tor-commits September 2018

tor-commits@lists.torproject.org

17 participants
3230 discussions

[tor/master] Add a configure switch to build with NSS.
by nickm＠torproject.org 05 Sep '18

05 Sep '18

commit 79267bad654ed39f13e6fb89a5468f23468c3169 Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Jul 11 12:57:30 2018 -0400 Add a configure switch to build with NSS. When it is set, include the NSS headers and libraries as appropriate. Doesn't actually use them yet, though. --- Makefile.am | 5 +++++ configure.ac | 22 ++++++++++++++++++++++ src/lib/crypt_ops/include.am | 5 ++++- src/lib/include.libdonna.am | 2 +- src/lib/tls/include.am | 5 ++++- 5 files changed, 36 insertions(+), 3 deletions(-) diff --git a/Makefile.am b/Makefile.am index cf268b0b7..01ed8c935 100644 --- a/Makefile.am +++ b/Makefile.am @@ -129,6 +129,11 @@ TOR_INTERNAL_TESTING_LIBS = \ TOR_LDFLAGS_CRYPTLIB=@TOR_LDFLAGS_openssl@ TOR_LIBS_CRYPTLIB=@TOR_OPENSSL_LIBS@ +TOR_CFLAGS_CRYPTLIB= +if USE_NSS +TOR_CFLAGS_CRYPTLIB+=@NSS_CFLAGS@ +TOR_LIBS_CRYPTLIB+=@NSS_LIBS@ +endif # All libraries used to link tor-cov diff --git a/configure.ac b/configure.ac index 532476672..2fe353d75 100644 --- a/configure.ac +++ b/configure.ac @@ -53,6 +53,8 @@ AC_ARG_ENABLE(restart-debugging, AS_HELP_STRING(--enable-restart-debugging, [Build Tor with support for debugging in-process restart. Developers only.])) AC_ARG_ENABLE(zstd-advanced-apis, AS_HELP_STRING(--disable-zstd-advanced-apis, [Build without support for zstd's "static-only" APIs.])) +AC_ARG_ENABLE(nss, + AS_HELP_STRING(--enable-nss, [Use Mozilla's NSS TLS library. (EXPERIMENTAL)])) if test "x$enable_coverage" != "xyes" -a "x$enable_asserts_in_tests" = "xno" ; then AC_MSG_ERROR([Can't disable assertions outside of coverage build]) @@ -64,6 +66,15 @@ AM_CONDITIONAL(DISABLE_ASSERTS_IN_UNIT_TESTS, test "x$enable_asserts_in_tests" = AM_CONDITIONAL(LIBFUZZER_ENABLED, test "x$enable_libfuzzer" = "xyes") AM_CONDITIONAL(OSS_FUZZ_ENABLED, test "x$enable_oss_fuzz" = "xyes") AM_CONDITIONAL(USE_RUST, test "x$enable_rust" = "xyes") +AM_CONDITIONAL(USE_NSS, test "x$enable_nss" = "xyes") +AM_CONDITIONAL(USE_OPENSSL, true) + +if test "x$enable_nss" = "xyes"; then + AC_DEFINE(ENABLE_NSS, 1, + [Defined if we're building with NSS in addition to OpenSSL.]) +fi +AC_DEFINE(ENABLE_OPENSSL, 1, + [Defined if we're building with OpenSSL or LibreSSL]) if test "$enable_static_tor" = "yes"; then enable_static_libevent="yes"; @@ -822,6 +833,17 @@ LIBS="$save_LIBS" AC_SUBST(TOR_LIB_MATH) dnl ------------------------------------------------------ +dnl Hello, NSS. You're new around here. +if test "x$enable_nss" = "xyes"; then + PKG_CHECK_MODULES(NSS, + [nss], + [have_nss=yes], + [have_nss=no; AC_MSG_ERROR([You asked for NSS but I can't find it.])]) + AC_SUBST(NSS_CFLAGS) + AC_SUBST(NSS_LIBS) +fi + +dnl ------------------------------------------------------ dnl Where do you live, openssl? And how do we call you? tor_openssl_pkg_redhat="openssl" diff --git a/src/lib/crypt_ops/include.am b/src/lib/crypt_ops/include.am index 1b88b880d..009e4c66c 100644 --- a/src/lib/crypt_ops/include.am +++ b/src/lib/crypt_ops/include.am @@ -22,10 +22,13 @@ src_lib_libtor_crypt_ops_a_SOURCES = \ src/lib/crypt_ops/crypto_util.c \ src/lib/crypt_ops/digestset.c +src_lib_libtor_crypt_ops_a_CFLAGS = $(AM_CFLAGS) $(TOR_CFLAGS_CRYPTLIB) + src_lib_libtor_crypt_ops_testing_a_SOURCES = \ $(src_lib_libtor_crypt_ops_a_SOURCES) src_lib_libtor_crypt_ops_testing_a_CPPFLAGS = $(AM_CPPFLAGS) $(TEST_CPPFLAGS) -src_lib_libtor_crypt_ops_testing_a_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS) +src_lib_libtor_crypt_ops_testing_a_CFLAGS = \ + $(AM_CFLAGS) $(TOR_CFLAGS_CRYPTLIB) $(TEST_CFLAGS) noinst_HEADERS += \ src/lib/crypt_ops/aes.h \ diff --git a/src/lib/include.libdonna.am b/src/lib/include.libdonna.am index 5b92dc58a..60a3f5097 100644 --- a/src/lib/include.libdonna.am +++ b/src/lib/include.libdonna.am @@ -1,4 +1,4 @@ -src_lib_libcurve25519_donna_a_CFLAGS= +src_lib_libcurve25519_donna_a_CFLAGS=$(TOR_CFLAGS_CRYPTO) if BUILD_CURVE25519_DONNA src_lib_libcurve25519_donna_a_SOURCES=\ diff --git a/src/lib/tls/include.am b/src/lib/tls/include.am index b3b013f4d..9cc57ca77 100644 --- a/src/lib/tls/include.am +++ b/src/lib/tls/include.am @@ -9,10 +9,13 @@ src_lib_libtor_tls_a_SOURCES = \ src/lib/tls/buffers_tls.c \ src/lib/tls/tortls.c +src_lib_libtor_tls_a_CFLAGS = $(AM_CFLAGS) $(TOR_CFLAGS_CRYPTLIB) + src_lib_libtor_tls_testing_a_SOURCES = \ $(src_lib_libtor_tls_a_SOURCES) src_lib_libtor_tls_testing_a_CPPFLAGS = $(AM_CPPFLAGS) $(TEST_CPPFLAGS) -src_lib_libtor_tls_testing_a_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS) +src_lib_libtor_tls_testing_a_CFLAGS = \ + $(AM_CFLAGS) $(TOR_CFLAGS_CRYPTLIB) $(TEST_CFLAGS) noinst_HEADERS += \ src/lib/tls/ciphers.inc \

1 0

[tor/master] Initialize and shut down NSS.
by nickm＠torproject.org 05 Sep '18

05 Sep '18

commit c317e78dd75b6bf9c195c9bef5a0b8300d55411a Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Jul 11 14:46:28 2018 -0400 Initialize and shut down NSS. This is largely conjectural, based on online documentation for NSS and NSPR. --- src/lib/crypt_ops/crypto_init.c | 18 +++++-- src/lib/crypt_ops/crypto_nss_mgt.c | 95 ++++++++++++++++++++++++++++++++++ src/lib/crypt_ops/crypto_nss_mgt.h | 31 +++++++++++ src/lib/crypt_ops/crypto_openssl_mgt.c | 11 +++- src/lib/crypt_ops/crypto_openssl_mgt.h | 8 +-- src/lib/crypt_ops/include.am | 10 +++- 6 files changed, 165 insertions(+), 8 deletions(-) diff --git a/src/lib/crypt_ops/crypto_init.c b/src/lib/crypt_ops/crypto_init.c index 01d5baf5b..7f5a63219 100644 --- a/src/lib/crypt_ops/crypto_init.c +++ b/src/lib/crypt_ops/crypto_init.c @@ -18,6 +18,7 @@ #include "lib/crypt_ops/crypto_dh.h" #include "lib/crypt_ops/crypto_ed25519.h" #include "lib/crypt_ops/crypto_openssl_mgt.h" +#include "lib/crypt_ops/crypto_nss_mgt.h" #include "lib/crypt_ops/crypto_rand.h" #include "siphash.h" @@ -56,6 +57,9 @@ crypto_early_init(void) #ifdef ENABLE_OPENSSL crypto_openssl_early_init(); #endif +#ifdef ENABLE_NSS + crypto_nss_early_init(); +#endif if (crypto_seed_rng() < 0) return -1; @@ -80,7 +84,12 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir) crypto_global_initialized_ = 1; #ifdef ENABLE_OPENSSL - return crypto_openssl_late_init(useAccel, accelName, accelDir); + if (crypto_openssl_late_init(useAccel, accelName, accelDir) < 0) + return -1; +#endif +#ifdef ENABLE_NSS + if (crypto_nss_late_init() < 0) + return -1; #endif } return 0; @@ -90,8 +99,8 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir) void crypto_thread_cleanup(void) { -#ifndef NEW_THREAD_API - ERR_remove_thread_state(NULL); +#ifdef ENABLE_OPENSSL + crypto_openssl_thread_cleanup(); #endif } @@ -107,6 +116,9 @@ crypto_global_cleanup(void) #ifdef ENABLE_OPENSSL crypto_openssl_global_cleanup(); #endif +#ifdef ENABLE_NSS + crypto_nss_global_cleanup(); +#endif crypto_early_initialized_ = 0; crypto_global_initialized_ = 0; diff --git a/src/lib/crypt_ops/crypto_nss_mgt.c b/src/lib/crypt_ops/crypto_nss_mgt.c new file mode 100644 index 000000000..84d9f027a --- /dev/null +++ b/src/lib/crypt_ops/crypto_nss_mgt.c @@ -0,0 +1,95 @@ +/* Copyright (c) 2001, Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2018, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file crypto_nss_mgt.c + * + * \brief Manage the NSS library (if used) + **/ + +#include "lib/crypt_ops/crypto_nss_mgt.h" + +#include "lib/log/log.h" +#include "lib/log/util_bug.h" + +#include <nss.h> +#include <pk11func.h> +#include <ssl.h> + +#include <prerror.h> +#include <prtypes.h> +#include <prinit.h> + +const char * +crypto_nss_get_version_str(void) +{ + return NSS_GetVersion(); +} +const char * +crypto_nss_get_header_version_str(void) +{ + return NSS_VERSION; +} + +/** A password function that always returns NULL. */ +static char * +nss_password_func_always_fail(PK11SlotInfo *slot, + PRBool retry, + void *arg) +{ + (void) slot; + (void) retry; + (void) arg; + return NULL; +} + +void +crypto_nss_early_init(void) +{ + PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0); + PK11_SetPasswordFunc(nss_password_func_always_fail); + + /* Eventually we should use NSS_Init() instead -- but that wants a + directory. The documentation says that we can't use this if we want + to use OpenSSL. */ + if (NSS_NoDB_Init(NULL) == SECFailure) { + log_err(LD_CRYPTO, "Unable to initialize NSS."); + crypto_nss_log_errors(LOG_ERR, "initializing NSS"); + tor_assert_unreached(); + } + + if (NSS_SetDomesticPolicy() == SECFailure) { + log_err(LD_CRYPTO, "Unable to set NSS cipher policy."); + crypto_nss_log_errors(LOG_ERR, "setting cipher policy"); + tor_assert_unreached(); + } +} + +void +crypto_nss_log_errors(int severity, const char *doing) +{ + PRErrorCode code = PR_GetError(); + /* XXXX how do I convert errors to strings? */ + if (doing) { + tor_log(severity, LD_CRYPTO, "NSS error %u while %s", code, doing); + } else { + tor_log(severity, LD_CRYPTO, "NSS error %u", code); + } +} + +int +crypto_nss_late_init(void) +{ + /* Possibly, SSL_OptionSetDefault? */ + + return 0; +} + +void +crypto_nss_global_cleanup(void) +{ + NSS_Shutdown(); +} diff --git a/src/lib/crypt_ops/crypto_nss_mgt.h b/src/lib/crypt_ops/crypto_nss_mgt.h new file mode 100644 index 000000000..0e899bad0 --- /dev/null +++ b/src/lib/crypt_ops/crypto_nss_mgt.h @@ -0,0 +1,31 @@ +/* Copyright (c) 2001, Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2018, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file crypto_nss_mgt.h + * + * \brief Headers for crypto_nss_mgt.c + **/ + +#ifndef TOR_CRYPTO_NSS_MGT_H +#define TOR_CRYPTO_NSS_MGT_H + +#include "orconfig.h" + +#ifdef ENABLE_NSS +/* global nss state */ +const char *crypto_nss_get_version_str(void); +const char *crypto_nss_get_header_version_str(void); + +void crypto_nss_log_errors(int severity, const char *doing); + +void crypto_nss_early_init(void); +int crypto_nss_late_init(void); + +void crypto_nss_global_cleanup(void); +#endif + +#endif /* !defined(TOR_CRYPTO_NSS_H) */ diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.c b/src/lib/crypt_ops/crypto_openssl_mgt.c index bf5b96f9a..125da0786 100644 --- a/src/lib/crypt_ops/crypto_openssl_mgt.c +++ b/src/lib/crypt_ops/crypto_openssl_mgt.c @@ -153,7 +153,7 @@ tor_set_openssl_thread_id(CRYPTO_THREADID *threadid) /** Helper: Construct mutexes, and set callbacks to help OpenSSL handle being * multithreaded. Returns 0. */ -int +static int setup_openssl_threading(void) { #ifndef NEW_THREAD_API @@ -352,6 +352,15 @@ crypto_openssl_late_init(int useAccel, const char *accelName, return 0; } +/** Free crypto resources held by this thread. */ +void +crypto_openssl_thread_cleanup(void) +{ +#ifndef NEW_THREAD_API + ERR_remove_thread_state(NULL); +#endif +} + /** Clean up global resources held by openssl. */ void crypto_openssl_global_cleanup(void) diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.h b/src/lib/crypt_ops/crypto_openssl_mgt.h index 417bb36f0..3b288fb9d 100644 --- a/src/lib/crypt_ops/crypto_openssl_mgt.h +++ b/src/lib/crypt_ops/crypto_openssl_mgt.h @@ -14,6 +14,8 @@ #define TOR_CRYPTO_OPENSSL_H #include "orconfig.h" + +#ifdef ENABLE_OPENSSL #include <openssl/engine.h> /* @@ -75,13 +77,13 @@ void crypto_openssl_log_errors(int severity, const char *doing); const char * crypto_openssl_get_version_str(void); const char * crypto_openssl_get_header_version_str(void); -/* OpenSSL threading setup function */ -int setup_openssl_threading(void); - void crypto_openssl_early_init(void); int crypto_openssl_late_init(int useAccel, const char *accelName, const char *accelDir); +void crypto_openssl_thread_cleanup(void); void crypto_openssl_global_cleanup(void); +#endif /* ENABLE_OPENSSL */ + #endif /* !defined(TOR_CRYPTO_OPENSSL_H) */ diff --git a/src/lib/crypt_ops/include.am b/src/lib/crypt_ops/include.am index 1caa3fdbc..e96d6b0a5 100644 --- a/src/lib/crypt_ops/include.am +++ b/src/lib/crypt_ops/include.am @@ -15,7 +15,6 @@ src_lib_libtor_crypt_ops_a_SOURCES = \ src/lib/crypt_ops/crypto_format.c \ src/lib/crypt_ops/crypto_hkdf.c \ src/lib/crypt_ops/crypto_init.c \ - src/lib/crypt_ops/crypto_openssl_mgt.c \ src/lib/crypt_ops/crypto_pwbox.c \ src/lib/crypt_ops/crypto_rand.c \ src/lib/crypt_ops/crypto_rsa.c \ @@ -23,6 +22,15 @@ src_lib_libtor_crypt_ops_a_SOURCES = \ src/lib/crypt_ops/crypto_util.c \ src/lib/crypt_ops/digestset.c +if USE_NSS +src_lib_libtor_crypt_ops_a_SOURCES += \ + src/lib/crypt_ops/crypto_nss_mgt.c +endif +if USE_OPENSSL +src_lib_libtor_crypt_ops_a_SOURCES += \ + src/lib/crypt_ops/crypto_openssl_mgt.c +endif + src_lib_libtor_crypt_ops_a_CFLAGS = $(AM_CFLAGS) $(TOR_CFLAGS_CRYPTLIB) src_lib_libtor_crypt_ops_testing_a_SOURCES = \

