Commit bef3424b authored by Nick Mathewson's avatar Nick Mathewson 🏃
Browse files

Add convenience functions to wrap create and init for symmetric ciphers; clean...

Add convenience functions to wrap create and init for symmetric ciphers; clean up error handling in onion.c


svn:r131
parent 7032d16e
......@@ -98,6 +98,49 @@ void crypto_free_pk_env(crypto_pk_env_t *env)
return;
}
/* Create a new crypto_cipher_env_t for a given onion cipher type, key,
* iv, and encryption flag (1=encrypt, 0=decrypt). Return the crypto object
* on success; NULL on failure.
*/
crypto_cipher_env_t *
crypto_create_init_cipher(int cipher_type, char *key, char *iv, int encrypt_mode)
{
int r;
crypto_cipher_env_t *crypto = NULL;
if (! (crypto = crypto_new_cipher_env(cipher_type))) {
log(LOG_ERR, "Unable to allocate crypto object");
return NULL;
}
if (crypto_cipher_set_key(crypto, key)) {
log(LOG_ERR, "Unable to set key: %s", crypto_perror());
goto error;
}
if (crypto_cipher_set_iv(crypto, iv)) {
log(LOG_ERR, "Unable to set iv: %s", crypto_perror());
goto error;
}
if (encrypt_mode)
r = crypto_cipher_encrypt_init_cipher(crypto);
else
r = crypto_cipher_decrypt_init_cipher(crypto);
if (r) {
log(LOG_ERR, "Unabble to initialize cipher: %s", crypto_perror());
goto error;
}
return crypto;
error:
if (crypto)
crypto_free_cipher_env(crypto);
return NULL;
}
crypto_cipher_env_t *crypto_new_cipher_env(int type)
{
crypto_cipher_env_t *env;
......@@ -650,3 +693,4 @@ char *crypto_perror()
{
return (char *)ERR_reason_error_string(ERR_get_error());
}
......@@ -74,6 +74,9 @@ int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env);
int crypto_cipher_encrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to);
int crypto_cipher_decrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to);
/* convenience function: wraps crypto_create_crypto_env, set_key, set_iv, and init. */
crypto_cipher_env_t *crypto_create_init_cipher(int cipher_type, char *key, char *iv, int encrypt_mode);
/* SHA-1 */
int crypto_SHA_digest(unsigned char *m, int len, unsigned char *digest);
......
......@@ -157,80 +157,13 @@ int circuit_init(circuit_t *circ, int aci_type) {
crypto_SHA_digest(digest2,20,digest1);
log(LOG_DEBUG,"circuit_init(): Computed keys.");
/* initialize crypto engines */
switch(circ->p_f)
{
case ONION_CIPHER_DES :
circ->p_crypto = crypto_new_cipher_env(CRYPTO_CIPHER_DES);
break;
case ONION_CIPHER_RC4 :
circ->p_crypto = crypto_new_cipher_env(CRYPTO_CIPHER_RC4);
break;
case ONION_CIPHER_IDENTITY :
circ->p_crypto = crypto_new_cipher_env(CRYPTO_CIPHER_IDENTITY);
break;
default :
log(LOG_ERR,"Onion contains unrecognized cipher(%u) for ACI : %u.",circ->p_f,circ->n_aci);
return -1;
break;
}
if (!circ->p_crypto) {
log(LOG_ERR,"Could not create a cryptographic environment.");
return -1;
}
if (crypto_cipher_set_iv(circ->p_crypto, iv) == -1) {
log(LOG_ERR,"Could not set the IV.");
crypto_free_cipher_env(circ->p_crypto);
return -1;
}
if (crypto_cipher_set_key(circ->p_crypto, digest2) == -1) {
log(LOG_ERR,"Could not set encryption key.");
crypto_free_cipher_env(circ->p_crypto);
