Commit Graph

533 Commits

Author SHA1 Message Date
Nick Mathewson
616cbb31c7 Merge commit 'origin/maint-0.2.1' 2009-12-15 17:11:40 -05:00
Nick Mathewson
1c87a27574 Fix bug 1173: remove an assert(unsigned >= 0). 2009-12-15 15:51:59 -05:00
Nick Mathewson
9e6225ae16 Merge commit 'sebastian/coverity' 2009-12-12 02:10:19 -05:00
Sebastian Hahn
3807db001d *_free functions now accept NULL
Some *_free functions threw asserts when passed NULL. Now all of them
accept NULL as input and perform no action when called that way.

This gains us consistence for our free functions, and allows some
code simplifications where an explicit null check is no longer necessary.
2009-12-12 03:29:44 +01:00
Sebastian Hahn
70abd843fd crypto_cipher_set_key cannot fail
In 5e4d53d535 we made it so that
crypto_cipher_set_key cannot fail. The call will now
always succeed, to returning a boolean for success/failure makes
no sense.
2009-10-27 04:31:23 +01:00
Nick Mathewson
5e4d53d535 Remove checks for array existence. (CID 410..415)
In C, the code "char x[10]; if (x) {...}" always takes the true branch of
the if statement.  Coverity notices this now.

In some cases, we were testing arrays to make sure that an operation
we wanted to do would suceed.  Those cases are now always-true.

In some cases, we were testing arrays to see if something was _set_.
Those caes are now tests for strlen(s), or tests for
!tor_mem_is_zero(d,len).
2009-10-26 22:40:41 -04:00
Karsten Loesing
d2b4b49ff0 Reduce log level for someone else sending us weak DH keys.
See task 1114. The most plausible explanation for someone sending us weak
DH keys is that they experiment with their Tor code or implement a new Tor
client. Usually, we don't care about such events, especially not on warn
level. If we really care about someone not following the Tor protocol, we
can set ProtocolWarnings to 1.
2009-10-25 23:47:05 -07:00
Nick Mathewson
200c39b66c Document the microdescriptor code better. 2009-10-18 18:46:12 -04:00
Nick Mathewson
5576a3a094 Parse detached signature documents with multiple flavors and algorithms. 2009-10-15 15:17:13 -04:00
Nick Mathewson
3b2fc659a8 Refactor consensus signature storage for multiple digests and flavors.
This patch introduces a new type called document_signature_t to represent the
signature of a consensus document.  Now, each consensus document can have up
to one document signature per voter per digest algorithm.  Also, each
detached-signatures document can have up to one signature per <voter,
algorithm, flavor>.
2009-10-15 15:17:13 -04:00
Nick Mathewson
8d41e6c471 Support for encoding and decoding 256-bit digests in base64 2009-10-15 15:17:12 -04:00
Nick Mathewson
cfba9c01bf Alter keygen function to generate keys of different lengths. 2009-09-29 00:53:25 -04:00
Nathan Freitas
76d26ae52d Disable OpenSSL engines when building for Android.
Apparently the Android developers dumped OpenSSL's support for hardware
acceleration in order to save some memory, so you can't build programs using
engines on Android.

[Patch revised by nickm]
2009-09-29 00:53:10 -04:00
Nathan Freitas
8c585cce39 Include util.h and log.h as relative paths.
This shouldn't be necessary, but apparently the Android cross-compiler
doesn't respect -I as well as it should.  (-I is supposed to add to the
*front* of the search path.  Android's gcc wrapper apparently likes to add to
the end.  This is broken, but we need to work around it.)
2009-09-29 00:52:52 -04:00
Nick Mathewson
5da3b45fdc Make crypto_digest_get_digest nondestructive again.
Fixes bug in f57883a39.
2009-08-20 12:03:32 -04:00
Nick Mathewson
d0c212995a Add a SHA256 implementation for platforms that lack it.
(This would be everywhere running OpenSSL 0.9.7x and earlier, including
all current Macintosh users.)

The code is based on Tom St Denis's LibTomCrypt implementation,
modified to be way less general and use Tor's existing facilities.  I
picked this one because it was pretty fast and pretty free, and
because Python uses it too.
2009-08-20 01:47:13 -04:00
Nick Mathewson
f57883a39e Add basic support for SHA256.
This adds an openssl 0.9.8 dependency.  Let's see if anybody cares.
2009-08-19 19:43:54 -04:00
Nick Mathewson
e84ddead34 Merge branch 'hardware_accel_improvements' 2009-05-31 13:36:50 -04:00
Nick Mathewson
260de44313 Fixes to spelling fixes. Thanks, Roger! 2009-05-28 12:22:48 -04:00
Nick Mathewson
ec7e054668 Spell-check Tor. 2009-05-27 17:55:51 -04:00
Martin Peck
7703b887f5 Add support for dynamic OpenSSL hardware crypto acceleration engines. 2009-05-23 16:42:44 -07:00
Karsten Loesing
9b32e8c141 Update copyright to 2009. 2009-05-04 11:28:27 -04:00
Karsten Loesing
4ebcc4da34 Update copyright to 2009. 2009-05-02 22:00:54 +02:00
Nick Mathewson
8ebceeb352 Make sure that even in the weird fiddly paths that lead to init_keys,
crypto_global_init gets called.  Also have it be crypto_global_init
that calls crypto_seed_rng, so we are not dependent on OpenSSL's
RAND_poll in these fiddly cases.

Should fix bug 907.  Bugfix on 0.0.9pre6.  Backport candidate.

svn:r18210
2009-01-21 15:38:39 +00:00
Nick Mathewson
c4b8fef362 Remove svn $Id$s from our source, and remove tor --version --version.
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed.  They were not actually useful for
telling the version of Tor files in the wild.

svn:r17867
2009-01-04 00:35:51 +00:00
Nick Mathewson
b0a8ecd193 Use RSA_generate_key_ex where available.
svn:r17804
2008-12-29 02:20:57 +00:00
Nick Mathewson
b4d387c28b Make freelist_len in memarea.c static; document a few variables.
svn:r17741
2008-12-22 19:14:08 +00:00
Nick Mathewson
1e5f457461 Fix most DOCDOCs remaining and/or added by redox.
svn:r17734
2008-12-22 17:53:04 +00:00
Nick Mathewson
1725c0c8a5 Add DOCDOC comments for all undocumented functions. Add missing *s to other comments so that they will get recognized as doxygen.
svn:r17729
2008-12-22 14:56:28 +00:00
Nick Mathewson
6c6b0283cb Ben confirms that the MUST in rfc2631 is only for compatibility with X9.42, and isn't actually a security thing.
svn:r17685
2008-12-18 16:11:16 +00:00
Nick Mathewson
cebdf93949 Fix bug 889: share deep-copied keys between threads to avoid races in reference counts. Bugfix on 0.1.0.1-rc.
svn:r17672
2008-12-18 05:28:27 +00:00
Nick Mathewson
f43bcdc063 Use ctags and a python script to find identifiers that are never used anywhere, and remove the ones that we really want gone.
svn:r17651
2008-12-17 17:20:42 +00:00
Nick Mathewson
4d94e061c7 Clean up some redundant stuff in crypto_dh_new().
svn:r16778
2008-09-05 20:18:22 +00:00
Nick Mathewson
22259a0877 The first of Karsten's proposal 121 patches: configure and maintain client authorization data. Tweaked a bit: see comments on or-dev.
svn:r16475
2008-08-08 14:36:11 +00:00
Nick Mathewson
3ec25c2410 r16587@tombo: nickm | 2008-06-28 00:13:40 -0400
fix for bug 704; found by sjmurdoch.  Windows and recent openssl both want to define OCSP_RESPONSE; do not let them.


svn:r15533
2008-06-28 04:16:17 +00:00
Nick Mathewson
d4ed91c672 Set dynamic-locking callbacks in openssl. These can be more efficient when openssl uses them.
svn:r15222
2008-06-13 16:35:12 +00:00
Nick Mathewson
ae2d022f0c Remov unused macro in crypto.c
svn:r14950
2008-06-04 18:41:08 +00:00
Nick Mathewson
b7a80920e2 r15558@tombo: nickm | 2008-05-09 04:35:12 -0400
New (temporary) tool to dump the modulus of a key.  May help with a project of weasel's.


svn:r14580
2008-05-09 08:35:38 +00:00
Nick Mathewson
b5b77f8bf3 r19004@catbus: nickm | 2008-03-21 15:18:43 -0400
Use RAND_poll() again: the bug that made us stop using it has been fixed.


svn:r14150
2008-03-21 19:18:57 +00:00
Nick Mathewson
3452486ac6 r14422@tombo: nickm | 2008-02-24 17:09:56 -0500
Whitespace fixes


svn:r13700
2008-02-24 22:11:18 +00:00
Nick Mathewson
e7db789e82 r14399@tombo: nickm | 2008-02-22 14:09:38 -0500
More 64-to-32 fixes. Partial backport candidate. still not done.


svn:r13680
2008-02-22 19:09:45 +00:00
Nick Mathewson
69300eb606 r14374@tombo: nickm | 2008-02-21 16:57:39 -0500
Fix all remaining shorten-64-to-32 errors in src/common.  Some were genuine problems.  Many were compatibility errors with libraries (openssl, zlib) that like predate size_t.  Partial backport candidate.


svn:r13665
2008-02-21 21:57:47 +00:00
Nick Mathewson
b375472d14 r14373@tombo: nickm | 2008-02-21 16:29:18 -0500
Apply warnings about implicit 64-to-32 conversions; some from Sebastian Hahn; some not.


svn:r13664
2008-02-21 21:57:42 +00:00
Nick Mathewson
24e8e1fb36 r14185@tombo: nickm | 2008-02-15 18:05:54 -0500
Replace the hefty tor_strpartition with a simple function to replace its only (trivial) use.


svn:r13532
2008-02-15 23:39:14 +00:00
Roger Dingledine
509d2912dc doxygen and other cleanups
svn:r13440
2008-02-09 03:11:10 +00:00
Nick Mathewson
de827f89df r14062@tombo: nickm | 2008-02-08 15:17:07 -0500
Change DNs in x509 certificates to be harder to fingerprint.  Raise common code.  Refactor random hostname generation into crypto.c


svn:r13429
2008-02-08 21:13:12 +00:00
Nick Mathewson
b8179871a6 r17964@catbus: nickm | 2008-02-07 10:45:02 -0500
Fix bug in last patch that made secret_to_key crash.


svn:r13415
2008-02-07 16:10:36 +00:00
Nick Mathewson
eecc44dab8 r17963@catbus: nickm | 2008-02-07 10:14:25 -0500
Be more thorough about memory poisoning and clearing.  Add an in-place version of aes_crypt in order to remove a memcpy from relay_crypt_one_payload.


svn:r13414
2008-02-07 16:10:33 +00:00
Nick Mathewson
842a33ff20 Update some copyright notices: it is now 2008.
svn:r13412
2008-02-07 05:31:47 +00:00
Nick Mathewson
a51deb9a9c r17903@catbus: nickm | 2008-02-05 14:40:03 -0500
Remove some dead code; fix some XXX020s; turn some XXX020s into XXXX_IP6s (i.e., "needs to be fixed when we add ipv6 support").


svn:r13382
2008-02-05 19:40:26 +00:00
Nick Mathewson
d7fb8a34ac r17613@catbus: nickm | 2008-01-14 13:52:44 -0500
Do not segfault if symetric key generation somehow fails in crypto_hybrid_encrypt.


svn:r13132
2008-01-14 19:00:28 +00:00
Nick Mathewson
becbafc9db r17491@catbus: nickm | 2008-01-07 11:50:24 -0500
Remove some dead code.


svn:r13053
2008-01-07 16:50:33 +00:00
Roger Dingledine
1d8a8063b9 clean up copyrights, and assign 2007 copyrights to The Tor Project, Inc
svn:r12786
2007-12-12 21:09:01 +00:00
Roger Dingledine
7f12ebc3fa cleanups on r12579
svn:r12580
2007-11-27 21:17:43 +00:00
Nick Mathewson
e047f7f865 r16455@catbus: nickm | 2007-11-06 12:48:00 -0500
Parse CERT cells and act correctly when we get them.


svn:r12396
2007-11-06 18:00:07 +00:00
Nick Mathewson
7712ddf8e7 r16317@catbus: nickm | 2007-10-31 23:52:52 -0400
Use HMAC() function from openssl. Oops.


svn:r12304
2007-11-01 03:56:17 +00:00
Nick Mathewson
17266cc44a r16287@catbus: nickm | 2007-10-31 00:53:53 -0400
HMAC-SHA-1 implementation, with unit tests based on vectors from RVFC2202.  Steven's stuff will need this.


svn:r12289
2007-10-31 04:56:59 +00:00
Nick Mathewson
7da93b80ca r16159@catbus: nickm | 2007-10-25 12:53:38 -0400
Drop support for OpenSSL 0.9.6.


svn:r12191
2007-10-25 16:54:56 +00:00
Nick Mathewson
e3113502ad r15882@catbus: nickm | 2007-10-17 15:23:05 -0400
oprofile was telling me that a fair bit of our time in openssl was spent in base64_decode, so replace base64_decode with an all-at-once fairly optimized implementation.  For decoding keys and digests, it seems 3-3.5x faster than calling out to openssl.  (Yes, I wrote it from scratch.)


svn:r12002
2007-10-17 19:23:56 +00:00
Nick Mathewson
7f9e9c816c r15790@catbus: nickm | 2007-10-15 11:38:28 -0400
Fix bug 528: fix memory leak in base32_decode().  While there, also make base32_decode() accept upper-case inputs.


svn:r11946
2007-10-15 15:38:44 +00:00
Nick Mathewson
3de8158b16 r15702@catbus: nickm | 2007-10-11 17:29:20 -0400
Remove a bunch of redundant includes in crypto.c


svn:r11885
2007-10-11 21:40:32 +00:00
Nick Mathewson
fc5dd0cdbb r15231@catbus: nickm | 2007-09-20 16:04:30 -0400
Patch from karsten: remove cbc and make unit tests handle aes-ctr-with-iv.


svn:r11538
2007-09-20 20:08:47 +00:00
Nick Mathewson
5f7950e874 r15172@catbus: nickm | 2007-09-19 11:50:02 -0400
New (untested) code to implement AES-with-IV.  Currently, IVs are generated randomly.  Once tested, should be (almost) a drop-in replacement for the CBC functions.


svn:r11519
2007-09-19 15:53:41 +00:00
Roger Dingledine
1a930cfc70 minor style tweaks
svn:r11490
2007-09-18 17:18:14 +00:00
Roger Dingledine
f15a4c8bd7 add some crypto/util functions from karsten, as the first
step of integrating his new hidden service stuff


svn:r11489
2007-09-18 17:07:56 +00:00
Nick Mathewson
3637ee0e59 r13383@catbus: nickm | 2007-06-13 13:53:04 -0400
Expose a function to parse a private key from a string as CRYPTO_PRIVATE.  For testing.


svn:r10583
2007-06-13 18:15:53 +00:00
Nick Mathewson
6673d445f5 r13283@catbus: nickm | 2007-06-06 01:43:44 -0400
Fix up a couple of loops flagged by -Wunsafe-loop-optimizations so that they are more readable (and more amenable to compilation)


svn:r10513
2007-06-06 13:02:22 +00:00
Nick Mathewson
6faa9e2641 r13239@catbus: nickm | 2007-06-04 11:30:37 -0400
Fix the fix for bug 445: set umask properly.  Also use open+fdopen rather than just umask+fopen, and create authority identity key with mode 400.


svn:r10485
2007-06-04 15:30:40 +00:00
Nick Mathewson
cb0324c400 r13191@catbus: nickm | 2007-06-03 19:38:18 -0400
Set umask(0700) when starting tor-gencert; resolves bug 445.


svn:r10475
2007-06-03 23:38:20 +00:00
Nick Mathewson
a187704872 r12980@Kushana: nickm | 2007-05-18 14:11:05 -0400
Add a "swap" function to smartlist, add a "shuffle" function for smartlist to crypto.c, and make appropriate hashtable functions be more const.


svn:r10208
2007-05-18 21:19:14 +00:00
Nick Mathewson
836328be2e r12777@catbus: nickm | 2007-05-16 21:52:23 -0400
Fix dumb bug introduced in r10199


svn:r10202
2007-05-17 01:52:26 +00:00
Nick Mathewson
807adfc879 r12769@catbus: nickm | 2007-05-16 17:32:01 -0400
Fix warnings from -Wunsafe-loop-optimizations, which incidentally turned up a logic bug in connection_or_flush_from_first_active_circuit that would overcount the number of cells flushed.


svn:r10199
2007-05-16 22:15:48 +00:00
Nick Mathewson
9279c1d5fe r12638@catbus: nickm | 2007-05-02 17:37:30 -0400
Remove the "RSA keys are 128-bits" assumption from crypto.c


svn:r10096
2007-05-02 21:37:53 +00:00
Nick Mathewson
6a27dd8284 r12595@catbus: nickm | 2007-04-30 18:32:34 -0400
Move private function declarations from crypto.c into a new #ifdef CRYPTO_PRIVATE block in crypto.h


svn:r10074
2007-04-30 22:42:50 +00:00
Nick Mathewson
f38240435a r12001@catbus: nickm | 2007-02-28 15:24:12 -0500
Try to build without warnings on mingw with verbose warnings on.  First attempt.


svn:r9688
2007-02-28 20:24:27 +00:00
Nick Mathewson
d6368fd075 r11976@catbus: nickm | 2007-02-27 19:35:59 -0500
Add some missing (redundant but helpful in most cases) static declarations, and remove a function nobody was calling.


svn:r9672
2007-02-28 00:36:03 +00:00
Nick Mathewson
759c58151e r11775@catbus: nickm | 2007-02-12 16:39:09 -0500
Update copyright dates.


svn:r9570
2007-02-12 21:39:53 +00:00
Roger Dingledine
4ba57f68e4 more changes. i'm all caught up now.
svn:r9495
2007-02-06 02:49:07 +00:00
Nick Mathewson
f02be02356 r11639@catbus: nickm | 2007-02-05 13:33:38 -0500
Add documentation to src/common/*.h; improve documentation for SMARTLIST_FOREACH; remove never-used options and corresponding tests from tor_strpartition.


svn:r9483
2007-02-05 18:33:52 +00:00
Nick Mathewson
fefba95363 r11629@catbus: nickm | 2007-02-02 15:06:17 -0500
Removing the last DOCDOC comment hurt so much that I had to use Doxygen to identify undocumented macros and comments, and add 150 more DOCDOCs to point out where they were.  Oops.  Hey, kids!  Fixing some of these could be your first Tor patch!


svn:r9477
2007-02-02 20:06:43 +00:00
Nick Mathewson
ef0720f909 r9689@catbus: nickm | 2007-01-19 22:34:20 -0500
And remove another strcpy.


svn:r9375
2007-01-20 03:35:03 +00:00
Roger Dingledine
dcd33ef599 i saw somebody on #tor paste a string where these were
null. better safe than sorry.


svn:r8767
2006-10-20 00:12:02 +00:00
Nick Mathewson
7551c44a53 r9274@Kushana: nickm | 2006-10-19 16:16:58 -0400
Add unit tests for tor_mmap_file(); make tor_mmap_t.size always be the size of the file (not the size of the mapping); add an extra argument to read_file_to_str() so it can return the size of the result string.


svn:r8762
2006-10-19 23:05:02 +00:00
Nick Mathewson
c6f2d725d0 r8957@totoro: nickm | 2006-10-08 22:35:17 -0400
The otherwise regrettable MIPSpro C compiler warns about values set but never used, and about mixing enums and ints; these are good warnings, and so should be fixed.  This removes some dead code and some potential bugs. Thanks to pnx.


svn:r8664
2006-10-09 02:35:51 +00:00
Roger Dingledine
881d23847a fix something that looked scary to me. i believe this won't
change any behavior currently, but it will avoiding calling
noop code that might change for the worse some time.

nick, please confirm.


svn:r8623
2006-10-07 00:52:23 +00:00
Nick Mathewson
219ad6395c r8825@totoro: nickm | 2006-10-01 17:41:27 -0400
Add function to return a random uint64_t.


svn:r8570
2006-10-01 21:59:05 +00:00
Nick Mathewson
7d366f61cb r9025@Kushana: nickm | 2006-09-29 18:33:13 -0400
Differentiate more duplicated log entries


svn:r8542
2006-09-29 22:33:40 +00:00
Nick Mathewson
87648bdcf8 r9008@Kushana: nickm | 2006-09-29 13:50:10 -0400
Doxygen comments for code in common.  Also simplify a few code paths to be more clear/speedy/correct.


