mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 13:13:44 +01:00
Merge commit 'public/android'
This commit is contained in:
commit
da990d09c3
@ -46,6 +46,8 @@ Changes in version 0.2.2.4-alpha - 2009-10-10
|
||||
can run tests in their own processes, have smarter setup/teardown
|
||||
code, and so on. The unit test code has moved to its own
|
||||
subdirectory, and has been split into multiple modules.
|
||||
- Numerous fixes from Nathan Freitas so that Tor can build correctly for
|
||||
Android phones.
|
||||
|
||||
|
||||
Changes in version 0.2.2.3-alpha - 2009-09-23
|
||||
|
@ -50,9 +50,9 @@
|
||||
|
||||
#define CRYPTO_PRIVATE
|
||||
#include "crypto.h"
|
||||
#include "log.h"
|
||||
#include "../common/log.h"
|
||||
#include "aes.h"
|
||||
#include "util.h"
|
||||
#include "../common/util.h"
|
||||
#include "container.h"
|
||||
#include "compat.h"
|
||||
|
||||
@ -62,6 +62,11 @@
|
||||
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#ifdef ANDROID
|
||||
/* Android's OpenSSL seems to have removed all of its Engine support. */
|
||||
#define DISABLE_ENGINES
|
||||
#endif
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x00908000l
|
||||
/* On OpenSSL versions before 0.9.8, there is no working SHA256
|
||||
* implementation, so we use Tom St Denis's nice speedy one, slightly adapted
|
||||
@ -174,6 +179,7 @@ crypto_log_errors(int severity, const char *doing)
|
||||
}
|
||||
}
|
||||
|
||||
#ifndef DISABLE_ENGINES
|
||||
/** Log any OpenSSL engines we're using at NOTICE. */
|
||||
static void
|
||||
log_engine(const char *fn, ENGINE *e)
|
||||
@ -188,7 +194,9 @@ log_engine(const char *fn, ENGINE *e)
|
||||
log(LOG_INFO, LD_CRYPTO, "Using default implementation for %s", fn);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef DISABLE_ENGINES
|
||||
/** Try to load an engine in a shared library via fully qualified path.
|
||||
*/
|
||||
static ENGINE *
|
||||
@ -206,6 +214,7 @@ try_load_engine(const char *path, const char *engine)
|
||||
}
|
||||
return e;
|
||||
}
|
||||
#endif
|
||||
|
||||
/** Initialize the crypto library. Return 0 on success, -1 on failure.
|
||||
*/
|
||||
@ -218,10 +227,17 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir)
|
||||
_crypto_global_initialized = 1;
|
||||
setup_openssl_threading();
|
||||
if (useAccel > 0) {
|
||||
#ifdef DISABLE_ENGINES
|
||||
(void)accelName;
|
||||
(void)accelDir;
|
||||
log_warn(LD_CRYPTO, "No OpenSSL hardware acceleration support enabled.");
|
||||
#else
|
||||
ENGINE *e = NULL;
|
||||
|
||||
log_info(LD_CRYPTO, "Initializing OpenSSL engine support.");
|
||||
ENGINE_load_builtin_engines();
|
||||
ENGINE_register_all_complete();
|
||||
|
||||
if (accelName) {
|
||||
if (accelDir) {
|
||||
log_info(LD_CRYPTO, "Trying to load dynamic OpenSSL engine \"%s\""
|
||||
@ -251,6 +267,7 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir)
|
||||
log_engine("SHA1", ENGINE_get_digest_engine(NID_sha1));
|
||||
log_engine("3DES", ENGINE_get_cipher_engine(NID_des_ede3_ecb));
