src/core/crypto/relay_crypto.h \
src/core/crypto/relay_crypto_st.h \
src/core/crypto/relay_crypto_cgo.h \
- src/core/crypto/relay_crypto_tor1.h
+ src/core/crypto/relay_crypto_tor1.h \
+ src/core/crypto/tor1_crypt_st.h
{
tor_assert(crypto);
*len_out = DIGEST_LEN;
- return crypto->sendme_digest;
+ return crypto->tor1.sendme_digest;
}
/** Do the appropriate en/decryptions for <b>cell</b> arriving on
do { /* Remember: cpath is in forward order, that is, first hop first. */
tor_assert(thishop);
- bool rec = tor1_crypt_client_backward(&thishop->pvt_crypto, cell);
-
+ bool rec = tor1_crypt_client_backward(
+ &thishop->pvt_crypto.tor1, cell);
if (rec) {
*recognized = 1;
*layer_hint = thishop;
} else {
/* We're in the middle. Encrypt one layer. */
relay_crypto_t *crypto = &TO_OR_CIRCUIT(circ)->crypto;
- tor1_crypt_relay_backward(crypto, cell);
+ tor1_crypt_relay_backward(&crypto->tor1, cell);
}
} else /* cell_direction == CELL_DIRECTION_OUT */ {
/* We're in the middle. Decrypt one layer. */
relay_crypto_t *crypto = &TO_OR_CIRCUIT(circ)->crypto;
- bool rec = tor1_crypt_relay_forward(crypto, cell);
+ bool rec = tor1_crypt_relay_forward(&crypto->tor1, cell);
if (rec) {
*recognized = 1;
return 0;
{
crypt_path_t *thishop = layer_hint;
- tor1_crypt_client_originate(&thishop->pvt_crypto, cell);
+ tor1_crypt_client_originate(&thishop->pvt_crypto.tor1, cell);
thishop = thishop->prev;
while (thishop != circ->cpath->prev) {
- tor1_crypt_client_forward(&thishop->pvt_crypto, cell);
+ tor1_crypt_client_forward(&thishop->pvt_crypto.tor1, cell);
thishop = thishop->prev;
}
}
relay_encrypt_cell_inbound(cell_t *cell,
or_circuit_t *or_circ)
{
- tor1_crypt_relay_originate(&or_circ->crypto, cell);
+ tor1_crypt_relay_originate(&or_circ->crypto.tor1, cell);
}
/**
void
relay_crypto_clear(relay_crypto_t *crypto)
{
- tor1_crypt_clear(crypto);
+ tor1_crypt_clear(&crypto->tor1);
}
/** Initialize <b>crypto</b> from the key material in key_data.
const char *key_data, size_t key_data_len,
int reverse, int is_hs_v3)
{
- return tor1_crypt_init(crypto, key_data, key_data_len, reverse, is_hs_v3);
+ return tor1_crypt_init(&crypto->tor1,
+ key_data, key_data_len, reverse, is_hs_v3);
}
/** Return the amount of key material we need to initialize
void
relay_crypto_assert_ok(const relay_crypto_t *crypto)
{
- tor1_crypt_assert_ok(crypto);
+ tor1_crypt_assert_ok(&crypto->tor1);
}
#ifndef RELAY_CRYPTO_ST_H
#define RELAY_CRYPTO_ST_H
-#define crypto_cipher_t aes_cnt_cipher_t
-struct crypto_cipher_t;
-struct crypto_digest_t;
+#include "core/crypto/tor1_crypt_st.h"
struct relay_crypto_t {
- /* crypto environments */
- /** Encryption key and counter for cells heading towards the OR at this
- * step. */
- struct crypto_cipher_t *f_crypto;
- /** Encryption key and counter for cells heading back from the OR at this
- * step. */
- struct crypto_cipher_t *b_crypto;
-
- /** Digest state for cells heading towards the OR at this step. */
- struct crypto_digest_t *f_digest; /* for integrity checking */
- /** Digest state for cells heading away from the OR at this step. */
- struct crypto_digest_t *b_digest;
-
- /** Digest used for the next SENDME cell if any.
- *
- * This digest is updated every time a cell is _originated_ or _recognized_
- * in either direction. Any operation with this object may
- * invalidate this digest. */
- uint8_t sendme_digest[DIGEST_LEN];
+ struct tor1_crypt_t tor1;
};
-#undef crypto_cipher_t
#endif /* !defined(RELAY_CRYPTO_ST_H) */
#ifndef TOR_RELAY_CRYPTO_TOR1_H
#define TOR_RELAY_CRYPTO_TOR1_H
+typedef struct tor1_crypt_t tor1_crypt_t;
+
void tor1_crypt_client_originate(tor1_crypt_t *tor1,
cell_t *cell);
void tor1_crypt_relay_originate(tor1_crypt_t *tor1,
void tor1_crypt_client_forward(tor1_crypt_t *tor1, cell_t *cell);
size_t tor1_key_material_len(bool is_hs);
-int tor1_crypt_init(relay_crypto_t *crypto,
+int tor1_crypt_init(tor1_crypt_t *crypto,
const char *key_data, size_t key_data_len,
int reverse, int is_hs_v3);
void tor1_crypt_assert_ok(const tor1_crypt_t *tor1);
-void tor1_crypt_clear(relay_crypto_t *crypto);
+void tor1_crypt_clear(tor1_crypt_t *crypto);
#endif /* !defined(TOR_RELAY_CRYPTO_TOR1_H) */
--- /dev/null
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2021, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+/**
+ * @file tor1_crypt_st.h
+ * @brief Structures for tor1 relay cell encryption.