svn:r8536
2006-09-29 18:13:37 +00:00
Nick Mathewson
c4ac4bcba3 r8696@Kushana: nickm | 2006-08-31 14:43:44 -0400
Try to appease some warnings with newer gccs that believe that ignoring a return value is okay, but casting a return value and then ignoring it is a sign of madness.


svn:r8312
2006-08-31 18:47:54 +00:00
Roger Dingledine
4b94dabb53 note a compile warning that we should investigate one day.
svn:r7052
2006-08-14 09:44:54 +00:00
Roger Dingledine
3d79eb52ab stick to nick's nul/null convention
svn:r6763
2006-07-15 19:21:30 +00:00
Roger Dingledine
266afcd7d5 bandaid for bug 299. this is still a bug, since we don't
initialize for hardware acceleration in certain configurations;
but not critical until that is supported.


svn:r6536
2006-06-05 04:29:03 +00:00
Nick Mathewson
853e2d99b6 Add a new warning to our "warn a lot" list: unused parameters. This means we have to explicitly "use" unuseds, but it can catch bugs. (It caught two coding mistakes so far.)
svn:r6532
2006-06-04 22:42:13 +00:00
Roger Dingledine
36712a443b Stop initializing the hardware accelerator engines simply because
we overloaded the meaning of the argument to crypto_global_init().


svn:r6490
2006-05-24 00:37:38 +00:00
Nick Mathewson
1fbc74661f Remove DER64 functions in trunk: they will never be used again unless the directory authorities switch back to 0.0.9tooearly.
svn:r6376
2006-04-10 21:23:00 +00:00
Roger Dingledine
0543900fbf clean up the traces from tracking the 0.1.1.9-alpha stack-smashing bug.
svn:r6240
2006-03-26 06:47:51 +00:00
Nick Mathewson
bd8ffccae7 More cleanups noticed by weasel; also, remove macros that nobody uses.
svn:r6143
2006-03-12 23:31:16 +00:00
Roger Dingledine
6ce36ead42 Start the process of converting warn to log_warn and so on.
This is needed because Windows already has an err() that we
can't clobber. And we need to be able to make the log functions
a macro so we can print the function's name in the log entry.


svn:r6000
2006-02-13 08:01:59 +00:00
Roger Dingledine
5f051574d5 Happy new year!
svn:r5949
2006-02-09 05:46:49 +00:00
Nick Mathewson
45757dafb7 Split PARANOIA_B into B1 and B2.
svn:r5849
2006-01-22 18:22:04 +00:00
Nick Mathewson
241310bbac Split 0119_PARANOIA into 0119_PARANOIA_[ABC]. A is "this is suspicious, and we have not tried running without this yet". B is "this is suspicious, but the last time we tested, it was okay." C is "How could this possibly be the cause?"
svn:r5840
2006-01-17 23:08:38 +00:00
Nick Mathewson
55ac4f032c Add a (diabled by default) option in crypto.h to disable most of the interesting crypto-related changes made on 0.1.1.9. This will help hunt bug 234.
svn:r5777
2006-01-10 21:12:06 +00:00
Nick Mathewson
1af630d32c Bite the bullet and limit all our source lines to 80 characters, the way IBM intended.
svn:r5582
2005-12-14 20:40:40 +00:00
Nick Mathewson
e9b66ec906 Document CREATE_FAST better in the code. Move our key expansion algorithm into a separate function in crypto.c
svn:r5530
2005-12-08 17:38:32 +00:00
Roger Dingledine
485b2cb4dc get rid of nick's crazy voodoo dh checking.
svn:r5518
2005-12-06 23:09:44 +00:00
Roger Dingledine
923ad87470 remove another unused function
svn:r5477
2005-11-30 22:19:02 +00:00
Nick Mathewson
9cec3a13f5 remove some functions that are not used; #if0 out some files that are not likely to be used.
svn:r5471
2005-11-30 06:27:59 +00:00
Roger Dingledine
8182eb69cd a smidgen more hint when we fail to seed the rng
svn:r5438
2005-11-21 01:12:01 +00:00
Nick Mathewson
83d6b0387b Try to build with OpenSSL 0.9.6. Lets pay attention to see if anybody complains.
svn:r5398
2005-11-16 05:22:44 +00:00
Nick Mathewson
887178e710 Oops. It looks like there *was* an easy way to make openssl do what we wanted.
svn:r5370
2005-11-14 19:18:31 +00:00
Roger Dingledine
5ef2927870 correct nick's comment
svn:r5360
2005-11-11 21:44:38 +00:00
Nick Mathewson
f14743a975 Note that much of check_dh_key is voodoo; make x in DH be only 320 bits for DH speed improvement: this wants auditing. [We have blessing from Ian on this.] (Note that DH in SSL is not yet affected.)
svn:r5359
2005-11-11 20:18:00 +00:00
Nick Mathewson
3c36a14ba6 Call ERR_remove_state() on the main thread on shutdown,too
svn:r5322
2005-10-26 02:20:48 +00:00
Nick Mathewson
9492424d3f Per comments at the bottom of openssl/FAQ, call even more functions to
clean up OpenSSL's toys when it's done playing.  (Why isn't there an
OpenSSL_free_everything() function?)


svn:r5321
2005-10-25 19:01:48 +00:00
Nick Mathewson
edf5698474 Start dividing log messages into logging domains. No, LD_ is not the best of identifiers. src/or has not been converted yet. Domains dont do anything yet.
svn:r5284
2005-10-18 21:58:19 +00:00
Peter Palfrader
0d9aedfcea Downgrade a few INFO level logs to DEBUG again. Also add two or three new
logs in cases where a calling function's log was downgraded and we wouldn't
get any log message otherwise.


svn:r5263
2005-10-17 16:21:42 +00:00
Nick Mathewson
9bc2467626 Okay, try to use RAND_poll() from OpenSSL where available.
svn:r5229
2005-10-08 05:47:15 +00:00
Roger Dingledine
c4757e0705 LOG_ERR is for when we know we're going to exit. use LOG_WARN in other
cases.


svn:r5220
2005-10-07 19:53:57 +00:00
Nick Mathewson
150e5ac098 disable RAND_poll() for the alpha of the day; at least 24 hours of testing is in order for something like that.
svn:r5216
2005-10-07 19:17:20 +00:00
Nick Mathewson
a53ecc94f9 Add half our entropy from RAND_poll in OpenSSL. These know how to use egd (if present) openbsd weirdness (if present), vms/os2 weirdness (if we ever port there), and more in the future.
svn:r5215
2005-10-07 19:03:09 +00:00
Nick Mathewson
a89daaeca9 Once an hour (not just on startup) give OpenSSL some more entropy.
Add entropy in 512-bit chunks, not 160-bit chunks.  (This latter
change is voodoo.)


