[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] Implement two flavors of authentication for control connect...
- To: or-cvs@freehaven.net
- Subject: [or-cvs] Implement two flavors of authentication for control connect...
- From: nickm@seul.org (Nick Mathewson)
- Date: Wed, 3 Nov 2004 14:49:06 -0500 (EST)
- Delivered-to: archiver@seul.org
- Delivered-to: or-cvs-outgoing@seul.org
- Delivered-to: or-cvs@seul.org
- Delivery-date: Wed, 03 Nov 2004 14:49:47 -0500
- Reply-to: or-dev@freehaven.net
- Sender: owner-or-cvs@freehaven.net
Update of /home/or/cvsroot/src/common
In directory moria.mit.edu:/tmp/cvs-serv16385/src/common
Modified Files:
crypto.c crypto.h
Log Message:
Implement two flavors of authentication for control connections: one for trusted FS, one for untrusted FS.
Index: crypto.c
===================================================================
RCS file: /home/or/cvsroot/src/common/crypto.c,v
retrieving revision 1.120
retrieving revision 1.121
diff -u -d -r1.120 -r1.121
--- crypto.c 2 Nov 2004 03:02:17 -0000 1.120
+++ crypto.c 3 Nov 2004 19:49:03 -0000 1.121
@@ -1575,6 +1575,47 @@
dest[i] = '\0';
}
+/** Implement RFC2440-style iterated-salted S2K conversion: convert the
+ * <b>secret_len</b>-byte <b>secret</b> into a <b>key_out_len</b> byte
+ * <b>key_out</b>. As in RFC2440, the first 8 bytes of s2k_specifier
+ * are a salt; the 9th byte describes how much iteration to do.
+ * Does not support <b>key_out_len</b> > DIGEST_LEN.
+ */
+void
+secret_to_key(char *key_out, size_t key_out_len, const char *secret,
+ size_t secret_len, const char *s2k_specifier)
+{
+ crypto_digest_env_t *d;
+ uint8_t c;
+ size_t count;
+ char *tmp;
+
+#define EXPBIAS 6
+ c = s2k_specifier[8];
+ count = ((uint32_t)16 + (c & 15)) << ((c >> 4) + EXPBIAS);
+#undef EXPBIAS
+
+ tor_assert(key_out_len <= DIGEST_LEN);
+
+ d = crypto_new_digest_env();
+ tmp = tor_malloc(8+secret_len);
+ memcpy(tmp,s2k_specifier,8);
+ memcpy(tmp+8,secret,secret_len);
+ secret_len += 8;
+ while (count) {
+ if (count >= secret_len) {
+ crypto_digest_add_bytes(d, tmp, secret_len);
+ count -= secret_len;
+ } else {
+ crypto_digest_add_bytes(d, tmp, count);
+ count = 0;
+ }
+ }
+ crypto_digest_get_digest(d, key_out, key_out_len);
+ tor_free(tmp);
+ crypto_free_digest_env(d);
+}
+
/*
Local Variables:
mode:c
Index: crypto.h
===================================================================
RCS file: /home/or/cvsroot/src/common/crypto.h,v
retrieving revision 1.56
retrieving revision 1.57
diff -u -d -r1.56 -r1.57
--- crypto.h 2 Nov 2004 02:28:42 -0000 1.56
+++ crypto.h 3 Nov 2004 19:49:03 -0000 1.57
@@ -153,6 +153,10 @@
#define BASE32_CHARS "abcdefghijklmnopqrstuvwxyz234567"
void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen);
+#define S2K_SPECIFIER_LEN 9
+void secret_to_key(char *key_out, size_t key_out_len, const char *secret,
+ size_t secret_len, const char *s2k_specifier);
+
#endif
/*