compiled with a fast curve25519 implementation], + tor_cv_can_use_curve25519_nacl, + [tor_saved_LIBS="$LIBS" + LIBS="$LIBS -lnacl" + AC_LINK_IFELSE( + [AC_LANG_PROGRAM([dnl + #ifdef HAVE_CRYPTO_SCALARMULT_CURVE25519_H + #include + #elif defined(HAVE_NACL_CRYPTO_SCALARMULT_CURVE25519_H) + #include + #endif + #ifdef crypto_scalarmult_curve25519_ref_BYTES + #error Hey, this is the reference implementation! That's not fast. + #endif + ], [ + unsigned char *a, *b, *c; crypto_scalarmult_curve25519(a,b,c); + ])], [tor_cv_can_use_curve25519_nacl=yes], + [tor_cv_can_use_curve25519_nacl=no]) + LIBS="$tor_saved_LIBS" ]) - AC_CACHE_CHECK([for nacl compiled with a fast curve25519 implementation], - tor_cv_can_use_curve25519_nacl, - [tor_saved_LIBS="$LIBS" - LIBS="$LIBS -lnacl" - AC_LINK_IFELSE( - [AC_LANG_PROGRAM([dnl - #ifdef HAVE_CRYPTO_SCALARMULT_CURVE25519_H - #include - #elif defined(HAVE_NACL_CRYPTO_SCALARMULT_CURVE25519_H) - #include - #endif - #ifdef crypto_scalarmult_curve25519_ref_BYTES - #error Hey, this is the reference implementation! That's not fast. - #endif - ], [ - unsigned char *a, *b, *c; crypto_scalarmult_curve25519(a,b,c); - ])], [tor_cv_can_use_curve25519_nacl=yes], - [tor_cv_can_use_curve25519_nacl=no]) - LIBS="$tor_saved_LIBS" ]) + dnl Okay, now we need to figure out which one to actually use. Fall back + dnl to curve25519-donna.c - dnl Okay, now we need to figure out which one to actually use. Fall back - dnl to curve25519-donna.c + if test x$tor_cv_can_use_curve25519_donna_c64 != xno; then + build_curve25519_donna_c64=yes + use_curve25519_donna=yes + elif test x$tor_cv_can_use_curve25519_nacl = xyes; then + use_curve25519_nacl=yes + CURVE25519_LIBS=-lnacl + else + build_curve25519_donna=yes + use_curve25519_donna=yes + fi - if test x$tor_cv_can_use_curve25519_donna_c64 != xno; then - build_curve25519_donna_c64=yes - use_curve25519_donna=yes - elif test x$tor_cv_can_use_curve25519_nacl = xyes; then - use_curve25519_nacl=yes - CURVE25519_LIBS=-lnacl - else - build_curve25519_donna=yes - use_curve25519_donna=yes - fi - have_a_curve25519=yes -fi - -if test x$have_a_curve25519 = xyes; then - AC_DEFINE(CURVE25519_ENABLED, 1, - [Defined if we have a curve25519 implementation]) -fi if test x$use_curve25519_donna = xyes; then AC_DEFINE(USE_CURVE25519_DONNA, 1, [Defined if we should use an internal curve25519_donna{,_c64} implementation]) @@ -870,7 +859,6 @@ if test x$use_curve25519_nacl = xyes; then fi AM_CONDITIONAL(BUILD_CURVE25519_DONNA, test x$build_curve25519_donna = xyes) AM_CONDITIONAL(BUILD_CURVE25519_DONNA_C64, test x$build_curve25519_donna_c64 = xyes) -AM_CONDITIONAL(CURVE25519_ENABLED, test x$have_a_curve25519 = xyes) AC_SUBST(CURVE25519_LIBS) dnl Make sure to enable support for large off_t if available. diff --git a/src/common/crypto_curve25519.h b/src/common/crypto_curve25519.h index 404f99c18e..11254c85e6 100644 --- a/src/common/crypto_curve25519.h +++ b/src/common/crypto_curve25519.h @@ -30,7 +30,6 @@ typedef struct curve25519_keypair_t { curve25519_secret_key_t seckey; } curve25519_keypair_t; -#ifdef CURVE25519_ENABLED /* These functions require that we actually know how to use curve25519 keys. * The other data structures and functions in this header let us parse them, * store them, and move them around. @@ -63,7 +62,6 @@ int curve25519_rand_seckey_bytes(uint8_t *out, int extra_strong); STATIC