tor  0.4.1.0-alpha-dev
Macros | Functions | Variables
crypto_rsa.c File Reference
#include "lib/crypt_ops/crypto_cipher.h"
#include "lib/crypt_ops/crypto_curve25519.h"
#include "lib/crypt_ops/crypto_digest.h"
#include "lib/crypt_ops/crypto_format.h"
#include "lib/crypt_ops/compat_openssl.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_rsa.h"
#include "lib/crypt_ops/crypto_util.h"
#include "lib/ctime/di_ops.h"
#include "lib/log/util_bug.h"
#include "lib/fs/files.h"
#include "lib/log/escape.h"
#include "lib/log/log.h"
#include "lib/encoding/binascii.h"
#include "lib/encoding/pem.h"
#include <string.h>

Go to the source code of this file.

Macros

#define PRIVATE_ASN_MAX_OVERHEAD_FACTOR   16
 
#define PUBLIC_ASN_MAX_OVERHEAD_FACTOR   3
 
#define MAX_PRIVKEY_FILE_LEN   (16*1024*1024)
 

Functions

int crypto_get_rsa_padding_overhead (int padding)
 
int crypto_pk_eq_keys (const crypto_pk_t *a, const crypto_pk_t *b)
 
int crypto_pk_obsolete_public_hybrid_encrypt (crypto_pk_t *env, char *to, size_t tolen, const char *from, size_t fromlen, int padding, int force)
 
int crypto_pk_obsolete_private_hybrid_decrypt (crypto_pk_t *env, char *to, size_t tolen, const char *from, size_t fromlen, int padding, int warnOnFailure)
 
int crypto_pk_get_fingerprint (crypto_pk_t *pk, char *fp_out, int add_space)
 
int crypto_pk_get_hashed_fingerprint (crypto_pk_t *pk, char *fp_out)
 
void crypto_add_spaces_to_fp (char *out, size_t outlen, const char *in)
 
 MOCK_IMPL (int, crypto_pk_public_checksig_digest,(crypto_pk_t *env, const char *data, size_t datalen, const char *sig, size_t siglen))
 
int crypto_pk_private_sign_digest (crypto_pk_t *env, char *to, size_t tolen, const char *from, size_t fromlen)
 
int crypto_pk_get_digest (const crypto_pk_t *pk, char *digest_out)
 
int crypto_pk_get_common_digests (crypto_pk_t *pk, common_digests_t *digests_out)
 
static int crypto_pk_write_to_string_generic (crypto_pk_t *env, char **dest, size_t *len, bool private_key)
 
int crypto_pk_write_public_key_to_string (crypto_pk_t *env, char **dest, size_t *len)
 
int crypto_pk_write_private_key_to_string (crypto_pk_t *env, char **dest, size_t *len)
 
static int crypto_pk_read_from_string_generic (crypto_pk_t *env, const char *src, size_t len, int severity, bool private_key)
 
int crypto_pk_read_public_key_from_string (crypto_pk_t *env, const char *src, size_t len)
 
int crypto_pk_read_private_key_from_string (crypto_pk_t *env, const char *src, ssize_t len)
 
int crypto_pk_read_private_key_from_filename (crypto_pk_t *env, const char *keyfile)
 
int crypto_pk_write_private_key_to_filename (crypto_pk_t *env, const char *fname)
 
int crypto_pk_base64_encode_private (const crypto_pk_t *pk, char **priv_out)
 
crypto_pk_tcrypto_pk_base64_decode_private (const char *str, size_t len)
 

Variables

static const char RSA_PUBLIC_TAG [] = "RSA PUBLIC KEY"
 
static const char RSA_PRIVATE_TAG [] = "RSA PRIVATE KEY"
 

Detailed Description

Block of functions related with RSA utilities and operations.

OpenSSL implementations of our RSA code.

NSS implementations of our RSA code.

Definition in file crypto_rsa.c.

Macro Definition Documentation

◆ MAX_PRIVKEY_FILE_LEN

#define MAX_PRIVKEY_FILE_LEN   (16*1024*1024)

If a file is longer than this, we won't try to decode its private key

Definition at line 557 of file crypto_rsa.c.

Function Documentation

◆ crypto_add_spaces_to_fp()

void crypto_add_spaces_to_fp ( char *  out,
size_t  outlen,
const char *  in 
)

Copy in to the outlen-byte buffer out, adding spaces every four characters.

Definition at line 270 of file crypto_rsa.c.

References SIZE_T_CEILING, and tor_assert().

Referenced by crypto_pk_get_fingerprint().

◆ crypto_get_rsa_padding_overhead()

int crypto_get_rsa_padding_overhead ( int  padding)

Return the number of bytes added by padding method padding.

Definition at line 41 of file crypto_rsa.c.

References PK_PKCS1_OAEP_PADDING, PKCS1_OAEP_PADDING_OVERHEAD, and tor_assert().

Referenced by crypto_pk_obsolete_public_hybrid_encrypt().

◆ crypto_pk_base64_decode_private()

crypto_pk_t* crypto_pk_base64_decode_private ( const char *  str,
size_t  len 
)

Given a string containing the Base64 encoded DER representation of the private key str, decode and return the result on success, or NULL on failure.

Definition at line 654 of file crypto_rsa.c.

◆ crypto_pk_base64_encode_private()

int crypto_pk_base64_encode_private ( const crypto_pk_t pk,
char **  priv_out 
)

Given a crypto_pk_t pk, allocate a new buffer containing the Base64 encoding of the DER representation of the private key as a NUL terminated string, and return it via priv_out. Return 0 on success, -1 on failure.

It is the caller's responsibility to sanitize and free the resulting buffer.

Definition at line 618 of file crypto_rsa.c.

References crypto_pk_keysize().

◆ crypto_pk_eq_keys()

int crypto_pk_eq_keys ( const crypto_pk_t a,
const crypto_pk_t b 
)

Compare the public-key components of a and b. Return non-zero iff a==b. A NULL key is considered to be distinct from all non-NULL keys, and equal to itself.

Note that this may leak information about the keys through timing.

Definition at line 71 of file crypto_rsa.c.

References crypto_pk_cmp_keys().

Referenced by assert_identity_keys_ok(), find_expiring_intro_point(), router_differences_are_cosmetic(), and set_onion_key().

◆ crypto_pk_get_common_digests()

int crypto_pk_get_common_digests ( crypto_pk_t pk,
common_digests_t digests_out 
)

Compute all digests of the DER encoding of pk, and store them in digests_out. Return 0 on success, -1 on failure.

Definition at line 381 of file crypto_rsa.c.

References crypto_pk_keysize().

◆ crypto_pk_get_digest()

int crypto_pk_get_digest ( const crypto_pk_t pk,
char *  digest_out 
)

Given a private or public key pk, put a SHA1 hash of the public key into digest_out (must have DIGEST_LEN bytes of space). Return 0 on success, -1 on failure.

Definition at line 356 of file crypto_rsa.c.

References crypto_pk_keysize().

Referenced by crypto_pk_get_fingerprint(), crypto_pk_get_hashed_fingerprint(), dirserv_router_get_status(), rend_get_service_id(), and rep_hist_stored_maybe_new_hs().

◆ crypto_pk_get_fingerprint()

int crypto_pk_get_fingerprint ( crypto_pk_t pk,
char *  fp_out,
int  add_space 
)

Given a private or public key pk, put a fingerprint of the public key into fp_out (must have at least FINGERPRINT_LEN+1 bytes of space). Return 0 on success, -1 on failure.

Fingerprints are computed as the SHA1 digest of the ASN.1 encoding of the public key, converted to hexadecimal, in upper case, with a space after every four digits.

If add_space is false, omit the spaces.

Definition at line 229 of file crypto_rsa.c.

References base16_encode(), crypto_add_spaces_to_fp(), crypto_pk_get_digest(), DIGEST_LEN, FINGERPRINT_LEN, and HEX_DIGEST_LEN.

Referenced by dirserv_add_own_fingerprint().

◆ crypto_pk_get_hashed_fingerprint()

int crypto_pk_get_hashed_fingerprint ( crypto_pk_t pk,
char *  fp_out 
)

Given a private or public key pk, put a hashed fingerprint of the public key into fp_out (must have at least FINGERPRINT_LEN+1 bytes of space). Return 0 on success, -1 on failure.

Hashed fingerprints are computed as the SHA1 digest of the SHA1 digest of the ASN.1 encoding of the public key, converted to hexadecimal, in upper case.

Definition at line 254 of file crypto_rsa.c.

References base16_encode(), crypto_pk_get_digest(), DIGEST_LEN, and FINGERPRINT_LEN.

◆ crypto_pk_obsolete_private_hybrid_decrypt()

int crypto_pk_obsolete_private_hybrid_decrypt ( crypto_pk_t env,
char *  to,
size_t  tolen,
const char *  from,
size_t  fromlen,
int  padding,
int  warnOnFailure 
)

Invert crypto_pk_obsolete_public_hybrid_encrypt. Returns the number of bytes written on success, -1 on failure.

NOTE that this format does not authenticate the symmetrically encrypted part of the data, and SHOULD NOT BE USED for new protocols.

Definition at line 163 of file crypto_rsa.c.

References crypto_pk_keysize(), crypto_pk_private_decrypt(), SIZE_T_CEILING, and tor_assert().

◆ crypto_pk_obsolete_public_hybrid_encrypt()

int crypto_pk_obsolete_public_hybrid_encrypt ( crypto_pk_t env,
char *  to,
size_t  tolen,
const char *  from,
size_t  fromlen,
int  padding,
int  force 
)

Perform a hybrid (public/secret) encryption on fromlen bytes of data from from, with padding type 'padding', storing the results on to.

Returns the number of bytes written on success, -1 on failure.

The encrypted data consists of:

  • The source data, padded and encrypted with the public key, if the padded source data is no longer than the public key, and force is false, OR
  • The beginning of the source data prefixed with a 16-byte symmetric key, padded and encrypted with the public key; followed by the rest of the source data encrypted in AES-CTR mode with the symmetric key.

NOTE that this format does not authenticate the symmetrically encrypted part of the data, and SHOULD NOT BE USED for new protocols.

Definition at line 94 of file crypto_rsa.c.

References CIPHER_KEY_LEN, crypto_cipher_new(), crypto_get_rsa_padding_overhead(), crypto_pk_keysize(), crypto_pk_public_encrypt(), SIZE_T_CEILING, and tor_assert().

◆ crypto_pk_private_sign_digest()

int crypto_pk_private_sign_digest ( crypto_pk_t env,
char *  to,
size_t  tolen,
const char *  from,
size_t  fromlen 
)

Compute a SHA1 digest of fromlen bytes of data stored at from; sign the data with the private key in env, and store it in to. Return the number of bytes written on success, and -1 on failure.

tolen is the number of writable bytes in to, and must be at least the length of the modulus of env.

Definition at line 339 of file crypto_rsa.c.

References crypto_pk_private_sign(), DIGEST_LEN, and memwipe().

◆ crypto_pk_read_from_string_generic()

static int crypto_pk_read_from_string_generic ( crypto_pk_t env,
const char *  src,
size_t  len,
int  severity,
bool  private_key 
)
static

Helper. Read a PEM-encoded RSA from the first len characters of src, and store the result in env. If private_key, expect a private key; otherwise expect a public key. Return 0 on success, -1 on failure. If len is -1, the string is nul-terminated.

Definition at line 491 of file crypto_rsa.c.

Referenced by crypto_pk_read_private_key_from_string(), and crypto_pk_read_public_key_from_string().

◆ crypto_pk_read_private_key_from_filename()

int crypto_pk_read_private_key_from_filename ( crypto_pk_t env,
const char *  keyfile 
)

Read a PEM-encoded private key from the file named by keyfile into env. Return 0 on success, -1 on failure.

Definition at line 563 of file crypto_rsa.c.

◆ crypto_pk_read_private_key_from_string()

int crypto_pk_read_private_key_from_string ( crypto_pk_t env,
const char *  src,
ssize_t  len 
)

Read a PEM-encoded private key from the len-byte string src into env. Return 0 on success, -1 on failure. If len is -1, the string is nul-terminated.

Definition at line 550 of file crypto_rsa.c.

References crypto_pk_read_from_string_generic(), and LOG_INFO.

◆ crypto_pk_read_public_key_from_string()

int crypto_pk_read_public_key_from_string ( crypto_pk_t env,
const char *  src,
size_t  len 
)

Read a PEM-encoded public key from the first len characters of src, and store the result in env. Return 0 on success, -1 on failure. If len is -1, the string is nul-terminated.

Definition at line 539 of file crypto_rsa.c.

References crypto_pk_read_from_string_generic(), and LOG_INFO.

◆ crypto_pk_write_private_key_to_filename()

int crypto_pk_write_private_key_to_filename ( crypto_pk_t env,
const char *  fname 
)

Write the private key from env into the file named by fname, PEM-encoded. Return 0 on success, -1 on failure.

Definition at line 595 of file crypto_rsa.c.

References crypto_pk_write_private_key_to_string(), memwipe(), and tor_free.

◆ crypto_pk_write_private_key_to_string()

int crypto_pk_write_private_key_to_string ( crypto_pk_t env,
char **  dest,
size_t *  len 
)

PEM-encode the private key portion of env and write it to a newly allocated string. On success, set *dest to the new string, *len to the string's length, and return 0. On failure, return -1.

Definition at line 478 of file crypto_rsa.c.

References crypto_pk_write_to_string_generic().

Referenced by crypto_pk_write_private_key_to_filename().

◆ crypto_pk_write_public_key_to_string()

int crypto_pk_write_public_key_to_string ( crypto_pk_t env,
char **  dest,
size_t *  len 
)

PEM-encode the public key portion of env and write it to a newly allocated string. On success, set *dest to the new string, *len to the string's length, and return 0. On failure, return -1.

Definition at line 466 of file crypto_rsa.c.

References crypto_pk_write_to_string_generic().

◆ crypto_pk_write_to_string_generic()

static int crypto_pk_write_to_string_generic ( crypto_pk_t env,
char **  dest,
size_t *  len,
bool  private_key 
)
static

Helper: PEM-encode env and write it to a newly allocated string. If private_key, write the private part of env; otherwise write only the public portion. On success, set *dest to the new string, *len to the string's length, and return 0. On failure, return -1.

Definition at line 418 of file crypto_rsa.c.

Referenced by crypto_pk_write_private_key_to_string(), and crypto_pk_write_public_key_to_string().

◆ MOCK_IMPL()

MOCK_IMPL ( int  ,
crypto_pk_public_checksig_digest  ,
(crypto_pk_t *env, const char *data, size_t datalen, const char *sig, size_t siglen)   
)

Check a siglen-byte long signature at sig against datalen bytes of data at data, using the public key in env. Return 0 if sig is a correct signature for SHA1(data). Else return -1.

Definition at line 292 of file crypto_rsa.c.

References DIGEST_LEN, SIZE_T_CEILING, and tor_assert().