[or-cvs] bugfix: our integrity-checking digest was checking only the...

[Ben Laurie]

Roger Dingledine wrote:

> Update of /home/or/cvsroot/src/common
> In directory moria.mit.edu:/home2/arma/work/onion/cvs/src/common
> 
> Modified Files:
> 	crypto.c 
> Log Message:
> bugfix: our integrity-checking digest was checking only the most
> recent cell, not the previous cells like we'd thought.
> 
> this change is backward incompatible.
> 
> 
> Index: crypto.c
> ===================================================================
> RCS file: /home/or/cvsroot/src/common/crypto.c,v
> retrieving revision 1.92
> retrieving revision 1.93
> diff -u -d -r1.92 -r1.93
> --- crypto.c	12 May 2004 19:30:28 -0000	1.92
> +++ crypto.c	15 May 2004 23:49:41 -0000	1.93
> @@ -1029,9 +1029,12 @@
>                                char *out, size_t out_len)
>  {
>    static char r[DIGEST_LEN];
> +  SHA_CTX tmpctx;
>    tor_assert(digest && out);
>    tor_assert(out_len <= DIGEST_LEN);
> -  SHA1_Final(r, &digest->d);
> +  /* memcpy into a temporary ctx, since SHA1_Final clears the context */
> +  memcpy(&tmpctx, &digest->d, sizeof(SHA_CTX));
> +  SHA1_Final(r, &tmpctx);

I assume you realise that if you use SHA-1 directly you can't take 
advantage of hardware accelerators? Less relevant for hashes than 
encryption, but I thought I'd mention it.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff