Loading src/common/crypto.c +44 −15 Original line number Diff line number Diff line Loading @@ -40,6 +40,24 @@ #define RETURN_SSL_OUTCOME(exp) return !(exp) #endif struct crypto_pk_env_t { int type; int refs; /* reference counting; so we don't have to copy keys */ unsigned char *key; /* auxiliary data structure(s) used by the underlying crypto library */ unsigned char *aux; }; struct crypto_cipher_env_t { int type; unsigned char *key; unsigned char *iv; /* auxiliary data structure(s) used by the underlying crypto library */ unsigned char *aux; }; /* static INLINE const EVP_CIPHER * crypto_cipher_evp_cipher(int type, int enc); */ Loading Loading @@ -102,31 +120,37 @@ int crypto_global_cleanup() return 0; } crypto_pk_env_t *crypto_new_pk_env(int type) crypto_pk_env_t *_crypto_new_pk_env_rsa(RSA *rsa) { crypto_pk_env_t *env; assert(rsa); env = (crypto_pk_env_t *)tor_malloc(sizeof(crypto_pk_env_t)); env->type = type; env->type = CRYPTO_PK_RSA; env->refs = 1; env->key = NULL; env->key = (unsigned char*)rsa; env->aux = NULL; return env; } switch(type) { case CRYPTO_PK_RSA: env->key = (unsigned char *)RSA_new(); if (!env->key) { free(env); RSA *_crypto_pk_env_get_rsa(crypto_pk_env_t *env) { if (env->type != CRYPTO_PK_RSA) return NULL; return (RSA*)env->key; } break; crypto_pk_env_t *crypto_new_pk_env(int type) { RSA *rsa; switch(type) { case CRYPTO_PK_RSA: rsa = RSA_new(); if (!rsa) return NULL; return _crypto_new_pk_env_rsa(rsa); default: free(env); return NULL; } return env; } void crypto_free_pk_env(crypto_pk_env_t *env) Loading Loading @@ -617,6 +641,11 @@ int crypto_cipher_set_key(crypto_cipher_env_t *env, unsigned char *key) return 0; } unsigned char *crypto_cipher_get_key(crypto_cipher_env_t *env) { return env->key; } int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env) { assert(env); Loading src/common/crypto.h +3 −17 Original line number Diff line number Diff line Loading @@ -18,23 +18,8 @@ #define CRYPTO_PK_RSA 0 typedef struct { int type; int refs; /* reference counting; so we don't have to copy keys */ unsigned char *key; /* auxiliary data structure(s) used by the underlying crypto library */ unsigned char *aux; } crypto_pk_env_t; typedef struct { int type; unsigned char *key; unsigned char *iv; /* auxiliary data structure(s) used by the underlying crypto library */ unsigned char *aux; } crypto_cipher_env_t; typedef struct crypto_pk_env_t crypto_pk_env_t; typedef struct crypto_cipher_env_t crypto_cipher_env_t; /* global state */ int crypto_global_init(); Loading Loading @@ -94,6 +79,7 @@ int crypto_cipher_set_iv(crypto_cipher_env_t *env, unsigned char *iv); int crypto_cipher_set_key(crypto_cipher_env_t *env, unsigned char *key); int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env); int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env); unsigned char *crypto_cipher_get_key(crypto_cipher_env_t *env); int crypto_cipher_encrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to); int crypto_cipher_decrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to); Loading src/or/connection_or.c +6 −6 Original line number Diff line number Diff line Loading @@ -249,9 +249,9 @@ or_handshake_op_send_keys(connection_t *conn) { /* compose the message */ *(uint16_t *)(message) = htons(HANDSHAKE_AS_OP); memcpy((void *)(message+FLAGS_LEN), (void *)conn->f_crypto->key, 16); (void *)crypto_cipher_get_key(conn->f_crypto), 16); memcpy((void *)(message+FLAGS_LEN+KEY_LEN), (void *)conn->b_crypto->key, 16); (void *)crypto_cipher_get_key(conn->b_crypto), 16); /* encrypt with RSA */ if(crypto_pk_public_encrypt(conn->pkey, message, sizeof(message), cipher, RSA_PKCS1_PADDING) < 0) { Loading Loading @@ -322,9 +322,9 @@ or_handshake_client_send_auth(connection_t *conn) { *(uint32_t*)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN) = htonl(conn->addr); /* remote address */ *(uint16_t*)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN) = htons(conn->port); /* remote port */ memcpy(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN, conn->f_crypto->key,16); /* keys */ crypto_cipher_get_key(conn->f_crypto),16); /* keys */ memcpy(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN+KEY_LEN, conn->b_crypto->key,16); crypto_cipher_get_key(conn->b_crypto),16); log(LOG_DEBUG,"or_handshake_client_send_auth() : Generated first authentication message."); /* encrypt message */ Loading Loading @@ -406,8 +406,8 @@ or_handshake_client_process_auth(connection_t *conn) { log(LOG_ERR,"client_process_auth: Router %s:%u: bad address info.", conn->address,conn->port); return -1; } if ( (memcmp(conn->f_crypto->key, buf+12, 16)) || /* keys */ (memcmp(conn->b_crypto->key, buf+28, 16)) ) { if ( (memcmp(crypto_cipher_get_key(conn->f_crypto), buf+12, 16)) ||/* keys */ (memcmp(crypto_cipher_get_key(conn->b_crypto), buf+28, 16)) ) { log(LOG_ERR,"client_process_auth: Router %s:%u: bad key info.",conn->address,conn->port); return -1; } Loading src/or/test.c +2 −2 Original line number Diff line number Diff line Loading @@ -269,7 +269,7 @@ test_crypto() test_neq(env2, 0); j = crypto_cipher_generate_key(env1); if (str_ciphers[i] != CRYPTO_CIPHER_IDENTITY) { crypto_cipher_set_key(env2, env1->key); crypto_cipher_set_key(env2, crypto_cipher_get_key(env1)); } crypto_cipher_set_iv(env1, "12345678901234567890"); crypto_cipher_set_iv(env2, "12345678901234567890"); Loading Loading @@ -309,7 +309,7 @@ test_crypto() env2 = crypto_new_cipher_env(str_ciphers[i]); test_neq(env2, 0); if (str_ciphers[i] != CRYPTO_CIPHER_IDENTITY) { crypto_cipher_set_key(env2, env1->key); crypto_cipher_set_key(env2, crypto_cipher_get_key(env1)); } crypto_cipher_set_iv(env2, "12345678901234567890"); crypto_cipher_encrypt_init_cipher(env2); Loading Loading
src/common/crypto.c +44 −15 Original line number Diff line number Diff line Loading @@ -40,6 +40,24 @@ #define RETURN_SSL_OUTCOME(exp) return !(exp) #endif struct crypto_pk_env_t { int type; int refs; /* reference counting; so we don't have to copy keys */ unsigned char *key; /* auxiliary data structure(s) used by the underlying crypto library */ unsigned char *aux; }; struct crypto_cipher_env_t { int type; unsigned char *key; unsigned char *iv; /* auxiliary data structure(s) used by the underlying crypto library */ unsigned char *aux; }; /* static INLINE const EVP_CIPHER * crypto_cipher_evp_cipher(int type, int enc); */ Loading Loading @@ -102,31 +120,37 @@ int crypto_global_cleanup() return 0; } crypto_pk_env_t *crypto_new_pk_env(int type) crypto_pk_env_t *_crypto_new_pk_env_rsa(RSA *rsa) { crypto_pk_env_t *env; assert(rsa); env = (crypto_pk_env_t *)tor_malloc(sizeof(crypto_pk_env_t)); env->type = type; env->type = CRYPTO_PK_RSA; env->refs = 1; env->key = NULL; env->key = (unsigned char*)rsa; env->aux = NULL; return env; } switch(type) { case CRYPTO_PK_RSA: env->key = (unsigned char *)RSA_new(); if (!env->key) { free(env); RSA *_crypto_pk_env_get_rsa(crypto_pk_env_t *env) { if (env->type != CRYPTO_PK_RSA) return NULL; return (RSA*)env->key; } break; crypto_pk_env_t *crypto_new_pk_env(int type) { RSA *rsa; switch(type) { case CRYPTO_PK_RSA: rsa = RSA_new(); if (!rsa) return NULL; return _crypto_new_pk_env_rsa(rsa); default: free(env); return NULL; } return env; } void crypto_free_pk_env(crypto_pk_env_t *env) Loading Loading @@ -617,6 +641,11 @@ int crypto_cipher_set_key(crypto_cipher_env_t *env, unsigned char *key) return 0; } unsigned char *crypto_cipher_get_key(crypto_cipher_env_t *env) { return env->key; } int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env) { assert(env); Loading
src/common/crypto.h +3 −17 Original line number Diff line number Diff line Loading @@ -18,23 +18,8 @@ #define CRYPTO_PK_RSA 0 typedef struct { int type; int refs; /* reference counting; so we don't have to copy keys */ unsigned char *key; /* auxiliary data structure(s) used by the underlying crypto library */ unsigned char *aux; } crypto_pk_env_t; typedef struct { int type; unsigned char *key; unsigned char *iv; /* auxiliary data structure(s) used by the underlying crypto library */ unsigned char *aux; } crypto_cipher_env_t; typedef struct crypto_pk_env_t crypto_pk_env_t; typedef struct crypto_cipher_env_t crypto_cipher_env_t; /* global state */ int crypto_global_init(); Loading Loading @@ -94,6 +79,7 @@ int crypto_cipher_set_iv(crypto_cipher_env_t *env, unsigned char *iv); int crypto_cipher_set_key(crypto_cipher_env_t *env, unsigned char *key); int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env); int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env); unsigned char *crypto_cipher_get_key(crypto_cipher_env_t *env); int crypto_cipher_encrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to); int crypto_cipher_decrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to); Loading
src/or/connection_or.c +6 −6 Original line number Diff line number Diff line Loading @@ -249,9 +249,9 @@ or_handshake_op_send_keys(connection_t *conn) { /* compose the message */ *(uint16_t *)(message) = htons(HANDSHAKE_AS_OP); memcpy((void *)(message+FLAGS_LEN), (void *)conn->f_crypto->key, 16); (void *)crypto_cipher_get_key(conn->f_crypto), 16); memcpy((void *)(message+FLAGS_LEN+KEY_LEN), (void *)conn->b_crypto->key, 16); (void *)crypto_cipher_get_key(conn->b_crypto), 16); /* encrypt with RSA */ if(crypto_pk_public_encrypt(conn->pkey, message, sizeof(message), cipher, RSA_PKCS1_PADDING) < 0) { Loading Loading @@ -322,9 +322,9 @@ or_handshake_client_send_auth(connection_t *conn) { *(uint32_t*)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN) = htonl(conn->addr); /* remote address */ *(uint16_t*)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN) = htons(conn->port); /* remote port */ memcpy(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN, conn->f_crypto->key,16); /* keys */ crypto_cipher_get_key(conn->f_crypto),16); /* keys */ memcpy(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN+KEY_LEN, conn->b_crypto->key,16); crypto_cipher_get_key(conn->b_crypto),16); log(LOG_DEBUG,"or_handshake_client_send_auth() : Generated first authentication message."); /* encrypt message */ Loading Loading @@ -406,8 +406,8 @@ or_handshake_client_process_auth(connection_t *conn) { log(LOG_ERR,"client_process_auth: Router %s:%u: bad address info.", conn->address,conn->port); return -1; } if ( (memcmp(conn->f_crypto->key, buf+12, 16)) || /* keys */ (memcmp(conn->b_crypto->key, buf+28, 16)) ) { if ( (memcmp(crypto_cipher_get_key(conn->f_crypto), buf+12, 16)) ||/* keys */ (memcmp(crypto_cipher_get_key(conn->b_crypto), buf+28, 16)) ) { log(LOG_ERR,"client_process_auth: Router %s:%u: bad key info.",conn->address,conn->port); return -1; } Loading
src/or/test.c +2 −2 Original line number Diff line number Diff line Loading @@ -269,7 +269,7 @@ test_crypto() test_neq(env2, 0); j = crypto_cipher_generate_key(env1); if (str_ciphers[i] != CRYPTO_CIPHER_IDENTITY) { crypto_cipher_set_key(env2, env1->key); crypto_cipher_set_key(env2, crypto_cipher_get_key(env1)); } crypto_cipher_set_iv(env1, "12345678901234567890"); crypto_cipher_set_iv(env2, "12345678901234567890"); Loading Loading @@ -309,7 +309,7 @@ test_crypto() env2 = crypto_new_cipher_env(str_ciphers[i]); test_neq(env2, 0); if (str_ciphers[i] != CRYPTO_CIPHER_IDENTITY) { crypto_cipher_set_key(env2, env1->key); crypto_cipher_set_key(env2, crypto_cipher_get_key(env1)); } crypto_cipher_set_iv(env2, "12345678901234567890"); crypto_cipher_encrypt_init_cipher(env2); Loading
