--- /dev/null
+ o Minor features
+ - Adjust our TLS Diffie-Hellman parameters to match those used by
+ Apache's mod_ssl.
/* DH */
-/** Shared P parameter for our DH key exchanged. */
+/** Shared P parameter for our circuit-crypto DH key exchanges. */
static BIGNUM *dh_param_p = NULL;
+/** Shared P parameter for our TLS DH key exchanges. */
+static BIGNUM *dh_param_p_tls = NULL;
/** Shared G parameter for our DH key exchanges. */
static BIGNUM *dh_param_g = NULL;
static void
init_dh_param(void)
{
- BIGNUM *p, *g;
+ BIGNUM *p, *p2, *g;
int r;
- if (dh_param_p && dh_param_g)
+ if (dh_param_p && dh_param_g && dh_param_p_tls)
return;
p = BN_new();
+ p2 = BN_new();
g = BN_new();
tor_assert(p);
+ tor_assert(p2);
tor_assert(g);
/* This is from rfc2409, section 6.2. It's a safe prime, and
"A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
"49286651ECE65381FFFFFFFFFFFFFFFF");
tor_assert(r);
+ /* This is the 1024-bit safe prime that Apache uses for its DH stuff; see
+ * modules/ssl/ssl_engine_dh.c */
+ r = BN_hex2bn(&p2,
+ "D67DE440CBBBDC1936D693D34AFD0AD50C84D239A45F520BB88174CB98"
+ "BCE951849F912E639C72FB13B4B4D7177E16D55AC179BA420B2A29FE324A"
+ "467A635E81FF5901377BEDDCFD33168A461AAD3B72DAE8860078045B07A7"
+ "DBCA7874087D1510EA9FCC9DDD330507DD62DB88AEAA747DE0F4D6E2BD68"
+ "B0E7393E0F24218EB3");
+ tor_assert(r);
r = BN_set_word(g, 2);
tor_assert(r);
dh_param_p = p;
+ dh_param_p_tls = p2;
dh_param_g = g;
}
/** Allocate and return a new DH object for a key exchange.
*/
crypto_dh_env_t *
-crypto_dh_new(void)
+crypto_dh_new(int dh_type)
{
crypto_dh_env_t *res = tor_malloc_zero(sizeof(crypto_dh_env_t));
+ tor_assert(dh_type == DH_TYPE_CIRCUIT || dh_type == DH_TYPE_TLS ||
+ dh_type == DH_TYPE_REND);
+
if (!dh_param_p)
init_dh_param();
if (!(res->dh = DH_new()))
goto err;
- if (!(res->dh->p = BN_dup(dh_param_p)))
- goto err;
+ if (dh_type == DH_TYPE_TLS) {
+ if (!(res->dh->p = BN_dup(dh_param_p_tls)))
+ goto err;
+ } else {
+ if (!(res->dh->p = BN_dup(dh_param_p)))
+ goto err;
+ }
if (!(res->dh->g = BN_dup(dh_param_g)))
goto err;
const char *msg, size_t msg_len);
/* Key negotiation */
-crypto_dh_env_t *crypto_dh_new(void);
+#define DH_TYPE_CIRCUIT 1
+#define DH_TYPE_REND 2
+#define DH_TYPE_TLS 3
+crypto_dh_env_t *crypto_dh_new(int dh_type);
int crypto_dh_get_bytes(crypto_dh_env_t *dh);
int crypto_dh_generate_public(crypto_dh_env_t *dh);
int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey_out,
if (!SSL_CTX_check_private_key(result->ctx))
goto error;
{
- crypto_dh_env_t *dh = crypto_dh_new();
+ crypto_dh_env_t *dh = crypto_dh_new(DH_TYPE_TLS);
SSL_CTX_set_tmp_dh(result->ctx, _crypto_dh_env_get_dh(dh));
crypto_dh_free(dh);
}
*handshake_state_out = NULL;
memset(onion_skin_out, 0, ONIONSKIN_CHALLENGE_LEN);
- if (!(dh = crypto_dh_new()))
+ if (!(dh = crypto_dh_new(DH_TYPE_CIRCUIT)))
goto err;
dhbytes = crypto_dh_get_bytes(dh);
goto err;
}
- dh = crypto_dh_new();
+ dh = crypto_dh_new(DH_TYPE_CIRCUIT);
if (crypto_dh_get_public(dh, handshake_reply_out, DH_KEY_LEN)) {
log_info(LD_GENERAL, "crypto_dh_get_public failed.");
goto err;
cpath = rendcirc->build_state->pending_final_cpath =
tor_malloc_zero(sizeof(crypt_path_t));
cpath->magic = CRYPT_PATH_MAGIC;
- if (!(cpath->dh_handshake_state = crypto_dh_new())) {
+ if (!(cpath->dh_handshake_state = crypto_dh_new(DH_TYPE_REND))) {
log_warn(LD_BUG, "Internal error: couldn't allocate DH.");
goto err;
}
}
/* Try DH handshake... */
- dh = crypto_dh_new();
+ dh = crypto_dh_new(DH_TYPE_REND);
if (!dh || crypto_dh_generate_public(dh)<0) {
log_warn(LD_BUG,"Internal error: couldn't build DH state "
"or generate public key.");
static void
test_crypto_dh(void)
{
- crypto_dh_env_t *dh1 = crypto_dh_new();
- crypto_dh_env_t *dh2 = crypto_dh_new();
+ crypto_dh_env_t *dh1 = crypto_dh_new(DH_TYPE_CIRCUIT);
+ crypto_dh_env_t *dh2 = crypto_dh_new(DH_TYPE_CIRCUIT);
char p1[DH_BYTES];
char p2[DH_BYTES];
char s1[DH_BYTES];
projects / thirdparty / tor.git / commitdiff
