summaryrefslogtreecommitdiff
path: root/src/common/crypto.c
diff options
context:
space:
mode:
authorGeorge Kadianakis <desnacked@gmail.com>2011-11-25 01:00:58 +0100
committerGeorge Kadianakis <desnacked@gmail.com>2011-11-25 01:00:58 +0100
commit7c37a664c17f4dd9748f096ea385c3627cc323fa (patch)
tree8b9b82ce7c746f874eb913f88319e36fdbae2b29 /src/common/crypto.c
parent782c907c7cbd3bf2bb75680f5d3deb2d984052de (diff)
downloadtor-7c37a664c17f4dd9748f096ea385c3627cc323fa.tar.gz
tor-7c37a664c17f4dd9748f096ea385c3627cc323fa.zip
Rename 'dynamic prime' to 'dynamic DH modulus'.
Diffstat (limited to 'src/common/crypto.c')
-rw-r--r--src/common/crypto.c80
1 files changed, 40 insertions, 40 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 4e96fed90a..0f828db81f 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1818,15 +1818,15 @@ static BIGNUM *dh_param_g = NULL;
/** Generate and return a reasonable and safe DH parameter p. */
static BIGNUM *
-crypto_generate_dynamic_prime(void)
+crypto_generate_dynamic_dh_modulus(void)
{
- BIGNUM *dynamic_prime;
+ BIGNUM *dynamic_dh_modulus;
DH *dh_parameters;
int r, dh_codes;
char *s;
- dynamic_prime = BN_new();
- tor_assert(dynamic_prime);
+ dynamic_dh_modulus = BN_new();
+ tor_assert(dynamic_dh_modulus);
dh_parameters = DH_generate_parameters(DH_BYTES*8, DH_GENERATOR, NULL, NULL);
tor_assert(dh_parameters);
@@ -1834,24 +1834,24 @@ crypto_generate_dynamic_prime(void)
r = DH_check(dh_parameters, &dh_codes);
tor_assert(r && !dh_codes);
- BN_copy(dynamic_prime, dh_parameters->p);
- tor_assert(dynamic_prime);
+ BN_copy(dynamic_dh_modulus, dh_parameters->p);
+ tor_assert(dynamic_dh_modulus);
DH_free(dh_parameters);
- { /* log the dynamic prime: */
- s = BN_bn2hex(dynamic_prime);
+ { /* log the dynamic DH modulus: */
+ s = BN_bn2hex(dynamic_dh_modulus);
tor_assert(s);
- log_info(LD_OR, "Dynamic prime generated: [%s]", s);
+ log_info(LD_OR, "Dynamic DH modulus generated: [%s]", s);
OPENSSL_free(s);
}
- return dynamic_prime;
+ return dynamic_dh_modulus;
}
-/** Store our dynamic prime to <b>fname</b> for future use. */
+/** Store our dynamic DH modulus to <b>fname</b> for future use. */
int
-crypto_store_dynamic_prime(const char *fname)
+crypto_store_dynamic_dh_modulus(const char *fname)
{
FILE *fp = NULL;
int retval = -1;
@@ -1862,23 +1862,23 @@ crypto_store_dynamic_prime(const char *fname)
fname_status = file_status(fname);
if (fname_status == FN_FILE) {
- /* If the fname is a file, then the dynamic prime is already stored. */
+ /* If the fname is a file, then the dynamic DH modulus is already stored. */
retval = 0;
goto done;
} else if (fname_status != FN_NOENT) {
- log_info(LD_GENERAL, "Dynamic prime filename is occupied.");
+ log_info(LD_GENERAL, "Dynamic DH modulus filename is occupied.");
goto done;
}
tor_assert(fname_status == FN_NOENT);
if (!(fp = fopen(fname, "w"))) {
- log_notice(LD_GENERAL, "Error while creating dynamic prime file.");
+ log_notice(LD_GENERAL, "Error while creating dynamic DH modulus file.");
goto done;
}
if (BN_print_fp(fp, dh_param_p_tls) == 0) {
- log_warn(LD_GENERAL, "Error while printing dynamic prime to file.");
+ log_warn(LD_GENERAL, "Error while printing dynamic DH modulus to file.");
goto done;
}
@@ -1891,29 +1891,29 @@ crypto_store_dynamic_prime(const char *fname)
return retval;
}
-/** Return the dynamic prime stored in <b>fname</b>. If there is no
- dynamic prime stored in <b>fname</b>, return NULL. */
+/** Return the dynamic DH modulus stored in <b>fname</b>. If there is no
+ dynamic DH modulus stored in <b>fname</b>, return NULL. */
static BIGNUM *
-crypto_get_stored_dynamic_prime(const char *fname)
+crypto_get_stored_dynamic_dh_modulus(const char *fname)
{
int retval;
char *contents = NULL;
DH *dh = NULL;
int dh_codes;
- BIGNUM *dynamic_prime = BN_new();
+ BIGNUM *dynamic_dh_modulus = BN_new();
tor_assert(fname);
- if (!dynamic_prime)
+ if (!dynamic_dh_modulus)
goto err;
contents = read_file_to_str(fname, RFTS_IGNORE_MISSING, NULL);
if (!contents)
goto err;
- retval = BN_hex2bn(&dynamic_prime, contents);
+ retval = BN_hex2bn(&dynamic_dh_modulus, contents);
if (!retval) {
- log_warn(LD_GENERAL, "Could not understand the dynamic prime "
+ log_warn(LD_GENERAL, "Could not understand the dynamic DH modulus "
"format in '%s'", fname);
goto err;
}
@@ -1923,7 +1923,7 @@ crypto_get_stored_dynamic_prime(const char *fname)
if (!dh)
goto err;
- dh->p = BN_dup(dynamic_prime);
+ dh->p = BN_dup(dynamic_dh_modulus);
dh->g = BN_new();
BN_set_word(dh->g, DH_GENERATOR);
@@ -1942,19 +1942,19 @@ crypto_get_stored_dynamic_prime(const char *fname)
}
- { /* log the dynamic prime: */
- char *s = BN_bn2hex(dynamic_prime);
+ { /* log the dynamic DH modulus: */
+ char *s = BN_bn2hex(dynamic_dh_modulus);
tor_assert(s);
- log_info(LD_OR, "Found stored dynamic prime: [%s]", s);
+ log_info(LD_OR, "Found stored dynamic DH modulus: [%s]", s);
OPENSSL_free(s);
}
goto done;
err:
- if (dynamic_prime) {
- BN_free(dynamic_prime);
- dynamic_prime = NULL;
+ if (dynamic_dh_modulus) {
+ BN_free(dynamic_dh_modulus);
+ dynamic_dh_modulus = NULL;
}
done:
@@ -1962,18 +1962,18 @@ crypto_get_stored_dynamic_prime(const char *fname)
if (dh)
DH_free(dh);
- return dynamic_prime;
+ return dynamic_dh_modulus;
}
/** Set the global TLS Diffie-Hellman modulus.
- * If <b>dynamic_prime_fname</b> is set, try to read a dynamic prime
+ * If <b>dynamic_dh_modulus_fname</b> is set, try to read a dynamic DH modulus
* off it and use it as the DH modulus. If that's not possible,
- * generate a new dynamic prime.
- * If <b>dynamic_prime_fname</b> is NULL, use the Apache mod_ssl DH
+ * generate a new dynamic DH modulus.
+ * If <b>dynamic_dh_modulus_fname</b> is NULL, use the Apache mod_ssl DH
* modulus. */
void
-crypto_set_tls_dh_prime(const char *dynamic_prime_fname)
+crypto_set_tls_dh_prime(const char *dynamic_dh_modulus_fname)
{
BIGNUM *tls_prime = NULL;
int r;
@@ -1984,14 +1984,14 @@ crypto_set_tls_dh_prime(const char *dynamic_prime_fname)
dh_param_p_tls = NULL;
}
- if (dynamic_prime_fname) { /* use dynamic primes: */
- log_info(LD_OR, "Using stored dynamic prime.");
- tls_prime = crypto_get_stored_dynamic_prime(dynamic_prime_fname);
+ if (dynamic_dh_modulus_fname) { /* use dynamic DH moduluss: */
+ log_info(LD_OR, "Using stored dynamic DH modulus.");
+ tls_prime = crypto_get_stored_dynamic_dh_modulus(dynamic_dh_modulus_fname);
if (!tls_prime) {
- log_notice(LD_OR, "Generating fresh dynamic prime. "
+ log_notice(LD_OR, "Generating fresh dynamic DH modulus. "
"This might take a while...");
- tls_prime = crypto_generate_dynamic_prime();
+ tls_prime = crypto_generate_dynamic_dh_modulus();
}
} else { /* use the static DH prime modulus used by Apache in mod_ssl: */
tls_prime = BN_new();