[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] Rename functions that encode/decode private keys
commit 0f971d7c915e45556c582b8e02017927bf196f7e
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Thu Jul 19 08:56:51 2018 -0400
Rename functions that encode/decode private keys
It is not nice to expose a private key's contents without having the
function name advertise the fact. Fortunately, we weren't misusing
these yet.
---
src/feature/control/control.c | 4 ++--
src/lib/crypt_ops/crypto_rsa.h | 4 ++--
src/lib/crypt_ops/crypto_rsa_openssl.c | 4 ++--
src/test/test_controller.c | 2 +-
src/test/test_crypto.c | 8 ++++----
5 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/src/feature/control/control.c b/src/feature/control/control.c
index f22df30e1..5b62be8a6 100644
--- a/src/feature/control/control.c
+++ b/src/feature/control/control.c
@@ -4994,7 +4994,7 @@ add_onion_helper_keyarg(const char *arg, int discard_pk,
if (!strcasecmp(key_type_rsa1024, key_type)) {
/* "RSA:<Base64 Blob>" - Loading a pre-existing RSA1024 key. */
- pk = crypto_pk_base64_decode(key_blob, strlen(key_blob));
+ pk = crypto_pk_base64_decode_private(key_blob, strlen(key_blob));
if (!pk) {
err_msg = tor_strdup("512 Failed to decode RSA key\r\n");
goto err;
@@ -5029,7 +5029,7 @@ add_onion_helper_keyarg(const char *arg, int discard_pk,
goto err;
}
if (!discard_pk) {
- if (crypto_pk_base64_encode(pk, &key_new_blob)) {
+ if (crypto_pk_base64_encode_private(pk, &key_new_blob)) {
crypto_pk_free(pk);
tor_asprintf(&err_msg, "551 Failed to encode %s key\r\n",
key_type_rsa1024);
diff --git a/src/lib/crypt_ops/crypto_rsa.h b/src/lib/crypt_ops/crypto_rsa.h
index 45412d21e..d1f9d57aa 100644
--- a/src/lib/crypt_ops/crypto_rsa.h
+++ b/src/lib/crypt_ops/crypto_rsa.h
@@ -101,8 +101,8 @@ int crypto_pk_private_sign_digest(crypto_pk_t *env, char *to, size_t tolen,
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out);
int crypto_pk_get_common_digests(crypto_pk_t *pk,
common_digests_t *digests_out);
-int crypto_pk_base64_encode(const crypto_pk_t *pk, char **priv_out);
-crypto_pk_t *crypto_pk_base64_decode(const char *str, size_t len);
+int crypto_pk_base64_encode_private(const crypto_pk_t *pk, char **priv_out);
+crypto_pk_t *crypto_pk_base64_decode_private(const char *str, size_t len);
/* Prototypes for private functions only used by tortls.c, crypto.c, and the
* unit tests. */
diff --git a/src/lib/crypt_ops/crypto_rsa_openssl.c b/src/lib/crypt_ops/crypto_rsa_openssl.c
index c57a2e39e..a342c1e7d 100644
--- a/src/lib/crypt_ops/crypto_rsa_openssl.c
+++ b/src/lib/crypt_ops/crypto_rsa_openssl.c
@@ -750,7 +750,7 @@ crypto_pk_asn1_decode(const char *str, size_t len)
* It is the caller's responsibility to sanitize and free the resulting buffer.
*/
int
-crypto_pk_base64_encode(const crypto_pk_t *pk, char **priv_out)
+crypto_pk_base64_encode_private(const crypto_pk_t *pk, char **priv_out)
{
unsigned char *der = NULL;
int der_len;
@@ -781,7 +781,7 @@ crypto_pk_base64_encode(const crypto_pk_t *pk, char **priv_out)
* on failure.
*/
crypto_pk_t *
-crypto_pk_base64_decode(const char *str, size_t len)
+crypto_pk_base64_decode_private(const char *str, size_t len)
{
crypto_pk_t *pk = NULL;
diff --git a/src/test/test_controller.c b/src/test/test_controller.c
index d0aa86844..d5d51758f 100644
--- a/src/test/test_controller.c
+++ b/src/test/test_controller.c
@@ -161,7 +161,7 @@ test_add_onion_helper_keyarg_v2(void *arg)
/* Test loading a RSA1024 key. */
tor_free(err_msg);
pk1 = pk_generate(0);
- tt_int_op(0, OP_EQ, crypto_pk_base64_encode(pk1, &encoded));
+ tt_int_op(0, OP_EQ, crypto_pk_base64_encode_private(pk1, &encoded));
tor_asprintf(&arg_str, "RSA1024:%s", encoded);
ret = add_onion_helper_keyarg(arg_str, 0, &key_new_alg, &key_new_blob,
&pk, &hs_version, &err_msg);
diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c
index 029e98a63..81d43ff13 100644
--- a/src/test/test_crypto.c
+++ b/src/test/test_crypto.c
@@ -1420,22 +1420,22 @@ test_crypto_pk_base64(void *arg)
/* Test Base64 encoding a key. */
pk1 = pk_generate(0);
tt_assert(pk1);
- tt_int_op(0, OP_EQ, crypto_pk_base64_encode(pk1, &encoded));
+ tt_int_op(0, OP_EQ, crypto_pk_base64_encode_private(pk1, &encoded));
tt_assert(encoded);
/* Test decoding a valid key. */
- pk2 = crypto_pk_base64_decode(encoded, strlen(encoded));
+ pk2 = crypto_pk_base64_decode_private(encoded, strlen(encoded));
tt_assert(pk2);
tt_int_op(crypto_pk_cmp_keys(pk1, pk2), OP_EQ, 0);
crypto_pk_free(pk2);
/* Test decoding a invalid key (not Base64). */
static const char *invalid_b64 = "The key is in another castle!";
- pk2 = crypto_pk_base64_decode(invalid_b64, strlen(invalid_b64));
+ pk2 = crypto_pk_base64_decode_private(invalid_b64, strlen(invalid_b64));
tt_ptr_op(pk2, OP_EQ, NULL);
/* Test decoding a truncated Base64 blob. */
- pk2 = crypto_pk_base64_decode(encoded, strlen(encoded)/2);
+ pk2 = crypto_pk_base64_decode_private(encoded, strlen(encoded)/2);
tt_ptr_op(pk2, OP_EQ, NULL);
done:
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits