[tor-commits] [tor/master] Tweaks into functions and variables in crypto_rsa.[ch]

nickm at torproject.org nickm at torproject.org
Thu Feb 1 17:10:42 UTC 2018 

commit 3812319bb16f8687c7b21c9b7bcd86b2ed62663a
Author: Fernando Fernandez Mancera <ffmancera at riseup.net>
Date:   Fri Jan 26 16:43:46 2018 +0100

    Tweaks into functions and variables in crypto_rsa.[ch]
    
    crypto_get_rsa_padding_overhead() and crypto_get_rsa_padding() are
    not static inline anymore in order to split the crypto_rsa module
    from crypto.[ch].
    
    Also included necessary modules in order to solve dependency issues.
    
    Also made two functions in crypto.c use crypto_pk_asn1_encdoe()
    instead of reaching into the crypto_pk_t struct.
---
 src/common/crypto.c     | 53 +++++++++++++++++++++++++++++------------------
 src/common/crypto_rsa.c | 55 ++++++++++++++++++++++++++++++++++++++++++++-----
 src/common/crypto_rsa.h |  8 +++++--
 3 files changed, 89 insertions(+), 27 deletions(-)

diff --git a/src/common/crypto.c b/src/common/crypto.c
index bb9820fc2..a5372b70f 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -28,6 +28,7 @@
 #include "crypto_curve25519.h"
 #include "crypto_ed25519.h"
 #include "crypto_format.h"
+#include "crypto_rsa.h"
 
 DISABLE_GCC_WARNING(redundant-decls)
 
@@ -611,18 +612,24 @@ crypto_pk_obsolete_private_hybrid_decrypt(crypto_pk_t *env,
 int
 crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
 {
-  unsigned char *buf = NULL;
+  char *buf;
+  size_t buflen;
   int len;
+  int rv = -1;
 
-  len = i2d_RSAPublicKey((RSA*)pk->key, &buf);
-  if (len < 0 || buf == NULL)
-    return -1;
-  if (crypto_digest(digest_out, (char*)buf, len) < 0) {
-    OPENSSL_free(buf);
-    return -1;
-  }
-  OPENSSL_free(buf);
-  return 0;
+  buflen = crypto_pk_keysize(pk)*2;
+  buf = tor_malloc(buflen);
+  len = crypto_pk_asn1_encode(pk, buf, buflen);
+  if (len < 0)
+    goto done;
+
+  if (crypto_digest(digest_out, buf, len) < 0)
+    goto done;
+
+  rv = 0;
+  done:
+  tor_free(buf);
+  return rv;
 }
 
 /** Compute all digests of the DER encoding of <b>pk</b>, and store them
@@ -630,18 +637,24 @@ crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
 int
 crypto_pk_get_common_digests(crypto_pk_t *pk, common_digests_t *digests_out)
 {
-  unsigned char *buf = NULL;
+  char *buf;
+  size_t buflen;
   int len;
+  int rv = -1;
 
-  len = i2d_RSAPublicKey(pk->key, &buf);
-  if (len < 0 || buf == NULL)
-    return -1;
-  if (crypto_common_digests(digests_out, (char*)buf, len) < 0) {
-    OPENSSL_free(buf);
-    return -1;
-  }
-  OPENSSL_free(buf);
-  return 0;
+  buflen = crypto_pk_keysize(pk)*2;
+  buf = tor_malloc(buflen);
+  len = crypto_pk_asn1_encode(pk, buf, buflen);
+  if (len < 0)
+    goto done;
+
+  if (crypto_common_digests(digests_out, (char*)buf, len) < 0)
+    goto done;
+
+  rv = 0;
+ done:
+  tor_free(buf);
+  return rv;
 }
 
 /** Copy <b>in</b> to the <b>outlen</b>-byte buffer <b>out</b>, adding spaces
diff --git a/src/common/crypto_rsa.c b/src/common/crypto_rsa.c
index 1308c4819..92b5978ea 100644
--- a/src/common/crypto_rsa.c
+++ b/src/common/crypto_rsa.c
@@ -10,17 +10,62 @@
  **/
 
 #include "crypto_rsa.h"
-
-/** A public key, or a public/private key-pair. */
+#include "crypto.h"
+#include "compat_openssl.h"
+#include "crypto_curve25519.h"
+#include "crypto_ed25519.h"
+#include "crypto_format.h"
+
+DISABLE_GCC_WARNING(redundant-decls)
+
+#include <openssl/err.h>
+#include <openssl/rsa.h>
+#include <openssl/pem.h>
+#include <openssl/evp.h>
+#include <openssl/engine.h>
+#include <openssl/rand.h>
+#include <openssl/bn.h>
+#include <openssl/dh.h>
+#include <openssl/conf.h>
+#include <openssl/hmac.h>
+
+ENABLE_GCC_WARNING(redundant-decls)
+
+#include "torlog.h"
+#include "util.h"
+#include "util_format.h"
+
+/** Declaration for crypto_pk_t structure. */
 struct crypto_pk_t
 {
   int refs; /**< reference count, so we don't have to copy keys */
   RSA *key; /**< The key itself */
 };
 
