diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-03-20 15:35:43 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-03-27 22:37:56 -0400 |
| commit | de0dca0de76d9d50aeb5955fe3f435c6c190f8d7 (patch) | |
| tree | 8d7005e768bc04ac1695b72cf3970d552570016f /src/or/routerparse.c | |
| parent | 00b4784575c88d5de15886b440096c1e2b9fb080 (diff) | |
| download | tor-de0dca0de76d9d50aeb5955fe3f435c6c190f8d7.tar.gz tor-de0dca0de76d9d50aeb5955fe3f435c6c190f8d7.zip | |
Refactor the API for setting up a block cipher.
It allows us more flexibility on the backend if the user needs to
specify the key and IV at setup time.
Diffstat (limited to 'src/or/routerparse.c')
| -rw-r--r-- | src/or/routerparse.c | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 95cef93521..0aae0aa949 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -4887,7 +4887,7 @@ rend_decrypt_introduction_points(char **ipos_decrypted, if (tor_memeq(ipos_encrypted + pos, client_id, REND_BASIC_AUTH_CLIENT_ID_LEN)) { /* Attempt to decrypt introduction points. */ - cipher = crypto_create_init_cipher(descriptor_cookie, 0); + cipher = crypto_cipher_new(descriptor_cookie); if (crypto_cipher_decrypt(cipher, session_key, ipos_encrypted + pos + REND_BASIC_AUTH_CLIENT_ID_LEN, CIPHER_KEY_LEN) < 0) { @@ -4896,13 +4896,13 @@ rend_decrypt_introduction_points(char **ipos_decrypted, return -1; } crypto_cipher_free(cipher); - cipher = crypto_create_init_cipher(session_key, 0); + len = ipos_encrypted_size - 2 - client_entries_len - CIPHER_IV_LEN; dec = tor_malloc(len); - declen = crypto_cipher_decrypt_with_iv(cipher, dec, len, + declen = crypto_cipher_decrypt_with_iv(session_key, dec, len, ipos_encrypted + 2 + client_entries_len, ipos_encrypted_size - 2 - client_entries_len); - crypto_cipher_free(cipher); + if (declen < 0) { log_warn(LD_REND, "Could not decrypt introduction point string."); tor_free(dec); @@ -4923,7 +4923,6 @@ rend_decrypt_introduction_points(char **ipos_decrypted, "check your authorization for this service!"); return -1; } else if (ipos_encrypted[0] == (int)REND_STEALTH_AUTH) { - crypto_cipher_t *cipher; char *dec; int declen; if (ipos_encrypted_size < CIPHER_IV_LEN + 2) { @@ -4932,13 +4931,13 @@ rend_decrypt_introduction_points(char **ipos_decrypted, return -1; } dec = tor_malloc_zero(ipos_encrypted_size - CIPHER_IV_LEN - 1); - cipher = crypto_create_init_cipher(descriptor_cookie, 0); - declen = crypto_cipher_decrypt_with_iv(cipher, dec, + + declen = crypto_cipher_decrypt_with_iv(descriptor_cookie, dec, ipos_encrypted_size - CIPHER_IV_LEN - 1, ipos_encrypted + 1, ipos_encrypted_size - 1); - crypto_cipher_free(cipher); + if (declen < 0) { log_warn(LD_REND, "Decrypting introduction points failed!"); tor_free(dec); |