Remove all include common/ uses in crypto_ops and tls.

This commit is contained in:
Nick Mathewson 2018-06-28 13:57:23 -04:00
parent 0f02d2c041
commit a742a826f6
30 changed files with 109 additions and 61 deletions

View File

@ -1,16 +1,20 @@
orconfig.h
lib/arch/*.h
lib/cc/*.h
lib/container/*.h
lib/crypt_ops/*.h
lib/ctime/*.h
lib/defs/*.h
lib/encoding/*.h
lib/fs/*.h
lib/lock/*.h
lib/malloc/*.h
lib/err/*.h
lib/intmath/*.h
lib/sandbox/*.h
lib/string/*.h
lib/testsupport/testsupport.h
lib/thread/*.h
lib/log/*.h
trunnel/pwbox.h
@ -19,6 +23,3 @@ keccak-tiny/*.h
ed25519/*.h
siphash.h
# XXX I'd like to remove this.
common/*.h

View File

@ -10,6 +10,8 @@
**/
#include "orconfig.h"
#include "lib/crypt_ops/aes.h"
#include "lib/log/util_bug.h"
#ifdef _WIN32 /*wrkard for dtls1.h >= 0.9.8m of "#include <winsock.h>"*/
#include <winsock2.h>
@ -35,9 +37,7 @@ DISABLE_GCC_WARNING(redundant-decls)
ENABLE_GCC_WARNING(redundant-decls)
#include "common/compat.h"
#include "lib/crypt_ops/aes.h"
#include "common/util.h"
#include "lib/log/torlog.h"
#include "lib/ctime/di_ops.h"
@ -406,4 +406,3 @@ aes_set_iv(aes_cnt_cipher_t *cipher, const uint8_t *iv)
}
#endif /* defined(USE_EVP_AES_CTR) */

View File

@ -13,6 +13,9 @@
* \brief Headers for aes.c
*/
#include "lib/cc/torint.h"
#include "lib/malloc/util_malloc.h"
typedef struct aes_cnt_cipher aes_cnt_cipher_t;
aes_cnt_cipher_t* aes_new_cipher(const uint8_t *key, const uint8_t *iv,
@ -26,4 +29,3 @@ int evaluate_evp_for_aes(int force_value);
int evaluate_ctr_for_aes(void);
#endif /* !defined(TOR_AES_H) */

View File

@ -63,16 +63,17 @@ ENABLE_GCC_WARNING(redundant-decls)
#endif
#include "lib/log/torlog.h"
#include "lib/log/util_bug.h"
#include "lib/cc/torint.h"
#include "lib/crypt_ops/aes.h"
#include "common/util.h"
#include "common/compat.h"
#include "lib/encoding/binascii.h"
#include "keccak-tiny/keccak-tiny.h"
#include "siphash.h"
#include <string.h>
/** Boolean: has OpenSSL's crypto been initialized? */
static int crypto_early_initialized_ = 0;

View File

@ -17,8 +17,6 @@
#include <stdio.h>
#include "lib/cc/torint.h"
#include "common/compat.h"
#include "common/util.h"
#include "lib/crypt_ops/crypto_rsa.h"
/** Length of our symmetric cipher's keys of 128-bit. */

View File

@ -20,16 +20,19 @@
#ifdef HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
#include "lib/ctime/di_ops.h"
#include "lib/crypt_ops/crypto_curve25519.h"
#include "lib/crypt_ops/crypto_digest.h"
#include "lib/crypt_ops/crypto_format.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_util.h"
#include "common/util.h"
#include "lib/log/torlog.h"
#include "lib/log/util_bug.h"
#include "ed25519/donna/ed25519_donna_tor.h"
#include <string.h>
/* ==============================
Part 1: wrap a suitable curve25519 implementation as curve25519_impl
============================== */
@ -355,4 +358,3 @@ curve25519_init(void)
{
pick_curve25519_basepoint_impl();
}

View File

@ -14,6 +14,8 @@
#include "lib/crypt_ops/crypto_digest.h"
#include "lib/crypt_ops/crypto_hkdf.h"
#include "lib/crypt_ops/crypto_util.h"
#include "lib/log/torlog.h"
#include "lib/log/util_bug.h"
DISABLE_GCC_WARNING(redundant-decls)
@ -22,8 +24,7 @@ DISABLE_GCC_WARNING(redundant-decls)
ENABLE_GCC_WARNING(redundant-decls)
#include <openssl/bn.h>
#include "lib/log/torlog.h"
#include <string.h>
/** A structure to hold the first half (x, g^x) of a Diffie-Hellman handshake
* while we're waiting for the second.*/

View File

@ -13,7 +13,7 @@
#ifndef TOR_CRYPTO_DH_H
#define TOR_CRYPTO_DH_H
#include "common/util.h"
#include "orconfig.h"
/** Length of our DH keys. */
#define DH_BYTES (1024/8)
@ -46,4 +46,3 @@ struct dh_st;
struct dh_st *crypto_dh_get_dh_(crypto_dh_t *dh);
#endif /* !defined(TOR_CRYPTO_DH_H) */

View File

@ -15,9 +15,15 @@
#include "lib/crypt_ops/crypto_openssl_mgt.h"
#include "lib/crypt_ops/crypto_util.h"
#include "lib/log/torlog.h"
#include "lib/log/util_bug.h"
#include "keccak-tiny/keccak-tiny.h"
#include <stdlib.h>
#include <string.h>
#include "lib/arch/bytes.h"
DISABLE_GCC_WARNING(redundant-decls)
#include <openssl/hmac.h>

View File

@ -21,6 +21,7 @@
#include <sys/stat.h>
#endif
#include "lib/ctime/di_ops.h"
#include "lib/crypt_ops/crypto_curve25519.h"
#include "lib/crypt_ops/crypto_digest.h"
#include "lib/crypt_ops/crypto_ed25519.h"
@ -28,12 +29,15 @@
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_util.h"
#include "lib/log/torlog.h"
#include "common/util.h"
#include "lib/log/util_bug.h"
#include "lib/encoding/binascii.h"
#include "lib/string/util_string.h"
#include "ed25519/ref10/ed25519_ref10.h"
#include "ed25519/donna/ed25519_donna_tor.h"
#include <string.h>
static void pick_ed25519_impl(void);
/** An Ed25519 implementation, as a set of function pointers. */
@ -814,4 +818,3 @@ ed25519_validate_pubkey(const ed25519_public_key_t *pubkey)
return 0;
}

View File

@ -7,7 +7,6 @@
#include "lib/testsupport/testsupport.h"
#include "lib/cc/torint.h"
#include "lib/crypt_ops/crypto_curve25519.h"
#include "common/util.h"
#define ED25519_PUBKEY_LEN 32
#define ED25519_SECKEY_LEN 64
@ -142,4 +141,3 @@ MOCK_DECL(STATIC int, ed25519_impl_spot_check, (void));
#endif
#endif /* !defined(TOR_CRYPTO_ED25519_H) */

View File

@ -20,10 +20,15 @@
#include "lib/crypt_ops/crypto_ed25519.h"
#include "lib/crypt_ops/crypto_format.h"
#include "lib/crypt_ops/crypto_util.h"
#include "lib/string/compat_string.h"
#include "lib/string/util_string.h"
#include "common/util.h"
#include "lib/string/printf.h"
#include "lib/encoding/binascii.h"
#include "lib/log/torlog.h"
#include "lib/log/util_bug.h"
#include "lib/fs/files.h"
#include <string.h>
/** Write the <b>datalen</b> bytes from <b>data</b> to the file named
* <b>fname</b> in the tagged-data format. This format contains a

View File

@ -14,6 +14,9 @@
#include "lib/crypt_ops/crypto_digest.h"
#include "lib/crypt_ops/crypto_openssl_mgt.h"
#include "lib/intmath/cmp.h"
#include "lib/log/util_bug.h"
#include <openssl/opensslv.h>
#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0)
@ -21,6 +24,8 @@
#include <openssl/kdf.h>
#endif
#include <string.h>
/** Given <b>key_in_len</b> bytes of negotiated randomness in <b>key_in</b>
* ("K"), expand it into <b>key_out_len</b> bytes of negotiated key material in
* <b>key_out</b> by taking the first <b>key_out_len</b> bytes of

View File

@ -13,7 +13,7 @@
#ifndef TOR_CRYPTO_HKDF_H
#define TOR_CRYPTO_HKDF_H
#include "common/util.h"
#include "lib/cc/torint.h"
int crypto_expand_key_material_TAP(const uint8_t *key_in,
size_t key_in_len,
@ -25,4 +25,3 @@ int crypto_expand_key_material_rfc5869_sha256(
uint8_t *key_out, size_t key_out_len);
#endif /* !defined(TOR_CRYPTO_HKDF_H) */

