Move the initialization and cleanup parts of crypto.c

These are now part of crypto_init.c.  The openssl-only parts now
live in crypto_openssl_mgt.c.

I recommend reviewing this patch with -b and --color-moved.
This commit is contained in:
Nick Mathewson 2018-07-11 13:44:35 -04:00
parent 79267bad65
commit 12a1ada158
14 changed files with 353 additions and 261 deletions

View File

@ -121,6 +121,7 @@
#include "lib/evloop/compat_libevent.h" #include "lib/evloop/compat_libevent.h"
#include "lib/encoding/confline.h" #include "lib/encoding/confline.h"
#include "lib/evloop/timers.h" #include "lib/evloop/timers.h"
#include "lib/crypt_ops/crypto_init.h"
#include <event2/event.h> #include <event2/event.h>

View File

@ -55,6 +55,7 @@
#include "lib/tls/tortls.h" #include "lib/tls/tortls.h"
#include "lib/encoding/confline.h" #include "lib/encoding/confline.h"
#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_format.h"
#include "lib/crypt_ops/crypto_init.h"
/** /**
* \file router.c * \file router.c

View File

@ -38,7 +38,6 @@ DISABLE_GCC_WARNING(redundant-decls)
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/engine.h>
#include <openssl/bn.h> #include <openssl/bn.h>
#include <openssl/dh.h> #include <openssl/dh.h>
#include <openssl/conf.h> #include <openssl/conf.h>
@ -74,211 +73,6 @@ ENABLE_GCC_WARNING(redundant-decls)
#include <string.h> #include <string.h>
/** Boolean: has OpenSSL's crypto been initialized? */
static int crypto_early_initialized_ = 0;
/** Boolean: has OpenSSL's crypto been initialized? */
static int crypto_global_initialized_ = 0;
#ifndef DISABLE_ENGINES
/** Log any OpenSSL engines we're using at NOTICE. */
static void
log_engine(const char *fn, ENGINE *e)
{
if (e) {
const char *name, *id;
name = ENGINE_get_name(e);
id = ENGINE_get_id(e);
log_notice(LD_CRYPTO, "Default OpenSSL engine for %s is %s [%s]",
fn, name?name:"?", id?id:"?");
} else {
log_info(LD_CRYPTO, "Using default implementation for %s", fn);
}
}
#endif /* !defined(DISABLE_ENGINES) */
#ifndef DISABLE_ENGINES
/** Try to load an engine in a shared library via fully qualified path.
*/
static ENGINE *
try_load_engine(const char *path, const char *engine)
{
ENGINE *e = ENGINE_by_id("dynamic");
if (e) {
if (!ENGINE_ctrl_cmd_string(e, "ID", engine, 0) ||
!ENGINE_ctrl_cmd_string(e, "DIR_LOAD", "2", 0) ||
!ENGINE_ctrl_cmd_string(e, "DIR_ADD", path, 0) ||
!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) {
ENGINE_free(e);
e = NULL;
}
}
return e;
}
#endif /* !defined(DISABLE_ENGINES) */
static int have_seeded_siphash = 0;
/** Set up the siphash key if we haven't already done so. */
int
crypto_init_siphash_key(void)
{
struct sipkey key;
if (have_seeded_siphash)
return 0;
crypto_rand((char*) &key, sizeof(key));
siphash_set_global_key(&key);
have_seeded_siphash = 1;
return 0;
}
/** Initialize the crypto library. Return 0 on success, -1 on failure.
*/
int
crypto_early_init(void)
{
if (!crypto_early_initialized_) {
crypto_early_initialized_ = 1;
#ifdef OPENSSL_1_1_API
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |
OPENSSL_INIT_LOAD_CRYPTO_STRINGS |
OPENSSL_INIT_ADD_ALL_CIPHERS |
OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
#else
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
#endif
setup_openssl_threading();
unsigned long version_num = OpenSSL_version_num();
const char *version_str = OpenSSL_version(OPENSSL_VERSION);
if (version_num == OPENSSL_VERSION_NUMBER &&
!strcmp(version_str, OPENSSL_VERSION_TEXT)) {
log_info(LD_CRYPTO, "OpenSSL version matches version from headers "
"(%lx: %s).", version_num, version_str);
} else {
log_warn(LD_CRYPTO, "OpenSSL version from headers does not match the "
"version we're running with. If you get weird crashes, that "
"might be why. (Compiled with %lx: %s; running with %lx: %s).",
(unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT,
version_num, version_str);
}
crypto_force_rand_ssleay();
if (crypto_seed_rng() < 0)
return -1;
if (crypto_init_siphash_key() < 0)
return -1;
curve25519_init();
ed25519_init();
}
return 0;
}
