Remove IVs from cipher code, since AES-ctr has none.

svn:r1742

src/common/crypto.c

@@ -78,7 +78,6 @@ struct crypto_pk_env_t
 struct crypto_cipher_env_t
 {
   unsigned char key[CIPHER_KEY_LEN];
-  unsigned char iv[_ARRAYSIZE(CIPHER_IV_LEN)];
   aes_cnt_cipher_t *cipher;
 };
 
@@ -214,13 +213,12 @@ void crypto_free_pk_env(crypto_pk_env_t *env)
   free(env);
 }
 
-
 /* Create a new crypto_cipher_env_t for a given onion cipher type, key,
  * iv, and encryption flag (1=encrypt, 0=decrypt).  Return the crypto object
  * on success; NULL on failure.
  */
 crypto_cipher_env_t *
-crypto_create_init_cipher(const char *key, const char *iv, int encrypt_mode)
+crypto_create_init_cipher(const char *key, int encrypt_mode)
 {
   int r;
   crypto_cipher_env_t *crypto = NULL;
@@ -235,11 +233,6 @@ crypto_create_init_cipher(const char *key, const char *iv, int encrypt_mode)
     goto error;
   }
 
-  if (crypto_cipher_set_iv(crypto, iv)) {
-    crypto_log_errors(LOG_WARN, "setting IV");
-    goto error;
-  }
-
   if (encrypt_mode)
     r = crypto_cipher_encrypt_init_cipher(crypto);
   else
@@ -653,7 +646,7 @@ int crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
     log_fn(LOG_WARN, "No room for a symmetric key");
     return -1;
   }
-  cipher = crypto_create_init_cipher(buf, NULL, 0);
+  cipher = crypto_create_init_cipher(buf, 0);
   if (!cipher) {
     return -1;
   }
@@ -800,21 +793,6 @@ int crypto_cipher_generate_key(crypto_cipher_env_t *env)
   return crypto_rand(CIPHER_KEY_LEN, env->key);
 }
 
-int crypto_cipher_set_iv(crypto_cipher_env_t *env, const unsigned char *iv)
-{
-  tor_assert(env && (CIPHER_IV_LEN==0 || iv));
-
-  if (!CIPHER_IV_LEN)
-    return 0;
-
-  if (!env->iv)
-    return -1;
-
-  memcpy(env->iv, iv, CIPHER_IV_LEN);
-
-  return 0;
-}
-
 int crypto_cipher_set_key(crypto_cipher_env_t *env, const unsigned char *key)
 {
   tor_assert(env && key);

src/common/crypto.h

@@ -9,7 +9,6 @@
 
 #define DIGEST_LEN 20
 #define CIPHER_KEY_LEN 16
-#define CIPHER_IV_LEN 0
 #define PK_BITS 1024
 #define PK_BYTES (PK_BITS/8)
 #define DH_BITS 1024
@@ -90,7 +89,6 @@ void crypto_dh_free(crypto_dh_env_t *dh);
 
 /* symmetric crypto */
 int crypto_cipher_generate_key(crypto_cipher_env_t *env);
-int crypto_cipher_set_iv(crypto_cipher_env_t *env, const unsigned char *iv);
 int crypto_cipher_set_key(crypto_cipher_env_t *env, const unsigned char *key);
 int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env);
 int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env);
@@ -103,8 +101,8 @@ int crypto_cipher_decrypt(crypto_cipher_env_t *env, const unsigned char *from, u
 int crypto_cipher_rewind(crypto_cipher_env_t *env, long delta);
 int crypto_cipher_advance(crypto_cipher_env_t *env, long delta);
 
-/* convenience function: wraps crypto_create_crypto_env, set_key, set_iv, and init. */
-crypto_cipher_env_t *crypto_create_init_cipher(const char *key, const char *iv, int encrypt_mode);
+/* convenience function: wraps crypto_create_crypto_env, set_key, and init. */
+crypto_cipher_env_t *crypto_create_init_cipher(const char *key, int encrypt_mode);
 
 /* SHA-1 */
 int crypto_digest(const unsigned char *m, int len, unsigned char *digest);

src/common/util.h

@@ -36,14 +36,12 @@
 #define strncasecmp strnicmp
 #define strcasecmp stricmp
 #define INLINE __inline
-#define _ARRAYSIZE(x) (((x)==0)?1:(x))
 /* Windows compilers before VC7 don't have __FUNCTION__. */
 #if _MSC_VER < 1300
 #define __FUNCTION__ "???"
 #endif
 #else
 #define INLINE inline
-#define _ARRAYSIZE(x) (x)
 #endif
 
 #ifdef NDEBUG

src/or/circuit.c

@@ -1627,7 +1627,6 @@ int circuit_extend(cell_t *cell, circuit_t *circ) {
  */
 int circuit_init_cpath_crypto(crypt_path_t *cpath, char *key_data, int reverse)
 {
-  unsigned char iv[_ARRAYSIZE(CIPHER_IV_LEN)];
   crypto_digest_env_t *tmp_digest;
   crypto_cipher_env_t *tmp_crypto;
 
@@ -1635,8 +1634,6 @@ int circuit_init_cpath_crypto(crypt_path_t *cpath, char *key_data, int reverse)
   tor_assert(!(cpath->f_crypto || cpath->b_crypto ||
              cpath->f_digest || cpath->b_digest));
 
-  memset(iv, 0, CIPHER_IV_LEN);
-
   log_fn(LOG_DEBUG,"hop init digest forward 0x%.8x, backward 0x%.8x.",
          (unsigned int)*(uint32_t*)key_data, (unsigned int)*(uint32_t*)(key_data+20));
   cpath->f_digest = crypto_new_digest_env();
@@ -1647,12 +1644,12 @@ int circuit_init_cpath_crypto(crypt_path_t *cpath, char *key_data, int reverse)
   log_fn(LOG_DEBUG,"hop init cipher forward 0x%.8x, backward 0x%.8x.",
          (unsigned int)*(uint32_t*)(key_data+40), (unsigned int)*(uint32_t*)(key_data+40+16));
   if (!(cpath->f_crypto =
-        crypto_create_init_cipher(key_data+(2*DIGEST_LEN),iv,1))) {
+        crypto_create_init_cipher(key_data+(2*DIGEST_LEN),1))) {
     log(LOG_WARN,"forward cipher initialization failed.");
     return -1;
   }
   if (!(cpath->b_crypto =
-     crypto_create_init_cipher(key_data+(2*DIGEST_LEN)+CIPHER_KEY_LEN,iv,0))) {
+     crypto_create_init_cipher(key_data+(2*DIGEST_LEN)+CIPHER_KEY_LEN,0))) {
     log(LOG_WARN,"backward cipher initialization failed.");
     return -1;
   }

src/or/test.c

@@ -260,7 +260,6 @@ test_crypto()
   env1 = crypto_new_cipher_env(CRYPTO_CIPHER_IDENTITY);
   test_neq(env1, 0);
   test_eq(crypto_cipher_generate_key(env1), 0);
-  test_eq(crypto_cipher_set_iv(env1, ""), 0);
   test_eq(crypto_cipher_encrypt_init_cipher(env1), 0);
   for(i = 0; i < 1024; ++i) {
     data1[i] = (char) i*73;
@@ -283,8 +282,6 @@ test_crypto()
   test_neq(env2, 0);
   j = crypto_cipher_generate_key(env1);
   crypto_cipher_set_key(env2, crypto_cipher_get_key(env1));
-  crypto_cipher_set_iv(env1, "12345678901234567890");
-  crypto_cipher_set_iv(env2, "12345678901234567890");
   crypto_cipher_encrypt_init_cipher(env1);
   crypto_cipher_decrypt_init_cipher(env2);
 
@@ -318,7 +315,6 @@ test_crypto()
   env2 = crypto_new_cipher_env();
   test_neq(env2, 0);
   crypto_cipher_set_key(env2, crypto_cipher_get_key(env1));
-  crypto_cipher_set_iv(env2, "12345678901234567890");
   crypto_cipher_encrypt_init_cipher(env2);
   for (j = 0; j < 1024-16; j += 17) {
     crypto_cipher_encrypt(env2, data1+j, 17, data3+j);