From 39b597c2fd8b45ff61573c70c36e8a4846cf3a0e Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 27 Jan 2016 13:10:17 -0500 Subject: Restrict the meaning of digests_t to sha1+sha256. This saves CPU and RAM when handling consensuses and x509 certs. Closes ticket 17795; bug not in any released tor. --- src/common/crypto.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'src/common/crypto.h') diff --git a/src/common/crypto.h b/src/common/crypto.h index fa2ed610c7..73b94b77db 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -100,8 +100,10 @@ typedef enum { DIGEST_SHA3_512 = 4, } digest_algorithm_t; #define N_DIGEST_ALGORITHMS (DIGEST_SHA3_512+1) +#define N_COMMON_DIGEST_ALGORITHMS (DIGEST_SHA256+1) -/** A set of all the digests we know how to compute, taken on a single + +/** A set of all the digests we commonly compute, taken on a single * string. Any digests that are shorter than 512 bits are right-padded * with 0 bits. * @@ -110,7 +112,7 @@ typedef enum { * once. **/ typedef struct { - char d[N_DIGEST_ALGORITHMS][DIGEST512_LEN]; + char d[N_COMMON_DIGEST_ALGORITHMS][DIGEST256_LEN]; } digests_t; typedef struct crypto_pk_t crypto_pk_t; -- cgit v1.2.3-54-g00ecf