This function was a wrapper around RSA_check_key() in openssl, which
checks for invalid RSA private keys (like those where p or q are
composite, or where d is not the inverse of e, or where n != p*q).
We don't need a function like this in NSS, since unlike OpenSSL, NSS
won't let you import a bogus private key.

I've renamed the function and changed its return type to make it
more reasonable, and added a unit test for trying to read a key
where n != p*q.

We used to link both libraries at once, but now that I'm working on
TLS, there's nothing left to keep OpenSSL around for when NSS is
enabled.

Note that this patch causes a couple of places that still assumed
OpenSSL to be disabled when NSS is enabled
   - tor-gencert
   - pbkdf2

This cleans up a lot of junk from crypto_rsa_openssl, and will
save us duplicated code in crypto_rsa_nss (when it exists).

(Actually, it already exists, but I am going to use git rebase so
that this commit precedes the creation of crypto_rsa_nss.)

It is not nice to expose a private key's contents without having the
function name advertise the fact.  Fortunately, we weren't misusing
these yet.

Notably, there's a test to make sure that it round-trips with
OpenSSL, if OpenSSL is enabled.

These are now part of crypto_init.c.  The openssl-only parts now
live in crypto_openssl_mgt.c.

I recommend reviewing this patch with -b and --color-moved.

I am very glad to have written this script.

Inline its contents (which were all includes) into or.h, and some of
its contents into other places that didn't include or.h at all.

Casting before printf was necessary; now it's not so smart.

We don't have SIZEOF_UINT8_T any more.

or.h should really include only the minimum of stuff from or/*,
common/*, and lib/*.

Also, stop supporting empty HKDF input key material

These tests would report errors, but wouldn't report the offending
strings.

 * ADD new /src/common/crypto_rand.[ch] module.
 * ADD new /src/common/crypto_util.[ch] module (contains the memwipe()
   function, since all crypto_* modules need this).
 * FIXES part of #24658: https://bugs.torproject.org/24658

Most of these buffers were never actually inspected, but it's still
bad style.

Alexander Færøy authored Jun 05, 2017 and Nick Mathewson committed Aug 24, 2017

This patch fixes the operator usage in src/test/*.c to use the symbolic
operators instead of the normal C comparison operators.

This patch was generated using:

    ./scripts/coccinelle/test-operator-cleanup src/test/*.[ch]

We need to keep these around for TAP and old-style hidden services,
but they're obsolete, and we shouldn't encourage anyone to use them.
So I've added "obsolete" to their names, and a comment explaining
what the problem is.

Closes ticket 23026.

Test base64_decode() with odd sized decoded lengths, including
unpadded encodings and padded encodings with "right-sized" output
buffers.  Convert calls to base64_decode_nopad() to base64_decode()
because base64_decode_nopad() is redundant.

Create a new test_crypto_openssl to test openssl-only crypto.c
functionality.

David Goulet authored Dec 12, 2016 and Nick Mathewson committed Dec 14, 2016

Signed-off-by: David Goulet <dgoulet@torproject.org>

(This will be used by prop224)

Previously, the IV and key were stored in the structure, even though
they mostly weren't needed.  The only purpose they had was to
support a seldom-used API where you could pass NULL when creating
a cipher in order to get a random key/IV, and then pull that key/IV
back out.

This saves 32 bytes per AES instance, and makes it easier to support
different key lengths.

The point of diminishing returns has been reached.