1 0

[tor/master] Remove most includes from crypto.c
by nickm＠torproject.org 05 Sep '18

05 Sep '18

commit 9010797e632065ae073cd69f6b76a2d55c06160d Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Jul 11 14:02:23 2018 -0400 Remove most includes from crypto.c --- src/lib/crypt_ops/crypto.c | 49 ---------------------------------------------- 1 file changed, 49 deletions(-) diff --git a/src/lib/crypt_ops/crypto.c b/src/lib/crypt_ops/crypto.c index e4f092c80..52ffec4ca 100644 --- a/src/lib/crypt_ops/crypto.c +++ b/src/lib/crypt_ops/crypto.c @@ -13,63 +13,14 @@ #include "orconfig.h" -#ifdef _WIN32 -#include <winsock2.h> -#include <windows.h> -#include <wincrypt.h> -/* Windows defines this; so does OpenSSL 0.9.8h and later. We don't actually - * use either definition. */ -#undef OCSP_RESPONSE -#endif /* defined(_WIN32) */ - -#define CRYPTO_PRIVATE -#include "lib/crypt_ops/compat_openssl.h" #include "lib/crypt_ops/crypto.h" -#include "lib/crypt_ops/crypto_curve25519.h" -#include "lib/crypt_ops/crypto_digest.h" -#include "lib/crypt_ops/crypto_dh.h" -#include "lib/crypt_ops/crypto_ed25519.h" -#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_rand.h" -#include "lib/crypt_ops/crypto_rsa.h" #include "lib/crypt_ops/crypto_util.h" -DISABLE_GCC_WARNING(redundant-decls) - -#include <openssl/err.h> -#include <openssl/evp.h> -#include <openssl/bn.h> -#include <openssl/dh.h> -#include <openssl/conf.h> -#include <openssl/hmac.h> -#include <openssl/ssl.h> - -ENABLE_GCC_WARNING(redundant-decls) - -#if __GNUC__ && GCC_VERSION >= 402 -#if GCC_VERSION >= 406 -#pragma GCC diagnostic pop -#else -#pragma GCC diagnostic warning "-Wredundant-decls" -#endif -#endif /* __GNUC__ && GCC_VERSION >= 402 */ - -#ifdef HAVE_CTYPE_H -#include <ctype.h> -#endif -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif - #include "lib/log/log.h" #include "lib/log/util_bug.h" #include "lib/cc/torint.h" #include "lib/crypt_ops/aes.h" -#include "lib/encoding/binascii.h" - -#include "keccak-tiny/keccak-tiny.h" - -#include "siphash.h" #include <string.h>

1 0

[tor/master] Add postfork support for nss
by nickm＠torproject.org 05 Sep '18

05 Sep '18

commit d811ce2421dcf1684db7e34f2b5998d9f360d5fb Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Jul 11 15:36:54 2018 -0400 Add postfork support for nss We need this in our unit tests, since otherwise NSS will notice we've forked and start cussing us out. I suspect we'll need a different hack for daemonizing, but this should be enough for tinytest to work. --- src/ext/tinytest.c | 8 ++++++++ src/lib/crypt_ops/crypto_init.c | 10 ++++++++++ src/lib/crypt_ops/crypto_init.h | 1 + src/lib/crypt_ops/crypto_nss_mgt.c | 7 +++++++ src/lib/crypt_ops/crypto_nss_mgt.h | 2 ++ src/test/testing_common.c | 7 +++++++ 6 files changed, 35 insertions(+) diff --git a/src/ext/tinytest.c b/src/ext/tinytest.c index 3fb1b39c7..8b2c71beb 100644 --- a/src/ext/tinytest.c +++ b/src/ext/tinytest.c @@ -25,6 +25,7 @@ #ifdef TINYTEST_LOCAL #include "tinytest_local.h" #endif +#define TINYTEST_POSTFORK #include <stdio.h> #include <stdlib.h> @@ -118,6 +119,12 @@ testcase_run_bare_(const struct testcase_t *testcase) #ifndef NO_FORKING +#ifdef TINYTEST_POSTFORK +void tinytest_postfork(void); +#else +static void tinytest_postfork(void) { } +#endif + static enum outcome testcase_run_forked_(const struct testgroup_t *group, const struct testcase_t *testcase) @@ -187,6 +194,7 @@ testcase_run_forked_(const struct testgroup_t *group, int test_r, write_r; char b[1]; close(outcome_pipe[0]); + tinytest_postfork(); test_r = testcase_run_bare_(testcase); assert(0<=(int)test_r && (int)test_r<=2); b[0] = "NYS"[test_r]; diff --git a/src/lib/crypt_ops/crypto_init.c b/src/lib/crypt_ops/crypto_init.c index 7f5a63219..b651474cf 100644 --- a/src/lib/crypt_ops/crypto_init.c +++ b/src/lib/crypt_ops/crypto_init.c @@ -127,3 +127,13 @@ crypto_global_cleanup(void) return 0; } + +/** Run operations that the crypto library requires to be happy again + * after forking. */ +void +crypto_postfork(void) +{ +#ifdef ENABLE_NSS + crypto_nss_postfork(); +#endif +} diff --git a/src/lib/crypt_ops/crypto_init.h b/src/lib/crypt_ops/crypto_init.h index e450e2d89..3e32456b5 100644 --- a/src/lib/crypt_ops/crypto_init.h +++ b/src/lib/crypt_ops/crypto_init.h @@ -24,5 +24,6 @@ int crypto_global_init(int hardwareAccel, void crypto_thread_cleanup(void); int crypto_global_cleanup(void); +void crypto_postfork(void); #endif /* !defined(TOR_CRYPTO_H) */ diff --git a/src/lib/crypt_ops/crypto_nss_mgt.c b/src/lib/crypt_ops/crypto_nss_mgt.c index 84d9f027a..6bcaeabd5 100644 --- a/src/lib/crypt_ops/crypto_nss_mgt.c +++ b/src/lib/crypt_ops/crypto_nss_mgt.c @@ -93,3 +93,10 @@ crypto_nss_global_cleanup(void) { NSS_Shutdown(); } + +void +crypto_nss_postfork(void) +{ + crypto_nss_global_cleanup(); + crypto_nss_early_init(); +} diff --git a/src/lib/crypt_ops/crypto_nss_mgt.h b/src/lib/crypt_ops/crypto_nss_mgt.h index 0e899bad0..c4c94f4d8 100644 --- a/src/lib/crypt_ops/crypto_nss_mgt.h +++ b/src/lib/crypt_ops/crypto_nss_mgt.h @@ -26,6 +26,8 @@ void crypto_nss_early_init(void); int crypto_nss_late_init(void); void crypto_nss_global_cleanup(void); + +void crypto_nss_postfork(void); #endif #endif /* !defined(TOR_CRYPTO_NSS_H) */ diff --git a/src/test/testing_common.c b/src/test/testing_common.c index 32d7bf7f0..1611a54b6 100644 --- a/src/test/testing_common.c +++ b/src/test/testing_common.c @@ -223,6 +223,13 @@ an_assertion_failed(void) tinytest_set_test_failed_(); } +void tinytest_postfork(void); +void +tinytest_postfork(void) +{ + crypto_postfork(); +} + /** Main entry point for unit test code: parse the command line, and run * some unit tests. */ int

1 0

[tor/master] Make nss get initialized before we fuzz anything.
by nickm＠torproject.org 05 Sep '18

05 Sep '18

commit 27dd2b1f1ff612977ec50c9e15dbe14607b0551b Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Jul 11 16:15:42 2018 -0400 Make nss get initialized before we fuzz anything. --- src/test/fuzz/fuzzing_common.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/test/fuzz/fuzzing_common.c b/src/test/fuzz/fuzzing_common.c index 1222162bf..1401e4c28 100644 --- a/src/test/fuzz/fuzzing_common.c +++ b/src/test/fuzz/fuzzing_common.c @@ -7,8 +7,8 @@ #include "app/config/config.h" #include "test/fuzz/fuzzing.h" #include "lib/compress/compress.h" -#include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_ed25519.h" +#include "lib/crypt_ops/crypto_init.h" static or_options_t *mock_options = NULL; static const or_options_t * @@ -96,15 +96,20 @@ global_init(void) { tor_threads_init(); tor_compress_init(); - { - struct sipkey sipkey = { 1337, 7331 }; - siphash_set_global_key(&sipkey); - } /* Initialise logging first */ init_logging(1); configure_backtrace_handler(get_version()); + if (crypto_global_init(0, NULL, NULL) < 0) + abort(); + + { + struct sipkey sipkey = { 1337, 7331 }; + siphash_unset_global_key(); + siphash_set_global_key(&sipkey); + } + /* set up the options. */ mock_options = tor_malloc_zero(sizeof(or_options_t)); MOCK(get_options, mock_get_options);

1 0

[tor/master] Rename crypto.c to crypto_cipher.c (since that's all it still has.)
by nickm＠torproject.org 05 Sep '18

05 Sep '18

commit f45107e7de7ff15c630dedcdd1f9bc524423838f Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Jul 11 14:08:22 2018 -0400 Rename crypto.c to crypto_cipher.c (since that's all it still has.) --- src/core/crypto/onion_ntor.c | 2 +- src/core/crypto/relay_crypto.c | 2 +- src/core/or/or.h | 3 ++- src/feature/nodelist/parsecommon.c | 2 +- src/feature/rend/rendmid.c | 2 +- src/lib/crypt_ops/{crypto.c => crypto_cipher.c} | 8 +++----- src/lib/crypt_ops/{crypto.h => crypto_cipher.h} | 13 ++++--------- src/lib/crypt_ops/crypto_pwbox.c | 2 +- src/lib/crypt_ops/crypto_rsa.c | 2 +- src/lib/crypt_ops/crypto_rsa.h | 4 ++++ src/lib/crypt_ops/crypto_s2k.c | 2 +- src/lib/crypt_ops/include.am | 4 ++-- src/lib/tls/tortls.c | 2 +- src/test/fuzz/fuzzing_common.c | 2 +- src/test/test_hs_client.c | 2 +- src/test/test_hs_ntor_cl.c | 2 +- src/test/test_introduce.c | 2 +- src/test/test_ntor_cl.c | 2 +- src/test/test_relaycell.c | 2 +- src/test/test_routerkeys.c | 2 +- src/test/test_util_slow.c | 2 +- src/tools/tor-gencert.c | 2 +- 22 files changed, 32 insertions(+), 34 deletions(-) diff --git a/src/core/crypto/onion_ntor.c b/src/core/crypto/onion_ntor.c index ea7261cb5..3614e0c9b 100644 --- a/src/core/crypto/onion_ntor.c +++ b/src/core/crypto/onion_ntor.c @@ -22,7 +22,7 @@ #define ONION_NTOR_PRIVATE -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_digest.h" #include "lib/crypt_ops/crypto_hkdf.h" #include "lib/crypt_ops/crypto_util.h" diff --git a/src/core/crypto/relay_crypto.c b/src/core/crypto/relay_crypto.c index b2388d2c4..311160a66 100644 --- a/src/core/crypto/relay_crypto.c +++ b/src/core/crypto/relay_crypto.c @@ -7,7 +7,7 @@ #include "core/or/or.h" #include "core/or/circuitlist.h" #include "app/config/config.h" -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_util.h" #include "core/crypto/hs_ntor.h" // for HS_NTOR_KEY_EXPANSION_KDF_OUT_LEN #include "core/or/relay.h" diff --git a/src/core/or/or.h b/src/core/or/or.h index 9aca030c7..13376366a 100644 --- a/src/core/or/or.h +++ b/src/core/or/or.h @@ -27,7 +27,8 @@ #include "lib/cc/torint.h" #include "lib/container/map.h" #include "lib/container/smartlist.h" -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" +#include "lib/crypt_ops/crypto_rsa.h" #include "lib/ctime/di_ops.h" #include "lib/defs/dh_sizes.h" #include "lib/encoding/binascii.h" diff --git a/src/feature/nodelist/parsecommon.c b/src/feature/nodelist/parsecommon.c index 3aaf8ac50..e05657aca 100644 --- a/src/feature/nodelist/parsecommon.c +++ b/src/feature/nodelist/parsecommon.c @@ -14,7 +14,7 @@ #include "lib/string/util_string.h" #include "lib/string/printf.h" #include "lib/memarea/memarea.h" -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_rsa.h" #include <string.h> diff --git a/src/feature/rend/rendmid.c b/src/feature/rend/rendmid.c index 22cd6c343..f433e7ce5 100644 --- a/src/feature/rend/rendmid.c +++ b/src/feature/rend/rendmid.c @@ -12,7 +12,7 @@ #include "core/or/circuitlist.h" #include "core/or/circuituse.h" #include "app/config/config.h" -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "core/or/dos.h" #include "core/or/relay.h" #include "feature/rend/rendmid.h" diff --git a/src/lib/crypt_ops/crypto.c b/src/lib/crypt_ops/crypto_cipher.c similarity index 96% rename from src/lib/crypt_ops/crypto.c rename to src/lib/crypt_ops/crypto_cipher.c index 52ffec4ca..6b762e374 100644 --- a/src/lib/crypt_ops/crypto.c +++ b/src/lib/crypt_ops/crypto_cipher.c @@ -5,15 +5,13 @@ /* See LICENSE for licensing information */ /** - * \file crypto.c - * \brief Wrapper functions to present a consistent interface to - * public-key and symmetric cryptography operations from OpenSSL and - * other places. + * \file crypto_cipher.c + * \brief Symmetric cryptography (low-level) with AES. **/ #include "orconfig.h" -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_rand.h" #include "lib/crypt_ops/crypto_util.h" diff --git a/src/lib/crypt_ops/crypto.h b/src/lib/crypt_ops/crypto_cipher.h similarity index 88% rename from src/lib/crypt_ops/crypto.h rename to src/lib/crypt_ops/crypto_cipher.h index 993a65fb0..f9444d03f 100644 --- a/src/lib/crypt_ops/crypto.h +++ b/src/lib/crypt_ops/crypto_cipher.h @@ -5,19 +5,18 @@ /* See LICENSE for licensing information */ /** - * \file crypto.h + * \file crypto_cipher.h * - * \brief Headers for crypto.c + * \brief Headers for crypto_cipher.c **/ -#ifndef TOR_CRYPTO_H -#define TOR_CRYPTO_H +#ifndef TOR_CRYPTO_CIPHER_H +#define TOR_CRYPTO_CIPHER_H #include "orconfig.h" #include <stdio.h> #include "lib/cc/torint.h" -#include "lib/crypt_ops/crypto_rsa.h" /** Length of our symmetric cipher's keys of 128-bit. */ #define CIPHER_KEY_LEN 16 @@ -26,10 +25,6 @@ /** Length of our symmetric cipher's keys of 256-bit. */ #define CIPHER256_KEY_LEN 32 -/** Length of encoded public key fingerprints, including space; but not - * including terminating NUL. */ -#define FINGERPRINT_LEN 49 - typedef struct aes_cnt_cipher crypto_cipher_t; /* environment setup */ diff --git a/src/lib/crypt_ops/crypto_pwbox.c b/src/lib/crypt_ops/crypto_pwbox.c index c001e295d..2377f216a 100644 --- a/src/lib/crypt_ops/crypto_pwbox.c +++ b/src/lib/crypt_ops/crypto_pwbox.c @@ -11,7 +11,7 @@ #include <string.h> #include "lib/arch/bytes.h" -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_digest.h" #include "lib/crypt_ops/crypto_pwbox.h" #include "lib/crypt_ops/crypto_rand.h" diff --git a/src/lib/crypt_ops/crypto_rsa.c b/src/lib/crypt_ops/crypto_rsa.c index d8a9be7ec..ffe2bd2ce 100644 --- a/src/lib/crypt_ops/crypto_rsa.c +++ b/src/lib/crypt_ops/crypto_rsa.c @@ -9,7 +9,7 @@ * \brief Block of functions related with RSA utilities and operations. **/ -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_curve25519.h" #include "lib/crypt_ops/crypto_digest.h" #include "lib/crypt_ops/crypto_format.h" diff --git a/src/lib/crypt_ops/crypto_rsa.h b/src/lib/crypt_ops/crypto_rsa.h index c70e01c3f..45412d21e 100644 --- a/src/lib/crypt_ops/crypto_rsa.h +++ b/src/lib/crypt_ops/crypto_rsa.h @@ -29,6 +29,10 @@ /** Number of bytes added for PKCS1-OAEP padding. */ #define PKCS1_OAEP_PADDING_OVERHEAD 42 +/** Length of encoded public key fingerprints, including space; but not + * including terminating NUL. */ +#define FINGERPRINT_LEN 49 + /** A public key, or a public/private key-pair. */ typedef struct crypto_pk_t crypto_pk_t; diff --git a/src/lib/crypt_ops/crypto_s2k.c b/src/lib/crypt_ops/crypto_s2k.c index ab91d92f0..0e151f0a6 100644 --- a/src/lib/crypt_ops/crypto_s2k.c +++ b/src/lib/crypt_ops/crypto_s2k.c @@ -12,7 +12,7 @@ #define CRYPTO_S2K_PRIVATE -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_digest.h" #include "lib/crypt_ops/crypto_hkdf.h" #include "lib/crypt_ops/crypto_rand.h" diff --git a/src/lib/crypt_ops/include.am b/src/lib/crypt_ops/include.am index 6bb7c929a..1caa3fdbc 100644 --- a/src/lib/crypt_ops/include.am +++ b/src/lib/crypt_ops/include.am @@ -7,7 +7,7 @@ endif src_lib_libtor_crypt_ops_a_SOURCES = \ src/lib/crypt_ops/aes.c \ - src/lib/crypt_ops/crypto.c \ + src/lib/crypt_ops/crypto_cipher.c \ src/lib/crypt_ops/crypto_curve25519.c \ src/lib/crypt_ops/crypto_dh.c \ src/lib/crypt_ops/crypto_digest.c \ @@ -39,7 +39,7 @@ noinst_HEADERS += \ src/lib/crypt_ops/crypto_digest.h \ src/lib/crypt_ops/crypto_ed25519.h \ src/lib/crypt_ops/crypto_format.h \ - src/lib/crypt_ops/crypto.h \ + src/lib/crypt_ops/crypto_cipher.h \ src/lib/crypt_ops/crypto_hkdf.h \ src/lib/crypt_ops/crypto_init.h \ src/lib/crypt_ops/crypto_openssl_mgt.h \ diff --git a/src/lib/tls/tortls.c b/src/lib/tls/tortls.c index 073cae02b..8d284dde1 100644 --- a/src/lib/tls/tortls.c +++ b/src/lib/tls/tortls.c @@ -24,7 +24,7 @@ #include <ws2tcpip.h> #endif -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_rand.h" #include "lib/crypt_ops/crypto_dh.h" #include "lib/crypt_ops/crypto_util.h" diff --git a/src/test/fuzz/fuzzing_common.c b/src/test/fuzz/fuzzing_common.c index 0b3483bf6..1222162bf 100644 --- a/src/test/fuzz/fuzzing_common.c +++ b/src/test/fuzz/fuzzing_common.c @@ -7,7 +7,7 @@ #include "app/config/config.h" #include "test/fuzz/fuzzing.h" #include "lib/compress/compress.h" -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_ed25519.h" static or_options_t *mock_options = NULL; diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index 57da03ca2..7fcc1db19 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -21,7 +21,7 @@ #include "test/hs_test_helpers.h" #include "app/config/config.h" -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_dh.h" #include "core/or/channeltls.h" #include "feature/dircache/directory.h" diff --git a/src/test/test_hs_ntor_cl.c b/src/test/test_hs_ntor_cl.c index 03e34968b..c20774179 100644 --- a/src/test/test_hs_ntor_cl.c +++ b/src/test/test_hs_ntor_cl.c @@ -14,7 +14,7 @@ #define ONION_NTOR_PRIVATE #include "core/or/or.h" -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_curve25519.h" #include "lib/crypt_ops/crypto_ed25519.h" #include "lib/crypt_ops/crypto_format.h" diff --git a/src/test/test_introduce.c b/src/test/test_introduce.c index cdfb70bdf..4d2d90994 100644 --- a/src/test/test_introduce.c +++ b/src/test/test_introduce.c @@ -2,7 +2,7 @@ /* See LICENSE for licensing information */ #include "orconfig.h" -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "core/or/or.h" #include "test/test.h" diff --git a/src/test/test_ntor_cl.c b/src/test/test_ntor_cl.c index 744b42c9d..b8d3a8b42 100644 --- a/src/test/test_ntor_cl.c +++ b/src/test/test_ntor_cl.c @@ -7,7 +7,7 @@ #define ONION_NTOR_PRIVATE #include "core/or/or.h" -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_curve25519.h" #include "core/crypto/onion_ntor.h" diff --git a/src/test/test_relaycell.c b/src/test/test_relaycell.c index eb30cab0e..a6c152f73 100644 --- a/src/test/test_relaycell.c +++ b/src/test/test_relaycell.c @@ -9,7 +9,7 @@ #include "core/mainloop/main.h" #include "app/config/config.h" #include "core/mainloop/connection.h" -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "core/or/circuitbuild.h" #include "core/or/circuitlist.h" #include "core/or/connection_edge.h" diff --git a/src/test/test_routerkeys.c b/src/test/test_routerkeys.c index 1a1bf63ba..82a80130e 100644 --- a/src/test/test_routerkeys.c +++ b/src/test/test_routerkeys.c @@ -9,7 +9,7 @@ #include "app/config/config.h" #include "feature/relay/router.h" #include "feature/relay/routerkeys.h" -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_format.h" #include "feature/nodelist/torcert.h" #include "test/test.h" diff --git a/src/test/test_util_slow.c b/src/test/test_util_slow.c index c5b24487b..c7b3e3e2a 100644 --- a/src/test/test_util_slow.c +++ b/src/test/test_util_slow.c @@ -6,7 +6,7 @@ #include "orconfig.h" #define UTIL_PRIVATE #define SUBPROCESS_PRIVATE -#include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_cipher.h" #include "lib/log/log.h" #include "lib/process/subprocess.h" #include "lib/process/waitpid.h" diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c index 7e54483b2..63e24d922 100644 --- a/src/tools/tor-gencert.c +++ b/src/tools/tor-gencert.c @@ -33,9 +33,9 @@ ENABLE_GCC_WARNING(redundant-decls) #include <errno.h> -#include "lib/crypt_ops/crypto.h" #include "lib/crypt_ops/crypto_digest.h" #include "lib/crypt_ops/crypto_rand.h" +#include "lib/crypt_ops/crypto_rsa.h" #include "lib/crypt_ops/crypto_util.h" #include "lib/encoding/binascii.h" #include "lib/encoding/time_fmt.h"

1 0

[tor/master] Make sure NSS is initialized before running benchmarks
by nickm＠torproject.org 05 Sep '18

05 Sep '18

commit be8d497b656b674e33726f49d9829cc03fccea09 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Jul 13 13:43:23 2018 -0400 Make sure NSS is initialized before running benchmarks --- src/test/bench.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/test/bench.c b/src/test/bench.c index 50af9e0d6..2b90ccf73 100644 --- a/src/test/bench.c +++ b/src/test/bench.c @@ -681,9 +681,9 @@ main(int argc, const char **argv) tor_threads_init(); tor_compress_init(); + init_logging(1); if (argc == 4 && !strcmp(argv[1], "diff")) { - init_logging(1); const int N = 200; char *f1 = read_file_to_str(argv[2], RFTS_BIN, NULL); char *f2 = read_file_to_str(argv[3], RFTS_BIN, NULL); @@ -719,13 +719,12 @@ main(int argc, const char **argv) reset_perftime(); - if (crypto_seed_rng() < 0) { + if (crypto_global_init(0, NULL, NULL) < 0) { printf("Couldn't seed RNG; exiting.\n"); return 1; } init_protocol_warning_severity_level(); - crypto_init_siphash_key(); options = options_new(); init_logging(1); options->command = CMD_RUN_UNITTESTS;

