Refactor the heck out of crypto interface: admit that we will stick with one ciphersuite at a time, make const things const, and stop putting openssl in the headers.

svn:r1458
This commit is contained in:
Nick Mathewson 2004-04-03 02:40:30 +00:00
parent 3dc3d0c4cc
commit 137b577bbd
15 changed files with 380 additions and 623 deletions

View File

@ -67,7 +67,7 @@ _aes_fill_buf(aes_cnt_cipher_t *cipher)
aes_cnt_cipher_t*
aes_new_cipher()
{
aes_cnt_cipher_t* result = (aes_cnt_cipher_t*) tor_malloc(sizeof(aes_cnt_cipher_t));
aes_cnt_cipher_t* result = tor_malloc(sizeof(aes_cnt_cipher_t));
memset(result->rk, 0, 4*(MAXNR+1));
memset(result->buf, 0, 16);
@ -75,7 +75,7 @@ aes_new_cipher()
}
void
aes_set_key(aes_cnt_cipher_t *cipher, unsigned char *key, int key_bits)
aes_set_key(aes_cnt_cipher_t *cipher, const unsigned char *key, int key_bits)
{
cipher->nr = rijndaelKeySetupEnc(cipher->rk, key, key_bits);
cipher->counter0 = 0;
@ -93,7 +93,7 @@ aes_free_cipher(aes_cnt_cipher_t *cipher)
}
void
aes_crypt(aes_cnt_cipher_t *cipher, char *input, int len, char *output)
aes_crypt(aes_cnt_cipher_t *cipher, const char *input, int len, char *output)
{
int c = cipher->pos;
if (!len) return;

View File

@ -14,8 +14,8 @@ typedef struct aes_cnt_cipher aes_cnt_cipher_t;
aes_cnt_cipher_t* aes_new_cipher();
void aes_free_cipher(aes_cnt_cipher_t *cipher);
void aes_set_key(aes_cnt_cipher_t *cipher, unsigned char *key, int key_bits);
void aes_crypt(aes_cnt_cipher_t *cipher, char *input, int len, char *output);
void aes_set_key(aes_cnt_cipher_t *cipher, const unsigned char *key, int key_bits);
void aes_crypt(aes_cnt_cipher_t *cipher, const char *input, int len, char *output);
uint64_t aes_get_counter(aes_cnt_cipher_t *cipher);
void aes_set_counter(aes_cnt_cipher_t *cipher, uint64_t counter);
void aes_adjust_counter(aes_cnt_cipher_t *cipher, long delta);

