mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
fix: Ticket #31589
- The function `decrypt_desc_layer` has a cleaner interface. - `is_superencrypted_layer` changed from `int` -> `bool` [ticket details](https://trac.torproject.org/projects/tor/ticket/31589) add(changes/*): changes file fix(src/features/hs): is_superencrypted changed from `int` -> `bool` fix(changes/ticket31589): header add(changes/ticket31589): subsystem(onion services) to change
This commit is contained in:
parent
6846d14868
commit
3e45260594
2
changes/ticket31589
Normal file
2
changes/ticket31589
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
o Code simplification and refactoring (onion services):
|
||||||
|
- Interface for function `decrypt_desc_layer` cleaned up. Closes ticket 31589.
|
@ -244,7 +244,7 @@ problem function-size /src/feature/hs/hs_common.c:hs_get_responsible_hsdirs() 10
|
|||||||
problem function-size /src/feature/hs/hs_config.c:config_service_v3() 107
|
problem function-size /src/feature/hs/hs_config.c:config_service_v3() 107
|
||||||
problem function-size /src/feature/hs/hs_config.c:config_generic_service() 138
|
problem function-size /src/feature/hs/hs_config.c:config_generic_service() 138
|
||||||
problem function-size /src/feature/hs/hs_descriptor.c:desc_encode_v3() 101
|
problem function-size /src/feature/hs/hs_descriptor.c:desc_encode_v3() 101
|
||||||
problem function-size /src/feature/hs/hs_descriptor.c:decrypt_desc_layer() 105
|
problem function-size /src/feature/hs/hs_descriptor.c:decrypt_desc_layer() 111
|
||||||
problem function-size /src/feature/hs/hs_descriptor.c:decode_introduction_point() 122
|
problem function-size /src/feature/hs/hs_descriptor.c:decode_introduction_point() 122
|
||||||
problem function-size /src/feature/hs/hs_descriptor.c:desc_decode_superencrypted_v3() 107
|
problem function-size /src/feature/hs/hs_descriptor.c:desc_decode_superencrypted_v3() 107
|
||||||
problem function-size /src/feature/hs/hs_descriptor.c:desc_decode_encrypted_v3() 107
|
problem function-size /src/feature/hs/hs_descriptor.c:desc_decode_encrypted_v3() 107
|
||||||
|
@ -1477,10 +1477,8 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
|
|||||||
*/
|
*/
|
||||||
MOCK_IMPL(STATIC size_t,
|
MOCK_IMPL(STATIC size_t,
|
||||||
decrypt_desc_layer,(const hs_descriptor_t *desc,
|
decrypt_desc_layer,(const hs_descriptor_t *desc,
|
||||||
const uint8_t *encrypted_blob,
|
|
||||||
size_t encrypted_blob_size,
|
|
||||||
const uint8_t *descriptor_cookie,
|
const uint8_t *descriptor_cookie,
|
||||||
int is_superencrypted_layer,
|
bool is_superencrypted_layer,
|
||||||
char **decrypted_out))
|
char **decrypted_out))
|
||||||
{
|
{
|
||||||
uint8_t *decrypted = NULL;
|
uint8_t *decrypted = NULL;
|
||||||
@ -1490,6 +1488,12 @@ decrypt_desc_layer,(const hs_descriptor_t *desc,
|
|||||||
uint8_t mac_key[DIGEST256_LEN], our_mac[DIGEST256_LEN];
|
uint8_t mac_key[DIGEST256_LEN], our_mac[DIGEST256_LEN];
|
||||||
const uint8_t *salt, *encrypted, *desc_mac;
|
const uint8_t *salt, *encrypted, *desc_mac;
|
||||||
size_t encrypted_len, result_len = 0;
|
size_t encrypted_len, result_len = 0;
|
||||||
|
const uint8_t *encrypted_blob = (is_superencrypted_layer)
|
||||||
|
? desc->plaintext_data.superencrypted_blob
|
||||||
|
: desc->superencrypted_data.encrypted_blob;
|
||||||
|
size_t encrypted_blob_size = (is_superencrypted_layer)
|
||||||
|
? desc->plaintext_data.superencrypted_blob_size
|
||||||
|
: desc->superencrypted_data.encrypted_blob_size;
|
||||||
|
|
||||||
tor_assert(decrypted_out);
|
tor_assert(decrypted_out);
|
||||||
tor_assert(desc);
|
tor_assert(desc);
|
||||||
@ -1603,9 +1607,8 @@ desc_decrypt_superencrypted(const hs_descriptor_t *desc, char **decrypted_out)
|
|||||||
tor_assert(decrypted_out);
|
tor_assert(decrypted_out);
|
||||||
|
|
||||||
superencrypted_len = decrypt_desc_layer(desc,
|
superencrypted_len = decrypt_desc_layer(desc,
|
||||||
desc->plaintext_data.superencrypted_blob,
|
NULL,
|
||||||
desc->plaintext_data.superencrypted_blob_size,
|
true, &superencrypted_plaintext);
|
||||||
NULL, 1, &superencrypted_plaintext);
|
|
||||||
|
|
||||||
if (!superencrypted_len) {
|
if (!superencrypted_len) {
|
||||||
log_warn(LD_REND, "Decrypting superencrypted desc failed.");
|
log_warn(LD_REND, "Decrypting superencrypted desc failed.");
|
||||||
@ -1654,9 +1657,9 @@ desc_decrypt_encrypted(const hs_descriptor_t *desc,
|
|||||||
}
|
}
|
||||||
|
|
||||||
encrypted_len = decrypt_desc_layer(desc,
|
encrypted_len = decrypt_desc_layer(desc,
|
||||||
desc->superencrypted_data.encrypted_blob,
|
descriptor_cookie,
|
||||||
desc->superencrypted_data.encrypted_blob_size,
|
false, &encrypted_plaintext);
|
||||||
descriptor_cookie, 0, &encrypted_plaintext);
|
|
||||||
if (!encrypted_len) {
|
if (!encrypted_len) {
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
@ -276,6 +276,7 @@ void hs_desc_authorized_client_free_(hs_desc_authorized_client_t *client);
|
|||||||
hs_desc_authorized_client_free_, (client))
|
hs_desc_authorized_client_free_, (client))
|
||||||
|
|
||||||
hs_desc_authorized_client_t *hs_desc_build_fake_authorized_client(void);
|
hs_desc_authorized_client_t *hs_desc_build_fake_authorized_client(void);
|
||||||
|
|
||||||
void hs_desc_build_authorized_client(const uint8_t *subcredential,
|
void hs_desc_build_authorized_client(const uint8_t *subcredential,
|
||||||
const curve25519_public_key_t *
|
const curve25519_public_key_t *
|
||||||
client_auth_pk,
|
client_auth_pk,
|
||||||
@ -308,10 +309,8 @@ STATIC int desc_sig_is_valid(const char *b64_sig,
|
|||||||
const char *encoded_desc, size_t encoded_len);
|
const char *encoded_desc, size_t encoded_len);
|
||||||
|
|
||||||
MOCK_DECL(STATIC size_t, decrypt_desc_layer,(const hs_descriptor_t *desc,
|
MOCK_DECL(STATIC size_t, decrypt_desc_layer,(const hs_descriptor_t *desc,
|
||||||
const uint8_t *encrypted_blob,
|
|
||||||
size_t encrypted_blob_size,
|
|
||||||
const uint8_t *descriptor_cookie,
|
const uint8_t *descriptor_cookie,
|
||||||
int is_superencrypted_layer,
|
bool is_superencrypted_layer,
|
||||||
char **decrypted_out));
|
char **decrypted_out));
|
||||||
|
|
||||||
#endif /* defined(HS_DESCRIPTOR_PRIVATE) */
|
#endif /* defined(HS_DESCRIPTOR_PRIVATE) */
|
||||||
|
@ -35,16 +35,21 @@ mock_rsa_ed25519_crosscert_check(const uint8_t *crosscert,
|
|||||||
|
|
||||||
static size_t
|
static size_t
|
||||||
mock_decrypt_desc_layer(const hs_descriptor_t *desc,
|
mock_decrypt_desc_layer(const hs_descriptor_t *desc,
|
||||||
const uint8_t *encrypted_blob,
|
|
||||||
size_t encrypted_blob_size,
|
|
||||||
const uint8_t *descriptor_cookie,
|
const uint8_t *descriptor_cookie,
|
||||||
int is_superencrypted_layer,
|
bool is_superencrypted_layer,
|
||||||
char **decrypted_out)
|
char **decrypted_out)
|
||||||
{
|
{
|
||||||
(void)is_superencrypted_layer;
|
(void)is_superencrypted_layer;
|
||||||
(void)desc;
|
(void)desc;
|
||||||
(void)descriptor_cookie;
|
(void)descriptor_cookie;
|
||||||
const size_t overhead = HS_DESC_ENCRYPTED_SALT_LEN + DIGEST256_LEN;
|
const size_t overhead = HS_DESC_ENCRYPTED_SALT_LEN + DIGEST256_LEN;
|
||||||
|
const uint8_t *encrypted_blob = (is_superencrypted_layer)
|
||||||
|
? desc->plaintext_data.superencrypted_blob
|
||||||
|
: desc->superencrypted_data.encrypted_blob;
|
||||||
|
size_t encrypted_blob_size = (is_superencrypted_layer)
|
||||||
|
? desc->plaintext_data.superencrypted_blob_size
|
||||||
|
: desc->superencrypted_data.encrypted_blob_size;
|
||||||
|
|
||||||
if (encrypted_blob_size < overhead)
|
if (encrypted_blob_size < overhead)
|
||||||
return 0;
|
return 0;
|
||||||
*decrypted_out = tor_memdup_nulterm(
|
*decrypted_out = tor_memdup_nulterm(
|
||||||
|
Loading…
Reference in New Issue
Block a user