/** Initialize the crypto library. Return 0 on success, -1 on failure.
*/
int
crypto_global_init(int useAccel, const char *accelName, const char *accelDir)
{
if (!crypto_global_initialized_) {
if (crypto_early_init() < 0)
return -1;
crypto_global_initialized_ = 1;
if (useAccel > 0) {
#ifdef DISABLE_ENGINES
(void)accelName;
(void)accelDir;
log_warn(LD_CRYPTO, "No OpenSSL hardware acceleration support enabled.");
#else
ENGINE *e = NULL;
log_info(LD_CRYPTO, "Initializing OpenSSL engine support.");
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
if (accelName) {
if (accelDir) {
log_info(LD_CRYPTO, "Trying to load dynamic OpenSSL engine \"%s\""
" via path \"%s\".", accelName, accelDir);
e = try_load_engine(accelName, accelDir);
} else {
log_info(LD_CRYPTO, "Initializing dynamic OpenSSL engine \"%s\""
" acceleration support.", accelName);
e = ENGINE_by_id(accelName);
}
if (!e) {
log_warn(LD_CRYPTO, "Unable to load dynamic OpenSSL engine \"%s\".",
accelName);
} else {
log_info(LD_CRYPTO, "Loaded dynamic OpenSSL engine \"%s\".",
accelName);
}
}
if (e) {
log_info(LD_CRYPTO, "Loaded OpenSSL hardware acceleration engine,"
" setting default ciphers.");
ENGINE_set_default(e, ENGINE_METHOD_ALL);
}
/* Log, if available, the intersection of the set of algorithms
used by Tor and the set of algorithms available in the engine */
log_engine("RSA", ENGINE_get_default_RSA());
log_engine("DH", ENGINE_get_default_DH());
#ifdef OPENSSL_1_1_API
log_engine("EC", ENGINE_get_default_EC());
#else
log_engine("ECDH", ENGINE_get_default_ECDH());
log_engine("ECDSA", ENGINE_get_default_ECDSA());
#endif /* defined(OPENSSL_1_1_API) */
log_engine("RAND", ENGINE_get_default_RAND());
log_engine("RAND (which we will not use)", ENGINE_get_default_RAND());
log_engine("SHA1", ENGINE_get_digest_engine(NID_sha1));
log_engine("3DES-CBC", ENGINE_get_cipher_engine(NID_des_ede3_cbc));
log_engine("AES-128-ECB", ENGINE_get_cipher_engine(NID_aes_128_ecb));
log_engine("AES-128-CBC", ENGINE_get_cipher_engine(NID_aes_128_cbc));
#ifdef NID_aes_128_ctr
log_engine("AES-128-CTR", ENGINE_get_cipher_engine(NID_aes_128_ctr));
#endif
#ifdef NID_aes_128_gcm
log_engine("AES-128-GCM", ENGINE_get_cipher_engine(NID_aes_128_gcm));
#endif
log_engine("AES-256-CBC", ENGINE_get_cipher_engine(NID_aes_256_cbc));
#ifdef NID_aes_256_gcm
log_engine("AES-256-GCM", ENGINE_get_cipher_engine(NID_aes_256_gcm));
#endif
#endif /* defined(DISABLE_ENGINES) */
} else {
log_info(LD_CRYPTO, "NOT using OpenSSL engine support.");
}
if (crypto_force_rand_ssleay()) {
if (crypto_seed_rng() < 0)
return -1;
}
evaluate_evp_for_aes(-1);
evaluate_ctr_for_aes();
}
return 0;
}
/** Free crypto resources held by this thread. */
void
crypto_thread_cleanup(void)
{
#ifndef NEW_THREAD_API
ERR_remove_thread_state(NULL);
#endif
}
/** Allocate and return a new symmetric cipher using the provided key and iv. /** Allocate and return a new symmetric cipher using the provided key and iv.
* The key is <b>bits</b> bits long; the IV is CIPHER_IV_LEN bytes. Both * The key is <b>bits</b> bits long; the IV is CIPHER_IV_LEN bytes. Both
* must be provided. Key length must be 128, 192, or 256 */ * must be provided. Key length must be 128, 192, or 256 */
@ -465,45 +259,3 @@ crypto_cipher_decrypt_with_iv(const char *key,
crypto_cipher_free(cipher); crypto_cipher_free(cipher);
return (int)(fromlen - CIPHER_IV_LEN); return (int)(fromlen - CIPHER_IV_LEN);
} }
/** @{ */
/** Uninitialize the crypto library. Return 0 on success. Does not detect
* failure.
*/
int
crypto_global_cleanup(void)
{
#ifndef OPENSSL_1_1_API
EVP_cleanup();
#endif
#ifndef NEW_THREAD_API
ERR_remove_thread_state(NULL);
#endif
#ifndef OPENSSL_1_1_API
ERR_free_strings();
#endif
crypto_dh_free_all();
#ifndef DISABLE_ENGINES
#ifndef OPENSSL_1_1_API
ENGINE_cleanup();
#endif
#endif
CONF_modules_unload(1);
#ifndef OPENSSL_1_1_API
CRYPTO_cleanup_all_ex_data();
#endif
crypto_openssl_free_all();
crypto_early_initialized_ = 0;
crypto_global_initialized_ = 0;
have_seeded_siphash = 0;
siphash_unset_global_key();
return 0;
}
/** @} */

