mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-14 07:03:44 +01:00
Merge branch 'ticket28851_035_squashed' into maint-0.3.5
This commit is contained in:
commit
abdc6aede2
4
changes/ticket28851
Normal file
4
changes/ticket28851
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
o Minor features (performance):
|
||||||
|
- Stop re-validating our hardcoded Diffie-Hellman parameters on every
|
||||||
|
startup. Doing this wasted time and cycles, especially on low-powered
|
||||||
|
devices. Closes ticket 28851.
|
@ -45,6 +45,8 @@ static BIGNUM *dh_param_p_tls = NULL;
|
|||||||
/** Shared G parameter for our DH key exchanges. */
|
/** Shared G parameter for our DH key exchanges. */
|
||||||
static BIGNUM *dh_param_g = NULL;
|
static BIGNUM *dh_param_g = NULL;
|
||||||
|
|
||||||
|
/* This function is disabled unless we change the DH parameters. */
|
||||||
|
#if 0
|
||||||
/** Validate a given set of Diffie-Hellman parameters. This is moderately
|
/** Validate a given set of Diffie-Hellman parameters. This is moderately
|
||||||
* computationally expensive (milliseconds), so should only be called when
|
* computationally expensive (milliseconds), so should only be called when
|
||||||
* the DH parameters change. Returns 0 on success, * -1 on failure.
|
* the DH parameters change. Returns 0 on success, * -1 on failure.
|
||||||
@ -98,6 +100,7 @@ crypto_validate_dh_params(const BIGNUM *p, const BIGNUM *g)
|
|||||||
DH_free(dh);
|
DH_free(dh);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Helper: convert <b>hex<b> to a bignum, and return it. Assert that the
|
* Helper: convert <b>hex<b> to a bignum, and return it. Assert that the
|
||||||
@ -151,8 +154,11 @@ crypto_dh_init_openssl(void)
|
|||||||
dh_param_p = bignum_from_hex(OAKLEY_PRIME_2);
|
dh_param_p = bignum_from_hex(OAKLEY_PRIME_2);
|
||||||
dh_param_p_tls = bignum_from_hex(TLS_DH_PRIME);
|
dh_param_p_tls = bignum_from_hex(TLS_DH_PRIME);
|
||||||
|
|
||||||
|
/* Checks below are disabled unless we change the hardcoded DH parameters. */
|
||||||
|
#if 0
|
||||||
tor_assert(0 == crypto_validate_dh_params(dh_param_p, dh_param_g));
|
tor_assert(0 == crypto_validate_dh_params(dh_param_p, dh_param_g));
|
||||||
tor_assert(0 == crypto_validate_dh_params(dh_param_p_tls, dh_param_g));
|
tor_assert(0 == crypto_validate_dh_params(dh_param_p_tls, dh_param_g));
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Number of bits to use when choosing the x or y value in a Diffie-Hellman
|
/** Number of bits to use when choosing the x or y value in a Diffie-Hellman
|
||||||
|
Loading…
Reference in New Issue
Block a user