From e72a5b3c070451e7762b1d22553cf077c50eb123 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Thu, 28 Aug 2014 12:04:22 -0400 Subject: [PATCH] Move secret-to-key functionality into a separate module I'm about to add more of these, so we might as well trudge forward. --- src/common/crypto.c | 44 ---------------------------------- src/common/crypto_s2k.c | 53 +++++++++++++++++++++++++++++++++++++++++ src/common/include.am | 1 + 3 files changed, 54 insertions(+), 44 deletions(-) create mode 100644 src/common/crypto_s2k.c diff --git a/src/common/crypto.c b/src/common/crypto.c index a3e767e6f5..fa91f6dd82 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -3001,50 +3001,6 @@ base32_decode(char *dest, size_t destlen, const char *src, size_t srclen) return 0; } -/** Implement RFC2440-style iterated-salted S2K conversion: convert the - * secret_len-byte secret into a key_out_len byte - * key_out. As in RFC2440, the first 8 bytes of s2k_specifier - * are a salt; the 9th byte describes how much iteration to do. - * Does not support key_out_len > DIGEST_LEN. - */ -void -secret_to_key_rfc2440(char *key_out, size_t key_out_len, const char *secret, - size_t secret_len, const char *s2k_specifier) -{ - crypto_digest_t *d; - uint8_t c; - size_t count, tmplen; - char *tmp; - tor_assert(key_out_len < SIZE_T_CEILING); - -#define EXPBIAS 6 - c = s2k_specifier[8]; - count = ((uint32_t)16 + (c & 15)) << ((c >> 4) + EXPBIAS); -#undef EXPBIAS - - tor_assert(key_out_len <= DIGEST_LEN); - - d = crypto_digest_new(); - tmplen = 8+secret_len; - tmp = tor_malloc(tmplen); - memcpy(tmp,s2k_specifier,8); - memcpy(tmp+8,secret,secret_len); - secret_len += 8; - while (count) { - if (count >= secret_len) { - crypto_digest_add_bytes(d, tmp, secret_len); - count -= secret_len; - } else { - crypto_digest_add_bytes(d, tmp, count); - count = 0; - } - } - crypto_digest_get_digest(d, key_out, key_out_len); - memwipe(tmp, 0, tmplen); - tor_free(tmp); - crypto_digest_free(d); -} - /** * Destroy the sz bytes of data stored at mem, setting them to * the value byte. diff --git a/src/common/crypto_s2k.c b/src/common/crypto_s2k.c new file mode 100644 index 0000000000..669ee5301b --- /dev/null +++ b/src/common/crypto_s2k.c @@ -0,0 +1,53 @@ +/* Copyright (c) 2001, Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2013, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "crypto.h" +#include "util.h" +#include "compat.h" + +/** Implement RFC2440-style iterated-salted S2K conversion: convert the + * secret_len-byte secret into a key_out_len byte + * key_out. As in RFC2440, the first 8 bytes of s2k_specifier + * are a salt; the 9th byte describes how much iteration to do. + * Does not support key_out_len > DIGEST_LEN. + */ +void +secret_to_key_rfc2440(char *key_out, size_t key_out_len, const char *secret, + size_t secret_len, const char *s2k_specifier) +{ + crypto_digest_t *d; + uint8_t c; + size_t count, tmplen; + char *tmp; + tor_assert(key_out_len < SIZE_T_CEILING); + +#define EXPBIAS 6 + c = s2k_specifier[8]; + count = ((uint32_t)16 + (c & 15)) << ((c >> 4) + EXPBIAS); +#undef EXPBIAS + + tor_assert(key_out_len <= DIGEST_LEN); + + d = crypto_digest_new(); + tmplen = 8+secret_len; + tmp = tor_malloc(tmplen); + memcpy(tmp,s2k_specifier,8); + memcpy(tmp+8,secret,secret_len); + secret_len += 8; + while (count) { + if (count >= secret_len) { + crypto_digest_add_bytes(d, tmp, secret_len); + count -= secret_len; + } else { + crypto_digest_add_bytes(d, tmp, count); + count = 0; + } + } + crypto_digest_get_digest(d, key_out, key_out_len); + memwipe(tmp, 0, tmplen); + tor_free(tmp); + crypto_digest_free(d); +} diff --git a/src/common/include.am b/src/common/include.am index 68e0110c26..7a8cc5ce8b 100644 --- a/src/common/include.am +++ b/src/common/include.am @@ -75,6 +75,7 @@ LIBOR_A_SOURCES = \ LIBOR_CRYPTO_A_SOURCES = \ src/common/aes.c \ src/common/crypto.c \ + src/common/crypto_s2k.c \ src/common/crypto_format.c \ src/common/torgzip.c \ src/common/tortls.c \