hs-v3: Change all-zeroes hard-assert to a BUG-and-err.

And also disallow all-zeroes keys from the filesystem; add a test for it too.
This commit is contained in:
George Kadianakis 2020-03-30 16:33:30 +03:00 committed by Nick Mathewson
parent 37bcc9f3d2
commit f2f718bca5
3 changed files with 17 additions and 2 deletions

View File

@ -2132,6 +2132,13 @@ parse_auth_file_content(const char *client_key_str)
"can't be decoded: %s", seckey_b32); "can't be decoded: %s", seckey_b32);
goto err; goto err;
} }
if (fast_mem_is_zero((const char*)auth->enc_seckey.secret_key,
sizeof(auth->enc_seckey.secret_key))) {
log_warn(LD_REND, "Client authorization private key can't be all-zeroes");
goto err;
}
strncpy(auth->onion_address, onion_address, HS_SERVICE_ADDR_LEN_BASE32); strncpy(auth->onion_address, onion_address, HS_SERVICE_ADDR_LEN_BASE32);
/* We are reading this from the disk, so set the permanent flag anyway. */ /* We are reading this from the disk, so set the permanent flag anyway. */

View File

@ -1424,10 +1424,14 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
tor_assert(!fast_mem_is_zero( tor_assert(!fast_mem_is_zero(
(char *) &desc->superencrypted_data.auth_ephemeral_pubkey, (char *) &desc->superencrypted_data.auth_ephemeral_pubkey,
sizeof(desc->superencrypted_data.auth_ephemeral_pubkey))); sizeof(desc->superencrypted_data.auth_ephemeral_pubkey)));
tor_assert(!fast_mem_is_zero((char *) client_auth_sk,
sizeof(*client_auth_sk)));
tor_assert(!fast_mem_is_zero((char *) desc->subcredential, DIGEST256_LEN)); tor_assert(!fast_mem_is_zero((char *) desc->subcredential, DIGEST256_LEN));
/* Catch potential code-flow cases of an unitialized private key sneaking
* into this function. */
if (BUG(fast_mem_is_zero((char *)client_auth_sk, sizeof(*client_auth_sk)))) {
goto done;
}
/* Get the KEYS component to derive the CLIENT-ID and COOKIE-KEY. */ /* Get the KEYS component to derive the CLIENT-ID and COOKIE-KEY. */
keystream_length = keystream_length =
build_descriptor_cookie_keys(desc->subcredential, DIGEST256_LEN, build_descriptor_cookie_keys(desc->subcredential, DIGEST256_LEN,

View File

@ -732,6 +732,10 @@ test_parse_auth_file_content(void *arg)
/* Bigger key than it should be */ /* Bigger key than it should be */
tt_assert(!parse_auth_file_content("xx:descriptor:x25519:" tt_assert(!parse_auth_file_content("xx:descriptor:x25519:"
"vjqea4jbhwwc4hto7ekyvqfbeodghbaq6nxi45hz4wr3qvhqv3yqa")); "vjqea4jbhwwc4hto7ekyvqfbeodghbaq6nxi45hz4wr3qvhqv3yqa"));
/* All-zeroes key */
tt_assert(!parse_auth_file_content("xx:descriptor:x25519:"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"));
done: done:
tor_free(auth); tor_free(auth);
} }