Implement two flavors of authentication for control connections: one for trusted FS, one for untrusted FS.

svn:r2664

1 files changed, 41 insertions, 0 deletions

diff --git a/src/common/crypto.c b/src/common/crypto.c
index 2608c22a29..6b5c952be5 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1575,6 +1575,47 @@ base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
   dest[i] = '\0';
 }
 
+/** Implement RFC2440-style iterated-salted S2K conversion: convert the
+ * <b>secret_len</b>-byte <b>secret</b> into a <b>key_out_len</b> byte
+ * <b>key_out</b>.  As in RFC2440, the first 8 bytes of s2k_specifier
+ * are a salt; the 9th byte describes how much iteration to do.
+ * Does not support <b>key_out_len</b> &gt; DIGEST_LEN.
+ */
+void
+secret_to_key(char *key_out, size_t key_out_len, const char *secret,
+              size_t secret_len, const char *s2k_specifier)
+{
+  crypto_digest_env_t *d;
+  uint8_t c;
+  size_t count;
+  char *tmp;
+
+#define EXPBIAS 6
+  c = s2k_specifier[8];
+  count = ((uint32_t)16 + (c & 15)) << ((c >> 4) + EXPBIAS);
+#undef EXPBIAS
+
+  tor_assert(key_out_len <= DIGEST_LEN);
+
+  d = crypto_new_digest_env();
+  tmp = tor_malloc(8+secret_len);
+  memcpy(tmp,s2k_specifier,8);
+  memcpy(tmp+8,secret,secret_len);
+  secret_len += 8;
+  while (count) {
+    if (count >= secret_len) {
+      crypto_digest_add_bytes(d, tmp, secret_len);
+      count -= secret_len;
+    } else {
+      crypto_digest_add_bytes(d, tmp, count);
+      count = 0;
+    }
+  }
+  crypto_digest_get_digest(d, key_out, key_out_len);
+  tor_free(tmp);
+  crypto_free_digest_env(d);
+}
+
 /*
   Local Variables:
   mode:c