+ **/
+
+#ifndef TOR1_CRYPT_ST_H
+#define TOR1_CRYPT_ST_H
+
+struct aes_cnt_cipher_t;
+struct crypto_digest_t;
+
+struct tor1_crypt_t {
+ /** Encryption key and counter for cells heading towards the OR at this
+ * step. */
+ struct aes_cnt_cipher_t *f_crypto;
+ /** Encryption key and counter for cells heading back from the OR at this
+ * step. */
+ struct aes_cnt_cipher_t *b_crypto;
+
+ /** Digest state for cells heading towards the OR at this step. */
+ struct crypto_digest_t *f_digest; /* for integrity checking */
+ /** Digest state for cells heading away from the OR at this step. */
+ struct crypto_digest_t *b_digest;
+
+ /** Digest used for the next SENDME cell if any.
+ *
+ * This digest is updated every time a cell is _originated_ or _recognized_
+ * in either direction. Any operation with this object may
+ * invalidate this digest. */
+ uint8_t sendme_digest[DIGEST_LEN];
+};
+
+#endif /* !defined(TOR1_CRYPT_ST_H) */
typedef struct onion_handshake_state_t onion_handshake_state_t;
typedef struct relay_crypto_t relay_crypto_t;
-// XXXX Temporary alias.
-typedef struct relay_crypto_t tor1_crypt_t;
typedef struct crypt_path_t crypt_path_t;
typedef struct crypt_path_reference_t crypt_path_reference_t;
or_circ->base_.purpose = CIRCUIT_PURPOSE_OR;
/* Initialize crypto */
- char key1[CIPHER_KEY_LEN], key2[CIPHER_KEY_LEN];
- crypto_rand(key1, sizeof(key1));
- crypto_rand(key2, sizeof(key2));
- or_circ->crypto.f_crypto = crypto_cipher_new(key1);
- or_circ->crypto.b_crypto = crypto_cipher_new(key2);
- or_circ->crypto.f_digest = crypto_digest_new();
- or_circ->crypto.b_digest = crypto_digest_new();
+ char keys[CPATH_KEY_MATERIAL_LEN];
+ crypto_rand(keys, sizeof(keys));
+ size_t keylen = sizeof(keys);
+ relay_crypto_init(&or_circ->crypto,
+ keys, keylen, false, false);
reset_perftime();
tt_int_op(retval, OP_EQ, 1);
/* Check that the crypt path has prop224 algorithm parameters */
- tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.f_digest),
+ tt_int_op(crypto_digest_get_algorithm(
+ or_circ->cpath->pvt_crypto.tor1.f_digest),
OP_EQ, DIGEST_SHA3_256);
- tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.b_digest),
+ tt_int_op(crypto_digest_get_algorithm(
+ or_circ->cpath->pvt_crypto.tor1.b_digest),
OP_EQ, DIGEST_SHA3_256);
- tt_assert(or_circ->cpath->pvt_crypto.f_crypto);
- tt_assert(or_circ->cpath->pvt_crypto.b_crypto);
+ tt_assert(or_circ->cpath->pvt_crypto.tor1.f_crypto);
+ tt_assert(or_circ->cpath->pvt_crypto.tor1.b_crypto);
/* Ensure that circ purpose was changed */
tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_C_REND_JOINED);
tt_int_op(retval, OP_EQ, 1);
/* Check the digest algo */
- tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.f_digest),
+ tt_int_op(crypto_digest_get_algorithm(
+ or_circ->cpath->pvt_crypto.tor1.f_digest),
OP_EQ, DIGEST_SHA3_256);
- tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.b_digest),
+ tt_int_op(crypto_digest_get_algorithm(
+ or_circ->cpath->pvt_crypto.tor1.b_digest),
OP_EQ, DIGEST_SHA3_256);
- tt_assert(or_circ->cpath->pvt_crypto.f_crypto);
- tt_assert(or_circ->cpath->pvt_crypto.b_crypto);
+ tt_assert(or_circ->cpath->pvt_crypto.tor1.f_crypto);
+ tt_assert(or_circ->cpath->pvt_crypto.tor1.b_crypto);
/* Ensure that circ purpose was changed */
tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_S_REND_JOINED);
teardown_capture_of_logs();
/* Record the cell digest into the circuit, cell should validate. */
- memcpy(or_circ->crypto.sendme_digest, digest, sizeof(digest));
+ memcpy(or_circ->crypto.tor1.sendme_digest, digest, sizeof(digest));
circ->package_window = CIRCWINDOW_INCREMENT + 1;
sendme_record_cell_digest_on_circ(circ, NULL);
tt_int_op(smartlist_len(circ->sendme_last_digests), OP_EQ, 1);
projects / thirdparty / tor.git / commitdiff