svn:r5211
2005-10-06 22:22:22 +00:00
Nick Mathewson
cc35e1720f Using RAND_pseudo_bytes instead of RAND_bytes is an accident waiting to happen, and does not really speed us up much when we do it. So stop doing it.
svn:r5210
2005-10-06 22:18:01 +00:00
Nick Mathewson
ba24193ab5 Make doxygen marginally happier
svn:r5208
2005-10-06 04:33:40 +00:00
Nick Mathewson
f8c07e1f33 free EVP cipher information on shutdown to remove some spurious dmalloc complaints.
svn:r5180
2005-10-03 21:10:35 +00:00
Nick Mathewson
de198d800b Never call free() on tor_malloc()d memory. This is unlikely to be our current leak, but it may help dmalloc work.
svn:r5168
2005-09-30 20:47:58 +00:00
Nick Mathewson
26e7a05725 even better function start checks; give dmalloc a chance of working.
svn:r5162
2005-09-30 01:39:24 +00:00
Nick Mathewson
92451f74a8 Reformat inconsistent function declarations.
svn:r5160
2005-09-30 01:09:52 +00:00
Nick Mathewson
5c53545d81 Add a bunch more warnings to out warning suite; resolve them; pack structs a little better.
svn:r5150
2005-09-29 22:59:17 +00:00
Nick Mathewson
f8a80e8d59 Helper functions to perform our truncated base64 encoding on hexdigests.
svn:r5087
2005-09-18 02:18:59 +00:00
Nick Mathewson
6b479b3cfa Only do openssl accel stuff if version is at least 0.9.7
svn:r4973
2005-09-09 22:07:15 +00:00
Roger Dingledine
fa507c63e8 put quotes around user-supplied strings so they are more likely to
realize if they add bad characters (like quotes) to the torrc


svn:r4844
2005-08-26 18:40:44 +00:00
Roger Dingledine
121ea4dd93 a url for better reference
svn:r4778
2005-08-15 01:03:50 +00:00
Nick Mathewson
943ef5256b fix whitespace issues
svn:r4752
2005-08-08 21:59:48 +00:00
Nick Mathewson
9345323b18 far far cleaner implementation of handshake checking logic. Backport candidate.
svn:r4736
2005-08-07 20:36:14 +00:00
Roger Dingledine
bfe65db284 ok, so now it was just redundant. nick, do you recall what rfc
you were trying to point to?


svn:r4727
2005-08-07 17:11:33 +00:00
Roger Dingledine
b9a7482c02 note another potential security problem with generating key material
from our DH handshake.


svn:r4724
2005-08-06 16:50:51 +00:00
Roger Dingledine
261bf4c4d4 rfc 3536 "provides a glossary of terms used in the IETF when discussing
internationalization."


svn:r4723
2005-08-05 22:08:57 +00:00
Nick Mathewson
224fecb281 Appease insane windows compiler. (Oh no, an extra semi, the sky is falling!)
svn:r4722
2005-08-05 19:25:23 +00:00
Nick Mathewson
197eb2b2cb fix harmless copy-and-paste error
svn:r4718
2005-08-05 14:59:14 +00:00
Nick Mathewson
ea2aa107a7 cover a few more cases; needs testing and once-over
svn:r4717
2005-08-05 14:20:38 +00:00
Nick Mathewson
3fa821d911 oops, that array got bigger
svn:r4708
2005-08-04 23:18:51 +00:00
Nick Mathewson
7a9eb49f5f Discard special bignum values.
svn:r4706
2005-08-04 23:14:42 +00:00
Nick Mathewson
2aff87caae Load hardware acceleration options when/where available. Can anybody test this?
svn:r4467
2005-06-20 18:56:35 +00:00
Nick Mathewson
d4972bd2e1 Remove code that has been #if-0ed for a long time.
svn:r4435
2005-06-15 18:34:46 +00:00
Roger Dingledine
fcd0fc3364 flesh out the source file descriptions for doxygen
svn:r4404
2005-06-11 05:31:17 +00:00
Nick Mathewson
0831823763 Change end-of-file NLNL convention. It turns out arma I and I agree.
svn:r4382
2005-06-09 19:03:31 +00:00
Nick Mathewson
5420aed38e Possible bugfix for 151: backport candidate.
svn:r4318
2005-06-06 20:02:09 +00:00
Nick Mathewson
10b2208d93 Make Tor compile with no warnings with gcc4.0 on OSX
svn:r4184
2005-05-07 05:55:06 +00:00
Nick Mathewson
0e81265359 update copyright notices.
svn:r3982
2005-04-01 20:15:56 +00:00
Nick Mathewson
837d7dff69 Try to make crash-on-shutdown bug harder to trigger.
svn:r3939
2005-04-01 02:37:10 +00:00
Nick Mathewson
905c16846a Fix a few more instances of memory not freed on exit (found by weasel).
svn:r3830
2005-03-23 06:20:50 +00:00
Nick Mathewson
aac97a3c6a Tell openssl how to use locks and how to find thread ids -- this may prevent race conditions surrounding the error queue.
svn:r3622
2005-02-13 22:32:25 +00:00
Nick Mathewson
f6221b695f Apply windows patch from Dmitri Bely
svn:r3617
2005-02-12 21:03:37 +00:00
Roger Dingledine
9e6d6c6096 Bugfix: we've been using openssl's BIO_get_mem_data incorrectly.
We assumed the pem-encoded data written by PEM_write_bio_RSAPrivateKey
is nul-terminated, and at least sometimes, it's not.


