| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2018-09-04 | Fix documentation of initialized fields in crypto_init.c | Nick Mathewson | |
| 2018-09-04 | Make some additional RSA functions const | Nick Mathewson | |
| 2018-09-04 | Rename crypto_pk_check_key(), use it more reasonably, add tests | Nick Mathewson | |
| This function was a wrapper around RSA_check_key() in openssl, which checks for invalid RSA private keys (like those where p or q are composite, or where d is not the inverse of e, or where n != p*q). We don't need a function like this in NSS, since unlike OpenSSL, NSS won't let you import a bogus private key. I've renamed the function and changed its return type to make it more reasonable, and added a unit test for trying to read a key where n != p*q. | |||
| 2018-09-04 | Unify functions for reading/writing PEM keys, to avoid duplication. | Nick Mathewson | |
| 2018-09-04 | Do not leave a certificate allocated after testing dirvote_add() | Nick Mathewson | |
| 2018-09-04 | Do not leak a reference to "slot" when decoding private key. | Nick Mathewson | |
| 2018-09-04 | Update prefork and postfork NSS code for unit tests. | Nick Mathewson | |
| 2018-09-04 | Test a few more tortls.c functions | Nick Mathewson | |
| 2018-09-04 | Several unit tests to improve test coverage of x509*.c | Nick Mathewson | |
| 2018-09-04 | Remove tor_x509_get_cert_impl as unneeded. | Nick Mathewson | |
| 2018-09-04 | Avoid double-close on TCP sockets under NSS. | Nick Mathewson | |
| 2018-09-04 | Avoid spurious error logs when using NSS | Nick Mathewson | |
| The tls_log_errors() function now behaves differently for NSS than it did for OpenSSL, so we need to tweak it a bit. | |||
| 2018-09-04 | Remove tor_tls_shutdown() | Nick Mathewson | |
| This function was supposed to implement a half-duplex mode for our TLS connections. However, nothing in Tor actually uses it (besides some unit tests), and the implementation looks really questionable to me. It's probably best to remove it. We can add a tested one later if we need one in the future. | |||
| 2018-09-04 | Initial NSS support for TLS. | Nick Mathewson | |
| This is enough to get a chutney network to bootstrap, though a bunch of work remains. | |||
| 2018-08-22 | NSS support for x509 certs | Nick Mathewson | |
| 7 unit tests are failing at this point, but they're all TLS-related. | |||
| 2018-08-22 | Log error strings in crypto_nss_log_errors(). | Nick Mathewson | |
| I'll need this for debugging. | |||
| 2018-08-22 | Change log_test_helpers macros to use printf, not pasting | Nick Mathewson | |
| This ensures that our test failure messages actually tell us what strings Tor was expecting. I will need this to debug some test failures. | |||
| 2018-08-21 | Make some x509 functions generic; remove some fields NSS doesn't need | Nick Mathewson | |
| 2018-08-21 | Extract internal-only parts of x509.h | Nick Mathewson | |
| 2018-08-21 | Extract the non-generic part of tor_tls_context_decref(). | Nick Mathewson | |
| 2018-08-21 | Implement PBKDF2 with NSS. | Nick Mathewson | |
| This was a gap that we left in the last commit. | |||
| 2018-08-21 | When enabling NSS, disable OpenSSL. | Nick Mathewson | |
| We used to link both libraries at once, but now that I'm working on TLS, there's nothing left to keep OpenSSL around for when NSS is enabled. Note that this patch causes a couple of places that still assumed OpenSSL to be disabled when NSS is enabled - tor-gencert - pbkdf2 | |||
| 2018-08-21 | Split tls modules and their tests into openssl and generic. | Nick Mathewson | |
| Also, add a stubbed-out nss version of the modules. The tests won't pass with NSS yet since the NSS modules don't do anything. This is a good patch to read with --color-moved. | |||
| 2018-08-21 | Refactor some of the certificate-manipulation logic | Nick Mathewson | |
| 2018-08-21 | Extract tortls structures into a new header; clean up a little | Nick Mathewson | |
| 2018-08-21 | Split X509 code out of tortls.c | Nick Mathewson | |
| 2018-08-21 | The RSA_free in this test is no longer needed or wanted | Nick Mathewson | |
| 2018-08-21 | Implement RSA for NSS. | Nick Mathewson | |
| 2018-08-21 | Also reinitialize the pregenerated keys postfork. | Nick Mathewson | |
| 2018-08-21 | Refactor crypto_rsa to use pem module. | Nick Mathewson | |
| This cleans up a lot of junk from crypto_rsa_openssl, and will save us duplicated code in crypto_rsa_nss (when it exists). (Actually, it already exists, but I am going to use git rebase so that this commit precedes the creation of crypto_rsa_nss.) | |||
| 2018-08-21 | Add rudimentary support for PEM-encoding, since NSS doesn't do that. | Nick Mathewson | |
| 2018-08-21 | Use a constant for "65537" | Nick Mathewson | |
| 2018-08-21 | Rename openssl-bridging functions in crypto_rsa | Nick Mathewson | |
| These functions exist only to expose RSA keys to other places in Tor that use OpenSSL; let's be specific about their purpose. | |||
| 2018-08-21 | Remove a redundant function. | Nick Mathewson | |
| 2018-08-21 | Rename functions that encode/decode private keys | Nick Mathewson | |
| It is not nice to expose a private key's contents without having the function name advertise the fact. Fortunately, we weren't misusing these yet. | |||
| 2018-08-21 | Extract openssl RSA functionality into its own file. | Nick Mathewson | |
| 2018-08-14 | Adjust windows stubs for new start/finish_daemon() return types | Nick Mathewson | |
| 2018-08-08 | Call crypto_postfork on start_daemon() instead. | Nick Mathewson | |
| 2018-08-08 | Make finish_daemon() return a boolean to say whether it did anything. | Nick Mathewson | |
| 2018-08-08 | When RunAsDaemon is set, crypto_postfork() as needed | Nick Mathewson | |
| 2018-08-02 | Suppress strict-prototypes warning in crypto_nss_mgt.c | Nick Mathewson | |
| 2018-08-02 | Fix double-link of crypto_openssl_mgt.c | Nick Mathewson | |
| 2018-08-02 | Add a cast to make clang happier. | Nick Mathewson | |
| 2018-07-31 | Fix issues with crypto_ope compilation now that crypto.h is gone | Nick Mathewson | |
| 2018-07-31 | Merge branch 'nss_dh_squashed' into nss_dh_squashed_merged | Nick Mathewson | |
| 2018-07-31 | Only link crypto_dh_openssl.c once | Nick Mathewson | |
| (We do this unconditionally, since we still need it for tortls.c) | |||
| 2018-07-31 | Additional tests for NSS DH | Nick Mathewson | |
| Notably, there's a test to make sure that it round-trips with OpenSSL, if OpenSSL is enabled. | |||
| 2018-07-31 | Implement DH in NSS. | Nick Mathewson | |
| 2018-07-31 | Refactor the dependency between tortls and crypto_dh. | Nick Mathewson | |
| We only ever need this to get us a DH ephemeral key object, so make a function that does just that. | |||
| 2018-07-31 | Extract the shared part of crypto_dh_compute_secret. | Nick Mathewson | |
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| aboutsummaryrefslogtreecommitdiff |