mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-11 13:43:47 +01:00
Rename secret_to_key to secret_to_key_rfc2440
This commit is contained in:
parent
cc3b04a8c1
commit
9b2d8c4e20
@ -3008,7 +3008,7 @@ base32_decode(char *dest, size_t destlen, const char *src, size_t srclen)
|
||||
* Does not support <b>key_out_len</b> > DIGEST_LEN.
|
||||
*/
|
||||
void
|
||||
secret_to_key(char *key_out, size_t key_out_len, const char *secret,
|
||||
secret_to_key_rfc2440(char *key_out, size_t key_out_len, const char *secret,
|
||||
size_t secret_len, const char *s2k_specifier)
|
||||
{
|
||||
crypto_digest_t *d;
|
||||
|
@ -282,8 +282,9 @@ int digest256_from_base64(char *digest, const char *d64);
|
||||
|
||||
/** Length of RFC2440-style S2K specifier: the first 8 bytes are a salt, the
|
||||
* 9th describes how much iteration to do. */
|
||||
#define S2K_SPECIFIER_LEN 9
|
||||
void secret_to_key(char *key_out, size_t key_out_len, const char *secret,
|
||||
#define S2K_RFC2440_SPECIFIER_LEN 9
|
||||
void secret_to_key_rfc2440(
|
||||
char *key_out, size_t key_out_len, const char *secret,
|
||||
size_t secret_len, const char *s2k_specifier);
|
||||
|
||||
/** OpenSSL-based utility functions. */
|
||||
|
@ -993,7 +993,8 @@ handle_control_setevents(control_connection_t *conn, uint32_t len,
|
||||
|
||||
/** Decode the hashed, base64'd passwords stored in <b>passwords</b>.
|
||||
* Return a smartlist of acceptable passwords (unterminated strings of
|
||||
* length S2K_SPECIFIER_LEN+DIGEST_LEN) on success, or NULL on failure.
|
||||
* length S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN) on success, or NULL on
|
||||
* failure.
|
||||
*/
|
||||
smartlist_t *
|
||||
decode_hashed_passwords(config_line_t *passwords)
|
||||
@ -1009,16 +1010,17 @@ decode_hashed_passwords(config_line_t *passwords)
|
||||
|
||||
if (!strcmpstart(hashed, "16:")) {
|
||||
if (base16_decode(decoded, sizeof(decoded), hashed+3, strlen(hashed+3))<0
|
||||
|| strlen(hashed+3) != (S2K_SPECIFIER_LEN+DIGEST_LEN)*2) {
|
||||
|| strlen(hashed+3) != (S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN)*2) {
|
||||
goto err;
|
||||
}
|
||||
} else {
|
||||
if (base64_decode(decoded, sizeof(decoded), hashed, strlen(hashed))
|
||||
!= S2K_SPECIFIER_LEN+DIGEST_LEN) {
|
||||
!= S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN) {
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
smartlist_add(sl, tor_memdup(decoded, S2K_SPECIFIER_LEN+DIGEST_LEN));
|
||||
smartlist_add(sl,
|
||||
tor_memdup(decoded, S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN));
|
||||
}
|
||||
|
||||
return sl;
|
||||
@ -1171,8 +1173,10 @@ handle_control_authenticate(control_connection_t *conn, uint32_t len,
|
||||
} else {
|
||||
SMARTLIST_FOREACH(sl, char *, expected,
|
||||
{
|
||||
secret_to_key(received,DIGEST_LEN,password,password_len,expected);
|
||||
if (tor_memeq(expected+S2K_SPECIFIER_LEN, received, DIGEST_LEN))
|
||||
secret_to_key_rfc2440(received,DIGEST_LEN,
|
||||
password,password_len,expected);
|
||||
if (tor_memeq(expected + S2K_RFC2440_SPECIFIER_LEN,
|
||||
received, DIGEST_LEN))
|
||||
goto ok;
|
||||
});
|
||||
SMARTLIST_FOREACH(sl, char *, cp, tor_free(cp));
|
||||
|
@ -2674,11 +2674,11 @@ do_hash_password(void)
|
||||
{
|
||||
|
||||
char output[256];
|
||||
char key[S2K_SPECIFIER_LEN+DIGEST_LEN];
|
||||
char key[S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN];
|
||||
|
||||
crypto_rand(key, S2K_SPECIFIER_LEN-1);
|
||||
key[S2K_SPECIFIER_LEN-1] = (uint8_t)96; /* Hash 64 K of data. */
|
||||
secret_to_key(key+S2K_SPECIFIER_LEN, DIGEST_LEN,
|
||||
crypto_rand(key, S2K_RFC2440_SPECIFIER_LEN-1);
|
||||
key[S2K_RFC2440_SPECIFIER_LEN-1] = (uint8_t)96; /* Hash 64 K of data. */
|
||||
secret_to_key_rfc2440(key+S2K_RFC2440_SPECIFIER_LEN, DIGEST_LEN,
|
||||
get_options()->command_arg, strlen(get_options()->command_arg),
|
||||
key);
|
||||
base16_encode(output, sizeof(output), key, sizeof(key));
|
||||
|
@ -708,7 +708,7 @@ test_crypto_s2k(void)
|
||||
buf3 = tor_malloc(65536);
|
||||
memset(buf3, 0, 65536);
|
||||
|
||||
secret_to_key(buf+9, 20, "", 0, buf);
|
||||
secret_to_key_rfc2440(buf+9, 20, "", 0, buf);
|
||||
crypto_digest(buf2+9, buf3, 1024);
|
||||
test_memeq(buf, buf2, 29);
|
||||
|
||||
@ -716,7 +716,7 @@ test_crypto_s2k(void)
|
||||
memcpy(buf2,"vrbacrda",8);
|
||||
buf[8] = 96;
|
||||
buf2[8] = 96;
|
||||
secret_to_key(buf+9, 20, "12345678", 8, buf);
|
||||
secret_to_key_rfc2440(buf+9, 20, "12345678", 8, buf);
|
||||
for (i = 0; i < 65536; i += 16) {
|
||||
memcpy(buf3+i, "vrbacrda12345678", 16);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user