diff options
author | Nick Mathewson <nickm@torproject.org> | 2003-11-12 04:12:35 +0000 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2003-11-12 04:12:35 +0000 |
commit | 785f5cdac81c9565c0c584c05da8b69f0e992f44 (patch) | |
tree | b5eb82e10f11a5a9825ee39279e8f76007c9cd56 /src | |
parent | 99a6d48f62c0a0a6367b196634b8dfba6526cccf (diff) | |
download | tor-785f5cdac81c9565c0c584c05da8b69f0e992f44.tar.gz tor-785f5cdac81c9565c0c584c05da8b69f0e992f44.zip |
Make crypto_pseudo_rand* never fail.
svn:r797
Diffstat (limited to 'src')
-rw-r--r-- | src/common/crypto.c | 17 | ||||
-rw-r--r-- | src/common/crypto.h | 5 | ||||
-rw-r--r-- | src/or/connection_edge.c | 7 | ||||
-rw-r--r-- | src/or/onion.c | 11 |
4 files changed, 21 insertions, 19 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index 8da2916dcb..afec91d22d 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -999,10 +999,23 @@ int crypto_rand(unsigned int n, unsigned char *to) return (RAND_bytes(to, n) != 1); } -int crypto_pseudo_rand(unsigned int n, unsigned char *to) +void crypto_pseudo_rand(unsigned int n, unsigned char *to) { assert(to); - return (RAND_pseudo_bytes(to, n) == -1); + if (RAND_pseudo_bytes(to, n) == -1) { + log_fn(LOG_ERR, "RAND_pseudo_bytes failed unexpectedly."); + exit(1); + } +} + +int crypto_pseudo_rand_int(int max) { + unsigned int val; + crypto_pseudo_rand(sizeof(val), (unsigned char*) &val); + /* Bug: Low values are _slightly_ favored over high values because + * ((unsigned)-1)%max != max-1 . This shouldn't matter if max is + * significantly smaller than ((unsigned)-1). + **/ + return val % max; } /* errors */ diff --git a/src/common/crypto.h b/src/common/crypto.h index 31e995d3bd..ab5422d8cd 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -100,9 +100,8 @@ int crypto_SHA_digest(unsigned char *m, int len, unsigned char *digest); /* random numbers */ int crypto_seed_rng(); int crypto_rand(unsigned int n, unsigned char *to); -int crypto_pseudo_rand(unsigned int n, unsigned char *to); - -#define CRYPTO_PSEUDO_RAND_INT(v) crypto_pseudo_rand(sizeof(v),(char*)&(v)) +void crypto_pseudo_rand(unsigned int n, unsigned char *to); +int crypto_pseudo_rand_int(int max); /* errors */ char *crypto_perror(); diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 4f468b2487..2bfe76ffa3 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -608,11 +608,8 @@ static int connection_ap_handshake_send_begin(connection_t *ap_conn, circuit_t * assert(ap_conn->socks_request); assert(ap_conn->socks_request->addr); - if(crypto_pseudo_rand(STREAM_ID_SIZE, ap_conn->stream_id) < 0) { - /* XXX can we just make this call abort if it fails? then this func could be a void. */ - /* FIXME check for collisions */ - return -1; - } + crypto_pseudo_rand(STREAM_ID_SIZE, ap_conn->stream_id); + /* FIXME check for collisions */ memcpy(payload, ap_conn->stream_id, STREAM_ID_SIZE); payload_len = STREAM_ID_SIZE + 1 + diff --git a/src/or/onion.c b/src/or/onion.c index 25e4190961..be11d2d339 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -160,17 +160,13 @@ int onionskin_answer(circuit_t *circ, unsigned char *payload, unsigned char *key /* uses a weighted coin with weight cw to choose a route length */ static int chooselen(double cw) { int len = 2; - uint8_t coin; if ((cw < 0) || (cw >= 1)) /* invalid parameter */ return -1; while(1) { - if (CRYPTO_PSEUDO_RAND_INT(coin)) - return -1; - - if (coin > cw*255) /* don't extend */ + if (crypto_pseudo_rand_int(255) > cw*255) /* don't extend */ break; else len++; @@ -279,10 +275,7 @@ int onion_extend_cpath(crypt_path_t **head_ptr, int path_len, routerinfo_t **rou log_fn(LOG_DEBUG, "Path is %d long; we want %d", cur_len, path_len); again: - if (CRYPTO_PSEUDO_RAND_INT(choice)) { - return -1; - } - choice %= rarray_len; + choice = crypto_pseudo_rand_int(rarray_len); log_fn(LOG_DEBUG,"Contemplating router %s for hop %d", rarray[choice]->nickname, cur_len); for (i = 0, cpath = *head_ptr; i < cur_len; ++i, cpath=cpath->next) { |