summaryrefslogtreecommitdiff
path: root/src/common/crypto.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2014-02-12 11:46:58 -0500
committerNick Mathewson <nickm@torproject.org>2014-02-12 12:12:58 -0500
commitc1e98c8afe2973286f9bef28e760cbf95a2738fd (patch)
tree11cc4f29d43fc020204cde717733cc4bc1b791c8 /src/common/crypto.c
parentd3fb846d8c98c13d349762682e714e8312f20270 (diff)
downloadtor-c1e98c8afe2973286f9bef28e760cbf95a2738fd.tar.gz
tor-c1e98c8afe2973286f9bef28e760cbf95a2738fd.zip
Randomize the global siphash key at startup
This completes our conversion to using siphash for our hash functions.
Diffstat (limited to 'src/common/crypto.c')
-rw-r--r--src/common/crypto.c22
1 files changed, 19 insertions, 3 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 13095ad79d..49dc55a3e3 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -260,8 +260,23 @@ crypto_force_rand_ssleay(void)
return 0;
}
-/** Initialize the parts of the crypto library that don't depend on
- * settings or options. Return 0 on success, -1 on failure.
+/** Set up the siphash key if we haven't already done so. */
+int
+crypto_init_siphash_key(void)
+{
+ static int have_seeded_siphash = 0;
+ struct sipkey key;
+ if (have_seeded_siphash)
+ return 0;
+
+ if (crypto_rand((char*) &key, sizeof(key)) < 0)
+ return -1;
+ siphash_set_global_key(&key);
+ have_seeded_siphash = 1;
+ return 0;
+}
+
+/** Initialize the crypto library. Return 0 on success, -1 on failure.
*/
int
crypto_early_init(void)
@@ -295,6 +310,8 @@ crypto_early_init(void)
if (crypto_seed_rng(1) < 0)
return -1;
+ if (crypto_init_siphash_key() < 0)
+ return -1;
}
return 0;
}
@@ -379,7 +396,6 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir)
evaluate_evp_for_aes(-1);
evaluate_ctr_for_aes();
-
}
return 0;
}