View File

@ -32,16 +32,6 @@
typedef struct aes_cnt_cipher crypto_cipher_t; typedef struct aes_cnt_cipher crypto_cipher_t;
/* global state */
int crypto_init_siphash_key(void);
int crypto_early_init(void) ATTR_WUR;
int crypto_global_init(int hardwareAccel,
const char *accelName,
const char *accelPath) ATTR_WUR;
void crypto_thread_cleanup(void);
int crypto_global_cleanup(void);
/* environment setup */ /* environment setup */
crypto_cipher_t *crypto_cipher_new(const char *key); crypto_cipher_t *crypto_cipher_new(const char *key);
crypto_cipher_t *crypto_cipher_new_with_bits(const char *key, int bits); crypto_cipher_t *crypto_cipher_new_with_bits(const char *key, int bits);

View File

@ -0,0 +1,117 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
* \file crypto_init.c
*
* \brief Initialize and shut down Tor's crypto library and subsystem.
**/
#include "orconfig.h"
#include "lib/crypt_ops/crypto_init.h"
#include "lib/crypt_ops/crypto_curve25519.h"
#include "lib/crypt_ops/crypto_dh.h"
#include "lib/crypt_ops/crypto_ed25519.h"
#include "lib/crypt_ops/crypto_openssl_mgt.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "siphash.h"
/** Boolean: has OpenSSL's crypto been initialized? */
static int crypto_early_initialized_ = 0;
/** Boolean: has OpenSSL's crypto been initialized? */
static int crypto_global_initialized_ = 0;
static int have_seeded_siphash = 0;
/** Set up the siphash key if we haven't already done so. */
int
crypto_init_siphash_key(void)
{
struct sipkey key;
if (have_seeded_siphash)
return 0;
crypto_rand((char*) &key, sizeof(key));
siphash_set_global_key(&key);
have_seeded_siphash = 1;
return 0;
}
/** Initialize the crypto library. Return 0 on success, -1 on failure.
*/
int
crypto_early_init(void)
{
if (!crypto_early_initialized_) {
crypto_early_initialized_ = 1;
#ifdef ENABLE_OPENSSL
crypto_openssl_early_init();
#endif
if (crypto_seed_rng() < 0)
return -1;
if (crypto_init_siphash_key() < 0)
return -1;
curve25519_init();
ed25519_init();
}
return 0;
}
/** Initialize the crypto library. Return 0 on success, -1 on failure.
*/
int
crypto_global_init(int useAccel, const char *accelName, const char *accelDir)
{
if (!crypto_global_initialized_) {
if (crypto_early_init() < 0)
return -1;
crypto_global_initialized_ = 1;
#ifdef ENABLE_OPENSSL
return crypto_openssl_late_init(useAccel, accelName, accelDir);
#endif
}
return 0;
}
/** Free crypto resources held by this thread. */
void
crypto_thread_cleanup(void)
{
#ifndef NEW_THREAD_API
ERR_remove_thread_state(NULL);
#endif
}
/**
* Uninitialize the crypto library. Return 0 on success. Does not detect
* failure.
*/
int
crypto_global_cleanup(void)
{
crypto_dh_free_all();
#ifdef ENABLE_OPENSSL
crypto_openssl_global_cleanup();
#endif
crypto_early_initialized_ = 0;
crypto_global_initialized_ = 0;
have_seeded_siphash = 0;
siphash_unset_global_key();
return 0;
}

