64 *handshake_state_out = NULL;
65 memset(onion_skin_out, 0, TAP_ONIONSKIN_CHALLENGE_LEN);
80 TAP_ONIONSKIN_CHALLENGE_LEN,
85 memwipe(challenge, 0,
sizeof(challenge));
86 *handshake_state_out = dh;
93 memwipe(challenge, 0,
sizeof(challenge));
94 if (dh) crypto_dh_free(dh);
107 const char *onion_skin,
111 char *handshake_reply_out,
115 char challenge[TAP_ONIONSKIN_CHALLENGE_LEN];
118 char *key_material=NULL;
119 size_t key_material_len=0;
125 k = i==0?private_key:prev_private_key;
129 TAP_ONIONSKIN_CHALLENGE_LEN,
131 TAP_ONIONSKIN_CHALLENGE_LEN,
138 "Couldn't decrypt onionskin: client may be using old onion key");
142 "Unexpected onionskin length after decryption: %ld",
152 log_warn(
LD_BUG,
"Couldn't allocate DH key");
160 log_info(
LD_GENERAL,
"crypto_dh_get_public failed.");
166 key_material = tor_malloc(key_material_len);
171 log_info(
LD_GENERAL,
"crypto_dh_compute_secret failed.");
179 memcpy(key_out, key_material+
DIGEST_LEN, key_out_len);
181 memwipe(challenge, 0,
sizeof(challenge));
182 memwipe(key_material, 0, key_material_len);
187 memwipe(challenge, 0,
sizeof(challenge));
189 memwipe(key_material, 0, key_material_len);
192 if (dh) crypto_dh_free(dh);
208 const char *handshake_reply,
211 const char **msg_out)
214 char *key_material=NULL;
215 size_t key_material_len;
219 key_material = tor_malloc(key_material_len);
225 *msg_out =
"DH computation failed.";
232 *msg_out =
"Digest DOES NOT MATCH on onion handshake. Bug or attack.";
237 memcpy(key_out, key_material+
DIGEST_LEN, key_out_len);
239 memwipe(key_material, 0, key_material_len);
243 memwipe(key_material, 0, key_material_len);
Header file for config.c.
ssize_t crypto_dh_compute_secret(int severity, crypto_dh_t *dh, const char *pubkey, size_t pubkey_len, char *secret_out, size_t secret_bytes_out)
int crypto_dh_get_bytes(crypto_dh_t *dh)
crypto_dh_t * crypto_dh_new(int dh_type)
int crypto_dh_get_public(crypto_dh_t *dh, char *pubkey_out, size_t pubkey_out_len)
Common functions for using (pseudo-)random number generators.
int crypto_pk_obsolete_public_hybrid_encrypt(crypto_pk_t *env, char *to, size_t tolen, const char *from, size_t fromlen, int padding, int force)
int crypto_pk_obsolete_private_hybrid_decrypt(crypto_pk_t *env, char *to, size_t tolen, const char *from, size_t fromlen, int padding, int warnOnFailure)
size_t crypto_pk_keysize(const crypto_pk_t *env)
#define PK_PKCS1_OAEP_PADDING
void memwipe(void *mem, uint8_t byte, size_t sz)
Common functions for cryptographic routines.
#define tor_memneq(a, b, sz)
#define log_fn(severity, domain, args,...)
int onion_skin_TAP_client_handshake(crypto_dh_t *handshake_state, const char *handshake_reply, char *key_out, size_t key_out_len, const char **msg_out)
int onion_skin_TAP_create(crypto_pk_t *dest_router_key, crypto_dh_t **handshake_state_out, char *onion_skin_out)
int onion_skin_TAP_server_handshake(const char *onion_skin, crypto_pk_t *private_key, crypto_pk_t *prev_private_key, char *handshake_reply_out, char *key_out, size_t key_out_len)
Header file for onion_tap.c.
Master header file for Tor-specific functionality.
Header file for rephist.c.