File diff suppressed because it is too large Load Diff

View File

@ -6,35 +6,32 @@
#define __CRYPTO_H
#include <stdio.h>
#include <openssl/rsa.h>
#include <openssl/dh.h>
/* available encryption primitives */
#define CRYPTO_CIPHER_IDENTITY 0
#define CRYPTO_CIPHER_DES 1
#define CRYPTO_CIPHER_RC4 2
#define CRYPTO_CIPHER_3DES 3
#define CRYPTO_CIPHER_AES_CTR 4
#define DIGEST_LEN 20
#define CIPHER_KEY_LEN 16
#define CIPHER_IV_LEN 0
#define PK_BITS 1024
#define PK_BYTES (PK_BITS/8)
#define CRYPTO_DH_SIZE (1024 / 8)
#define CRYPTO_PK_RSA 0
#define CRYPTO_SHA1_DIGEST 0
#define CRYPTO_SHA1_DIGEST_LEN 20
#define PK_NO_PADDING 60000
#define PK_PKCS1_PADDING 60001
#define PK_PKCS1_OAEP_PADDING 60002
typedef struct crypto_pk_env_t crypto_pk_env_t;
typedef struct crypto_cipher_env_t crypto_cipher_env_t;
typedef struct crypto_digest_env_t crypto_digest_env_t;
typedef struct crypto_dh_env_t crypto_dh_env_t;
/* global state */
int crypto_global_init();
int crypto_global_cleanup();
/* environment setup */
crypto_pk_env_t *crypto_new_pk_env(int type);
crypto_pk_env_t *crypto_new_pk_env(void);
void crypto_free_pk_env(crypto_pk_env_t *env);
crypto_cipher_env_t *crypto_new_cipher_env(int type);
crypto_cipher_env_t *crypto_new_cipher_env(void);
void crypto_free_cipher_env(crypto_cipher_env_t *env);
/* public key crypto */
@ -50,23 +47,22 @@ int crypto_pk_write_public_key_to_file(crypto_pk_env_t *env, FILE *dest);
int crypto_pk_check_key(crypto_pk_env_t *env);
int crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env, const char *keyfile);
int crypto_pk_set_key(crypto_pk_env_t *env, unsigned char *key);
int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b);
crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *orig);
int crypto_pk_keysize(crypto_pk_env_t *env);
int crypto_pk_public_encrypt(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to, int padding);
int crypto_pk_private_decrypt(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to, int padding);
int crypto_pk_private_sign(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to);
int crypto_pk_private_sign_digest(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to);
int crypto_pk_public_checksig(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to);
int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, unsigned char *data, int datalen, unsigned char *sig, int siglen);
int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env, unsigned char *from,
int fromlen, unsigned char *to,
int padding);
int crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env, unsigned char *from,
int fromlen, unsigned char *to,
int padding);
int crypto_pk_public_encrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to, int padding);
int crypto_pk_private_decrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to, int padding);
int crypto_pk_private_sign(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to);
int crypto_pk_private_sign_digest(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to);
int crypto_pk_public_checksig(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to);
int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const unsigned char *data, int datalen, unsigned char *sig, int siglen);
int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
const unsigned char *from, int fromlen,
unsigned char *to, int padding);
int crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
const unsigned char *from, int fromlen,
unsigned char *to,int padding);
#define FINGERPRINT_LEN 49
int crypto_pk_asn1_encode(crypto_pk_env_t *pk, char *dest, int dest_len);
@ -81,43 +77,37 @@ int base64_decode(char *dest, int destlen, const char *src, int srclen);
int base32_encode(char *dest, int destlen, const char *src, int srclen);
/* Key negotiation */
typedef struct crypto_dh_env_st {
DH *dh;
} crypto_dh_env_t;
/* #define CRYPTO_DH_SIZE (1536 / 8) */
#define CRYPTO_DH_SIZE (1024 / 8)
crypto_dh_env_t *crypto_dh_new();
int crypto_dh_get_bytes(crypto_dh_env_t *dh);
int crypto_dh_generate_public(crypto_dh_env_t *dh);
int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey_out,
int pubkey_out_len);
int crypto_dh_compute_secret(crypto_dh_env_t *dh,
char *pubkey, int pubkey_len,
const char *pubkey, int pubkey_len,
char *secret_out, int secret_out_len);
void crypto_dh_free(crypto_dh_env_t *dh);
/* symmetric crypto */
int crypto_cipher_generate_key(crypto_cipher_env_t *env);
int crypto_cipher_set_iv(crypto_cipher_env_t *env, unsigned char *iv);
int crypto_cipher_set_key(crypto_cipher_env_t *env, unsigned char *key);
int crypto_cipher_set_iv(crypto_cipher_env_t *env, const unsigned char *iv);
int crypto_cipher_set_key(crypto_cipher_env_t *env, const unsigned char *key);
int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env);
int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env);
unsigned char *crypto_cipher_get_key(crypto_cipher_env_t *env);
const unsigned char *crypto_cipher_get_key(crypto_cipher_env_t *env);
int crypto_cipher_encrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to);
int crypto_cipher_decrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to);
int crypto_cipher_encrypt(crypto_cipher_env_t *env, const unsigned char *from, unsigned int fromlen, unsigned char *to);
int crypto_cipher_decrypt(crypto_cipher_env_t *env, const unsigned char *from, unsigned int fromlen, unsigned char *to);
/* only implemented for CRYPTO_CIPHER_AES_CTR */
int crypto_cipher_rewind(crypto_cipher_env_t *env, long delta);
int crypto_cipher_advance(crypto_cipher_env_t *env, long delta);
/* convenience function: wraps crypto_create_crypto_env, set_key, set_iv, and init. */
crypto_cipher_env_t *crypto_create_init_cipher(int cipher_type, char *key, char *iv, int encrypt_mode);
crypto_cipher_env_t *crypto_create_init_cipher(const char *key, const char *iv, int encrypt_mode);
/* SHA-1 */
int crypto_SHA_digest(const unsigned char *m, int len, unsigned char *digest);
crypto_digest_env_t *crypto_new_digest_env(int type);
int crypto_digest(const unsigned char *m, int len, unsigned char *digest);
crypto_digest_env_t *crypto_new_digest_env();
void crypto_free_digest_env(crypto_digest_env_t *digest);
void crypto_digest_add_bytes(crypto_digest_env_t *digest, const char *data,
size_t len);
@ -134,5 +124,13 @@ void crypto_pseudo_rand(unsigned int n, unsigned char *to);
int crypto_pseudo_rand_int(unsigned int max);
/* errors */
char *crypto_perror();
const char *crypto_perror();
#endif
/*
Local Variables:
mode:c
indent-tabs-mode:nil
c-basic-offset:2
End:
*/

View File

@ -3,6 +3,8 @@
/* $Id$ */
#include "../or/or.h"
#include <stdarg.h>
#ifdef MS_WINDOWS
#define vsnprintf _vsnprintf
#endif

View File

@ -55,6 +55,7 @@ static int tls_library_is_initialized = 0;
/* These functions are declared in crypto.c but not exported. */
EVP_PKEY *_crypto_pk_env_get_evp_pkey(crypto_pk_env_t *env);
crypto_pk_env_t *_crypto_new_pk_env_rsa(RSA *rsa);
DH *_crypto_dh_env_get_dh(crypto_dh_env_t *dh);
static void
tls_log_errors(int severity, const char *doing)
@ -261,7 +262,7 @@ tor_tls_context_new(crypto_pk_env_t *rsa,
}
}
dh = crypto_dh_new();
SSL_CTX_set_tmp_dh(result->ctx, dh->dh);
SSL_CTX_set_tmp_dh(result->ctx, _crypto_dh_env_get_dh(dh));
crypto_dh_free(dh);
SSL_CTX_set_verify(result->ctx, SSL_VERIFY_PEER,
always_accept_verify_cb);

View File

@ -354,7 +354,7 @@ circuit_t *circuit_get_next_by_pk_and_purpose(circuit_t *start,
continue;
if (circ->purpose != purpose)
continue;
if (!memcmp(circ->rend_pk_digest, digest, CRYPTO_SHA1_DIGEST_LEN))
if (!memcmp(circ->rend_pk_digest, digest, DIGEST_LEN))
return circ;
}
return NULL;
@ -1373,29 +1373,27 @@ int circuit_extend(cell_t *cell, circuit_t *circ) {
*/
int circuit_init_cpath_crypto(crypt_path_t *cpath, char *key_data)
{
unsigned char iv[16];
unsigned char iv[CIPHER_IV_LEN];
assert(cpath && key_data);
assert(!(cpath->f_crypto || cpath->b_crypto ||
cpath->f_digest || cpath->b_digest));
memset(iv, 0, 16);
memset(iv, 0, CIPHER_IV_LEN);
log_fn(LOG_DEBUG,"hop init digest forward 0x%.8x, backward 0x%.8x.",
(unsigned int)*(uint32_t*)key_data, (unsigned int)*(uint32_t*)(key_data+20));
cpath->f_digest = crypto_new_digest_env(CRYPTO_SHA1_DIGEST);
crypto_digest_add_bytes(cpath->f_digest, key_data, 20);
cpath->b_digest = crypto_new_digest_env(CRYPTO_SHA1_DIGEST);
crypto_digest_add_bytes(cpath->b_digest, key_data+20, 20);
cpath->f_digest = crypto_new_digest_env();
crypto_digest_add_bytes(cpath->f_digest, key_data, DIGEST_LEN);
cpath->b_digest = crypto_new_digest_env();
crypto_digest_add_bytes(cpath->b_digest, key_data+DIGEST_LEN, DIGEST_LEN);
log_fn(LOG_DEBUG,"hop init cipher forward 0x%.8x, backward 0x%.8x.",
(unsigned int)*(uint32_t*)(key_data+40), (unsigned int)*(uint32_t*)(key_data+40+16));
if (!(cpath->f_crypto =
crypto_create_init_cipher(CIRCUIT_CIPHER,key_data+40,iv,1))) {
(unsigned int)*(uint32_t*)(key_data+40), (unsigned int)*(uint32_t*)(key_data+40+16));
if (!(cpath->f_crypto = crypto_create_init_cipher(key_data+40,iv,1))) {
log(LOG_WARN,"forward cipher initialization failed.");
return -1;
}
if (!(cpath->b_crypto =
crypto_create_init_cipher(CIRCUIT_CIPHER,key_data+40+16,iv,0))) {
if (!(cpath->b_crypto = crypto_create_init_cipher(key_data+40+16,iv,0))) {
log(LOG_WARN,"backward cipher initialization failed.");
return -1;
}
@ -1429,7 +1427,7 @@ int circuit_finish_handshake(circuit_t *circ, char *reply) {
crypto_dh_free(hop->handshake_state); /* don't need it anymore */
hop->handshake_state = NULL;
/* Remember hash of g^xy */
memcpy(hop->handshake_digest, reply+DH_KEY_LEN, CRYPTO_SHA1_DIGEST_LEN);
memcpy(hop->handshake_digest, reply+DH_KEY_LEN, DIGEST_LEN);
if (circuit_init_cpath_crypto(hop, keys)<0) {
return -1;

