[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r10096: Remove the "RSA keys are 128-bits" assumption from crypto.c (in tor/trunk: . src/common)
- To: or-cvs@xxxxxxxxxxxxx
- Subject: [or-cvs] r10096: Remove the "RSA keys are 128-bits" assumption from crypto.c (in tor/trunk: . src/common)
- From: nickm@xxxxxxxx
- Date: Wed, 2 May 2007 17:37:53 -0400 (EDT)
- Delivered-to: archiver@seul.org
- Delivered-to: or-cvs-outgoing@seul.org
- Delivered-to: or-cvs@seul.org
- Delivery-date: Wed, 02 May 2007 17:38:03 -0400
- Reply-to: or-dev@xxxxxxxxxxxxx
- Sender: owner-or-cvs@xxxxxxxxxxxxx
Author: nickm
Date: 2007-05-02 17:37:53 -0400 (Wed, 02 May 2007)
New Revision: 10096
Modified:
tor/trunk/
tor/trunk/src/common/crypto.c
Log:
r12638@catbus: nickm | 2007-05-02 17:37:30 -0400
Remove the "RSA keys are 128-bits" assumption from crypto.c
Property changes on: tor/trunk
___________________________________________________________________
svk:merge ticket from /tor/trunk [r12638] on 8246c3cf-6607-4228-993b-4d95d33730f1
Modified: tor/trunk/src/common/crypto.c
===================================================================
--- tor/trunk/src/common/crypto.c 2007-05-02 19:39:23 UTC (rev 10095)
+++ tor/trunk/src/common/crypto.c 2007-05-02 21:37:53 UTC (rev 10096)
@@ -716,7 +716,7 @@
int datalen, const char *sig, int siglen)
{
char digest[DIGEST_LEN];
- char buf[PK_BYTES+1];
+ char *buf;
int r;
tor_assert(env);
@@ -727,15 +727,19 @@
log_warn(LD_BUG, "couldn't compute digest");
return -1;
}
+ buf = tor_malloc(crypto_pk_keysize(env)+1);
r = crypto_pk_public_checksig(env,buf,sig,siglen);
if (r != DIGEST_LEN) {
log_warn(LD_CRYPTO, "Invalid signature");
+ tor_free(buf);
return -1;
}
if (memcmp(buf, digest, DIGEST_LEN)) {
log_warn(LD_CRYPTO, "Signature mismatched with digest.");
+ tor_free(buf);
return -1;
}
+ tor_free(buf);
return 0;
}
@@ -808,7 +812,7 @@
int overhead, outlen, r, symlen;
size_t pkeylen;
crypto_cipher_env_t *cipher = NULL;
- char buf[PK_BYTES+1];
+ char *buf = NULL;
tor_assert(env);
tor_assert(from);
@@ -838,6 +842,7 @@
cipher->key[0] &= 0x7f;
if (crypto_cipher_encrypt_init_cipher(cipher)<0)
goto err;
+ buf = tor_malloc(pkeylen+1);
memcpy(buf, cipher->key, CIPHER_KEY_LEN);
memcpy(buf+CIPHER_KEY_LEN, from, pkeylen-overhead-CIPHER_KEY_LEN);
@@ -852,11 +857,13 @@
from+pkeylen-overhead-CIPHER_KEY_LEN, symlen);
if (r<0) goto err;
- memset(buf, 0, sizeof(buf));
+ memset(buf, 0, pkeylen);
+ tor_free(buf);
crypto_free_cipher_env(cipher);
return outlen + symlen;
err:
- memset(buf, 0, sizeof(buf));
+ memset(buf, 0, pkeylen);
+ tor_free(buf);
if (cipher) crypto_free_cipher_env(cipher);
return -1;
}
@@ -872,7 +879,7 @@
int outlen, r;
size_t pkeylen;
crypto_cipher_env_t *cipher = NULL;
- char buf[PK_BYTES+1];
+ char *buf = NULL;
pkeylen = crypto_pk_keysize(env);
@@ -880,32 +887,35 @@
return crypto_pk_private_decrypt(env,to,from,fromlen,padding,
warnOnFailure);
}
+ buf = tor_malloc(pkeylen+1);
outlen = crypto_pk_private_decrypt(env,buf,from,pkeylen,padding,
warnOnFailure);
if (outlen<0) {
log_fn(warnOnFailure?LOG_WARN:LOG_DEBUG, LD_CRYPTO,
"Error decrypting public-key data");
- return -1;
+ goto err;
}
if (outlen < CIPHER_KEY_LEN) {
log_fn(warnOnFailure?LOG_WARN:LOG_INFO, LD_CRYPTO,
"No room for a symmetric key");
- return -1;
+ goto err;
}
cipher = crypto_create_init_cipher(buf, 0);
if (!cipher) {
- return -1;
+ goto err;
}
memcpy(to,buf+CIPHER_KEY_LEN,outlen-CIPHER_KEY_LEN);
outlen -= CIPHER_KEY_LEN;
r = crypto_cipher_decrypt(cipher, to+outlen, from+pkeylen, fromlen-pkeylen);
if (r<0)
goto err;
- memset(buf,0,sizeof(buf));
+ memset(buf,0,pkeylen);
+ tor_free(buf);
crypto_free_cipher_env(cipher);
return outlen + (fromlen-pkeylen);
err:
- memset(buf,0,sizeof(buf));
+ memset(buf,0,pkeylen);
+ tor_free(buf);
if (cipher) crypto_free_cipher_env(cipher);
return -1;
}