diff options
| author | Nick Mathewson <nickm@torproject.org> | 2004-04-28 20:31:32 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2004-04-28 20:31:32 +0000 |
| commit | ddb15b8f679c0c6b095a734947fe3ae668607887 (patch) | |
| tree | c60355dee5276253aff49bf5adf782e4fcba79ed | |
| parent | 5d1510883ea583b12b1d66156c31f03700c79245 (diff) | |
| download | tor-ddb15b8f679c0c6b095a734947fe3ae668607887.tar.gz tor-ddb15b8f679c0c6b095a734947fe3ae668607887.zip | |
Remove IVs from cipher code, since AES-ctr has none.
svn:r1742
| -rw-r--r-- | src/common/crypto.c | 26 | ||||
| -rw-r--r-- | src/common/crypto.h | 6 | ||||
| -rw-r--r-- | src/common/util.h | 2 | ||||
| -rw-r--r-- | src/or/circuit.c | 7 | ||||
| -rw-r--r-- | src/or/test.c | 4 |
5 files changed, 6 insertions, 39 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index cc88f9686a..99d6d79367 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -78,7 +78,6 @@ struct crypto_pk_env_t struct crypto_cipher_env_t { unsigned char key[CIPHER_KEY_LEN]; - unsigned char iv[_ARRAYSIZE(CIPHER_IV_LEN)]; aes_cnt_cipher_t *cipher; }; @@ -214,13 +213,12 @@ void crypto_free_pk_env(crypto_pk_env_t *env) free(env); } - /* Create a new crypto_cipher_env_t for a given onion cipher type, key, * iv, and encryption flag (1=encrypt, 0=decrypt). Return the crypto object * on success; NULL on failure. */ crypto_cipher_env_t * -crypto_create_init_cipher(const char *key, const char *iv, int encrypt_mode) +crypto_create_init_cipher(const char *key, int encrypt_mode) { int r; crypto_cipher_env_t *crypto = NULL; @@ -235,11 +233,6 @@ crypto_create_init_cipher(const char *key, const char *iv, int encrypt_mode) goto error; } - if (crypto_cipher_set_iv(crypto, iv)) { - crypto_log_errors(LOG_WARN, "setting IV"); - goto error; - } - if (encrypt_mode) r = crypto_cipher_encrypt_init_cipher(crypto); else @@ -653,7 +646,7 @@ int crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env, log_fn(LOG_WARN, "No room for a symmetric key"); return -1; } - cipher = crypto_create_init_cipher(buf, NULL, 0); + cipher = crypto_create_init_cipher(buf, 0); if (!cipher) { return -1; } @@ -800,21 +793,6 @@ int crypto_cipher_generate_key(crypto_cipher_env_t *env) return crypto_rand(CIPHER_KEY_LEN, env->key); } -int crypto_cipher_set_iv(crypto_cipher_env_t *env, const unsigned char *iv) -{ - tor_assert(env && (CIPHER_IV_LEN==0 || iv)); - - if (!CIPHER_IV_LEN) - return 0; - - if (!env->iv) - return -1; - - memcpy(env->iv, iv, CIPHER_IV_LEN); - - return 0; -} - int crypto_cipher_set_key(crypto_cipher_env_t *env, const unsigned char *key) { tor_assert(env && key); diff --git a/src/common/crypto.h b/src/common/crypto.h index fd4c2d1a14..510954a852 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -9,7 +9,6 @@ #define DIGEST_LEN 20 #define CIPHER_KEY_LEN 16 -#define CIPHER_IV_LEN 0 #define PK_BITS 1024 #define PK_BYTES (PK_BITS/8) #define DH_BITS 1024 @@ -90,7 +89,6 @@ void crypto_dh_free(crypto_dh_env_t *dh); /* symmetric crypto */ int crypto_cipher_generate_key(crypto_cipher_env_t *env); -int crypto_cipher_set_iv(crypto_cipher_env_t *env, const unsigned char *iv); int crypto_cipher_set_key(crypto_cipher_env_t *env, const unsigned char *key); int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env); int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env); @@ -103,8 +101,8 @@ int crypto_cipher_decrypt(crypto_cipher_env_t *env, const unsigned char *from, u int crypto_cipher_rewind(crypto_cipher_env_t *env, long delta); int crypto_cipher_advance(crypto_cipher_env_t *env, long delta); -/* convenience function: wraps crypto_create_crypto_env, set_key, set_iv, and init. */ -crypto_cipher_env_t *crypto_create_init_cipher(const char *key, const char *iv, int encrypt_mode); +/* convenience function: wraps crypto_create_crypto_env, set_key, and init. */ +crypto_cipher_env_t *crypto_create_init_cipher(const char *key, int encrypt_mode); /* SHA-1 */ int crypto_digest(const unsigned char *m, int len, unsigned char *digest); diff --git a/src/common/util.h b/src/common/util.h index 742ca9f37b..aedc9ae60b 100644 --- a/src/common/util.h +++ b/src/common/util.h @@ -36,14 +36,12 @@ #define strncasecmp strnicmp #define strcasecmp stricmp #define INLINE __inline -#define _ARRAYSIZE(x) (((x)==0)?1:(x)) /* Windows compilers before VC7 don't have __FUNCTION__. */ #if _MSC_VER < 1300 #define __FUNCTION__ "???" #endif #else #define INLINE inline -#define _ARRAYSIZE(x) (x) #endif #ifdef NDEBUG diff --git a/src/or/circuit.c b/src/or/circuit.c index 4298922f01..b97ea14eba 100644 --- a/src/or/circuit.c +++ b/src/or/circuit.c @@ -1627,7 +1627,6 @@ int circuit_extend(cell_t *cell, circuit_t *circ) { */ int circuit_init_cpath_crypto(crypt_path_t *cpath, char *key_data, int reverse) { - unsigned char iv[_ARRAYSIZE(CIPHER_IV_LEN)]; crypto_digest_env_t *tmp_digest; crypto_cipher_env_t *tmp_crypto; @@ -1635,8 +1634,6 @@ int circuit_init_cpath_crypto(crypt_path_t *cpath, char *key_data, int reverse) tor_assert(!(cpath->f_crypto || cpath->b_crypto || cpath->f_digest || cpath->b_digest)); - memset(iv, 0, CIPHER_IV_LEN); - log_fn(LOG_DEBUG,"hop init digest forward 0x%.8x, backward 0x%.8x.", (unsigned int)*(uint32_t*)key_data, (unsigned int)*(uint32_t*)(key_data+20)); cpath->f_digest = crypto_new_digest_env(); @@ -1647,12 +1644,12 @@ int circuit_init_cpath_crypto(crypt_path_t *cpath, char *key_data, int reverse) log_fn(LOG_DEBUG,"hop init cipher forward 0x%.8x, backward 0x%.8x.", (unsigned int)*(uint32_t*)(key_data+40), (unsigned int)*(uint32_t*)(key_data+40+16)); if (!(cpath->f_crypto = - crypto_create_init_cipher(key_data+(2*DIGEST_LEN),iv,1))) { + crypto_create_init_cipher(key_data+(2*DIGEST_LEN),1))) { log(LOG_WARN,"forward cipher initialization failed."); return -1; } if (!(cpath->b_crypto = - crypto_create_init_cipher(key_data+(2*DIGEST_LEN)+CIPHER_KEY_LEN,iv,0))) { + crypto_create_init_cipher(key_data+(2*DIGEST_LEN)+CIPHER_KEY_LEN,0))) { log(LOG_WARN,"backward cipher initialization failed."); return -1; } diff --git a/src/or/test.c b/src/or/test.c index 48e4a4f9ae..536511949d 100644 --- a/src/or/test.c +++ b/src/or/test.c @@ -260,7 +260,6 @@ test_crypto() env1 = crypto_new_cipher_env(CRYPTO_CIPHER_IDENTITY); test_neq(env1, 0); test_eq(crypto_cipher_generate_key(env1), 0); - test_eq(crypto_cipher_set_iv(env1, ""), 0); test_eq(crypto_cipher_encrypt_init_cipher(env1), 0); for(i = 0; i < 1024; ++i) { data1[i] = (char) i*73; @@ -283,8 +282,6 @@ test_crypto() test_neq(env2, 0); j = crypto_cipher_generate_key(env1); crypto_cipher_set_key(env2, crypto_cipher_get_key(env1)); - crypto_cipher_set_iv(env1, "12345678901234567890"); - crypto_cipher_set_iv(env2, "12345678901234567890"); crypto_cipher_encrypt_init_cipher(env1); crypto_cipher_decrypt_init_cipher(env2); @@ -318,7 +315,6 @@ test_crypto() env2 = crypto_new_cipher_env(); test_neq(env2, 0); crypto_cipher_set_key(env2, crypto_cipher_get_key(env1)); - crypto_cipher_set_iv(env2, "12345678901234567890"); crypto_cipher_encrypt_init_cipher(env2); for (j = 0; j < 1024-16; j += 17) { crypto_cipher_encrypt(env2, data1+j, 17, data3+j); |