mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-09-21 21:44:58 +02:00
Use symbolic constants; make padding types match.
svn:r1491
This commit is contained in:
Nick Mathewson
parent
04e8dc9026
commit
5033c366e1
@ -41,13 +41,11 @@ rend_client_send_establish_rendezvous(circuit_t *circ)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
#define LEN_REND_INTRODUCE1 (20+20+20+16+128+42)
|
|
||||||
|
|
||||||
int
|
int
|
||||||
rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc) {
|
rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc) {
|
||||||
const char *descp;
|
const char *descp;
|
||||||
int desc_len;
|
int desc_len, payload_len, r;
|
||||||
char payload[LEN_REND_INTRODUCE1];
|
char payload[RELAY_PAYLOAD_SIZE];
|
||||||
char tmp[20+20+128];
|
char tmp[20+20+128];
|
||||||
rend_service_descriptor_t *parsed=NULL;
|
rend_service_descriptor_t *parsed=NULL;
|
||||||
crypt_path_t *cpath;
|
crypt_path_t *cpath;
|
||||||
@ -94,18 +92,21 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc) {
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(crypto_pk_public_hybrid_encrypt(parsed->pk, tmp,
|
r = crypto_pk_public_hybrid_encrypt(parsed->pk, tmp,
|
||||||
20+20+128, payload+20,
|
20+20+128, payload+20,
|
||||||
PK_PKCS1_OAEP_PADDING) < 0) {
|
PK_PKCS1_OAEP_PADDING);
|
||||||
|
if (r<0) {
|
||||||
log_fn(LOG_WARN,"hybrid pk encrypt failed.");
|
log_fn(LOG_WARN,"hybrid pk encrypt failed.");
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
payload_len = 20 + r;
|
||||||
|
|
||||||
rend_service_descriptor_free(parsed);
|
rend_service_descriptor_free(parsed);
|
||||||
|
|
||||||
if (connection_edge_send_command(NULL, introcirc,
|
if (connection_edge_send_command(NULL, introcirc,
|
||||||
RELAY_COMMAND_INTRODUCE1,
|
RELAY_COMMAND_INTRODUCE1,
|
||||||
payload, LEN_REND_INTRODUCE1,
|
payload, payload_len,
|
||||||
introcirc->cpath->prev)<0) {
|
introcirc->cpath->prev)<0) {
|
||||||
/* introcirc is already marked for close. leave rendcirc alone. */
|
/* introcirc is already marked for close. leave rendcirc alone. */
|
||||||
log_fn(LOG_WARN, "Couldn't send INTRODUCE1 cell");
|
log_fn(LOG_WARN, "Couldn't send INTRODUCE1 cell");
|
||||||
|
|||||||
@ -11,13 +11,12 @@ int
|
|||||||
rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len)
|
rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len)
|
||||||
{
|
{
|
||||||
crypto_pk_env_t *pk = NULL;
|
crypto_pk_env_t *pk = NULL;
|
||||||
char buf[20+9];
|
char buf[DIGEST_LEN+9];
|
||||||
char expected_digest[20];
|
char expected_digest[DIGEST_LEN];
|
||||||
char pk_digest[20];
|
char pk_digest[DIGEST_LEN];
|
||||||
int asn1len;
|
int asn1len;
|
||||||
circuit_t *c;
|
circuit_t *c;
|
||||||
char hexid[9];
|
char hexid[9];
|
||||||
char hexdigest[20*2+1];
|
|
||||||
|
|
||||||
log_fn(LOG_INFO,
|
log_fn(LOG_INFO,
|
||||||
"Received an ESTABLISH_INTRO request on circuit %d", circ->p_circ_id);
|
"Received an ESTABLISH_INTRO request on circuit %d", circ->p_circ_id);
|
||||||
@ -26,13 +25,13 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len)
|
|||||||
