Commit Graph

266 Commits

Author SHA1 Message Date
Nick Mathewson
9fa73003fc Remove dmalloc support; closes #26426
Dmalloc hasn't seen a release in over a decade, and there are much
better tools to use these days.
2018-06-20 10:21:34 -04:00
Nick Mathewson
0dab29ce10 Run rectify_include_paths.py 2018-06-20 09:35:05 -04:00
Nick Mathewson
fb0019daf9 Update copyrights to 2018. 2018-06-20 08:13:28 -04:00
Fernando Fernandez Mancera
f91469c165 Refactor crypto.[ch] into smaller DH module.
Add two new files (crypto_dh.c, crypto_dh.h) as new module of crypto.[ch]. This
new module includes all functions and dependencies related to DH operations.
Those have been removed from crypto.[ch].

Follows #24658.

Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
2018-05-08 15:51:39 +02:00
Isis Lovecruft
f17ace1460
crypto: Move declaration of crypto_init_siphash_key() into crypto.h.
On second thought, this is a global initialisation function and
doesn't conceptually have much to do with getting/using randomnesses.
2018-04-18 19:16:35 +00:00
Isis Lovecruft
64e6551b8b
crypto: Remove unnecessary includes from src/common/crypto.[ch]
* FIXES part of #24658: https://bugs.torproject.org/24658
2018-04-06 22:49:13 +00:00
Isis Lovecruft
fe3aca1491
crypto: Refactor (P)RNG functionality into new crypto_rand module.
* ADD new /src/common/crypto_rand.[ch] module.
 * ADD new /src/common/crypto_util.[ch] module (contains the memwipe()
   function, since all crypto_* modules need this).
 * FIXES part of #24658: https://bugs.torproject.org/24658
2018-04-06 21:45:28 +00:00
Fernando Fernandez Mancera
0fad49e1c4 Move crypto_pk_obsolete_* functions into RSA module.
We moved the crypto_pk_obselete_* functions into crypto_rsa.[ch] because they fit
better with the RSA module.

Follows #24658.

Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
2018-02-16 18:23:21 +01:00
Fernando Fernandez Mancera
202d27af71 Add xof functions into crypto_digest.[ch]
Added xof functions and operations into xof+digest module.

Follows #24658.

Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
2018-02-03 17:04:29 +01:00
Fernando Fernandez Mancera
f8b1493681 Refactor crypto.[ch] into smaller xof+digest module.
Add two new files (crypto_digest.c, crypto_digest.h) as new module of
crypto.[ch].  This new module includes all functions and dependencies related
to digest and xof operations. Those have been removed from crypto.[ch].

Follows #24658.

Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
2018-02-03 15:27:55 +01:00
Fernando Fernandez Mancera
54783b4c22 Refactor crypto.[ch] into smaller RSA module.
Add two new files (crypto_rsa.c, crypto_rsa.h) as new module of crypto.[ch].
This new module includes all functions and dependencies related to RSA
operations. Those have been removed from crypto.[ch].

All new changes related to RSA operations must be done in these files.

Follows #24658

Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
2018-01-26 13:09:52 +01:00
Nick Mathewson
13a2acba3c Merge remote-tracking branch 'ffmancera/bug24658-openssl' 2018-01-23 14:02:45 -05:00
Fernando Fernandez Mancera
4022277272 Refactor crypto.[ch] into smaller OpenSSL module.
Add two new files (crypto_openssl.c, crypto_openssl.h) as new module of
crypto.[ch]. This new module includes all functions and dependencies related
to OpenSSL management. Those have been removed from crypto.[ch].

All new changes related to OpenSSL management must be done in these files.

Follows #24658

Signed-off-by: Fernando Fernandez Mancera <ffernandezmancera@gmail.com>
2018-01-08 14:02:17 +01:00
Nick Mathewson
17dcce3fe1 Fix wide lines introduced by previous patch. 2017-12-08 14:47:19 -05:00
Nick Mathewson
285632a61b Replace all FREE_AND_NULL* uses to take a type and a free function.
This commit was made mechanically by this perl script:

\#!/usr/bin/perl -w -i -p

next if /^#define FREE_AND_NULL/;
s/\bFREE_AND_NULL\((\w+),/FREE_AND_NULL\(${1}_t, ${1}_free_,/;
s/\bFREE_AND_NULL_UNMATCHED\(/FREE_AND_NULL\(/;
2017-12-08 14:47:19 -05:00
Nick Mathewson
2f086888b1 Make all the crypto free() functions macros that clear their targets 2017-11-17 12:01:30 -05:00
David Goulet
5dea4b565f Add a BASE32_DIGEST_LEN define
Use this value instead of hardcoded values of 32 everywhere. This also
addresses the use of REND_DESC_ID_V2_LEN_BASE32 in
hs_lookup_last_hid_serv_request() for the HSDir encoded identity digest length
which is accurate but semantically wrong.

Fixes #23305.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-19 12:33:04 -04:00
Nick Mathewson
c1deabd3b0 Run our #else/#endif annotator on our source code. 2017-09-15 16:24:44 -04:00
Nick Mathewson
6c8c973191 Rename the hybrid_encrypt/decrypt functions; label them as dangerous
We need to keep these around for TAP and old-style hidden services,
but they're obsolete, and we shouldn't encourage anyone to use them.
So I've added "obsolete" to their names, and a comment explaining
what the problem is.

Closes ticket 23026.
2017-07-24 14:34:53 -04:00
George Kadianakis
f35f52e869 Hide crypto_digest_t again and use an accessor for tests. 2017-07-07 11:12:27 -04:00
George Kadianakis
43a73f6eb6 test: Crypto groundwork for e2e circuit unittests.
- Move some crypto structures so that they are visible by tests.

- Introduce a func to count number of hops in cpath which will be used
  by the tests.

- Mark a function as mockable.
2017-07-07 11:12:26 -04:00
Nick Mathewson
e7506c03cf Isolate dmalloc/openssl bridge code to crypto.c
This makes it so main.c, and the rest of src/or, no longer need to
include any openssl headers.
2017-03-31 10:04:44 -04:00
Nick Mathewson
7505f452c8 Run the copyright update script. 2017-03-15 16:13:17 -04:00
Nick Mathewson
558c04f5b1 Merge branch 'combined-fuzzing-v4' 2017-01-30 08:40:46 -05:00
Nick Mathewson
e2aeaeb76c Make a bunch of signature/digest-checking functions mockable 2017-01-30 08:37:22 -05:00
Nick Mathewson
ac3b559e93 Merge branch 'bug20569_030_02_squashed' 2017-01-11 12:52:52 -05:00
David Goulet
870b5e2227 hs: Use AES-256 for v3 descriptor
That key size is taken from proposal 224 thus specified in the protocol.

Closes #20569

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-01-11 12:52:34 -05:00
David Goulet
118691cd47 crypto: Change crypto_mac_sha3_256 to use the key length in the construction
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-12-14 15:18:40 -05:00
George Kadianakis
b9010c8bf5 prop224 prepwork: Introduce HMAC-SHA3 function. 2016-12-14 15:17:57 -05:00
Nick Mathewson
6cb9c2cf77 Add support for AES256 and AES192
(This will be used by prop224)
2016-09-16 11:21:33 -04:00
Nick Mathewson
83129031b1 Remove a needless level of indirection from crypto_cipher_t
Now that crypto_cipher_t only contains a pointer, it no longer
has any reason for an independent existence.
2016-09-16 10:20:08 -04:00
Nick Mathewson
64521a9d35 Merge remote-tracking branch 'public/solaris_warnings_028' 2016-09-11 16:52:24 -04:00
Nick Mathewson
5e30e26c6d Chop another ~93 RSA key generations out of the unit tests
We have a mock for our RSA key generation function, so we now wire
it to pk_generate(). This covers all the cases that were not using
pk_generate() before -- all ~93 of them.
2016-09-09 09:45:50 -04:00
Nick Mathewson
94bff894f9 Fix a large pile of solaris warnings for bug 19767.
In nearly all cases, this is a matter of making sure that we include
orconfig.h before we include any standard c headers.
2016-07-28 10:47:46 -04:00
Nick Mathewson
53a3b39da1 Add -Wmissing-variable-declarations, with attendant fixes
This is a big-ish patch, but it's very straightforward.  Under this
clang warning, we're not actually allowed to have a global variable
without a previous extern declaration for it.  The cases where we
violated this rule fall into three roughly equal groups:
  * Stuff that should have been static.
  * Stuff that was global but where the extern was local to some
    other C file.
  * Stuff that was only global when built for the unit tests, that
    needed a conditional extern in the headers.

The first two were IMO genuine problems; the last is a wart of how
we build tests.
2016-06-11 10:11:54 -04:00
Nick Mathewson
b53a2059c4 Expose crypto_digest_algorithm_get_length from crypto.c
Also, use it in routerparse.c
2016-05-23 10:58:27 -04:00
Nick Mathewson
7a5f15b6e0 Improve test coverage of our strongest-rng code. 2016-05-16 08:25:59 -04:00
Nick Mathewson
57699de005 Update the copyright year. 2016-02-27 18:48:19 +01:00
Nick Mathewson
882e0fbd76 Merge branch 'bug17795' 2016-02-23 07:25:12 -05:00
Nick Mathewson
a8d6989589 Whitespace fixes 2016-02-10 15:35:46 -05:00
Nick Mathewson
9746aed2ba Another automated rename.
Also simplify crypto_common_digests() to have no loop.
2016-02-10 15:32:12 -05:00
Nick Mathewson
8a4bba06d2 Rename crypto_digest_all, and digests_t.
They are no longer "all" digests, but only the "common" digests.

Part of 17795.

This is an automated patch I made with a couple of perl one-liners:

  perl -i -pe 's/crypto_digest_all/crypto_common_digests/g;' src/*/*.[ch]
  perl -i -pe 's/\bdigests_t\b/common_digests_t/g;' src/*/*.[ch]
2016-02-10 15:28:19 -05:00
Hassan Alsibyani
edd93f9de8 changing output of crypto_cipher_crypt_inplace from int to void 2016-02-06 12:14:39 -05:00
Nick Mathewson
39b597c2fd Restrict the meaning of digests_t to sha1+sha256.
This saves CPU and RAM when handling consensuses and x509 certs.

Closes ticket 17795; bug not in any released tor.
2016-01-27 13:10:17 -05:00
Nick Mathewson
a1019b82c1 Merge remote-tracking branch 'public/feature16794_more' 2016-01-08 14:54:51 -08:00
Nick Mathewson
a12c5f462f Remove the (now-unused) digest_algorithm_bitfield_t 2015-12-29 09:47:04 -05:00
Nick Mathewson
d7c841f467 Unit tests for crypto_force_rand_ssleay().
Part of 16794.
2015-12-23 09:58:08 -05:00
Yawning Angel
9467485517 Add crypto_xof_t and assorted routines, backed by SHAKE256.
This is an eXtendable-Output Function with the following claimed
security strengths against *all* adversaries:

 Collision: min(d/2, 256)
 Preimage: >= min(d, 256)
 2nd Preimage: min(d, 256)

 where d is the amount of output used, in bits.
2015-12-19 22:45:21 +00:00
Yawning Angel
687f9b3bd7 Add the SHA-3 hash functions to common/crypto.h.
* DIGEST_SHA3_[256,512] added as supported algorithms, which do
   exactly what is said on the tin.
 * test/bench now benchmarks all of the supported digest algorithms,
   so it's possible to see just how slow SHA-3 is, though the message
   sizes could probably use tweaking since this is very dependent on
   the message size vs the SHA-3 rate.
2015-12-19 22:44:05 +00:00
Nick Mathewson
7186e2a943 Merge remote-tracking branch 'public/feature17694_strongest_027' 2015-12-10 09:02:10 -05:00