|
||||
log_engine("AES", ENGINE_get_cipher_engine(NID_aes_128_ecb));
|
||||
#endif
|
||||
} else {
|
||||
log_info(LD_CRYPTO, "NOT using OpenSSL engine support.");
|
||||
}
|
||||
@ -274,7 +291,11 @@ crypto_global_cleanup(void)
|
||||
EVP_cleanup();
|
||||
ERR_remove_state(0);
|
||||
ERR_free_strings();
|
||||
|
||||
#ifndef DISABLE_ENGINES
|
||||
ENGINE_cleanup();
|
||||
#endif
|
||||
|
||||
CONF_modules_unload(1);
|
||||
CRYPTO_cleanup_all_ex_data();
|
||||
#ifdef TOR_IS_MULTITHREADED
|
||||
@ -316,7 +337,8 @@ _crypto_new_pk_env_evp_pkey(EVP_PKEY *pkey)
|
||||
return _crypto_new_pk_env_rsa(rsa);
|
||||
}
|
||||
|
||||
/** Helper, used by tor-checkkey.c. Return the RSA from a crypto_pk_env_t. */
|
||||
/** Helper, used by tor-checkkey.c and tor-gencert.c. Return the RSA from a
|
||||
* crypto_pk_env_t. */
|
||||
RSA *
|
||||
_crypto_pk_env_get_rsa(crypto_pk_env_t *env)
|
||||
{
|
||||
@ -451,11 +473,11 @@ crypto_free_cipher_env(crypto_cipher_env_t *env)
|
||||
|
||||
/* public key crypto */
|
||||
|
||||
/** Generate a new public/private keypair in <b>env</b>. Return 0 on
|
||||
* success, -1 on failure.
|
||||
/** Generate a <b>bits</b>-bit new public/private keypair in <b>env</b>.
|
||||
* Return 0 on success, -1 on failure.
|
||||
*/
|
||||
int
|
||||
crypto_pk_generate_key(crypto_pk_env_t *env)
|
||||
crypto_pk_generate_key_with_bits(crypto_pk_env_t *env, int bits)
|
||||
{
|
||||
tor_assert(env);
|
||||
|
||||
@ -463,7 +485,7 @@ crypto_pk_generate_key(crypto_pk_env_t *env)
|
||||
RSA_free(env->key);
|
||||
#if OPENSSL_VERSION_NUMBER < 0x00908000l
|
||||
/* In OpenSSL 0.9.7, RSA_generate_key is all we have. */
|
||||
env->key = RSA_generate_key(PK_BYTES*8,65537, NULL, NULL);
|
||||
env->key = RSA_generate_key(bits, 65537, NULL, NULL);
|
||||
#else
|
||||
/* In OpenSSL 0.9.8, RSA_generate_key is deprecated. */
|
||||
{
|
||||
@ -476,7 +498,7 @@ crypto_pk_generate_key(crypto_pk_env_t *env)
|
||||
r = RSA_new();
|
||||
if (!r)
|
||||
goto done;
|
||||
if (RSA_generate_key_ex(r, PK_BYTES*8, e, NULL) == -1)
|
||||
if (RSA_generate_key_ex(r, bits, e, NULL) == -1)
|
||||
goto done;
|
||||
|
||||
env->key = r;
|
||||
|
@ -86,7 +86,9 @@ crypto_cipher_env_t *crypto_new_cipher_env(void);
|
||||
void crypto_free_cipher_env(crypto_cipher_env_t *env);
|
||||
|
||||
/* public key crypto */
|
||||
int crypto_pk_generate_key(crypto_pk_env_t *env);
|
||||
int crypto_pk_generate_key_with_bits(crypto_pk_env_t *env, int bits);
|
||||
#define crypto_pk_generate_key(env) \
|
||||
crypto_pk_generate_key_with_bits((env), (PK_BYTES*8))
|
||||
|
||||
int crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env,
|
||||
const char *keyfile);
|
||||
|
@ -12,6 +12,8 @@
|
||||
**/
|
||||
#define BUFFERS_PRIVATE
|
||||
#include "or.h"
|
||||
#include "../common/util.h"
|
||||
#include "../common/log.h"
|
||||
#ifdef HAVE_UNISTD_H
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
|
@ -31,6 +31,7 @@
|
||||
*/
|
||||
|
||||
#include "eventdns_tor.h"
|
||||
#include "../common/util.h"
|
||||
#include <sys/types.h>
|
||||
/* #define NDEBUG */
|
||||
|
||||
|
@ -82,7 +82,7 @@
|
||||
|
||||
#include "crypto.h"
|
||||
#include "tortls.h"
|
||||
#include "log.h"
|
||||
#include "../common/log.h"
|
||||
#include "compat.h"
|
||||
#include "container.h"
|
||||
#include "util.h"
|
||||
|
@ -7,7 +7,7 @@
|
||||
#include <stdlib.h>
|
||||
#include "crypto.h"
|
||||
#include "log.h"
|
||||
#include "util.h"
|
||||
#include "../common/util.h"
|
||||
#include "compat.h"
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/rsa.h>
|
||||
|
@ -13,6 +13,7 @@
|
||||
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/rsa.h>
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/obj_mac.h>
|
||||
#include <openssl/err.h>
|
||||
@ -27,8 +28,8 @@
|
||||
#define CRYPTO_PRIVATE
|
||||
|
||||
#include "compat.h"
|
||||
#include "util.h"
|
||||
#include "log.h"
|
||||
#include "../common/util.h"
|
||||
#include "../common/log.h"
|
||||
#include "crypto.h"
|
||||
#include "address.h"
|
||||
|
||||
@ -218,6 +219,20 @@ parse_commandline(int argc, char **argv)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static RSA *
|
||||
generate_key(int bits)
|
||||
{
|
||||
RSA *rsa = NULL;
|
||||
crypto_pk_env_t *env = crypto_new_pk_env();
|
||||
if (crypto_pk_generate_key_with_bits(env,bits)<0)
|
||||
goto done;
|
||||
rsa = _crypto_pk_env_get_rsa(env);
|
||||
rsa = RSAPrivateKey_dup(rsa);
|
||||
done:
|
||||
crypto_free_pk_env(env);
|
||||
return rsa;
|
||||
}
|
||||
|
||||
/** Try to read the identity key from <b>identity_key_file</b>. If no such
|
||||
* file exists and create_identity_key is set, make a new identity key and
|
||||
* store it. Return 0 on success, nonzero on failure.
|
||||
@ -238,7 +253,7 @@ load_identity_key(void)
|
||||
}
|
||||
log_notice(LD_GENERAL, "Generating %d-bit RSA identity key.",
|
||||
IDENTITY_KEY_BITS);
|
||||
if (!(key = RSA_generate_key(IDENTITY_KEY_BITS, 65537, NULL, NULL))) {
|
||||
if (!(key = generate_key(IDENTITY_KEY_BITS))) {
|
||||
log_err(LD_GENERAL, "Couldn't generate identity key.");
|
||||
crypto_log_errors(LOG_ERR, "Generating identity key");
|
||||
return 1;
|
||||
@ -323,7 +338,7 @@ generate_signing_key(void)
|
||||
RSA *key;
|
||||
log_notice(LD_GENERAL, "Generating %d-bit RSA signing key.",
|
||||
SIGNING_KEY_BITS);
|
||||
if (!(key = RSA_generate_key(SIGNING_KEY_BITS, 65537, NULL, NULL))) {
|
||||
if (!(key = generate_key(SIGNING_KEY_BITS))) {
|
||||
log_err(LD_GENERAL, "Couldn't generate signing key.");
|
||||
crypto_log_errors(LOG_ERR, "Generating signing key");
|
||||
return 1;
|
||||
|
@ -6,9 +6,9 @@
|
||||
#include "orconfig.h"
|
||||
|
||||
#include "compat.h"
|
||||
#include "util.h"
|
||||
#include "../common/util.h"
|
||||
#include "address.h"
|
||||
#include "log.h"
|
||||
#include "../common/log.h"
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
Loading…
Reference in New Issue
Block a user