r12638@catbus: nickm | 2007-05-02 17:37:30 -0400

Remove the "RSA keys are 128-bits" assumption from crypto.c


svn:r10096
This commit is contained in:
Nick Mathewson 2007-05-02 21:37:53 +00:00
parent 14fbc90a41
commit 9279c1d5fe

View File

@ -716,7 +716,7 @@ crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
int datalen, const char *sig, int siglen)
{
char digest[DIGEST_LEN];
char buf[PK_BYTES+1];
char *buf;
int r;
tor_assert(env);
@ -727,15 +727,19 @@ crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
log_warn(LD_BUG, "couldn't compute digest");
return -1;
}
buf = tor_malloc(crypto_pk_keysize(env)+1);
r = crypto_pk_public_checksig(env,buf,sig,siglen);
if (r != DIGEST_LEN) {
log_warn(LD_CRYPTO, "Invalid signature");
tor_free(buf);
return -1;
}
if (memcmp(buf, digest, DIGEST_LEN)) {
log_warn(LD_CRYPTO, "Signature mismatched with digest.");
tor_free(buf);
return -1;
}
tor_free(buf);
return 0;
}
@ -808,7 +812,7 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
int overhead, outlen, r, symlen;
size_t pkeylen;
crypto_cipher_env_t *cipher = NULL;
char buf[PK_BYTES+1];
char *buf = NULL;
tor_assert(env);
tor_assert(from);
@ -838,6 +842,7 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
cipher->key[0] &= 0x7f;
if (crypto_cipher_encrypt_init_cipher(cipher)<0)
goto err;
buf = tor_malloc(pkeylen+1);
memcpy(buf, cipher->key, CIPHER_KEY_LEN);
memcpy(buf+CIPHER_KEY_LEN, from, pkeylen-overhead-CIPHER_KEY_LEN);
@ -852,11 +857,13 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
from+pkeylen-overhead-CIPHER_KEY_LEN, symlen);
if (r<0) goto err;
memset(buf, 0, sizeof(buf));
memset(buf, 0, pkeylen);
tor_free(buf);
crypto_free_cipher_env(cipher);
return outlen + symlen;
err:
memset(buf, 0, sizeof(buf));
memset(buf, 0, pkeylen);
tor_free(buf);
if (cipher) crypto_free_cipher_env(cipher);
return -1;
}
@ -872,7 +879,7 @@ crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
int outlen, r;
size_t pkeylen;
crypto_cipher_env_t *cipher = NULL;
char buf[PK_BYTES+1];
char *buf = NULL;
pkeylen = crypto_pk_keysize(env);
@ -880,32 +887,35 @@ crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
return crypto_pk_private_decrypt(env,to,from,fromlen,padding,
warnOnFailure);
}
buf = tor_malloc(pkeylen+1);
outlen = crypto_pk_private_decrypt(env,buf,from,pkeylen,padding,
warnOnFailure);
if (outlen<0) {
log_fn(warnOnFailure?LOG_WARN:LOG_DEBUG, LD_CRYPTO,
"Error decrypting public-key data");
return -1;
goto err;
}
if (outlen < CIPHER_KEY_LEN) {
log_fn(warnOnFailure?LOG_WARN:LOG_INFO, LD_CRYPTO,
"No room for a symmetric key");
return -1;
goto err;
}
cipher = crypto_create_init_cipher(buf, 0);
if (!cipher) {
return -1;
goto err;
}
memcpy(to,buf+CIPHER_KEY_LEN,outlen-CIPHER_KEY_LEN);
outlen -= CIPHER_KEY_LEN;
r = crypto_cipher_decrypt(cipher, to+outlen, from+pkeylen, fromlen-pkeylen);
if (r<0)
goto err;
memset(buf,0,sizeof(buf));
memset(buf,0,pkeylen);
tor_free(buf);
crypto_free_cipher_env(cipher);
return outlen + (fromlen-pkeylen);
err:
memset(buf,0,sizeof(buf));
memset(buf,0,pkeylen);
tor_free(buf);
if (cipher) crypto_free_cipher_env(cipher);
return -1;
}