View File

@ -122,10 +122,10 @@ void onion_pending_remove(circuit_t *circ) {
/* given a response payload and keys, initialize, then send a created cell back */
int onionskin_answer(circuit_t *circ, unsigned char *payload, unsigned char *keys) {
unsigned char iv[16];
unsigned char iv[CIPHER_IV_LEN];
cell_t cell;
memset(iv, 0, 16);
memset(iv, 0, CIPHER_IV_LEN);
memset(&cell, 0, sizeof(cell_t));
cell.command = CELL_CREATED;
@ -139,25 +139,23 @@ int onionskin_answer(circuit_t *circ, unsigned char *payload, unsigned char *key
log_fn(LOG_INFO,"init digest forward 0x%.8x, backward 0x%.8x.",
(unsigned int)*(uint32_t*)(keys), (unsigned int)*(uint32_t*)(keys+20));
circ->n_digest = crypto_new_digest_env(CRYPTO_SHA1_DIGEST);
crypto_digest_add_bytes(circ->n_digest, keys, 20);
circ->p_digest = crypto_new_digest_env(CRYPTO_SHA1_DIGEST);
crypto_digest_add_bytes(circ->p_digest, keys+20, 20);
circ->n_digest = crypto_new_digest_env();
crypto_digest_add_bytes(circ->n_digest, keys, DIGEST_LEN);
circ->p_digest = crypto_new_digest_env();
crypto_digest_add_bytes(circ->p_digest, keys+DIGEST_LEN, DIGEST_LEN);
log_fn(LOG_DEBUG,"init cipher forward 0x%.8x, backward 0x%.8x.",
(unsigned int)*(uint32_t*)(keys+40), (unsigned int)*(uint32_t*)(keys+40+16));
if (!(circ->n_crypto =
crypto_create_init_cipher(CIRCUIT_CIPHER,keys+40,iv,0))) {
if (!(circ->n_crypto = crypto_create_init_cipher(keys+40,iv,0))) {
log_fn(LOG_WARN,"Cipher initialization failed (n).");
return -1;
}
if (!(circ->p_crypto =
crypto_create_init_cipher(CIRCUIT_CIPHER,keys+40+16,iv,1))) {
if (!(circ->p_crypto = crypto_create_init_cipher(keys+40+16,iv,1))) {
log_fn(LOG_WARN,"Cipher initialization failed (p).");
return -1;
}
memcpy(circ->handshake_digest, cell.payload+DH_KEY_LEN, CRYPTO_SHA1_DIGEST_LEN);
memcpy(circ->handshake_digest, cell.payload+DH_KEY_LEN, DIGEST_LEN);
connection_or_write_cell_to_buf(&cell, circ->p_conn);
log_fn(LOG_DEBUG,"Finished sending 'created' cell.");
@ -605,13 +603,13 @@ onion_skin_create(crypto_pk_env_t *dest_router_key,
/* set meeting point, meeting cookie, etc here. Leave zero for now. */
cipher = crypto_create_init_cipher(ONION_CIPHER, challenge, iv, 1);
cipher = crypto_create_init_cipher(challenge, iv, 1);
if (!cipher)
goto err;
if (crypto_pk_public_encrypt(dest_router_key, challenge, pkbytes,
onion_skin_out, RSA_NO_PADDING)==-1)
onion_skin_out, PK_NO_PADDING)==-1)
goto err;
if (crypto_cipher_encrypt(cipher, challenge+pkbytes, ONIONSKIN_CHALLENGE_LEN-pkbytes,
@ -655,7 +653,7 @@ onion_skin_server_handshake(char *onion_skin, /* ONIONSKIN_CHALLENGE_LEN bytes *
if (crypto_pk_private_decrypt(private_key,
onion_skin, pkbytes,
challenge, RSA_NO_PADDING) == -1)
challenge, PK_NO_PADDING) == -1)
goto err;
#ifdef DEBUG_ONION_SKINS
@ -664,7 +662,7 @@ onion_skin_server_handshake(char *onion_skin, /* ONIONSKIN_CHALLENGE_LEN bytes *
puts("");
#endif
cipher = crypto_create_init_cipher(ONION_CIPHER, challenge, iv, 0);
cipher = crypto_create_init_cipher(challenge, iv, 0);
if (crypto_cipher_decrypt(cipher, onion_skin+pkbytes, ONIONSKIN_CHALLENGE_LEN-pkbytes,
challenge+pkbytes))

