Nick Mathewson
1992c76130
Split tls modules and their tests into openssl and generic.
...
Also, add a stubbed-out nss version of the modules. The tests won't
pass with NSS yet since the NSS modules don't do anything.
This is a good patch to read with --color-moved.
2018-08-21 12:25:33 -04:00
Nick Mathewson
91c1e88b7a
Refactor some of the certificate-manipulation logic
2018-08-21 12:25:33 -04:00
Nick Mathewson
598bc78bfa
Extract tortls structures into a new header; clean up a little
2018-08-21 12:25:33 -04:00
Nick Mathewson
9a4f05b05c
Split X509 code out of tortls.c
2018-08-21 12:25:33 -04:00
Nick Mathewson
3ccb94d7b6
The RSA_free in this test is no longer needed or wanted
2018-08-21 12:24:08 -04:00
Nick Mathewson
aa45511250
Implement RSA for NSS.
2018-08-21 12:24:08 -04:00
Nick Mathewson
cb5cfe3177
Also reinitialize the pregenerated keys postfork.
2018-08-21 12:24:08 -04:00
Nick Mathewson
b94e7de7db
Refactor crypto_rsa to use pem module.
...
This cleans up a lot of junk from crypto_rsa_openssl, and will
save us duplicated code in crypto_rsa_nss (when it exists).
(Actually, it already exists, but I am going to use git rebase so
that this commit precedes the creation of crypto_rsa_nss.)
2018-08-21 12:24:08 -04:00
Nick Mathewson
9566ed6fd9
Add rudimentary support for PEM-encoding, since NSS doesn't do that.
2018-08-21 12:24:08 -04:00
Nick Mathewson
0812f1cbc2
Use a constant for "65537"
2018-08-21 12:24:08 -04:00
Nick Mathewson
824009cde5
Rename openssl-bridging functions in crypto_rsa
...
These functions exist only to expose RSA keys to other places in Tor
that use OpenSSL; let's be specific about their purpose.
2018-08-21 12:24:08 -04:00
Nick Mathewson
38212d2e40
Remove a redundant function.
2018-08-21 12:24:08 -04:00
Nick Mathewson
0f971d7c91
Rename functions that encode/decode private keys
...
It is not nice to expose a private key's contents without having the
function name advertise the fact. Fortunately, we weren't misusing
these yet.
2018-08-21 12:24:08 -04:00
Nick Mathewson
752ffa2197
Extract openssl RSA functionality into its own file.
2018-08-21 12:24:08 -04:00
Nick Mathewson
e56f0c9d33
Adjust windows stubs for new start/finish_daemon() return types
2018-08-14 16:44:59 -04:00
Nick Mathewson
a57c27a1c7
Call crypto_postfork on start_daemon() instead.
2018-08-08 17:32:26 -04:00
Nick Mathewson
622a2c6bee
Make finish_daemon() return a boolean to say whether it did anything.
2018-08-08 16:59:53 -04:00
Nick Mathewson
4f300d547d
When RunAsDaemon is set, crypto_postfork() as needed
2018-08-08 16:50:23 -04:00
Nick Mathewson
f83b417bf8
Suppress strict-prototypes warning in crypto_nss_mgt.c
2018-08-02 08:41:33 -04:00
Nick Mathewson
727f1676d6
Fix double-link of crypto_openssl_mgt.c
2018-08-02 08:38:59 -04:00
Nick Mathewson
b590cc0449
Add a cast to make clang happier.
2018-08-02 08:36:24 -04:00
Nick Mathewson
a4c0a0e81e
Fix issues with crypto_ope compilation now that crypto.h is gone
2018-07-31 19:56:42 -04:00
Nick Mathewson
fdaa483098
Merge branch 'nss_dh_squashed' into nss_dh_squashed_merged
2018-07-31 19:56:23 -04:00
Nick Mathewson
17f922d371
Only link crypto_dh_openssl.c once
...
(We do this unconditionally, since we still need it for tortls.c)
2018-07-31 19:46:00 -04:00
Nick Mathewson
f5e22358b0
Additional tests for NSS DH
...
