summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2013-01-03Update our copy of curve25519-donna-c64.Nick Mathewson
This now matches upstream at version 59a896970a1ad0a6cd7d0. (Adam took my patches.)
2013-01-03Use always_inline only with inline; otherwise GCC gripesNick Mathewson
2013-01-03Make libcurve25519_donna get built as a .aNick Mathewson
This lets us give it compiler flags differing from the rest of libor-crypto.a
2013-01-03Fix an unused-variable warningNick Mathewson
2013-01-03Enable the ntor handshake on the client side.Nick Mathewson
"works for me"
2013-01-03Enable handling of create2/extend2/created2/extended2Nick Mathewson
2013-01-03Don't check create cells too much when we're relaying themNick Mathewson
We want to sanity-check our own create cells carefully, and other people's loosely.
2013-01-03Implement scheme to allow ntor requests/responses via older serversNick Mathewson
2013-01-03Use created_cell_format where appropriateNick Mathewson
2013-01-03Use new wrappers for making,sending,processing create/extend cellsNick Mathewson
2013-01-03Teach cpuworker and others about create_cell_t and friendsNick Mathewson
The unit of work sent to a cpuworker is now a create_cell_t; its response is now a created_cell_t. Several of the things that call or get called by this chain of logic now take create_cell_t or created_cell_t too. Since all cpuworkers are forked or spawned by Tor, they don't need a stable wire protocol, so we can just send structs. This saves us some insanity, and helps p
2013-01-03Code to parse and format CREATE{,2,_FAST} cells and their alliesNick Mathewson
As elsewhere, it makes sense when adding or extending a cell type to actually make the code to parse it into a separate tested function. This commit doesn't actually make anything use these new functions; that's for a later commit.
2013-01-03Rename handshake_digest to rend_circ_nonceNick Mathewson
The handshake_digest field was never meaningfully a digest *of* the handshake, but rather is a digest *from* the handshake that we exapted to prevent replays of ESTABLISH_INTRO cells. The ntor handshake will generate it as more key material rather than taking it from any part of the circuit handshake reply..
2013-01-03Massive refactoring of the various handshake typesNick Mathewson
The three handshake types are now accessed from a unified interface; their state is abstracted from the rest of the cpath state, and so on.
2013-01-03Refactor the CREATE_FAST handshake code to match the others.Nick Mathewson
2013-01-02Split onion.[ch] into onion{,_fast,_tap}.[ch]Nick Mathewson
I'm going to want a generic "onionskin" type and set of wrappers, and for that, it will be helpful to isolate the different circuit creation handshakes. Now the original handshake is in onion_tap.[ch], the CREATE_FAST handshake is in onion_fast.[ch], and onion.[ch] now handles the onion queue. This commit does nothing but move code and adjust header files.
2013-01-02Wrangle curve25519 onion keys: generate, store, load, publish, republishNick Mathewson
Here we try to handle curve25519 onion keys from generating them, loading and storing them, publishing them in our descriptors, putting them in microdescriptors, and so on. This commit is untested and probably buggy like whoa
2013-01-02Move curve25519 keypair type to src/common; give it functionsNick Mathewson
This patch moves curve25519_keypair_t from src/or/onion_ntor.h to src/common/crypto_curve25519.h, and adds new functions to generate, load, and store keypairs.
2013-01-02Refactor strong os-RNG into its own functionNick Mathewson
Previously, we only used the strong OS entropy source as part of seeding OpenSSL's RNG. But with curve25519, we'll have occasion to want to generate some keys using extremely-good entopy, as well as the means to do so. So let's! This patch refactors the OS-entropy wrapper into its own crypto_strongest_rand() function, and makes our new curve25519_secret_key_generate function try it as appropriate.
2013-01-02curve25519-donna-c64: make endian-neutralness fns staticNick Mathewson
2013-01-02Implementat the ntor handshakeNick Mathewson
The ntor handshake--described in proposal 216 and in a paper by Goldberg, Stebila, and Ustaoglu--gets us much better performance than our current approach.
2013-01-02Add a wrapper around, and test and build support for, curve25519.Nick Mathewson
We want to use donna-c64 when we have a GCC with support for 64x64->uint128_t multiplying. If not, we want to use libnacl if we can, unless it's giving us the unsafe "ref" implementation. And if that isn't going to work, we'd like to use the portable-and-safe-but-slow 32-bit "donna" implementation. We might need more library searching for the correct libnacl, especially once the next libnacl release is out -- it's likely to have bunches of better curve25519 implementations. I also define a set of curve25519 wrapper functions, though it really shouldn't be necessary. We should eventually make the -donna*.c files get build with -fomit-frame-pointer, since that can make a difference.
