diff options
| -rw-r--r-- | src/common/aes.c | 472 | ||||
| -rw-r--r-- | src/common/aes.h | 8 | ||||
| -rw-r--r-- | src/common/crypto.h | 3 | ||||
| -rw-r--r-- | src/common/fakepoll.c | 8 | ||||
| -rw-r--r-- | src/common/fakepoll.h | 8 | ||||
| -rw-r--r-- | src/common/log.c | 7 | ||||
| -rw-r--r-- | src/common/log.h | 8 | ||||
| -rw-r--r-- | src/common/torint.h | 9 | ||||
| -rw-r--r-- | src/common/tortls.c | 8 | ||||
| -rw-r--r-- | src/common/tortls.h | 8 | ||||
| -rw-r--r-- | src/common/util.c | 14 | ||||
| -rw-r--r-- | src/or/rendclient.c | 21 | ||||
| -rw-r--r-- | src/or/rendcommon.c | 18 | ||||
| -rw-r--r-- | src/or/rendmid.c | 12 | ||||
| -rw-r--r-- | src/or/rendservice.c | 82 |
15 files changed, 401 insertions, 285 deletions
diff --git a/src/common/aes.c b/src/common/aes.c index e4b3c8316..2d3f25cd5 100644 --- a/src/common/aes.c +++ b/src/common/aes.c @@ -844,9 +844,9 @@ static const u32 Td4[256] = { }; #endif static const u32 rcon[] = { - 0x01000000, 0x02000000, 0x04000000, 0x08000000, - 0x10000000, 0x20000000, 0x40000000, 0x80000000, - 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ + 0x01000000, 0x02000000, 0x04000000, 0x08000000, + 0x10000000, 0x20000000, 0x40000000, 0x80000000, + 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ }; #define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) @@ -862,196 +862,196 @@ static const u32 rcon[] = { /** * Expand the cipher key into the encryption key schedule. * - * @return the number of rounds for the given cipher key size. + * @return the number of rounds for the given cipher key size. */ int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) { - int i = 0; - u32 temp; + int i = 0; + u32 temp; - rk[0] = GETU32(cipherKey ); - rk[1] = GETU32(cipherKey + 4); - rk[2] = GETU32(cipherKey + 8); - rk[3] = GETU32(cipherKey + 12); - if (keyBits == 128) { - for (;;) { - temp = rk[3]; - rk[4] = rk[0] ^ - (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ - (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ - (Te4[(temp ) & 0xff] & 0x0000ff00) ^ - (Te4[(temp >> 24) ] & 0x000000ff) ^ - rcon[i]; - rk[5] = rk[1] ^ rk[4]; - rk[6] = rk[2] ^ rk[5]; - rk[7] = rk[3] ^ rk[6]; - if (++i == 10) { - return 10; - } - rk += 4; - } - } - rk[4] = GETU32(cipherKey + 16); - rk[5] = GETU32(cipherKey + 20); - if (keyBits == 192) { - for (;;) { - temp = rk[ 5]; - rk[ 6] = rk[ 0] ^ - (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ - (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ - (Te4[(temp ) & 0xff] & 0x0000ff00) ^ - (Te4[(temp >> 24) ] & 0x000000ff) ^ - rcon[i]; - rk[ 7] = rk[ 1] ^ rk[ 6]; - rk[ 8] = rk[ 2] ^ rk[ 7]; - rk[ 9] = rk[ 3] ^ rk[ 8]; - if (++i == 8) { - return 12; - } - rk[10] = rk[ 4] ^ rk[ 9]; - rk[11] = rk[ 5] ^ rk[10]; - rk += 6; - } - } - rk[6] = GETU32(cipherKey + 24); - rk[7] = GETU32(cipherKey + 28); - if (keyBits == 256) { + rk[0] = GETU32(cipherKey ); + rk[1] = GETU32(cipherKey + 4); + rk[2] = GETU32(cipherKey + 8); + rk[3] = GETU32(cipherKey + 12); + if (keyBits == 128) { + for (;;) { + temp = rk[3]; + rk[4] = rk[0] ^ + (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ + (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ + (Te4[(temp ) & 0xff] & 0x0000ff00) ^ + (Te4[(temp >> 24) ] & 0x000000ff) ^ + rcon[i]; + rk[5] = rk[1] ^ rk[4]; + rk[6] = rk[2] ^ rk[5]; + rk[7] = rk[3] ^ rk[6]; + if (++i == 10) { + return 10; + } + rk += 4; + } + } + rk[4] = GETU32(cipherKey + 16); + rk[5] = GETU32(cipherKey + 20); + if (keyBits == 192) { + for (;;) { + temp = rk[ 5]; + rk[ 6] = rk[ 0] ^ + (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ + (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ + (Te4[(temp ) & 0xff] & 0x0000ff00) ^ + (Te4[(temp >> 24) ] & 0x000000ff) ^ + rcon[i]; + rk[ 7] = rk[ 1] ^ rk[ 6]; + rk[ 8] = rk[ 2] ^ rk[ 7]; + rk[ 9] = rk[ 3] ^ rk[ 8]; + if (++i == 8) { + return 12; + } + rk[10] = rk[ 4] ^ rk[ 9]; + rk[11] = rk[ 5] ^ rk[10]; + rk += 6; + } + } + rk[6] = GETU32(cipherKey + 24); + rk[7] = GETU32(cipherKey + 28); + if (keyBits == 256) { for (;;) { - temp = rk[ 7]; - rk[ 8] = rk[ 0] ^ - (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ - (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ - (Te4[(temp ) & 0xff] & 0x0000ff00) ^ - (Te4[(temp >> 24) ] & 0x000000ff) ^ - rcon[i]; - rk[ 9] = rk[ 1] ^ rk[ 8]; - rk[10] = rk[ 2] ^ rk[ 9]; - rk[11] = rk[ 3] ^ rk[10]; - if (++i == 7) { - return 14; - } - temp = rk[11]; - rk[12] = rk[ 4] ^ - (Te4[(temp >> 24) ] & 0xff000000) ^ - (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^ - (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^ - (Te4[(temp ) & 0xff] & 0x000000ff); - rk[13] = rk[ 5] ^ rk[12]; - rk[14] = rk[ 6] ^ rk[13]; - rk[15] = rk[ 7] ^ rk[14]; + temp = rk[ 7]; + rk[ 8] = rk[ 0] ^ + (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ + (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ + (Te4[(temp ) & 0xff] & 0x0000ff00) ^ + (Te4[(temp >> 24) ] & 0x000000ff) ^ + rcon[i]; + rk[ 9] = rk[ 1] ^ rk[ 8]; + rk[10] = rk[ 2] ^ rk[ 9]; + rk[11] = rk[ 3] ^ rk[10]; + if (++i == 7) { + return 14; + } + temp = rk[11]; + rk[12] = rk[ 4] ^ + (Te4[(temp >> 24) ] & 0xff000000) ^ + (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(temp ) & 0xff] & 0x000000ff); + rk[13] = rk[ 5] ^ rk[12]; + rk[14] = rk[ 6] ^ rk[13]; + rk[15] = rk[ 7] ^ rk[14]; - rk += 8; + rk += 8; } - } - return 0; + } + return 0; } #if 0 /** * Expand the cipher key into the decryption key schedule. * - * @return the number of rounds for the given cipher key size. + * @return the number of rounds for the given cipher key size. */ int rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) { - int Nr, i, j; - u32 temp; + int Nr, i, j; + u32 temp; - /* expand the cipher key: */ - Nr = rijndaelKeySetupEnc(rk, cipherKey, keyBits); - /* invert the order of the round keys: */ - for (i = 0, j = 4*Nr; i < j; i += 4, j -= 4) { - temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; - temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; - temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; - temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; - } - /* apply the inverse MixColumn transform to all round keys but the first and the last: */ - for (i = 1; i < Nr; i++) { - rk += 4; - rk[0] = - Td0[Te4[(rk[0] >> 24) ] & 0xff] ^ - Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^ - Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^ - Td3[Te4[(rk[0] ) & 0xff] & 0xff]; - rk[1] = - Td0[Te4[(rk[1] >> 24) ] & 0xff] ^ - Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^ - Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^ - Td3[Te4[(rk[1] ) & 0xff] & 0xff]; - rk[2] = - Td0[Te4[(rk[2] >> 24) ] & 0xff] ^ - Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^ - Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^ - Td3[Te4[(rk[2] ) & 0xff] & 0xff]; - rk[3] = - Td0[Te4[(rk[3] >> 24) ] & 0xff] ^ - Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^ - Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^ - Td3[Te4[(rk[3] ) & 0xff] & 0xff]; - } - return Nr; + /* expand the cipher key: */ + Nr = rijndaelKeySetupEnc(rk, cipherKey, keyBits); + /* invert the order of the round keys: */ + for (i = 0, j = 4*Nr; i < j; i += 4, j -= 4) { + temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; + temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; + temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; + temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; + } + /* apply the inverse MixColumn transform to all round keys but the first and the last: */ + for (i = 1; i < Nr; i++) { + rk += 4; + rk[0] = + Td0[Te4[(rk[0] >> 24) ] & 0xff] ^ + Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^ + Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^ + Td3[Te4[(rk[0] ) & 0xff] & 0xff]; + rk[1] = + Td0[Te4[(rk[1] >> 24) ] & 0xff] ^ + Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^ + Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^ + Td3[Te4[(rk[1] ) & 0xff] & 0xff]; + rk[2] = + Td0[Te4[(rk[2] >> 24) ] & 0xff] ^ + Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^ + Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^ + Td3[Te4[(rk[2] ) & 0xff] & 0xff]; + rk[3] = + Td0[Te4[(rk[3] >> 24) ] & 0xff] ^ + Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^ + Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^ + Td3[Te4[(rk[3] ) & 0xff] & 0xff]; + } + return Nr; } #endif void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16], u8 ct[16]) { - u32 s0, s1, s2, s3, t0, t1, t2, t3; + u32 s0, s1, s2, s3, t0, t1, t2, t3; #ifndef FULL_UNROLL int r; #endif /* ?FULL_UNROLL */ /* - * map byte array block to cipher state - * and add initial round key: - */ - s0 = GETU32(pt ) ^ rk[0]; - s1 = GETU32(pt + 4) ^ rk[1]; - s2 = GETU32(pt + 8) ^ rk[2]; - s3 = GETU32(pt + 12) ^ rk[3]; + * map byte array block to cipher state + * and add initial round key: + */ + s0 = GETU32(pt ) ^ rk[0]; + s1 = GETU32(pt + 4) ^ rk[1]; + s2 = GETU32(pt + 8) ^ rk[2]; + s3 = GETU32(pt + 12) ^ rk[3]; #ifdef FULL_UNROLL /* round 1: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; - /* round 2: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; + /* round 2: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; /* round 3: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; - /* round 4: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; + /* round 4: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; /* round 5: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; - /* round 6: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; + /* round 6: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; /* round 7: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; - /* round 8: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; + /* round 8: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; /* round 9: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; if (Nr > 10) { /* round 10: */ s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; @@ -1079,8 +1079,8 @@ void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16], u8 c rk += Nr << 2; #else /* !FULL_UNROLL */ /* - * Nr - 1 full rounds: - */ + * Nr - 1 full rounds: + */ r = Nr >> 1; for (;;) { t0 = @@ -1140,50 +1140,50 @@ void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16], u8 c } #endif /* ?FULL_UNROLL */ /* - * apply last round and - * map cipher state to byte array block: - */ - s0 = - (Te4[(t0 >> 24) ] & 0xff000000) ^ - (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ - (Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ - (Te4[(t3 ) & 0xff] & 0x000000ff) ^ - rk[0]; - PUTU32(ct , s0); - s1 = - (Te4[(t1 >> 24) ] & 0xff000000) ^ - (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ - (Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ - (Te4[(t0 ) & 0xff] & 0x000000ff) ^ - rk[1]; - PUTU32(ct + 4, s1); - s2 = - (Te4[(t2 >> 24) ] & 0xff000000) ^ - (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ - (Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ - (Te4[(t1 ) & 0xff] & 0x000000ff) ^ - rk[2]; - PUTU32(ct + 8, s2); - s3 = - (Te4[(t3 >> 24) ] & 0xff000000) ^ - (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ - (Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ - (Te4[(t2 ) & 0xff] & 0x000000ff) ^ - rk[3]; - PUTU32(ct + 12, s3); + * apply last round and + * map cipher state to byte array block: + */ + s0 = + (Te4[(t0 >> 24) ] & 0xff000000) ^ + (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(t3 ) & 0xff] & 0x000000ff) ^ + rk[0]; + PUTU32(ct , s0); + s1 = + (Te4[(t1 >> 24) ] & 0xff000000) ^ + (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(t0 ) & 0xff] & 0x000000ff) ^ + rk[1]; + PUTU32(ct + 4, s1); + s2 = + (Te4[(t2 >> 24) ] & 0xff000000) ^ + (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(t1 ) & 0xff] & 0x000000ff) ^ + rk[2]; + PUTU32(ct + 8, s2); + s3 = + (Te4[(t3 >> 24) ] & 0xff000000) ^ + (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(t2 ) & 0xff] & 0x000000ff) ^ + rk[3]; + PUTU32(ct + 12, s3); } #if 0 void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16], u8 pt[16]) { - u32 s0, s1, s2, s3, t0, t1, t2, t3; + u32 s0, s1, s2, s3, t0, t1, t2, t3; #ifndef FULL_UNROLL int r; #endif /* ?FULL_UNROLL */ /* - * map byte array block to cipher state - * and add initial round key: - */ + * map byte array block to cipher state + * and add initial round key: + */ s0 = GETU32(ct ) ^ rk[0]; s1 = GETU32(ct + 4) ^ rk[1]; s2 = GETU32(ct + 8) ^ rk[2]; @@ -1258,7 +1258,7 @@ void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16], u8 p t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55]; } } - rk += Nr << 2; + rk += Nr << 2; #else /* !FULL_UNROLL */ /* * Nr - 1 full rounds: @@ -1322,36 +1322,44 @@ void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16], u8 p } #endif /* ?FULL_UNROLL */ /* - * apply last round and - * map cipher state to byte array block: - */ - s0 = - (Td4[(t0 >> 24) ] & 0xff000000) ^ - (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ - (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ - (Td4[(t1 ) & 0xff] & 0x000000ff) ^ - rk[0]; - PUTU32(pt , s0); - s1 = - (Td4[(t1 >> 24) ] & 0xff000000) ^ - (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ - (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ - (Td4[(t2 ) & 0xff] & 0x000000ff) ^ - rk[1]; - PUTU32(pt + 4, s1); - s2 = - (Td4[(t2 >> 24) ] & 0xff000000) ^ - (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ - (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ - (Td4[(t3 ) & 0xff] & 0x000000ff) ^ - rk[2]; - PUTU32(pt + 8, s2); - s3 = - (Td4[(t3 >> 24) ] & 0xff000000) ^ - (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ - (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ - (Td4[(t0 ) & 0xff] & 0x000000ff) ^ - rk[3]; - PUTU32(pt + 12, s3); + * apply last round and + * map cipher state to byte array block: + */ + s0 = + (Td4[(t0 >> 24) ] & 0xff000000) ^ + (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t1 ) & 0xff] & 0x000000ff) ^ + rk[0]; + PUTU32(pt , s0); + s1 = + (Td4[(t1 >> 24) ] & 0xff000000) ^ + (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t2 ) & 0xff] & 0x000000ff) ^ + rk[1]; + PUTU32(pt + 4, s1); + s2 = + (Td4[(t2 >> 24) ] & 0xff000000) ^ + (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t3 ) & 0xff] & 0x000000ff) ^ + rk[2]; + PUTU32(pt + 8, s2); + s3 = + (Td4[(t3 >> 24) ] & 0xff000000) ^ + (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t0 ) & 0xff] & 0x000000ff) ^ + rk[3]; + PUTU32(pt + 12, s3); } #endif + +/* + Local Variables: + mode:c + indent-tabs-mode:nil + c-basic-offset:2 + End: +*/ diff --git a/src/common/aes.h b/src/common/aes.h index f162da201..2edbb8818 100644 --- a/src/common/aes.h +++ b/src/common/aes.h @@ -21,3 +21,11 @@ void aes_set_counter(aes_cnt_cipher_t *cipher, uint64_t counter); void aes_adjust_counter(aes_cnt_cipher_t *cipher, long delta); #endif + +/* + Local Variables: + mode:c + indent-tabs-mode:nil + c-basic-offset:2 + End: +*/ diff --git a/src/common/crypto.h b/src/common/crypto.h index 36bc21fca..94a18abf2 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -20,6 +20,9 @@ #define PK_PKCS1_PADDING 60001 #define PK_PKCS1_OAEP_PADDING 60002 +#define PKCS1_PADDING_OVERHEAD 11 +#define PKCS1_OAEP_PADDING_OVERHEAD 42 + typedef struct crypto_pk_env_t crypto_pk_env_t; typedef struct crypto_cipher_env_t crypto_cipher_env_t; typedef struct crypto_digest_env_t crypto_digest_env_t; diff --git a/src/common/fakepoll.c b/src/common/fakepoll.c index b60514a25..37258d832 100644 --- a/src/common/fakepoll.c +++ b/src/common/fakepoll.c @@ -95,3 +95,11 @@ tor_poll(struct pollfd *ufds, unsigned int nfds, int timeout) return r; } #endif + +/* + Local Variables: + mode:c + indent-tabs-mode:nil + c-basic-offset:2 + End: +*/ diff --git a/src/common/fakepoll.h b/src/common/fakepoll.h index 93e287925..47490326c 100644 --- a/src/common/fakepoll.h +++ b/src/common/fakepoll.h @@ -46,3 +46,11 @@ int tor_poll(struct pollfd *ufds, unsigned int nfds, int timeout); #endif #endif + +/* + Local Variables: + mode:c + indent-tabs-mode:nil + c-basic-offset:2 + End: +*/ diff --git a/src/common/log.c b/src/common/log.c index 5e52cfff4..73733dccf 100644 --- a/src/common/log.c +++ b/src/common/log.c @@ -170,3 +170,10 @@ int add_file_log(int loglevel, const char *filename) return 0; } +/* + Local Variables: + mode:c + indent-tabs-mode:nil + c-basic-offset:2 + End: +*/ diff --git a/src/common/log.h b/src/common/log.h index 4656a2196..cd107fcfd 100644 --- a/src/common/log.h +++ b/src/common/log.h @@ -43,3 +43,11 @@ void _log_fn(int severity, const char *funcname, const char *format, ...) # define __LOG_H #endif + +/* + Local Variables: + mode:c + indent-tabs-mode:nil + c-basic-offset:2 + End: +*/ diff --git a/src/common/torint.h b/src/common/torint.h index d3efe6212..c80404a46 100644 --- a/src/common/torint.h +++ b/src/common/torint.h @@ -152,5 +152,12 @@ typedef unsigned __int64 uint64_t; #error "Missing type uint64_t" #endif - #endif /* __TORINT_H */ + +/* + Local Variables: + mode:c + indent-tabs-mode:nil + c-basic-offset:2 + End: +*/ diff --git a/src/common/tortls.c b/src/common/tortls.c index 956692b83..e347d898e 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -584,3 +584,11 @@ unsigned long tor_tls_get_n_bytes_written(tor_tls *tls) assert(tls); return BIO_number_written(SSL_get_wbio(tls->ssl)); } + +/* + Local Variables: + mode:c + indent-tabs-mode:nil + c-basic-offset:2 + End: +*/ diff --git a/src/common/tortls.h b/src/common/tortls.h index 14dd3dda4..d9e326e55 100644 --- a/src/common/tortls.h +++ b/src/common/tortls.h @@ -33,3 +33,11 @@ unsigned long tor_tls_get_n_bytes_read(tor_tls *tls); unsigned long tor_tls_get_n_bytes_written(tor_tls *tls); #endif + +/* + Local Variables: + mode:c + indent-tabs-mode:nil + c-basic-offset:2 + End: +*/ diff --git a/src/common/util.c b/src/common/util.c index 050340f18..23a4aa55f 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -298,7 +298,7 @@ struct strmap_t { }; static int compare_strmap_entries(struct strmap_entry_t *a, - struct strmap_entry_t *b) + struct strmap_entry_t *b) { return strcmp(a->key, b->key); } @@ -444,8 +444,8 @@ void* strmap_remove_lc(strmap_t *map, const char *key) * strmap_foreach(map, upcase_and_remove_empty_vals, NULL); */ void strmap_foreach(strmap_t *map, - void* (*fn)(const char *key, void *val, void *data), - void *data) + void* (*fn)(const char *key, void *val, void *data), + void *data) { strmap_entry_t *ptr, *next; assert(map && fn); @@ -1298,3 +1298,11 @@ int tor_inet_aton(const char *c, struct in_addr* addr) return 1; #endif } + +/* + Local Variables: + mode:c + indent-tabs-mode:nil + c-basic-offset:2 + End: +*/ diff --git a/src/or/rendclient.c b/src/or/rendclient.c index 66c6363a3..566e6d945 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -41,12 +41,15 @@ rend_client_send_establish_rendezvous(circuit_t *circ) return 0; } +/* Called when we're trying to connect an ap conn; sends an INTRODUCE1 cell + * down introcirc if possible. + */ int rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc) { const char *descp; int desc_len, payload_len, r; char payload[RELAY_PAYLOAD_SIZE]; - char tmp[20+20+128]; + char tmp[(MAX_NICKNAME_LEN+1)+REND_COOKIE_LEN+DH_KEY_LEN]; rend_service_descriptor_t *parsed=NULL; crypt_path_t *cpath; @@ -85,22 +88,25 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc) { } /* write the remaining items into tmp */ - strncpy(tmp, rendcirc->build_state->chosen_exit, 20); /* nul pads */ - memcpy(tmp+20, rendcirc->rend_cookie, 20); - if (crypto_dh_get_public(cpath->handshake_state, tmp+40, 128)<0) { + strncpy(tmp, rendcirc->build_state->chosen_exit, (MAX_NICKNAME_LEN+1)); /* nul pads */ + memcpy(tmp+MAX_NICKNAME_LEN+1, rendcirc->rend_cookie, REND_COOKIE_LEN); + if (crypto_dh_get_public(cpath->handshake_state, + tmp+MAX_NICKNAME_LEN+1+REND_COOKIE_LEN, + DH_KEY_LEN)<0) { log_fn(LOG_WARN, "Couldn't extract g^x"); goto err; } r = crypto_pk_public_hybrid_encrypt(parsed->pk, tmp, - 20+20+128, payload+20, + MAX_NICKNAME_LEN+1+REND_COOKIE_LEN+DH_KEY_LEN, + payload+DIGEST_LEN, PK_PKCS1_OAEP_PADDING); if (r<0) { log_fn(LOG_WARN,"hybrid pk encrypt failed."); goto err; } - payload_len = 20 + r; + payload_len = DIGEST_LEN + r; rend_service_descriptor_free(parsed); @@ -142,6 +148,9 @@ rend_client_rendcirc_is_open(circuit_t *circ) connection_ap_attach_pending(); } +/* Called when we recieve a RENDEZVOUS_ESTABLISHED cell; changes the state of + * the circuit to C_REND_READY. + */ int rend_client_rendezvous_acked(circuit_t *circ, const char *request, int request_len) { diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index 4fb333af9..d0bc78d9d 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -4,6 +4,8 @@ #include "or.h" +/* Free the storage held by held by 'desc'. + */ void rend_service_descriptor_free(rend_service_descriptor_t *desc) { int i; @@ -18,6 +20,9 @@ void rend_service_descriptor_free(rend_service_descriptor_t *desc) tor_free(desc); } +/* Encode a service descriptor for 'desc', and sign it with 'key'. Stores + * the descriptor in *str_out, and sets *len_out to its length. + */ int rend_encode_service_descriptor(rend_service_descriptor_t *desc, crypto_pk_env_t *key, @@ -120,6 +125,9 @@ rend_service_descriptor_t *rend_parse_service_descriptor( return NULL; } +/* Sets out to the first 10 bytes of the digest of 'pk', base32 encoded. + * NUL-terminates out. + */ int rend_get_service_id(crypto_pk_env_t *pk, char *out) { char buf[DIGEST_LEN]; @@ -136,18 +144,22 @@ int rend_get_service_id(crypto_pk_env_t *pk, char *out) #define REND_CACHE_MAX_SKEW 60*60 typedef struct rend_cache_entry_t { - int len; - char *desc; - rend_service_descriptor_t *parsed; + int len; /* Length of desc */ + char *desc; /* Service descriptor */ + rend_service_descriptor_t *parsed; /* Parsed vvalue of 'desc' */ } rend_cache_entry_t; static strmap_t *rend_cache = NULL; +/* Initializes the service descriptor cache. + */ void rend_cache_init(void) { rend_cache = strmap_new(); } +/* Removes all old entries from the service descriptor cache. + */ void rend_cache_clean(void) { strmap_iter_t *iter; diff --git a/src/or/rendmid.c b/src/or/rendmid.c index 5d795cf4b..3e341714c 100644 --- a/src/or/rendmid.c +++ b/src/or/rendmid.c @@ -5,7 +5,7 @@ #include "or.h" /* Respond to an ESTABLISH_INTRO cell by setting the circuit's purpose and - * rendevous service. + * service pk digest.. */ int rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len) @@ -85,7 +85,7 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len) /* Now, set up this circuit. */ circ->purpose = CIRCUIT_PURPOSE_INTRO_POINT; - memcpy(circ->rend_pk_digest, pk_digest, 20); + memcpy(circ->rend_pk_digest, pk_digest, DIGEST_LEN); log_fn(LOG_INFO, "Established introduction point on circuit %d for service %s", @@ -116,7 +116,8 @@ rend_mid_introduce(circuit_t *circ, const char *request, int request_len) goto err; } - if (request_len < 246) { + if (request_len < (DIGEST_LEN+(MAX_NICKNAME_LEN+1)+REND_COOKIE_LEN+ + DH_KEY_LEN+CIPHER_KEY_LEN+PKCS1_OAEP_PADDING_OVERHEAD)) { log_fn(LOG_WARN, "Impossibly short INTRODUCE1 cell on circuit %d; dropping.", circ->p_circ_id); @@ -237,7 +238,8 @@ rend_mid_rendezvous(circuit_t *circ, const char *request, int request_len) /* Send the RENDEZVOUS2 cell to Alice. */ if (connection_edge_send_command(NULL, rend_circ, RELAY_COMMAND_RENDEZVOUS2, - request+20, request_len-20, NULL)) { + request+REND_COOKIE_LEN, + request_len-REND_COOKIE_LEN, NULL)) { log_fn(LOG_WARN, "Unable to send RENDEZVOUS2 cell to OP on circuit %d", rend_circ->p_circ_id); goto err; @@ -250,7 +252,7 @@ rend_mid_rendezvous(circuit_t *circ, const char *request, int request_len) circ->purpose = CIRCUIT_PURPOSE_REND_ESTABLISHED; rend_circ->purpose = CIRCUIT_PURPOSE_REND_ESTABLISHED; - memset(circ->rend_cookie, 0, 20); + memset(circ->rend_cookie, 0, REND_COOKIE_LEN); rend_circ->rend_splice = circ; circ->rend_splice = rend_circ; diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 5fc5c0eee..c4dcd0979 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -16,6 +16,8 @@ typedef struct rend_service_port_config_t { uint32_t real_address; } rend_service_port_config_t; +/* Try to maintain this many intro points per service if possible. + */ #define NUM_INTRO_POINTS 3 /* Represents a single hidden service running at this OP. @@ -34,27 +36,32 @@ typedef struct rend_service_t { rend_service_descriptor_t *desc; } rend_service_t; -/* A list of rend_service_t. +/* A list of rend_service_t's for services run on this OP. */ static smartlist_t *rend_service_list = NULL; -static void rend_service_free(rend_service_t *config) +/* Release the storage held by 'service'. + */ +static void rend_service_free(rend_service_t *service) { - if (!config) return; - tor_free(config->directory); - SMARTLIST_FOREACH(config->ports, void*, p, tor_free(p)); - smartlist_free(config->ports); - if (config->private_key) - crypto_free_pk_env(config->private_key); - tor_free(config->intro_prefer_nodes); - tor_free(config->intro_exclude_nodes); - SMARTLIST_FOREACH(config->intro_nodes, void*, p, tor_free(p)); - smartlist_free(config->intro_nodes); - if (config->desc) - rend_service_descriptor_free(config->desc); - tor_free(config); + if (!service) return; + tor_free(service->directory); + SMARTLIST_FOREACH(service->ports, void*, p, tor_free(p)); + smartlist_free(service->ports); + if (service->private_key) + crypto_free_pk_env(service->private_key); + tor_free(service->intro_prefer_nodes); + tor_free(service->intro_exclude_nodes); + SMARTLIST_FOREACH(service->intro_nodes, void*, p, tor_free(p)); + smartlist_free(service->intro_nodes); + if (service->desc) + rend_service_descriptor_free(service->desc); + tor_free(service); } +/* Release all the storage held in rend_service_list, and allocate a new, + * empty rend_service_list. + */ static void rend_service_free_all(void) { if (!rend_service_list) { @@ -67,6 +74,8 @@ static void rend_service_free_all(void) rend_service_list = smartlist_create(); } +/* Validate 'service' and add it to rend_service_list if possible. + */ static void add_service(rend_service_t *service) { int i; @@ -94,7 +103,10 @@ static void add_service(rend_service_t *service) } } -/* Format: VirtualPort (IP|RealPort|IP:RealPort)? +/* Parses a real-port to virtual-port mapping and returns a new + * rend_service_port_config_t. + * + * The format is: VirtualPort (IP|RealPort|IP:RealPort)? * IP defaults to 127.0.0.1; RealPort defaults to VirtualPort. */ static rend_service_port_config_t *parse_port_config(const char *string) @@ -117,7 +129,7 @@ static rend_service_port_config_t *parse_port_config(const char *string) if (!*string) { /* No addr:port part; use default. */ realport = virtport; - addr.s_addr = htonl(0x7F000001u); + addr.s_addr = htonl(0x7F000001u); /* 127.0.0.1 */ } else { colon = strchr(string, ':'); if (colon) { @@ -256,8 +268,8 @@ int rend_service_init_keys(void) return -1; /* Load key */ - if (strlcpy(fname,s->directory,512) >= 512 || - strlcat(fname,"/private_key",512) >= 512) { + if (strlcpy(fname,s->directory,sizeof(fname)) >= sizeof(fname) || + strlcat(fname,"/private_key",sizeof(fname)) >= sizeof(fname)) { log_fn(LOG_WARN, "Directory name too long: '%s'", s->directory); return -1; } @@ -274,8 +286,8 @@ int rend_service_init_keys(void) log_fn(LOG_WARN, "Couldn't compute hash of public key"); return -1; } - if (strlcpy(fname,s->directory,512) >= 512 || - strlcat(fname,"/hostname",512) >= 512) { + if (strlcpy(fname,s->directory,sizeof(fname)) >= sizeof(fname) || + strlcat(fname,"/hostname",sizeof(fname)) >= sizeof(fname)) { log_fn(LOG_WARN, "Directory name too long: '%s'", s->directory); return -1; } @@ -286,11 +298,14 @@ int rend_service_init_keys(void) return 0; } +/* Return the service whose public key has a digest of 'digest'. Return + * NULL if no such service exists. + */ static rend_service_t * rend_service_get_by_pk_digest(const char* digest) { SMARTLIST_FOREACH(rend_service_list, rend_service_t*, s, - if (!memcmp(s->pk_digest,digest,20)) return s); + if (!memcmp(s->pk_digest,digest,DIGEST_LEN)) return s); return NULL; } @@ -326,9 +341,9 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len) return -1; } - /* XXX NM this is wrong, right? */ /* min key length plus digest length plus nickname length */ - if (request_len < 148) { + if (request_len < DIGEST_LEN+REND_COOKIE_LEN+(MAX_NICKNAME_LEN+1)+ + DH_KEY_LEN+42){ log_fn(LOG_WARN, "Got a truncated INTRODUCE2 cell on circ %d", circuit->n_circ_id); return -1; @@ -374,7 +389,7 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len) rp_nickname = buf; ptr = buf+(MAX_NICKNAME_LEN+1); len -= (MAX_NICKNAME_LEN+1); - if (len != 20+128) { + if (len != REND_COOKIE_LEN+DH_KEY_LEN) { log_fn(LOG_WARN, "Bad length for INTRODUCE2 cell."); return -1; } @@ -415,9 +430,9 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len) cpath->handshake_state = dh; dh = NULL; - if (circuit_init_cpath_crypto(cpath,keys+20,1)<0) + if (circuit_init_cpath_crypto(cpath,keys+DIGEST_LEN,1)<0) goto err; - memcpy(cpath->handshake_digest, keys, 20); + memcpy(cpath->handshake_digest, keys, DIGEST_LEN); return 0; err: @@ -460,9 +475,8 @@ rend_service_intro_is_ready(circuit_t *circuit) rend_service_t *service; int len, r; char buf[RELAY_PAYLOAD_SIZE]; - char auth[DIGEST_LEN + 10]; + char auth[DIGEST_LEN + 9]; char hexid[9]; - char hexdigest[DIGEST_LEN*2+1]; assert(circuit->purpose == CIRCUIT_PURPOSE_S_ESTABLISH_INTRO); assert(circuit->cpath); @@ -485,15 +499,9 @@ rend_service_intro_is_ready(circuit_t *circuit) set_uint16(buf, len); len += 2; memcpy(auth, circuit->cpath->prev->handshake_digest, DIGEST_LEN); - /* XXXX remove me once we've debugged this; this info should not be logged. - */ - hex_encode(circuit->cpath->prev->handshake_digest, DIGEST_LEN, hexdigest); - log_fn(LOG_INFO,"Handshake information is: %s", hexdigest); memcpy(auth+DIGEST_LEN, "INTRODUCE", 9); if (crypto_digest(auth, DIGEST_LEN+9, buf+len)) goto err; - hex_encode(buf+len, DIGEST_LEN, hexdigest); - log_fn(LOG_INFO,"Authentication is: %s", hexdigest); len += 20; r = crypto_pk_private_sign_digest(service->private_key, buf, len, buf+len); if (r<0) { @@ -597,6 +605,10 @@ rend_service_rendezvous_is_ready(circuit_t *circuit) * Manage introduction points ******/ +/* Return the introduction circuit ending at 'router' for the service + * whose public key is 'pk_digest'. Return NULL if no such service is + * found. + */ static circuit_t * find_intro_circuit(routerinfo_t *router, const char *pk_digest) { |