diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c
index 30504e4edba80bdf4d5fe378614a3648565c57a2..b9d1b95c2ae947f2cbfe88818cd59dc27abea200 100644
--- a/src/core/mainloop/connection.c
+++ b/src/core/mainloop/connection.c
@@ -1654,7 +1654,7 @@ check_sockaddr(const struct sockaddr *sa, int len, int level)
len,(int)sizeof(struct sockaddr_in6));
ok = 0;
}
- if (tor_mem_is_zero((void*)sin6->sin6_addr.s6_addr, 16) ||
+ if (fast_mem_is_zero((void*)sin6->sin6_addr.s6_addr, 16) ||
sin6->sin6_port == 0) {
log_fn(level, LD_NET,
"Address for new connection has address/port equal to zero.");
diff --git a/src/core/or/channeltls.c b/src/core/or/channeltls.c
index f552b207705430a4694488d1114e773f5fac8f8d..772f583f2e1610de8b830a7bad1f1e2230966d18 100644
--- a/src/core/or/channeltls.c
+++ b/src/core/or/channeltls.c
@@ -1722,7 +1722,7 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan)
tor_assert(tor_digest_is_zero(
(const char*)(chan->conn->handshake_state->
authenticated_rsa_peer_id)));
- tor_assert(tor_mem_is_zero(
+ tor_assert(fast_mem_is_zero(
(const char*)(chan->conn->handshake_state->
authenticated_ed25519_peer_id.pubkey), 32));
/* If the client never authenticated, it's a tor client or bridge
diff --git a/src/core/or/circuitbuild.c b/src/core/or/circuitbuild.c
index cfe0a97bcf39c3b323f6fd86adfef43e972c4314..ececd8377879a131609706e0e4c72db1097b5b2c 100644
--- a/src/core/or/circuitbuild.c
+++ b/src/core/or/circuitbuild.c
@@ -2989,7 +2989,7 @@ extend_info_supports_ntor(const extend_info_t* ei)
{
tor_assert(ei);
/* Valid ntor keys have at least one non-zero byte */
- return !tor_mem_is_zero(
+ return !fast_mem_is_zero(
(const char*)ei->curve25519_onion_key.public_key,
CURVE25519_PUBKEY_LEN);
}
diff --git a/src/feature/client/bridges.c b/src/feature/client/bridges.c
index ea1aff9519bd5d853b7ffae57f48feba8dbe9883..f517876609d084922b5f4f3d2d5aec1ed6d99d2f 100644
--- a/src/feature/client/bridges.c
+++ b/src/feature/client/bridges.c
@@ -348,7 +348,7 @@ int
node_is_a_configured_bridge(const node_t *node)
{
/* First, let's try searching for a bridge with matching identity. */
- if (BUG(tor_mem_is_zero(node->identity, DIGEST_LEN)))
+ if (BUG(fast_mem_is_zero(node->identity, DIGEST_LEN)))
return 0;
if (find_bridge_by_digest(node->identity) != NULL)
diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c
index 1f861d24174cca3a83e6405563226992c494be87..a02933b298e045238ae9e6f1eb28c2e15bb8d60c 100644
--- a/src/feature/dirauth/dirvote.c
+++ b/src/feature/dirauth/dirvote.c
@@ -2599,7 +2599,7 @@ networkstatus_add_detached_signatures(networkstatus_t *target,
return -1;
}
for (alg = DIGEST_SHA1; alg < N_COMMON_DIGEST_ALGORITHMS; ++alg) {
- if (!tor_mem_is_zero(digests->d[alg], DIGEST256_LEN)) {
+ if (!fast_mem_is_zero(digests->d[alg], DIGEST256_LEN)) {
if (fast_memeq(target->digests.d[alg], digests->d[alg],
DIGEST256_LEN)) {
++n_matches;
@@ -2795,7 +2795,7 @@ networkstatus_get_detached_signatures(smartlist_t *consensuses)
char d[HEX_DIGEST256_LEN+1];
const char *alg_name =
crypto_digest_algorithm_get_name(alg);
- if (tor_mem_is_zero(ns->digests.d[alg], DIGEST256_LEN))
+ if (fast_mem_is_zero(ns->digests.d[alg], DIGEST256_LEN))
continue;
base16_encode(d, sizeof(d), ns->digests.d[alg], DIGEST256_LEN);
smartlist_add_asprintf(elements, "additional-digest %s %s %s\n",
diff --git a/src/feature/dirauth/dsigs_parse.c b/src/feature/dirauth/dsigs_parse.c
index d88176fee9d2712e407be3d0bbe9a2ba8de03500..c5c8e188666618ff653c82819f7dc893170fe240 100644
--- a/src/feature/dirauth/dsigs_parse.c
+++ b/src/feature/dirauth/dsigs_parse.c
@@ -127,7 +127,7 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
}
digests = detached_get_digests(sigs, flavor);
tor_assert(digests);
- if (!tor_mem_is_zero(digests->d[alg], digest_length)) {
+ if (!fast_mem_is_zero(digests->d[alg], digest_length)) {
log_warn(LD_DIR, "Multiple digests for %s with %s on detached "
"signatures document", flavor, algname);
continue;
diff --git a/src/feature/dirauth/shared_random.c b/src/feature/dirauth/shared_random.c
index 137c49800f163e46463203ef3944357e3aae72cc..5ccf1a95e58ed077579ea017543da450f9f6f918 100644
--- a/src/feature/dirauth/shared_random.c
+++ b/src/feature/dirauth/shared_random.c
@@ -224,7 +224,7 @@ verify_commit_and_reveal(const sr_commit_t *commit)
STATIC int
commit_has_reveal_value(const sr_commit_t *commit)
{
- return !tor_mem_is_zero(commit->encoded_reveal,
+ return !fast_mem_is_zero(commit->encoded_reveal,
sizeof(commit->encoded_reveal));
}
@@ -486,7 +486,7 @@ get_vote_line_from_commit(const sr_commit_t *commit, sr_phase_t phase)
{