View File

@ -251,13 +251,6 @@
/* Reasons used by connection_mark_for_close */
#define CLOSE_REASON_UNUSED_OR_CONN 100
/* default cipher function */
#define DEFAULT_CIPHER CRYPTO_CIPHER_AES_CTR
/* Used to en/decrypt onion skins */
#define ONION_CIPHER DEFAULT_CIPHER
/* Used to en/decrypt RELAY cells */
#define CIRCUIT_CIPHER DEFAULT_CIPHER
#define CELL_DIRECTION_IN 1
#define CELL_DIRECTION_OUT 2
#define EDGE_EXIT CONN_TYPE_EXIT
@ -482,7 +475,7 @@ struct crypt_path_t {
crypto_digest_env_t *b_digest;
crypto_dh_env_t *handshake_state;
char handshake_digest[CRYPTO_SHA1_DIGEST_LEN];/* KH in tor-spec.txt */
char handshake_digest[DIGEST_LEN];/* KH in tor-spec.txt */
uint32_t addr;
uint16_t port;
@ -501,7 +494,7 @@ struct crypt_path_t {
#define DH_KEY_LEN CRYPTO_DH_SIZE
#define ONIONSKIN_CHALLENGE_LEN (16+DH_KEY_LEN)
#define ONIONSKIN_REPLY_LEN (DH_KEY_LEN+20)
#define REND_COOKIE_LEN CRYPTO_SHA1_DIGEST_LEN
#define REND_COOKIE_LEN DIGEST_LEN
typedef struct crypt_path_t crypt_path_t;
@ -545,7 +538,7 @@ struct circuit_t {
crypt_path_t *cpath;
char onionskin[ONIONSKIN_CHALLENGE_LEN]; /* for storage while onionskin pending */
char handshake_digest[CRYPTO_SHA1_DIGEST_LEN]; /* Stores KH for intermediate hops */
char handshake_digest[DIGEST_LEN]; /* Stores KH for intermediate hops */
time_t timestamp_created;
time_t timestamp_dirty; /* when the circuit was first used, or 0 if clean */
@ -563,7 +556,7 @@ struct circuit_t {
/* rend_pk_digest holds a hash of location-hidden service's PK if
* purpose is INTRO_POINT or S_ESTABLISH_INTRO or S_RENDEZVOUSING
*/
char rend_pk_digest[CRYPTO_SHA1_DIGEST_LEN];
char rend_pk_digest[DIGEST_LEN];
/* Holds rendezvous cookie if purpose is REND_POINT_WAITING or
* C_ESTABLISH_REND. Filled with zeroes otherwise.

View File

@ -112,7 +112,7 @@ rend_service_descriptor_t *rend_parse_service_descriptor(
int rend_get_service_id(crypto_pk_env_t *pk, char *out)
{
char buf[CRYPTO_SHA1_DIGEST_LEN];
char buf[DIGEST_LEN];
assert(pk);
if (crypto_pk_get_digest(pk, buf) < 0)
return -1;

View File

@ -42,7 +42,7 @@ rend_mid_establish_intro(circuit_t *circ, char *request, int request_len)
/* Next 20 bytes: Hash of handshake_digest | "INTRODUCE" */
memcpy(buf, circ->handshake_digest, 20);
memcpy(buf+20, "INTRODUCE", 9);
if (crypto_SHA_digest(buf, 29, expected_digest)<0) {
if (crypto_digest(buf, 29, expected_digest)<0) {
log_fn(LOG_WARN, "Error computing digest");
goto err;
}

View File

@ -352,7 +352,7 @@ rend_service_introduce(circuit_t *circuit, char *request, int request_len)
}
/* Next N bytes is encrypted with service key */
len = crypto_pk_private_hybrid_decrypt(
service->private_key,request,request_len-20,buf, RSA_PKCS1_PADDING);
service->private_key,request,request_len-20,buf, PK_PKCS1_PADDING);
if (len<0) {
log_fn(LOG_WARN, "Couldn't decrypt INTRODUCE2 cell");
return -1;
@ -404,7 +404,7 @@ rend_service_introduce(circuit_t *circuit, char *request, int request_len)
assert(launched->build_state);
/* Fill in the circuit's state. */
memcpy(launched->rend_pk_digest, circuit->rend_pk_digest,
CRYPTO_SHA1_DIGEST_LEN);
DIGEST_LEN);
memcpy(launched->rend_cookie, r_cookie, REND_COOKIE_LEN);
launched->build_state->pending_final_cpath = cpath =
tor_malloc_zero(sizeof(crypt_path_t));
@ -442,7 +442,7 @@ rend_service_launch_establish_intro(rend_service_t *service, char *nickname)
nickname);
return -1;
}
memcpy(launched->rend_pk_digest, service->pk_digest, CRYPTO_SHA1_DIGEST_LEN);
memcpy(launched->rend_pk_digest, service->pk_digest, DIGEST_LEN);
return 0;
}
@ -456,7 +456,7 @@ rend_service_intro_is_ready(circuit_t *circuit)
rend_service_t *service;
int len, r;
char buf[RELAY_PAYLOAD_SIZE];
char auth[CRYPTO_SHA1_DIGEST_LEN + 10];
char auth[DIGEST_LEN + 10];
char hexid[9];
assert(circuit->purpose == CIRCUIT_PURPOSE_S_ESTABLISH_INTRO);
@ -479,9 +479,9 @@ rend_service_intro_is_ready(circuit_t *circuit)
RELAY_PAYLOAD_SIZE-2);
set_uint16(buf, len);
len += 2;
memcpy(auth, circuit->cpath->prev->handshake_digest, CRYPTO_SHA1_DIGEST_LEN);
memcpy(auth+CRYPTO_SHA1_DIGEST_LEN, "INTRODUCE", 9);
if (crypto_SHA_digest(auth, CRYPTO_SHA1_DIGEST_LEN+9, buf+len))
memcpy(auth, circuit->cpath->prev->handshake_digest, DIGEST_LEN);
memcpy(auth+DIGEST_LEN, "INTRODUCE", 9);
if (crypto_digest(auth, DIGEST_LEN+9, buf+len))
goto err;
len += 20;
r = crypto_pk_private_sign_digest(service->private_key, buf, len, buf+len);
@ -543,7 +543,7 @@ rend_service_rendezvous_is_ready(circuit_t *circuit)
goto err;
}
memcpy(buf+REND_COOKIE_LEN+DH_KEY_LEN, hop->handshake_digest,
CRYPTO_SHA1_DIGEST_LEN);
DIGEST_LEN);
/* Send the cell */
if (connection_edge_send_command(NULL, circuit, RELAY_COMMAND_RENDEZVOUS1,

