mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-11 05:33:47 +01:00
Make a bunch of signature/digest-checking functions mockable
This commit is contained in:
Nick Mathewson
parent
60769e710f
commit
e2aeaeb76c
@ -1107,10 +1107,10 @@ crypto_pk_private_decrypt(crypto_pk_t *env, char *to,
|
||||
* <b>tolen</b> is the number of writable bytes in <b>to</b>, and must be
|
||||
* at least the length of the modulus of <b>env</b>.
|
||||
*/
|
||||
int
|
||||
crypto_pk_public_checksig(const crypto_pk_t *env, char *to,
|
||||
size_t tolen,
|
||||
const char *from, size_t fromlen)
|
||||
MOCK_IMPL(int,
|
||||
crypto_pk_public_checksig,(const crypto_pk_t *env, char *to,
|
||||
size_t tolen,
|
||||
const char *from, size_t fromlen))
|
||||
{
|
||||
int r;
|
||||
tor_assert(env);
|
||||
@ -1134,9 +1134,10 @@ crypto_pk_public_checksig(const crypto_pk_t *env, char *to,
|
||||
* in <b>env</b>. Return 0 if <b>sig</b> is a correct signature for
|
||||
* SHA1(data). Else return -1.
|
||||
*/
|
||||
int
|
||||
crypto_pk_public_checksig_digest(crypto_pk_t *env, const char *data,
|
||||
size_t datalen, const char *sig, size_t siglen)
|
||||
MOCK_IMPL(int,
|
||||
crypto_pk_public_checksig_digest,(crypto_pk_t *env, const char *data,
|
||||
size_t datalen, const char *sig,
|
||||
size_t siglen))
|
||||
{
|
||||
char digest[DIGEST_LEN];
|
||||
char *buf;
|
||||
|
||||
@ -178,10 +178,12 @@ int crypto_pk_public_encrypt(crypto_pk_t *env, char *to, size_t tolen,
|
||||
int crypto_pk_private_decrypt(crypto_pk_t *env, char *to, size_t tolen,
|
||||
const char *from, size_t fromlen,
|
||||
int padding, int warnOnFailure);
|
||||
int crypto_pk_public_checksig(const crypto_pk_t *env, char *to, size_t tolen,
|
||||
const char *from, size_t fromlen);
|
||||
int crypto_pk_public_checksig_digest(crypto_pk_t *env, const char *data,
|
||||
size_t datalen, const char *sig, size_t siglen);
|
||||
MOCK_DECL(int, crypto_pk_public_checksig,(const crypto_pk_t *env,
|
||||
char *to, size_t tolen,
|
||||
const char *from, size_t fromlen));
|
||||
MOCK_DECL(int, crypto_pk_public_checksig_digest,(crypto_pk_t *env,
|
||||
const char *data, size_t datalen,
|
||||
const char *sig, size_t siglen));
|
||||
int crypto_pk_private_sign(const crypto_pk_t *env, char *to, size_t tolen,
|
||||
const char *from, size_t fromlen);
|
||||
int crypto_pk_private_sign_digest(crypto_pk_t *env, char *to, size_t tolen,
|
||||
|
||||
@ -15,6 +15,7 @@
|
||||
* keys to and from the corresponding Curve25519 keys.
|
||||
*/
|
||||
|
||||
#define CRYPTO_ED25519_PRIVATE
|
||||
#include "orconfig.h"
|
||||
#ifdef HAVE_SYS_STAT_H
|
||||
#include <sys/stat.h>
|
||||
@ -34,7 +35,6 @@
|
||||
#include <openssl/sha.h>
|
||||
|
||||
static void pick_ed25519_impl(void);
|
||||
static int ed25519_impl_spot_check(void);
|
||||
|
||||
/** An Ed25519 implementation, as a set of function pointers. */
|
||||
typedef struct {
|
||||
@ -308,10 +308,10 @@ ed25519_sign_prefixed,(ed25519_signature_t *signature_out,
|
||||
*
|
||||
* Return 0 if the signature is valid; -1 if it isn't.
|
||||
*/
|
||||
int
|
||||
ed25519_checksig(const ed25519_signature_t *signature,
|
||||
const uint8_t *msg, size_t len,
|
||||
const ed25519_public_key_t *pubkey)
|
||||
MOCK_IMPL(int,
|
||||
ed25519_checksig,(const ed25519_signature_t *signature,
|
||||
const uint8_t *msg, size_t len,
|
||||
const ed25519_public_key_t *pubkey))
|
||||
{
|
||||
return
|
||||
get_ed_impl()->open(signature->sig, msg, len, pubkey->pubkey) < 0 ? -1 : 0;
|
||||
@ -354,10 +354,10 @@ ed25519_checksig_prefixed(const ed25519_signature_t *signature,
|
||||
* was valid. Otherwise return -N, where N is the number of invalid
|
||||
* signatures.
|
||||
*/
|
||||
int
|
||||
ed25519_checksig_batch(int *okay_out,
|
||||
const ed25519_checkable_t *checkable,
|
||||
int n_checkable)
|
||||
MOCK_IMPL(int,
|
||||
ed25519_checksig_batch,(int *okay_out,
|
||||
const ed25519_checkable_t *checkable,
|
||||
int n_checkable))
|
||||
{
|
||||
int i, res;
|
||||
const ed25519_impl_t *impl = get_ed_impl();
|
||||
@ -642,8 +642,8 @@ ed25519_pubkey_copy(ed25519_public_key_t *dest,
|
||||
|
||||
/** Check whether the given Ed25519 implementation seems to be working.
|
||||
* If so, return 0; otherwise return -1. */
|
||||
static int
|
||||
ed25519_impl_spot_check(void)
|
||||
MOCK_IMPL(STATIC int,
|
||||
ed25519_impl_spot_check,(void))
|
||||
{
|
||||
static const uint8_t alicesk[32] = {
|
||||
0xc5,0xaa,0x8d,0xf4,0x3f,0x9f,0x83,0x7b,
|
||||
|
||||
@ -51,9 +51,9 @@ int ed25519_keypair_generate(ed25519_keypair_t *keypair_out, int extra_strong);
|
||||
int ed25519_sign(ed25519_signature_t *signature_out,
|
||||
const uint8_t *msg, size_t len,
|
||||
const ed25519_keypair_t *key);
|
||||
int ed25519_checksig(const ed25519_signature_t *signature,
|
||||
const uint8_t *msg, size_t len,
|
||||
const ed25519_public_key_t *pubkey);
|
||||
MOCK_DECL(int,ed25519_checksig,(const ed25519_signature_t *signature,
|
||||
const uint8_t *msg, size_t len,
|
||||
const ed25519_public_key_t *pubkey));
|
||||
|
||||
MOCK_DECL(int,
|
||||
ed25519_sign_prefixed,(ed25519_signature_t *signature_out,
|
||||
@ -84,9 +84,9 @@ typedef struct {
|
||||
size_t len;
|
||||
} ed25519_checkable_t;
|
||||
|
||||
int ed25519_checksig_batch(int *okay_out,
|
||||
const ed25519_checkable_t *checkable,
|
||||
int n_checkable);
|
||||
MOCK_DECL(int, ed25519_checksig_batch,(int *okay_out,
|
||||
const ed25519_checkable_t *checkable,
|
||||
int n_checkable));
|
||||
|
||||
int ed25519_keypair_from_curve25519_keypair(ed25519_keypair_t *out,
|
||||
int *signbit_out,
|
||||
@ -132,5 +132,9 @@ void crypto_ed25519_testing_force_impl(const char *name);
|
||||
void crypto_ed25519_testing_restore_impl(void);
|
||||
#endif
|
||||
|
||||
#ifdef CRYPTO_ED25519_PRIVATE
|
||||
MOCK_DECL(STATIC int, ed25519_impl_spot_check, (void));
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
@ -1207,12 +1207,12 @@ make_tap_onion_key_crosscert(const crypto_pk_t *onion_key,
|
||||
|
||||
/** Check whether an RSA-TAP cross-certification is correct. Return 0 if it
|
||||
* is, -1 if it isn't. */
|
||||
int
|
||||
check_tap_onion_key_crosscert(const uint8_t *crosscert,
|
||||
int crosscert_len,
|
||||
const crypto_pk_t *onion_pkey,
|
||||
const ed25519_public_key_t *master_id_pkey,
|
||||
const uint8_t *rsa_id_digest)
|
||||
MOCK_IMPL(int,
|
||||
check_tap_onion_key_crosscert,(const uint8_t *crosscert,
|
||||
int crosscert_len,
|
||||
const crypto_pk_t *onion_pkey,
|
||||