/* Send a reveal value for this commit if we have one. */
const char *reveal_str = commit->encoded_reveal;
- if (tor_mem_is_zero(commit->encoded_reveal,
+ if (fast_mem_is_zero(commit->encoded_reveal,
sizeof(commit->encoded_reveal))) {
reveal_str = "";
}
diff --git a/src/feature/dirauth/shared_random_state.c b/src/feature/dirauth/shared_random_state.c
index a7b7480eddc26bdd02f4f9687f52eee54bde24b6..9a045b283d25a8ecc36e88c24a8e6740b1c41d91 100644
--- a/src/feature/dirauth/shared_random_state.c
+++ b/src/feature/dirauth/shared_random_state.c
@@ -538,7 +538,7 @@ disk_state_put_commit_line(const sr_commit_t *commit, config_line_t *line)
tor_assert(commit);
tor_assert(line);
- if (!tor_mem_is_zero(commit->encoded_reveal,
+ if (!fast_mem_is_zero(commit->encoded_reveal,
sizeof(commit->encoded_reveal))) {
/* Add extra whitespace so we can format the line correctly. */
tor_asprintf(&reveal_str, " %s", commit->encoded_reveal);
diff --git a/src/feature/dirclient/dirclient.c b/src/feature/dirclient/dirclient.c
index 0b79b07799099b680ef2f27a66a9a5d1d21be5ce..1ea50fd35025e88029f5fe5dd793862735f16918 100644
--- a/src/feature/dirclient/dirclient.c
+++ b/src/feature/dirclient/dirclient.c
@@ -2531,7 +2531,7 @@ handle_response_fetch_microdesc(dir_connection_t *conn,
conn->base_.port);
tor_assert(conn->requested_resource &&
!strcmpstart(conn->requested_resource, "d/"));
- tor_assert_nonfatal(!tor_mem_is_zero(conn->identity_digest, DIGEST_LEN));
+ tor_assert_nonfatal(!fast_mem_is_zero(conn->identity_digest, DIGEST_LEN));
which = smartlist_new();
dir_split_resource_into_fingerprints(conn->requested_resource+2,
which, NULL,
diff --git a/src/feature/dircommon/voting_schedule.c b/src/feature/dircommon/voting_schedule.c
index 0a7476eda78d0de90ffa5421513734db4eff0132..5576ec69f70b75e0435ec42f19c42e33f50604f1 100644
--- a/src/feature/dircommon/voting_schedule.c
+++ b/src/feature/dircommon/voting_schedule.c
@@ -150,7 +150,7 @@ voting_schedule_get_next_valid_after_time(void)
/* This is a safe guard in order to make sure that the voting schedule
* static object is at least initialized. Using this function with a zeroed
* voting schedule can lead to bugs. */
- if (tor_mem_is_zero((const char *) &voting_schedule,
+ if (fast_mem_is_zero((const char *) &voting_schedule,
sizeof(voting_schedule))) {
need_to_recalculate_voting_schedule = true;
goto done; /* no need for next check if we have to recalculate anyway */
diff --git a/src/feature/dirparse/ns_parse.c b/src/feature/dirparse/ns_parse.c
index d653a59826e5204fa8acb9eb984abc48a9ccd08b..d5405e64640e15b387f9e99e8aefaaf1176a232b 100644
--- a/src/feature/dirparse/ns_parse.c
+++ b/src/feature/dirparse/ns_parse.c
@@ -1478,7 +1478,7 @@ networkstatus_parse_vote_from_string(const char *s,
SMARTLIST_FOREACH_BEGIN(ns->routerstatus_list, vote_routerstatus_t *,
vrs) {
if (! vrs->has_ed25519_listing ||
- tor_mem_is_zero((const char *)vrs->ed25519_id, DIGEST256_LEN))
+ fast_mem_is_zero((const char *)vrs->ed25519_id, DIGEST256_LEN))
continue;
if (digest256map_get(ed_id_map, vrs->ed25519_id) != NULL) {
log_warn(LD_DIR, "Vote networkstatus ed25519 identities were not "
diff --git a/src/feature/hs/hs_common.c b/src/feature/hs/hs_common.c
index d4736c2862e454dec9046b1a51b7515c4c29cbb3..1e4f6d9166a9119e312bd6b52ce59a84cb553f17 100644
--- a/src/feature/hs/hs_common.c
+++ b/src/feature/hs/hs_common.c
@@ -1025,7 +1025,7 @@ hs_build_blinded_pubkey(const ed25519_public_key_t *pk,
tor_assert(pk);
tor_assert(blinded_pk_out);
- tor_assert(!tor_mem_is_zero((char *) pk, ED25519_PUBKEY_LEN));
+ tor_assert(!fast_mem_is_zero((char *) pk, ED25519_PUBKEY_LEN));
build_blinded_key_param(pk, secret, secret_len,
time_period_num, get_time_period_length(), param);
@@ -1050,8 +1050,8 @@ hs_build_blinded_keypair(const ed25519_keypair_t *kp,
tor_assert(kp);
tor_assert(blinded_kp_out);
/* Extra safety. A zeroed key is bad. */
- tor_assert(!tor_mem_is_zero((char *) &kp->pubkey, ED25519_PUBKEY_LEN));
- tor_assert(!tor_mem_is_zero((char *) &kp->seckey, ED25519_SECKEY_LEN));
+ tor_assert(!fast_mem_is_zero((char *) &kp->pubkey, ED25519_PUBKEY_LEN));
+ tor_assert(!fast_mem_is_zero((char *) &kp->seckey, ED25519_SECKEY_LEN));
build_blinded_key_param(&kp->pubkey, secret, secret_len,
time_period_num, get_time_period_length(), param);
@@ -1283,15 +1283,15 @@ node_has_hsdir_index(const node_t *node)
/* At this point, since the node has a desc, this node must also have an
* hsdir index. If not, something went wrong, so BUG out. */
- if (BUG(tor_mem_is_zero((const char*)node->hsdir_index.fetch,
+ if (BUG(fast_mem_is_zero((const char*)node->hsdir_index.fetch,
DIGEST256_LEN))) {
