summaryrefslogtreecommitdiff
path: root/src/lib/crypt_ops
AgeCommit message (Collapse)Author
2019-10-28add missing docs in crypto_digest*Nick Mathewson
2019-10-22Re-run make autostyle.Nick Mathewson
2019-10-22Merge branch 'ticket31705_v2' into ticket31705_v2_mergedNick Mathewson
Conflicts: src/feature/dirparse/authcert_parse.c src/feature/dirparse/ns_parse.c src/feature/hs/hs_service.c src/lib/conf/conftesting.h src/lib/log/log.h src/lib/thread/threads.h src/test/test_options.c These conflicts were mostly related to autostyle improvements, with one or two due to doxygen fixes.
2019-10-22Apparently coccinelle can't handle multiline #errors.Nick Mathewson
2019-10-16Doxygen: fix warnings about mismatched HTML tags.Nick Mathewson
2019-10-16Doxygen: Fix mismatched filenames.Nick Mathewson
In 8 places, our \file declarations didn't match the actual files they were in.
2019-09-30Re-run "make autostyle" with improved annotate_ifdef_directivesNick Mathewson
2019-09-30Merge branch 'tor-github/pr/1346'George Kadianakis
2019-09-26Run "make autostyle" with new "annotate_ifdef_directives"Nick Mathewson
2019-09-26lock: Avoid some undefined behaviour when freeing mutexes.teor
Fixes bug 31736; bugfix on 0.0.7.
2019-06-11Merge branch 'tor-github/pr/1050' into maint-0.4.1David Goulet
2019-06-11Give a more useful failure messgae when we fail to minherit().Nick Mathewson
Part of ticket 30686.
2019-06-05Run "make autostyle."Nick Mathewson
2019-05-07Merge branch 'tor-github/pr/994'David Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-05-02Add comments to include.am files to note where new sources goNick Mathewson
This mechanism isn't perfect, and sometimes it will guess wrong, but it will help our automation.
2019-04-30Replace all remaining tor_mem_is_zero() with fast_mem_is_zero()Nick Mathewson
2019-04-30Use safe_mem_is_zero in a few more places.Nick Mathewson
I don't believe any of these represent a real timing vulnerability (remote timing against memcmp() on a modern CPU is not easy), but these are the ones where I believe we should be more careful.
2019-04-30Merge branch 'tor-github/pr/909'David Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-04-30Add improved debugging support to crypto_rand_fast code.Nick Mathewson
2019-04-30Extract add-entropy code from crypto_fast_rng to a new functionNick Mathewson
2019-04-24Merge branch 'tor-github/pr/951'David Goulet
2019-04-17Do not warn about compatible OpenSSL upgradesBernhard M. Wiedemann
When releasing OpenSSL patch-level maintenance updates, we do not want to rebuild binaries using it. And since they guarantee ABI stability, we do not have to. Without this patch, warning messages were produced that confused users: https://bugzilla.opensuse.org/show_bug.cgi?id=1129411 Fixes bug 30190; bugfix on 0.2.4.2-alpha commit 7607ad2bec Signed-off-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
2019-04-12Merge branch 'tor-github/pr/908'George Kadianakis
2019-04-12crypt_ops: Stop using a separate buffer in ed25519_signature_from_base64()teor
Part of 29960.
2019-04-05Merge branch 'tor-github/pr/761'George Kadianakis
2019-04-05crypto_format: Stop adding padding in ed25519_signature_from_base64()teor
base64_decode() does not require padding. Part of 29660.
2019-04-05crypto_format: Remove the return value from ed25519_signature_to_base64()teor
Also remove all checks for the return value, which were redundant anyway, because the function never failed. Part of 29660.
2019-04-05crypto_format: Remove the return value from curve25519_public_to_base64()teor
And fix the documentation on the function: it does produce trailing "="s as padding. Also remove all checks for the return value, which were redundant anyway, because the function never failed. Part of 29660.
