Nick Mathewson
dcf69a9e12
New function to get all digests of a public key
2011-10-10 23:14:02 -04:00
Nick Mathewson
12f9c91c06
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-06-03 11:36:21 -04:00
Nick Mathewson
bbf2fee8ff
Reject 128-byte keys that are not 1024-bit
...
When we added the check for key size, we required that the keys be
128 bytes. But RSA_size (which defers to BN_num_bytes) will return
128 for keys of length 1017..1024. This patch adds a new
crypto_pk_num_bits() that returns the actual number of significant
bits in the modulus, and uses that to enforce key sizes.
Also, credit the original bug3318 in the changes file.
2011-06-03 11:31:19 -04:00
Nick Mathewson
03ccce6d77
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-05-16 14:50:53 -04:00
Nick Mathewson
e908e3a332
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
...
Fixed trivial conflict due to headers moving into their own .h files
from or.h.
Conflicts:
src/or/or.h
2011-05-16 14:49:55 -04:00
Nick Mathewson
4a22046c86
squash! Add crypto_pk_check_key_public_exponent function
...
Rename crypto_pk_check_key_public_exponent to crypto_pk_public_exponent_ok:
it's nice to name predicates s.t. you can tell how to interpret true
and false.
2011-05-16 14:45:06 -04:00
Robert Ransom
d2629f78a0
Add crypto_pk_check_key_public_exponent function
2011-05-16 14:07:34 -04:00
Nick Mathewson
50c259d763
Make the DH parameter we use for TLS match the one from Apache's mod_ssl
...
Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged. This is yet another small step on the path of
protocol fingerprinting resistance.
(Backport from 0.2.2's 5ed73e3807
)
2011-02-10 15:55:06 -05:00
Nick Mathewson
912b76a1bf
Merge remote branch 'origin/maint-0.2.2'
2011-02-03 13:56:37 -05:00
Nick Mathewson
c939c953ae
Remove an unused function in crypto.c
2011-01-25 18:07:02 -05:00
Nick Mathewson
aaa5737a2e
Merge remote branch 'origin/maint-0.2.2'
2011-01-24 17:51:52 -05:00
Nick Mathewson
5ed73e3807
Make the DH parameter we use for TLS match the one from Apache's mod_ssl
...
Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged. This is yet another small step on the path of
protocol fingerprinting resistance.
2011-01-24 16:50:11 -05:00
Nick Mathewson
1758ef51de
Merge remote branch 'origin/maint-0.2.2'
2011-01-15 13:26:02 -05:00
Nick Mathewson
1393985768
Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
...
Conflicts:
src/or/routerparse.c
src/or/test.c
2011-01-15 13:25:13 -05:00
Nick Mathewson
b97b0efec8
Merge branch 'bug2352_obsize' into maint-0.2.1
2011-01-15 13:15:06 -05:00
Nick Mathewson
1b8f2ef550
Merge remote branch 'origin/maint-0.2.2'
2011-01-15 12:03:44 -05:00
Nick Mathewson
ed87738ede
Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
...
Conflicts:
src/or/config.c
src/or/networkstatus.c
src/or/rendcommon.c
src/or/routerparse.c
src/or/test.c
2011-01-15 12:02:55 -05:00
Nick Mathewson
115782bdbe
Fix a heap overflow found by debuger, and make it harder to make that mistake again
...
Our public key functions assumed that they were always writing into a
large enough buffer. In one case, they weren't.
(Incorporates fixes from sebastian)
2011-01-15 11:49:25 -05:00
Nick Mathewson
729f404efe
Add logic in routerparse to not read overlong private keys
...
I am not at all sure that it is possible to trigger a bug here,
but better safe than sorry.
2011-01-10 12:07:34 -05:00
Nick Mathewson
8730884ebe
Merge remote branch 'origin/maint-0.2.2'
2011-01-03 11:53:28 -05:00
Nick Mathewson
f1de329e78
Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
...
Conflicts:
src/common/test.h
src/or/test.c
2011-01-03 11:51:17 -05:00
Nick Mathewson
1a07348a50
Bump copyright statements to 2011
2011-01-03 11:50:39 -05:00
Nick Mathewson
a16ed90ec8
Document and/or fix stuff found by Sebastian in code review
...
Thanks to Sebastian for his code-review of the bufferevents patch series.x
2010-09-27 14:22:18 -04:00
Nick Mathewson
006e2e8620
Add a function to return a double in range [0,1).
2010-06-22 21:30:26 -04:00
Nick Mathewson
b006e3279f
Merge remote branch 'origin/maint-0.2.1'
...
Conflicts:
src/common/test.h
src/or/test.c
2010-02-27 17:16:31 -05:00
Nick Mathewson
c3e63483b2
Update Tor Project copyright years
2010-02-27 17:14:21 -05:00
Sebastian Hahn
70abd843fd
crypto_cipher_set_key cannot fail
...
In 5e4d53d535
we made it so that
crypto_cipher_set_key cannot fail. The call will now
always succeed, to returning a boolean for success/failure makes
no sense.
2009-10-27 04:31:23 +01:00
Karsten Loesing
d2b4b49ff0
Reduce log level for someone else sending us weak DH keys.
...
See task 1114. The most plausible explanation for someone sending us weak
DH keys is that they experiment with their Tor code or implement a new Tor
client. Usually, we don't care about such events, especially not on warn
level. If we really care about someone not following the Tor protocol, we
can set ProtocolWarnings to 1.
2009-10-25 23:47:05 -07:00
Nick Mathewson
5576a3a094
Parse detached signature documents with multiple flavors and algorithms.
2009-10-15 15:17:13 -04:00
Nick Mathewson
3b2fc659a8
Refactor consensus signature storage for multiple digests and flavors.
...
This patch introduces a new type called document_signature_t to represent the
signature of a consensus document. Now, each consensus document can have up
to one document signature per voter per digest algorithm. Also, each
detached-signatures document can have up to one signature per <voter,
algorithm, flavor>.
2009-10-15 15:17:13 -04:00
Nick Mathewson
8d41e6c471
Support for encoding and decoding 256-bit digests in base64
2009-10-15 15:17:12 -04:00
Nick Mathewson
cfba9c01bf
Alter keygen function to generate keys of different lengths.
2009-09-29 00:53:25 -04:00
Nick Mathewson
f57883a39e
Add basic support for SHA256.
...
This adds an openssl 0.9.8 dependency. Let's see if anybody cares.
2009-08-19 19:43:54 -04:00
Martin Peck
7703b887f5
Add support for dynamic OpenSSL hardware crypto acceleration engines.
2009-05-23 16:42:44 -07:00
Karsten Loesing
9b32e8c141
Update copyright to 2009.
2009-05-04 11:28:27 -04:00
Karsten Loesing
4ebcc4da34
Update copyright to 2009.
2009-05-02 22:00:54 +02:00
Nick Mathewson
c4b8fef362
Remove svn $Id$s from our source, and remove tor --version --version.
...
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed. They were not actually useful for
telling the version of Tor files in the wild.
svn:r17867
2009-01-04 00:35:51 +00:00
Nick Mathewson
e8a3fa91a6
Use a consistent naming standard for header file guard macros, taking care not to collide with any system headers. This tripped us up on Android.
...
svn:r17805
2008-12-29 02:21:02 +00:00
Nick Mathewson
1e5f457461
Fix most DOCDOCs remaining and/or added by redox.
...
svn:r17734
2008-12-22 17:53:04 +00:00
Nick Mathewson
1725c0c8a5
Add DOCDOC comments for all undocumented functions. Add missing *s to other comments so that they will get recognized as doxygen.
...
svn:r17729
2008-12-22 14:56:28 +00:00
Nick Mathewson
cebdf93949
Fix bug 889: share deep-copied keys between threads to avoid races in reference counts. Bugfix on 0.1.0.1-rc.
...
svn:r17672
2008-12-18 05:28:27 +00:00
Nick Mathewson
22259a0877
The first of Karsten's proposal 121 patches: configure and maintain client authorization data. Tweaked a bit: see comments on or-dev.
...
svn:r16475
2008-08-08 14:36:11 +00:00
Nick Mathewson
b7a80920e2
r15558@tombo: nickm | 2008-05-09 04:35:12 -0400
...
New (temporary) tool to dump the modulus of a key. May help with a project of weasel's.
svn:r14580
2008-05-09 08:35:38 +00:00
Nick Mathewson
b5b77f8bf3
r19004@catbus: nickm | 2008-03-21 15:18:43 -0400
...
Use RAND_poll() again: the bug that made us stop using it has been fixed.
svn:r14150
2008-03-21 19:18:57 +00:00
Nick Mathewson
e7db789e82
r14399@tombo: nickm | 2008-02-22 14:09:38 -0500
...
More 64-to-32 fixes. Partial backport candidate. still not done.
svn:r13680
2008-02-22 19:09:45 +00:00
Nick Mathewson
69300eb606
r14374@tombo: nickm | 2008-02-21 16:57:39 -0500
...
Fix all remaining shorten-64-to-32 errors in src/common. Some were genuine problems. Many were compatibility errors with libraries (openssl, zlib) that like predate size_t. Partial backport candidate.
svn:r13665
2008-02-21 21:57:47 +00:00
Nick Mathewson
24e8e1fb36
r14185@tombo: nickm | 2008-02-15 18:05:54 -0500
...
Replace the hefty tor_strpartition with a simple function to replace its only (trivial) use.
svn:r13532
2008-02-15 23:39:14 +00:00
Nick Mathewson
de827f89df
r14062@tombo: nickm | 2008-02-08 15:17:07 -0500
...
Change DNs in x509 certificates to be harder to fingerprint. Raise common code. Refactor random hostname generation into crypto.c
svn:r13429
2008-02-08 21:13:12 +00:00
Nick Mathewson
eecc44dab8
r17963@catbus: nickm | 2008-02-07 10:14:25 -0500
...
Be more thorough about memory poisoning and clearing. Add an in-place version of aes_crypt in order to remove a memcpy from relay_crypt_one_payload.
svn:r13414
2008-02-07 16:10:33 +00:00
Nick Mathewson
842a33ff20
Update some copyright notices: it is now 2008.
...
svn:r13412
2008-02-07 05:31:47 +00:00
Roger Dingledine
1d8a8063b9
clean up copyrights, and assign 2007 copyrights to The Tor Project, Inc
...
svn:r12786
2007-12-12 21:09:01 +00:00
Nick Mathewson
e047f7f865
r16455@catbus: nickm | 2007-11-06 12:48:00 -0500
...
Parse CERT cells and act correctly when we get them.
svn:r12396
2007-11-06 18:00:07 +00:00
Nick Mathewson
17266cc44a
r16287@catbus: nickm | 2007-10-31 00:53:53 -0400
...
HMAC-SHA-1 implementation, with unit tests based on vectors from RVFC2202. Steven's stuff will need this.
svn:r12289
2007-10-31 04:56:59 +00:00
Nick Mathewson
fc5dd0cdbb
r15231@catbus: nickm | 2007-09-20 16:04:30 -0400
...
Patch from karsten: remove cbc and make unit tests handle aes-ctr-with-iv.
svn:r11538
2007-09-20 20:08:47 +00:00
Nick Mathewson
5f7950e874
r15172@catbus: nickm | 2007-09-19 11:50:02 -0400
...
New (untested) code to implement AES-with-IV. Currently, IVs are generated randomly. Once tested, should be (almost) a drop-in replacement for the CBC functions.
svn:r11519
2007-09-19 15:53:41 +00:00
Roger Dingledine
f15a4c8bd7
add some crypto/util functions from karsten, as the first
...
step of integrating his new hidden service stuff
svn:r11489
2007-09-18 17:07:56 +00:00
Nick Mathewson
a8e88adba4
r13410@catbus: nickm | 2007-06-13 18:39:05 -0400
...
Fix compilation on compilers that do not allow you to typedef the same type twice.
svn:r10598
2007-06-13 22:39:10 +00:00
Nick Mathewson
3637ee0e59
r13383@catbus: nickm | 2007-06-13 13:53:04 -0400
...
Expose a function to parse a private key from a string as CRYPTO_PRIVATE. For testing.
svn:r10583
2007-06-13 18:15:53 +00:00
Nick Mathewson
a187704872
r12980@Kushana: nickm | 2007-05-18 14:11:05 -0400
...
Add a "swap" function to smartlist, add a "shuffle" function for smartlist to crypto.c, and make appropriate hashtable functions be more const.
svn:r10208
2007-05-18 21:19:14 +00:00
Nick Mathewson
6a27dd8284
r12595@catbus: nickm | 2007-04-30 18:32:34 -0400
...
Move private function declarations from crypto.c into a new #ifdef CRYPTO_PRIVATE block in crypto.h
svn:r10074
2007-04-30 22:42:50 +00:00
Nick Mathewson
759c58151e
r11775@catbus: nickm | 2007-02-12 16:39:09 -0500
...
Update copyright dates.
svn:r9570
2007-02-12 21:39:53 +00:00
Nick Mathewson
f02be02356
r11639@catbus: nickm | 2007-02-05 13:33:38 -0500
...
Add documentation to src/common/*.h; improve documentation for SMARTLIST_FOREACH; remove never-used options and corresponding tests from tor_strpartition.
svn:r9483
2007-02-05 18:33:52 +00:00
Nick Mathewson
fefba95363
r11629@catbus: nickm | 2007-02-02 15:06:17 -0500
...
Removing the last DOCDOC comment hurt so much that I had to use Doxygen to identify undocumented macros and comments, and add 150 more DOCDOCs to point out where they were. Oops. Hey, kids! Fixing some of these could be your first Tor patch!
svn:r9477
2007-02-02 20:06:43 +00:00
Nick Mathewson
219ad6395c
r8825@totoro: nickm | 2006-10-01 17:41:27 -0400
...
Add function to return a random uint64_t.
svn:r8570
2006-10-01 21:59:05 +00:00
Nick Mathewson
1fbc74661f
Remove DER64 functions in trunk: they will never be used again unless the directory authorities switch back to 0.0.9tooearly.
...
svn:r6376
2006-04-10 21:23:00 +00:00
Roger Dingledine
0543900fbf
clean up the traces from tracking the 0.1.1.9-alpha stack-smashing bug.
...
svn:r6240
2006-03-26 06:47:51 +00:00
Roger Dingledine
5f051574d5
Happy new year!
...
svn:r5949
2006-02-09 05:46:49 +00:00
Roger Dingledine
418dc7b16e
I believe this resolves bug 234, the mysterious crash on 0.1.1.9
...
and later servers. I'm not sure yet, but better to have it in CVS
while we speculate that it's the fix.
svn:r5895
2006-02-02 10:10:07 +00:00
Nick Mathewson
45757dafb7
Split PARANOIA_B into B1 and B2.
...
svn:r5849
2006-01-22 18:22:04 +00:00
Nick Mathewson
241310bbac
Split 0119_PARANOIA into 0119_PARANOIA_[ABC]. A is "this is suspicious, and we have not tried running without this yet". B is "this is suspicious, but the last time we tested, it was okay." C is "How could this possibly be the cause?"
...
svn:r5840
2006-01-17 23:08:38 +00:00
Nick Mathewson
55ac4f032c
Add a (diabled by default) option in crypto.h to disable most of the interesting crypto-related changes made on 0.1.1.9. This will help hunt bug 234.
...
svn:r5777
2006-01-10 21:12:06 +00:00
Nick Mathewson
1af630d32c
Bite the bullet and limit all our source lines to 80 characters, the way IBM intended.
...
svn:r5582
2005-12-14 20:40:40 +00:00
Nick Mathewson
e9b66ec906
Document CREATE_FAST better in the code. Move our key expansion algorithm into a separate function in crypto.c
...
svn:r5530
2005-12-08 17:38:32 +00:00
Roger Dingledine
a6da372000
and its header
...
svn:r5478
2005-11-30 22:23:27 +00:00
Nick Mathewson
9cec3a13f5
remove some functions that are not used; #if0 out some files that are not likely to be used.
...
svn:r5471
2005-11-30 06:27:59 +00:00
Nick Mathewson
9492424d3f
Per comments at the bottom of openssl/FAQ, call even more functions to
...
clean up OpenSSL's toys when it's done playing. (Why isn't there an
OpenSSL_free_everything() function?)
svn:r5321
2005-10-25 19:01:48 +00:00
Nick Mathewson
cc35e1720f
Using RAND_pseudo_bytes instead of RAND_bytes is an accident waiting to happen, and does not really speed us up much when we do it. So stop doing it.
...
svn:r5210
2005-10-06 22:18:01 +00:00
Nick Mathewson
ba24193ab5
Make doxygen marginally happier
...
svn:r5208
2005-10-06 04:33:40 +00:00
Nick Mathewson
f8a80e8d59
Helper functions to perform our truncated base64 encoding on hexdigests.
...
svn:r5087
2005-09-18 02:18:59 +00:00
Nick Mathewson
2aff87caae
Load hardware acceleration options when/where available. Can anybody test this?
...
svn:r4467
2005-06-20 18:56:35 +00:00
Roger Dingledine
fcd0fc3364
flesh out the source file descriptions for doxygen
...
svn:r4404
2005-06-11 05:31:17 +00:00
Nick Mathewson
0831823763
Change end-of-file NLNL convention. It turns out arma I and I agree.
...
svn:r4382
2005-06-09 19:03:31 +00:00
Nick Mathewson
a6f51001a5
New whitespace normalization rule: no blank line at EOF.
...
svn:r4378
2005-06-09 16:46:51 +00:00
Nick Mathewson
10b2208d93
Make Tor compile with no warnings with gcc4.0 on OSX
...
svn:r4184
2005-05-07 05:55:06 +00:00
Nick Mathewson
0e81265359
update copyright notices.
...
svn:r3982
2005-04-01 20:15:56 +00:00
Nick Mathewson
7fbd297532
Suggestion from weasel: Make tor --version --version dump the cvs Id of every file.
...
svn:r3019
2004-11-29 22:25:31 +00:00
Roger Dingledine
7c9a707900
remove emacs droppings, since nick says he doesn't need them anymore
...
svn:r2989
2004-11-26 04:00:55 +00:00
Nick Mathewson
cea9125d71
Implement two flavors of authentication for control connections: one for trusted FS, one for untrusted FS.
...
svn:r2664
2004-11-03 19:49:03 +00:00
Roger Dingledine
85c79ffbc7
canonicalize "src" and "dest" arg order in crypto.c (and others)
...
svn:r2644
2004-11-02 02:28:51 +00:00
Nick Mathewson
ce5709184b
Pass with -Wstrict-prototypes
...
svn:r2614
2004-10-27 18:16:37 +00:00
Roger Dingledine
918ce7a084
a few more ints to size_ts
...
svn:r2461
2004-10-13 05:54:58 +00:00
Roger Dingledine
a7d858bd6e
start the great migration from int to size_t
...
and clean some deadweight from util.h
svn:r2455
2004-10-12 20:20:19 +00:00
Nick Mathewson
ce3162d035
Make base-64-encoded DER work, including workaround for ugly openssl misfeature that makes base64 decoding fail when you strip out the newlines.
...
svn:r2423
2004-10-07 03:11:42 +00:00
Nick Mathewson
8cca36d26a
Implement (temporarily) a base64-encoded-DER format for RSA keys; make it easier to generate fingerprints with no space
...
svn:r2419
2004-10-06 13:26:10 +00:00
Roger Dingledine
7459d067a5
now base16_encode() and base32_encode() can't ever fail
...
svn:r2103
2004-07-22 08:30:06 +00:00
Nick Mathewson
541add90a1
Track routers by hash of identity key; use hex hash of identity key in place of nickname; accept (and use) hash of identity key in EXTEND cells.
...
svn:r1994
2004-07-01 01:16:59 +00:00
Nick Mathewson
9c3fba5c3b
Not every RSA decrypt should warn on failure.
...
svn:r1853
2004-05-12 19:30:28 +00:00
Roger Dingledine
5dd9e60231
doxygen markup for common/*.h
...
svn:r1840
2004-05-10 07:54:13 +00:00
Nick Mathewson
c0ea93337d
Doxygenate common.
...
svn:r1829
2004-05-10 03:53:24 +00:00
Roger Dingledine
1558fb7650
some patches on the patches
...
svn:r1761
2004-05-01 23:29:20 +00:00
Nick Mathewson
9a041591ac
Finish documenting the functions in common
...
svn:r1758
2004-05-01 21:41:23 +00:00
Nick Mathewson
908ccb9dcd
Handle windows socket errors correctly; comment most of common.
...
svn:r1756
2004-05-01 20:46:28 +00:00
Nick Mathewson
ddb15b8f67
Remove IVs from cipher code, since AES-ctr has none.
...
svn:r1742
2004-04-28 20:31:32 +00:00
Nick Mathewson
f6dbe5a0d4
Refactor crypto error handling to be more like TLS error handling:
...
crypto_perror is a no-no, since an operation can set more than one
error.
Also, fix a bug in the unix crypto_seed_rng: mixing stdio with
/dev/urandom is a bad idea, since fopen can make all kinds of weird
extraneous syscalls (mmap, fcntl, stat64, etc.) and since fread tends
to buffer data in big chunks, thus depleting the entropy pool.
svn:r1717
2004-04-26 18:09:50 +00:00
Nick Mathewson
aa7cfd93e5
Fix base32 implementation; make base32 implementation follow standard; add more tests for base32
...
svn:r1574
2004-04-08 20:56:33 +00:00
Nick Mathewson
2fc106d210
Force hybrid encryption on for key negotiation
...
svn:r1509
2004-04-06 20:55:46 +00:00
Nick Mathewson
257d509b91
Document stuff, reduce magic numbers, add emacs magic
...
svn:r1502
2004-04-06 03:44:36 +00:00
Nick Mathewson
34633c1122
add more constants
...
svn:r1488
2004-04-05 20:52:16 +00:00
Nick Mathewson
12ede0a2c4
use the right variable when comparing hashes; maybe fix "Hash of session" bug
...
svn:r1481
2004-04-05 17:36:30 +00:00
Nick Mathewson
137b577bbd
Refactor the heck out of crypto interface: admit that we will stick with one ciphersuite at a time, make const things const, and stop putting openssl in the headers.
...
svn:r1458
2004-04-03 02:40:30 +00:00
Nick Mathewson
e8345bfced
refactor; start adding debugging logs to midpoint rend stuff
...
svn:r1445
2004-04-02 23:30:54 +00:00
Nick Mathewson
cbbd13f789
Add new functions to wrap digest and sign/checksig.
...
svn:r1436
2004-04-01 22:10:33 +00:00
Nick Mathewson
56b3d67149
Separate "generate-DH-key" from "get-DH-key" without breaking old interface
...
svn:r1431
2004-04-01 20:04:54 +00:00
Nick Mathewson
35f531b94f
Add helpful hybrid encryption functions
...
svn:r1423
2004-04-01 03:08:35 +00:00
Nick Mathewson
6ea95488d2
Add more key manipulation functions, and base32 functions, to crypto
...
svn:r1395
2004-03-30 19:47:32 +00:00
Roger Dingledine
45a3f6b97c
more pesky tabs
...
svn:r1265
2004-03-12 13:02:16 +00:00
Roger Dingledine
bc8c6732cb
add crypto_cipher_rewind to reverse crypto_cipher_advance
...
svn:r957
2003-12-23 07:43:05 +00:00
Roger Dingledine
389eb48690
document an openssl gotcha
...
svn:r947
2003-12-17 05:31:52 +00:00
Roger Dingledine
f3b165fdc0
change crypto_digest_new_env to crypto_new_digest_env
...
(and same with _free_)
to match our conventions
i think our conventions may be getting too ad hoc
svn:r940
2003-12-16 08:13:26 +00:00
Roger Dingledine
e358a362ee
rename digest_copy to digest_dup, make it return, make gcc happier
...
svn:r939
2003-12-16 05:47:21 +00:00
Nick Mathewson
eeae6157ed
Add more fine-grained SHA1 functionality.
...
svn:r937
2003-12-16 05:29:04 +00:00
Nick Mathewson
ac552573dd
Make router/directory parsing nondestructive and more const-friendly
...
svn:r890
2003-12-08 23:45:37 +00:00
Nick Mathewson
5e4b9c6b61
Remove minor biasing problem from crypto_pseudo_rand_int
...
svn:r799
2003-11-12 04:28:30 +00:00
Nick Mathewson
785f5cdac8
Make crypto_pseudo_rand* never fail.
...
svn:r797
2003-11-12 04:12:35 +00:00
Nick Mathewson
36939303c9
Update LICENSE and copyright dates.
...
svn:r560
2003-10-08 02:04:08 +00:00
Nick Mathewson
febb2251ca
Add code to parse fingerprint files and compare routers against fingerprint files.
...
svn:r490
2003-09-26 20:41:23 +00:00
Nick Mathewson
92acbe12bc
Refactor common file code into util.c; add published to descriptors
...
svn:r487
2003-09-26 18:27:35 +00:00
Nick Mathewson
3d4ccb781a
Refactor buffers; implement descriptors.
...
'buf_t' is now an opaque type defined in buffers.c .
Router descriptors now include all keys; routers generate keys as
needed on startup (in a newly defined "data directory"), and generate
their own descriptors. Descriptors are now self-signed.
Implementation is not complete: descriptors are never published; and
upon receiving a descriptor, the directory doesn't do anything with
it.
At least "routers.or" and orkeygen are now obsolete, BTW.
svn:r483
2003-09-25 05:17:11 +00:00
Nick Mathewson
9955b265ab
Make crypto structures private to crypto.c
...
svn:r437
2003-09-10 00:47:24 +00:00
Nick Mathewson
fd20011c26
Add initial interfaces and code for TLS support. Interfaces are right; code needs work and testing.
...
svn:r424
2003-09-04 16:05:08 +00:00
Nick Mathewson
f12fdd62aa
Be smarter about getting key matter from DH.
...
Formerly, once we had g^xy, we took the last N bytes from g^xy.
Now, we take SHA(g^xy || [0]) || SHA1(g^xy || [1]) || ... , in order
to use all bits from g^xy equally, and generate as much key material
as we need.
svn:r370
2003-07-30 19:10:20 +00:00
Nick Mathewson
300984c057
Add AES counter-mode support to the crypt library
...
svn:r362
2003-06-30 19:18:32 +00:00
Nick Mathewson
d21c0feb5a
Add RNG seeding
...
svn:r318
2003-06-13 21:13:37 +00:00
Nick Mathewson
afc0eb2c71
Tested backends for directory signing and checking. Directory parser completely refactored. Need documentation and integration. Explanitory mail forthcoming.
...
svn:r271
2003-05-07 18:30:46 +00:00
Nick Mathewson
445cd8f0f1
Decrease DH group length to 1024. (Roger, you may want to read section 1 of the IETF draft: a 1024-bit DH key probably reduces our cipher strength to ~80 bits.)
...
svn:r269
2003-05-07 02:28:42 +00:00
Nick Mathewson
d0ff485e1b
More work on directories. Signed directories not yet tested. No support for checking sigs yet
...
svn:r268
2003-05-07 02:13:23 +00:00
Nick Mathewson
6af79f3a03
Basic diffie-helman wrappers with fixed modulus and tests
...
svn:r257
2003-05-01 00:53:46 +00:00
Nick Mathewson
32a3e704b4
Choose correct abstraction for topic_foo. Abstract random-integer code
...
svn:r249
2003-04-17 17:10:41 +00:00
Nick Mathewson
8ff1c3e21f
Refactor block ciphers; add 3des
...
svn:r196
2003-03-19 20:41:15 +00:00
Nick Mathewson
bef3424bec
Add convenience functions to wrap create and init for symmetric ciphers; clean up error handling in onion.c
...
svn:r131
2002-10-02 20:39:51 +00:00
Roger Dingledine
253f0f160e
laying the groundwork for dynamic router lists
...
revamped the router reading section
reference counting for crypto pk env's (so we can dup them)
we now read and write pem pk keys from string rather than from FILE*,
in anticipation of fetching directories over a socket
(so now on startup we slurp in the whole file, then parse it as a string)
fixed a bug in the proxy side, where you could get some circuits
wedged if they showed up while the connection was being made
svn:r110
2002-09-24 10:43:57 +00:00
Matej Pjafjar
01aadefbfc
Changed crypto calls to go through common/crypto.[hc] instead of calling OpenSSL directly.
...
svn:r76
2002-08-22 07:30:03 +00:00
Matej Pjafjar
e01522bbed
Added the crypto abstraction to libor. Need to test and change the code to use this instead of OpenSSL.
...
svn:r74
2002-07-25 08:17:22 +00:00
Matej Pjafjar
5af5a96343
Beginnings of a crypto abstraction layer.
...
svn:r73
2002-07-24 14:02:39 +00:00