return 0;
}
- if (BUG(tor_mem_is_zero((const char*)node->hsdir_index.store_first,
+ if (BUG(fast_mem_is_zero((const char*)node->hsdir_index.store_first,
DIGEST256_LEN))) {
return 0;
}
- if (BUG(tor_mem_is_zero((const char*)node->hsdir_index.store_second,
+ if (BUG(fast_mem_is_zero((const char*)node->hsdir_index.store_second,
DIGEST256_LEN))) {
return 0;
}
diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index b526da66612abdd316d9db9c2119a71b91f1afd4..52dc8690c39fb2f61fa1a893912f93331c921549 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -678,7 +678,7 @@ get_auth_client_str(const hs_desc_authorized_client_t *client)
char encrypted_cookie_b64[HS_DESC_ENCRYPED_COOKIE_LEN * 2];
#define ASSERT_AND_BASE64(field) STMT_BEGIN \
- tor_assert(!tor_mem_is_zero((char *) client->field, \
+ tor_assert(!fast_mem_is_zero((char *) client->field, \
sizeof(client->field))); \
ret = base64_encode_nopad(field##_b64, sizeof(field##_b64), \
client->field, sizeof(client->field)); \
@@ -809,7 +809,7 @@ get_outer_encrypted_layer_plaintext(const hs_descriptor_t *desc,
const curve25519_public_key_t *ephemeral_pubkey;
ephemeral_pubkey = &desc->superencrypted_data.auth_ephemeral_pubkey;
- tor_assert(!tor_mem_is_zero((char *) ephemeral_pubkey->public_key,
+ tor_assert(!fast_mem_is_zero((char *) ephemeral_pubkey->public_key,
CURVE25519_PUBKEY_LEN));
curve25519_public_to_base64(ephemeral_key_base64, ephemeral_pubkey);
@@ -1421,12 +1421,12 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
tor_assert(desc);
tor_assert(client);
tor_assert(client_auth_sk);
- tor_assert(!tor_mem_is_zero(
+ tor_assert(!fast_mem_is_zero(
(char *) &desc->superencrypted_data.auth_ephemeral_pubkey,
sizeof(desc->superencrypted_data.auth_ephemeral_pubkey)));
- tor_assert(!tor_mem_is_zero((char *) client_auth_sk,
+ tor_assert(!fast_mem_is_zero((char *) client_auth_sk,
sizeof(*client_auth_sk)));
- tor_assert(!tor_mem_is_zero((char *) desc->subcredential, DIGEST256_LEN));
+ tor_assert(!fast_mem_is_zero((char *) desc->subcredential, DIGEST256_LEN));
/* Get the KEYS component to derive the CLIENT-ID and COOKIE-KEY. */
keystream_length =
@@ -2571,7 +2571,7 @@ hs_desc_decode_descriptor(const char *encoded,
/* Subcredentials are not optional. */
if (BUG(!subcredential ||
- tor_mem_is_zero((char*)subcredential, DIGEST256_LEN))) {
+ fast_mem_is_zero((char*)subcredential, DIGEST256_LEN))) {
log_warn(LD_GENERAL, "Tried to decrypt without subcred. Impossible!");
goto err;
}
@@ -2884,13 +2884,13 @@ hs_desc_build_authorized_client(const uint8_t *subcredential,
tor_assert(descriptor_cookie);
tor_assert(client_out);
tor_assert(subcredential);
- tor_assert(!tor_mem_is_zero((char *) auth_ephemeral_sk,
+ tor_assert(!fast_mem_is_zero((char *) auth_ephemeral_sk,
sizeof(*auth_ephemeral_sk)));
- tor_assert(!tor_mem_is_zero((char *) client_auth_pk,
+ tor_assert(!fast_mem_is_zero((char *) client_auth_pk,
sizeof(*client_auth_pk)));
- tor_assert(!tor_mem_is_zero((char *) descriptor_cookie,
+ tor_assert(!fast_mem_is_zero((char *) descriptor_cookie,
HS_DESC_DESCRIPTOR_COOKIE_LEN));
- tor_assert(!tor_mem_is_zero((char *) subcredential,
+ tor_assert(!fast_mem_is_zero((char *) subcredential,
DIGEST256_LEN));
/* Get the KEYS part so we can derive the CLIENT-ID and COOKIE-KEY. */
diff --git a/src/feature/hs/hs_intropoint.c b/src/feature/hs/hs_intropoint.c
index c9cd3a0419ee5677ed7fa86c61257a1132ae77ae..a568014a6d45cae36283e6f1cb29eac9c9dce0c2 100644
--- a/src/feature/hs/hs_intropoint.c
+++ b/src/feature/hs/hs_intropoint.c
@@ -392,7 +392,7 @@ validate_introduce1_parsed_cell(const trn_cell_introduce1_t *cell)
* safety net here. The legacy ID must be zeroes in this case. */
legacy_key_id_len = trn_cell_introduce1_getlen_legacy_key_id(cell);
legacy_key_id = trn_cell_introduce1_getconstarray_legacy_key_id(cell);
- if (BUG(!tor_mem_is_zero((char *) legacy_key_id, legacy_key_id_len))) {
+ if (BUG(!fast_mem_is_zero((char *) legacy_key_id, legacy_key_id_len))) {
goto invalid;
}
@@ -517,7 +517,7 @@ introduce1_cell_is_legacy(const uint8_t *request)
/* If the first 20 bytes of the cell (DIGEST_LEN) are NOT zeroes, it
* indicates a legacy cell (v2). */
- if (!tor_mem_is_zero((const char *) request, DIGEST_LEN)) {
+ if (!fast_mem_is_zero((const char *) request, DIGEST_LEN)) {
/* Legacy cell. */
return 1;
}
diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index e3d0043460e1b89c7c8b24f8cd189744a83119cb..0e145524a1e47f3e70f650892f52645680ee48dd 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -1746,7 +1746,7 @@ build_service_desc_superencrypted(const hs_service_t *service,
sizeof(curve25519_public_key_t));
/* Test that subcred is not zero because we might use it below */
- if (BUG(tor_mem_is_zero((char*)desc->desc->subcredential, DIGEST256_LEN))) {
+ if (BUG(fast_mem_is_zero((char*)desc->desc->subcredential, DIGEST256_LEN))) {
return -1;
}
@@ -1812,9 +1812,9 @@ build_service_desc_plaintext(const hs_service_t *service,
tor_assert(service);
tor_assert(desc);
- tor_assert(!tor_mem_is_zero((char *) &desc->blinded_kp,
+ tor_assert(!fast_mem_is_zero((char *) &desc->blinded_kp,
sizeof(desc->blinded_kp)));
- tor_assert(!tor_mem_is_zero((char *) &desc->signing_kp,
+ tor_assert(!fast_mem_is_zero((char *) &desc->signing_kp,
sizeof(desc->signing_kp)));
/* Set the subcredential. */
@@ -1864,7 +1864,7 @@ build_service_desc_keys(const hs_service_t *service,
ed25519_keypair_t kp;
tor_assert(desc);
- tor_assert(!tor_mem_is_zero((char *) &service->keys.identity_pk,
+ tor_assert(!fast_mem_is_zero((char *) &service->keys.identity_pk,
ED25519_PUBKEY_LEN));
/* XXX: Support offline key feature (#18098). */
diff --git a/src/feature/nodelist/fmt_routerstatus.c b/src/feature/nodelist/fmt_routerstatus.c
index 8c9212e05c0565840c8fdaa3794b49461ce1012d..9a7d3082ef9b23b1263a03d70b92b4f90e862479 100644
--- a/src/feature/nodelist/fmt_routerstatus.c
+++ b/src/feature/nodelist/fmt_routerstatus.c
@@ -233,7 +233,7 @@ routerstatus_format_entry(const routerstatus_t *rs, const char *version,
}
if (format == NS_V3_VOTE && vrs) {
- if (tor_mem_is_zero((char*)vrs->ed25519_id, ED25519_PUBKEY_LEN)) {
+ if (fast_mem_is_zero((char*)vrs->ed25519_id, ED25519_PUBKEY_LEN)) {
smartlist_add_strdup(chunks, "id ed25519 none\n");
} else {
char ed_b64[BASE64_DIGEST256_LEN+1];
diff --git a/src/feature/nodelist/microdesc.c b/src/feature/nodelist/microdesc.c
index 36922561a0fd1741c46b06b1343874231ddb5907..db2149754af7b551a3d596d69a22157ebc1f2b27 100644
--- a/src/feature/nodelist/microdesc.c
+++ b/src/feature/nodelist/microdesc.c
@@ -970,7 +970,7 @@ microdesc_list_missing_digest256(networkstatus_t *ns, microdesc_cache_t *cache,
continue;
if (skip && digest256map_get(skip, (const uint8_t*)rs->descriptor_digest))
continue;
- if (tor_mem_is_zero(rs->descriptor_digest, DIGEST256_LEN))
+ if (fast_mem_is_zero(rs->descriptor_digest, DIGEST256_LEN))
continue;
/* XXXX Also skip if we're a noncache and wouldn't use this router.
* XXXX NM Microdesc
diff --git a/src/feature/nodelist/nodelist.c b/src/feature/nodelist/nodelist.c
index 8aa49151076391d2c1a5a5aac1b0c543202505d4..21914c6c6df34517b3a4732b5b15af9d75ddf640 100644
--- a/src/feature/nodelist/nodelist.c
+++ b/src/feature/nodelist/nodelist.c
@@ -1859,7 +1859,7 @@ microdesc_has_curve25519_onion_key(const microdesc_t *md)
return 0;
}
- if (tor_mem_is_zero((const char*)md->onion_curve25519_pkey->public_key,
+ if (fast_mem_is_zero((const char*)md->onion_curve25519_pkey->public_key,
CURVE25519_PUBKEY_LEN)) {
return 0;
}
diff --git a/src/feature/nodelist/routerlist.c b/src/feature/nodelist/routerlist.c
index 48f448ad1e58fd76fb64f26328214324cd70f2e2..5fea1d1a8b73df854ff832d717aa3c2283775a9d 100644
--- a/src/feature/nodelist/routerlist.c
+++ b/src/feature/nodelist/routerlist.c
@@ -2969,7 +2969,7 @@ routerinfo_incompatible_with_extrainfo(const crypto_pk_t *identity_pkey,
digest256_matches = tor_memeq(ei->digest256,
sd->extra_info_digest256, DIGEST256_LEN);
digest256_matches |=
- tor_mem_is_zero(sd->extra_info_digest256, DIGEST256_LEN);
+ fast_mem_is_zero(sd->extra_info_digest256, DIGEST256_LEN);
/* The identity must match exactly to have been generated at the same time
* by the same router. */
@@ -3053,7 +3053,7 @@ routerinfo_has_curve25519_onion_key(const routerinfo_t *ri)
return 0;
}
- if (tor_mem_is_zero((const char*)ri->onion_curve25519_pkey->public_key,
+ if (fast_mem_is_zero((const char*)ri->onion_curve25519_pkey->public_key,
CURVE25519_PUBKEY_LEN)) {
return 0;
}
diff --git a/src/feature/nodelist/torcert.c b/src/feature/nodelist/torcert.c
index 56f1a8ac9f1bf95b708253429498a06811ec9fff..270c14eb1c4857b5dc0d39ac78997e2181afb6c5 100644
--- a/src/feature/nodelist/torcert.c
+++ b/src/feature/nodelist/torcert.c
@@ -74,7 +74,7 @@ tor_cert_sign_impl(const ed25519_keypair_t *signing_key,
tor_assert(real_len == alloc_len);
tor_assert(real_len > ED25519_SIG_LEN);
uint8_t *sig = encoded + (real_len - ED25519_SIG_LEN);
- tor_assert(tor_mem_is_zero((char*)sig, ED25519_SIG_LEN));
+ tor_assert(fast_mem_is_zero((char*)sig, ED25519_SIG_LEN));
ed25519_signature_t signature;
if (ed25519_sign(&signature, encoded,
diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c
index ac4b3b7a024a01b936281d783f678b43cf055270..82dad3191d2050251fcf210a1c8206356ac946f2 100644