View File

@ -0,0 +1,28 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
* \file crypto_init.h
*
* \brief Headers for crypto_init.c
**/
#ifndef TOR_CRYPTO_INIT_H
#define TOR_CRYPTO_INIT_H
#include "orconfig.h"
#include "lib/cc/compat_compiler.h"
int crypto_init_siphash_key(void);
int crypto_early_init(void) ATTR_WUR;
int crypto_global_init(int hardwareAccel,
const char *accelName,
const char *accelPath) ATTR_WUR;
void crypto_thread_cleanup(void);
int crypto_global_cleanup(void);
#endif /* !defined(TOR_CRYPTO_H) */

View File

@ -12,8 +12,11 @@
#include "lib/crypt_ops/compat_openssl.h" #include "lib/crypt_ops/compat_openssl.h"
#include "lib/crypt_ops/crypto_openssl_mgt.h" #include "lib/crypt_ops/crypto_openssl_mgt.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/aes.h"
#include "lib/string/util_string.h" #include "lib/string/util_string.h"
#include "lib/lock/compat_mutex.h" #include "lib/lock/compat_mutex.h"
#include "lib/log/log.h"
#include "lib/testsupport/testsupport.h" #include "lib/testsupport/testsupport.h"
#include "lib/thread/threads.h" #include "lib/thread/threads.h"
@ -30,6 +33,7 @@ DISABLE_GCC_WARNING(redundant-decls)
#include <openssl/conf.h> #include <openssl/conf.h>
#include <openssl/hmac.h> #include <openssl/hmac.h>
#include <openssl/crypto.h> #include <openssl/crypto.h>
#include <openssl/ssl.h>
ENABLE_GCC_WARNING(redundant-decls) ENABLE_GCC_WARNING(redundant-decls)
@ -144,7 +148,7 @@ setup_openssl_threading(void)
} }
/** free OpenSSL variables */ /** free OpenSSL variables */
void static void
crypto_openssl_free_all(void) crypto_openssl_free_all(void)
{ {
tor_free(crypto_openssl_version_str); tor_free(crypto_openssl_version_str);
@ -164,3 +168,192 @@ crypto_openssl_free_all(void)
} }
#endif /* !defined(NEW_THREAD_API) */ #endif /* !defined(NEW_THREAD_API) */
} }
/** Perform early (pre-configuration) initialization tasks for OpenSSL. */
void
crypto_openssl_early_init(void)
{
#ifdef OPENSSL_1_1_API
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |
OPENSSL_INIT_LOAD_CRYPTO_STRINGS |
OPENSSL_INIT_ADD_ALL_CIPHERS |
OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
#else
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
#endif
setup_openssl_threading();
unsigned long version_num = OpenSSL_version_num();
const char *version_str = OpenSSL_version(OPENSSL_VERSION);
if (version_num == OPENSSL_VERSION_NUMBER &&
!strcmp(version_str, OPENSSL_VERSION_TEXT)) {
log_info(LD_CRYPTO, "OpenSSL version matches version from headers "
"(%lx: %s).", version_num, version_str);
} else {
log_warn(LD_CRYPTO, "OpenSSL version from headers does not match the "
"version we're running with. If you get weird crashes, that "
"might be why. (Compiled with %lx: %s; running with %lx: %s).",
(unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT,
version_num, version_str);
}
crypto_force_rand_ssleay();
}
#ifndef DISABLE_ENGINES
/** Try to load an engine in a shared library via fully qualified path.
*/
static ENGINE *
try_load_engine(const char *path, const char *engine)
{
ENGINE *e = ENGINE_by_id("dynamic");
if (e) {
if (!ENGINE_ctrl_cmd_string(e, "ID", engine, 0) ||
!ENGINE_ctrl_cmd_string(e, "DIR_LOAD", "2", 0) ||
!ENGINE_ctrl_cmd_string(e, "DIR_ADD", path, 0) ||
!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) {
ENGINE_free(e);
e = NULL;
}
}
return e;
}
#endif /* !defined(DISABLE_ENGINES) */
#ifndef DISABLE_ENGINES
/** Log any OpenSSL engines we're using at NOTICE. */
static void
