commit ddcbe264745a0c10d80d8ad74125d23eb251662d
Author: Nick Mathewson <nickm(a)torproject.org>
Date: Wed Nov 25 10:42:00 2015 -0500
Now that crypto_rand() cannot fail, it should return void.
---
src/common/crypto.c | 12 +++++-------
src/common/crypto.h | 4 ++--
src/common/crypto_curve25519.c | 3 +--
src/common/tortls.c | 3 +--
src/or/config.c | 3 +--
src/or/connection_or.c | 3 +--
src/or/control.c | 3 +--
src/or/ext_orport.c | 3 +--
src/or/onion_fast.c | 8 ++------
src/or/rendclient.c | 6 +-----
src/or/rendcommon.c | 12 ++----------
src/test/test_extorport.c | 5 ++---
12 files changed, 20 insertions(+), 45 deletions(-)
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 1ca86ea..9e27ad3 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -270,8 +270,7 @@ crypto_init_siphash_key(void)
if (have_seeded_siphash)
return 0;
- if (crypto_rand((char*) &key, sizeof(key)) < 0)
- return -1;
+ crypto_rand((char*) &key, sizeof(key));
siphash_set_global_key(&key);
have_seeded_siphash = 1;
return 0;
@@ -2368,27 +2367,26 @@ crypto_seed_rng(void)
/** Write <b>n</b> bytes of strong random data to <b>to</b>. Return 0 on
* success, -1 on failure, with support for mocking for unit tests.
*/
-MOCK_IMPL(int,
+MOCK_IMPL(void,
crypto_rand, (char *to, size_t n))
{
- return crypto_rand_unmocked(to, n);
+ crypto_rand_unmocked(to, n);
}
/** Write <b>n</b> bytes of strong random data to <b>to</b>. Return 0 on
* success, -1 on failure. Most callers will want crypto_rand instead.
*/
-int
+void
crypto_rand_unmocked(char *to, size_t n)
{
int r;
if (n == 0)
- return 0;
+ return;
tor_assert(n < INT_MAX);
tor_assert(to);
r = RAND_bytes((unsigned char*)to, (int)n);
tor_assert(r >= 0);
- return 0;
}
/** Return a pseudorandom integer, chosen uniformly from the values
diff --git a/src/common/crypto.h b/src/common/crypto.h
index 60f9e28..3b471c2 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -260,8 +260,8 @@ int crypto_expand_key_material_rfc5869_sha256(
/* random numbers */
int crypto_seed_rng(void) ATTR_WUR;
-MOCK_DECL(int,crypto_rand,(char *to, size_t n));
-int crypto_rand_unmocked(char *to, size_t n);
+MOCK_DECL(void,crypto_rand,(char *to, size_t n));
+void crypto_rand_unmocked(char *to, size_t n);
int crypto_strongest_rand(uint8_t *out, size_t out_len);
int crypto_rand_int(unsigned int max);
int crypto_rand_int_range(unsigned int min, unsigned int max);
diff --git a/src/common/crypto_curve25519.c b/src/common/crypto_curve25519.c
index ac0b08a..00302a2 100644
--- a/src/common/crypto_curve25519.c
+++ b/src/common/crypto_curve25519.c
@@ -113,8 +113,7 @@ curve25519_rand_seckey_bytes(uint8_t *out, int extra_strong)
{
uint8_t k_tmp[CURVE25519_SECKEY_LEN];
- if (crypto_rand((char*)out, CURVE25519_SECKEY_LEN) < 0)
- return -1;
+ crypto_rand((char*)out, CURVE25519_SECKEY_LEN);
if (extra_strong && !crypto_strongest_rand(k_tmp, CURVE25519_SECKEY_LEN)) {
/* If they asked for extra-strong entropy and we have some, use it as an
* HMAC key to improve not-so-good entropy rather than using it directly,
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 536043e..e3c6859 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -601,8 +601,7 @@ tor_tls_create_certificate(crypto_pk_t *rsa,
goto error;
{ /* our serial number is 8 random bytes. */
- if (crypto_rand((char *)serial_tmp, sizeof(serial_tmp)) < 0)
- goto error;
+ crypto_rand((char *)serial_tmp, sizeof(serial_tmp));
if (!(serial_number = BN_bin2bn(serial_tmp, sizeof(serial_tmp), NULL)))
goto error;
if (!(BN_to_ASN1_INTEGER(serial_number, X509_get_serialNumber(x509))))
diff --git a/src/or/config.c b/src/or/config.c
index fa860af..431d366 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -7329,8 +7329,7 @@ init_cookie_authentication(const char *fname, const char *header,
/* Generate the cookie */
*cookie_out = tor_malloc(cookie_len);
- if (crypto_rand((char *)*cookie_out, cookie_len) < 0)
- goto done;
+ crypto_rand((char *)*cookie_out, cookie_len);
/* Create the string that should be written on the file. */
memcpy(cookie_file_str, header, strlen(header));
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index a967c93..c454d3f 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -2290,8 +2290,7 @@ connection_or_send_auth_challenge_cell(or_connection_t *conn)
auth_challenge_cell_t *ac = auth_challenge_cell_new();
- if (crypto_rand((char*)ac->challenge, sizeof(ac->challenge)) < 0)
- goto done;
