Loading changes/bug19043 0 → 100644 +5 −0 Original line number Diff line number Diff line o Major features (hidden services): - Relays can now handle v3 ESTABLISH_INTRO cells as specified by prop224 aka "Next Generation Hidden Services". Service and clients don't yet use this code functionnality. It marks another step towards prop224 deployment. Resolves ticket 19043. Initial code by Alec Heifetz. src/common/crypto.c +29 −0 Original line number Diff line number Diff line Loading @@ -2123,6 +2123,35 @@ crypto_hmac_sha256(char *hmac_out, tor_assert(rv); } /** Compute a MAC using SHA3-256 of <b>msg_len</b> bytes in <b>msg</b> using a * <b>key</b> of length <b>key_len</b> and a <b>salt</b> of length * <b>salt_len</b>. Store the result of <b>len_out</b> bytes in in * <b>mac_out</b>. This function can't fail. */ void crypto_mac_sha3_256(uint8_t *mac_out, size_t len_out, const uint8_t *key, size_t key_len, const uint8_t *msg, size_t msg_len) { crypto_digest_t *digest; const uint64_t key_len_netorder = tor_htonll(key_len); tor_assert(mac_out); tor_assert(key); tor_assert(msg); digest = crypto_digest256_new(DIGEST_SHA3_256); /* Order matters here that is any subsystem using this function should * expect this very precise ordering in the MAC construction. */ crypto_digest_add_bytes(digest, (const char *) &key_len_netorder, sizeof(key_len_netorder)); crypto_digest_add_bytes(digest, (const char *) key, key_len); crypto_digest_add_bytes(digest, (const char *) msg, msg_len); crypto_digest_get_digest(digest, (char *) mac_out, len_out); crypto_digest_free(digest); } /** Internal state for a eXtendable-Output Function (XOF). */ struct crypto_xof_t { keccak_state s; Loading src/common/crypto.h +4 −0 Original line number Diff line number Diff line Loading @@ -255,6 +255,10 @@ void crypto_digest_assign(crypto_digest_t *into, void crypto_hmac_sha256(char *hmac_out, const char *key, size_t key_len, const char *msg, size_t msg_len); void crypto_mac_sha3_256(uint8_t *mac_out, size_t len_out, const uint8_t *key, size_t key_len, const uint8_t *msg, size_t msg_len); crypto_xof_t *crypto_xof_new(void); void crypto_xof_add_bytes(crypto_xof_t *xof, const uint8_t *data, size_t len); void crypto_xof_squeeze_bytes(crypto_xof_t *xof, uint8_t *out, size_t len); Loading src/common/crypto_ed25519.c +5 −5 Original line number Diff line number Diff line Loading @@ -275,11 +275,11 @@ ed25519_sign(ed25519_signature_t *signature_out, * Like ed25519_sign(), but also prefix <b>msg</b> with <b>prefix_str</b> * before signing. <b>prefix_str</b> must be a NUL-terminated string. */ int ed25519_sign_prefixed(ed25519_signature_t *signature_out, MOCK_IMPL(int, ed25519_sign_prefixed,(ed25519_signature_t *signature_out, const uint8_t *msg, size_t msg_len, const char *prefix_str, const ed25519_keypair_t *keypair) const ed25519_keypair_t *keypair)) { int retval; size_t prefixed_msg_len; Loading src/common/crypto_ed25519.h +6 −5 Original line number Diff line number Diff line Loading @@ -55,11 +55,12 @@ int ed25519_checksig(const ed25519_signature_t *signature, const uint8_t *msg, size_t len, const ed25519_public_key_t *pubkey); int ed25519_sign_prefixed(ed25519_signature_t *signature_out, MOCK_DECL(int, ed25519_sign_prefixed,(ed25519_signature_t *signature_out, const uint8_t *msg, size_t len, const char *prefix_str, const ed25519_keypair_t *keypair); const ed25519_keypair_t *keypair)); int ed25519_checksig_prefixed(const ed25519_signature_t *signature, const uint8_t *msg, size_t len, Loading Loading
changes/bug19043 0 → 100644 +5 −0 Original line number Diff line number Diff line o Major features (hidden services): - Relays can now handle v3 ESTABLISH_INTRO cells as specified by prop224 aka "Next Generation Hidden Services". Service and clients don't yet use this code functionnality. It marks another step towards prop224 deployment. Resolves ticket 19043. Initial code by Alec Heifetz.