const ed25519_public_key_t *master_id_pkey,
|
||||
const uint8_t *rsa_id_digest))
|
||||
{
|
||||
uint8_t *cc = tor_malloc(crypto_pk_keysize(onion_pkey));
|
||||
int cc_len =
|
||||
|
||||
@ -57,11 +57,11 @@ uint8_t *make_tap_onion_key_crosscert(const crypto_pk_t *onion_key,
|
||||
const crypto_pk_t *rsa_id_key,
|
||||
int *len_out);
|
||||
|
||||
int check_tap_onion_key_crosscert(const uint8_t *crosscert,
|
||||
MOCK_DECL(int, check_tap_onion_key_crosscert,(const uint8_t *crosscert,
|
||||
int crosscert_len,
|
||||
const crypto_pk_t *onion_pkey,
|
||||
const ed25519_public_key_t *master_id_pkey,
|
||||
const uint8_t *rsa_id_digest);
|
||||
const uint8_t *rsa_id_digest));
|
||||
|
||||
int load_ed_keys(const or_options_t *options, time_t now);
|
||||
int should_make_new_ed_keys(const or_options_t *options, const time_t now);
|
||||
|
||||
@ -863,8 +863,8 @@ dump_desc_populate_fifo_from_directory(const char *dirname)
|
||||
* type *<b>type</b> to file $DATADIR/unparseable-desc. Do not write more
|
||||
* than one descriptor to disk per minute. If there is already such a
|
||||
* file in the data directory, overwrite it. */
|
||||
STATIC void
|
||||
dump_desc(const char *desc, const char *type)
|
||||
MOCK_IMPL(STATIC void,
|
||||
dump_desc,(const char *desc, const char *type))
|
||||
{
|
||||
tor_assert(desc);
|
||||
tor_assert(type);
|
||||
@ -4508,13 +4508,24 @@ router_get_hash_impl(const char *s, size_t s_len, char *digest,
|
||||
&start,&end)<0)
|
||||
return -1;
|
||||
|
||||
return router_compute_hash_final(digest, start, end-start, alg);
|
||||
}
|
||||
|
||||
/** Compute the digest of the <b>len</b>-byte directory object at
|
||||
* <b>start</b>, using <b>alg</b>. Store the result in <b>digest</b>, which
|
||||
* must be long enough to hold it. */
|
||||
MOCK_IMPL(STATIC int,
|
||||
router_compute_hash_final,(char *digest,
|
||||
const char *start, size_t len,
|
||||
digest_algorithm_t alg))
|
||||
{
|
||||
if (alg == DIGEST_SHA1) {
|
||||
if (crypto_digest(digest, start, end-start) < 0) {
|
||||
if (crypto_digest(digest, start, len) < 0) {
|
||||
log_warn(LD_BUG,"couldn't compute digest");
|
||||
return -1;
|
||||
}
|
||||
} else {
|
||||
if (crypto_digest256(digest, start, end-start, alg) < 0) {
|
||||
if (crypto_digest256(digest, start, len, alg) < 0) {
|
||||
log_warn(LD_BUG,"couldn't compute digest");
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -110,7 +110,6 @@ STATIC int routerstatus_parse_guardfraction(const char *guardfraction_str,
|
||||
MOCK_DECL(STATIC dumped_desc_t *, dump_desc_populate_one_file,
|
||||
(const char *dirname, const char *f));
|
||||
STATIC void dump_desc_populate_fifo_from_directory(const char *dirname);
|
||||
STATIC void dump_desc(const char *desc, const char *type);
|
||||
STATIC void dump_desc_fifo_cleanup(void);
|
||||
struct memarea_t;
|
||||
STATIC routerstatus_t *routerstatus_parse_entry_from_string(
|
||||
@ -120,6 +119,10 @@ STATIC routerstatus_t *routerstatus_parse_entry_from_string(
|
||||
vote_routerstatus_t *vote_rs,
|
||||
int consensus_method,
|
||||
consensus_flavor_t flav);
|
||||
MOCK_DECL(STATIC void,dump_desc,(const char *desc, const char *type));
|
||||
MOCK_DECL(STATIC int, router_compute_hash_final,(char *digest,
|
||||
const char *start, size_t len,
|
||||
digest_algorithm_t alg));
|
||||
#endif
|
||||
|
||||
#define ED_DESC_SIGNATURE_PREFIX "Tor router descriptor signature v1"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user