log_fn(LOG_WARN, "Rejecting ESTABLISH_INTRO on non-OR or non-edge circuit");
|
log_fn(LOG_WARN, "Rejecting ESTABLISH_INTRO on non-OR or non-edge circuit");
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (request_len < 22)
|
if (request_len < 2+DIGEST_LEN)
|
||||||
goto truncated;
|
goto truncated;
|
||||||
/* First 2 bytes: length of asn1-encoded key. */
|
/* First 2 bytes: length of asn1-encoded key. */
|
||||||
asn1len = get_uint16(request);
|
asn1len = get_uint16(request);
|
||||||
|
|
||||||
/* Next asn1len bytes: asn1-encoded key. */
|
/* Next asn1len bytes: asn1-encoded key. */
|
||||||
if (request_len < 22+asn1len)
|
if (request_len < 2+DIGEST_LEN+asn1len)
|
||||||
goto truncated;
|
goto truncated;
|
||||||
pk = crypto_pk_asn1_decode(request+2, asn1len);
|
pk = crypto_pk_asn1_decode(request+2, asn1len);
|
||||||
if (!pk) {
|
if (!pk) {
|
||||||
@ -40,28 +39,21 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len)
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* XXX remove after debuggin */
|
|
||||||
hex_encode(circ->handshake_digest, 20, hexdigest);
|
|
||||||
log_fn(LOG_INFO, "Handshake information is: %s", hexdigest);
|
|
||||||
|
|
||||||
/* Next 20 bytes: Hash of handshake_digest | "INTRODUCE" */
|
/* Next 20 bytes: Hash of handshake_digest | "INTRODUCE" */
|
||||||
memcpy(buf, circ->handshake_digest, 20);
|
memcpy(buf, circ->handshake_digest, DIGEST_LEN);
|
||||||
memcpy(buf+20, "INTRODUCE", 9);
|
memcpy(buf+DIGEST_LEN, "INTRODUCE", 9);
|
||||||
if (crypto_digest(buf, 29, expected_digest)<0) {
|
if (crypto_digest(buf, DIGEST_LEN+9, expected_digest)<0) {
|
||||||
log_fn(LOG_WARN, "Error computing digest");
|
log_fn(LOG_WARN, "Error computing digest");
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
hex_encode(expected_digest, 20, hexdigest);
|
if (memcmp(expected_digest, request+2+asn1len, DIGEST_LEN)) {
|
||||||
log_fn(LOG_INFO, "Expected digest is: %s", hexdigest);
|
|
||||||
hex_encode(request+2+asn1len, 20, hexdigest);
|
|
||||||
log_fn(LOG_INFO, "Received digest is: %s", hexdigest);
|
|
||||||
if (memcmp(expected_digest, request+2+asn1len, 20)) {
|
|
||||||
log_fn(LOG_WARN, "Hash of session info was not as expected");
|
log_fn(LOG_WARN, "Hash of session info was not as expected");
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
/* Rest of body: signature of previous data */
|
/* Rest of body: signature of previous data */
|
||||||
if (crypto_pk_public_checksig_digest(pk, request, 22+asn1len,
|
if (crypto_pk_public_checksig_digest(pk, request, 2+asn1len+DIGEST_LEN,
|
||||||
request+22+asn1len, request_len-(22+asn1len))<0) {
|
request+2+DIGEST_LEN+asn1len,
|
||||||
|
request_len-(2+DIGEST_LEN+asn1len))<0) {
|
||||||
log_fn(LOG_WARN, "Incorrect signature on ESTABLISH_INTRO cell; rejecting");
|
log_fn(LOG_WARN, "Incorrect signature on ESTABLISH_INTRO cell; rejecting");
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -306,7 +306,7 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
|
|||||||
{
|
{
|
||||||
char *ptr, *rp_nickname, *r_cookie;
|
char *ptr, *rp_nickname, *r_cookie;
|
||||||
