[or-cvs] Not every RSA decrypt should warn on failure.
Nick Mathewson
nickm at seul.org
Wed May 12 19:30:30 UTC 2004
Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/tmp/cvs-serv25990/src/or
Modified Files:
onion.c rendservice.c test.c
Log Message:
Not every RSA decrypt should warn on failure.
Index: onion.c
===================================================================
RCS file: /home/or/cvsroot/src/or/onion.c,v
retrieving revision 1.161
retrieving revision 1.162
diff -u -d -r1.161 -r1.162
--- onion.c 10 May 2004 04:34:48 -0000 1.161
+++ onion.c 12 May 2004 19:30:28 -0000 1.162
@@ -728,12 +728,12 @@
break;
len = crypto_pk_private_hybrid_decrypt(k,
onion_skin, ONIONSKIN_CHALLENGE_LEN,
- challenge, PK_PKCS1_OAEP_PADDING);
+ challenge, PK_PKCS1_OAEP_PADDING,0);
if (len>0)
break;
}
if (len<0) {
- log_fn(LOG_WARN, "Couldn't decrypt onionskin");
+ log_fn(LOG_WARN, "Couldn't decrypt onionskin: client may be using old onion key");
goto err;
} else if (len != DH_KEY_LEN) {
log_fn(LOG_WARN, "Unexpected onionskin length after decryption: %d",
Index: rendservice.c
===================================================================
RCS file: /home/or/cvsroot/src/or/rendservice.c,v
retrieving revision 1.65
retrieving revision 1.66
diff -u -d -r1.65 -r1.66
--- rendservice.c 10 May 2004 07:27:29 -0000 1.65
+++ rendservice.c 12 May 2004 19:30:28 -0000 1.66
@@ -388,7 +388,7 @@
/* Next N bytes is encrypted with service key */
len = crypto_pk_private_hybrid_decrypt(
service->private_key,request+DIGEST_LEN,request_len-DIGEST_LEN,buf,
- PK_PKCS1_OAEP_PADDING);
+ PK_PKCS1_OAEP_PADDING,1);
if (len<0) {
log_fn(LOG_WARN, "Couldn't decrypt INTRODUCE2 cell");
return -1;
Index: test.c
===================================================================
RCS file: /home/or/cvsroot/src/or/test.c,v
retrieving revision 1.91
retrieving revision 1.92
diff -u -d -r1.91 -r1.92
--- test.c 10 May 2004 17:30:51 -0000 1.91
+++ test.c 12 May 2004 19:30:28 -0000 1.92
@@ -333,19 +333,19 @@
/* oaep padding should make encryption not match */
test_memneq(data1, data2, 128);
test_eq(15, crypto_pk_private_decrypt(pk1, data1, 128, data3,
- PK_PKCS1_OAEP_PADDING));
+ PK_PKCS1_OAEP_PADDING,1));
test_streq(data3, "Hello whirled.");
memset(data3, 0, 1024);
test_eq(15, crypto_pk_private_decrypt(pk1, data2, 128, data3,
- PK_PKCS1_OAEP_PADDING));
+ PK_PKCS1_OAEP_PADDING,1));
test_streq(data3, "Hello whirled.");
/* Can't decrypt with public key. */
test_eq(-1, crypto_pk_private_decrypt(pk2, data2, 128, data3,
- PK_PKCS1_OAEP_PADDING));
+ PK_PKCS1_OAEP_PADDING,1));
/* Try again with bad padding */
memcpy(data2+1, "XYZZY", 5); /* This has fails ~ once-in-2^40 */
test_eq(-1, crypto_pk_private_decrypt(pk1, data2, 128, data3,
- PK_PKCS1_OAEP_PADDING));
+ PK_PKCS1_OAEP_PADDING,1));
/* File operations: save and load private key */
test_assert(! crypto_pk_write_private_key_to_filename(pk1,
@@ -354,7 +354,7 @@
test_assert(! crypto_pk_read_private_key_from_filename(pk2,
"/tmp/tor_test/pke1y"));
test_eq(15, crypto_pk_private_decrypt(pk2, data1, 128, data3,
- PK_PKCS1_OAEP_PADDING));
+ PK_PKCS1_OAEP_PADDING,1));
/* Now try signing. */
strcpy(data1, "Ossifrage");
@@ -388,7 +388,7 @@
(i==1)?PK_PKCS1_PADDING:PK_PKCS1_OAEP_PADDING;
len = crypto_pk_public_hybrid_encrypt(pk1,data1,j,data2,p,0);
test_assert(len>=0);
- len = crypto_pk_private_hybrid_decrypt(pk1,data2,len,data3,p);
+ len = crypto_pk_private_hybrid_decrypt(pk1,data2,len,data3,p,1);
test_eq(len,j);
test_memeq(data1,data3,j);
}
More information about the tor-commits
mailing list