log_engine(const char *fn, ENGINE *e)
{
if (e) {
const char *name, *id;
name = ENGINE_get_name(e);
id = ENGINE_get_id(e);
log_notice(LD_CRYPTO, "Default OpenSSL engine for %s is %s [%s]",
fn, name?name:"?", id?id:"?");
} else {
log_info(LD_CRYPTO, "Using default implementation for %s", fn);
}
}
#endif /* !defined(DISABLE_ENGINES) */
/** Initialize engines for openssl (if enabled). */
static void
crypto_openssl_init_engines(const char *accelName,
const char *accelDir)
{
#ifdef DISABLE_ENGINES
(void)accelName;
(void)accelDir;
log_warn(LD_CRYPTO, "No OpenSSL hardware acceleration support enabled.");
#else
ENGINE *e = NULL;
log_info(LD_CRYPTO, "Initializing OpenSSL engine support.");
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
if (accelName) {
if (accelDir) {
log_info(LD_CRYPTO, "Trying to load dynamic OpenSSL engine \"%s\""
" via path \"%s\".", accelName, accelDir);
e = try_load_engine(accelName, accelDir);
} else {
log_info(LD_CRYPTO, "Initializing dynamic OpenSSL engine \"%s\""
" acceleration support.", accelName);
e = ENGINE_by_id(accelName);
}
if (!e) {
log_warn(LD_CRYPTO, "Unable to load dynamic OpenSSL engine \"%s\".",
accelName);
} else {
log_info(LD_CRYPTO, "Loaded dynamic OpenSSL engine \"%s\".",
accelName);
}
}
if (e) {
log_info(LD_CRYPTO, "Loaded OpenSSL hardware acceleration engine,"
" setting default ciphers.");
ENGINE_set_default(e, ENGINE_METHOD_ALL);
}
/* Log, if available, the intersection of the set of algorithms
used by Tor and the set of algorithms available in the engine */
log_engine("RSA", ENGINE_get_default_RSA());
log_engine("DH", ENGINE_get_default_DH());
#ifdef OPENSSL_1_1_API
log_engine("EC", ENGINE_get_default_EC());
#else
log_engine("ECDH", ENGINE_get_default_ECDH());
log_engine("ECDSA", ENGINE_get_default_ECDSA());
#endif /* defined(OPENSSL_1_1_API) */
log_engine("RAND", ENGINE_get_default_RAND());
log_engine("RAND (which we will not use)", ENGINE_get_default_RAND());
log_engine("SHA1", ENGINE_get_digest_engine(NID_sha1));
log_engine("3DES-CBC", ENGINE_get_cipher_engine(NID_des_ede3_cbc));
log_engine("AES-128-ECB", ENGINE_get_cipher_engine(NID_aes_128_ecb));
log_engine("AES-128-CBC", ENGINE_get_cipher_engine(NID_aes_128_cbc));
#ifdef NID_aes_128_ctr
log_engine("AES-128-CTR", ENGINE_get_cipher_engine(NID_aes_128_ctr));
#endif
#ifdef NID_aes_128_gcm
log_engine("AES-128-GCM", ENGINE_get_cipher_engine(NID_aes_128_gcm));
#endif
log_engine("AES-256-CBC", ENGINE_get_cipher_engine(NID_aes_256_cbc));
#ifdef NID_aes_256_gcm
log_engine("AES-256-GCM", ENGINE_get_cipher_engine(NID_aes_256_gcm));
#endif
#endif /* defined(DISABLE_ENGINES) */
}
/** Perform late (post-init) initialization tasks for OpenSSL */
int
crypto_openssl_late_init(int useAccel, const char *accelName,
const char *accelDir)
{
if (useAccel > 0) {
crypto_openssl_init_engines(accelName, accelDir);
} else {
log_info(LD_CRYPTO, "NOT using OpenSSL engine support.");
}
if (crypto_force_rand_ssleay()) {
if (crypto_seed_rng() < 0)
return -1;
}
evaluate_evp_for_aes(-1);
evaluate_ctr_for_aes();
return 0;
}
/** Clean up global resources held by openssl. */
void
crypto_openssl_global_cleanup(void)
{
#ifndef OPENSSL_1_1_API
EVP_cleanup();
#endif
#ifndef NEW_THREAD_API
ERR_remove_thread_state(NULL);
#endif
#ifndef OPENSSL_1_1_API
ERR_free_strings();
#endif
#ifndef DISABLE_ENGINES
#ifndef OPENSSL_1_1_API
ENGINE_cleanup();
#endif
#endif
CONF_modules_unload(1);
#ifndef OPENSSL_1_1_API
CRYPTO_cleanup_all_ex_data();
#endif
crypto_openssl_free_all();
}

