Rename secret_to_key to secret_to_key_rfc2440

This commit is contained in:
Nick Mathewson 2013-10-18 11:35:49 -07:00
parent cc3b04a8c1
commit 9b2d8c4e20
5 changed files with 20 additions and 15 deletions

View File

@ -3008,7 +3008,7 @@ base32_decode(char *dest, size_t destlen, const char *src, size_t srclen)
* Does not support <b>key_out_len</b> &gt; DIGEST_LEN.
*/
void
secret_to_key(char *key_out, size_t key_out_len, const char *secret,
secret_to_key_rfc2440(char *key_out, size_t key_out_len, const char *secret,
size_t secret_len, const char *s2k_specifier)
{
crypto_digest_t *d;

View File

@ -282,8 +282,9 @@ int digest256_from_base64(char *digest, const char *d64);
/** Length of RFC2440-style S2K specifier: the first 8 bytes are a salt, the
* 9th describes how much iteration to do. */
#define S2K_SPECIFIER_LEN 9
void secret_to_key(char *key_out, size_t key_out_len, const char *secret,
#define S2K_RFC2440_SPECIFIER_LEN 9
void secret_to_key_rfc2440(
char *key_out, size_t key_out_len, const char *secret,
size_t secret_len, const char *s2k_specifier);
/** OpenSSL-based utility functions. */

View File

@ -993,7 +993,8 @@ handle_control_setevents(control_connection_t *conn, uint32_t len,
/** Decode the hashed, base64'd passwords stored in <b>passwords</b>.
* Return a smartlist of acceptable passwords (unterminated strings of
* length S2K_SPECIFIER_LEN+DIGEST_LEN) on success, or NULL on failure.
* length S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN) on success, or NULL on
* failure.
*/
smartlist_t *
decode_hashed_passwords(config_line_t *passwords)
@ -1009,16 +1010,17 @@ decode_hashed_passwords(config_line_t *passwords)
if (!strcmpstart(hashed, "16:")) {
if (base16_decode(decoded, sizeof(decoded), hashed+3, strlen(hashed+3))<0
|| strlen(hashed+3) != (S2K_SPECIFIER_LEN+DIGEST_LEN)*2) {
|| strlen(hashed+3) != (S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN)*2) {
goto err;
}
} else {
if (base64_decode(decoded, sizeof(decoded), hashed, strlen(hashed))
!= S2K_SPECIFIER_LEN+DIGEST_LEN) {
!= S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN) {
goto err;
}
}
smartlist_add(sl, tor_memdup(decoded, S2K_SPECIFIER_LEN+DIGEST_LEN));
smartlist_add(sl,
tor_memdup(decoded, S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN));
}
return sl;
@ -1171,8 +1173,10 @@ handle_control_authenticate(control_connection_t *conn, uint32_t len,
} else {
SMARTLIST_FOREACH(sl, char *, expected,
{
secret_to_key(received,DIGEST_LEN,password,password_len,expected);
if (tor_memeq(expected+S2K_SPECIFIER_LEN, received, DIGEST_LEN))
secret_to_key_rfc2440(received,DIGEST_LEN,
password,password_len,expected);
if (tor_memeq(expected + S2K_RFC2440_SPECIFIER_LEN,
received, DIGEST_LEN))
goto ok;
});
SMARTLIST_FOREACH(sl, char *, cp, tor_free(cp));

View File

@ -2674,11 +2674,11 @@ do_hash_password(void)
{
char output[256];
char key[S2K_SPECIFIER_LEN+DIGEST_LEN];
char key[S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN];
crypto_rand(key, S2K_SPECIFIER_LEN-1);
key[S2K_SPECIFIER_LEN-1] = (uint8_t)96; /* Hash 64 K of data. */
secret_to_key(key+S2K_SPECIFIER_LEN, DIGEST_LEN,
crypto_rand(key, S2K_RFC2440_SPECIFIER_LEN-1);
key[S2K_RFC2440_SPECIFIER_LEN-1] = (uint8_t)96; /* Hash 64 K of data. */
secret_to_key_rfc2440(key+S2K_RFC2440_SPECIFIER_LEN, DIGEST_LEN,
get_options()->command_arg, strlen(get_options()->command_arg),
key);
base16_encode(output, sizeof(output), key, sizeof(key));

View File

@ -708,7 +708,7 @@ test_crypto_s2k(void)
buf3 = tor_malloc(65536);
memset(buf3, 0, 65536);
secret_to_key(buf+9, 20, "", 0, buf);
secret_to_key_rfc2440(buf+9, 20, "", 0, buf);
crypto_digest(buf2+9, buf3, 1024);
test_memeq(buf, buf2, 29);
@ -716,7 +716,7 @@ test_crypto_s2k(void)
memcpy(buf2,"vrbacrda",8);
buf[8] = 96;
buf2[8] = 96;
secret_to_key(buf+9, 20, "12345678", 8, buf);
secret_to_key_rfc2440(buf+9, 20, "12345678", 8, buf);
for (i = 0; i < 65536; i += 16) {
memcpy(buf3+i, "vrbacrda12345678", 16);
}