Merge branch 'dgoulet_ticket19043_030_03_squashed'

author: Nick Mathewson <nickm@torproject.org> 2016-12-14 15:28:28 -0500
committer: Nick Mathewson <nickm@torproject.org> 2016-12-14 15:28:28 -0500
commit: c838d34921f3e86841ff75ca8ad78c95bd1e2996 (patch)
tree: a33bae91caeba95082831ad22c4137777a82a209 /src/common
parent: 963e70673a01f0cdea1e5533b02128a84dfaa0d8 (diff)
parent: a4eb17ed89d4761146280490e838cf850bc81296 (diff)
download: tor-c838d34921f3e86841ff75ca8ad78c95bd1e2996.tar.gz
tor-c838d34921f3e86841ff75ca8ad78c95bd1e2996.zip
4 files changed, 44 insertions, 10 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c
index be42d36af6..60d77fcfaa 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -2123,6 +2123,35 @@ crypto_hmac_sha256(char *hmac_out,
   tor_assert(rv);
 }
 
+/** Compute a MAC using SHA3-256 of <b>msg_len</b> bytes in <b>msg</b> using a
+ * <b>key</b> of length <b>key_len</b> and a <b>salt</b> of length
+ * <b>salt_len</b>. Store the result of <b>len_out</b> bytes in in
+ * <b>mac_out</b>. This function can't fail. */
+void
+crypto_mac_sha3_256(uint8_t *mac_out, size_t len_out,
+                    const uint8_t *key, size_t key_len,
+                    const uint8_t *msg, size_t msg_len)
+{
+  crypto_digest_t *digest;
+
+  const uint64_t key_len_netorder = tor_htonll(key_len);
+
+  tor_assert(mac_out);
+  tor_assert(key);
+  tor_assert(msg);
+
+  digest = crypto_digest256_new(DIGEST_SHA3_256);
+
+  /* Order matters here that is any subsystem using this function should
+   * expect this very precise ordering in the MAC construction. */
+  crypto_digest_add_bytes(digest, (const char *) &key_len_netorder,
+                          sizeof(key_len_netorder));
+  crypto_digest_add_bytes(digest, (const char *) key, key_len);
+  crypto_digest_add_bytes(digest, (const char *) msg, msg_len);
+  crypto_digest_get_digest(digest, (char *) mac_out, len_out);
+  crypto_digest_free(digest);
+}
+
 /** Internal state for a eXtendable-Output Function (XOF). */
 struct crypto_xof_t {
   keccak_state s;
diff --git a/src/common/crypto.h b/src/common/crypto.h
index 116e0a62fd..bf2fa06aaa 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -255,6 +255,10 @@ void crypto_digest_assign(crypto_digest_t *into,
 void crypto_hmac_sha256(char *hmac_out,
                         const char *key, size_t key_len,
                         const char *msg, size_t msg_len);
+void crypto_mac_sha3_256(uint8_t *mac_out, size_t len_out,
+                         const uint8_t *key, size_t key_len,
+                         const uint8_t *msg, size_t msg_len);
+
 crypto_xof_t *crypto_xof_new(void);
 void crypto_xof_add_bytes(crypto_xof_t *xof, const uint8_t *data, size_t len);
 void crypto_xof_squeeze_bytes(crypto_xof_t *xof, uint8_t *out, size_t len);
diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c
index b7c8311475..8977e7a325 100644
--- a/src/common/crypto_ed25519.c
+++ b/src/common/crypto_ed25519.c
@@ -275,11 +275,11 @@ ed25519_sign(ed25519_signature_t *signature_out,
  * Like ed25519_sign(), but also prefix <b>msg</b> with <b>prefix_str</b>
  * before signing. <b>prefix_str</b> must be a NUL-terminated string.
  */
-int
-ed25519_sign_prefixed(ed25519_signature_t *signature_out,
-                      const uint8_t *msg, size_t msg_len,
-                      const char *prefix_str,
-                      const ed25519_keypair_t *keypair)
+MOCK_IMPL(int,
+ed25519_sign_prefixed,(ed25519_signature_t *signature_out,
+                       const uint8_t *msg, size_t msg_len,
+                       const char *prefix_str,
+                       const ed25519_keypair_t *keypair))
 {
   int retval;
   size_t prefixed_msg_len;
diff --git a/src/common/crypto_ed25519.h b/src/common/crypto_ed25519.h
index a58b416943..56782cc12e 100644
--- a/src/common/crypto_ed25519.h
+++ b/src/common/crypto_ed25519.h
@@ -55,11 +55,12 @@ int ed25519_checksig(const ed25519_signature_t *signature,
                      const uint8_t *msg, size_t len,
                      const ed25519_public_key_t *pubkey);
 
-int
-ed25519_sign_prefixed(ed25519_signature_t *signature_out,
-                      const uint8_t *msg, size_t len,
-                      const char *prefix_str,
-                      const ed25519_keypair_t *keypair);
+MOCK_DECL(int,
+ed25519_sign_prefixed,(ed25519_signature_t *signature_out,
+                       const uint8_t *msg, size_t len,
+                       const char *prefix_str,
+                       const ed25519_keypair_t *keypair));
+
 int
 ed25519_checksig_prefixed(const ed25519_signature_t *signature,
                           const uint8_t *msg, size_t len,
author	Nick Mathewson <nickm@torproject.org>	2016-12-14 15:28:28 -0500
committer	Nick Mathewson <nickm@torproject.org>	2016-12-14 15:28:28 -0500
commit	c838d34921f3e86841ff75ca8ad78c95bd1e2996 (patch)
tree	a33bae91caeba95082831ad22c4137777a82a209 /src/common
parent	963e70673a01f0cdea1e5533b02128a84dfaa0d8 (diff)
parent	a4eb17ed89d4761146280490e838cf850bc81296 (diff)
download	tor-c838d34921f3e86841ff75ca8ad78c95bd1e2996.tar.gz tor-c838d34921f3e86841ff75ca8ad78c95bd1e2996.zip