View File

@ -76,7 +76,10 @@ const char * crypto_openssl_get_header_version_str(void);
/* OpenSSL threading setup function */ /* OpenSSL threading setup function */
int setup_openssl_threading(void); int setup_openssl_threading(void);
/* Tor OpenSSL utility functions */ void crypto_openssl_early_init(void);
void crypto_openssl_free_all(void); int crypto_openssl_late_init(int useAccel, const char *accelName,
const char *accelDir);
void crypto_openssl_global_cleanup(void);
#endif /* !defined(TOR_CRYPTO_OPENSSL_H) */ #endif /* !defined(TOR_CRYPTO_OPENSSL_H) */

View File

@ -14,6 +14,7 @@ src_lib_libtor_crypt_ops_a_SOURCES = \
src/lib/crypt_ops/crypto_ed25519.c \ src/lib/crypt_ops/crypto_ed25519.c \
src/lib/crypt_ops/crypto_format.c \ src/lib/crypt_ops/crypto_format.c \
src/lib/crypt_ops/crypto_hkdf.c \ src/lib/crypt_ops/crypto_hkdf.c \
src/lib/crypt_ops/crypto_init.c \
src/lib/crypt_ops/crypto_openssl_mgt.c \ src/lib/crypt_ops/crypto_openssl_mgt.c \
src/lib/crypt_ops/crypto_pwbox.c \ src/lib/crypt_ops/crypto_pwbox.c \
src/lib/crypt_ops/crypto_rand.c \ src/lib/crypt_ops/crypto_rand.c \
@ -40,6 +41,7 @@ noinst_HEADERS += \
src/lib/crypt_ops/crypto_format.h \ src/lib/crypt_ops/crypto_format.h \
src/lib/crypt_ops/crypto.h \ src/lib/crypt_ops/crypto.h \
src/lib/crypt_ops/crypto_hkdf.h \ src/lib/crypt_ops/crypto_hkdf.h \
src/lib/crypt_ops/crypto_init.h \
src/lib/crypt_ops/crypto_openssl_mgt.h \ src/lib/crypt_ops/crypto_openssl_mgt.h \
src/lib/crypt_ops/crypto_pwbox.h \ src/lib/crypt_ops/crypto_pwbox.h \
src/lib/crypt_ops/crypto_rand.h \ src/lib/crypt_ops/crypto_rand.h \

View File

@ -33,6 +33,7 @@
#include "core/or/or_circuit_st.h" #include "core/or/or_circuit_st.h"
#include "lib/crypt_ops/digestset.h" #include "lib/crypt_ops/digestset.h"
#include "lib/crypt_ops/crypto_init.h"
#if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_PROCESS_CPUTIME_ID) #if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_PROCESS_CPUTIME_ID)
static uint64_t nanostart; static uint64_t nanostart;

View File

@ -16,6 +16,7 @@
#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_format.h"
#include "lib/crypt_ops/crypto_hkdf.h" #include "lib/crypt_ops/crypto_hkdf.h"
#include "lib/crypt_ops/crypto_rand.h" #include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_init.h"
#include "ed25519_vectors.inc" #include "ed25519_vectors.inc"
#ifdef HAVE_SYS_STAT_H #ifdef HAVE_SYS_STAT_H

View File

@ -12,6 +12,7 @@
#include "lib/net/alertsock.h" #include "lib/net/alertsock.h"
#include "lib/evloop/compat_libevent.h" #include "lib/evloop/compat_libevent.h"
#include "lib/intmath/weakrng.h" #include "lib/intmath/weakrng.h"
#include "lib/crypt_ops/crypto_init.h"
#include <stdio.h> #include <stdio.h>

View File

@ -23,6 +23,7 @@
#include "core/mainloop/main.h" #include "core/mainloop/main.h"
#include "lib/compress/compress.h" #include "lib/compress/compress.h"
#include "lib/evloop/compat_libevent.h" #include "lib/evloop/compat_libevent.h"
#include "lib/crypt_ops/crypto_init.h"
#include <stdio.h> #include <stdio.h>
#ifdef HAVE_FCNTL_H #ifdef HAVE_FCNTL_H

View File

@ -14,6 +14,7 @@
#endif #endif
#include "lib/cc/compat_compiler.h" #include "lib/cc/compat_compiler.h"
#include "lib/crypt_ops/crypto_init.h"
/* Some versions of OpenSSL declare X509_STORE_CTX_set_verify_cb twice in /* Some versions of OpenSSL declare X509_STORE_CTX_set_verify_cb twice in
* x509.h and x509_vfy.h. Suppress the GCC warning so we can build with * x509.h and x509_vfy.h. Suppress the GCC warning so we can build with