2019-04-05crypto_format: Remove the return values from digest256_to_base64()teor
... and ed25519_public_to_base64(). Also remove all checks for the return values, which were redundant anyway, because the functions never failed. Part of 29960.
2019-04-05crypto_format: Remove unused return value from digest_to_base64()teor
Part of 29660.
2019-04-05crypto_format: Remove outdated commentsteor
(These functions look pretty unified to me.) Part of 29660.
2019-04-04Merge remote-tracking branch 'tor-github/pr/752'Nick Mathewson
2019-04-04rename inherit values to avoid conflict with system definesNick Mathewson
2019-04-04fast_rng: if noinherit has failed, then check getpid() for bad forksNick Mathewson
getpid() can be really expensive sometimes, and it can fail to detect some kind of fork+prng mistakes, so we need to avoid it if it's safe to do so. This patch might slow down fast_prng a lot on any old operating system that lacks a way to prevent ram from being inherited, AND requires a syscall for any getpid() calls. But it should make sure that we either crash or continue safely on incorrect fork+prng usage elsewhere in the future.
2019-04-04Make map_anon expose the result of a noinherit attemptNick Mathewson
Previously we did this for tests only, but it's valuable for getting proper fork behavior in rand_fast.
2019-04-04Drop thread-local fast_rng on fork.Nick Mathewson
This will cause the child process to construct a new one in a nice safe way. Closes ticket 29668; bug not in any released Tor.
2019-03-22circpad/prob_distr: Use crypto_fast_rng() instead of the old RNG.George Kadianakis
2019-03-02Split crypto_digest.crl1987
* Move out code that depends on NSS to crypto_digest_nss.c * Move out code that depends on OpenSSL to crypto_digest_openssl.c * Keep the general code that is not specific to any of the above in crypto_digest.c
2019-03-01Merge branch 'tor-github/pr/718'David Goulet
2019-03-01Document crypto_fast_rng_one_in_n.Nick Mathewson
2019-02-26Merge branch 'tor-github/pr/655'David Goulet
2019-02-20Add a convenience macro to get a fast one-in-n calculationNick Mathewson
2019-02-19Implement code to manage a per-thread instance of crypto_fast_rng()Nick Mathewson
The subsystems API makes this really simple, fortunately. Closes ticket 29536
2019-02-14Merge branch 'tor-github/pr/702'David Goulet
2019-02-14Merge branch 'maint-0.3.5'George Kadianakis
2019-02-14Implement a fast aes-ctr prngNick Mathewson
This module is currently implemented to use the same technique as libottery (later used by the bsds' arc4random replacement), using AES-CTR-256 as its underlying stream cipher. It's backtracking- resistant immediately after each call, and prediction-resistant after a while. Here's how it works: We generate psuedorandom bytes using AES-CTR-256. We generate BUFLEN bytes at a time. When we do this, we keep the first SEED_LEN bytes as the key and the IV for our next invocation of AES_CTR, and yield the remaining BUFLEN - SEED_LEN bytes to the user as they invoke the PRNG. As we yield bytes to the user, we clear them from the buffer. Every RESEED_AFTER times we refill the buffer, we mix in an additional SEED_LEN bytes from our strong PRNG into the seed. If the user ever asks for a huge number of bytes at once, we pull SEED_LEN bytes from the PRNG and use them with our stream cipher to fill the user's request.
2019-02-14Extract the common body of our random-int functions into a macroNick Mathewson
This is the second part of refactoring the random-int-in-range code.
2019-02-08Add more openssl includes to fix no-deprecated compilationNick Mathewson
Closes ticket 29026; patch from Mangix.
2019-02-08Fix compilation when openssl is compiled without engine support.Nick Mathewson
Patch from Mangix. Closes part of ticket 29026.
2019-02-06Extract numeric CSPRNG functions into a new module.Nick Mathewson
Some of the code for getting a random value within a range wants to be shared between crypto_rand() and the new crypto_fast_rng() code.
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion