Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nss symmetric crypto support #234

Closed
wants to merge 20 commits into from
Closed

Nss symmetric crypto support #234

wants to merge 20 commits into from

Conversation

Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@nmathewson @coveralls
@nmathewson
Copy link
Contributor

@nmathewson nmathewson commented Jul 16, 2018

No description provided.

nmathewson added 15 commits Jul 11, 2018
@nmathewson
Make our crypto library symbolic in the makefiles.
92db96d
@nmathewson
Add a configure switch to build with NSS.
79267ba 
When it is set, include the NSS headers and libraries as
appropriate.  Doesn't actually use them yet, though.
@nmathewson
Move the initialization and cleanup parts of crypto.c
12a1ada 
These are now part of crypto_init.c.  The openssl-only parts now
live in crypto_openssl_mgt.c.

I recommend reviewing this patch with -b and --color-moved.
@nmathewson
Move crypto_add_spaces_to_fp() to crypto_rsa.c
8e2df98
@nmathewson
Extract and rename crypto_log_errors().
922208b
@nmathewson
Remove most includes from crypto.c
9010797
@nmathewson
Rename crypto.c to crypto_cipher.c (since that's all it still has.)
f45107e
@nmathewson
Initialize and shut down NSS.
c317e78 
This is largely conjectural, based on online documentation for NSS
and NSPR.
@nmathewson
Add postfork support for nss
d811ce2 
We need this in our unit tests, since otherwise NSS will notice
we've forked and start cussing us out.

I suspect we'll need a different hack for daemonizing, but this
should be enough for tinytest to work.
@nmathewson
Make nss get initialized before we fuzz anything.
27dd2b1
@nmathewson
Use NSS's digest code in Tor.
90f154b 
This was a fairly straightforward port, once I realized which layer
I should be calling into.
@nmathewson
Make sure NSS is initialized before running benchmarks
3f83d4f
@nmathewson
Use NSS in crypto_rand.c
0cff682 
This is comparatively straightforward too, except for a couple of
twists:

   * For as long as we're building with two crypto libraries, we
     want to seed _both_ their RNGs, and use _both_ their RNGs to
     improve the output of crypto_strongest_rand()

   * The NSS prng will sometimes refuse to generate huge outputs.
     When it does, we stretch the output with SHAKE.  We only need
     this for the tests.
@nmathewson
Use NSS for AES_CTR.
a141593
@nmathewson
Changes files for feature26815 and 26816
1996e87
@coveralls
Copy link

@coveralls coveralls commented Jul 16, 2018

Coverage Status

Coverage increased (+0.01%) to 59.533% when pulling 1996e87 on nmathewson:nss_symmetric into 8505522 on torproject:master.

nmathewson added 5 commits Jul 18, 2018
@nmathewson
Fix "make distcheck."
bae8550
@nmathewson
fixup! Use NSS for AES_CTR.
98326f0 
Remove a needless semicolon.
@nmathewson
fixup! Use NSS's digest code in Tor.
e94da7b 
Add some casts to make clang happier.
@nmathewson
Make the rust tests link.
34ddbe5
@nmathewson
Disable strict-prototypes warning when including headers.
e685021
@nmathewson
Copy link
Contributor Author

@nmathewson nmathewson commented Sep 30, 2018

This was squashed and merged as part of a parent ticket.

@nmathewson nmathewson closed this Sep 30, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment