From 5ef811b7d0a1c5352b5c6ff202f65001db36086f Mon Sep 17 00:00:00 2001 From: David Goulet Date: Mon, 27 Jun 2022 13:41:35 -0400 Subject: [PATCH] trunnel: INTRODUCE1 PoW cell extension Signed-off-by: David Goulet --- src/trunnel/hs/cell_introduce1.c | 319 +++++++++++++++++++++++++ src/trunnel/hs/cell_introduce1.h | 128 ++++++++++ src/trunnel/hs/cell_introduce1.trunnel | 33 +++ 3 files changed, 480 insertions(+) diff --git a/src/trunnel/hs/cell_introduce1.c b/src/trunnel/hs/cell_introduce1.c index a6873b4199..03943568e7 100644 --- a/src/trunnel/hs/cell_introduce1.c +++ b/src/trunnel/hs/cell_introduce1.c @@ -44,6 +44,325 @@ ssize_t link_specifier_encoded_len(const link_specifier_t *obj); ssize_t link_specifier_encode(uint8_t *output, size_t avail, const link_specifier_t *input); const char *link_specifier_check(const link_specifier_t *obj); int link_specifier_clear_errors(link_specifier_t *obj); +trn_cell_extension_pow_t * +trn_cell_extension_pow_new(void) +{ + trn_cell_extension_pow_t *val = trunnel_calloc(1, sizeof(trn_cell_extension_pow_t)); + if (NULL == val) + return NULL; + val->pow_version = 1; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +trn_cell_extension_pow_clear(trn_cell_extension_pow_t *obj) +{ + (void) obj; +} + +void +trn_cell_extension_pow_free(trn_cell_extension_pow_t *obj) +{ + if (obj == NULL) + return; + trn_cell_extension_pow_clear(obj); + trunnel_memwipe(obj, sizeof(trn_cell_extension_pow_t)); + trunnel_free_(obj); +} + +uint8_t +trn_cell_extension_pow_get_pow_version(const trn_cell_extension_pow_t *inp) +{ + return inp->pow_version; +} +int +trn_cell_extension_pow_set_pow_version(trn_cell_extension_pow_t *inp, uint8_t val) +{ + if (! ((val == 1))) { + TRUNNEL_SET_ERROR_CODE(inp); + return -1; + } + inp->pow_version = val; + return 0; +} +size_t +trn_cell_extension_pow_getlen_pow_nonce(const trn_cell_extension_pow_t *inp) +{ + (void)inp; return TRUNNEL_POW_NONCE_LEN; +} + +uint8_t +trn_cell_extension_pow_get_pow_nonce(trn_cell_extension_pow_t *inp, size_t idx) +{ + trunnel_assert(idx < TRUNNEL_POW_NONCE_LEN); + return inp->pow_nonce[idx]; +} + +uint8_t +trn_cell_extension_pow_getconst_pow_nonce(const trn_cell_extension_pow_t *inp, size_t idx) +{ + return trn_cell_extension_pow_get_pow_nonce((trn_cell_extension_pow_t*)inp, idx); +} +int +trn_cell_extension_pow_set_pow_nonce(trn_cell_extension_pow_t *inp, size_t idx, uint8_t elt) +{ + trunnel_assert(idx < TRUNNEL_POW_NONCE_LEN); + inp->pow_nonce[idx] = elt; + return 0; +} + +uint8_t * +trn_cell_extension_pow_getarray_pow_nonce(trn_cell_extension_pow_t *inp) +{ + return inp->pow_nonce; +} +const uint8_t * +trn_cell_extension_pow_getconstarray_pow_nonce(const trn_cell_extension_pow_t *inp) +{ + return (const uint8_t *)trn_cell_extension_pow_getarray_pow_nonce((trn_cell_extension_pow_t*)inp); +} +uint32_t +trn_cell_extension_pow_get_pow_effort(const trn_cell_extension_pow_t *inp) +{ + return inp->pow_effort; +} +int +trn_cell_extension_pow_set_pow_effort(trn_cell_extension_pow_t *inp, uint32_t val) +{ + inp->pow_effort = val; + return 0; +} +uint32_t +trn_cell_extension_pow_get_pow_seed(const trn_cell_extension_pow_t *inp) +{ + return inp->pow_seed; +} +int +trn_cell_extension_pow_set_pow_seed(trn_cell_extension_pow_t *inp, uint32_t val) +{ + inp->pow_seed = val; + return 0; +} +size_t +trn_cell_extension_pow_getlen_pow_solution(const trn_cell_extension_pow_t *inp) +{ + (void)inp; return TRUNNEL_POW_SOLUTION_LEN; +} + +uint8_t +trn_cell_extension_pow_get_pow_solution(trn_cell_extension_pow_t *inp, size_t idx) +{ + trunnel_assert(idx < TRUNNEL_POW_SOLUTION_LEN); + return inp->pow_solution[idx]; +} + +uint8_t +trn_cell_extension_pow_getconst_pow_solution(const trn_cell_extension_pow_t *inp, size_t idx) +{ + return trn_cell_extension_pow_get_pow_solution((trn_cell_extension_pow_t*)inp, idx); +} +int +trn_cell_extension_pow_set_pow_solution(trn_cell_extension_pow_t *inp, size_t idx, uint8_t elt) +{ + trunnel_assert(idx < TRUNNEL_POW_SOLUTION_LEN); + inp->pow_solution[idx] = elt; + return 0; +} + +uint8_t * +trn_cell_extension_pow_getarray_pow_solution(trn_cell_extension_pow_t *inp) +{ + return inp->pow_solution; +} +const uint8_t * +trn_cell_extension_pow_getconstarray_pow_solution(const trn_cell_extension_pow_t *inp) +{ + return (const uint8_t *)trn_cell_extension_pow_getarray_pow_solution((trn_cell_extension_pow_t*)inp); +} +const char * +trn_cell_extension_pow_check(const trn_cell_extension_pow_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + if (! (obj->pow_version == 1)) + return "Integer out of bounds"; + return NULL; +} + +ssize_t +trn_cell_extension_pow_encoded_len(const trn_cell_extension_pow_t *obj) +{ + ssize_t result = 0; + + if (NULL != trn_cell_extension_pow_check(obj)) + return -1; + + + /* Length of u8 pow_version IN [1] */ + result += 1; + + /* Length of u8 pow_nonce[TRUNNEL_POW_NONCE_LEN] */ + result += TRUNNEL_POW_NONCE_LEN; + + /* Length of u32 pow_effort */ + result += 4; + + /* Length of u32 pow_seed */ + result += 4; + + /* Length of u8 pow_solution[TRUNNEL_POW_SOLUTION_LEN] */ + result += TRUNNEL_POW_SOLUTION_LEN; + return result; +} +int +trn_cell_extension_pow_clear_errors(trn_cell_extension_pow_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +trn_cell_extension_pow_encode(uint8_t *output, const size_t avail, const trn_cell_extension_pow_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = trn_cell_extension_pow_encoded_len(obj); +#endif + + if (NULL != (msg = trn_cell_extension_pow_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u8 pow_version IN [1] */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->pow_version)); + written += 1; ptr += 1; + + /* Encode u8 pow_nonce[TRUNNEL_POW_NONCE_LEN] */ + trunnel_assert(written <= avail); + if (avail - written < TRUNNEL_POW_NONCE_LEN) + goto truncated; + memcpy(ptr, obj->pow_nonce, TRUNNEL_POW_NONCE_LEN); + written += TRUNNEL_POW_NONCE_LEN; ptr += TRUNNEL_POW_NONCE_LEN; + + /* Encode u32 pow_effort */ + trunnel_assert(written <= avail); + if (avail - written < 4) + goto truncated; + trunnel_set_uint32(ptr, trunnel_htonl(obj->pow_effort)); + written += 4; ptr += 4; + + /* Encode u32 pow_seed */ + trunnel_assert(written <= avail); + if (avail - written < 4) + goto truncated; + trunnel_set_uint32(ptr, trunnel_htonl(obj->pow_seed)); + written += 4; ptr += 4; + + /* Encode u8 pow_solution[TRUNNEL_POW_SOLUTION_LEN] */ + trunnel_assert(written <= avail); + if (avail - written < TRUNNEL_POW_SOLUTION_LEN) + goto truncated; + memcpy(ptr, obj->pow_solution, TRUNNEL_POW_SOLUTION_LEN); + written += TRUNNEL_POW_SOLUTION_LEN; ptr += TRUNNEL_POW_SOLUTION_LEN; + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As trn_cell_extension_pow_parse(), but do not allocate the output + * object. + */ +static ssize_t +trn_cell_extension_pow_parse_into(trn_cell_extension_pow_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u8 pow_version IN [1] */ + CHECK_REMAINING(1, truncated); + obj->pow_version = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + if (! (obj->pow_version == 1)) + goto fail; + + /* Parse u8 pow_nonce[TRUNNEL_POW_NONCE_LEN] */ + CHECK_REMAINING(TRUNNEL_POW_NONCE_LEN, truncated); + memcpy(obj->pow_nonce, ptr, TRUNNEL_POW_NONCE_LEN); + remaining -= TRUNNEL_POW_NONCE_LEN; ptr += TRUNNEL_POW_NONCE_LEN; + + /* Parse u32 pow_effort */ + CHECK_REMAINING(4, truncated); + obj->pow_effort = trunnel_ntohl(trunnel_get_uint32(ptr)); + remaining -= 4; ptr += 4; + + /* Parse u32 pow_seed */ + CHECK_REMAINING(4, truncated); + obj->pow_seed = trunnel_ntohl(trunnel_get_uint32(ptr)); + remaining -= 4; ptr += 4; + + /* Parse u8 pow_solution[TRUNNEL_POW_SOLUTION_LEN] */ + CHECK_REMAINING(TRUNNEL_POW_SOLUTION_LEN, truncated); + memcpy(obj->pow_solution, ptr, TRUNNEL_POW_SOLUTION_LEN); + remaining -= TRUNNEL_POW_SOLUTION_LEN; ptr += TRUNNEL_POW_SOLUTION_LEN; + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + fail: + result = -1; + return result; +} + +ssize_t +trn_cell_extension_pow_parse(trn_cell_extension_pow_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = trn_cell_extension_pow_new(); + if (NULL == *output) + return -1; + result = trn_cell_extension_pow_parse_into(*output, input, len_in); + if (result < 0) { + trn_cell_extension_pow_free(*output); + *output = NULL; + } + return result; +} trn_cell_introduce1_t * trn_cell_introduce1_new(void) { diff --git a/src/trunnel/hs/cell_introduce1.h b/src/trunnel/hs/cell_introduce1.h index ea37502d8e..89339e1a0d 100644 --- a/src/trunnel/hs/cell_introduce1.h +++ b/src/trunnel/hs/cell_introduce1.h @@ -19,6 +19,21 @@ struct link_specifier_st; #define TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY1 1 #define TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_ED25519 2 #define TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR 1 +#define TRUNNEL_CELL_EXTENSION_TYPE_POW 1 +#define TRUNNEL_POW_NONCE_LEN 16 +#define TRUNNEL_POW_SOLUTION_LEN 16 +#define TRUNNEL_POW_EQUIX 1 +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_EXTENSION_POW) +struct trn_cell_extension_pow_st { + uint8_t pow_version; + uint8_t pow_nonce[TRUNNEL_POW_NONCE_LEN]; + uint32_t pow_effort; + uint32_t pow_seed; + uint8_t pow_solution[TRUNNEL_POW_SOLUTION_LEN]; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct trn_cell_extension_pow_st trn_cell_extension_pow_t; #if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_INTRODUCE1) struct trn_cell_introduce1_st { uint8_t legacy_key_id[TRUNNEL_SHA1_LEN]; @@ -53,6 +68,119 @@ struct trn_cell_introduce_encrypted_st { }; #endif typedef struct trn_cell_introduce_encrypted_st trn_cell_introduce_encrypted_t; +/** Return a newly allocated trn_cell_extension_pow with all elements + * set to zero. + */ +trn_cell_extension_pow_t *trn_cell_extension_pow_new(void); +/** Release all storage held by the trn_cell_extension_pow in + * 'victim'. (Do nothing if 'victim' is NULL.) + */ +void trn_cell_extension_pow_free(trn_cell_extension_pow_t *victim); +/** Try to parse a trn_cell_extension_pow from the buffer in 'input', + * using up to 'len_in' bytes from the input buffer. On success, + * return the number of bytes consumed and set *output to the newly + * allocated trn_cell_extension_pow_t. On failure, return -2 if the + * input appears truncated, and -1 if the input is otherwise invalid. + */ +ssize_t trn_cell_extension_pow_parse(trn_cell_extension_pow_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * trn_cell_extension_pow in 'obj'. On failure, return a negative + * value. Note that this value may be an overestimate, and can even be + * an underestimate for certain unencodeable objects. + */ +ssize_t trn_cell_extension_pow_encoded_len(const trn_cell_extension_pow_t *obj); +/** Try to encode the trn_cell_extension_pow from 'input' into the + * buffer at 'output', using up to 'avail' bytes of the output buffer. + * On success, return the number of bytes used. On failure, return -2 + * if the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t trn_cell_extension_pow_encode(uint8_t *output, size_t avail, const trn_cell_extension_pow_t *input); +/** Check whether the internal state of the trn_cell_extension_pow in + * 'obj' is consistent. Return NULL if it is, and a short message if + * it is not. + */ +const char *trn_cell_extension_pow_check(const trn_cell_extension_pow_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int trn_cell_extension_pow_clear_errors(trn_cell_extension_pow_t *obj); +/** Return the value of the pow_version field of the + * trn_cell_extension_pow_t in 'inp' + */ +uint8_t trn_cell_extension_pow_get_pow_version(const trn_cell_extension_pow_t *inp); +/** Set the value of the pow_version field of the + * trn_cell_extension_pow_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int trn_cell_extension_pow_set_pow_version(trn_cell_extension_pow_t *inp, uint8_t val); +/** Return the (constant) length of the array holding the pow_nonce + * field of the trn_cell_extension_pow_t in 'inp'. + */ +size_t trn_cell_extension_pow_getlen_pow_nonce(const trn_cell_extension_pow_t *inp); +/** Return the element at position 'idx' of the fixed array field + * pow_nonce of the trn_cell_extension_pow_t in 'inp'. + */ +uint8_t trn_cell_extension_pow_get_pow_nonce(trn_cell_extension_pow_t *inp, size_t idx); +/** As trn_cell_extension_pow_get_pow_nonce, but take and return a + * const pointer + */ +uint8_t trn_cell_extension_pow_getconst_pow_nonce(const trn_cell_extension_pow_t *inp, size_t idx); +/** Change the element at position 'idx' of the fixed array field + * pow_nonce of the trn_cell_extension_pow_t in 'inp', so that it will + * hold the value 'elt'. + */ +int trn_cell_extension_pow_set_pow_nonce(trn_cell_extension_pow_t *inp, size_t idx, uint8_t elt); +/** Return a pointer to the TRUNNEL_POW_NONCE_LEN-element array field + * pow_nonce of 'inp'. + */ +uint8_t * trn_cell_extension_pow_getarray_pow_nonce(trn_cell_extension_pow_t *inp); +/** As trn_cell_extension_pow_get_pow_nonce, but take and return a + * const pointer + */ +const uint8_t * trn_cell_extension_pow_getconstarray_pow_nonce(const trn_cell_extension_pow_t *inp); +/** Return the value of the pow_effort field of the + * trn_cell_extension_pow_t in 'inp' + */ +uint32_t trn_cell_extension_pow_get_pow_effort(const trn_cell_extension_pow_t *inp); +/** Set the value of the pow_effort field of the + * trn_cell_extension_pow_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int trn_cell_extension_pow_set_pow_effort(trn_cell_extension_pow_t *inp, uint32_t val); +/** Return the value of the pow_seed field of the + * trn_cell_extension_pow_t in 'inp' + */ +uint32_t trn_cell_extension_pow_get_pow_seed(const trn_cell_extension_pow_t *inp); +/** Set the value of the pow_seed field of the + * trn_cell_extension_pow_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int trn_cell_extension_pow_set_pow_seed(trn_cell_extension_pow_t *inp, uint32_t val); +/** Return the (constant) length of the array holding the pow_solution + * field of the trn_cell_extension_pow_t in 'inp'. + */ +size_t trn_cell_extension_pow_getlen_pow_solution(const trn_cell_extension_pow_t *inp); +/** Return the element at position 'idx' of the fixed array field + * pow_solution of the trn_cell_extension_pow_t in 'inp'. + */ +uint8_t trn_cell_extension_pow_get_pow_solution(trn_cell_extension_pow_t *inp, size_t idx); +/** As trn_cell_extension_pow_get_pow_solution, but take and return a + * const pointer + */ +uint8_t trn_cell_extension_pow_getconst_pow_solution(const trn_cell_extension_pow_t *inp, size_t idx); +/** Change the element at position 'idx' of the fixed array field + * pow_solution of the trn_cell_extension_pow_t in 'inp', so that it + * will hold the value 'elt'. + */ +int trn_cell_extension_pow_set_pow_solution(trn_cell_extension_pow_t *inp, size_t idx, uint8_t elt); +/** Return a pointer to the TRUNNEL_POW_SOLUTION_LEN-element array + * field pow_solution of 'inp'. + */ +uint8_t * trn_cell_extension_pow_getarray_pow_solution(trn_cell_extension_pow_t *inp); +/** As trn_cell_extension_pow_get_pow_solution, but take and return a + * const pointer + */ +const uint8_t * trn_cell_extension_pow_getconstarray_pow_solution(const trn_cell_extension_pow_t *inp); /** Return a newly allocated trn_cell_introduce1 with all elements set * to zero. */ diff --git a/src/trunnel/hs/cell_introduce1.trunnel b/src/trunnel/hs/cell_introduce1.trunnel index 6682227b44..18865ddc02 100644 --- a/src/trunnel/hs/cell_introduce1.trunnel +++ b/src/trunnel/hs/cell_introduce1.trunnel @@ -73,3 +73,36 @@ struct trn_cell_introduce_encrypted { /* Optional padding. This might be empty or not. */ u8 pad[]; }; + +/* + * INTRODUCE1 cell (encrypted section) extensions. + */ + +/* Cell extension type PoW. */ +const TRUNNEL_CELL_EXTENSION_TYPE_POW = 0x01; + +/* + * HRPR: PoW Solution Extension. Proposal 327. + */ + +const TRUNNEL_POW_NONCE_LEN = 16; +const TRUNNEL_POW_SOLUTION_LEN = 16; +/* Version 1 is based on Equi-X scheme. */ +const TRUNNEL_POW_EQUIX = 0x01; + +struct trn_cell_extension_pow { + /* Type of PoW system used. */ + u8 pow_version IN [0x01]; + + /* Nonce */ + u8 pow_nonce[TRUNNEL_POW_NONCE_LEN]; + + /* Effort */ + u32 pow_effort; + + /* First 4 bytes of the seed. */ + u32 pow_seed; + + /* Solution. */ + u8 pow_solution[TRUNNEL_POW_SOLUTION_LEN]; +};