View File

@ -13,6 +13,9 @@
#include "lib/crypt_ops/compat_openssl.h"
#include "lib/crypt_ops/crypto_openssl_mgt.h"
#include "lib/string/util_string.h"
#include "lib/lock/compat_mutex.h"
#include "lib/testsupport/testsupport.h"
#include "lib/thread/threads.h"
DISABLE_GCC_WARNING(redundant-decls)
@ -30,6 +33,8 @@ DISABLE_GCC_WARNING(redundant-decls)
ENABLE_GCC_WARNING(redundant-decls)
#include <string.h>
#ifndef NEW_THREAD_API
/** A number of preallocated mutexes for use by OpenSSL. */
static tor_mutex_t **openssl_mutexes_ = NULL;

View File

@ -13,9 +13,7 @@
#ifndef TOR_CRYPTO_OPENSSL_H
#define TOR_CRYPTO_OPENSSL_H
#include <stdio.h>
#include "common/util.h"
#include "orconfig.h"
#include <openssl/engine.h>
/*
@ -82,4 +80,3 @@ int setup_openssl_threading(void);
void crypto_openssl_free_all(void);
#endif /* !defined(TOR_CRYPTO_OPENSSL_H) */

View File

@ -8,6 +8,9 @@
* them to disk.
*/
#include <string.h>
#include "lib/arch/bytes.h"
#include "lib/crypt_ops/crypto.h"
#include "lib/crypt_ops/crypto_digest.h"
#include "lib/crypt_ops/crypto_pwbox.h"
@ -16,8 +19,8 @@
#include "lib/crypt_ops/crypto_util.h"
#include "lib/ctime/di_ops.h"
#include "lib/intmath/muldiv.h"
#include "common/util.h"
#include "trunnel/pwbox.h"
#include "lib/log/util_bug.h"
/* 8 bytes "TORBOX00"
1 byte: header len (H)
@ -75,7 +78,7 @@ crypto_pwbox(uint8_t **out, size_t *outlen_out,
pwbox_encoded_setlen_data(enc, encrypted_len);
encrypted_portion = pwbox_encoded_getarray_data(enc);
set_uint32(encrypted_portion, htonl((uint32_t)input_len));
set_uint32(encrypted_portion, tor_htonl((uint32_t)input_len));
memcpy(encrypted_portion+4, input, input_len);
/* Now that all the data is in position, derive some keys, encrypt, and
@ -190,7 +193,7 @@ crypto_unpwbox(uint8_t **out, size_t *outlen_out,
cipher = crypto_cipher_new_with_iv((char*)keys, (char*)enc->iv);
crypto_cipher_decrypt(cipher, (char*)&result_len, (char*)encrypted, 4);
result_len = ntohl(result_len);
result_len = tor_ntohl(result_len);
if (encrypted_len < result_len + 4)
goto err;

View File

@ -22,15 +22,18 @@
#endif /* defined(_WIN32) */
#include "lib/container/smartlist.h"
#include "common/compat.h"
#include "lib/crypt_ops/compat_openssl.h"
#include "lib/crypt_ops/crypto_util.h"
#include "lib/sandbox/sandbox.h"
#include "lib/testsupport/testsupport.h"
#include "lib/log/torlog.h"
#include "common/util.h"
#include "lib/encoding/binascii.h"
#include "lib/intmath/weakrng.h"
#include "lib/log/torlog.h"
#include "lib/log/util_bug.h"
#include "lib/malloc/util_malloc.h"
#include "lib/sandbox/sandbox.h"
#include "lib/string/compat_string.h"
#include "lib/string/util_string.h"
#include "lib/testsupport/testsupport.h"
#include "lib/fs/files.h"
DISABLE_GCC_WARNING(redundant-decls)
#include <openssl/rand.h>
@ -63,6 +66,8 @@ ENABLE_GCC_WARNING(redundant-decls)
#include <sys/random.h>
#endif
#include <string.h>
/**
* How many bytes of entropy we add at once.
*
@ -238,7 +243,7 @@ crypto_strongest_rand_fallback(uint8_t *out, size_t out_len)
fd = open(sandbox_intern_string(filenames[i]), O_RDONLY, 0);
if (fd<0) continue;
log_info(LD_CRYPTO, "Reading entropy from \"%s\"", filenames[i]);
n = read_all(fd, (char*)out, out_len, 0);
n = read_all_from_fd(fd, (char*)out, out_len);
close(fd);
if (n != out_len) {
/* LCOV_EXCL_START

View File

@ -13,8 +13,9 @@
#ifndef TOR_CRYPTO_RAND_H
#define TOR_CRYPTO_RAND_H
#include "lib/cc/compat_compiler.h"
#include "lib/cc/torint.h"
#include "common/util.h"
#include "lib/testsupport/testsupport.h"
/* random numbers */
int crypto_seed_rng(void) ATTR_WUR;
@ -49,4 +50,3 @@ extern int break_strongest_rng_fallback;
#endif /* defined(CRYPTO_RAND_PRIVATE) */
#endif /* !defined(TOR_CRYPTO_RAND_H) */

View File

@ -17,6 +17,9 @@
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_rsa.h"
#include "lib/crypt_ops/crypto_util.h"
#include "lib/ctime/di_ops.h"
#include "lib/log/util_bug.h"
#include "lib/fs/files.h"
DISABLE_GCC_WARNING(redundant-decls)
@ -34,9 +37,10 @@ DISABLE_GCC_WARNING(redundant-decls)
ENABLE_GCC_WARNING(redundant-decls)
#include "lib/log/torlog.h"
#include "common/util.h"
#include "lib/encoding/binascii.h"
#include <string.h>
/** Declaration for crypto_pk_t structure. */
struct crypto_pk_t
{
@ -1159,4 +1163,3 @@ crypto_pk_base64_decode(const char *str, size_t len)
tor_free(der);
return pk;
}

View File

@ -16,11 +16,8 @@
#include "orconfig.h"
#include "lib/crypt_ops/crypto_digest.h"
#include <stdio.h>
#include "lib/cc/torint.h"
#include "lib/testsupport/testsupport.h"
#include "common/compat.h"
#include "common/util.h"
#include "lib/log/torlog.h"
/** Length of our public keys. */
@ -116,4 +113,3 @@ void crypto_pk_assign_(crypto_pk_t *dest, const crypto_pk_t *src);
#endif
#endif

View File

@ -12,14 +12,14 @@
#define CRYPTO_S2K_PRIVATE
#include "common/compat.h"
#include "lib/crypt_ops/crypto.h"
#include "lib/crypt_ops/crypto_digest.h"
#include "lib/crypt_ops/crypto_hkdf.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_s2k.h"
#include "lib/crypt_ops/crypto_util.h"
#include "common/util.h"
#include "lib/ctime/di_ops.h"
#include "lib/log/util_bug.h"
#include <openssl/evp.h>
@ -28,6 +28,8 @@
#include <libscrypt.h>
#endif
#include <string.h>
/* Encoded secrets take the form:
u8 type;
@ -473,4 +475,3 @@ secret_to_key_check(const uint8_t *spec_and_key, size_t spec_and_key_len,
memwipe(buf, 0, sizeof(buf));
return rv;
}

View File

@ -14,6 +14,7 @@
#define CRYPTO_UTIL_PRIVATE
#include "lib/crypt_ops/crypto_util.h"
#include "lib/cc/compat_compiler.h"
#include <string.h>
@ -23,8 +24,6 @@
#include <wincrypt.h>
#endif /* defined(_WIN32) */
#include "common/util.h"
DISABLE_GCC_WARNING(redundant-decls)
#include <openssl/err.h>
@ -33,6 +32,7 @@ DISABLE_GCC_WARNING(redundant-decls)
ENABLE_GCC_WARNING(redundant-decls)
#include "lib/log/torlog.h"
#include "lib/log/util_bug.h"
/**
* Destroy the <b>sz</b> bytes of data stored at <b>mem</b>, setting them to
@ -127,4 +127,3 @@ crypto_log_errors(int severity, const char *doing)
}
}
#endif /* !defined(CRYPTO_UTIL_PRIVATE) */

View File

@ -1,13 +1,19 @@
orconfig.h
lib/arch/*.h
lib/cc/*.h
lib/ctime/*.h
lib/container/*.h
lib/crypt_ops/*.h
lib/intmath/*.h
lib/encoding/*.h
lib/err/*.h
lib/net/*.h
lib/string/*.h
lib/testsupport/testsupport.h
lib/tls/*.h
lib/log/*.h
ciphers.inc
# XXX I'd like to remove this.
common/*.h
# this shouldn't be in common
common/buffers.h