char buf[RELAY_PAYLOAD_SIZE];
|
char buf[RELAY_PAYLOAD_SIZE];
|
||||||
char keys[20+CPATH_KEY_MATERIAL_LEN]; /* Holds KH, Df, Db, Kf, Kb */
|
char keys[DIGEST_LEN+CPATH_KEY_MATERIAL_LEN]; /* Holds KH, Df, Db, Kf, Kb */
|
||||||
rend_service_t *service;
|
rend_service_t *service;
|
||||||
int len, keylen;
|
int len, keylen;
|
||||||
crypto_dh_env_t *dh = NULL;
|
crypto_dh_env_t *dh = NULL;
|
||||||
@ -334,14 +334,14 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* first 20 bytes of request is service pk digest */
|
/* first DIGEST_LEN bytes of request is service pk digest */
|
||||||
service = rend_service_get_by_pk_digest(request);
|
service = rend_service_get_by_pk_digest(request);
|
||||||
if (!service) {
|
if (!service) {
|
||||||
log_fn(LOG_WARN, "Got an INTRODUCE2 cell for an unrecognized service %s",
|
log_fn(LOG_WARN, "Got an INTRODUCE2 cell for an unrecognized service %s",
|
||||||
hexid);
|
hexid);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (memcmp(circuit->rend_pk_digest, request, 20)) {
|
if (memcmp(circuit->rend_pk_digest, request, DIGEST_LEN)) {
|
||||||
hex_encode(request, 4, hexid);
|
hex_encode(request, 4, hexid);
|
||||||
log_fn(LOG_WARN, "Got an INTRODUCE2 cell for the wrong service (%s)",
|
log_fn(LOG_WARN, "Got an INTRODUCE2 cell for the wrong service (%s)",
|
||||||
hexid);
|
hexid);
|
||||||
@ -349,13 +349,14 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
|
|||||||
}
|
}
|
||||||
|
|
||||||
keylen = crypto_pk_keysize(service->private_key);
|
keylen = crypto_pk_keysize(service->private_key);
|
||||||
if (request_len < keylen+20) {
|
if (request_len < keylen+DIGEST_LEN) {
|
||||||
log_fn(LOG_WARN, "PK-encrypted portion of INTRODUCE2 cell was truncated");
|
log_fn(LOG_WARN, "PK-encrypted portion of INTRODUCE2 cell was truncated");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
/* Next N bytes is encrypted with service key */
|
/* Next N bytes is encrypted with service key */
|
||||||
len = crypto_pk_private_hybrid_decrypt(
|
len = crypto_pk_private_hybrid_decrypt(
|
||||||
service->private_key,request,request_len-20,buf, PK_PKCS1_PADDING);
|
service->private_key,request,request_len-DIGEST_LEN,buf,
|
||||||
|
PK_PKCS1_OAEP_PADDING);
|
||||||
if (len<0) {
|
if (len<0) {
|
||||||
log_fn(LOG_WARN, "Couldn't decrypt INTRODUCE2 cell");
|
log_fn(LOG_WARN, "Couldn't decrypt INTRODUCE2 cell");
|
||||||
return -1;
|
return -1;
|
||||||
@ -386,8 +387,8 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
|
|||||||
log_fn(LOG_WARN, "Couldn't build DH state or generate public key");
|
log_fn(LOG_WARN, "Couldn't build DH state or generate public key");
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (crypto_dh_compute_secret(dh, ptr+20, DH_KEY_LEN, keys,
|
if (crypto_dh_compute_secret(dh, ptr+REND_COOKIE_LEN, DH_KEY_LEN, keys,
|
||||||
20+CPATH_KEY_MATERIAL_LEN)<0) {
|
DIGEST_LEN+CPATH_KEY_MATERIAL_LEN)<0) {
|
||||||
log_fn(LOG_WARN, "Couldn't complete DH handshake");
|
log_fn(LOG_WARN, "Couldn't complete DH handshake");
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user