+/** Log all pending crypto errors at level <b>severity</b>.  Use
+ * <b>doing</b> to describe our current activities.
+ */
+static void
+crypto_log_errors(int severity, const char *doing)
+{
+  unsigned long err;
+  const char *msg, *lib, *func;
+  while ((err = ERR_get_error()) != 0) {
+    msg = (const char*)ERR_reason_error_string(err);
+    lib = (const char*)ERR_lib_error_string(err);
+    func = (const char*)ERR_func_error_string(err);
+    if (!msg) msg = "(null)";
+    if (!lib) lib = "(null)";
+    if (!func) func = "(null)";
+    if (BUG(!doing)) doing = "(null)";
+    tor_log(severity, LD_CRYPTO, "crypto error while %s: %s (in %s:%s)",
+              doing, msg, lib, func);
+  }
+}
+
 /** Return the number of bytes added by padding method <b>padding</b>.
  */
-static inline int
+int
 crypto_get_rsa_padding_overhead(int padding)
 {
   switch (padding)
@@ -32,7 +77,7 @@ crypto_get_rsa_padding_overhead(int padding)
 
 /** Given a padding method <b>padding</b>, return the correct OpenSSL constant.
  */
-static inline int
+int
 crypto_get_rsa_padding(int padding)
 {
   switch (padding)
@@ -714,7 +759,7 @@ crypto_pk_private_sign(const crypto_pk_t *env, char *to, size_t tolen,
  * Return -1 on error, or the number of characters used on success.
  */
 int
-crypto_pk_asn1_encode(crypto_pk_t *pk, char *dest, size_t dest_len)
+crypto_pk_asn1_encode(const crypto_pk_t *pk, char *dest, size_t dest_len)
 {
   int len;
   unsigned char *buf = NULL;
diff --git a/src/common/crypto_rsa.h b/src/common/crypto_rsa.h
index e38451fed..5b9025c62 100644
--- a/src/common/crypto_rsa.h
+++ b/src/common/crypto_rsa.h
@@ -20,6 +20,8 @@
 #include "testsupport.h"
 #include "compat.h"
 #include "util.h"
+#include "torlog.h"
+#include "crypto_curve25519.h"
 
 /** Length of our public keys. */
 #define PK_BYTES (1024/8)
@@ -30,12 +32,15 @@
 /** Number of bytes added for PKCS1-OAEP padding. */
 #define PKCS1_OAEP_PADDING_OVERHEAD 42
 
+/** A public key, or a public/private key-pair. */
 typedef struct crypto_pk_t crypto_pk_t;
 
 /* RSA enviroment setup */
 MOCK_DECL(crypto_pk_t *,crypto_pk_new,(void));
 void crypto_pk_free_(crypto_pk_t *env);
 #define crypto_pk_free(pk) FREE_AND_NULL(crypto_pk_t, crypto_pk_free_, (pk))
+int crypto_get_rsa_padding_overhead(int padding);
+int crypto_get_rsa_padding(int padding);
 
 /* public key crypto */
 MOCK_DECL(int, crypto_pk_generate_key_with_bits,(crypto_pk_t *env, int bits));
@@ -64,7 +69,6 @@ crypto_pk_t *crypto_pk_dup_key(crypto_pk_t *orig);
 crypto_pk_t *crypto_pk_copy_full(crypto_pk_t *orig);
 int crypto_pk_key_is_private(const crypto_pk_t *key);
 int crypto_pk_public_exponent_ok(crypto_pk_t *env);
-
 int crypto_pk_public_encrypt(crypto_pk_t *env, char *to, size_t tolen,
                              const char *from, size_t fromlen, int padding);
 int crypto_pk_private_decrypt(crypto_pk_t *env, char *to, size_t tolen,
@@ -75,7 +79,7 @@ MOCK_DECL(int, crypto_pk_public_checksig,(const crypto_pk_t *env,
                                           const char *from, size_t fromlen));
 int crypto_pk_private_sign(const crypto_pk_t *env, char *to, size_t tolen,
                            const char *from, size_t fromlen);
-int crypto_pk_asn1_encode(crypto_pk_t *pk, char *dest, size_t dest_len);
+int crypto_pk_asn1_encode(const crypto_pk_t *pk, char *dest, size_t dest_len);
 crypto_pk_t *crypto_pk_asn1_decode(const char *str, size_t len);
 int crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out,int add_space);
 int crypto_pk_get_hashed_fingerprint(crypto_pk_t *pk, char *fp_out);

More information about the tor-commits mailing list