View File

@ -54,7 +54,7 @@ crypto_pk_env_t *init_key_from_file(const char *fname)
int fd = -1;
FILE *file = NULL;
if (!(prkey = crypto_new_pk_env(CRYPTO_PK_RSA))) {
if (!(prkey = crypto_new_pk_env())) {
log(LOG_ERR, "Error creating crypto environment.");
goto error;
}

View File

@ -1356,7 +1356,7 @@ get_next_token(const char **s, where_syntax where) {
if (strncmp(next, "-----END RSA PUBLIC KEY-----\n", 29))
RET_ERR("Malformed object: mismatched end line");
next = strchr(next,'\n')+1;
tok->key = crypto_new_pk_env(CRYPTO_PK_RSA);
tok->key = crypto_new_pk_env();
if (crypto_pk_read_public_key_from_string(tok->key, obstart, next-obstart))
RET_ERR("Couldn't parse public key.");
*s = next;
@ -1490,7 +1490,7 @@ static int router_get_hash_impl(const char *s, char *digest,
}
++end;
if (crypto_SHA_digest(start, end-start, digest)) {
if (crypto_digest(start, end-start, digest)) {
log_fn(LOG_WARN,"couldn't compute digest");
return -1;
}

View File

@ -243,12 +243,6 @@ test_crypto()
char *data1, *data2, *data3, *cp;
FILE *f;
int i, j, p, len;
int str_ciphers[] = { CRYPTO_CIPHER_IDENTITY,
CRYPTO_CIPHER_DES,
CRYPTO_CIPHER_RC4,
CRYPTO_CIPHER_3DES,
CRYPTO_CIPHER_AES_CTR,
-1 };
data1 = tor_malloc(1024);
data2 = tor_malloc(1024);
@ -261,6 +255,7 @@ test_crypto()
crypto_rand(100, data2);
test_memneq(data1,data2,100);
#if 0
/* Try out identity ciphers. */
env1 = crypto_new_cipher_env(CRYPTO_CIPHER_IDENTITY);
test_neq(env1, 0);
@ -273,90 +268,82 @@ test_crypto()
crypto_cipher_encrypt(env1, data1, 1024, data2);
test_memeq(data1, data2, 1024);
crypto_free_cipher_env(env1);
#endif
/* Now, test encryption and decryption with stream ciphers. */
/* Now, test encryption and decryption with stream cipher. */
data1[0]='\0';
for(i = 1023; i>0; i -= 35)
strncat(data1, "Now is the time for all good onions", i);
for(i=0; str_ciphers[i] >= 0; ++i) {
/* For each cipher... */
memset(data2, 0, 1024);
memset(data3, 0, 1024);
env1 = crypto_new_cipher_env(str_ciphers[i]);
test_neq(env1, 0);
env2 = crypto_new_cipher_env(str_ciphers[i]);
test_neq(env2, 0);
j = crypto_cipher_generate_key(env1);
if (str_ciphers[i] != CRYPTO_CIPHER_IDENTITY) {
crypto_cipher_set_key(env2, crypto_cipher_get_key(env1));
}
crypto_cipher_set_iv(env1, "12345678901234567890");
crypto_cipher_set_iv(env2, "12345678901234567890");
crypto_cipher_encrypt_init_cipher(env1);
crypto_cipher_decrypt_init_cipher(env2);
/* Try encrypting 512 chars. */
crypto_cipher_encrypt(env1, data1, 512, data2);
crypto_cipher_decrypt(env2, data2, 512, data3);
test_memeq(data1, data3, 512);
if (str_ciphers[i] == CRYPTO_CIPHER_IDENTITY) {
test_memeq(data1, data2, 512);
} else {
test_memneq(data1, data2, 512);
}
/* Now encrypt 1 at a time, and get 1 at a time. */
for (j = 512; j < 560; ++j) {
crypto_cipher_encrypt(env1, data1+j, 1, data2+j);
}
for (j = 512; j < 560; ++j) {
crypto_cipher_decrypt(env2, data2+j, 1, data3+j);
}
test_memeq(data1, data3, 560);
/* Now encrypt 3 at a time, and get 5 at a time. */
for (j = 560; j < 1024-5; j += 3) {
crypto_cipher_encrypt(env1, data1+j, 3, data2+j);
}
for (j = 560; j < 1024-5; j += 5) {
crypto_cipher_decrypt(env2, data2+j, 5, data3+j);