int curve25519_impl(uint8_t *output, const uint8_t *secret, const uint8_t *basepoint); #endif -#endif #define CURVE25519_BASE64_PADDED_LEN 44 diff --git a/src/common/crypto_ed25519.h b/src/common/crypto_ed25519.h index 13b05c7c1e..1a481b4dfd 100644 --- a/src/common/crypto_ed25519.h +++ b/src/common/crypto_ed25519.h @@ -39,7 +39,6 @@ typedef struct { ed25519_secret_key_t seckey; } ed25519_keypair_t; -#ifdef CURVE25519_ENABLED int ed25519_secret_key_generate(ed25519_secret_key_t *seckey_out, int extra_strong); int ed25519_secret_key_from_seed(ed25519_secret_key_t *seckey_out, @@ -88,8 +87,6 @@ int ed25519_public_blind(ed25519_public_key_t *out, const ed25519_public_key_t *inp, const uint8_t *param); -#endif - #define ED25519_BASE64_LEN 43 int ed25519_public_from_base64(ed25519_public_key_t *pkey, diff --git a/src/common/include.am b/src/common/include.am index 5c000e86f3..6441596199 100644 --- a/src/common/include.am +++ b/src/common/include.am @@ -54,12 +54,6 @@ endif LIBDONNA += $(LIBED25519_REF10) -if CURVE25519_ENABLED -libcrypto_extra_source = \ - src/common/crypto_curve25519.c \ - src/common/crypto_ed25519.c -endif - LIBOR_A_SOURCES = \ src/common/address.c \ src/common/backtrace.c \ @@ -85,8 +79,9 @@ LIBOR_CRYPTO_A_SOURCES = \ src/common/crypto_format.c \ src/common/torgzip.c \ src/common/tortls.c \ - src/trunnel/pwbox.c \ - $(libcrypto_extra_source) + src/trunnel/pwbox.c \ + src/common/crypto_curve25519.c \ + src/common/crypto_ed25519.c LIBOR_EVENT_A_SOURCES = \ src/common/compat_libevent.c \ diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index edf7d2863e..c345ef1da0 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -59,9 +59,7 @@ static crypt_path_t *onion_next_hop_in_cpath(crypt_path_t *cpath); static int onion_extend_cpath(origin_circuit_t *circ); static int count_acceptable_nodes(smartlist_t *routers); static int onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice); -#ifdef CURVE25519_ENABLED static int circuits_can_use_ntor(void); -#endif /** This function tries to get a channel to the specified endpoint, * and then calls command_setup_channel() to give it the right @@ -368,7 +366,6 @@ circuit_rep_hist_note_result(origin_circuit_t *circ) } while (hop!=circ->cpath); } -#ifdef CURVE25519_ENABLED /** Return 1 iff at least one node in circ's cpath supports ntor. */ static int circuit_cpath_supports_ntor(const origin_circuit_t *circ) @@ -388,9 +385,6 @@ circuit_cpath_supports_ntor(const origin_circuit_t *circ) return 0; } -#else -#define circuit_cpath_supports_ntor(circ) 0 -#endif /** Pick all the entries in our cpath. Stop and return 0 when we're * happy, or return -1 if an error occurs. */ @@ -398,11 +392,7 @@ static int onion_populate_cpath(origin_circuit_t *circ) { int n_tries = 0; -#ifdef CURVE25519_ENABLED const int using_ntor = circuits_can_use_ntor(); -#else - const int using_ntor = 0; -#endif #define MAX_POPULATE_ATTEMPTS 32 @@ -772,7 +762,6 @@ circuit_timeout_want_to_count_circ(origin_circuit_t *circ) && circ->build_state->desired_path_len == DEFAULT_ROUTE_LEN; } -#ifdef CURVE25519_ENABLED /** Return true if the ntor handshake is enabled in the configuration, or if * it's been set to "auto" in the configuration and it's enabled in the * consensus. */ @@ -784,7 +773,6 @@ circuits_can_use_ntor(void) return options->UseNTorHandshake; return networkstatus_get_param(NULL, "UseNTorHandshake", 