aboutsummaryrefslogtreecommitdiff
path: root/src/common
diff options
context:
space:
mode:
authorMatej Pjafjar <badbytes@freehaven.net>2002-08-22 07:30:03 +0000
committerMatej Pjafjar <badbytes@freehaven.net>2002-08-22 07:30:03 +0000
commit01aadefbfc7dbd99ddaff922b897996b768cf2f9 (patch)
tree1b179ece1205951776136d4976915e39c27410ee /src/common
parentac942bb365d7f100c3ceabb7c3ed470b51aebde6 (diff)
downloadtor-01aadefbfc7dbd99ddaff922b897996b768cf2f9.tar
tor-01aadefbfc7dbd99ddaff922b897996b768cf2f9.tar.gz
Changed crypto calls to go through common/crypto.[hc] instead of calling OpenSSL directly.
svn:r76
Diffstat (limited to 'src/common')
-rw-r--r--src/common/Makefile.am4
-rw-r--r--src/common/crypto.c146
-rw-r--r--src/common/crypto.h9
3 files changed, 136 insertions, 23 deletions
diff --git a/src/common/Makefile.am b/src/common/Makefile.am
index 36b76c6a2..cc585e5a8 100644
--- a/src/common/Makefile.am
+++ b/src/common/Makefile.am
@@ -3,9 +3,9 @@ noinst_LIBRARIES = libor.a
#CFLAGS = -Wall -Wpointer-arith -O2
-libor_a_SOURCES = config.c key.c log.c utils.c crypto.c
+libor_a_SOURCES = config.c log.c utils.c crypto.c
-noinst_HEADERS = config.h key.h log.h \
+noinst_HEADERS = config.h log.h \
policies.h utils.h \
ss.h version.h crypto.h
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 94893f08c..2a457897a 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -2,11 +2,21 @@
/* See LICENSE for licensing information */
/* $Id$ */
-#include "crypto.h"
+#include <string.h>
+
+#include <openssl/err.h>
+#include <openssl/rsa.h>
+#include <openssl/pem.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
#include <stdlib.h>
#include <assert.h>
+#include "crypto.h"
+#include "config.h"
+#include "log.h"
+
int crypto_global_init()
{
ERR_load_crypto_strings();
@@ -201,8 +211,9 @@ int crypto_pk_read_private_key(crypto_pk_env_t *env, FILE *src)
switch(env->type) {
case CRYPTO_PK_RSA:
+/*
if (env->key)
- RSA_free((RSA *)env->key);
+ RSA_free((RSA *)env->key);*/
env->key = (unsigned char *)PEM_read_RSAPrivateKey(src, (RSA **)&env->key, NULL, NULL);
if (!env->key)
return -1;
@@ -213,14 +224,60 @@ int crypto_pk_read_private_key(crypto_pk_env_t *env, FILE *src)
return 0;
}
+
+int crypto_pk_read_private_key_filename(crypto_pk_env_t *env, unsigned char *keyfile)
+{
+ FILE *f_pr;
+ int retval = 0;
+
+ assert(env && keyfile);
+
+ if (strspn(keyfile,CONFIG_LEGAL_FILENAME_CHARACTERS) == strlen(keyfile)) /* filename contains legal characters only */
+ {
+ /* open the keyfile */
+ f_pr=fopen(keyfile,"r");
+ if (!f_pr)
+ return -1;
+
+ /* read the private key */
+ retval = crypto_pk_read_private_key(env, f_pr);
+ fclose(f_pr);
+ if (retval == -1)
+ {
+ log(LOG_ERR,"Error reading private key : %s",crypto_perror());
+ return -1;
+ }
+
+ /* check the private key */
+ retval = crypto_pk_check_key(env);
+ if (retval == 0)
+ {
+ log(LOG_ERR,"Private key read but is invalid : %s.", crypto_perror());
+ return -1;
+ }
+ else if (retval == -1)
+ {
+ log(LOG_ERR,"Private key read but validity checking failed : %s",crypto_perror());
+ return -1;
+ }
+ else if (retval == 1)
+ {
+ return 0;
+ }
+ } /* filename contains legal characters only */
+
+ return -1; /* report error */
+}
+
int crypto_pk_read_public_key(crypto_pk_env_t *env, FILE *src)
{
assert(env && src);
switch(env->type) {
case CRYPTO_PK_RSA:
+ /*
if (env->key)
- RSA_free((RSA *)env->key);
+ RSA_free((RSA *)env->key);*/
env->key = (unsigned char *)PEM_read_RSAPublicKey(src, (RSA **)&env->key, NULL, NULL);
if (!env->key)
return -1;
@@ -285,9 +342,9 @@ int crypto_pk_set_key(crypto_pk_env_t *env, unsigned char *key)
switch(env->type) {
case CRYPTO_PK_RSA:
- if (env->key)
- RSA_free((RSA *)env->key);
- env->key = key;
+ if (!env->key)
+ return -1;
+ memcpy((void *)env->key, (void *)key, sizeof(RSA));
break;
default :
return -1;
@@ -296,6 +353,36 @@ int crypto_pk_set_key(crypto_pk_env_t *env, unsigned char *key)
return 0;
}
+int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b) {
+ int result;
+
+ if (!a || !b)
+ return -1;
+
+ if (!a->key || !b->key)
+ return -1;
+
+ if (a->type != b->type)
+ return -1;
+
+ switch(a->type) {
+ case CRYPTO_PK_RSA:
+ assert(((RSA *)a->key)->n && ((RSA *)a->key)->e && ((RSA *)b->key)->n && ((RSA *)b->key)->e);