1 0

[tor/master] Use NSS for AES_CTR.
by nickm＠torproject.org 05 Sep '18

05 Sep '18

commit 76e10ee6b9fbd5a0372f6d04e432c78aa560e9f9 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Jul 16 09:49:05 2018 -0400 Use NSS for AES_CTR. --- src/lib/crypt_ops/aes_nss.c | 106 +++++++++++++++++++++++++++++ src/lib/crypt_ops/{aes.c => aes_openssl.c} | 4 +- src/lib/crypt_ops/include.am | 6 +- 3 files changed, 113 insertions(+), 3 deletions(-) diff --git a/src/lib/crypt_ops/aes_nss.c b/src/lib/crypt_ops/aes_nss.c new file mode 100644 index 000000000..272edc559 --- /dev/null +++ b/src/lib/crypt_ops/aes_nss.c @@ -0,0 +1,106 @@ +/* Copyright (c) 2001, Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2018, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file aes_nss.c + * \brief Use NSS to implement AES_CTR. + **/ + +#include "orconfig.h" +#include "lib/crypt_ops/aes.h" +#include "lib/crypt_ops/crypto_nss_mgt.h" +#include "lib/crypt_ops/crypto_util.h" +#include "lib/log/util_bug.h" + +DISABLE_GCC_WARNING(strict-prototypes) +#include <pk11pub.h> +#include <secerr.h> +ENABLE_GCC_WARNING(strict-prototypes) + +aes_cnt_cipher_t * +aes_new_cipher(const uint8_t *key, const uint8_t *iv, + int key_bits) +{ + const CK_MECHANISM_TYPE ckm = CKM_AES_CTR; + SECItem keyItem = { .type = siBuffer, + .data = (unsigned char *)key, + .len = (key_bits / 8) }; + CK_AES_CTR_PARAMS params; + params.ulCounterBits = 128; + memcpy(params.cb, iv, 16); + SECItem ivItem = { .type = siBuffer, + .data = (unsigned char *)&params, + .len = sizeof(params) }; + PK11SlotInfo *slot = NULL; + PK11SymKey *keyObj = NULL; + SECItem *ivObj = NULL; + PK11Context *result = NULL; + + slot = PK11_GetBestSlot(ckm, NULL); + if (!slot) + goto err; + + keyObj = PK11_ImportSymKey(slot, ckm, PK11_OriginUnwrap, + CKA_ENCRYPT, &keyItem, NULL); + if (!keyObj) + goto err; + + ivObj = PK11_ParamFromIV(ckm, &ivItem); + if (!ivObj) + goto err; + + PORT_SetError(SEC_ERROR_IO); + result = PK11_CreateContextBySymKey(ckm, CKA_ENCRYPT, keyObj, ivObj); + + err: + memwipe(&params, 0, sizeof(params)); + if (ivObj) + SECITEM_FreeItem(ivObj, PR_TRUE); + if (keyObj) + PK11_FreeSymKey(keyObj); + if (slot) + PK11_FreeSlot(slot); + + tor_assert(result); + return (aes_cnt_cipher_t *)result; +} + +void +aes_cipher_free_(aes_cnt_cipher_t *cipher) +{ + if (!cipher) + return; + PK11_DestroyContext((PK11Context*) cipher, PR_TRUE); +} + +void +aes_crypt_inplace(aes_cnt_cipher_t *cipher, char *data_, size_t len_) +{ + tor_assert(len_ <= INT_MAX); + + SECStatus s; + PK11Context *ctx = (PK11Context*)cipher; + unsigned char *data = (unsigned char *)data_; + int len = (int) len_; + int result_len = 0; + + s = PK11_CipherOp(ctx, data, &result_len, len, data, len); + tor_assert(s == SECSuccess); + tor_assert(result_len == len); +} + +int +evaluate_evp_for_aes(int force_value) +{ + (void)force_value; + return 0; +} + +int +evaluate_ctr_for_aes(void) +{ + return 0; +} diff --git a/src/lib/crypt_ops/aes.c b/src/lib/crypt_ops/aes_openssl.c similarity index 99% rename from src/lib/crypt_ops/aes.c rename to src/lib/crypt_ops/aes_openssl.c index ff9d4d855..387f5d3df 100644 --- a/src/lib/crypt_ops/aes.c +++ b/src/lib/crypt_ops/aes_openssl.c @@ -5,8 +5,8 @@ /* See LICENSE for licensing information */ /** - * \file aes.c - * \brief Implements a counter-mode stream cipher on top of AES. + * \file aes_openssl.c + * \brief Use OpenSSL to implement AES_CTR. **/ #include "orconfig.h" diff --git a/src/lib/crypt_ops/include.am b/src/lib/crypt_ops/include.am index e96d6b0a5..3ebb0b0f6 100644 --- a/src/lib/crypt_ops/include.am +++ b/src/lib/crypt_ops/include.am @@ -6,7 +6,6 @@ noinst_LIBRARIES += src/lib/libtor-crypt-ops-testing.a endif src_lib_libtor_crypt_ops_a_SOURCES = \ - src/lib/crypt_ops/aes.c \ src/lib/crypt_ops/crypto_cipher.c \ src/lib/crypt_ops/crypto_curve25519.c \ src/lib/crypt_ops/crypto_dh.c \ @@ -24,8 +23,13 @@ src_lib_libtor_crypt_ops_a_SOURCES = \ if USE_NSS src_lib_libtor_crypt_ops_a_SOURCES += \ + src/lib/crypt_ops/aes_nss.c \ src/lib/crypt_ops/crypto_nss_mgt.c +else +src_lib_libtor_crypt_ops_a_SOURCES += \ + src/lib/crypt_ops/aes_openssl.c endif + if USE_OPENSSL src_lib_libtor_crypt_ops_a_SOURCES += \ src/lib/crypt_ops/crypto_openssl_mgt.c

