diff options
| author | Nick Mathewson <nickm@torproject.org> | 2016-09-16 09:51:51 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-09-16 09:51:51 -0400 |
| commit | 981d0a24b81f27a642946648e49b3cadbd0c28b7 (patch) | |
| tree | 4347cf6b6a2d3e264ffbc905f58902bbfe5e1474 | |
| parent | b08ddb60c9a2bfb133889a399d4e6d01af5a59d9 (diff) | |
| download | tor-981d0a24b81f27a642946648e49b3cadbd0c28b7.tar.gz tor-981d0a24b81f27a642946648e49b3cadbd0c28b7.zip | |
In aes.c, support 192-bit and 256-bit keys.
Also, change the input types for aes_new_cipher to be unsigned,
as they should have been all along.
| -rw-r--r-- | src/common/aes.c | 26 | ||||
| -rw-r--r-- | src/common/aes.h | 3 | ||||
| -rw-r--r-- | src/common/crypto.c | 13 |
3 files changed, 26 insertions, 16 deletions
diff --git a/src/common/aes.c b/src/common/aes.c index 2b8a68c4a2..7131ce199d 100644 --- a/src/common/aes.c +++ b/src/common/aes.c @@ -89,11 +89,17 @@ ENABLE_GCC_WARNING(redundant-decls) /* We don't actually define the struct here. */ aes_cnt_cipher_t * -aes_new_cipher(const char *key, const char *iv) +aes_new_cipher(const uint8_t *key, const uint8_t *iv, int key_bits) { EVP_CIPHER_CTX *cipher = EVP_CIPHER_CTX_new(); - EVP_EncryptInit(cipher, EVP_aes_128_ctr(), - (const unsigned char*)key, (const unsigned char *)iv); + const EVP_CIPHER *c; + switch (key_bits) { + case 128: c = EVP_aes_128_ctr(); break; + case 192: c = EVP_aes_192_ctr(); break; + case 256: c = EVP_aes_256_ctr(); break; + default: tor_assert(0); // LCOV_EXCL_LINE + } + EVP_EncryptInit(cipher, c, key, iv); return (aes_cnt_cipher_t *) cipher; } void @@ -262,11 +268,11 @@ static void aes_set_iv(aes_cnt_cipher_t *cipher, const char *iv); * using the 128-bit key <b>key</b> and the 128-bit IV <b>iv</b>. */ aes_cnt_cipher_t* -aes_new_cipher(const char *key, const char *iv) +aes_new_cipher(const uint8_t *key, const uint8_t *iv, int bits) { aes_cnt_cipher_t* result = tor_malloc_zero(sizeof(aes_cnt_cipher_t)); - aes_set_key(result, key, 128); + aes_set_key(result, key, bits); aes_set_iv(result, iv); return result; @@ -277,7 +283,7 @@ aes_new_cipher(const char *key, const char *iv) * the counter to 0. */ static void -aes_set_key(aes_cnt_cipher_t *cipher, const char *key, int key_bits) +aes_set_key(aes_cnt_cipher_t *cipher, const uint8_t *key, int key_bits) { if (should_use_EVP) { const EVP_CIPHER *c = 0; @@ -287,10 +293,10 @@ aes_set_key(aes_cnt_cipher_t *cipher, const char *key, int key_bits) case 256: c = EVP_aes_256_ecb(); break; default: tor_assert(0); // LCOV_EXCL_LINE } - EVP_EncryptInit(&cipher->key.evp, c, (const unsigned char*)key, NULL); + EVP_EncryptInit(&cipher->key.evp, c, key, NULL); cipher->using_evp = 1; } else { - AES_set_encrypt_key((const unsigned char *)key, key_bits,&cipher->key.aes); + AES_set_encrypt_key(key, key_bits,&cipher->key.aes); cipher->using_evp = 0; } @@ -348,6 +354,8 @@ evp_block128_fn(const uint8_t in[16], void aes_crypt_inplace(aes_cnt_cipher_t *cipher, char *data, size_t len) { + /* Note that the "128" below refers to the length of the counter, + * not the length of the AES key. */ if (cipher->using_evp) { /* In openssl 1.0.0, there's an if'd out EVP_aes_128_ctr in evp.h. If * it weren't disabled, it might be better just to use that. @@ -374,7 +382,7 @@ aes_crypt_inplace(aes_cnt_cipher_t *cipher, char *data, size_t len) /** Reset the 128-bit counter of <b>cipher</b> to the 16-bit big-endian value * in <b>iv</b>. */ static void -aes_set_iv(aes_cnt_cipher_t *cipher, const char *iv) +aes_set_iv(aes_cnt_cipher_t *cipher, const uint8_t *iv) { #ifdef USING_COUNTER_VARS cipher->counter3 = ntohl(get_uint32(iv)); diff --git a/src/common/aes.h b/src/common/aes.h index 821fb742be..1cda53f2fa 100644 --- a/src/common/aes.h +++ b/src/common/aes.h @@ -15,7 +15,8 @@ typedef struct aes_cnt_cipher aes_cnt_cipher_t; -aes_cnt_cipher_t* aes_new_cipher(const char *key, const char *iv); +aes_cnt_cipher_t* aes_new_cipher(const uint8_t *key, const uint8_t *iv, + int key_bits); void aes_cipher_free(aes_cnt_cipher_t *cipher); void aes_crypt_inplace(aes_cnt_cipher_t *cipher, char *data, size_t len); diff --git a/src/common/crypto.c b/src/common/crypto.c index bf682ff330..7be43d7e59 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -69,6 +69,7 @@ ENABLE_GCC_WARNING(redundant-decls) #endif #include "torlog.h" +#include "torint.h" #include "aes.h" #include "util.h" #include "container.h" @@ -122,8 +123,8 @@ struct crypto_pk_t /** Key and stream information for a stream cipher. */ struct crypto_cipher_t { - char key[CIPHER_KEY_LEN]; /**< The raw key. */ - char iv[CIPHER_IV_LEN]; /**< The initial IV. */ + uint8_t key[CIPHER_KEY_LEN]; /**< The raw key. */ + uint8_t iv[CIPHER_IV_LEN]; /**< The initial IV. */ aes_cnt_cipher_t *cipher; /**< The key in format usable for counter-mode AES * encryption */ }; @@ -561,15 +562,15 @@ crypto_cipher_new_with_iv(const char *key, const char *iv) env = tor_malloc_zero(sizeof(crypto_cipher_t)); if (key == NULL) - crypto_rand(env->key, CIPHER_KEY_LEN); + crypto_rand((char*)env->key, CIPHER_KEY_LEN); else memcpy(env->key, key, CIPHER_KEY_LEN); if (iv == NULL) - crypto_rand(env->iv, CIPHER_IV_LEN); + crypto_rand((char*)env->iv, CIPHER_IV_LEN); else memcpy(env->iv, iv, CIPHER_IV_LEN); - env->cipher = aes_new_cipher(env->key, env->iv); + env->cipher = aes_new_cipher(env->key, env->iv, 128); return env; } @@ -1587,7 +1588,7 @@ crypto_pk_base64_decode(const char *str, size_t len) const char * crypto_cipher_get_key(crypto_cipher_t *env) { - return env->key; + return (const char *)env->key; } /** Encrypt <b>fromlen</b> bytes from <b>from</b> using the cipher |