+ result = BN_cmp(((RSA *)a->key)->n, ((RSA *)b->key)->n);
+ if (result)
+ return result;
+ return BN_cmp(((RSA *)a->key)->e, ((RSA *)b->key)->e);
+ default:
+ return -1;
+ }
+}
+
+int crypto_pk_keysize(crypto_pk_env_t *env)
+{
+ assert(env && env->key);
+
+ return RSA_size((RSA *)env->key);
+}
int crypto_pk_public_encrypt(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to, int padding)
{
assert(env && from && to);
@@ -321,6 +408,23 @@ int crypto_pk_private_decrypt(crypto_pk_env_t *env, unsigned char *from, int fro
}
/* symmetric crypto */
+int crypto_cipher_generate_key(crypto_cipher_env_t *env)
+{
+ assert(env);
+
+ switch(env->type) {
+ case CRYPTO_CIPHER_IDENTITY:
+ return 0;
+ case CRYPTO_CIPHER_DES:
+ return crypto_rand(8, env->key);
+ case CRYPTO_CIPHER_RC4:
+ return crypto_rand(16, env->key);
+ default:
+ return -1;
+ }
+
+}
+
int crypto_cipher_set_iv(crypto_cipher_env_t *env, unsigned char *iv)
{
assert(env && iv);
@@ -329,13 +433,17 @@ int crypto_cipher_set_iv(crypto_cipher_env_t *env, unsigned char *iv)
case CRYPTO_CIPHER_IDENTITY:
break;
case CRYPTO_CIPHER_DES:
+ if (!env->iv)
+ return -1;
+ memcpy((void *)env->iv, (void *)iv, 8);
+ break;
case CRYPTO_CIPHER_RC4:
- if (env->iv)
- free((void *)env->iv);
- env->iv = iv;
- break;
+ if (!env->iv)
+ return -1;
+ memcpy((void *)env->iv, (void *)iv, 16);
+ break;
default:
- return -1;
+ return -1;
}
return 0;
@@ -348,10 +456,14 @@ int crypto_cipher_set_key(crypto_cipher_env_t *env, unsigned char *key)
case CRYPTO_CIPHER_IDENTITY:
break;
case CRYPTO_CIPHER_DES:
+ if (!env->key)
+ return -1;
+ memcpy((void *)env->key, (void *)key, 8);
+ break;
case CRYPTO_CIPHER_RC4:
- if (env->key)
- free((void *)env->key);
- env->key = key;
+ if (!env->key)
+ return -1;
+ memcpy((void *)env->key, (void *)key, 16);
break;
default:
return -1;
@@ -396,7 +508,7 @@ int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env)
return 0;
}
-int crypto_cipher_encrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to)
+int crypto_cipher_encrypt(crypto_cipher_env_t *env, unsigned char *from, size_t fromlen, unsigned char *to)
{
int tolen;
@@ -405,7 +517,7 @@ int crypto_cipher_encrypt(crypto_cipher_env_t *env, unsigned char *from, unsigne
return !(EVP_EncryptUpdate((EVP_CIPHER_CTX *)env->aux, to, &tolen, from, fromlen));
}
-int crypto_cipher_decrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to)
+int crypto_cipher_decrypt(crypto_cipher_env_t *env, unsigned char *from, size_t fromlen, unsigned char *to)
{
int tolen;
@@ -425,7 +537,7 @@ int crypto_SHA_digest(unsigned char *m, int len, unsigned char *digest)
int crypto_rand(unsigned int n, unsigned char *to)
{
assert(to);
- return (RAND_bytes(to, n) == -1);
+ return (RAND_bytes(to, n) != 1);
}
int crypto_pseudo_rand(unsigned int n, unsigned char *to)
diff --git a/src/common/crypto.h b/src/common/crypto.h
index e35c8e74c..b58b300a4 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -5,11 +5,8 @@
#ifndef __CRYPTO_H
#define __CRYPTO_H
-#include <openssl/err.h>
+#include <stdio.h>
#include <openssl/rsa.h>
-#include <openssl/pem.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
/* available encryption primitives */
#define CRYPTO_CIPHER_IDENTITY 0
@@ -54,13 +51,17 @@ int crypto_pk_read_public_key(crypto_pk_env_t *env, FILE *src);
int crypto_pk_write_private_key(crypto_pk_env_t *env, FILE *dest);
int crypto_pk_write_public_key(crypto_pk_env_t *env, FILE *dest);
int crypto_pk_check_key(crypto_pk_env_t *env);
+int crypto_pk_read_private_key_filename(crypto_pk_env_t *env, unsigned char *keyfile);
int crypto_pk_set_key(crypto_pk_env_t *env, unsigned char *key);
+int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b);
+int crypto_pk_keysize(crypto_pk_env_t *env);
int crypto_pk_public_encrypt(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to, int padding);
int crypto_pk_private_decrypt(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to, int padding);
/* symmetric crypto */
+int crypto_cipher_generate_key(crypto_cipher_env_t *env);
int crypto_cipher_set_iv(crypto_cipher_env_t *env, unsigned char *iv);
int crypto_cipher_set_key(crypto_cipher_env_t *env, unsigned char *key);
int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env);