}
test_memeq(data1, data3, 1024-5);
/* Now make sure that when we encrypt with different chunk sizes, we get
the same results. */
crypto_free_cipher_env(env2);
memset(data2, 0, 1024);
memset(data3, 0, 1024);
env1 = crypto_new_cipher_env();
test_neq(env1, 0);
env2 = crypto_new_cipher_env();
test_neq(env2, 0);
j = crypto_cipher_generate_key(env1);
crypto_cipher_set_key(env2, crypto_cipher_get_key(env1));
crypto_cipher_set_iv(env1, "12345678901234567890");
crypto_cipher_set_iv(env2, "12345678901234567890");
crypto_cipher_encrypt_init_cipher(env1);
crypto_cipher_decrypt_init_cipher(env2);
memset(data3, 0, 1024);
env2 = crypto_new_cipher_env(str_ciphers[i]);
test_neq(env2, 0);
if (str_ciphers[i] != CRYPTO_CIPHER_IDENTITY) {
crypto_cipher_set_key(env2, crypto_cipher_get_key(env1));
}
crypto_cipher_set_iv(env2, "12345678901234567890");
crypto_cipher_encrypt_init_cipher(env2);
for (j = 0; j < 1024-16; j += 17) {
crypto_cipher_encrypt(env2, data1+j, 17, data3+j);
}
for (j= 0; j < 1024-16; ++j) {
if (data2[j] != data3[j]) {
printf("%d: %d\t%d\n", j, (int) data2[j], (int) data3[j]);
}
}
test_memeq(data2, data3, 1024-16);
crypto_free_cipher_env(env1);
crypto_free_cipher_env(env2);
/* Try encrypting 512 chars. */
crypto_cipher_encrypt(env1, data1, 512, data2);
crypto_cipher_decrypt(env2, data2, 512, data3);
test_memeq(data1, data3, 512);
test_memneq(data1, data2, 512);
/* Now encrypt 1 at a time, and get 1 at a time. */
for (j = 512; j < 560; ++j) {
crypto_cipher_encrypt(env1, data1+j, 1, data2+j);
}
for (j = 512; j < 560; ++j) {
crypto_cipher_decrypt(env2, data2+j, 1, data3+j);
}
test_memeq(data1, data3, 560);
/* Now encrypt 3 at a time, and get 5 at a time. */
for (j = 560; j < 1024-5; j += 3) {
crypto_cipher_encrypt(env1, data1+j, 3, data2+j);
}
for (j = 560; j < 1024-5; j += 5) {
crypto_cipher_decrypt(env2, data2+j, 5, data3+j);
}
test_memeq(data1, data3, 1024-5);
/* Now make sure that when we encrypt with different chunk sizes, we get
the same results. */
crypto_free_cipher_env(env2);
memset(data3, 0, 1024);
env2 = crypto_new_cipher_env();
test_neq(env2, 0);
crypto_cipher_set_key(env2, crypto_cipher_get_key(env1));
crypto_cipher_set_iv(env2, "12345678901234567890");
crypto_cipher_encrypt_init_cipher(env2);
for (j = 0; j < 1024-16; j += 17) {
crypto_cipher_encrypt(env2, data1+j, 17, data3+j);
}
for (j= 0; j < 1024-16; ++j) {
if (data2[j] != data3[j]) {
printf("%d: %d\t%d\n", j, (int) data2[j], (int) data3[j]);
}
}
test_memeq(data2, data3, 1024-16);
crypto_free_cipher_env(env1);
crypto_free_cipher_env(env2);
/* Test vectors for stream ciphers. */
/* XXXX Look up some test vectors for the ciphers and make sure we match. */
/* Test SHA-1 with a test vector from the specification. */
i = crypto_SHA_digest("abc", 3, data1);
i = crypto_digest("abc", 3, data1);
test_memeq(data1,
"\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78"
"\x50\xC2\x6C\x9C\xD0\xD8\x9D", 20);
/* Public-key ciphers */
pk1 = crypto_new_pk_env(CRYPTO_PK_RSA);
pk2 = crypto_new_pk_env(CRYPTO_PK_RSA);
pk1 = crypto_new_pk_env();
pk2 = crypto_new_pk_env();
test_assert(pk1 && pk2);
test_assert(! crypto_pk_generate_key(pk1));
test_assert(! crypto_pk_write_public_key_to_string(pk1, &cp, &i));
@ -367,25 +354,25 @@ test_crypto()
test_eq(128, crypto_pk_keysize(pk2));
test_eq(128, crypto_pk_public_encrypt(pk2, "Hello whirled.", 15, data1,
RSA_PKCS1_OAEP_PADDING));
PK_PKCS1_OAEP_PADDING));
test_eq(128, crypto_pk_public_encrypt(pk1, "Hello whirled.", 15, data2,
RSA_PKCS1_OAEP_PADDING));
PK_PKCS1_OAEP_PADDING));
/* oaep padding should make encryption not match */
test_memneq(data1, data2, 128);
test_eq(15, crypto_pk_private_decrypt(pk1, data1, 128, data3,
RSA_PKCS1_OAEP_PADDING));
PK_PKCS1_OAEP_PADDING));
test_streq(data3, "Hello whirled.");
memset(data3, 0, 1024);
test_eq(15, crypto_pk_private_decrypt(pk1, data2, 128, data3,
RSA_PKCS1_OAEP_PADDING));
PK_PKCS1_OAEP_PADDING));
test_streq(data3, "Hello whirled.");
/* Can't decrypt with public key. */
test_eq(-1, crypto_pk_private_decrypt(pk2, data2, 128, data3,
RSA_PKCS1_OAEP_PADDING));
PK_PKCS1_OAEP_PADDING));
/* Try again with bad padding */
memcpy(data2+1, "XYZZY", 5); /* This has fails ~ once-in-2^40 */
test_eq(-1, crypto_pk_private_decrypt(pk1, data2, 128, data3,
RSA_PKCS1_OAEP_PADDING));
PK_PKCS1_OAEP_PADDING));
/* File operations: save and load private key */
f = fopen("/tmp/tor_test/pkey1", "wb");
@ -395,11 +382,11 @@ test_crypto()
test_assert(! crypto_pk_read_private_key_from_file(pk2, f));
fclose(f);
test_eq(15, crypto_pk_private_decrypt(pk2, data1, 128, data3,
RSA_PKCS1_OAEP_PADDING));
PK_PKCS1_OAEP_PADDING));
test_assert(! crypto_pk_read_private_key_from_filename(pk2,
"/tmp/tor_test/pkey1"));
test_eq(15, crypto_pk_private_decrypt(pk2, data1, 128, data3,
RSA_PKCS1_OAEP_PADDING));
PK_PKCS1_OAEP_PADDING));
/* Now try signing. */
strcpy(data1, "Ossifrage");
@ -429,8 +416,8 @@ test_crypto()
memset(data3,0,1024);
if (i == 0 && j < 129)
continue;
p = (i==0)?RSA_NO_PADDING:
(i==1)?RSA_PKCS1_PADDING:RSA_PKCS1_OAEP_PADDING;
p = (i==0)?PK_NO_PADDING:
(i==1)?PK_PKCS1_PADDING:PK_PKCS1_OAEP_PADDING;
len = crypto_pk_public_hybrid_encrypt(pk1,data1,j,data2,p);
test_assert(len>=0);
len = crypto_pk_private_hybrid_decrypt(pk1,data2,len,data3,p);
@ -626,7 +613,7 @@ test_onion_handshake() {
/* shared */
crypto_pk_env_t *pk = NULL;
pk = crypto_new_pk_env(CRYPTO_PK_RSA);
pk = crypto_new_pk_env();
test_assert(! crypto_pk_generate_key(pk));
/* client handshake 1. */
@ -669,9 +656,9 @@ test_dir_format()
struct exit_policy_t ex1, ex2;
routerlist_t *dir1 = NULL, *dir2 = NULL;
test_assert( (pk1 = crypto_new_pk_env(CRYPTO_PK_RSA)) );
test_assert( (pk2 = crypto_new_pk_env(CRYPTO_PK_RSA)) );
test_assert( (pk3 = crypto_new_pk_env(CRYPTO_PK_RSA)) );
test_assert( (pk1 = crypto_new_pk_env()) );
test_assert( (pk2 = crypto_new_pk_env()) );
test_assert( (pk3 = crypto_new_pk_env()) );
test_assert(! crypto_pk_generate_key(pk1));
test_assert(! crypto_pk_generate_key(pk2));
test_assert(! crypto_pk_generate_key(pk3));
@ -835,7 +822,7 @@ void test_rend_fns()
int len;
crypto_pk_env_t *pk1;
time_t now;
pk1 = crypto_new_pk_env(CRYPTO_PK_RSA);
pk1 = crypto_new_pk_env();
test_assert(!crypto_pk_generate_key(pk1));
d1 = tor_malloc_zero(sizeof(rend_service_descriptor_t));