svn:r3263
2005-01-03 22:35:40 +00:00
Nick Mathewson
8c85c0bef8 Note that length checking on base64_decode is kinda conservative
svn:r3144
2004-12-13 18:38:19 +00:00
Nick Mathewson
fd4c624677 Belt *or* suspenders will be sufficient when casting things to unsigned char.
svn:r3122
2004-12-08 07:20:21 +00:00
Nick Mathewson
fe6eb34a10 Solaris CC freaks out if isspace and friends get anything other than an int. We learned that, so we casted. But it is also a bad idea to cast a signed char to an int and expect things to work on win32. Now we cast to unsigned char, then to int, then pass to isspace. Ug
svn:r3120
2004-12-08 00:42:50 +00:00
Nick Mathewson
a980446d0c Be more proactive about noticing underflows: size_t values greater than 0x800...00 are likely to be trouble.
svn:r3064
2004-12-02 04:33:01 +00:00
Nick Mathewson
b457cfb5eb Spell-check strings and comments
svn:r3052
2004-12-01 03:48:14 +00:00
Nick Mathewson
7fbd297532 Suggestion from weasel: Make tor --version --version dump the cvs Id of every file.
svn:r3019
2004-11-29 22:25:31 +00:00
Nick Mathewson
6f5dbefa7e Normalize space: add one between every control keyword and control clause.
svn:r3003
2004-11-28 09:05:49 +00:00
Roger Dingledine
7c9a707900 remove emacs droppings, since nick says he doesn't need them anymore
svn:r2989
2004-11-26 04:00:55 +00:00
Nick Mathewson
5a5be93f80 Normalize whitespace; add a "tell me about all the unnormalized whitespace" target; fix a braino in dirserv.c
svn:r2758
2004-11-09 20:04:00 +00:00
Nick Mathewson
cea9125d71 Implement two flavors of authentication for control connections: one for trusted FS, one for untrusted FS.
svn:r2664
2004-11-03 19:49:03 +00:00
Nick Mathewson
ad4dc74482 Use a stricter set of warnings; make them all pass.
svn:r2645
2004-11-02 03:02:17 +00:00
Roger Dingledine
85c79ffbc7 canonicalize "src" and "dest" arg order in crypto.c (and others)
svn:r2644
2004-11-02 02:28:51 +00:00
Nick Mathewson
ce79bab7f1 Split util into util (general utilities), container (smartlist and strmap), and compat (cross-platform compatability).
svn:r2640
2004-11-01 20:41:47 +00:00
Nick Mathewson
5bc0dba933 Move all util functions that need openssl into crypto.c; make non-openssl functions that util needs into util. Now openssl can be separated.
svn:r2628
2004-10-30 19:26:31 +00:00
Nick Mathewson
2fbf31533b Tricksy compiler warnings! We hates them, hates them forever, my precious!
svn:r2615
2004-10-27 21:14:11 +00:00
Nick Mathewson
ce5709184b Pass with -Wstrict-prototypes
svn:r2614
2004-10-27 18:16:37 +00:00
Nick Mathewson
f67f83b1fa Use strlcpy, not strncpy
svn:r2603
2004-10-27 06:03:28 +00:00
Roger Dingledine
6d873e5743 don't assert multiple things in the same tor_assert()
svn:r2545
2004-10-16 22:28:11 +00:00
Nick Mathewson
a42adce362 fix memory leak in router.c; start relying on NULL==(zero bytes)
svn:r2538
2004-10-16 20:38:57 +00:00
Roger Dingledine
918ce7a084 a few more ints to size_ts
svn:r2461
2004-10-13 05:54:58 +00:00
Roger Dingledine
a7d858bd6e start the great migration from int to size_t
and clean some deadweight from util.h


svn:r2455
2004-10-12 20:20:19 +00:00
Roger Dingledine
1c757b917d fix signed/unsigned comparison, plus typo
svn:r2451
2004-10-12 19:09:40 +00:00
Nick Mathewson
6c970aec94 Turn tor_strpartion into a swiss-army-knife function, so it can terminate or not-terminate appropriately.
svn:r2429
2004-10-07 21:37:06 +00:00
Nick Mathewson
7b98fb58eb More complete docs for crypto.c; factor out string partitioning code
svn:r2427
2004-10-07 20:58:53 +00:00
Nick Mathewson
ce3162d035 Make base-64-encoded DER work, including workaround for ugly openssl misfeature that makes base64 decoding fail when you strip out the newlines.
svn:r2423
2004-10-07 03:11:42 +00:00
Nick Mathewson
8cca36d26a Implement (temporarily) a base64-encoded-DER format for RSA keys; make it easier to generate fingerprints with no space
svn:r2419
2004-10-06 13:26:10 +00:00
Nick Mathewson
93f085c4a2 Stop using openssl functions that rely on stdio; they can apparently lead to linker grief on win32.
svn:r2354
2004-09-21 04:55:43 +00:00
Nick Mathewson
0ef85f6dba Some platforms have weird translations when you open files in "test" mode; make read/write_str_to_file aware.
svn:r2336
2004-09-08 07:16:34 +00:00
Roger Dingledine
d91cacb839 agree with nick: this legal-chars-in-filename stuff gets us nothing
svn:r2310
2004-08-24 21:57:12 +00:00
Nick Mathewson
015232bd39 As far as I can tell, CONFIG_LEGAL_FILENAME_CHARACTERS is both pointless and broken. #if it out, pending agreement from arma. This fixes a bug on win32 that rejected paths with a : in them.
svn:r2309
2004-08-24 20:48:22 +00:00
Nick Mathewson
7119345fbb Fix base16_decode; trashing the stack is rude.
svn:r2110
2004-07-22 21:41:50 +00:00
Roger Dingledine
7459d067a5 now base16_encode() and base32_encode() can't ever fail
svn:r2103
2004-07-22 08:30:06 +00:00
Roger Dingledine
156cfb00fa oh, and it should compile too
svn:r2088
2004-07-21 22:34:32 +00:00
Roger Dingledine
6e571c8c4c make base16_encode() fail more obviously when it fails
svn:r2087
2004-07-21 22:33:26 +00:00
Nick Mathewson
7d8de8cd10 More digest/nickname fixes
svn:r2000
2004-07-02 23:40:03 +00:00
Nick Mathewson
541add90a1 Track routers by hash of identity key; use hex hash of identity key in place of nickname; accept (and use) hash of identity key in EXTEND cells.
svn:r1994
2004-07-01 01:16:59 +00:00
Roger Dingledine
8ca162c472 put a comment reminding us that we do hashes in software only
svn:r1925
2004-06-01 16:36:56 +00:00
Roger Dingledine
6dc576bab7 bugfix: our integrity-checking digest was checking only the most
recent cell, not the previous cells like we'd thought.

this change is backward incompatible.


svn:r1868
2004-05-15 23:49:41 +00:00
Nick Mathewson
9c3fba5c3b Not every RSA decrypt should warn on failure.
svn:r1853
2004-05-12 19:30:28 +00:00
Roger Dingledine
3cdf2d67da it's amazing what a bit of punctuation can do for appearances
svn:r1843
2004-05-10 10:27:54 +00:00
Nick Mathewson
c0ea93337d Doxygenate common.
svn:r1829
2004-05-10 03:53:24 +00:00
Roger Dingledine
1558fb7650 some patches on the patches
svn:r1761
2004-05-01 23:29:20 +00:00
Nick Mathewson
9a041591ac Finish documenting the functions in common
svn:r1758
2004-05-01 21:41:23 +00:00
Nick Mathewson
908ccb9dcd Handle windows socket errors correctly; comment most of common.
svn:r1756
2004-05-01 20:46:28 +00:00
Nick Mathewson
ddb15b8f67 Remove IVs from cipher code, since AES-ctr has none.
svn:r1742
2004-04-28 20:31:32 +00:00
Roger Dingledine
5d1510883e use nick's _ARRAYSIZE abstraction
svn:r1741
2004-04-28 20:22:37 +00:00
Nick Mathewson
7055f837ab Make Tor build on win32 with VC6 without warnings.
svn:r1739
2004-04-28 20:13:21 +00:00
Nick Mathewson
ac622d94dc Workarounds for a couple of pieces of windows strangeness.
svn:r1734
2004-04-28 19:35:12 +00:00
Roger Dingledine
4e0dd5bd33 some compilers don't like an array of length zero
nick: should we remove support for IVs for now, since we don't
use them and don't plan to use them?


svn:r1732
2004-04-27 23:50:35 +00:00
Nick Mathewson
f6dbe5a0d4 Refactor crypto error handling to be more like TLS error handling:
crypto_perror is a no-no, since an operation can set more than one
error.

Also, fix a bug in the unix crypto_seed_rng: mixing stdio with
/dev/urandom is a bad idea, since fopen can make all kinds of weird
extraneous syscalls (mmap, fcntl, stat64, etc.) and since fread tends
to buffer data in big chunks, thus depleting the entropy pool.


svn:r1717
2004-04-26 18:09:50 +00:00
Roger Dingledine
37192bd25e use tor_assert and PUBLIC_KEY_OK
but don't use tor_assert inside log.c, to avoid loops


svn:r1696
2004-04-25 19:59:38 +00:00
Nick Mathewson
70bbd0cafa Add assert on crypto_pk_write_private_key,and macros to make sure we have real keys
svn:r1694
2004-04-25 19:21:44 +00:00
Roger Dingledine
6a45028ccb don't warn when private_decrypt_hybrid fails
svn:r1689
2004-04-25 04:32:59 +00:00
Nick Mathewson
c44016e86e Merge flagday into main branch.
svn:r1683
2004-04-24 22:17:50 +00:00
Nick Mathewson
306adfc8bd Fix two dumb leaks in crypto.c
svn:r1592
2004-04-12 05:27:38 +00:00
Nick Mathewson
aa7cfd93e5 Fix base32 implementation; make base32 implementation follow standard; add more tests for base32
svn:r1574
2004-04-08 20:56:33 +00:00
Nick Mathewson
f24519e4b9 Set correct address and port mappings on outgoing rendezvous connections
svn:r1513
2004-04-06 22:05:49 +00:00
Nick Mathewson
2fc106d210 Force hybrid encryption on for key negotiation
svn:r1509
2004-04-06 20:55:46 +00:00
Nick Mathewson
6290d027c9 Continue attack on magic numbers; use new crypto wrappers where possible
svn:r1504
2004-04-06 20:16:12 +00:00
Nick Mathewson
12ede0a2c4 use the right variable when comparing hashes; maybe fix "Hash of session" bug
svn:r1481
2004-04-05 17:36:30 +00:00
Nick Mathewson
84b9e90d5f i2d_RSAPublicKey advances the pointer it receives past the ASN1-encoded string.
svn:r1478
2004-04-05 17:10:48 +00:00
Nick Mathewson
b3c2b62a14 Make "common" no longer depend on or.h
svn:r1466
2004-04-03 04:05:12 +00:00
Nick Mathewson
ffc58cd91a Build without warnings against openssl 0.9.6
svn:r1459
2004-04-03 02:43:09 +00:00
Nick Mathewson
137b577bbd Refactor the heck out of crypto interface: admit that we will stick with one ciphersuite at a time, make const things const, and stop putting openssl in the headers.
svn:r1458
2004-04-03 02:40:30 +00:00
Nick Mathewson
e8345bfced refactor; start adding debugging logs to midpoint rend stuff
svn:r1445
2004-04-02 23:30:54 +00:00
Nick Mathewson
cbbd13f789 Add new functions to wrap digest and sign/checksig.
svn:r1436
2004-04-01 22:10:33 +00:00
Nick Mathewson
56b3d67149 Separate "generate-DH-key" from "get-DH-key" without breaking old interface
svn:r1431
2004-04-01 20:04:54 +00:00
Nick Mathewson
35f531b94f Add helpful hybrid encryption functions
svn:r1423
2004-04-01 03:08:35 +00:00
Roger Dingledine
d7cb4d0ae6 make changes that ben laurie suggested
(ben, was this what you had in mind?)


svn:r1415
2004-03-31 22:41:25 +00:00
Nick Mathewson
6ea61d5e0d Parse and generate service descriptors
svn:r1403
2004-03-31 02:07:38 +00:00
Nick Mathewson
919a8f236e Resolve type-punning warnings
svn:r1399
2004-03-30 22:50:49 +00:00
Nick Mathewson
c31f5505da Jump through a hoop, suppress a warning
svn:r1398
2004-03-30 22:42:26 +00:00
Nick Mathewson
6ea95488d2 Add more key manipulation functions, and base32 functions, to crypto
svn:r1395
2004-03-30 19:47:32 +00:00
Roger Dingledine
c195f69058 isspace and friends take an int. solaris cares.
svn:r1303
2004-03-19 20:50:12 +00:00
Roger Dingledine
45a3f6b97c more pesky tabs
svn:r1265
2004-03-12 13:02:16 +00:00
Nick Mathewson
9b4203266e Make OP work on windows! (Also misc logging tweaks)
svn:r1258
2004-03-11 06:19:08 +00:00
Nick Mathewson
59e2c77824 Get entropy in windows.
svn:r1257
2004-03-11 05:14:06 +00:00
Roger Dingledine
20f11f1800 clarifying comment for crypto_pk_get_fingerprint
svn:r1243
2004-03-08 00:11:37 +00:00
Roger Dingledine
bc8c6732cb add crypto_cipher_rewind to reverse crypto_cipher_advance
svn:r957
2003-12-23 07:43:05 +00:00
Roger Dingledine
389eb48690 document an openssl gotcha
svn:r947
2003-12-17 05:31:52 +00:00
Roger Dingledine
f3b165fdc0 change crypto_digest_new_env to crypto_new_digest_env
(and same with _free_)
to match our conventions
i think our conventions may be getting too ad hoc


svn:r940
2003-12-16 08:13:26 +00:00
Roger Dingledine
e358a362ee rename digest_copy to digest_dup, make it return, make gcc happier
svn:r939
2003-12-16 05:47:21 +00:00
Nick Mathewson
eeae6157ed Add more fine-grained SHA1 functionality.
svn:r937
2003-12-16 05:29:04 +00:00
Roger Dingledine
1ae84fcbc1 add a 'smartlist' building block that picks random elements from a list
svn:r897
2003-12-13 01:42:44 +00:00
Nick Mathewson
ac552573dd Make router/directory parsing nondestructive and more const-friendly
svn:r890
2003-12-08 23:45:37 +00:00
Roger Dingledine
05b9c35173 assert that nobody asks for a random number between 0 and -1
svn:r875
2003-12-03 08:08:07 +00:00
Nick Mathewson
5e4b9c6b61 Remove minor biasing problem from crypto_pseudo_rand_int
svn:r799
2003-11-12 04:28:30 +00:00
Nick Mathewson
785f5cdac8 Make crypto_pseudo_rand* never fail.
svn:r797
2003-11-12 04:12:35 +00:00
Roger Dingledine
36fb8e839d change WARNING to WARN
svn:r570
2003-10-10 01:48:03 +00:00
Nick Mathewson
36939303c9 Update LICENSE and copyright dates.
svn:r560
2003-10-08 02:04:08 +00:00
Roger Dingledine
bf10a3c0f1 finish enforcing the log convention
svn:r494
2003-09-26 22:27:24 +00:00
Nick Mathewson
febb2251ca Add code to parse fingerprint files and compare routers against fingerprint files.
svn:r490
2003-09-26 20:41:23 +00:00
Nick Mathewson
a3e08a0119 Bugfixes in crypto_pk_write_private_key_to_filename
svn:r489
2003-09-26 18:44:20 +00:00
Nick Mathewson
92acbe12bc Refactor common file code into util.c; add published to descriptors
svn:r487
2003-09-26 18:27:35 +00:00
Nick Mathewson
3d4ccb781a Refactor buffers; implement descriptors.
'buf_t' is now an opaque type defined in buffers.c .

