Merge branch 'maint-0.3.2'

This commit is contained in:
Nick Mathewson 2017-10-31 14:04:34 -04:00
commit 2b6f246652
4 changed files with 35 additions and 6 deletions

View File

@ -0,0 +1,3 @@
o Minor features (testing):
- Our fuzzing tests now test the encrypted portions of the
v3 hidden service descriptors. Implements more of 21509.

View File

@ -1303,12 +1303,12 @@ encrypted_data_length_is_valid(size_t len)
* generate the right decryption keys; set <b>decrypted_out</b> to the
* plaintext. If <b>is_superencrypted_layer</b> is set, this is the outter
* encrypted layer of the descriptor. */
static size_t
decrypt_desc_layer(const hs_descriptor_t *desc,
MOCK_IMPL(STATIC size_t,
decrypt_desc_layer,(const hs_descriptor_t *desc,
const uint8_t *encrypted_blob,
size_t encrypted_blob_size,
int is_superencrypted_layer,
char **decrypted_out)
char **decrypted_out))
{
uint8_t *decrypted = NULL;
uint8_t secret_key[HS_DESC_ENCRYPTED_KEY_LEN], secret_iv[CIPHER_IV_LEN];

View File

@ -261,6 +261,13 @@ STATIC size_t decode_superencrypted(const char *message, size_t message_len,
uint8_t **encrypted_out);
STATIC void desc_plaintext_data_free_contents(hs_desc_plaintext_data_t *desc);
MOCK_DECL(STATIC size_t, decrypt_desc_layer,(const hs_descriptor_t *desc,
const uint8_t *encrypted_blob,
size_t encrypted_blob_size,
int is_superencrypted_layer,
char **decrypted_out));
#endif /* defined(HS_DESCRIPTOR_PRIVATE) */
#endif /* !defined(TOR_HS_DESCRIPTOR_H) */

View File

@ -35,12 +35,31 @@ mock_rsa_ed25519_crosscert_check(const uint8_t *crosscert,
return 0;
}
static size_t
mock_decrypt_desc_layer(const hs_descriptor_t *desc,
const uint8_t *encrypted_blob,
size_t encrypted_blob_size,
int is_superencrypted_layer,
char **decrypted_out)
{
(void)is_superencrypted_layer;
(void)desc;
const size_t overhead = HS_DESC_ENCRYPTED_SALT_LEN + DIGEST256_LEN;
if (encrypted_blob_size < overhead)
return 0;
*decrypted_out = tor_memdup_nulterm(
encrypted_blob + HS_DESC_ENCRYPTED_SALT_LEN,
encrypted_blob_size - overhead);
return strlen(*decrypted_out);
}
int
fuzz_init(void)
{
disable_signature_checking();
MOCK(dump_desc, mock_dump_desc__nodump);
MOCK(rsa_ed25519_crosscert_check, mock_rsa_ed25519_crosscert_check);
MOCK(decrypt_desc_layer, mock_decrypt_desc_layer);
ed25519_init();
return 0;
}