Not every RSA decrypt should warn on failure.

svn:r1853
2024-11-10 13:13:44 +01:00 · 2004-05-12 19:30:28 +00:00 · 2004-05-12 19:30:28 +00:00 · 9c3fba5c3b
commit 9c3fba5c3b
parent f1bc7af9f5
5 changed files with 20 additions and 20 deletions
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@ -534,7 +534,7 @@ int crypto_pk_public_encrypt(crypto_pk_env_t *env, const unsigned char *from, in
 * write the result to <b>to</b>, and return the number of bytes
 * written.  On failure, return -1.
 */
-int crypto_pk_private_decrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to, int padding)
+int crypto_pk_private_decrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to, int padding, int warnOnFailure)
 {
  int r;
  tor_assert(env && from && to && env->key);
@ -545,7 +545,8 @@ int crypto_pk_private_decrypt(crypto_pk_env_t *env, const unsigned char *from, i
  r = RSA_private_decrypt(fromlen, (unsigned char*)from, to, env->key,
                             crypto_get_rsa_padding(padding));
  if (r<0) {
-    crypto_log_errors(LOG_WARN, "performing RSA decryption");
+    crypto_log_errors(warnOnFailure?LOG_WARN:LOG_INFO,
+                      "performing RSA decryption");
    return -1;
  }
  return r;
@ -714,7 +715,7 @@ int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
 int crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
                                     const unsigned char *from,
                                     int fromlen, unsigned char *to,
-                                     int padding)
+                                     int padding, int warnOnFailure)
 {
  int overhead, pkeylen, outlen, r;
  crypto_cipher_env_t *cipher = NULL;
@ -724,17 +725,15 @@ int crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
  pkeylen = crypto_pk_keysize(env);

  if (fromlen <= pkeylen) {
-    return crypto_pk_private_decrypt(env,from,fromlen,to,padding);
+    return crypto_pk_private_decrypt(env,from,fromlen,to,padding,warnOnFailure);
  }
-  outlen = crypto_pk_private_decrypt(env,from,pkeylen,buf,padding);
+  outlen = crypto_pk_private_decrypt(env,from,pkeylen,buf,padding,warnOnFailure);
  if (outlen<0) {
-    /* this is only log-levelinfo, because when we're decrypting
-     * onions, we try several keys to see which will work */
-    log_fn(LOG_INFO, "Error decrypting public-key data");
+    log_fn(warnOnFailure?LOG_WARN:LOG_INFO, "Error decrypting public-key data");
    return -1;
  }
  if (outlen < CIPHER_KEY_LEN) {
-    log_fn(LOG_WARN, "No room for a symmetric key");
+    log_fn(warnOnFailure?LOG_WARN:LOG_INFO, "No room for a symmetric key");
    return -1;
  }
  cipher = crypto_create_init_cipher(buf, 0);
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@ -68,7 +68,7 @@ crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *orig);
 int crypto_pk_keysize(crypto_pk_env_t *env);

 int crypto_pk_public_encrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to, int padding);
-int crypto_pk_private_decrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to, int padding);
+int crypto_pk_private_decrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to, int padding, int warnOnFailure);
 int crypto_pk_private_sign(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to);
 int crypto_pk_private_sign_digest(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to);
 int crypto_pk_public_checksig(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to);
@ -78,7 +78,8 @@ int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
                                    unsigned char *to, int padding, int force);
 int crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
                                     const unsigned char *from, int fromlen,
-                                     unsigned char *to,int padding);
+                                     unsigned char *to,int padding,
+                                     int warnOnFailure);

 int crypto_pk_asn1_encode(crypto_pk_env_t *pk, char *dest, int dest_len);
 crypto_pk_env_t *crypto_pk_asn1_decode(const char *str, int len);
--- a/src/or/onion.c
+++ b/src/or/onion.c
@ -728,12 +728,12 @@ onion_skin_server_handshake(char *onion_skin, /* ONIONSKIN_CHALLENGE_LEN bytes *
      break;
    len = crypto_pk_private_hybrid_decrypt(k,
                                           onion_skin, ONIONSKIN_CHALLENGE_LEN,
-                                           challenge, PK_PKCS1_OAEP_PADDING);
+                                           challenge, PK_PKCS1_OAEP_PADDING,0);
    if (len>0)
      break;
  }
  if (len<0) {
-    log_fn(LOG_WARN, "Couldn't decrypt onionskin");
+    log_fn(LOG_WARN, "Couldn't decrypt onionskin: client may be using old onion key");
    goto err;
  } else if (len != DH_KEY_LEN) {
    log_fn(LOG_WARN, "Unexpected onionskin length after decryption: %d",
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@ -388,7 +388,7 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
  /* Next N bytes is encrypted with service key */
  len = crypto_pk_private_hybrid_decrypt(
       service->private_key,request+DIGEST_LEN,request_len-DIGEST_LEN,buf,
-       PK_PKCS1_OAEP_PADDING);
+       PK_PKCS1_OAEP_PADDING,1);
  if (len<0) {
    log_fn(LOG_WARN, "Couldn't decrypt INTRODUCE2 cell");
    return -1;
--- a/src/or/test.c
+++ b/src/or/test.c
@ -333,19 +333,19 @@ test_crypto()
  /* oaep padding should make encryption not match */
  test_memneq(data1, data2, 128);
  test_eq(15, crypto_pk_private_decrypt(pk1, data1, 128, data3,
-                                        PK_PKCS1_OAEP_PADDING));
+                                        PK_PKCS1_OAEP_PADDING,1));
  test_streq(data3, "Hello whirled.");
  memset(data3, 0, 1024);
  test_eq(15, crypto_pk_private_decrypt(pk1, data2, 128, data3,
-                                        PK_PKCS1_OAEP_PADDING));
+                                        PK_PKCS1_OAEP_PADDING,1));
  test_streq(data3, "Hello whirled.");
  /* Can't decrypt with public key. */
  test_eq(-1, crypto_pk_private_decrypt(pk2, data2, 128, data3,
-                                        PK_PKCS1_OAEP_PADDING));
+                                        PK_PKCS1_OAEP_PADDING,1));
  /* Try again with bad padding */
  memcpy(data2+1, "XYZZY", 5);  /* This has fails ~ once-in-2^40 */
  test_eq(-1, crypto_pk_private_decrypt(pk1, data2, 128, data3,
-                                        PK_PKCS1_OAEP_PADDING));
+                                        PK_PKCS1_OAEP_PADDING,1));

  /* File operations: save and load private key */
  test_assert(! crypto_pk_write_private_key_to_filename(pk1,
@ -354,7 +354,7 @@ test_crypto()
  test_assert(! crypto_pk_read_private_key_from_filename(pk2,
                                                  "/tmp/tor_test/pke1y"));
  test_eq(15, crypto_pk_private_decrypt(pk2, data1, 128, data3,
-                                        PK_PKCS1_OAEP_PADDING));
+                                        PK_PKCS1_OAEP_PADDING,1));

  /* Now try signing. */
  strcpy(data1, "Ossifrage");
@ -388,7 +388,7 @@ test_crypto()
        (i==1)?PK_PKCS1_PADDING:PK_PKCS1_OAEP_PADDING;
      len = crypto_pk_public_hybrid_encrypt(pk1,data1,j,data2,p,0);
      test_assert(len>=0);
-      len = crypto_pk_private_hybrid_decrypt(pk1,data2,len,data3,p);
+      len = crypto_pk_private_hybrid_decrypt(pk1,data2,len,data3,p,1);
      test_eq(len,j);
      test_memeq(data1,data3,j);
    }