[or-cvs] canonicalize "src" and "dest" arg order in crypto.c (and ot...

Roger Dingledine arma at seul.org
Tue Nov 2 02:28:55 UTC 2004


Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/home2/arma/work/onion/cvs/src/or

Modified Files:
	dirserv.c onion.c relay.c rendclient.c rendcommon.c rendmid.c 
	rendservice.c router.c routerparse.c test.c 
Log Message:
canonicalize "src" and "dest" arg order in crypto.c (and others)


Index: dirserv.c
===================================================================
RCS file: /home/or/cvsroot/src/or/dirserv.c,v
retrieving revision 1.107
retrieving revision 1.108
diff -u -d -r1.107 -r1.108
--- dirserv.c	28 Oct 2004 18:37:52 -0000	1.107
+++ dirserv.c	2 Nov 2004 02:28:51 -0000	1.108
@@ -651,7 +651,7 @@
     log_fn(LOG_WARN,"couldn't compute digest");
     return -1;
   }
-  if (crypto_pk_private_sign(private_key, digest, 20, signature) < 0) {
+  if (crypto_pk_private_sign(private_key, signature, digest, 20) < 0) {
     log_fn(LOG_WARN,"couldn't sign digest");
     return -1;
   }
@@ -840,7 +840,7 @@
     log_fn(LOG_WARN,"couldn't compute digest");
     goto err;
   }
-  if (crypto_pk_private_sign(private_key, digest, 20, signature) < 0) {
+  if (crypto_pk_private_sign(private_key, signature, digest, 20) < 0) {
     log_fn(LOG_WARN,"couldn't sign digest");
     goto err;
   }

Index: onion.c
===================================================================
RCS file: /home/or/cvsroot/src/or/onion.c,v
retrieving revision 1.166
retrieving revision 1.167
diff -u -d -r1.166 -r1.167
--- onion.c	16 Oct 2004 20:38:57 -0000	1.166
+++ onion.c	2 Nov 2004 02:28:51 -0000	1.167
@@ -164,9 +164,9 @@
 #endif
 
   /* set meeting point, meeting cookie, etc here. Leave zero for now. */
-  if (crypto_pk_public_hybrid_encrypt(dest_router_key, challenge,
-                                      DH_KEY_LEN,
-                                  onion_skin_out, PK_PKCS1_OAEP_PADDING, 1)<0)
+  if (crypto_pk_public_hybrid_encrypt(dest_router_key, onion_skin_out,
+                                      challenge, DH_KEY_LEN,
+                                      PK_PKCS1_OAEP_PADDING, 1)<0)
     goto err;
 
   tor_free(challenge);
@@ -204,9 +204,9 @@
     k = i==0?private_key:prev_private_key;
     if (!k)
       break;
-    len = crypto_pk_private_hybrid_decrypt(k,
+    len = crypto_pk_private_hybrid_decrypt(k, challenge,
                                            onion_skin, ONIONSKIN_CHALLENGE_LEN,
-                                           challenge, PK_PKCS1_OAEP_PADDING,0);
+                                           PK_PKCS1_OAEP_PADDING,0);
     if (len>0)
       break;
   }

Index: relay.c
===================================================================
RCS file: /home/or/cvsroot/src/or/relay.c,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -d -r1.14 -r1.15
--- relay.c	16 Oct 2004 22:14:51 -0000	1.14
+++ relay.c	2 Nov 2004 02:28:51 -0000	1.15
@@ -113,8 +113,8 @@
 
   relay_header_unpack(&rh, in);
 //  log_fn(LOG_DEBUG,"before crypt: %d",rh.recognized);
-  if(( encrypt_mode && crypto_cipher_encrypt(cipher, in, CELL_PAYLOAD_SIZE, out)) ||
-     (!encrypt_mode && crypto_cipher_decrypt(cipher, in, CELL_PAYLOAD_SIZE, out))) {
+  if(( encrypt_mode && crypto_cipher_encrypt(cipher, out, in, CELL_PAYLOAD_SIZE)) ||
+     (!encrypt_mode && crypto_cipher_decrypt(cipher, out, in, CELL_PAYLOAD_SIZE))) {
     log_fn(LOG_WARN,"Error during relay encryption");
     return -1;
   }

