mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 21:23:58 +01:00
Make crypto structures private to crypto.c
svn:r437
This commit is contained in:
parent
67697d5ab1
commit
9955b265ab
@ -40,6 +40,24 @@
|
||||
#define RETURN_SSL_OUTCOME(exp) return !(exp)
|
||||
#endif
|
||||
|
||||
struct crypto_pk_env_t
|
||||
{
|
||||
int type;
|
||||
int refs; /* reference counting; so we don't have to copy keys */
|
||||
unsigned char *key;
|
||||
/* auxiliary data structure(s) used by the underlying crypto library */
|
||||
unsigned char *aux;
|
||||
};
|
||||
|
||||
struct crypto_cipher_env_t
|
||||
{
|
||||
int type;
|
||||
unsigned char *key;
|
||||
unsigned char *iv;
|
||||
/* auxiliary data structure(s) used by the underlying crypto library */
|
||||
unsigned char *aux;
|
||||
};
|
||||
|
||||
/* static INLINE const EVP_CIPHER *
|
||||
crypto_cipher_evp_cipher(int type, int enc);
|
||||
*/
|
||||
@ -102,31 +120,37 @@ int crypto_global_cleanup()
|
||||
return 0;
|
||||
}
|
||||
|
||||
crypto_pk_env_t *crypto_new_pk_env(int type)
|
||||
crypto_pk_env_t *_crypto_new_pk_env_rsa(RSA *rsa)
|
||||
{
|
||||
crypto_pk_env_t *env;
|
||||
|
||||
assert(rsa);
|
||||
env = (crypto_pk_env_t *)tor_malloc(sizeof(crypto_pk_env_t));
|
||||
|
||||
env->type = type;
|
||||
env->type = CRYPTO_PK_RSA;
|
||||
env->refs = 1;
|
||||
env->key = NULL;
|
||||
env->key = (unsigned char*)rsa;
|
||||
env->aux = NULL;
|
||||
|
||||
return env;
|
||||
}
|
||||
|
||||
RSA *_crypto_pk_env_get_rsa(crypto_pk_env_t *env)
|
||||
{
|
||||
if (env->type != CRYPTO_PK_RSA)
|
||||
return NULL;
|
||||
return (RSA*)env->key;
|
||||
}
|
||||
|
||||
crypto_pk_env_t *crypto_new_pk_env(int type)
|
||||
{
|
||||
RSA *rsa;
|
||||
|
||||
switch(type) {
|
||||
case CRYPTO_PK_RSA:
|
||||
env->key = (unsigned char *)RSA_new();
|
||||
if (!env->key) {
|
||||
free(env);
|
||||
return NULL;
|
||||
}
|
||||
break;
|
||||
rsa = RSA_new();
|
||||
if (!rsa) return NULL;
|
||||
return _crypto_new_pk_env_rsa(rsa);
|
||||
default:
|
||||
free(env);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return env;
|
||||
}
|
||||
|
||||
void crypto_free_pk_env(crypto_pk_env_t *env)
|
||||
@ -617,6 +641,11 @@ int crypto_cipher_set_key(crypto_cipher_env_t *env, unsigned char *key)
|
||||
return 0;
|
||||
}
|
||||
|
||||
unsigned char *crypto_cipher_get_key(crypto_cipher_env_t *env)
|
||||
{
|
||||
return env->key;
|
||||
}
|
||||
|
||||
int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env)
|
||||
{
|
||||
assert(env);
|
||||
|
@ -18,23 +18,8 @@
|
||||
|
||||
#define CRYPTO_PK_RSA 0
|
||||
|
||||
typedef struct
|
||||
{
|
||||
int type;
|
||||
int refs; /* reference counting; so we don't have to copy keys */
|
||||
unsigned char *key;
|
||||
/* auxiliary data structure(s) used by the underlying crypto library */
|
||||
unsigned char *aux;
|
||||
} crypto_pk_env_t;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
int type;
|
||||
unsigned char *key;
|
||||
unsigned char *iv;
|
||||
/* auxiliary data structure(s) used by the underlying crypto library */
|
||||
unsigned char *aux;
|
||||
} crypto_cipher_env_t;
|
||||
typedef struct crypto_pk_env_t crypto_pk_env_t;
|
||||
typedef struct crypto_cipher_env_t crypto_cipher_env_t;
|
||||
|
||||
/* global state */
|
||||
int crypto_global_init();
|
||||
@ -94,6 +79,7 @@ int crypto_cipher_set_iv(crypto_cipher_env_t *env, unsigned char *iv);
|
||||
int crypto_cipher_set_key(crypto_cipher_env_t *env, unsigned char *key);
|
||||
int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env);
|
||||
int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env);
|
||||
unsigned char *crypto_cipher_get_key(crypto_cipher_env_t *env);
|
||||
|
||||
int crypto_cipher_encrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to);
|
||||
int crypto_cipher_decrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to);
|
||||
|
@ -249,9 +249,9 @@ or_handshake_op_send_keys(connection_t *conn) {
|
||||
/* compose the message */
|
||||
*(uint16_t *)(message) = htons(HANDSHAKE_AS_OP);
|
||||
memcpy((void *)(message+FLAGS_LEN),
|
||||
(void *)conn->f_crypto->key, 16);
|
||||
(void *)crypto_cipher_get_key(conn->f_crypto), 16);
|
||||
memcpy((void *)(message+FLAGS_LEN+KEY_LEN),
|
||||
(void *)conn->b_crypto->key, 16);
|
||||
(void *)crypto_cipher_get_key(conn->b_crypto), 16);
|
||||
|
||||
/* encrypt with RSA */
|
||||
if(crypto_pk_public_encrypt(conn->pkey, message, sizeof(message), cipher, RSA_PKCS1_PADDING) < 0) {
|
||||
@ -322,9 +322,9 @@ or_handshake_client_send_auth(connection_t *conn) {
|
||||
*(uint32_t*)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN) = htonl(conn->addr); /* remote address */
|
||||
*(uint16_t*)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN) = htons(conn->port); /* remote port */
|
||||
memcpy(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN,
|
||||
conn->f_crypto->key,16); /* keys */
|
||||
crypto_cipher_get_key(conn->f_crypto),16); /* keys */
|
||||
memcpy(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN+KEY_LEN,
|
||||
conn->b_crypto->key,16);
|
||||
crypto_cipher_get_key(conn->b_crypto),16);
|
||||
log(LOG_DEBUG,"or_handshake_client_send_auth() : Generated first authentication message.");
|
||||
|
||||
/* encrypt message */
|
||||
@ -406,8 +406,8 @@ or_handshake_client_process_auth(connection_t *conn) {
|
||||
log(LOG_ERR,"client_process_auth: Router %s:%u: bad address info.", conn->address,conn->port);
|
||||
return -1;
|
||||
}
|
||||
if ( (memcmp(conn->f_crypto->key, buf+12, 16)) || /* keys */
|
||||
(memcmp(conn->b_crypto->key, buf+28, 16)) ) {
|
||||
if ( (memcmp(crypto_cipher_get_key(conn->f_crypto), buf+12, 16)) ||/* keys */
|
||||
(memcmp(crypto_cipher_get_key(conn->b_crypto), buf+28, 16)) ) {
|
||||
log(LOG_ERR,"client_process_auth: Router %s:%u: bad key info.",conn->address,conn->port);
|
||||
return -1;
|
||||
}
|
||||
|
@ -269,7 +269,7 @@ test_crypto()
|
||||
test_neq(env2, 0);
|
||||
j = crypto_cipher_generate_key(env1);
|
||||
if (str_ciphers[i] != CRYPTO_CIPHER_IDENTITY) {
|
||||
crypto_cipher_set_key(env2, env1->key);
|
||||
crypto_cipher_set_key(env2, crypto_cipher_get_key(env1));
|
||||
}
|
||||
crypto_cipher_set_iv(env1, "12345678901234567890");
|
||||
crypto_cipher_set_iv(env2, "12345678901234567890");
|
||||
@ -309,7 +309,7 @@ test_crypto()
|
||||
env2 = crypto_new_cipher_env(str_ciphers[i]);
|
||||
test_neq(env2, 0);
|
||||
if (str_ciphers[i] != CRYPTO_CIPHER_IDENTITY) {
|
||||
crypto_cipher_set_key(env2, env1->key);
|
||||
crypto_cipher_set_key(env2, crypto_cipher_get_key(env1));
|
||||
}
|
||||
crypto_cipher_set_iv(env2, "12345678901234567890");
|
||||
crypto_cipher_encrypt_init_cipher(env2);
|
||||
|
Loading…
Reference in New Issue
Block a user