src/common/crypto.c +29 −0 Original line number Diff line number Diff line Loading @@ -2123,6 +2123,35 @@ crypto_hmac_sha256(char *hmac_out, tor_assert(rv); } /** Compute a MAC using SHA3-256 of <b>msg_len</b> bytes in <b>msg</b> using a * <b>key</b> of length <b>key_len</b> and a <b>salt</b> of length * <b>salt_len</b>. Store the result of <b>len_out</b> bytes in in * <b>mac_out</b>. This function can't fail. */ void crypto_mac_sha3_256(uint8_t *mac_out, size_t len_out, const uint8_t *key, size_t key_len, const uint8_t *msg, size_t msg_len) { crypto_digest_t *digest; const uint64_t key_len_netorder = tor_htonll(key_len); tor_assert(mac_out); tor_assert(key); tor_assert(msg); digest = crypto_digest256_new(DIGEST_SHA3_256); /* Order matters here that is any subsystem using this function should * expect this very precise ordering in the MAC construction. */ crypto_digest_add_bytes(digest, (const char *) &key_len_netorder, sizeof(key_len_netorder)); crypto_digest_add_bytes(digest, (const char *) key, key_len); crypto_digest_add_bytes(digest, (const char *) msg, msg_len); crypto_digest_get_digest(digest, (char *) mac_out, len_out); crypto_digest_free(digest); } /** Internal state for a eXtendable-Output Function (XOF). */ struct crypto_xof_t { keccak_state s; Loading
src/common/crypto.h +4 −0 Original line number Diff line number Diff line Loading @@ -255,6 +255,10 @@ void crypto_digest_assign(crypto_digest_t *into, void crypto_hmac_sha256(char *hmac_out, const char *key, size_t key_len, const char *msg, size_t msg_len); void crypto_mac_sha3_256(uint8_t *mac_out, size_t len_out, const uint8_t *key, size_t key_len, const uint8_t *msg, size_t msg_len); crypto_xof_t *crypto_xof_new(void); void crypto_xof_add_bytes(crypto_xof_t *xof, const uint8_t *data, size_t len); void crypto_xof_squeeze_bytes(crypto_xof_t *xof, uint8_t *out, size_t len); Loading
src/common/crypto_ed25519.c +5 −5 Original line number Diff line number Diff line Loading @@ -275,11 +275,11 @@ ed25519_sign(ed25519_signature_t *signature_out, * Like ed25519_sign(), but also prefix <b>msg</b> with <b>prefix_str</b> * before signing. <b>prefix_str</b> must be a NUL-terminated string. */ int ed25519_sign_prefixed(ed25519_signature_t *signature_out, MOCK_IMPL(int, ed25519_sign_prefixed,(ed25519_signature_t *signature_out, const uint8_t *msg, size_t msg_len, const char *prefix_str, const ed25519_keypair_t *keypair) const ed25519_keypair_t *keypair)) { int retval; size_t prefixed_msg_len; Loading
src/common/crypto_ed25519.h +6 −5 Original line number Diff line number Diff line Loading @@ -55,11 +55,12 @@ int ed25519_checksig(const ed25519_signature_t *signature, const uint8_t *msg, size_t len, const ed25519_public_key_t *pubkey); int ed25519_sign_prefixed(ed25519_signature_t *signature_out, MOCK_DECL(int, ed25519_sign_prefixed,(ed25519_signature_t *signature_out, const uint8_t *msg, size_t len, const char *prefix_str, const ed25519_keypair_t *keypair); const ed25519_keypair_t *keypair)); int ed25519_checksig_prefixed(const ed25519_signature_t *signature, const uint8_t *msg, size_t len, Loading