Index: rendclient.c
===================================================================
RCS file: /home/or/cvsroot/src/or/rendclient.c,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -d -r1.59 -r1.60
--- rendclient.c	1 Nov 2004 21:46:27 -0000	1.59
+++ rendclient.c	2 Nov 2004 02:28:51 -0000	1.60
@@ -31,7 +31,7 @@
   tor_assert(circ->purpose == CIRCUIT_PURPOSE_C_ESTABLISH_REND);
   log_fn(LOG_INFO, "Sending an ESTABLISH_RENDEZVOUS cell");
 
-  if (crypto_rand(REND_COOKIE_LEN, circ->rend_cookie)<0) {
+  if (crypto_rand(circ->rend_cookie, REND_COOKIE_LEN) < 0) {
     log_fn(LOG_WARN, "Couldn't get random cookie");
     circuit_mark_for_close(circ);
     return -1;
@@ -113,13 +113,12 @@
 
   /*XXX maybe give crypto_pk_public_hybrid_encrypt a max_len arg,
    * to avoid buffer overflows? */
-  r = crypto_pk_public_hybrid_encrypt(entry->parsed->pk, tmp,
+  r = crypto_pk_public_hybrid_encrypt(entry->parsed->pk, payload+DIGEST_LEN, tmp,
 #if 0
                            1+MAX_HEX_NICKNAME_LEN+1+REND_COOKIE_LEN+DH_KEY_LEN,
 #else
                            MAX_NICKNAME_LEN+1+REND_COOKIE_LEN+DH_KEY_LEN,
 #endif
-                                      payload+DIGEST_LEN,
                                       PK_PKCS1_OAEP_PADDING, 0);
   if (r<0) {
     log_fn(LOG_WARN,"hybrid pk encrypt failed.");

Index: rendcommon.c
===================================================================
RCS file: /home/or/cvsroot/src/or/rendcommon.c,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -d -r1.37 -r1.38
--- rendcommon.c	27 Oct 2004 06:48:16 -0000	1.37
+++ rendcommon.c	2 Nov 2004 02:28:51 -0000	1.38
@@ -71,7 +71,7 @@
     strlcpy(cp, ipoint, *len_out-(cp-*str_out));
     cp += strlen(ipoint)+1;
   }
-  i = crypto_pk_private_sign_digest(key, *str_out, cp-*str_out, cp);
+  i = crypto_pk_private_sign_digest(key, cp, *str_out, cp-*str_out);
   if (i<0) {
     tor_free(*str_out);
     return -1;

Index: rendmid.c
===================================================================
RCS file: /home/or/cvsroot/src/or/rendmid.c,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -d -r1.28 -r1.29
--- rendmid.c	24 Oct 2004 19:08:07 -0000	1.28
+++ rendmid.c	2 Nov 2004 02:28:51 -0000	1.29
@@ -47,7 +47,7 @@
   /* Next 20 bytes: Hash of handshake_digest | "INTRODUCE" */
   memcpy(buf, circ->handshake_digest, DIGEST_LEN);
   memcpy(buf+DIGEST_LEN, "INTRODUCE", 9);
-  if (crypto_digest(buf, DIGEST_LEN+9, expected_digest)<0) {
+  if (crypto_digest(expected_digest, buf, DIGEST_LEN+9) < 0) {
     log_fn(LOG_WARN, "Error computing digest");
     goto err;
   }

Index: rendservice.c
===================================================================
RCS file: /home/or/cvsroot/src/or/rendservice.c,v
retrieving revision 1.99
retrieving revision 1.100
diff -u -d -r1.99 -r1.100
--- rendservice.c	1 Nov 2004 21:46:27 -0000	1.99
+++ rendservice.c	2 Nov 2004 02:28:51 -0000	1.100
@@ -394,7 +394,7 @@
   }
   /* Next N bytes is encrypted with service key */
   r = crypto_pk_private_hybrid_decrypt(
-       service->private_key,request+DIGEST_LEN,request_len-DIGEST_LEN,buf,
+       service->private_key,buf,request+DIGEST_LEN,request_len-DIGEST_LEN,
        PK_PKCS1_OAEP_PADDING,1);
   if (r<0) {
     log_fn(LOG_WARN, "Couldn't decrypt INTRODUCE2 cell");
@@ -592,10 +592,10 @@
   len += 2;
   memcpy(auth, circuit->cpath->prev->handshake_digest, DIGEST_LEN);
   memcpy(auth+DIGEST_LEN, "INTRODUCE", 9);
-  if (crypto_digest(auth, DIGEST_LEN+9, buf+len))
+  if (crypto_digest(buf+len, auth, DIGEST_LEN+9))
     goto err;
   len += 20;
-  r = crypto_pk_private_sign_digest(service->private_key, buf, len, buf+len);
+  r = crypto_pk_private_sign_digest(service->private_key, buf+len, buf, len);
   if (r<0) {
     log_fn(LOG_WARN, "Couldn't sign introduction request");
     goto err;

Index: router.c
===================================================================
RCS file: /home/or/cvsroot/src/or/router.c,v
retrieving revision 1.106
retrieving revision 1.107
diff -u -d -r1.106 -r1.107
--- router.c	27 Oct 2004 21:14:11 -0000	1.106
+++ router.c	2 Nov 2004 02:28:51 -0000	1.107
@@ -747,7 +747,7 @@
   if (router_get_router_hash(s, digest) < 0)
     return -1;
 
-  if (crypto_pk_private_sign(ident_key, digest, 20, signature) < 0) {
+  if (crypto_pk_private_sign(ident_key, signature, digest, 20) < 0) {
     log_fn(LOG_WARN, "Error signing digest");
     return -1;
   }

Index: routerparse.c
===================================================================
RCS file: /home/or/cvsroot/src/or/routerparse.c,v
retrieving revision 1.68
retrieving revision 1.69
diff -u -d -r1.68 -r1.69
--- routerparse.c	28 Oct 2004 18:37:52 -0000	1.68
+++ routerparse.c	2 Nov 2004 02:28:51 -0000	1.69
@@ -654,7 +654,7 @@
 
   tor_assert(_pkey);
 
-  if (crypto_pk_public_checksig(_pkey, tok->object_body, 128, signed_digest)
+  if (crypto_pk_public_checksig(_pkey, signed_digest, tok->object_body, 128)
       != 20) {
     log_fn(LOG_WARN, "Error reading directory: invalid signature.");
     return -1;
@@ -903,8 +903,8 @@
     log_fn(LOG_WARN, "Bad object type or length on router signature");
     goto err;
   }
-  if ((t=crypto_pk_public_checksig(router->identity_pkey, tok->object_body,
-                                   128, signed_digest)) != 20) {
+  if ((t=crypto_pk_public_checksig(router->identity_pkey, signed_digest,
+                                   tok->object_body, 128)) != 20) {
     log_fn(LOG_WARN, "Invalid signature %d",t); goto err;
   }
   if (memcmp(digest, signed_digest, 20)) {
@@ -1377,7 +1377,7 @@
   }
   ++end;
 
-  if (crypto_digest(start, end-start, digest)) {
+  if (crypto_digest(digest, start, end-start)) {
     log_fn(LOG_WARN,"couldn't compute digest");
     return -1;
   }

Index: test.c
===================================================================
RCS file: /home/or/cvsroot/src/or/test.c,v
retrieving revision 1.136
retrieving revision 1.137
diff -u -d -r1.136 -r1.137
--- test.c	27 Oct 2004 18:16:37 -0000	1.136
+++ test.c	2 Nov 2004 02:28:51 -0000	1.137
@@ -274,8 +274,8 @@
 
   /* Try out RNG. */
   test_assert(! crypto_seed_rng());
-  crypto_rand(100, data1);
-  crypto_rand(100, data2);
+  crypto_rand(data1, 100);
+  crypto_rand(data2, 100);
   test_memneq(data1,data2,100);
 
 #if 0
@@ -287,7 +287,7 @@
   for(i = 0; i < 1024; ++i) {
     data1[i] = (char) i*73;
   }
-  crypto_cipher_encrypt(env1, data1, 1024, data2);
+  crypto_cipher_encrypt(env1, data2, data1, 1024);
   test_memeq(data1, data2, 1024);
   crypto_free_cipher_env(env1);
 #endif
@@ -309,25 +309,25 @@
   crypto_cipher_decrypt_init_cipher(env2);
 
   /* Try encrypting 512 chars. */
-  crypto_cipher_encrypt(env1, data1, 512, data2);
-  crypto_cipher_decrypt(env2, data2, 512, data3);
+  crypto_cipher_encrypt(env1, data2, data1, 512);
+  crypto_cipher_decrypt(env2, data3, data2, 512);
   test_memeq(data1, data3, 512);
   test_memneq(data1, data2, 512);
 
   /* Now encrypt 1 at a time, and get 1 at a time. */
   for (j = 512; j < 560; ++j) {
-    crypto_cipher_encrypt(env1, data1+j, 1, data2+j);
+    crypto_cipher_encrypt(env1, data2+j, data1+j, 1);
   }
   for (j = 512; j < 560; ++j) {
-    crypto_cipher_decrypt(env2, data2+j, 1, data3+j);
+    crypto_cipher_decrypt(env2, data3+j, data2+j, 1);
   }
   test_memeq(data1, data3, 560);
   /* Now encrypt 3 at a time, and get 5 at a time. */
   for (j = 560; j < 1024-5; j += 3) {
-    crypto_cipher_encrypt(env1, data1+j, 3, data2+j);
+    crypto_cipher_encrypt(env1, data2+j, data1+j, 3);
   }
   for (j = 560; j < 1024-5; j += 5) {
-    crypto_cipher_decrypt(env2, data2+j, 5, data3+j);
+    crypto_cipher_decrypt(env2, data3+j, data2+j, 5);
   }
   test_memeq(data1, data3, 1024-5);
   /* Now make sure that when we encrypt with different chunk sizes, we get
@@ -340,7 +340,7 @@
   crypto_cipher_set_key(env2, crypto_cipher_get_key(env1));
   crypto_cipher_encrypt_init_cipher(env2);
   for (j = 0; j < 1024-16; j += 17) {
-    crypto_cipher_encrypt(env2, data1+j, 17, data3+j);
+    crypto_cipher_encrypt(env2, data3+j, data1+j, 17);
   }
   for (j= 0; j < 1024-16; ++j) {
     if (data2[j] != data3[j]) {
@@ -355,7 +355,7 @@
   /* XXXX Look up some test vectors for the ciphers and make sure we match. */
 
   /* Test SHA-1 with a test vector from the specification. */
-  i = crypto_digest("abc", 3, data1);
+  i = crypto_digest(data1, "abc", 3);
   test_memeq(data1,
              "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78"
              "\x50\xC2\x6C\x9C\xD0\xD8\x9D", 20);
@@ -386,25 +386,25 @@
   test_eq(128, crypto_pk_keysize(pk1));
   test_eq(128, crypto_pk_keysize(pk2));
 
-  test_eq(128, crypto_pk_public_encrypt(pk2, "Hello whirled.", 15, data1,
+  test_eq(128, crypto_pk_public_encrypt(pk2, data1, "Hello whirled.", 15,
                                         PK_PKCS1_OAEP_PADDING));
-  test_eq(128, crypto_pk_public_encrypt(pk1, "Hello whirled.", 15, data2,
+  test_eq(128, crypto_pk_public_encrypt(pk1, data2, "Hello whirled.", 15,
                                         PK_PKCS1_OAEP_PADDING));
   /* oaep padding should make encryption not match */
   test_memneq(data1, data2, 128);
-  test_eq(15, crypto_pk_private_decrypt(pk1, data1, 128, data3,
+  test_eq(15, crypto_pk_private_decrypt(pk1, data3, data1, 128,
                                         PK_PKCS1_OAEP_PADDING,1));
   test_streq(data3, "Hello whirled.");
   memset(data3, 0, 1024);
-  test_eq(15, crypto_pk_private_decrypt(pk1, data2, 128, data3,
+  test_eq(15, crypto_pk_private_decrypt(pk1, data3, data2, 128,
                                         PK_PKCS1_OAEP_PADDING,1));
   test_streq(data3, "Hello whirled.");
   /* Can't decrypt with public key. */
-  test_eq(-1, crypto_pk_private_decrypt(pk2, data2, 128, data3,
+  test_eq(-1, crypto_pk_private_decrypt(pk2, data3, data2, 128,
                                         PK_PKCS1_OAEP_PADDING,1));
   /* Try again with bad padding */
   memcpy(data2+1, "XYZZY", 5);  /* This has fails ~ once-in-2^40 */
-  test_eq(-1, crypto_pk_private_decrypt(pk1, data2, 128, data3,
+  test_eq(-1, crypto_pk_private_decrypt(pk1, data3, data2, 128,
                                         PK_PKCS1_OAEP_PADDING,1));
 
   /* File operations: save and load private key */
@@ -413,17 +413,17 @@
 
   test_assert(! crypto_pk_read_private_key_from_filename(pk2,
                                                          get_fname("pkey1")));
-  test_eq(15, crypto_pk_private_decrypt(pk2, data1, 128, data3,
+  test_eq(15, crypto_pk_private_decrypt(pk2, data3, data1, 128,
                                         PK_PKCS1_OAEP_PADDING,1));
 
   /* Now try signing. */
   strcpy(data1, "Ossifrage");
-  test_eq(128, crypto_pk_private_sign(pk1, data1, 10, data2));
-  test_eq(10, crypto_pk_public_checksig(pk1, data2, 128, data3));
+  test_eq(128, crypto_pk_private_sign(pk1, data2, data1, 10));
+  test_eq(10, crypto_pk_public_checksig(pk1, data3, data2, 128));
   test_streq(data3, "Ossifrage");
   /* Try signing digests. */
-  test_eq(128, crypto_pk_private_sign_digest(pk1, data1, 10, data2));
-  test_eq(20, crypto_pk_public_checksig(pk1, data2, 128, data3));
+  test_eq(128, crypto_pk_private_sign_digest(pk1, data2, data1, 10));
+  test_eq(20, crypto_pk_public_checksig(pk1, data3, data2, 128));
   test_eq(0, crypto_pk_public_checksig_digest(pk1, data1, 10, data2, 128));
   test_eq(-1, crypto_pk_public_checksig_digest(pk1, data1, 11, data2, 128));
   /*XXXX test failed signing*/
@@ -437,7 +437,7 @@
   test_assert(crypto_pk_cmp_keys(pk1,pk2) == 0);
 
   /* Try with hybrid encryption wrappers. */
-  crypto_rand(1024, data1);
+  crypto_rand(data1, 1024);
   for (i = 0; i < 3; ++i) {
     for (j = 85; j < 140; ++j) {
       memset(data2,0,1024);
@@ -446,9 +446,9 @@
         continue;
       p = (i==0)?PK_NO_PADDING:
         (i==1)?PK_PKCS1_PADDING:PK_PKCS1_OAEP_PADDING;
-      len = crypto_pk_public_hybrid_encrypt(pk1,data1,j,data2,p,0);
+      len = crypto_pk_public_hybrid_encrypt(pk1,data2,data1,j,p,0);
       test_assert(len>=0);
-      len = crypto_pk_private_hybrid_decrypt(pk1,data2,len,data3,p,1);
+      len = crypto_pk_private_hybrid_decrypt(pk1,data3,data2,len,p,1);
       test_eq(len,j);
       test_memeq(data1,data3,j);
     }



More information about the tor-commits mailing list