View File

@ -9,11 +9,11 @@
#include <stddef.h>
#include "common/buffers.h"
#include "lib/tls/buffers_tls.h"
#include "common/compat.h"
#include "common/util.h"
#include "lib/cc/torint.h"
#include "lib/log/torlog.h"
#include "lib/log/util_bug.h"
#include "lib/tls/tortls.h"
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif

View File

@ -28,7 +28,6 @@
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_dh.h"
#include "lib/crypt_ops/crypto_util.h"
#include "common/compat.h"
/* Some versions of OpenSSL declare SSL_get_selected_srtp_profile twice in
* srtp.h. Suppress the GCC warning so we can build with -Wredundant-decl. */
@ -53,11 +52,21 @@ ENABLE_GCC_WARNING(redundant-decls)
#define TORTLS_PRIVATE
#include "lib/tls/tortls.h"
#include "common/util.h"
#include "lib/log/torlog.h"
#include "lib/log/util_bug.h"
#include "lib/container/smartlist.h"
#include "lib/string/compat_string.h"
#include "lib/string/printf.h"
#include "lib/net/socket.h"
#include "lib/intmath/cmp.h"
#include "lib/ctime/di_ops.h"
#include "lib/encoding/time_fmt.h"
#include <stdlib.h>
#include <string.h>
#include "lib/arch/bytes.h"
#ifdef OPENSSL_1_1_API
#define X509_get_notBefore_const(cert) \
X509_get0_notBefore(cert)
@ -1392,7 +1401,7 @@ find_cipher_by_id(const SSL *ssl, const SSL_METHOD *m, uint16_t cipher)
{
unsigned char cipherid[3];
tor_assert(ssl);
set_uint16(cipherid, htons(cipher));
set_uint16(cipherid, tor_htons(cipher));
cipherid[2] = 0; /* If ssl23_get_cipher_by_char finds no cipher starting
* with a two-byte 'cipherid', it may look for a v2
* cipher with the appropriate 3 bytes. */
@ -1406,7 +1415,7 @@ find_cipher_by_id(const SSL *ssl, const SSL_METHOD *m, uint16_t cipher)
# if defined(HAVE_STRUCT_SSL_METHOD_ST_GET_CIPHER_BY_CHAR)
if (m && m->get_cipher_by_char) {
unsigned char cipherid[3];
set_uint16(cipherid, htons(cipher));
set_uint16(cipherid, tor_htons(cipher));
cipherid[2] = 0; /* If ssl23_get_cipher_by_char finds no cipher starting
* with a two-byte 'cipherid', it may look for a v2
* cipher with the appropriate 3 bytes. */

View File

@ -13,7 +13,6 @@
#include "lib/crypt_ops/crypto_rsa.h"
#include "lib/crypt_ops/compat_openssl.h"
#include "common/compat.h"
#include "lib/testsupport/testsupport.h"
/* Opaque structure to hold a TLS connection. */
@ -292,4 +291,3 @@ const char *tor_tls_get_ciphersuite_name(tor_tls_t *tls);
int evaluate_ecgroup_for_tls(const char *ecgroup);
#endif /* !defined(TOR_TORTLS_H) */

View File

@ -83,6 +83,7 @@
#include "common/token_bucket.h"
#include "lib/encoding/binascii.h"
#include "or/hs_circuitmap.h"
#include "common/util.h"
// These, more than other includes, are for keeping the other struct
// definitions working. We should remove them when we minimize our includes.

View File

@ -8,8 +8,13 @@
#include "or/parsecommon.h"
#include "lib/log/torlog.h"
#include "lib/log/util_bug.h"
#include "lib/encoding/binascii.h"
#include "lib/container/smartlist.h"
#include "lib/string/util_string.h"
#include "lib/string/printf.h"
#include <string.h>
#define MIN_ANNOTATION A_PURPOSE
#define MAX_ANNOTATION A_UNKNOWN_

View File

@ -11,6 +11,7 @@
#define UTIL_MALLOC_PRIVATE
#define SOCKET_PRIVATE
#define SUBPROCESS_PRIVATE
#include "lib/testsupport/testsupport.h"
#include "or/or.h"
#include "common/buffers.h"
#include "or/config.h"