+ crypto_rand((char*)ac->challenge, sizeof(ac->challenge));
auth_challenge_cell_add_methods(ac, AUTHTYPE_RSA_SHA256_TLSSECRET);
auth_challenge_cell_set_n_methods(ac,
diff --git a/src/or/control.c b/src/or/control.c
index 220e7e5..c89fdde 100644
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -3418,8 +3418,7 @@ handle_control_authchallenge(control_connection_t *conn, uint32_t len,
tor_free(client_nonce);
return -1;
}
- const int fail = crypto_rand(server_nonce, SAFECOOKIE_SERVER_NONCE_LEN);
- tor_assert(!fail);
+ crypto_rand(server_nonce, SAFECOOKIE_SERVER_NONCE_LEN);
/* Now compute and send the server-to-controller response, and the
* server's nonce. */
diff --git a/src/or/ext_orport.c b/src/or/ext_orport.c
index e8c8aa6..f159f7d 100644
--- a/src/or/ext_orport.c
+++ b/src/or/ext_orport.c
@@ -193,8 +193,7 @@ handle_client_auth_nonce(const char *client_nonce, size_t client_nonce_len,
return -1;
/* Get our nonce */
- if (crypto_rand(server_nonce, EXT_OR_PORT_AUTH_NONCE_LEN) < 0)
- return -1;
+ crypto_rand(server_nonce, EXT_OR_PORT_AUTH_NONCE_LEN);
{ /* set up macs */
size_t hmac_s_msg_len = strlen(EXT_OR_PORT_AUTH_SERVER_TO_CLIENT_CONST) +
diff --git a/src/or/onion_fast.c b/src/or/onion_fast.c
index 7584112..22bef4e 100644
--- a/src/or/onion_fast.c
+++ b/src/or/onion_fast.c
@@ -30,10 +30,7 @@ fast_onionskin_create(fast_handshake_state_t **handshake_state_out,
{
fast_handshake_state_t *s;
*handshake_state_out = s = tor_malloc(sizeof(fast_handshake_state_t));
- if (crypto_rand((char*)s->state, sizeof(s->state)) < 0) {
- tor_free(s);
- return -1;
- }
+ crypto_rand((char*)s->state, sizeof(s->state));
memcpy(handshake_out, s->state, DIGEST_LEN);
return 0;
}
@@ -56,8 +53,7 @@ fast_server_handshake(const uint8_t *key_in, /* DIGEST_LEN bytes */
size_t out_len;
int r = -1;
- if (crypto_rand((char*)handshake_reply_out, DIGEST_LEN)<0)
- return -1;
+ crypto_rand((char*)handshake_reply_out, DIGEST_LEN);
memcpy(tmp, key_in, DIGEST_LEN);
memcpy(tmp+DIGEST_LEN, handshake_reply_out, DIGEST_LEN);
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index a39e518..11e940c 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -65,11 +65,7 @@ rend_client_send_establish_rendezvous(origin_circuit_t *circ)
tor_assert(circ->rend_data);
log_info(LD_REND, "Sending an ESTABLISH_RENDEZVOUS cell");
- if (crypto_rand(circ->rend_data->rend_cookie, REND_COOKIE_LEN) < 0) {
- log_warn(LD_BUG, "Internal error: Couldn't produce random cookie.");
- circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL);
- return -1;
- }
+ crypto_rand(circ->rend_data->rend_cookie, REND_COOKIE_LEN);
/* Set timestamp_dirty, because circuit_expire_building expects it,
* and the rend cookie also means we've used the circ. */
diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index 22599e9..1e6c6da 100644
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -268,11 +268,7 @@ rend_encrypt_v2_intro_points_basic(char **encrypted_out,
tor_assert(client_cookies && smartlist_len(client_cookies) > 0);
/* Generate session key. */
- if (crypto_rand(session_key, CIPHER_KEY_LEN) < 0) {
- log_warn(LD_REND, "Unable to generate random session key to encrypt "
- "introduction point string.");
- goto done;
- }
+ crypto_rand(session_key, CIPHER_KEY_LEN);
/* Determine length of encrypted introduction points including session
* keys. */
@@ -334,11 +330,7 @@ rend_encrypt_v2_intro_points_basic(char **encrypted_out,
REND_BASIC_AUTH_CLIENT_MULTIPLE;
i < REND_BASIC_AUTH_CLIENT_MULTIPLE - 1; i++) {
client_part = tor_malloc_zero(REND_BASIC_AUTH_CLIENT_ENTRY_LEN);
- if (crypto_rand(client_part, REND_BASIC_AUTH_CLIENT_ENTRY_LEN) < 0) {
- log_warn(LD_REND, "Unable to generate fake client entry.");
- tor_free(client_part);
- goto done;
- }
+ crypto_rand(client_part, REND_BASIC_AUTH_CLIENT_ENTRY_LEN);
smartlist_add(encrypted_session_keys, client_part);
}
/* Sort smartlist and put elements in result in order. */
diff --git a/src/test/test_extorport.c b/src/test/test_extorport.c
index 2e5a32e..5d38ed8 100644
--- a/src/test/test_extorport.c
+++ b/src/test/test_extorport.c
@@ -309,15 +309,14 @@ test_ext_or_cookie_auth(void *arg)
tor_free(client_hash2);
}
-static int
+static void
crypto_rand_return_tse_str(char *to, size_t n)
{
if (n != 32) {
TT_FAIL(("Asked for %d bytes, not 32", (int)n));
- return -1;
+ return;
}
memcpy(to, "te road There is always another ", 32);
- return 0;
}
static void