1 0

[tor/master] Use NSS's digest code in Tor.
by nickm＠torproject.org 05 Sep '18

05 Sep '18

commit f64c9dccde9ac8261c9f80ed063acc7988d6836c Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Jul 11 16:54:05 2018 -0400 Use NSS's digest code in Tor. This was a fairly straightforward port, once I realized which layer I should be calling into. --- src/lib/crypt_ops/crypto_digest.c | 258 ++++++++++++++++++++++++++++++++++++-- src/lib/crypt_ops/crypto_digest.h | 3 + src/test/test_hs_ntor_cl.c | 5 + src/test/test_ntor_cl.c | 6 +- 4 files changed, 262 insertions(+), 10 deletions(-) diff --git a/src/lib/crypt_ops/crypto_digest.c b/src/lib/crypt_ops/crypto_digest.c index ee5c362e3..2bc5f0834 100644 --- a/src/lib/crypt_ops/crypto_digest.c +++ b/src/lib/crypt_ops/crypto_digest.c @@ -12,7 +12,6 @@ #include "lib/container/smartlist.h" #include "lib/crypt_ops/crypto_digest.h" -#include "lib/crypt_ops/crypto_openssl_mgt.h" #include "lib/crypt_ops/crypto_util.h" #include "lib/log/log.h" #include "lib/log/util_bug.h" @@ -24,12 +23,92 @@ #include "lib/arch/bytes.h" +#ifdef ENABLE_NSS +DISABLE_GCC_WARNING(strict-prototypes) +#include <pk11pub.h> +ENABLE_GCC_WARNING(strict-prototypes) +#else + +#include "lib/crypt_ops/crypto_openssl_mgt.h" + DISABLE_GCC_WARNING(redundant-decls) #include <openssl/hmac.h> #include <openssl/sha.h> ENABLE_GCC_WARNING(redundant-decls) +#endif + +#ifdef ENABLE_NSS +/** + * Convert a digest_algorithm_t (used by tor) to a HashType (used by NSS). + * On failure, return SEC_OID_UNKNOWN. */ +static SECOidTag +digest_alg_to_nss_oid(digest_algorithm_t alg) +{ + switch (alg) { + case DIGEST_SHA1: return SEC_OID_SHA1; + case DIGEST_SHA256: return SEC_OID_SHA256; + case DIGEST_SHA512: return SEC_OID_SHA512; + case DIGEST_SHA3_256: /* Fall through */ + case DIGEST_SHA3_512: /* Fall through */ + default: + return SEC_OID_UNKNOWN; + } +} + +/* Helper: get an unkeyed digest via pk11wrap */ +static int +digest_nss_internal(SECOidTag alg, + char *digest, unsigned len_out, + const char *msg, size_t msg_len) +{ + if (alg == SEC_OID_UNKNOWN) + return -1; + tor_assert(msg_len <= UINT_MAX); + + int rv = -1; + SECStatus s; + PK11Context *ctx = PK11_CreateDigestContext(alg); + if (!ctx) + return -1; + + s = PK11_DigestBegin(ctx); + if (s != SECSuccess) + goto done; + + s = PK11_DigestOp(ctx, (const unsigned char *)msg, (unsigned int)msg_len); + if (s != SECSuccess) + goto done; + + unsigned int len = 0; + s = PK11_DigestFinal(ctx, (unsigned char *)digest, &len, len_out); + if (s != SECSuccess) + goto done; + + rv = 0; + done: + PK11_DestroyContext(ctx, PR_TRUE); + return rv; +} + +/** True iff alg is implemented in our crypto library, and we want to use that + * implementation */ +static bool +library_supports_digest(digest_algorithm_t alg) +{ + switch (alg) { + case DIGEST_SHA1: /* Fall through */ + case DIGEST_SHA256: /* Fall through */ + case DIGEST_SHA512: /* Fall through */ + return true; + case DIGEST_SHA3_256: /* Fall through */ + case DIGEST_SHA3_512: /* Fall through */ + default: + return false; + } +} +#endif /* Crypto digest functions */ @@ -42,8 +121,13 @@ crypto_digest(char *digest, const char *m, size_t len) { tor_assert(m); tor_assert(digest); - if (SHA1((const unsigned char*)m,len,(unsigned char*)digest) == NULL) +#ifdef ENABLE_NSS + return digest_nss_internal(SEC_OID_SHA1, digest, DIGEST_LEN, m, len); +#else + if (SHA1((const unsigned char*)m,len,(unsigned char*)digest) == NULL) { return -1; + } +#endif return 0; } @@ -59,11 +143,16 @@ crypto_digest256(char *digest, const char *m, size_t len, tor_assert(algorithm == DIGEST_SHA256 || algorithm == DIGEST_SHA3_256); int ret = 0; - if (algorithm == DIGEST_SHA256) + if (algorithm == DIGEST_SHA256) { +#ifdef ENABLE_NSS + return digest_nss_internal(SEC_OID_SHA256, digest, DIGEST256_LEN, m, len); +#else ret = (SHA256((const uint8_t*)m,len,(uint8_t*)digest) != NULL); - else +#endif + } else { ret = (sha3_256((uint8_t *)digest, DIGEST256_LEN,(const uint8_t *)m, len) > -1); + } if (!ret) return -1; @@ -82,12 +171,17 @@ crypto_digest512(char *digest, const char *m, size_t len, tor_assert(algorithm == DIGEST_SHA512 || algorithm == DIGEST_SHA3_512); int ret = 0; - if (algorithm == DIGEST_SHA512) + if (algorithm == DIGEST_SHA512) { +#ifdef ENABLE_NSS + return digest_nss_internal(SEC_OID_SHA512, digest, DIGEST512_LEN, m, len); +#else ret = (SHA512((const unsigned char*)m,len,(unsigned char*)digest) != NULL); - else +#endif + } else { ret = (sha3_512((uint8_t*)digest, DIGEST512_LEN, (const uint8_t*)m, len) > -1); + } if (!ret) return -1; @@ -181,9 +275,13 @@ struct crypto_digest_t { * that space for other members might not even be allocated! */ union { +#ifdef ENABLE_NSS + PK11Context *ctx; +#else SHA_CTX sha1; /**< state for SHA1 */ SHA256_CTX sha2; /**< state for SHA256 */ SHA512_CTX sha512; /**< state for SHA512 */ +#endif keccak_state sha3; /**< state for SHA3-[256,512] */ } d; }; @@ -214,12 +312,19 @@ crypto_digest_alloc_bytes(digest_algorithm_t alg) #define END_OF_FIELD(f) (offsetof(crypto_digest_t, f) + \ STRUCT_FIELD_SIZE(crypto_digest_t, f)) switch (alg) { +#ifdef ENABLE_NSS + case DIGEST_SHA1: /* Fall through */ + case DIGEST_SHA256: /* Fall through */ + case DIGEST_SHA512: + return END_OF_FIELD(d.ctx); +#else case DIGEST_SHA1: return END_OF_FIELD(d.sha1); case DIGEST_SHA256: return END_OF_FIELD(d.sha2); case DIGEST_SHA512: return END_OF_FIELD(d.sha512); +#endif case DIGEST_SHA3_256: case DIGEST_SHA3_512: return END_OF_FIELD(d.sha3); @@ -243,6 +348,21 @@ crypto_digest_new_internal(digest_algorithm_t algorithm) switch (algorithm) { +#ifdef ENABLE_NSS + case DIGEST_SHA1: /* fall through */ + case DIGEST_SHA256: /* fall through */ + case DIGEST_SHA512: + r->d.ctx = PK11_CreateDigestContext(digest_alg_to_nss_oid(algorithm)); + if (BUG(!r->d.ctx)) { + tor_free(r); + return NULL; + } + if (BUG(SECSuccess != PK11_DigestBegin(r->d.ctx))) { + crypto_digest_free(r); + return NULL; + } + break; +#else case DIGEST_SHA1: SHA1_Init(&r->d.sha1); break; @@ -252,6 +372,7 @@ crypto_digest_new_internal(digest_algorithm_t algorithm) case DIGEST_SHA512: SHA512_Init(&r->d.sha512); break; +#endif case DIGEST_SHA3_256: keccak_digest_init(&r->d.sha3, 256); break; @@ -302,6 +423,11 @@ crypto_digest_free_(crypto_digest_t *digest) { if (!digest) return; +#ifdef ENABLE_NSS + if (library_supports_digest(digest->algorithm)) { + PK11_DestroyContext(digest->d.ctx, PR_TRUE); + } +#endif size_t bytes = crypto_digest_alloc_bytes(digest->algorithm); memwipe(digest, 0, bytes); tor_free(digest); @@ -324,6 +450,17 @@ crypto_digest_add_bytes(crypto_digest_t *digest, const char *data, * just doing it ourselves. Hashes are fast. */ switch (digest->algorithm) { +#ifdef ENABLE_NSS + case DIGEST_SHA1: /* fall through */ + case DIGEST_SHA256: /* fall through */ + case DIGEST_SHA512: + tor_assert(len <= UINT_MAX); + SECStatus s = PK11_DigestOp(digest->d.ctx, + (const unsigned char *)data, + (unsigned int)len); + tor_assert(s == SECSuccess); + break; +#else case DIGEST_SHA1: SHA1_Update(&digest->d.sha1, (void*)data, len); break; @@ -333,6 +470,7 @@ crypto_digest_add_bytes(crypto_digest_t *digest, const char *data, case DIGEST_SHA512: SHA512_Update(&digest->d.sha512, (void*)data, len); break; +#endif case DIGEST_SHA3_256: /* FALLSTHROUGH */ case DIGEST_SHA3_512: keccak_digest_update(&digest->d.sha3, (const uint8_t *)data, len); @@ -357,7 +495,6 @@ crypto_digest_get_digest(crypto_digest_t *digest, char *out, size_t out_len) { unsigned char r[DIGEST512_LEN]; - crypto_digest_t tmpenv; tor_assert(digest); tor_assert(out); tor_assert(out_len <= crypto_digest_algorithm_get_length(digest->algorithm)); @@ -370,7 +507,26 @@ crypto_digest_get_digest(crypto_digest_t *digest, return; } +#ifdef ENABLE_NSS + /* Copy into a temporary buffer since DigestFinal (alters) the context */ + unsigned char buf[1024]; + unsigned int saved_len = 0; + unsigned rlen; + unsigned char *saved = PK11_SaveContextAlloc(digest->d.ctx, + buf, sizeof(buf), + &saved_len); + tor_assert(saved); + SECStatus s = PK11_DigestFinal(digest->d.ctx, r, &rlen, sizeof(r)); + tor_assert(s == SECSuccess); + tor_assert(rlen >= out_len); + s = PK11_RestoreContext(digest->d.ctx, saved, saved_len); + tor_assert(s == SECSuccess); + if (saved != buf) { + PORT_ZFree(saved, saved_len); + } +#else const size_t alloc_bytes = crypto_digest_alloc_bytes(digest->algorithm); + crypto_digest_t tmpenv; /* memcpy into a temporary ctx, since SHA*_Final clears the context */ memcpy(&tmpenv, digest, alloc_bytes); switch (digest->algorithm) { @@ -393,6 +549,7 @@ crypto_digest_get_digest(crypto_digest_t *digest, break; //LCOV_EXCL_STOP } +#endif memcpy(out, r, out_len); memwipe(r, 0, sizeof(r)); } @@ -408,7 +565,13 @@ crypto_digest_dup(const crypto_digest_t *digest) { tor_assert(digest); const size_t alloc_bytes = crypto_digest_alloc_bytes(digest->algorithm); - return tor_memdup(digest, alloc_bytes); + crypto_digest_t *result = tor_memdup(digest, alloc_bytes); +#ifdef ENABLE_NSS + if (library_supports_digest(digest->algorithm)) { + result->d.ctx = PK11_CloneContext(digest->d.ctx); + } +#endif + return result; } /** Temporarily save the state of digest in checkpoint. @@ -420,6 +583,18 @@ crypto_digest_checkpoint(crypto_digest_checkpoint_t *checkpoint, { const size_t bytes = crypto_digest_alloc_bytes(digest->algorithm); tor_assert(bytes <= sizeof(checkpoint->mem)); +#ifdef ENABLE_NSS + if (library_supports_digest(digest->algorithm)) { + unsigned char *allocated; + allocated = PK11_SaveContextAlloc(digest->d.ctx, + (unsigned char *)checkpoint->mem, + sizeof(checkpoint->mem), + &checkpoint->bytes_used); + /* No allocation is allowed here. */ + tor_assert(allocated == checkpoint->mem); + return; + } +#endif memcpy(checkpoint->mem, digest, bytes); } @@ -431,6 +606,15 @@ crypto_digest_restore(crypto_digest_t *digest, const crypto_digest_checkpoint_t *checkpoint) { const size_t bytes = crypto_digest_alloc_bytes(digest->algorithm); +#ifdef ENABLE_NSS + if (library_supports_digest(digest->algorithm)) { + SECStatus s = PK11_RestoreContext(digest->d.ctx, + (unsigned char *)checkpoint->mem, + checkpoint->bytes_used); + tor_assert(s == SECSuccess); + return; + } +#endif memcpy(digest, checkpoint->mem, bytes); } @@ -446,6 +630,13 @@ crypto_digest_assign(crypto_digest_t *into, tor_assert(from); tor_assert(into->algorithm == from->algorithm); const size_t alloc_bytes = crypto_digest_alloc_bytes(from->algorithm); +#ifdef ENABLE_NSS + if (library_supports_digest(from->algorithm)) { + PK11_DestroyContext(into->d.ctx, PR_TRUE); + into->d.ctx = PK11_CloneContext(from->d.ctx); + return; + } +#endif memcpy(into,from,alloc_bytes); } @@ -496,14 +687,63 @@ crypto_hmac_sha256(char *hmac_out, const char *key, size_t key_len, const char *msg, size_t msg_len) { - unsigned char *rv = NULL; /* If we've got OpenSSL >=0.9.8 we can use its hmac implementation. */ tor_assert(key_len < INT_MAX); tor_assert(msg_len < INT_MAX); tor_assert(hmac_out); +#ifdef ENABLE_NSS + PK11SlotInfo *slot = NULL; + PK11SymKey *symKey = NULL; + PK11Context *hmac = NULL; + + int ok = 0; + SECStatus s; + SECItem keyItem, paramItem; + keyItem.data = (unsigned char *)key; + keyItem.len = (unsigned)key_len; + paramItem.type = siBuffer; + paramItem.data = NULL; + paramItem.len = 0; + + slot = PK11_GetBestSlot(CKM_SHA256_HMAC, NULL); + if (!slot) + goto done; + symKey = PK11_ImportSymKey(slot, CKM_SHA256_HMAC, + PK11_OriginUnwrap, CKA_SIGN, &keyItem, NULL); + if (!symKey) + goto done; + + hmac = PK11_CreateContextBySymKey(CKM_SHA256_HMAC, CKA_SIGN, symKey, + &paramItem); + if (!hmac) + goto done; + s = PK11_DigestBegin(hmac); + if (s != SECSuccess) + goto done; + s = PK11_DigestOp(hmac, (const unsigned char *)msg, (unsigned int)msg_len); + if (s != SECSuccess) + goto done; + unsigned int len=0; + s = PK11_DigestFinal(hmac, (unsigned char *)hmac_out, &len, DIGEST256_LEN); + if (s != SECSuccess || len != DIGEST256_LEN) + goto done; + ok = 1; + + done: + if (hmac) + PK11_DestroyContext(hmac, PR_TRUE); + if (symKey) + PK11_FreeSymKey(symKey); + if (slot) + PK11_FreeSlot(slot); + + tor_assert(ok); +#else + unsigned char *rv = NULL; rv = HMAC(EVP_sha256(), key, (int)key_len, (unsigned char*)msg, (int)msg_len, (unsigned char*)hmac_out, NULL); tor_assert(rv); +#endif } /** Compute a MAC using SHA3-256 of msg_len bytes in msg using a diff --git a/src/lib/crypt_ops/crypto_digest.h b/src/lib/crypt_ops/crypto_digest.h index 9facf3b98..59713d2b9 100644 --- a/src/lib/crypt_ops/crypto_digest.h +++ b/src/lib/crypt_ops/crypto_digest.h @@ -51,6 +51,9 @@ typedef enum { /** Structure used to temporarily save the a digest object. Only implemented * for SHA1 digest for now. */ typedef struct crypto_digest_checkpoint_t { +#ifdef ENABLE_NSS + unsigned int bytes_used; +#endif uint8_t mem[DIGEST_CHECKPOINT_BYTES]; } crypto_digest_checkpoint_t; diff --git a/src/test/test_hs_ntor_cl.c b/src/test/test_hs_ntor_cl.c index c20774179..a4915c4f8 100644 --- a/src/test/test_hs_ntor_cl.c +++ b/src/test/test_hs_ntor_cl.c @@ -18,6 +18,7 @@ #include "lib/crypt_ops/crypto_curve25519.h" #include "lib/crypt_ops/crypto_ed25519.h" #include "lib/crypt_ops/crypto_format.h" +#include "lib/crypt_ops/crypto_init.h" #include "core/crypto/hs_ntor.h" #include "core/crypto/onion_ntor.h" @@ -240,7 +241,11 @@ main(int argc, char **argv) return 1; } + init_logging(1); curve25519_init(); + if (crypto_global_init(0, NULL, NULL) < 0) + return 1; + if (!strcmp(argv[1], "client1")) { return client1(argc, argv); } else if (!strcmp(argv[1], "server1")) { diff --git a/src/test/test_ntor_cl.c b/src/test/test_ntor_cl.c index b8d3a8b42..3f914523a 100644 --- a/src/test/test_ntor_cl.c +++ b/src/test/test_ntor_cl.c @@ -9,6 +9,7 @@ #include "core/or/or.h" #include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_curve25519.h" +#include "lib/crypt_ops/crypto_init.h" #include "core/crypto/onion_ntor.h" #define N_ARGS(n) STMT_BEGIN { \ @@ -153,7 +154,11 @@ main(int argc, char **argv) return 1; } + init_logging(1); curve25519_init(); + if (crypto_global_init(0, NULL, NULL) < 0) + return 1; + if (!strcmp(argv[1], "client1")) { return client1(argc, argv); } else if (!strcmp(argv[1], "server1")) { @@ -165,4 +170,3 @@ main(int argc, char **argv) return 1; } } -

1 0

[tor/master] Changes files for feature26815 and 26816
by nickm＠torproject.org 05 Sep '18

05 Sep '18

commit e7a061681769beb9b643dbb703427e6faca3ef21 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Jul 16 14:07:38 2018 -0400 Changes files for feature26815 and 26816 --- changes/feature26815 | 3 +++ changes/feature26816 | 11 +++++++++++ 2 files changed, 14 insertions(+) diff --git a/changes/feature26815 b/changes/feature26815 new file mode 100644 index 000000000..10e7e478f --- /dev/null +++ b/changes/feature26815 @@ -0,0 +1,3 @@ + o Major features (experimental, library support): + - When built with --enable-nss, Tor now uses the NSS library for digests, + AES, and pseudorandom numbers. Closes ticket 26815. diff --git a/changes/feature26816 b/changes/feature26816 new file mode 100644 index 000000000..3c25597d8 --- /dev/null +++ b/changes/feature26816 @@ -0,0 +1,11 @@ + o Major features (experimental, library support): + - Tor now has _partial_ support for using the NSS cryptography library in + place of OpenSSL. When Tor is configured with --enable-nss, it will + use NSS for several (but not yet all) of its cryptography. (It still + relies on OpenSSL for the rest.) Eventually, if all goes as planned, + "--enable-nss" will produce a version of Tor that does not depend on + OpenSSL. Implements ticket 26816. + + WARNING: This feature is experimental. Don't use it for real security + yet, until the code has had much more review, and more bugs have been + shaken out.

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-commits September 2018