Nick Mathewson
ce3162d035
Make base-64-encoded DER work, including workaround for ugly openssl misfeature that makes base64 decoding fail when you strip out the newlines.
...
svn:r2423
2004-10-07 03:11:42 +00:00
Nick Mathewson
8cca36d26a
Implement (temporarily) a base64-encoded-DER format for RSA keys; make it easier to generate fingerprints with no space
...
svn:r2419
2004-10-06 13:26:10 +00:00
Roger Dingledine
7459d067a5
now base16_encode() and base32_encode() can't ever fail
...
svn:r2103
2004-07-22 08:30:06 +00:00
Nick Mathewson
541add90a1
Track routers by hash of identity key; use hex hash of identity key in place of nickname; accept (and use) hash of identity key in EXTEND cells.
...
svn:r1994
2004-07-01 01:16:59 +00:00
Nick Mathewson
9c3fba5c3b
Not every RSA decrypt should warn on failure.
...
svn:r1853
2004-05-12 19:30:28 +00:00
Roger Dingledine
5dd9e60231
doxygen markup for common/*.h
...
svn:r1840
2004-05-10 07:54:13 +00:00
Nick Mathewson
c0ea93337d
Doxygenate common.
...
svn:r1829
2004-05-10 03:53:24 +00:00
Roger Dingledine
1558fb7650
some patches on the patches
...
svn:r1761
2004-05-01 23:29:20 +00:00
Nick Mathewson
9a041591ac
Finish documenting the functions in common
...
svn:r1758
2004-05-01 21:41:23 +00:00
Nick Mathewson
908ccb9dcd
Handle windows socket errors correctly; comment most of common.
...
svn:r1756
2004-05-01 20:46:28 +00:00
Nick Mathewson
ddb15b8f67
Remove IVs from cipher code, since AES-ctr has none.
...
svn:r1742
2004-04-28 20:31:32 +00:00
Nick Mathewson
f6dbe5a0d4
Refactor crypto error handling to be more like TLS error handling:
...
crypto_perror is a no-no, since an operation can set more than one
error.
Also, fix a bug in the unix crypto_seed_rng: mixing stdio with
/dev/urandom is a bad idea, since fopen can make all kinds of weird
extraneous syscalls (mmap, fcntl, stat64, etc.) and since fread tends
to buffer data in big chunks, thus depleting the entropy pool.
svn:r1717
2004-04-26 18:09:50 +00:00
Nick Mathewson
aa7cfd93e5
Fix base32 implementation; make base32 implementation follow standard; add more tests for base32
...
svn:r1574
2004-04-08 20:56:33 +00:00
Nick Mathewson
2fc106d210
Force hybrid encryption on for key negotiation
...
svn:r1509
2004-04-06 20:55:46 +00:00
Nick Mathewson
257d509b91
Document stuff, reduce magic numbers, add emacs magic
...
svn:r1502
2004-04-06 03:44:36 +00:00
Nick Mathewson
34633c1122
add more constants
...
svn:r1488
2004-04-05 20:52:16 +00:00
Nick Mathewson
12ede0a2c4
use the right variable when comparing hashes; maybe fix "Hash of session" bug
...
svn:r1481
2004-04-05 17:36:30 +00:00
Nick Mathewson
137b577bbd
Refactor the heck out of crypto interface: admit that we will stick with one ciphersuite at a time, make const things const, and stop putting openssl in the headers.
...
svn:r1458
2004-04-03 02:40:30 +00:00
Nick Mathewson
e8345bfced
refactor; start adding debugging logs to midpoint rend stuff
...
svn:r1445
2004-04-02 23:30:54 +00:00
Nick Mathewson
cbbd13f789
Add new functions to wrap digest and sign/checksig.
...
svn:r1436
2004-04-01 22:10:33 +00:00
Nick Mathewson
56b3d67149
Separate "generate-DH-key" from "get-DH-key" without breaking old interface
...
svn:r1431
2004-04-01 20:04:54 +00:00
Nick Mathewson
35f531b94f
Add helpful hybrid encryption functions
...
svn:r1423
2004-04-01 03:08:35 +00:00
Nick Mathewson
6ea95488d2
Add more key manipulation functions, and base32 functions, to crypto
...
svn:r1395
2004-03-30 19:47:32 +00:00
Roger Dingledine
45a3f6b97c
more pesky tabs
...
svn:r1265
2004-03-12 13:02:16 +00:00
Roger Dingledine
bc8c6732cb
add crypto_cipher_rewind to reverse crypto_cipher_advance
...
svn:r957
2003-12-23 07:43:05 +00:00
Roger Dingledine
389eb48690
document an openssl gotcha
...
svn:r947
2003-12-17 05:31:52 +00:00
Roger Dingledine
f3b165fdc0
change crypto_digest_new_env to crypto_new_digest_env
...
(and same with _free_)
to match our conventions
i think our conventions may be getting too ad hoc
svn:r940
2003-12-16 08:13:26 +00:00
Roger Dingledine
e358a362ee
rename digest_copy to digest_dup, make it return, make gcc happier
...
svn:r939
2003-12-16 05:47:21 +00:00
Nick Mathewson
eeae6157ed
Add more fine-grained SHA1 functionality.
...
svn:r937
2003-12-16 05:29:04 +00:00
Nick Mathewson
ac552573dd
Make router/directory parsing nondestructive and more const-friendly
...
svn:r890
2003-12-08 23:45:37 +00:00
Nick Mathewson
5e4b9c6b61
Remove minor biasing problem from crypto_pseudo_rand_int
...
svn:r799
2003-11-12 04:28:30 +00:00
Nick Mathewson
785f5cdac8
Make crypto_pseudo_rand* never fail.
...
svn:r797
2003-11-12 04:12:35 +00:00
Nick Mathewson
36939303c9
Update LICENSE and copyright dates.
...
svn:r560
2003-10-08 02:04:08 +00:00
Nick Mathewson
febb2251ca
Add code to parse fingerprint files and compare routers against fingerprint files.
...
svn:r490
2003-09-26 20:41:23 +00:00
Nick Mathewson
92acbe12bc
Refactor common file code into util.c; add published to descriptors
...
svn:r487
2003-09-26 18:27:35 +00:00
Nick Mathewson
3d4ccb781a
Refactor buffers; implement descriptors.
...
'buf_t' is now an opaque type defined in buffers.c .
Router descriptors now include all keys; routers generate keys as
needed on startup (in a newly defined "data directory"), and generate
their own descriptors. Descriptors are now self-signed.
Implementation is not complete: descriptors are never published; and
upon receiving a descriptor, the directory doesn't do anything with
it.
At least "routers.or" and orkeygen are now obsolete, BTW.
svn:r483
2003-09-25 05:17:11 +00:00
Nick Mathewson
9955b265ab
Make crypto structures private to crypto.c
...
svn:r437
2003-09-10 00:47:24 +00:00
Nick Mathewson
fd20011c26
Add initial interfaces and code for TLS support. Interfaces are right; code needs work and testing.
...
svn:r424
2003-09-04 16:05:08 +00:00
Nick Mathewson
f12fdd62aa
Be smarter about getting key matter from DH.
...
Formerly, once we had g^xy, we took the last N bytes from g^xy.
Now, we take SHA(g^xy || [0]) || SHA1(g^xy || [1]) || ... , in order
to use all bits from g^xy equally, and generate as much key material
as we need.
svn:r370
2003-07-30 19:10:20 +00:00
Nick Mathewson
300984c057
Add AES counter-mode support to the crypt library
...
svn:r362
2003-06-30 19:18:32 +00:00
Nick Mathewson
d21c0feb5a
Add RNG seeding
...
svn:r318
2003-06-13 21:13:37 +00:00
Nick Mathewson
afc0eb2c71
Tested backends for directory signing and checking. Directory parser completely refactored. Need documentation and integration. Explanitory mail forthcoming.
...
svn:r271
2003-05-07 18:30:46 +00:00
Nick Mathewson
445cd8f0f1
Decrease DH group length to 1024. (Roger, you may want to read section 1 of the IETF draft: a 1024-bit DH key probably reduces our cipher strength to ~80 bits.)
...
svn:r269
2003-05-07 02:28:42 +00:00
Nick Mathewson
d0ff485e1b
More work on directories. Signed directories not yet tested. No support for checking sigs yet
...
svn:r268
2003-05-07 02:13:23 +00:00
Nick Mathewson
6af79f3a03
Basic diffie-helman wrappers with fixed modulus and tests
...
svn:r257
2003-05-01 00:53:46 +00:00
Nick Mathewson
32a3e704b4
Choose correct abstraction for topic_foo. Abstract random-integer code
...
svn:r249
2003-04-17 17:10:41 +00:00
Nick Mathewson
8ff1c3e21f
Refactor block ciphers; add 3des
...
svn:r196
2003-03-19 20:41:15 +00:00
Nick Mathewson
bef3424bec
Add convenience functions to wrap create and init for symmetric ciphers; clean up error handling in onion.c
...
svn:r131
2002-10-02 20:39:51 +00:00
Roger Dingledine
253f0f160e
laying the groundwork for dynamic router lists
...
revamped the router reading section
reference counting for crypto pk env's (so we can dup them)
we now read and write pem pk keys from string rather than from FILE*,
in anticipation of fetching directories over a socket
(so now on startup we slurp in the whole file, then parse it as a string)
fixed a bug in the proxy side, where you could get some circuits
wedged if they showed up while the connection was being made
svn:r110
2002-09-24 10:43:57 +00:00
Matej Pjafjar
01aadefbfc
Changed crypto calls to go through common/crypto.[hc] instead of calling OpenSSL directly.
...
svn:r76
2002-08-22 07:30:03 +00:00
Matej Pjafjar
e01522bbed
Added the crypto abstraction to libor. Need to test and change the code to use this instead of OpenSSL.
...
svn:r74
2002-07-25 08:17:22 +00:00
Matej Pjafjar
5af5a96343
Beginnings of a crypto abstraction layer.
...
svn:r73
2002-07-24 14:02:39 +00:00