mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-09-21 13:34:59 +02:00
Merge remote-tracking branch 'dgoulet/bug20991_030_01'
This commit is contained in:
commit
0a0e513d42
@ -70,7 +70,11 @@ verify_establish_intro_cell(const hs_cell_establish_intro_t *cell,
|
||||
ed25519_signature_t sig_struct;
|
||||
const uint8_t *sig_array = hs_cell_establish_intro_getconstarray_sig(cell);
|
||||
|
||||
if (hs_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig)) {
|
||||
/* Make sure the signature length is of the right size. For EXTRA safety,
|
||||
* we check both the size of the array and the length which must be the
|
||||
* same. Safety first!*/
|
||||
if (hs_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig) ||
|
||||
hs_cell_establish_intro_get_sig_len(cell) != sizeof(sig_struct.sig)) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
|
||||
"ESTABLISH_INTRO sig len is invalid");
|
||||
return -1;
|
||||
@ -83,7 +87,7 @@ verify_establish_intro_cell(const hs_cell_establish_intro_t *cell,
|
||||
|
||||
const size_t sig_msg_len = cell->end_sig_fields - msg;
|
||||
int sig_mismatch = ed25519_checksig_prefixed(&sig_struct,
|
||||
(uint8_t*) msg, sig_msg_len,
|
||||
msg, sig_msg_len,
|
||||
ESTABLISH_INTRO_SIG_PREFIX,
|
||||
&auth_key);
|
||||
if (sig_mismatch) {
|
||||
|
@ -152,8 +152,9 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material,
|
||||
tor_assert(encoded_len > ED25519_SIG_LEN);
|
||||
|
||||
if (ed25519_sign_prefixed(&sig,
|
||||
(uint8_t*) cell_bytes_tmp,
|
||||
encoded_len - ED25519_SIG_LEN,
|
||||
cell_bytes_tmp,
|
||||
encoded_len -
|
||||
(ED25519_SIG_LEN + sizeof(cell->sig_len)),
|
||||
ESTABLISH_INTRO_SIG_PREFIX,
|
||||
&key_struct)) {
|
||||
log_warn(LD_BUG, "Unable to gen signature for ESTABLISH_INTRO cell.");
|
||||
|
@ -231,6 +231,11 @@ hs_cell_establish_intro_getconstarray_handshake_mac(const hs_cell_establish_intr
|
||||
{
|
||||
return (const uint8_t *)hs_cell_establish_intro_getarray_handshake_mac((hs_cell_establish_intro_t*)inp);
|
||||
}
|
||||
const uint8_t *
|
||||
hs_cell_establish_intro_get_end_sig_fields(const hs_cell_establish_intro_t *inp)
|
||||
{
|
||||
return inp->end_sig_fields;
|
||||
}
|
||||
uint16_t
|
||||
hs_cell_establish_intro_get_sig_len(const hs_cell_establish_intro_t *inp)
|
||||
{
|
||||
@ -242,11 +247,6 @@ hs_cell_establish_intro_set_sig_len(hs_cell_establish_intro_t *inp, uint16_t val
|
||||
inp->sig_len = val;
|
||||
return 0;
|
||||
}
|
||||
const uint8_t *
|
||||
hs_cell_establish_intro_get_end_sig_fields(const hs_cell_establish_intro_t *inp)
|
||||
{
|
||||
return inp->end_sig_fields;
|
||||
}
|
||||
size_t
|
||||
hs_cell_establish_intro_getlen_sig(const hs_cell_establish_intro_t *inp)
|
||||
{
|
||||
@ -518,12 +518,12 @@ hs_cell_establish_intro_parse_into(hs_cell_establish_intro_t *obj, const uint8_t
|
||||
CHECK_REMAINING(TRUNNEL_SHA3_256_LEN, truncated);
|
||||
memcpy(obj->handshake_mac, ptr, TRUNNEL_SHA3_256_LEN);
|
||||
remaining -= TRUNNEL_SHA3_256_LEN; ptr += TRUNNEL_SHA3_256_LEN;
|
||||
obj->end_sig_fields = ptr;
|
||||
|
||||
/* Parse u16 sig_len */
|
||||
CHECK_REMAINING(2, truncated);
|
||||
obj->sig_len = trunnel_ntohs(trunnel_get_uint16(ptr));
|
||||
remaining -= 2; ptr += 2;
|
||||
obj->end_sig_fields = ptr;
|
||||
|
||||
/* Parse u8 sig[sig_len] */
|
||||
CHECK_REMAINING(obj->sig_len, truncated);
|
||||
|
@ -19,8 +19,8 @@ struct hs_cell_establish_intro_st {
|
||||
struct cell_extension_st *extensions;
|
||||
const uint8_t *end_mac_fields;
|
||||
uint8_t handshake_mac[TRUNNEL_SHA3_256_LEN];
|
||||
uint16_t sig_len;
|
||||
const uint8_t *end_sig_fields;
|
||||
uint16_t sig_len;
|
||||
TRUNNEL_DYNARRAY_HEAD(, uint8_t) sig;
|
||||
uint8_t trunnel_error_code_;
|
||||
};
|
||||
@ -170,6 +170,9 @@ uint8_t * hs_cell_establish_intro_getarray_handshake_mac(hs_cell_establish_intro
|
||||
* a const pointer
|
||||
*/
|
||||
const uint8_t * hs_cell_establish_intro_getconstarray_handshake_mac(const hs_cell_establish_intro_t *inp);
|
||||
/** Return the position for end_sig_fields when we parsed this object
|
||||
*/
|
||||
const uint8_t * hs_cell_establish_intro_get_end_sig_fields(const hs_cell_establish_intro_t *inp);
|
||||
/** Return the value of the sig_len field of the
|
||||
* hs_cell_establish_intro_t in 'inp'
|
||||
*/
|
||||
@ -179,9 +182,6 @@ uint16_t hs_cell_establish_intro_get_sig_len(const hs_cell_establish_intro_t *in
|
||||
* return -1 and set the error code on 'inp' on failure.
|
||||
*/
|
||||
int hs_cell_establish_intro_set_sig_len(hs_cell_establish_intro_t *inp, uint16_t val);
|
||||
/** Return the position for end_sig_fields when we parsed this object
|
||||
*/
|
||||
const uint8_t * hs_cell_establish_intro_get_end_sig_fields(const hs_cell_establish_intro_t *inp);
|
||||
/** Return the length of the dynamic array holding the sig field of
|
||||
* the hs_cell_establish_intro_t in 'inp'.
|
||||
*/
|
||||
|
@ -26,9 +26,9 @@ struct hs_cell_establish_intro {
|
||||
u8 handshake_mac[TRUNNEL_SHA3_256_LEN];
|
||||
|
||||
/* Signature */
|
||||
u16 sig_len;
|
||||
/* Indicate the end of the handshake authentication data. */
|
||||
@ptr end_sig_fields;
|
||||
u16 sig_len;
|
||||
u8 sig[sig_len];
|
||||
};
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user