0, 0, 1); } -#endif /** Decide whether to use a TAP or ntor handshake for connecting to ei * directly, and set *cell_type_out and *handshake_type_out @@ -794,7 +782,6 @@ circuit_pick_create_handshake(uint8_t *cell_type_out, uint16_t *handshake_type_out, const extend_info_t *ei) { -#ifdef CURVE25519_ENABLED if (!tor_mem_is_zero((const char*)ei->curve25519_onion_key.public_key, CURVE25519_PUBKEY_LEN) && circuits_can_use_ntor()) { @@ -802,9 +789,6 @@ circuit_pick_create_handshake(uint8_t *cell_type_out, *handshake_type_out = ONION_HANDSHAKE_TYPE_NTOR; return; } -#else - (void) ei; -#endif *cell_type_out = CELL_CREATE; *handshake_type_out = ONION_HANDSHAKE_TYPE_TAP; @@ -2198,13 +2182,9 @@ extend_info_new(const char *nickname, const char *digest, strlcpy(info->nickname, nickname, sizeof(info->nickname)); if (onion_key) info->onion_key = crypto_pk_dup_key(onion_key); -#ifdef CURVE25519_ENABLED if (curve25519_key) memcpy(&info->curve25519_onion_key, curve25519_key, sizeof(curve25519_public_key_t)); -#else - (void)curve25519_key; -#endif tor_addr_copy(&info->addr, addr); info->port = port; return info; diff --git a/src/or/include.am b/src/or/include.am index 47bdd09901..0f53f007f0 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -23,12 +23,6 @@ else evdns_source=src/ext/eventdns.c endif -if CURVE25519_ENABLED -onion_ntor_source=src/or/onion_ntor.c -else -onion_ntor_source= -endif - LIBTOR_A_SOURCES = \ src/or/addressmap.c \ src/or/buffers.c \ @@ -82,9 +76,9 @@ LIBTOR_A_SOURCES = \ src/or/routerset.c \ src/or/statefile.c \ src/or/status.c \ + src/or/onion_ntor.c \ $(evdns_source) \ $(tor_platform_source) \ - $(onion_ntor_source) \ src/or/config_codedigest.c src_or_libtor_a_SOURCES = $(LIBTOR_A_SOURCES) diff --git a/src/or/onion.c b/src/or/onion.c index ae39f451f4..fb0044886b 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -111,15 +111,11 @@ have_room_for_onionskin(uint16_t type) (uint64_t)options->MaxOnionQueueDelay) return 0; -#ifdef CURVE25519_ENABLED /* If we support the ntor handshake, then don't let TAP handshakes use * more than 2/3 of the space on the queue. */ if (type == ONION_HANDSHAKE_TYPE_TAP && tap_usec / 1000 > (uint64_t)options->MaxOnionQueueDelay * 2 / 3) return 0; -#else - (void) type; -#endif return 1; } @@ -353,11 +349,9 @@ setup_server_onion_keys(server_onion_keys_t *keys) memset(keys, 0, sizeof(server_onion_keys_t)); memcpy(keys->my_identity, router_get_my_id_digest(), DIGEST_LEN); dup_onion_keys(&keys->onion_key, &keys->last_onion_key); -#ifdef CURVE25519_ENABLED keys->curve25519_key_map = construct_ntor_key_map(); keys->junk_keypair = tor_malloc_zero(sizeof(curve25519_keypair_t)); curve25519_keypair_generate(keys->junk_keypair, 0); -#endif } /** Release all storage held in keys, but do not free keys @@ -370,10 +364,8 @@ release_server_onion_keys(server_onion_keys_t *keys) crypto_pk_free(keys->onion_key); crypto_pk_free(keys->last_onion_key); -#ifdef CURVE25519_ENABLED ntor_key_map_free(keys->curve25519_key_map); tor_free(keys->junk_keypair); -#endif memset(keys, 0, sizeof(server_onion_keys_t)); } @@ -391,12 +383,10 @@ onion_handshake_state_release(onion_handshake_state_t *state) fast_handshake_state_free(state->u.fast); state->u.fast = NULL; break; -#ifdef CURVE25519_ENABLED case ONION_HANDSHAKE_TYPE_NTOR: ntor_handshake_state_free(state->u.ntor); state->u.ntor = NULL; break; -#endif default: log_warn(LD_BUG, "called with unknown handshake state type %d", (int)state->tag); @@ -436,7 +426,6 @@ onion_skin_create(int type, r = CREATE_FAST_LEN; break; case ONION_HANDSHAKE_TYPE_NTOR: -#ifdef CURVE25519_ENABLED if (tor_mem_is_zero((const char*)node->curve25519_onion_key.public_key, CURVE25519_PUBKEY_LEN)) return -1; @@ -447,9 +436,6 @@ onion_skin_create(int type, return -1; r = NTOR_ONIONSKIN_LEN; -#else - return -1; -#endif break; default: log_warn(LD_BUG, "called with unknown handshake state type %d", type); @@ -501,7 +487,6 @@ onion_skin_server_handshake(int type, memcpy(rend_nonce_out, reply_out+DIGEST_LEN, DIGEST_LEN); break; case ONION_HANDSHAKE_TYPE_NTOR: -#ifdef CURVE25519_ENABLED if (onionskin_len < NTOR_ONIONSKIN_LEN) return -1; { @@ -522,9 +507,6 @@ onion_skin_server_handshake(int type, tor_free(keys_tmp); r = NTOR_REPLY_LEN; } -#else - return -1; -#endif break; default: log_warn(LD_BUG, "called with unknown handshake state type %d", type); @@ -577,7 +559,6 @@ onion_skin_client_handshake(int type, memcpy(rend_authenticator_out, reply+DIGEST_LEN, DIGEST_LEN); return 0; -#ifdef CURVE25519_ENABLED case ONION_HANDSHAKE_TYPE_NTOR: if (reply_len < NTOR_REPLY_LEN) { log_warn(LD_CIRC, "ntor reply was not of the correct length."); @@ -598,7 +579,6 @@ onion_skin_client_handshake(int type, tor_free(keys_tmp); } return 0; -#endif default: log_warn(LD_BUG, "called with unknown handshake state type %d", type); tor_fragile_assert(); @@ -637,12 +617,10 @@ check_create_cell(const create_cell_t *cell, int unknown_ok) if (cell->handshake_len != CREATE_FAST_LEN) return -1; break; -#ifdef CURVE25519_ENABLED case ONION_HANDSHAKE_TYPE_NTOR: if (cell->handshake_len != NTOR_ONIONSKIN_LEN) return -1; break; -#endif default: if (! unknown_ok) return -1; diff --git a/src/or/onion.h b/src/or/onion.h index d62f032b87..362001929d 100644 --- a/src/or/onion.h +++ b/src/or/onion.h @@ -23,10 +23,8 @@ typedef struct server_onion_keys_t { uint8_t my_identity[DIGEST_LEN]; crypto_pk_t *onion_key; crypto_pk_t *last_onion_key; -#ifdef CURVE25519_ENABLED di_digest256_map_t *curve25519_key_map; curve25519_keypair_t *junk_keypair; -#endif } server_onion_keys_t; #define MAX_ONIONSKIN_CHALLENGE_LEN 255 diff --git a/src/or/onion_ntor.h b/src/or/onion_ntor.h index c942e6e0f0..349c944124 100644 --- a/src/or/onion_ntor.h +++ b/src/or/onion_ntor.h @@ -17,7 +17,6 @@ typedef struct ntor_handshake_state_t ntor_handshake_state_t; /** Length of an ntor reply, as sent from server to client. */ #define NTOR_REPLY_LEN 64 -#ifdef CURVE25519_ENABLED void ntor_handshake_state_free(ntor_handshake_state_t *state); int onion_skin_ntor_create(const uint8_t *router_id, @@ -59,5 +58,3 @@ struct ntor_handshake_state_t { #endif -#endif - diff --git a/src/or/or.h b/src/or/or.h index 3adec7a961..115b92dc94 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2554,9 +2554,7 @@ typedef struct extend_info_t { uint16_t port; /**< OR port. */ tor_addr_t addr; /**< IP address. */ crypto_pk_t *onion_key; /**< Current onionskin key. */ -#ifdef CURVE25519_ENABLED curve25519_public_key_t curve25519_onion_key; -#endif } extend_info_t; /** Certificate for v3 directory protocol: binds long-term authority identity diff --git a/src/or/router.c b/src/or/router.c index bbbf9c4b84..2a21b81a23 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -55,13 +55,11 @@ static crypto_pk_t *onionkey=NULL; /** Previous private onionskin decryption key: used to decode CREATE cells * generated by clients that have an older version of our descriptor. */ static crypto_pk_t *lastonionkey=NULL; -#ifdef CURVE25519_ENABLED /** Current private ntor secret key: used to perform the ntor handshake. */ static curve25519_keypair_t curve25519_onion_key; /** Previous private ntor secret key: used to perform the ntor handshake * with clients that have an older version of our descriptor. */ static curve25519_keypair_t last_curve25519_onion_key; -#endif /** Private server "identity key": used to sign directory info and TLS * certificates. Never changes. */ static crypto_pk_t *server_identitykey=NULL; @@ -134,7 +132,6 @@ dup_onion_keys(crypto_pk_t **key, crypto_pk_t **last) tor_mutex_release(key_lock); } -#ifdef CURVE25519_ENABLED /** Return the current secret onion key for the ntor handshake. Must only * be called from the main thread. */ static const curve25519_keypair_t * @@ -181,7 +178,6 @@ ntor_key_map_free(di_digest256_map_t *map) return; dimap_free(map, ntor_key_map_free_helper); } -#endif /** Return the time when the onion key was last set. This is either the time * when the process launched, or the time of the most recent key rotation since @@ -313,9 +309,7 @@ rotate_onion_key(void) char *fname, *fname_prev; crypto_pk_t *prkey = NULL; or_state_t *state = get_or_state(); -#ifdef CURVE25519_ENABLED curve25519_keypair_t new_curve25519_keypair; -#endif time_t now; fname = get_datadir_fname2("keys", "secret_onion_key"); fname_prev = get_datadir_fname2("keys", "secret_onion_key.old"); @@ -335,7 +329,6 @@ rotate_onion_key(void) log_err(LD_FS,"Couldn't write generated onion key to \"%s\".", fname); goto error; } -#ifdef CURVE25519_ENABLED tor_free(fname); tor_free(fname_prev); fname = get_datadir_fname2("keys", "secret_onion_key_ntor"); @@ -351,18 +344,15 @@ rotate_onion_key(void) log_err(LD_FS,"Couldn't write curve25519 onion key to \"%s\".",fname); goto error; } -#endif log_info(LD_GENERAL, "Rotating onion key"); tor_mutex_acquire(key_lock); crypto_pk_free(lastonionkey); lastonionkey = onionkey; onionkey = prkey; -#ifdef CURVE25519_ENABLED memcpy(&last_curve25519_onion_key, &curve25519_onion_key, sizeof(curve25519_keypair_t)); memcpy(&curve25519_onion_key, &new_curve25519_keypair, sizeof(curve25519_keypair_t)); -#endif now = time(NULL); state->LastRotatedOnionKey = onionkey_set_at = now; tor_mutex_release(key_lock); @@ -374,9 +364,7 @@ rotate_onion_key(void) if (prkey) crypto_pk_free(prkey); done: -#ifdef CURVE25519_ENABLED memwipe(&new_curve25519_keypair, 0, sizeof(new_curve25519_keypair)); -#endif tor_free(fname); tor_free(fname_prev); } @@ -450,7 +438,6 @@ init_key_from_file(const char *fname, int generate, int severity) return NULL; } -#ifdef CURVE25519_ENABLED /** Load a curve25519 keypair from the file fname, writing it into * keys_out. If the file isn't found and generate is true, * create a new keypair and write it into the file. If there are errors, log @@ -519,7 +506,6 @@ init_curve25519_keypair_from_file(curve25519_keypair_t *keys_out, error: return -1; } -#endif /** Try to load the vote-signing private key and certificate for being a v3 * directory authority, and make sure they match. If legacy, load a @@ -875,7 +861,6 @@ init_keys(void) } tor_free(keydir); -#ifdef CURVE25519_ENABLED { /* 2b. Load curve25519 onion keys. */ int r; @@ -896,7 +881,6 @@ init_keys(void) } tor_free(keydir); } -#endif /* 3. Initialize link key and TLS context. */ if (router_initialize_tls_context() < 0) { @@ -1806,11 +1790,9 @@ router_rebuild_descriptor(int force) ri->cache_info.published_on = time(NULL); ri->onion_pkey = crypto_pk_dup_key(get_onion_key()); /* must invoke from * main thread */ -#ifdef CURVE25519_ENABLED ri->onion_curve25519_pkey = tor_memdup(&get_current_curve25519_keypair()->pubkey, sizeof(curve25519_public_key_t)); -#endif /* For now, at most one IPv6 or-address is being advertised. */ { @@ -2389,7 +2371,6 @@ router_dump_router_to_string(routerinfo_t *router, smartlist_add_asprintf(chunks, "contact %s\n", ci); } -#ifdef CURVE25519_ENABLED if (router->onion_curve25519_pkey) { char kbuf[128]; base64_encode(kbuf, sizeof(kbuf), @@ -2397,7 +2378,6 @@ router_dump_router_to_string(routerinfo_t *router, CURVE25519_PUBKEY_LEN); smartlist_add_asprintf(chunks, "ntor-onion-key %s", kbuf); } -#endif /* Write the exit policy to the end of 's'. */ if (!router->exit_policy || !smartlist_len(router->exit_policy)) { @@ -3073,10 +3053,8 @@ router_free_all(void) crypto_pk_free(legacy_signing_key); authority_cert_free(legacy_key_certificate); -#ifdef CURVE25519_ENABLED memwipe(&curve25519_onion_key, 0, sizeof(curve25519_onion_key)); memwipe(&last_curve25519_onion_key, 0, sizeof(last_curve25519_onion_key)); -#endif if (warned_nonexistent_family) { SMARTLIST_FOREACH(warned_nonexistent_family, char *, cp, tor_free(cp)); diff --git a/src/or/router.h b/src/or/router.h index d18ff065ea..cedbc08914 100644 --- a/src/or/router.h +++ b/src/or/router.h @@ -32,10 +32,8 @@ crypto_pk_t *init_key_from_file(const char *fname, int generate, int severity); void v3_authority_check_key_expiry(void); -#ifdef CURVE25519_ENABLED di_digest256_map_t *construct_ntor_key_map(void); void ntor_key_map_free(di_digest256_map_t *map); -#endif int router_initialize_tls_context(void); int init_keys(void); diff --git a/src/test/bench.c b/src/test/bench.c index 825299835b..3a9432b137 100644 --- a/src/test/bench.c +++ b/src/test/bench.c @@ -26,10 +26,8 @@ const char tor_git_revision[] = ""; #endif #include "config.h" -#ifdef CURVE25519_ENABLED #include "crypto_curve25519.h" #include "onion_ntor.h" -#endif #include "crypto_ed25519.h" #if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_PROCESS_CPUTIME_ID) @@ -179,7 +177,6 @@ bench_onion_TAP(void) crypto_pk_free(key2); } -#ifdef CURVE25519_ENABLED static void bench_onion_ntor(void) { @@ -293,7 +290,6 @@ bench_ed25519(void) printf("Blind a public key: %.2f usec\n", MICROCOUNT(start, end, iters)); } -#endif static void bench_cell_aes(void) @@ -573,10 +569,9 @@ static struct benchmark_t benchmarks[] = { ENT(siphash), ENT(aes), ENT(onion_TAP), -#ifdef CURVE25519_ENABLED ENT(onion_ntor), ENT(ed25519), -#endif + ENT(cell_aes), ENT(cell_ops), ENT(dh), diff --git a/src/test/include.am b/src/test/include.am index 8d05b3b700..d0f3224dc5 100644 --- a/src/test/include.am +++ b/src/test/include.am @@ -80,7 +80,6 @@ noinst_HEADERS+= \ src/test/failing_routerdescs.inc \ src/test/ed25519_vectors.inc -if CURVE25519_ENABLED noinst_PROGRAMS+= src/test/test-ntor-cl src_test_test_ntor_cl_SOURCES = src/test/test_ntor_cl.c src_test_test_ntor_cl_LDFLAGS = @TOR_LDFLAGS_zlib@ @TOR_LDFLAGS_openssl@ @@ -91,9 +90,6 @@ src_test_test_ntor_cl_LDADD = src/or/libtor.a src/common/libor.a \ src_test_test_ntor_cl_AM_CPPFLAGS = \ -I"$(top_srcdir)/src/or" NTOR_TEST_DEPS=src/test/test-ntor-cl -else -NTOR_TEST_DEPS= -endif if COVERAGE_ENABLED CMDLINE_TEST_TOR = ./src/or/tor-cov @@ -113,10 +109,8 @@ src_test_test_bt_cl_CPPFLAGS= $(src_test_AM_CPPFLAGS) check-local: $(NTOR_TEST_DEPS) $(CMDLINE_TEST_TOR) if USEPYTHON $(PYTHON) $(top_srcdir)/src/test/test_cmdline_args.py $(CMDLINE_TEST_TOR) "${top_srcdir}" -if CURVE25519_ENABLED $(PYTHON) $(top_srcdir)/src/test/ntor_ref.py test-tor $(PYTHON) $(top_srcdir)/src/test/ntor_ref.py self-test -endif ./src/test/test-bt-cl assert | $(PYTHON) $(top_srcdir)/src/test/bt_test.py ./src/test/test-bt-cl crash | $(PYTHON) $(top_srcdir)/src/test/bt_test.py endif diff --git a/src/test/test.c b/src/test/test.c index 16ad6f3ae6..9878d13f0e 100644 --- a/src/test/test.c +++ b/src/test/test.c @@ -64,10 +64,8 @@ double fabs(double x); #include "rephist.h" #include "routerparse.h" #include "statefile.h" -#ifdef CURVE25519_ENABLED #include "crypto_curve25519.h" #include "onion_ntor.h" -#endif #ifdef USE_DMALLOC #include @@ -365,7 +363,6 @@ test_bad_onion_handshake(void *arg) crypto_pk_free(pk2); } -#ifdef CURVE25519_ENABLED static void test_ntor_handshake(void *arg) { @@ -417,7 +414,6 @@ test_ntor_handshake(void *arg) ntor_handshake_state_free(c_state); dimap_free(s_keymap, NULL); } -#endif /** Run unit tests for the onion queues. */ static void @@ -1267,9 +1263,7 @@ static struct testcase_t test_array[] = { ENT(onion_handshake), { "bad_onion_handshake", test_bad_onion_handshake, 0, NULL, NULL }, ENT(onion_queues), -#ifdef CURVE25519_ENABLED { "ntor_handshake", test_ntor_handshake, 0, NULL, NULL }, -#endif ENT(circuit_timeout), ENT(rend_fns), ENT(geoip), diff --git a/src/test/test_cell_formats.c b/src/test/test_cell_formats.c index 995e519163..211eebce91 100644 --- a/src/test/test_cell_formats.c +++ b/src/test/test_cell_formats.c @@ -445,7 +445,6 @@ test_cfmt_create_cells(void *arg) cell.command = CELL_CREATE2; memcpy(cell.payload, "\x00\x02\x00\x54", 4); /* ntor, 84 bytes long */ memcpy(cell.payload+4, b, NTOR_ONIONSKIN_LEN); -#ifdef CURVE25519_ENABLED tt_int_op(0, ==, create_cell_parse(&cc, &cell)); tt_int_op(CELL_CREATE2, ==, cc.cell_type); tt_int_op(ONION_HANDSHAKE_TYPE_NTOR, ==, cc.handshake_type); @@ -454,9 +453,6 @@ test_cfmt_create_cells(void *arg) tt_int_op(0, ==, create_cell_format(&cell2, &cc)); tt_int_op(cell.command, ==, cell2.command); tt_mem_op(cell.payload,==, cell2.payload, CELL_PAYLOAD_SIZE); -#else - tt_int_op(-1, ==, create_cell_parse(&cc, &cell)); -#endif /* A valid create cell with an ntor payload, in legacy format. */ memset(&cell, 0, sizeof(cell)); @@ -465,7 +461,6 @@ test_cfmt_create_cells(void *arg) cell.command = CELL_CREATE; memcpy(cell.payload, "ntorNTORntorNTOR", 16); memcpy(cell.payload+16, b, NTOR_ONIONSKIN_LEN); -#ifdef CURVE25519_ENABLED tt_int_op(0, ==, create_cell_parse(&cc, &cell)); tt_int_op(CELL_CREATE, ==, cc.cell_type); tt_int_op(ONION_HANDSHAKE_TYPE_NTOR, ==, cc.handshake_type); @@ -474,9 +469,6 @@ test_cfmt_create_cells(void *arg) tt_int_op(0, ==, create_cell_format(&cell2, &cc)); tt_int_op(cell.command, ==, cell2.command); tt_mem_op(cell.payload,==, cell2.payload, CELL_PAYLOAD_SIZE); -#else - tt_int_op(-1, ==, create_cell_parse(&cc, &cell)); -#endif /* == Okay, now let's try to parse some impossible stuff. */ diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c index 795c603fd4..45370c1635 100644 --- a/src/test/test_crypto.c +++ b/src/test/test_crypto.c @@ -11,9 +11,7 @@ #include "aes.h" #include "util.h" #include "siphash.h" -#ifdef CURVE25519_ENABLED #include "crypto_curve25519.h" -#endif #include "crypto_ed25519.h" #include "ed25519_vectors.inc" #include "crypto_s2k.h" @@ -1332,7 +1330,6 @@ test_crypto_hkdf_sha256(void *arg) #undef EXPAND } -#ifdef CURVE25519_ENABLED static void test_crypto_curve25519_impl(void *arg) { @@ -1876,7 +1873,6 @@ test_crypto_ed25519_testvectors(void *arg) done: tor_free(mem_op_hex_tmp); } -#endif /* CURVE25519_ENABLED */ static void test_crypto_siphash(void *arg) @@ -2025,7 +2021,6 @@ struct testcase_t crypto_tests[] = { CRYPTO_LEGACY(base32_decode), { "kdf_TAP", test_crypto_kdf_TAP, 0, NULL, NULL }, { "hkdf_sha256", test_crypto_hkdf_sha256, 0, NULL, NULL }, -#ifdef CURVE25519_ENABLED { "curve25519_impl", test_crypto_curve25519_impl, 0, NULL, NULL }, { "curve25519_impl_hibit", test_crypto_curve25519_impl, 0, NULL, (void*)"y"}, { "curve25519_wrappers", test_crypto_curve25519_wrappers, 0, NULL, NULL }, @@ -2037,7 +2032,6 @@ struct testcase_t crypto_tests[] = { { "ed25519_convert", test_crypto_ed25519_convert, 0, NULL, NULL }, { "ed25519_blinding", test_crypto_ed25519_blinding, 0, NULL, NULL }, { "ed25519_testvectors", test_crypto_ed25519_testvectors, 0, NULL, NULL }, -#endif { "siphash", test_crypto_siphash, 0, NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_dir.c b/src/test/test_dir.c index e03efbeff5..d17f0b7921 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -216,10 +216,8 @@ test_dir_formats(void *arg) strlcat(buf2, "signing-key\n", sizeof(buf2)); strlcat(buf2, pk1_str, sizeof(buf2)); strlcat(buf2, "hidden-service-dir\n", sizeof(buf2)); -#ifdef CURVE25519_ENABLED strlcat(buf2, "ntor-onion-key " "skyinAnvardNostarsNomoonNowindormistsorsnow=\n", sizeof(buf2)); -#endif strlcat(buf2, "accept *:80\nreject 18.0.0.0/8:24\n", sizeof(buf2)); strlcat(buf2, "router-signature\n", sizeof(buf2)); @@ -239,11 +237,9 @@ test_dir_formats(void *arg) tt_int_op(rp2->bandwidthrate,==, r2->bandwidthrate); tt_int_op(rp2->bandwidthburst,==, r2->bandwidthburst); tt_int_op(rp2->bandwidthcapacity,==, r2->bandwidthcapacity); -#ifdef CURVE25519_ENABLED tt_mem_op(rp2->onion_curve25519_pkey->public_key,==, r2->onion_curve25519_pkey->public_key, CURVE25519_PUBKEY_LEN); -#endif tt_assert(crypto_pk_cmp_keys(rp2->onion_pkey, pk2) == 0); tt_assert(crypto_pk_cmp_keys(rp2->identity_pkey, pk1) == 0); diff --git a/src/test/test_ntor_cl.c b/src/test/test_ntor_cl.c index f2b7a72ad5..873fae0a61 100644 --- a/src/test/test_ntor_cl.c +++ b/src/test/test_ntor_cl.c @@ -13,10 +13,6 @@ #include "crypto_curve25519.h" #include "onion_ntor.h" -#ifndef CURVE25519_ENABLED -#error "This isn't going to work without curve25519." -#endif - #define N_ARGS(n) STMT_BEGIN { \ if (argc < (n)) { \ fprintf(stderr, "%s needs %d arguments.\n",argv[1],n); \ diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index aa29d0ccaf..01f130781e 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -244,7 +244,6 @@ #define SHARE_DATADIR "" #define HAVE_EVENT2_DNS_H #define HAVE_EVENT_BASE_LOOPEXIT -#define CURVE25519_ENABLED #define USE_CURVE25519_DONNA #define ENUM_VALS_ARE_SIGNED 1