--- a/src/feature/relay/router.c
+++ b/src/feature/relay/router.c
@@ -244,7 +244,7 @@ expire_old_onion_keys(void)
lastonionkey = NULL;
}
- /* We zero out the keypair. See the tor_mem_is_zero() check made in
+ /* We zero out the keypair. See the fast_mem_is_zero() check made in
* construct_ntor_key_map() below. */
memset(&last_curve25519_onion_key, 0, sizeof(last_curve25519_onion_key));
@@ -284,7 +284,7 @@ construct_ntor_key_map(void)
{
di_digest256_map_t *m = NULL;
- if (!tor_mem_is_zero((const char*)
+ if (!fast_mem_is_zero((const char*)
curve25519_onion_key.pubkey.public_key,
CURVE25519_PUBKEY_LEN)) {
dimap_add_entry(&m,
@@ -292,7 +292,7 @@ construct_ntor_key_map(void)
tor_memdup(&curve25519_onion_key,
sizeof(curve25519_keypair_t)));
}
- if (!tor_mem_is_zero((const char*)
+ if (!fast_mem_is_zero((const char*)
last_curve25519_onion_key.pubkey.public_key,
CURVE25519_PUBKEY_LEN)) {
dimap_add_entry(&m,
@@ -1049,7 +1049,7 @@ init_keys(void)
return -1;
keydir = get_keydir_fname("secret_onion_key_ntor.old");
- if (tor_mem_is_zero((const char *)
+ if (fast_mem_is_zero((const char *)
last_curve25519_onion_key.pubkey.public_key,
CURVE25519_PUBKEY_LEN) &&
file_status(keydir) == FN_FILE) {
diff --git a/src/lib/crypt_ops/crypto_format.c b/src/lib/crypt_ops/crypto_format.c
index e11b39119491867731b1ae8bc3d80955be5be4e0..118cd790453d79d738eb163896877a83cdc7a236 100644
--- a/src/lib/crypt_ops/crypto_format.c
+++ b/src/lib/crypt_ops/crypto_format.c
@@ -104,7 +104,7 @@ crypto_read_tagged_contents_from_file(const char *fname,
prefix[32] = 0;
/* Check type, extract tag. */
if (strcmpstart(prefix, "== ") || strcmpend(prefix, " ==") ||
- ! tor_mem_is_zero(prefix+strlen(prefix), 32-strlen(prefix))) {
+ ! fast_mem_is_zero(prefix+strlen(prefix), 32-strlen(prefix))) {
saved_errno = EINVAL;
goto end;
}
diff --git a/src/lib/string/util_string.h b/src/lib/string/util_string.h
index 7e8af0578c349ed2c49fb9a4b225ae76326c4803..b3c6841d41b66dc67ff58d61af5d2b993183e4ab 100644
--- a/src/lib/string/util_string.h
+++ b/src/lib/string/util_string.h
@@ -24,9 +24,6 @@ int fast_mem_is_zero(const char *mem, size_t len);
#define fast_digest_is_zero(d) fast_mem_is_zero((d), DIGEST_LEN)
#define fast_digetst256_is_zero(d) fast_mem_is_zero((d), DIGEST256_LEN)
-// XXXX remove this after we replace all users.
-#define tor_mem_is_zero fast_mem_is_zero
-
int tor_digest_is_zero(const char *digest);
int tor_digest256_is_zero(const char *digest);
diff --git a/src/test/test.c b/src/test/test.c
index be5cb12b1eeaaaf96bb1380fb13703d51569dff4..77c58ee681c30782fd1e8e365189be671d7ceeda 100644
--- a/src/test/test.c
+++ b/src/test/test.c
@@ -284,7 +284,7 @@ test_fast_handshake(void *arg)
/* First, test an entire handshake. */
memset(client_handshake, 0, sizeof(client_handshake));
tt_int_op(0, OP_EQ, fast_onionskin_create(&state, client_handshake));
- tt_assert(! tor_mem_is_zero((char*)client_handshake,
+ tt_assert(! fast_mem_is_zero((char*)client_handshake,
sizeof(client_handshake)));
tt_int_op(0, OP_EQ,
diff --git a/src/test/test_addr.c b/src/test/test_addr.c
index 3a1a7b69970e325d89eaf6f3386b4506c3208758..05d8bf6c7b8099c986c0c2cf66fc87407b8edd7c 100644
--- a/src/test/test_addr.c
+++ b/src/test/test_addr.c
@@ -240,7 +240,7 @@ test_addr_ip6_helpers(void *arg)
tt_int_op(0,OP_EQ, tor_addr_lookup("9000::5", AF_UNSPEC, &t1));
tt_int_op(AF_INET6,OP_EQ, tor_addr_family(&t1));
tt_int_op(0x90,OP_EQ, tor_addr_to_in6_addr8(&t1)[0]);
- tt_assert(tor_mem_is_zero((char*)tor_addr_to_in6_addr8(&t1)+1, 14));
+ tt_assert(fast_mem_is_zero((char*)tor_addr_to_in6_addr8(&t1)+1, 14));
tt_int_op(0x05,OP_EQ, tor_addr_to_in6_addr8(&t1)[15]);
/* === Test pton: valid af_inet6 */
@@ -697,7 +697,7 @@ test_addr_ip6_helpers(void *arg)
&t1,&mask,&port1,&port2);
tt_int_op(r,OP_EQ,AF_INET6);
tt_int_op(tor_addr_family(&t1),OP_EQ,AF_INET6);
- tt_assert(tor_mem_is_zero((const char*)tor_addr_to_in6_addr32(&t1), 16));
+ tt_assert(fast_mem_is_zero((const char*)tor_addr_to_in6_addr32(&t1), 16));
tt_int_op(mask,OP_EQ,0);
tt_int_op(port1,OP_EQ,1);
tt_int_op(port2,OP_EQ,65535);
diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c
index 08dfb6bcddce0e85fd282de0af164568040f8c3e..872da3d2c5239276d86af51160e6a35549562853 100644
--- a/src/test/test_crypto.c
+++ b/src/test/test_crypto.c
@@ -389,7 +389,7 @@ test_crypto_aes128(void *arg)
"\xff\xff\xff\xff\xff\xff\xff\xff"
"\xff\xff\xff\xff\xff\xff\xff\xff");
crypto_cipher_crypt_inplace(env1, data2, 64);
- tt_assert(tor_mem_is_zero(data2, 64));
+ tt_assert(fast_mem_is_zero(data2, 64));
done:
tor_free(mem_op_hex_tmp);
@@ -2134,7 +2134,7 @@ test_crypto_curve25519_persist(void *arg)
tt_u64_op((uint64_t)st.st_size, OP_EQ,
32+CURVE25519_PUBKEY_LEN+CURVE25519_SECKEY_LEN);
tt_assert(fast_memeq(content, "== c25519v1: testing ==", taglen));
- tt_assert(tor_mem_is_zero(content+taglen, 32-taglen));
+ tt_assert(fast_mem_is_zero(content+taglen, 32-taglen));
cp = content + 32;
tt_mem_op(keypair.seckey.secret_key,OP_EQ,
cp,
diff --git a/src/test/test_crypto_slow.c b/src/test/test_crypto_slow.c
index e24aee893019a54f4e83031888aef2ec291c5a39..3b20dfa587bde6278aa19cb8edac1ed3a342c04f 100644
--- a/src/test/test_crypto_slow.c
+++ b/src/test/test_crypto_slow.c
@@ -109,7 +109,7 @@ run_s2k_tests(const unsigned flags, const unsigned type,
secret_to_key_derivekey(buf3, sizeof(buf3), buf, speclen,
pw1, strlen(pw1)));
tt_mem_op(buf2, OP_EQ, buf3, sizeof(buf3));
- tt_assert(!tor_mem_is_zero((char*)buf2+keylen, sizeof(buf2)-keylen));
+ tt_assert(!fast_mem_is_zero((char*)buf2+keylen, sizeof(buf2)-keylen));
done:
;
diff --git a/src/test/test_extorport.c b/src/test/test_extorport.c
index cfdd11d161b800af807263a9e65cac79ba92c8f1..38aca902669a8678ec34c28690a734c414029c08 100644
--- a/src/test/test_extorport.c
+++ b/src/test/test_extorport.c
@@ -177,7 +177,7 @@ test_ext_or_init_auth(void *arg)
/* Shouldn't be initialized already, or our tests will be a bit
* meaningless */
ext_or_auth_cookie = tor_malloc_zero(32);
- tt_assert(tor_mem_is_zero((char*)ext_or_auth_cookie, 32));
+ tt_assert(fast_mem_is_zero((char*)ext_or_auth_cookie, 32));
/* Now make sure we use a temporary file */
fn = get_fname("ext_cookie_file");
@@ -202,7 +202,7 @@ test_ext_or_init_auth(void *arg)
tt_mem_op(cp,OP_EQ, "! Extended ORPort Auth Cookie !\x0a", 32);
tt_mem_op(cp+32,OP_EQ, ext_or_auth_cookie, 32);
memcpy(cookie0, ext_or_auth_cookie, 32);
- tt_assert(!tor_mem_is_zero((char*)ext_or_auth_cookie, 32));
+ tt_assert(!fast_mem_is_zero((char*)ext_or_auth_cookie, 32));
/* Operation should be idempotent. */
tt_int_op(0, OP_EQ, init_ext_or_cookie_authentication(1));
diff --git a/src/test/test_hs.c b/src/test/test_hs.c
index 5d3327c777fe51baebb97f97a640f1aab1292864..2b69aae547ae3ae21fdc52ed891b434be04abc27 100644
--- a/src/test/test_hs.c
+++ b/src/test/test_hs.c
@@ -448,7 +448,7 @@ test_hs_rend_data(void *arg)
tt_int_op(client_v2->auth_type, OP_EQ, REND_BASIC_AUTH);
tt_int_op(strlen(client_v2->onion_address), OP_EQ, 0);
tt_mem_op(client_v2->desc_id_fetch, OP_EQ, desc_id, sizeof(desc_id));
- tt_int_op(tor_mem_is_zero(client_v2->descriptor_cookie,
+ tt_int_op(fast_mem_is_zero(client_v2->descriptor_cookie,
sizeof(client_v2->descriptor_cookie)), OP_EQ, 1);
tt_assert(client->hsdirs_fp);
tt_int_op(smartlist_len(client->hsdirs_fp), OP_EQ, 0);
diff --git a/src/test/test_hs_cache.c b/src/test/test_hs_cache.c
index 2187c2be39b516c38dacadc82a70e2e00bb8857c..d71f8b6b182a089935e7778b5e0dbf0490dd7603 100644
--- a/src/test/test_hs_cache.c
+++ b/src/test/test_hs_cache.c
@@ -486,7 +486,7 @@ test_client_cache(void *arg)
NULL, &published_desc_str);
tt_int_op(retval, OP_EQ, 0);
memcpy(wanted_subcredential, published_desc->subcredential, DIGEST256_LEN);
- tt_assert(!tor_mem_is_zero((char*)wanted_subcredential, DIGEST256_LEN));
+ tt_assert(!fast_mem_is_zero((char*)wanted_subcredential, DIGEST256_LEN));
}
/* Test handle_response_fetch_hsdesc_v3() */
diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c
index 8362b6cbda44edbc5e3d4932195f65f2900276f2..6fd80051fdb97a07bd03aaa6b0ba5fd862dee842 100644
--- a/src/test/test_hs_client.c
+++ b/src/test/test_hs_client.c
@@ -395,7 +395,7 @@ test_client_pick_intro(void *arg)
tt_assert(fetched_desc);
tt_mem_op(fetched_desc->subcredential, OP_EQ, desc->subcredential,
DIGEST256_LEN);
- tt_assert(!tor_mem_is_zero((char*)fetched_desc->subcredential,
+ tt_assert(!fast_mem_is_zero((char*)fetched_desc->subcredential,
DIGEST256_LEN));
tor_free(encoded);
}
@@ -433,7 +433,7 @@ test_client_pick_intro(void *arg)
for (int i = 0; i < 64; ++i) {
extend_info_t *ip = client_get_random_intro(&service_kp.pubkey);
tor_assert(ip);
- tt_assert(!tor_mem_is_zero((char*)ip->identity_digest, DIGEST_LEN));
+ tt_assert(!fast_mem_is_zero((char*)ip->identity_digest, DIGEST_LEN));
tt_mem_op(ip->identity_digest, OP_EQ, chosen_intro_ei->identity_digest,
DIGEST_LEN);
extend_info_free(ip);
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index 5a3fd46dbe341179a307af03ea6b316fcda81300..6fe5573c0f06669e8d47f6e36fa2f3f010e00de7 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -126,7 +126,7 @@ test_descriptor_padding(void *arg)
tt_assert(padded_plaintext);
tor_free(plaintext);
/* Make sure our padding has been zeroed. */