return -1;
}
if (crypto_cipher_encrypt_init_cipher(circ->p_crypto)) /* crypto_cipher_init_cipher error */
{
if (!(circ->p_crypto = create_onion_cipher(circ->p_f,digest2,iv,1))) {
log(LOG_ERR,"Cipher initialization failed (ACI %u).",circ->n_aci);
crypto_free_cipher_env(circ->p_crypto);
return -1;
}
switch(circ->n_f)
{
case ONION_CIPHER_DES :
circ->n_crypto = crypto_new_cipher_env(CRYPTO_CIPHER_DES);
break;
case ONION_CIPHER_RC4 :
circ->n_crypto = crypto_new_cipher_env(CRYPTO_CIPHER_RC4);
break;
case ONION_CIPHER_IDENTITY :
circ->n_crypto = crypto_new_cipher_env(CRYPTO_CIPHER_IDENTITY);
break;
default :
log(LOG_ERR,"Onion contains unrecognized cipher(%u) for ACI : %u.",circ->n_f,circ->n_aci);
return -1;
break;
}
if (!circ->n_crypto) {
log(LOG_ERR,"Could not create a cryptographic environment.");
return -1;
}
if (crypto_cipher_set_iv(circ->n_crypto, iv) == -1) {
log(LOG_ERR,"Could not set the IV.");
crypto_free_cipher_env(circ->n_crypto);
return -1;
}
if (crypto_cipher_set_key(circ->n_crypto, digest1) == -1) {
log(LOG_ERR,"Could not set encryption key.");
crypto_free_cipher_env(circ->n_crypto);
return -1;
}
if (crypto_cipher_decrypt_init_cipher(circ->n_crypto)) /* crypto_cipher_init_cipher error */
{
if (!(circ->n_crypto = create_onion_cipher(circ->n_f, digest1, iv, 0))) {
log(LOG_ERR,"Cipher initialization failed (ACI %u).",circ->n_aci);
crypto_free_cipher_env(circ->n_crypto);
return -1;
}
......
......@@ -175,14 +175,32 @@ unsigned int *new_route(double cw, routerinfo_t **rarray, int rarray_len, int *r
return route;
}
crypto_cipher_env_t *
create_onion_cipher(int cipher_type, char *key, char *iv, int encrypt_mode)
{
switch (cipher_type) {
case ONION_CIPHER_DES:
cipher_type = CRYPTO_CIPHER_DES;
break;
case ONION_CIPHER_RC4 :
cipher_type = ONION_CIPHER_RC4;
break;
case ONION_CIPHER_IDENTITY :
cipher_type = CRYPTO_CIPHER_IDENTITY;
break;
default:
log(LOG_ERR, "Unknown cipher type %d", cipher_type);
return NULL;
}
return crypto_create_init_cipher(cipher_type, key, iv, encrypt_mode);
}
/* creates a new onion from route, stores it and its length into buf and len respectively */
unsigned char *create_onion(routerinfo_t **rarray, int rarray_len, unsigned int *route, int routelen, int *len, crypt_path_t **cpath)
{
int i,j;
int retval = 0;
onion_layer_t *layer = NULL;
crypt_path_t *hop = NULL;
unsigned char *retbuf = NULL;
unsigned char *buf;
routerinfo_t *router;
unsigned char iv[16];
......@@ -195,22 +213,19 @@ unsigned char *create_onion(routerinfo_t **rarray, int rarray_len, unsigned int
/* allocate memory for the onion */
buf = (unsigned char *)malloc(*len);
if (!buf)
{
if (!buf) {
log(LOG_ERR,"Error allocating memory.");
return NULL;
}
log(LOG_DEBUG,"create_onion() : Allocated memory for the onion.");
for (retval=0; retval<routelen;retval++)
{
log(LOG_DEBUG,"create_onion() : %u : %s:%u, %u/%u",routelen-retval,inet_ntoa(*((struct in_addr *)&((rarray[route[retval]])->addr))),(rarray[route[retval]])->or_port,(rarray[route[retval]])->pkey,crypto_pk_keysize((rarray[route[retval]])->pkey));
for (i=0; i<routelen;i++) {
log(LOG_DEBUG,"create_onion() : %u : %s:%u, %u/%u",routelen-i,inet_ntoa(*((struct in_addr *)&((rarray[route[i]])->addr))),(rarray[route[i]])->or_port,(rarray[route[i]])->pkey,crypto_pk_keysize((rarray[route[i]])->pkey));
}
layer = (onion_layer_t *)(buf + *len - 128); /* pointer to innermost layer */
/* create the onion layer by layer, starting with the innermost */
for (i=0;i<routelen;i++)
{
for (i=0;i<routelen;i++) {
router = rarray[route[i]];
log(LOG_DEBUG,"create_onion() : %u",router);
......@@ -238,23 +253,10 @@ unsigned char *create_onion(routerinfo_t **rarray, int rarray_len, unsigned int
/* Expiration Time */
layer->expire = time(NULL) + 3600; /* NOW + 1 hour */
/* Key Seed Material */
retval = crypto_rand(16, layer->keyseed);
if (retval) /* error */
if (crypto_rand(16, layer->keyseed)) /* error */
{
log(LOG_ERR,"Error generating random data.");
free((void *)buf);
if (cpath)
{
for (j=0;j<i;j++) {
if (cpath[i]->f_crypto)
crypto_free_cipher_env(cpath[i]->f_crypto);
if (cpath[i]->b_crypto)
crypto_free_cipher_env(cpath[i]->b_crypto);
free((void *)cpath[i]);
}
}
return NULL;
goto error;
}
log(LOG_DEBUG,"create_onion() : Onion layer %u built : %u, %u, %u, %s, %u.",i+1,layer->zero,layer->backf,layer->forwf,inet_ntoa(*((struct in_addr *)&layer->addr)),layer->port);
......@@ -262,18 +264,9 @@ unsigned char *create_onion(routerinfo_t **rarray, int rarray_len, unsigned int
if (cpath)
{
cpath[i] = (crypt_path_t *)malloc(sizeof(crypt_path_t));
if (!cpath[i])
{
if (!cpath[i]) {
log(LOG_ERR,"Error allocating memory.");
free((void *)buf);
for (j=0;j<i;j++) {
if (cpath[i]->f_crypto)
crypto_free_cipher_env(cpath[i]->f_crypto);
if (cpath[i]->b_crypto)
crypto_free_cipher_env(cpath[i]->b_crypto);
free((void *)cpath[i]);
}
goto error;
}
log(LOG_DEBUG,"create_onion() : Building hop %u of crypt path.",i+1);
......@@ -294,143 +287,35 @@ unsigned char *create_onion(routerinfo_t **rarray, int rarray_len, unsigned int
memset((void *)iv,0,16);
/* initialize cipher engines */
switch(layer->forwf)
{
case ONION_CIPHER_DES :
hop->f_crypto = crypto_new_cipher_env(CRYPTO_CIPHER_DES);
break;
case ONION_CIPHER_RC4 :
hop->f_crypto = crypto_new_cipher_env(CRYPTO_CIPHER_RC4);
break;
case ONION_CIPHER_IDENTITY :
hop->f_crypto = crypto_new_cipher_env(CRYPTO_CIPHER_IDENTITY);
break;
}
if (!hop->f_crypto) /* cipher initialization failed */
{
if (! (hop->f_crypto = create_onion_cipher(hop->forwf, hop->digest3, iv, 1))) {
/* cipher initialization failed */
log(LOG_ERR,"Could not create a crypto environment.");
free((void *)buf);
for (j=0;j<i;j++) {
if (cpath[i]->f_crypto)
crypto_free_cipher_env(cpath[i]->f_crypto);
if (cpath[i]->b_crypto)
crypto_free_cipher_env(cpath[i]->b_crypto);
free((void *)cpath[i]);
}
return NULL;
}
/* set the key and IV */
if (crypto_cipher_set_key(hop->f_crypto, hop->digest3) ||
crypto_cipher_set_iv(hop->f_crypto, iv)) {
log(LOG_ERR,"Could not initialize the crypto engine.");
free((void *)buf);
for (j=0;j<i;j++) {
if (cpath[i]->f_crypto)
crypto_free_cipher_env(cpath[i]->f_crypto);
if (cpath[i]->b_crypto)
crypto_free_cipher_env(cpath[i]->b_crypto);
free((void *)cpath[i]);
}
return NULL;
goto error;
}
switch(layer->backf)
{
case ONION_CIPHER_DES :
hop->b_crypto = crypto_new_cipher_env(CRYPTO_CIPHER_DES);
break;
case ONION_CIPHER_RC4 :
hop->b_crypto = crypto_new_cipher_env(CRYPTO_CIPHER_RC4);
break;
case ONION_CIPHER_IDENTITY :
hop->b_crypto = crypto_new_cipher_env(CRYPTO_CIPHER_IDENTITY);
break;
}
if (!hop->b_crypto) /* cipher initialization failed */
{
if (! (hop->b_crypto = create_onion_cipher(hop->backf, hop->digest2, iv, 0))) {
/* cipher initialization failed */
log(LOG_ERR,"Could not create a crypto environment.");
free((void *)buf);
for (j=0;j<i;j++) {
if (cpath[i]->f_crypto)
crypto_free_cipher_env(cpath[i]->f_crypto);
if (cpath[i]->b_crypto)
crypto_free_cipher_env(cpath[i]->b_crypto);
free((void *)cpath[i]);
}
return NULL;
}
/* set the key and IV */
if (crypto_cipher_set_key(hop->b_crypto, hop->digest2) ||
crypto_cipher_set_iv(hop->b_crypto, iv)) {
log(LOG_ERR,"Could not initialize the crypto engine.");
free((void *)buf);
for (j=0;j<i;j++) {
if (cpath[i]->f_crypto)
crypto_free_cipher_env(cpath[i]->f_crypto);
if (cpath[i]->b_crypto)
crypto_free_cipher_env(cpath[i]->b_crypto);
free((void *)cpath[i]);
}
return NULL;
}
/* initialize */
if (crypto_cipher_encrypt_init_cipher(hop->f_crypto) || crypto_cipher_decrypt_init_cipher(hop->b_crypto)) {
log(LOG_ERR,"Could not initialize the crypto engine.");
free((void *)buf);
for (j=0;j<i;j++) {
if (cpath[i]->f_crypto)
crypto_free_cipher_env(cpath[i]->f_crypto);
if (cpath[i]->b_crypto)
crypto_free_cipher_env(cpath[i]->b_crypto);
free((void *)cpath[i]);
}
return NULL;
goto error;
}
log(LOG_DEBUG,"create_onion() : Built corresponding crypt path hop.");
}
/* padding if this is the innermost layer */
if (!i)
{
retval=crypto_pseudo_rand(100, (unsigned char *)layer + 28);
if (retval) /* error */
{
if (!i) {
if (crypto_pseudo_rand(100, (unsigned char *)layer + 28)) { /* error */
log(LOG_ERR,"Error generating pseudo-random data.");
free((void *)buf);
if (cpath)
{
for (j=0;j<i;j++) {
if (cpath[i]->f_crypto)
crypto_free_cipher_env(cpath[i]->f_crypto);
if (cpath[i]->b_crypto)
crypto_free_cipher_env(cpath[i]->b_crypto);
free((void *)cpath[i]);
}
}
return NULL;
goto error;
}
log(LOG_DEBUG,"create_onion() : This is the innermost layer. Adding 100 bytes of padding.");
}
/* encrypt */
retbuf = encrypt_onion(layer,128+(i*28),router->pkey);
if (!retbuf)
{
if (! encrypt_onion(layer,128+(i*28),router->pkey)) {
log(LOG_ERR,"Error encrypting onion layer.");
free((void *)buf);
if (cpath)
{
for (j=0;j<i;j++) {
if (cpath[i]->f_crypto)
crypto_free_cipher_env(cpath[i]->f_crypto);
if (cpath[i]->b_crypto)
crypto_free_cipher_env(cpath[i]->b_crypto);
free((void *)cpath[i]);
}
}
return NULL;
goto error;
}
log(LOG_DEBUG,"create_onion() : Encrypted layer.");
......@@ -439,6 +324,19 @@ unsigned char *create_onion(routerinfo_t **rarray, int rarray_len, unsigned int
}
return buf;
error:
if (buf)
free((void *)buf);
if (cpath) {
for (j=0;j<i;j++) {
if (cpath[i]->f_crypto)
crypto_free_cipher_env(cpath[i]->f_crypto);
if (cpath[i]->b_crypto)
crypto_free_cipher_env(cpath[i]->b_crypto);
free((void *)cpath[i]);
}
}
return NULL;
}
/* encrypts 128 bytes of the onion with the specified public key, the rest with
......@@ -448,9 +346,8 @@ unsigned char *encrypt_onion(onion_layer_t *onion, uint32_t onionlen, crypto_pk_
unsigned char *tmpbuf = NULL; /* temporary buffer for crypto operations */
unsigned char digest[20]; /* stores SHA1 output - 160 bits */
unsigned char iv[8];
int retval = 0;
crypto_cipher_env_t *crypt_env; /* crypto environment */
crypto_cipher_env_t *crypt_env = NULL; /* crypto environment */
if ( (onion) && (pkey) ) /* valid parameters */
{
......@@ -470,68 +367,49 @@ unsigned char *encrypt_onion(onion_layer_t *onion, uint32_t onionlen, crypto_pk_
if (crypto_SHA_digest(((onion_layer_t *)onion)->keyseed,16,digest))
{
log(LOG_ERR,"Error computing SHA1 digest.");
free((void *)tmpbuf);
return NULL;
goto error;
}
log(LOG_DEBUG,"encrypt_onion() : Computed DES key.");
log(LOG_DEBUG,"encrypt_onion() : Trying to RSA encrypt.");
/* encrypt 128 bytes with RSA *pkey */
retval = crypto_pk_public_encrypt(pkey, (unsigned char *)onion, 128, tmpbuf, RSA_NO_PADDING);
if (retval == -1)
{
if (crypto_pk_public_encrypt(pkey, (unsigned char *)onion, 128, tmpbuf, RSA_NO_PADDING) == -1) {
log(LOG_ERR,"Error RSA-encrypting data :%s",crypto_perror());
free((void *)tmpbuf);
return NULL;
goto error;
}
log(LOG_DEBUG,"encrypt_onion() : RSA encrypted first 128 bytes of the onion.");
/* now encrypt the rest with DES OFB */
crypt_env = crypto_new_cipher_env(CRYPTO_CIPHER_DES);
crypt_env = crypto_create_init_cipher(CRYPTO_CIPHER_DES, digest, iv, 1);
if (!crypt_env)
{
log(LOG_ERR,"Error creating the crypto environment.");
free((void *)tmpbuf);
return NULL;
}
if (crypto_cipher_set_key(crypt_env, digest)) /* error */
{
log(LOG_ERR,"Error initializing DES engine:%s",crypto_perror());
free((void *)tmpbuf);
return NULL;
}
if (crypto_cipher_set_iv(crypt_env, iv))
{
log(LOG_ERR,"Error initializing DES engine:%s",crypto_perror());
free((void *)tmpbuf);
return NULL;
}
if (crypto_cipher_encrypt_init_cipher(crypt_env)) {
log(LOG_ERR,"Error initializing DES engine:%s",crypto_perror());
free((void *)tmpbuf);
return NULL;
goto error;
}
retval = crypto_cipher_encrypt(crypt_env,(unsigned char *)onion+128, onionlen-128, (unsigned char *)tmpbuf+128);
if (retval) /* error */
{
if (crypto_cipher_encrypt(crypt_env,(unsigned char *)onion+128, onionlen-128, (unsigned char *)tmpbuf+128)) { /* error */
log(LOG_ERR,"Error performing DES encryption:%s",crypto_perror());
free((void *)tmpbuf);
return NULL;
goto error;
}
log(LOG_DEBUG,"encrypt_onion() : DES OFB encrypted the rest of the onion.");
crypto_free_cipher_env(crypt_env);
/* now copy tmpbuf to onion */
memcpy((void *)onion,(void *)tmpbuf,onionlen);
log(LOG_DEBUG,"encrypt_onion() : Copied cipher to original onion buffer.");
free((void *)tmpbuf);
crypto_free_cipher_env(crypt_env);
return (unsigned char *)onion;
} /* valid parameters */
else
return NULL;
error:
if (tmpbuf)
free((void *)tmpbuf);
if (crypt_env)
crypto_free_cipher_env(crypt_env);
return NULL;
}
/* decrypts the first 128 bytes using RSA and prkey, decrypts the rest with DES OFB with key1 */
......@@ -540,87 +418,65 @@ unsigned char *decrypt_onion(onion_layer_t *onion, uint32_t onionlen, crypto_pk_
void *tmpbuf = NULL; /* temporary buffer for crypto operations */
unsigned char digest[20]; /* stores SHA1 output - 160 bits */
unsigned char iv[8];
int retval = 0;
crypto_cipher_env_t *crypt_env; /* crypto environment */
crypto_cipher_env_t *crypt_env =NULL; /* crypto environment */
if ( (onion) && (prkey) ) /* valid parameters */
{
if ( (onion) && (prkey) ) { /* valid parameters */
memset((void *)iv,0,8);
/* allocate space for tmpbuf */
tmpbuf = malloc(onionlen);
if (!tmpbuf)
{
if (!tmpbuf) {
log(LOG_ERR,"Could not allocate memory.");
return NULL;
}
log(LOG_DEBUG,"decrypt_onion() : Allocated memory for the temporary buffer.");
/* decrypt 128 bytes with RSA *prkey */
retval = crypto_pk_private_decrypt(prkey, (unsigned char*)onion, 128, (unsigned char *)tmpbuf, RSA_NO_PADDING);
if (retval == -1)
if (crypto_pk_private_decrypt(prkey, (unsigned char*)onion, 128, (unsigned char *)tmpbuf, RSA_NO_PADDING) == -1)
{
log(LOG_ERR,"Error RSA-decrypting data :%s",crypto_perror());
free((void *)tmpbuf);
return NULL;
goto error;
}
log(LOG_DEBUG,"decrypt_onion() : RSA decryption complete.");
/* get key1 = SHA1(KeySeed) */
retval = crypto_SHA_digest(((onion_layer_t *)tmpbuf)->keyseed,16,digest);
if (retval)
if (crypto_SHA_digest(((onion_layer_t *)tmpbuf)->keyseed,16,digest))
{
log(LOG_ERR,"Error computing SHA1 digest.");
free((void *)tmpbuf);
return NULL;
goto error;
}
log(LOG_DEBUG,"decrypt_onion() : Computed DES key.");
/* now decrypt the rest with DES OFB */
crypt_env = crypto_new_cipher_env(CRYPTO_CIPHER_DES);
if (!crypt_env)
{
log(LOG_ERR,"Error creating the crypto environment.");
free((void *)tmpbuf);
return NULL;
crypt_env = crypto_create_init_cipher(CRYPTO_CIPHER_DES, digest, iv, 0);
if (!crypt_env) {
log(LOG_ERR,"Error creating crypto environment");
goto error;
}
if (crypto_cipher_set_key(crypt_env, digest)) /* error */
{
log(LOG_ERR,"Error initializing DES engine:%s",crypto_perror());
free((void *)tmpbuf);
return NULL;
}
if (crypto_cipher_set_iv(crypt_env, iv))
{
log(LOG_ERR,"Error initializing DES engine:%s",crypto_perror());
free((void *)tmpbuf);
return NULL;
}
if (crypto_cipher_decrypt_init_cipher(crypt_env)) {
log(LOG_ERR,"Error initializing DES engine:%s",crypto_perror());
free((void *)tmpbuf);
return NULL;
}
retval = crypto_cipher_decrypt(crypt_env,(unsigned char *)onion+128, onionlen-128,(unsigned char *)tmpbuf+128);
if (retval) /* error */
{
if (crypto_cipher_decrypt(crypt_env,(unsigned char *)onion+128, onionlen-128,(unsigned char *)tmpbuf+128)) {
log(LOG_ERR,"Error performing DES decryption:%s",crypto_perror());
free((void *)tmpbuf);
return NULL;
goto error;
}
crypto_free_cipher_env(crypt_env);
log(LOG_DEBUG,"decrypt_onion() : DES decryption complete.");
/* now copy tmpbuf to onion */