2013-01-02curve25519-donna-c64: work on bigendian and alignment-happy systemsNick Mathewson
There was one place in curve25519-donna-c64 that was relying on unaligned access and relying on little-endian values. This patch fixes that. I've sent Adam a pull request.
2013-01-02Make curve25519-donna work with our compiler warnings.Nick Mathewson
2013-01-02Add fallback implementations for curve25519: curve25519_donnaNick Mathewson
This is copied from Adam Langley's curve25519-donna package, as of commit 09427c9cab32075c06c3487aa01628030e1c5ae7.
2013-01-02Add a data-invariant linear-search map structureNick Mathewson
I'm going to use this for looking op keys server-side for ntor.
2012-12-06Add a unit test for the old KDF while we're at itNick Mathewson
2012-12-06Implement HKDF from RFC5869Nick Mathewson
This is a customizable extract-and-expand HMAC-KDF for deriving keys. It derives from RFC5869, which derives its rationale from Krawczyk, H., "Cryptographic Extraction and Key Derivation: The HKDF Scheme", Proceedings of CRYPTO 2010, 2010, <http://eprint.iacr.org/2010/264>. I'm also renaming the existing KDF, now that Tor has two of them. This is the key derivation scheme specified in ntor. There are also unit tests.
2012-12-06Add benchmark to test onionskin performance.Nick Mathewson
2012-12-06Add a crypto_dh_dup, for benchmark supportNick Mathewson
2012-12-04Merge remote-tracking branch 'asn/bug7592_take2'Nick Mathewson
2012-12-05Return connection_exit_connect() if payload creation failed.George Kadianakis
Fixes bug #7592; bugfix on 882b389668067a29bb539d0f5bd5cb2f83b93012. The bug is not present in any released versions of Tor.
2012-12-03fix some typosRoger Dingledine
2012-11-27Merge branch 'bug7013_take2_squashed'Nick Mathewson
2012-11-27Introduce tor_addr_port_parse() and use it to parse ServerTransportListenAddr.George Kadianakis
2012-11-27Add a torrc option to specify the bind address of managed proxies.George Kadianakis
2012-11-23Make sure that the error in ADDRMAP events is well-formedNick Mathewson
"error=Unable to launch resolve request" is not a nice thing to tell the controller. Bugfix on 0.2.0.19-alpha (c11c48fc).
2012-11-23Minor documentation fixNick Mathewson
2012-11-23Note limitation of parse_rfc_1123_timeNick Mathewson
RFC1123 suggests that we should handle two-year times, and a full range of time zones, and other stuff too. We don't.
2012-11-23In comments and logs, say "UTC" not "GMT"Nick Mathewson
Fix for #6113. Note that the RFC1123 times we generate still all say 'GMT'. I'm going to suggest this is not worth changing.
2012-11-23Refer to RFC 4648 instead of the obsolete RFC 3548Nick Mathewson
Affects comments only. For ticket 6849.
2012-11-18Merge branch 'bug7493_redux'Nick Mathewson
2012-11-18Initialize ipv{4,6}_traffic_ok in entry_connection_newNick Mathewson
This one is necessary for sending BEGIN cells with sane flags when self-testing a directory port. All real entry connections were getting their ipv{4,6}_traffic_ok flags set from their listeners, and for begindir entry connections we didn't care, but for directory self-testing, we had a problem. Fixes at least one more case of 7493; if there are more lingering cases of 7493, this might fix them too. Bug not in any released version of Tor.
2012-11-16when counting available descs, say whether we're counting exitsRoger Dingledine
2012-11-15Give useful warning when both IPv4 and IPv6 are disabled on a socksportNick Mathewson
2012-11-15Allow IPv4 traffic on default and old-style-config SocksPorts.Nick Mathewson
Looks like when i was writing the code to set the ipv4_traffic flag on port_cfg_t, I missed some cases, such as the one where the port was set from its default value. Fix for 7493. Bug not in any released Tor.
2012-11-15Set IPv4/IPv6 flags correctly when being a SOCKS clientNick Mathewson
2012-11-15Remove some XXXX commens in dns.cNick Mathewson
Previously, I was freaking out about passing an unspec address to dns_found_answer() on an error, since I was using the address type to determine whether the error was an error on an ipv4 address lookup or on an ipv6 address lookup. But now dns_found_answer() has a separate orig_query_type argument to tell what kind of query it is, so there's no need to freak out.
2012-11-15Fix up some comments in connection_edge.cNick Mathewson
2012-11-14Add another missing function docNick Mathewson