nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 05:33:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Use symbolic constants; make padding types match.

Browse Source 
svn:r1491
This commit is contained in:
Nick Mathewson 2004-04-05 21:15:14 +00:00
parent 04e8dc9026
commit 5033c366e1
3 changed files with 29 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/or/rendclient.c
View File

@ -41,13 +41,11 @@ rend_client_send_establish_rendezvous(circuit_t *circ)
return 0;
}
#define LEN_REND_INTRODUCE1 (20+20+20+16+128+42)
int
rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc) {
const char *descp;
int desc_len;
char payload[LEN_REND_INTRODUCE1];
int desc_len, payload_len, r;
char payload[RELAY_PAYLOAD_SIZE];
char tmp[20+20+128];
rend_service_descriptor_t *parsed=NULL;
crypt_path_t *cpath;
@ -94,18 +92,21 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc) {
goto err;
}
if(crypto_pk_public_hybrid_encrypt(parsed->pk, tmp,
r = crypto_pk_public_hybrid_encrypt(parsed->pk, tmp,
20+20+128, payload+20,
PK_PKCS1_OAEP_PADDING) < 0) {
PK_PKCS1_OAEP_PADDING);
if (r<0) {
log_fn(LOG_WARN,"hybrid pk encrypt failed.");
goto err;
}
payload_len = 20 + r;
rend_service_descriptor_free(parsed);
if (connection_edge_send_command(NULL, introcirc,
RELAY_COMMAND_INTRODUCE1,
payload, LEN_REND_INTRODUCE1,
payload, payload_len,
introcirc->cpath->prev)<0) {
/* introcirc is already marked for close. leave rendcirc alone. */
log_fn(LOG_WARN, "Couldn't send INTRODUCE1 cell");

32
src/or/rendmid.c
View File

@ -11,13 +11,12 @@ int
rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len)
{
crypto_pk_env_t *pk = NULL;
char buf[20+9];
char expected_digest[20];
char pk_digest[20];
char buf[DIGEST_LEN+9];
char expected_digest[DIGEST_LEN];
char pk_digest[DIGEST_LEN];
int asn1len;
circuit_t *c;
char hexid[9];
char hexdigest[20*2+1];
log_fn(LOG_INFO,
"Received an ESTABLISH_INTRO request on circuit %d", circ->p_circ_id);
@ -26,13 +25,13 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len)
log_fn(LOG_WARN, "Rejecting ESTABLISH_INTRO on non-OR or non-edge circuit");
goto err;
}
if (request_len < 22)
if (request_len < 2+DIGEST_LEN)
goto truncated;
/* First 2 bytes: length of asn1-encoded key. */
asn1len = get_uint16(request);
/* Next asn1len bytes: asn1-encoded key. */
if (request_len < 22+asn1len)
if (request_len < 2+DIGEST_LEN+asn1len)
goto truncated;
pk = crypto_pk_asn1_decode(request+2, asn1len);
if (!pk) {
@ -40,28 +39,21 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len)
goto err;
}
/* XXX remove after debuggin */
hex_encode(circ->handshake_digest, 20, hexdigest);
log_fn(LOG_INFO, "Handshake information is: %s", hexdigest);
/* Next 20 bytes: Hash of handshake_digest | "INTRODUCE" */
memcpy(buf, circ->handshake_digest, 20);
memcpy(buf+20, "INTRODUCE", 9);
if (crypto_digest(buf, 29, expected_digest)<0) {
memcpy(buf, circ->handshake_digest, DIGEST_LEN);
memcpy(buf+DIGEST_LEN, "INTRODUCE", 9);
if (crypto_digest(buf, DIGEST_LEN+9, expected_digest)<0) {
log_fn(LOG_WARN, "Error computing digest");
goto err;
}
hex_encode(expected_digest, 20, hexdigest);
log_fn(LOG_INFO, "Expected digest is: %s", hexdigest);
hex_encode(request+2+asn1len, 20, hexdigest);
log_fn(LOG_INFO, "Received digest is: %s", hexdigest);
if (memcmp(expected_digest, request+2+asn1len, 20)) {
if (memcmp(expected_digest, request+2+asn1len, DIGEST_LEN)) {
log_fn(LOG_WARN, "Hash of session info was not as expected");
goto err;
}
/* Rest of body: signature of previous data */
if (crypto_pk_public_checksig_digest(pk, request, 22+asn1len,
request+22+asn1len, request_len-(22+asn1len))<0) {
if (crypto_pk_public_checksig_digest(pk, request, 2+asn1len+DIGEST_LEN,
request+2+DIGEST_LEN+asn1len,
request_len-(2+DIGEST_LEN+asn1len))<0) {
log_fn(LOG_WARN, "Incorrect signature on ESTABLISH_INTRO cell; rejecting");
goto err;
}

15
src/or/rendservice.c
View File

@ -306,7 +306,7 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
{
char *ptr, *rp_nickname, *r_cookie;
char buf[RELAY_PAYLOAD_SIZE];
char keys[20+CPATH_KEY_MATERIAL_LEN]; /* Holds KH, Df, Db, Kf, Kb */
char keys[DIGEST_LEN+CPATH_KEY_MATERIAL_LEN]; /* Holds KH, Df, Db, Kf, Kb */
rend_service_t *service;
int len, keylen;
crypto_dh_env_t *dh = NULL;
@ -334,14 +334,14 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
return -1;
}
/* first 20 bytes of request is service pk digest */
/* first DIGEST_LEN bytes of request is service pk digest */
service = rend_service_get_by_pk_digest(request);
if (!service) {
log_fn(LOG_WARN, "Got an INTRODUCE2 cell for an unrecognized service %s",
hexid);
return -1;
}
if (memcmp(circuit->rend_pk_digest, request, 20)) {
if (memcmp(circuit->rend_pk_digest, request, DIGEST_LEN)) {
hex_encode(request, 4, hexid);
log_fn(LOG_WARN, "Got an INTRODUCE2 cell for the wrong service (%s)",
hexid);
@ -349,13 +349,14 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
}
keylen = crypto_pk_keysize(service->private_key);
if (request_len < keylen+20) {
if (request_len < keylen+DIGEST_LEN) {
log_fn(LOG_WARN, "PK-encrypted portion of INTRODUCE2 cell was truncated");
return -1;
}
/* Next N bytes is encrypted with service key */
len = crypto_pk_private_hybrid_decrypt(
service->private_key,request,request_len-20,buf, PK_PKCS1_PADDING);
service->private_key,request,request_len-DIGEST_LEN,buf,
PK_PKCS1_OAEP_PADDING);
if (len<0) {
log_fn(LOG_WARN, "Couldn't decrypt INTRODUCE2 cell");
return -1;
@ -386,8 +387,8 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
log_fn(LOG_WARN, "Couldn't build DH state or generate public key");
goto err;
}
if (crypto_dh_compute_secret(dh, ptr+20, DH_KEY_LEN, keys,
20+CPATH_KEY_MATERIAL_LEN)<0) {
if (crypto_dh_compute_secret(dh, ptr+REND_COOKIE_LEN, DH_KEY_LEN, keys,
DIGEST_LEN+CPATH_KEY_MATERIAL_LEN)<0) {
log_fn(LOG_WARN, "Couldn't complete DH handshake");
goto err;
}