Notably, there's a test to make sure that it round-trips with
OpenSSL, if OpenSSL is enabled.
2018-07-31 19:46:00 -04:00
Nick Mathewson
17ea931ac7
Implement DH in NSS.
2018-07-31 19:46:00 -04:00
Nick Mathewson
32bbc8f6b5
Refactor the dependency between tortls and crypto_dh.
...
We only ever need this to get us a DH ephemeral key object,
so make a function that does just that.
2018-07-31 19:46:00 -04:00
Nick Mathewson
ac9a470c64
Extract the shared part of crypto_dh_compute_secret.
2018-07-31 19:46:00 -04:00
Nick Mathewson
60a5b78480
Extract the OpenSSL DH functionality to a new file.
2018-07-31 19:46:00 -04:00
Nick Mathewson
99beed152e
Make the rust tests link.
2018-07-31 19:46:00 -04:00
Nick Mathewson
2d80673b9a
Fix "make distcheck."
2018-07-31 19:46:00 -04:00
Nick Mathewson
e7a0616817
Changes files for feature26815 and 26816
2018-07-31 19:46:00 -04:00
Nick Mathewson
76e10ee6b9
Use NSS for AES_CTR.
2018-07-31 19:46:00 -04:00
Nick Mathewson
60705a5719
Use NSS in crypto_rand.c
...
This is comparatively straightforward too, except for a couple of
twists:
* For as long as we're building with two crypto libraries, we
want to seed _both_ their RNGs, and use _both_ their RNGs to
improve the output of crypto_strongest_rand()
* The NSS prng will sometimes refuse to generate huge outputs.
When it does, we stretch the output with SHAKE. We only need
this for the tests.
2018-07-31 19:46:00 -04:00
Nick Mathewson
be8d497b65
Make sure NSS is initialized before running benchmarks
2018-07-31 19:46:00 -04:00
Nick Mathewson
f64c9dccde
Use NSS's digest code in Tor.
...
This was a fairly straightforward port, once I realized which layer
I should be calling into.
2018-07-31 19:46:00 -04:00
Nick Mathewson
7e4ac0283e
Merge remote-tracking branch 'teor/bug26986'
2018-07-31 08:50:38 -04:00
Nick Mathewson
01c73711f1
Merge branch 'maint-0.3.4'
2018-07-31 08:30:58 -04:00
Nick Mathewson
bcce3e7e0b
Merge branch 'maint-0.3.3' into maint-0.3.4
2018-07-31 08:30:01 -04:00
Nick Mathewson
373b23a9ee
Merge remote-tracking branch 'teor/bug26876_033' into maint-0.3.3
2018-07-31 08:29:54 -04:00
Nick Mathewson
d66cfadbd3
Merge remote-tracking branch 'teor/bug26979'
2018-07-31 08:26:15 -04:00
Nick Mathewson
de4d7c3837
Merge branch 'ticket26447'
2018-07-31 08:21:10 -04:00
Roger Dingledine
fe9f585143
fix wrong word in comment
2018-07-30 22:35:33 -04:00
teor
c3fca338a2
Appveyor CI: always use HEAD for the short commit
...
Part of 26979.
2018-07-31 12:14:40 +10:00
teor
fcc8480093
Appveyor CI: Changes file for 26979
...
Closes 26979.
2018-07-31 11:58:04 +10:00
teor
c6973aeccb
Appveyor CI: sort environmental variables
...
To avoid future duplicates.
2018-07-31 11:54:02 +10:00
teor
02a45b3ea4
Appveyor CI: fix some typos
2018-07-31 11:49:11 +10:00
teor
019c31bbf8
Appveyor CI: Generate correct tag names
...
Part of 26979.
2018-07-31 11:47:33 +10:00
teor
3d3e62d147
Appveyor CI: Switch to one URL per line
...
Part of 26979.
2018-07-31 11:37:11 +10:00
teor
9118430b14
Use Windows-compatible format strings in tor-print-ed-signing-cert.c
...
Fixes bug 26986; bugfix on master.
2018-07-31 11:21:28 +10:00