aboutsummaryrefslogtreecommitdiff
path: root/src/common/crypto.c
Commit message (Collapse)AuthorAge
* Make sure everything using an interned string is preceded by a logNick Mathewson2014-04-16
| | | | | (It's nice to know what we were about to rename before we died from renaming it.)
* Fix warnings from doxygenNick Mathewson2014-03-25
| | | | | | Most of these are simple. The only nontrivial part is that our pattern for using ENUM_BF was confusing doxygen by making declarations that didn't look like declarations.
* Never run crypto_early_init() more than onceRoger Dingledine2014-03-23
| | | | | Previously we had set up all the infrastructure to avoid calling it after the first time, but didn't actually use it.
* whitespace fixRoger Dingledine2014-03-23
|
* Write hashed bridge fingerprint to logs and to disk.Karsten Loesing2014-02-28
| | | | Implements #10884.
* Randomize the global siphash key at startupNick Mathewson2014-02-12
| | | | This completes our conversion to using siphash for our hash functions.
* Split crypto_global_init() into pre/post configNick Mathewson2014-02-12
| | | | | | | | | It's increasingly apparent that we want to make sure we initialize our PRNG nice and early, or else OpenSSL will do it for us. (OpenSSL doesn't do _too_ bad a job, but it's nice to do it ourselves.) We'll also need this for making sure we initialize the siphash key before we do any hashes.
* Some anti-forensics paranoia...Florent Daigniere2014-02-03
| | | | sed -i 's/BN_free/BN_clear_free/g'
* Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson2013-12-18
|\ | | | | | | | | Conflicts: src/common/crypto.c
| * Never allow OpenSSL engines to replace the RAND_SSLeay methodNick Mathewson2013-12-18
| | | | | | | | | | | | | | | | | | | | | | This fixes bug 10402, where the rdrand engine would use the rdrand instruction, not as an additional entropy source, but as a replacement for the entire userspace PRNG. That's obviously stupid: even if you don't think that RDRAND is a likely security risk, the right response to an alleged new alleged entropy source is never to throw away all previously used entropy sources. Thanks to coderman and rl1987 for diagnosing and tracking this down.
* | Fix compilation under openssl 0.9.8Nick Mathewson2013-11-18
| | | | | | | | | | | | | | It's not nice to talk about NID_aes_{128,256}_{ctr,gcm} when they don't exist. Fix on 84458b79a78ea7e26820bf0; bug not in any released Tor.
* | Log more OpenSSL engine statuses at startup.Nick Mathewson2013-11-18
| | | | | | | | Fixes ticket 10043; patch from Joshua Datko.
* | Merge remote-tracking branch 'Ryman/bug6384'Nick Mathewson2013-09-13
|\ \ | | | | | | | | | | | | | | | Conflicts: src/or/config.c src/or/main.c
| * | Fixed leak and added minor documentation for #6384.Kevin Butler2013-09-04
| | |
| * | Added --library-versions flag to print the compile time and runtime versions ↵Kevin Butler2013-09-01
| | | | | | | | | | | | of libevent, openssl and zlib. Partially implements #6384.
* | | Merge remote-tracking branch 'ctoader/gsoc-cap-stage2'Nick Mathewson2013-09-13
|\ \ \ | |/ / |/| | | | | | | | Conflicts: src/common/sandbox.c
| * | updated filters to work with orportCristian Toader2013-08-09
| | |
* | | More unit tests for handle_client_auth_nonceNick Mathewson2013-08-15
| | | | | | | | | | | | | | | | | | Incidentally, this business here where I make crypto_rand mockable: this is exactly the kind of thing that would make me never want to include test-support stuff in production builds.
* | | Completely refactor how FILENAME_PRIVATE worksNick Mathewson2013-07-10
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We previously used FILENAME_PRIVATE identifiers mostly for identifiers exposed only to the unit tests... but also for identifiers exposed to the benchmarker, and sometimes for identifiers exposed to a similar module, and occasionally for no really good reason at all. Now, we use FILENAME_PRIVATE identifiers for identifiers shared by Tor and the unit tests. They should be defined static when we aren't building the unit test, and globally visible otherwise. (The STATIC macro will keep us honest here.) For identifiers used only by the unit tests and never by Tor at all, on the other hand, we wrap them in #ifdef TOR_UNIT_TESTS. This is not the motivating use case for the split test/non-test build system; it's just a test example to see how it works, and to take a chance to clean up the code a little.
* | Make OPENSSL_free(dh_string_repr) conditional.Nick Mathewson2013-06-10
| |
* | Bug #5170 - also simplify i2d_DHparamsMarek Majkowski2013-06-06
| |
* | Bug #5170 - i2d_RSAPublicKey supports allocating its own output bufferMarek Majkowski2013-06-06
| |
* | Remove PK_PKCS1_PADDINGArlo Breault2013-05-17
| | | | | | | | See #8792
* | Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson2013-04-18
|\| | | | | | | | | Conflicts: src/common/crypto.c
| * Remove a double-newlineNick Mathewson2013-04-18
| |
| * Merge branch 'less_charbuf_rebased' into maint-0.2.4Nick Mathewson2013-04-18
| |\ | | | | | | | | | | | | | | | | | | Conflicts: src/or/dirserv.c src/or/dirserv.h src/test/test_dir.c
| | * Fix a couple of documentation issues.Nick Mathewson2013-04-18
| | |
| | * Refactor dirobj signature generationNick Mathewson2013-04-18
| | | | | | | | | | | | | | | | | | Now we can compute the hash and signature of a dirobj before concatenating the smartlist, and we don't need to play silly games with sigbuf and realloc any more.
* | | Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson2013-03-18
|\| |
| * | Merge remote-tracking branch 'public/bug6673' into maint-0.2.4Nick Mathewson2013-03-18
| |\ \
| | * | Give an #error when we want threads and OpenSSL has disabled threadsNick Mathewson2013-03-11
| | |/ | | | | | | | | | Fixes ticket 6673.
* | | Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson2013-03-15
|\| | | | | | | | | | | | | | Conflicts: src/or/routerlist.c
| * | Remove some functions which were unused except for their testsNick Mathewson2013-02-23
| | |
| * | Remove a bunch of unused macro definitionsNick Mathewson2013-02-23
| |/
* | Remove unused check_fingerprint_syntaxNick Mathewson2013-03-01
| |
* | Remove unused HMAC-SHA1 functionNick Mathewson2013-03-01
|/ | | | | (We're not adding any new SHA1 instances in our protocols, so this should never actually be needed.)
* Fix numerous problems with Tor's weak RNG.Nick Mathewson2013-02-08
| | | | | | | | | | | | | | | We need a weak RNG in a couple of places where the strong RNG is both needless and too slow. We had been using the weak RNG from our platform's libc implementation, but that was problematic (because many platforms have exceptionally horrible weak RNGs -- like, ones that only return values between 0 and SHORT_MAX) and because we were using it in a way that was wrong for LCG-based weak RNGs. (We were counting on the low bits of the LCG output to be as random as the high ones, which isn't true.) This patch adds a separate type for a weak RNG, adds an LCG implementation for it, and uses that exclusively where we had been using the platform weak RNG.
* fix wide lines from tor_log renameNick Mathewson2013-02-01
|
* Rename log() to tor_log() for loggingNick Mathewson2013-02-01
| | | | | | | | | | | | | This is meant to avoid conflict with the built-in log() function in math.h. It resolves ticket 7599. First reported by dhill. This was generated with the following perl script: #!/usr/bin/perl -w -i -p s/\blog\(LOG_(ERR|WARN|NOTICE|INFO|DEBUG)\s*,\s*/log_\L$1\(/g; s/\blog\(/tor_log\(/g;
* Replace base-{16,32,64} with base{16,32,64} in the codeNick Mathewson2013-01-17
| | | | | | | | Patch from onizuka generated with find ./ -type f -perm -u+rw -exec sed -ri 's/(Base)-(16|32|64)/\1\2/gi' {} \; Fixes issue 6875 on Tor.
* Merge branch '024_msvc_squashed'Nick Mathewson2013-01-16
|\ | | | | | | | | | | Conflicts: src/or/or.h srcwin32/orconfig.h
| * When building with MSVC, call every enum bitfield unsignedNick Mathewson2013-01-16
| | | | | | | | Fixes bug 7305.
* | Update the copyright date to 201.Nick Mathewson2013-01-16
| |
* | Merge branch 'ntor-resquashed'Nick Mathewson2013-01-03
|\ \ | | | | | | | | | | | | | | | | | | Conflicts: src/or/cpuworker.c src/or/or.h src/test/bench.c
| * | Refactor strong os-RNG into its own functionNick Mathewson2013-01-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, we only used the strong OS entropy source as part of seeding OpenSSL's RNG. But with curve25519, we'll have occasion to want to generate some keys using extremely-good entopy, as well as the means to do so. So let's! This patch refactors the OS-entropy wrapper into its own crypto_strongest_rand() function, and makes our new curve25519_secret_key_generate function try it as appropriate.
| * | Implement HKDF from RFC5869Nick Mathewson2012-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a customizable extract-and-expand HMAC-KDF for deriving keys. It derives from RFC5869, which derives its rationale from Krawczyk, H., "Cryptographic Extraction and Key Derivation: The HKDF Scheme", Proceedings of CRYPTO 2010, 2010, <http://eprint.iacr.org/2010/264>. I'm also renaming the existing KDF, now that Tor has two of them. This is the key derivation scheme specified in ntor. There are also unit tests.
| * | Add a crypto_dh_dup, for benchmark supportNick Mathewson2012-12-06
| |/
* / Fix a couple of harmless clang3.2 warningsSebastian Hahn2012-12-31
|/
* Refer to RFC 4648 instead of the obsolete RFC 3548Nick Mathewson2012-11-23
| | | | Affects comments only. For ticket 6849.
* Merge remote-tracking branch 'origin/maint-0.2.3'Nick Mathewson2012-11-08
|\ | | | | | | | | | | Conflicts: src/common/crypto.c src/or/rendservice.c