- tt_int_op(tor_mem_is_zero((char *) padded_plaintext + plaintext_len,
+ tt_int_op(fast_mem_is_zero((char *) padded_plaintext + plaintext_len,
padded_len - plaintext_len), OP_EQ, 1);
tor_free(padded_plaintext);
/* Never never have a padded length smaller than the plaintext. */
@@ -143,7 +143,7 @@ test_descriptor_padding(void *arg)
tt_assert(padded_plaintext);
tor_free(plaintext);
/* Make sure our padding has been zeroed. */
- tt_int_op(tor_mem_is_zero((char *) padded_plaintext + plaintext_len,
+ tt_int_op(fast_mem_is_zero((char *) padded_plaintext + plaintext_len,
padded_len - plaintext_len), OP_EQ, 1);
tor_free(padded_plaintext);
/* Never never have a padded length smaller than the plaintext. */
@@ -160,7 +160,7 @@ test_descriptor_padding(void *arg)
tt_assert(padded_plaintext);
tor_free(plaintext);
/* Make sure our padding has been zeroed. */
- tt_int_op(tor_mem_is_zero((char *) padded_plaintext + plaintext_len,
+ tt_int_op(fast_mem_is_zero((char *) padded_plaintext + plaintext_len,
padded_len - plaintext_len), OP_EQ, 1);
tor_free(padded_plaintext);
/* Never never have a padded length smaller than the plaintext. */
diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c
index 57132e6197a5ba4fdbe9d02b3adf66de1fe20e02..63f6069227a9e0900273f8a008602011f2e9d49f 100644
--- a/src/test/test_hs_service.c
+++ b/src/test/test_hs_service.c
@@ -393,11 +393,11 @@ test_load_keys(void *arg)
tt_assert(s);
/* Ok we have the service object. Validate few things. */
- tt_assert(!tor_mem_is_zero(s->onion_address, sizeof(s->onion_address)));
+ tt_assert(!fast_mem_is_zero(s->onion_address, sizeof(s->onion_address)));
tt_int_op(hs_address_is_valid(s->onion_address), OP_EQ, 1);
- tt_assert(!tor_mem_is_zero((char *) s->keys.identity_sk.seckey,
+ tt_assert(!fast_mem_is_zero((char *) s->keys.identity_sk.seckey,
ED25519_SECKEY_LEN));
- tt_assert(!tor_mem_is_zero((char *) s->keys.identity_pk.pubkey,
+ tt_assert(!fast_mem_is_zero((char *) s->keys.identity_pk.pubkey,
ED25519_PUBKEY_LEN));
/* Check onion address from identity key. */
hs_build_address(&s->keys.identity_pk, s->config.version, addr);
@@ -677,7 +677,7 @@ test_service_intro_point(void *arg)
ip = helper_create_service_ip();
tt_assert(ip);
/* Make sure the authentication keypair is not zeroes. */
- tt_int_op(tor_mem_is_zero((const char *) &ip->auth_key_kp,
+ tt_int_op(fast_mem_is_zero((const char *) &ip->auth_key_kp,
sizeof(ed25519_keypair_t)), OP_EQ, 0);
/* The introduce2_max MUST be in that range. */
tt_u64_op(ip->introduce2_max, OP_GE,
@@ -1562,9 +1562,9 @@ test_build_update_descriptors(void *arg)
tt_int_op(smartlist_len(ip_cur->base.link_specifiers), OP_EQ, 3);
/* Make sure we have a valid encryption keypair generated when we pick an
* intro point in the update process. */
- tt_assert(!tor_mem_is_zero((char *) ip_cur->enc_key_kp.seckey.secret_key,
+ tt_assert(!fast_mem_is_zero((char *) ip_cur->enc_key_kp.seckey.secret_key,
CURVE25519_SECKEY_LEN));
- tt_assert(!tor_mem_is_zero((char *) ip_cur->enc_key_kp.pubkey.public_key,
+ tt_assert(!fast_mem_is_zero((char *) ip_cur->enc_key_kp.pubkey.public_key,
CURVE25519_PUBKEY_LEN));
tt_u64_op(ip_cur->time_to_expire, OP_GE, now +
INTRO_POINT_LIFETIME_MIN_SECONDS);
@@ -1884,9 +1884,9 @@ test_rendezvous1_parsing(void *arg)
}
/* Send out the RENDEZVOUS1 and make sure that our mock func worked */
- tt_assert(tor_mem_is_zero(rend1_payload, 32));
+ tt_assert(fast_mem_is_zero(rend1_payload, 32));
hs_circ_service_rp_has_opened(service, service_circ);
- tt_assert(!tor_mem_is_zero(rend1_payload, 32));
+ tt_assert(!fast_mem_is_zero(rend1_payload, 32));
tt_int_op(rend1_payload_len, OP_EQ, HS_LEGACY_RENDEZVOUS_CELL_SIZE);
/******************************/
diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c
index 34f59f26cdb500d9546c117fc98eecb5843d6ded..4e4c86aa0ae3020c2c22f028ac6c66fbf62d499b 100644
--- a/src/test/test_link_handshake.c
+++ b/src/test/test_link_handshake.c
@@ -263,7 +263,7 @@ test_link_handshake_certs_ok(void *arg)
tt_assert(c1->handshake_state->authenticated_rsa);
tt_assert(! c1->handshake_state->authenticated_ed25519);
}
- tt_assert(! tor_mem_is_zero(
+ tt_assert(! fast_mem_is_zero(
(char*)c1->handshake_state->authenticated_rsa_peer_id, 20));
chan2 = tor_malloc_zero(sizeof(*chan2));
@@ -290,7 +290,7 @@ test_link_handshake_certs_ok(void *arg)
tt_ptr_op(c2->handshake_state->certs->ed_id_sign, OP_EQ, NULL);
}
tt_assert(c2->handshake_state->certs->id_cert);
- tt_assert(tor_mem_is_zero(
+ tt_assert(fast_mem_is_zero(
(char*)c2->handshake_state->authenticated_rsa_peer_id, 20));
/* no authentication has happened yet, since we haen't gotten an AUTH cell.
*/
diff --git a/src/test/test_routerkeys.c b/src/test/test_routerkeys.c
index 102d9334a1725ce10ad3b93f8e54233f6cceee43..0c6b533698dfa261c9c2c3ff8e21622b0014553b 100644
--- a/src/test/test_routerkeys.c
+++ b/src/test/test_routerkeys.c
@@ -399,7 +399,7 @@ test_routerkeys_ed_key_init_split(void *arg)
tt_assert(kp2 != NULL);
tt_assert(cert == NULL);
tt_mem_op(&kp1->pubkey, OP_EQ, &kp2->pubkey, sizeof(kp2->pubkey));
- tt_assert(tor_mem_is_zero((char*)kp2->seckey.seckey,
+ tt_assert(fast_mem_is_zero((char*)kp2->seckey.seckey,
sizeof(kp2->seckey.seckey)));
ed25519_keypair_free(kp2); kp2 = NULL;
@@ -409,7 +409,7 @@ test_routerkeys_ed_key_init_split(void *arg)
tt_assert(kp2 != NULL);
tt_assert(cert == NULL);
tt_mem_op(&kp1->pubkey, OP_EQ, &kp2->pubkey, sizeof(kp2->pubkey));
- tt_assert(tor_mem_is_zero((char*)kp2->seckey.seckey,
+ tt_assert(fast_mem_is_zero((char*)kp2->seckey.seckey,
sizeof(kp2->seckey.seckey)));
ed25519_keypair_free(kp2); kp2 = NULL;
diff --git a/src/test/test_shared_random.c b/src/test/test_shared_random.c
index 480799383b0827648511e3fe1f9cab188144b3b7..9fb88b9bee7cdad00c422d2b7f239287fbd033d7 100644
--- a/src/test/test_shared_random.c
+++ b/src/test/test_shared_random.c
@@ -449,12 +449,12 @@ test_sr_commit(void *arg)
/* We should have a reveal value. */
tt_assert(commit_has_reveal_value(our_commit));
/* We should have a random value. */
- tt_assert(!tor_mem_is_zero((char *) our_commit->random_number,
+ tt_assert(!fast_mem_is_zero((char *) our_commit->random_number,
sizeof(our_commit->random_number)));
/* Commit and reveal timestamp should be the same. */
tt_u64_op(our_commit->commit_ts, OP_EQ, our_commit->reveal_ts);
/* We should have a hashed reveal. */
- tt_assert(!tor_mem_is_zero(our_commit->hashed_reveal,
+ tt_assert(!fast_mem_is_zero(our_commit->hashed_reveal,
sizeof(our_commit->hashed_reveal)));
/* Do we have a valid encoded commit and reveal. Note the following only
* tests if the generated values are correct. Their could be a bug in
diff --git a/src/test/test_util.c b/src/test/test_util.c
index 61e41e9a9b70fb93abeda5a303cea52b9868f13f..1c6ac61ebac9e5efe4122a64d1ba9fec1dfcb5f0 100644
--- a/src/test/test_util.c
+++ b/src/test/test_util.c
@@ -2087,14 +2087,14 @@ test_util_strmisc(void *arg)
/* Test mem_is_zero */
memset(buf,0,128);
buf[128] = 'x';
- tt_assert(tor_mem_is_zero(buf, 10));
- tt_assert(tor_mem_is_zero(buf, 20));
- tt_assert(tor_mem_is_zero(buf, 128));
- tt_assert(!tor_mem_is_zero(buf, 129));
+ tt_assert(fast_mem_is_zero(buf, 10));
+ tt_assert(fast_mem_is_zero(buf, 20));
+ tt_assert(fast_mem_is_zero(buf, 128));
+ tt_assert(!fast_mem_is_zero(buf, 129));
buf[60] = (char)255;
- tt_assert(!tor_mem_is_zero(buf, 128));
+ tt_assert(!fast_mem_is_zero(buf, 128));
buf[0] = (char)1;
- tt_assert(!tor_mem_is_zero(buf, 10));
+ tt_assert(!fast_mem_is_zero(buf, 10));
/* Test 'escaped' */
tt_ptr_op(escaped(NULL), OP_EQ, NULL);
@@ -3789,7 +3789,7 @@ test_util_memarea(void *arg)
tt_int_op(((uintptr_t)p3) % sizeof(void*),OP_EQ, 0);
tt_assert(!memarea_owns_ptr(area, p3+8192));
tt_assert(!memarea_owns_ptr(area, p3+30));
- tt_assert(tor_mem_is_zero(p2, 52));
+ tt_assert(fast_mem_is_zero(p2, 52));
/* Make sure we don't overalign. */
p1 = memarea_alloc(area, 1);
p2 = memarea_alloc(area, 1);
diff --git a/src/test/test_util_format.c b/src/test/test_util_format.c
index c8945a707c2f2e346cbb9b1516a4691a97c2c22f..2859da66b2e515a80f0af5c613a0856ac8551e47 100644
--- a/src/test/test_util_format.c
+++ b/src/test/test_util_format.c
@@ -367,7 +367,7 @@ test_util_format_base32_decode(void *arg)
ret = base32_decode(dst, real_dstlen, "#abcde", 6);
tt_int_op(ret, OP_EQ, -1);
/* Make sure the destination buffer has been zeroed even on error. */
- tt_int_op(tor_mem_is_zero(dst, real_dstlen), OP_EQ, 1);
+ tt_int_op(fast_mem_is_zero(dst, real_dstlen), OP_EQ, 1);
}
done: