diff options
| -rw-r--r-- | src/common/crypto.c | 6 | ||||
| -rw-r--r-- | src/common/crypto.h | 2 | ||||
| -rw-r--r-- | src/or/onion.c | 2 | ||||
| -rw-r--r-- | src/or/rendclient.c | 2 | ||||
| -rw-r--r-- | src/or/test.c | 2 |
5 files changed, 8 insertions, 6 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index ebbb5b28c2..c6f5b55205 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -534,11 +534,13 @@ int crypto_pk_private_sign_digest(crypto_pk_env_t *env, const unsigned char *fro * The beginning of the source data prefixed with a 16-symmetric key, * padded and encrypted with the public key; followed by the rest of * the source data encrypted in AES-CTR mode with the symmetric key. + * + * DOCDOC force. */ int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to, - int padding) + int padding, int force) { int overhead, pkeylen, outlen, r, symlen; crypto_cipher_env_t *cipher = NULL; @@ -552,7 +554,7 @@ int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env, if (padding == PK_NO_PADDING && fromlen < pkeylen) return -1; - if (fromlen+overhead <= pkeylen) { + if (!force && fromlen+overhead <= pkeylen) { /* It all fits in a single encrypt. */ return crypto_pk_public_encrypt(env,from,fromlen,to,padding); } diff --git a/src/common/crypto.h b/src/common/crypto.h index 94a18abf2e..d9da82a05f 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -64,7 +64,7 @@ int crypto_pk_public_checksig(crypto_pk_env_t *env, const unsigned char *from, i int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const unsigned char *data, int datalen, const unsigned char *sig, int siglen); int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, - unsigned char *to, int padding); + unsigned char *to, int padding, int force); int crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to,int padding); diff --git a/src/or/onion.c b/src/or/onion.c index 6ff58ee375..0185a47555 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -585,7 +585,7 @@ onion_skin_create(crypto_pk_env_t *dest_router_key, /* set meeting point, meeting cookie, etc here. Leave zero for now. */ if (crypto_pk_public_hybrid_encrypt(dest_router_key, challenge, ONIONSKIN_CHALLENGE_LEN-CIPHER_KEY_LEN, - onion_skin_out, PK_NO_PADDING)<0) + onion_skin_out, PK_NO_PADDING, 1)<0) goto err; tor_free(challenge); diff --git a/src/or/rendclient.c b/src/or/rendclient.c index ec50465791..470f30d77e 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -100,7 +100,7 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc) { r = crypto_pk_public_hybrid_encrypt(parsed->pk, tmp, MAX_NICKNAME_LEN+1+REND_COOKIE_LEN+DH_KEY_LEN, payload+DIGEST_LEN, - PK_PKCS1_OAEP_PADDING); + PK_PKCS1_OAEP_PADDING, 0); if (r<0) { log_fn(LOG_WARN,"hybrid pk encrypt failed."); goto err; diff --git a/src/or/test.c b/src/or/test.c index eb04532774..276636670f 100644 --- a/src/or/test.c +++ b/src/or/test.c @@ -418,7 +418,7 @@ test_crypto() continue; p = (i==0)?PK_NO_PADDING: (i==1)?PK_PKCS1_PADDING:PK_PKCS1_OAEP_PADDING; - len = crypto_pk_public_hybrid_encrypt(pk1,data1,j,data2,p); + len = crypto_pk_public_hybrid_encrypt(pk1,data1,j,data2,p,0); test_assert(len>=0); len = crypto_pk_private_hybrid_decrypt(pk1,data2,len,data3,p); test_eq(len,j); |