Router descriptors now include all keys; routers generate keys as
needed on startup (in a newly defined "data directory"), and generate
their own descriptors.  Descriptors are now self-signed.

Implementation is not complete: descriptors are never published; and
upon receiving a descriptor, the directory doesn't do anything with
it.

At least "routers.or" and orkeygen are now obsolete, BTW.


svn:r483
2003-09-25 05:17:11 +00:00
Nick Mathewson
e4dfc3c8fe Cipher lists need to be colon separated. Also make initialization more bulletproof
svn:r459
2003-09-15 19:38:52 +00:00
Nick Mathewson
f5b4ef1fa2 Simplify some code paths in TLS; cut down on memory leaks; use
reasonable ciphers if not everyone has OpenSSL 0.9.7.


svn:r442
2003-09-11 21:12:39 +00:00
Nick Mathewson
9955b265ab Make crypto structures private to crypto.c
svn:r437
2003-09-10 00:47:24 +00:00
Nick Mathewson
fd20011c26 Add initial interfaces and code for TLS support. Interfaces are right; code needs work and testing.
svn:r424
2003-09-04 16:05:08 +00:00
Roger Dingledine
58c5d5e918 fix formatting in crypto.c for my sanity
svn:r411
2003-08-25 07:06:12 +00:00
Nick Mathewson
c336c99e60 Start of port to win32. Missing are:
- signal support
  - forking for DNS farm
  - changes for async IO
  - daemonizing

In other words, some files still don't build, and the ones that do build,
do nonblocking IO incorrectly.

I'm also not checking in the project files till I have a good place
for them.


svn:r380
2003-08-12 03:08:41 +00:00
Nick Mathewson
f12fdd62aa Be smarter about getting key matter from DH.
Formerly, once we had g^xy, we took the last N bytes from g^xy.

Now, we take SHA(g^xy || [0]) || SHA1(g^xy || [1]) || ... , in order
to use all bits from g^xy equally, and generate as much key material
as we need.


svn:r370
2003-07-30 19:10:20 +00:00
Nick Mathewson
300984c057 Add AES counter-mode support to the crypt library
svn:r362
2003-06-30 19:18:32 +00:00
Roger Dingledine
23b1586c26 clean up a broken comment in crypto.c
svn:r351
2003-06-24 21:34:19 +00:00
Roger Dingledine
968d31162b fix typos, streamline
svn:r337
2003-06-18 07:44:48 +00:00
Nick Mathewson
95e5384af3 Change many files to new log_fn format
svn:r333
2003-06-17 22:18:26 +00:00
Nick Mathewson
769c78a395 Use fread instead of fgets for binary data
svn:r328
2003-06-17 20:19:41 +00:00
Nick Mathewson
9182537238 Fix the periodic bug that would make handshaking fail.
The culprit: sometimes DH_calculate_key returns less than DH_KEY_LEN bytes;
we needed to check the return value.


svn:r322
2003-06-14 01:30:53 +00:00
Nick Mathewson
d21c0feb5a Add RNG seeding
svn:r318
2003-06-13 21:13:37 +00:00
Roger Dingledine
e75dc941a7 don't complain as much when using openssl 0.9.7a
svn:r308
2003-06-10 20:50:56 +00:00
Roger Dingledine
59029a3eed replace malloc with tor_malloc; remove broken/unused crypto_pk_set_key
svn:r292
2003-05-20 06:37:34 +00:00
Nick Mathewson
afc0eb2c71 Tested backends for directory signing and checking. Directory parser completely refactored. Need documentation and integration. Explanitory mail forthcoming.
svn:r271
2003-05-07 18:30:46 +00:00
Nick Mathewson
445cd8f0f1 Decrease DH group length to 1024. (Roger, you may want to read section 1 of the IETF draft: a 1024-bit DH key probably reduces our cipher strength to ~80 bits.)
svn:r269
2003-05-07 02:28:42 +00:00
Nick Mathewson
d0ff485e1b More work on directories. Signed directories not yet tested. No support for checking sigs yet
svn:r268
2003-05-07 02:13:23 +00:00
Nick Mathewson
6af79f3a03 Basic diffie-helman wrappers with fixed modulus and tests
svn:r257
2003-05-01 00:53:46 +00:00
Roger Dingledine
fe1aba7f15 more cleanup
svn:r242
2003-04-16 23:22:05 +00:00
Nick Mathewson
acc33c18e2 Tests for crypto; more tests for buffers
svn:r234
2003-04-16 15:24:09 +00:00
Nick Mathewson
3a89d27e66 Correct defeatest attitude in crypto_new_cipher_env
svn:r201
2003-03-19 21:27:21 +00:00
Nick Mathewson
8ff1c3e21f Refactor block ciphers; add 3des
svn:r196
2003-03-19 20:41:15 +00:00
Roger Dingledine
00a9e3732e remove popt dependency, consolidate config stuff
reformat parts of onion.c


svn:r136
2002-11-23 06:49:01 +00:00
Nick Mathewson
bef3424bec Add convenience functions to wrap create and init for symmetric ciphers; clean up error handling in onion.c
svn:r131
2002-10-02 20:39:51 +00:00
Roger Dingledine
2fa4b5bb53 don't leak memory on pk ops
svn:r117
2002-09-27 22:13:22 +00:00
Roger Dingledine
253f0f160e laying the groundwork for dynamic router lists
revamped the router reading section

reference counting for crypto pk env's (so we can dup them)

we now read and write pem pk keys from string rather than from FILE*,
  in anticipation of fetching directories over a socket
  (so now on startup we slurp in the whole file, then parse it as a string)

fixed a bug in the proxy side, where you could get some circuits
  wedged if they showed up while the connection was being made


svn:r110
2002-09-24 10:43:57 +00:00
Roger Dingledine
f9f3e2f120 slight optimization on rsa exponent
use 2**16+1 rather than 2**16 + 2**(-1)


svn:r99
2002-09-05 19:04:47 +00:00
Nick Mathewson
4c761e4537 Backport to OpenSSL version 0.9.5
svn:r91
2002-09-03 19:16:02 +00:00
Nick Mathewson
fdb31225b7 Port to MacOS X
svn:r88
2002-09-03 18:44:24 +00:00
Matej Pjafjar
01aadefbfc Changed crypto calls to go through common/crypto.[hc] instead of calling OpenSSL directly.
svn:r76
2002-08-22 07:30:03 +00:00
Matej Pjafjar
e01522bbed Added the crypto abstraction to libor. Need to test and change the code to use this instead of OpenSSL.
svn:r74
2002-07-25 08:17:22 +00:00
Matej Pjafjar
5af5a96343 Beginnings of a crypto abstraction layer.
svn:r73
2002-07-24 14:02:39 +00:00