Commit 63576b01 authored by haxxpop's avatar haxxpop Committed by David Goulet
Browse files

hs-v3: Refactor the descriptor decryption/decoding



This commit refactors the existing decryption code to make it compatible with
a new logic for when the client authorization is enabled.
Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
parent 462d4097
......@@ -1181,6 +1181,19 @@ can_client_refetch_desc(const ed25519_public_key_t *identity_pk,
return 0;
}
/* Return the client auth in the map using the service identity public key.
* Return NULL if it does not exist in the map. */
static hs_client_service_authorization_t *
find_client_auth(const ed25519_public_key_t *service_identity_pk)
{
/* If the map is not allocated, we can assume that we do not have any client
* auth information. */
if (!client_auths) {
return NULL;
}
return digest256map_get(client_auths, service_identity_pk->pubkey);
}
/* ========== */
/* Public API */
/* ========== */
......@@ -1219,11 +1232,19 @@ hs_client_decode_descriptor(const char *desc_str,
int ret;
uint8_t subcredential[DIGEST256_LEN];
ed25519_public_key_t blinded_pubkey;
hs_client_service_authorization_t *client_auth = NULL;
curve25519_secret_key_t *client_sk = NULL;
tor_assert(desc_str);
tor_assert(service_identity_pk);
tor_assert(desc);
/* Check if we have a client authorization for this service in the map. */
client_auth = find_client_auth(service_identity_pk);
if (client_auth) {
client_sk = &client_auth->enc_seckey;
}
/* Create subcredential for this HS so that we can decrypt */
{
uint64_t current_time_period = hs_get_time_period_num(0);
......@@ -1233,7 +1254,7 @@ hs_client_decode_descriptor(const char *desc_str,
}
/* Parse descriptor */
ret = hs_desc_decode_descriptor(desc_str, subcredential, desc);
ret = hs_desc_decode_descriptor(desc_str, subcredential, client_sk, desc);
memwipe(subcredential, 0, sizeof(subcredential));
if (ret < 0) {
log_warn(LD_GENERAL, "Could not parse received descriptor as client.");
......
This diff is collapsed.
......@@ -277,10 +277,14 @@ MOCK_DECL(int,
int hs_desc_decode_descriptor(const char *encoded,
const uint8_t *subcredential,
const curve25519_secret_key_t *client_sk,
hs_descriptor_t **desc_out);
int hs_desc_decode_plaintext(const char *encoded,
hs_desc_plaintext_data_t *plaintext);
int hs_desc_decode_superencrypted(const hs_descriptor_t *desc,
hs_desc_superencrypted_data_t *desc_out);
int hs_desc_decode_encrypted(const hs_descriptor_t *desc,
const curve25519_secret_key_t *client_sk,
hs_desc_encrypted_data_t *desc_out);
size_t hs_desc_obj_size(const hs_descriptor_t *data);
......@@ -324,13 +328,12 @@ STATIC int cert_is_valid(tor_cert_t *cert, uint8_t type,
STATIC int desc_sig_is_valid(const char *b64_sig,
const ed25519_public_key_t *signing_pubkey,
const char *encoded_desc, size_t encoded_len);
STATIC size_t decode_superencrypted(const char *message, size_t message_len,
uint8_t **encrypted_out);
STATIC void desc_plaintext_data_free_contents(hs_desc_plaintext_data_t *desc);
MOCK_DECL(STATIC size_t, decrypt_desc_layer,(const hs_descriptor_t *desc,
const uint8_t *encrypted_blob,
size_t encrypted_blob_size,
const uint8_t *descriptor_cookie,
int is_superencrypted_layer,
char **decrypted_out));
......
......@@ -38,11 +38,13 @@ static size_t
mock_decrypt_desc_layer(const hs_descriptor_t *desc,
const uint8_t *encrypted_blob,
size_t encrypted_blob_size,
const uint8_t *descriptor_cookie,
int is_superencrypted_layer,
char **decrypted_out)
{
(void)is_superencrypted_layer;
(void)desc;
(void)descriptor_cookie;
const size_t overhead = HS_DESC_ENCRYPTED_SALT_LEN + DIGEST256_LEN;
if (encrypted_blob_size < overhead)
return 0;
......@@ -84,7 +86,7 @@ fuzz_main(const uint8_t *data, size_t sz)
char *fuzzing_data = tor_memdup_nulterm(data, sz);
memset(subcredential, 'A', sizeof(subcredential));
hs_desc_decode_descriptor(fuzzing_data, subcredential, &desc);
hs_desc_decode_descriptor(fuzzing_data, subcredential, NULL, &desc);
if (desc) {
log_debug(LD_GENERAL, "Decoding okay");
hs_descriptor_free(desc);
......
......@@ -390,7 +390,7 @@ test_hsdir_revision_counter_check(void *arg)
received_desc_str = helper_fetch_desc_from_hsdir(blinded_key);
retval = hs_desc_decode_descriptor(received_desc_str,
subcredential, &received_desc);
subcredential, NULL, &received_desc);
tt_int_op(retval, OP_EQ, 0);
tt_assert(received_desc);
......@@ -423,7 +423,7 @@ test_hsdir_revision_counter_check(void *arg)
received_desc_str = helper_fetch_desc_from_hsdir(blinded_key);
retval = hs_desc_decode_descriptor(received_desc_str,
subcredential, &received_desc);
subcredential, NULL, &received_desc);
tt_int_op(retval, OP_EQ, 0);
tt_assert(received_desc);
......
......@@ -347,14 +347,15 @@ test_decode_descriptor(void *arg)
subcredential);
/* Give some bad stuff to the decoding function. */
ret = hs_desc_decode_descriptor("hladfjlkjadf", subcredential, &decoded);
ret = hs_desc_decode_descriptor("hladfjlkjadf", subcredential,
NULL, &decoded);
tt_int_op(ret, OP_EQ, -1);
ret = hs_desc_encode_descriptor(desc, &signing_kp, NULL, &encoded);
tt_int_op(ret, OP_EQ, 0);
tt_assert(encoded);
ret = hs_desc_decode_descriptor(encoded, subcredential, &decoded);
ret = hs_desc_decode_descriptor(encoded, subcredential, NULL, &decoded);
tt_int_op(ret, OP_EQ, 0);
tt_assert(decoded);
......@@ -375,7 +376,7 @@ test_decode_descriptor(void *arg)
tt_int_op(ret, OP_EQ, 0);
tt_assert(encoded);
hs_descriptor_free(decoded);
ret = hs_desc_decode_descriptor(encoded, subcredential, &decoded);
ret = hs_desc_decode_descriptor(encoded, subcredential, NULL, &decoded);
tt_int_op(ret, OP_EQ, 0);
tt_assert(decoded);
}
......@@ -850,103 +851,6 @@ test_build_authorized_client(void *arg)
UNMOCK(crypto_strongest_rand);
}
/* bad desc auth type */
static const char bad_superencrypted_text1[] = "desc-auth-type scoobysnack\n"
"desc-auth-ephemeral-key A/O8DVtnUheb3r1JqoB8uJB7wxXL1XJX3eny4yB+eFA=\n"
"auth-client oiNrQB8WwKo S5D02W7vKgiWIMygrBl8RQ FB//SfOBmLEx1kViEWWL1g\n"
"encrypted\n"
"-----BEGIN MESSAGE-----\n"
"YmVpbmcgb24gbW91bnRhaW5zLCB0aGlua2luZyBhYm91dCBjb21wdXRlcnMsIGlzIG5vdC"
"BiYWQgYXQgYWxs\n"
"-----END MESSAGE-----\n";
/* bad ephemeral key */
static const char bad_superencrypted_text2[] = "desc-auth-type x25519\n"
"desc-auth-ephemeral-key differentalphabet\n"
"auth-client oiNrQB8WwKo S5D02W7vKgiWIMygrBl8RQ FB//SfOBmLEx1kViEWWL1g\n"
"encrypted\n"
"-----BEGIN MESSAGE-----\n"
"YmVpbmcgb24gbW91bnRhaW5zLCB0aGlua2luZyBhYm91dCBjb21wdXRlcnMsIGlzIG5vdC"
"BiYWQgYXQgYWxs\n"
"-----END MESSAGE-----\n";
/* bad encrypted msg */
static const char bad_superencrypted_text3[] = "desc-auth-type x25519\n"
"desc-auth-ephemeral-key A/O8DVtnUheb3r1JqoB8uJB7wxXL1XJX3eny4yB+eFA=\n"
"auth-client oiNrQB8WwKo S5D02W7vKgiWIMygrBl8RQ FB//SfOBmLEx1kViEWWL1g\n"
"encrypted\n"
"-----BEGIN MESSAGE-----\n"
"SO SMALL NOT GOOD\n"
"-----END MESSAGE-----\n";
static const char correct_superencrypted_text[] = "desc-auth-type x25519\n"
"desc-auth-ephemeral-key A/O8DVtnUheb3r1JqoB8uJB7wxXL1XJX3eny4yB+eFA=\n"
"auth-client oiNrQB8WwKo S5D02W7vKgiWIMygrBl8RQ FB//SfOBmLEx1kViEWWL1g\n"
"auth-client Od09Qu636Qo /PKLzqewAdS/+0+vZC+MvQ dpw4NFo13zDnuPz45rxrOg\n"
"auth-client JRr840iGYN0 8s8cxYqF7Lx23+NducC4Qg zAafl4wPLURkuEjJreZq1g\n"
"encrypted\n"
"-----BEGIN MESSAGE-----\n"
"YmVpbmcgb24gbW91bnRhaW5zLCB0aGlua2luZyBhYm91dCBjb21wdXRlcnMsIGlzIG5vdC"
"BiYWQgYXQgYWxs\n"
"-----END MESSAGE-----\n";
static const char correct_encrypted_plaintext[] = "being on mountains, "
"thinking about computers, is not bad at all";
static void
test_parse_hs_desc_superencrypted(void *arg)
{
(void) arg;
size_t retval;
uint8_t *encrypted_out = NULL;
{
setup_full_capture_of_logs(LOG_WARN);
retval = decode_superencrypted(bad_superencrypted_text1,
strlen(bad_superencrypted_text1),
&encrypted_out);
tt_u64_op(retval, OP_EQ, 0);
tt_ptr_op(encrypted_out, OP_EQ, NULL);
expect_log_msg_containing("Unrecognized desc auth type");
teardown_capture_of_logs();
}
{
setup_full_capture_of_logs(LOG_WARN);
retval = decode_superencrypted(bad_superencrypted_text2,
strlen(bad_superencrypted_text2),
&encrypted_out);
tt_u64_op(retval, OP_EQ, 0);
tt_ptr_op(encrypted_out, OP_EQ, NULL);
expect_log_msg_containing("Bogus desc auth key in HS desc");
teardown_capture_of_logs();
}
{
setup_full_capture_of_logs(LOG_WARN);
retval = decode_superencrypted(bad_superencrypted_text3,
strlen(bad_superencrypted_text3),
&encrypted_out);
tt_u64_op(retval, OP_EQ, 0);
tt_ptr_op(encrypted_out, OP_EQ, NULL);
expect_log_msg_containing("Length of descriptor\'s encrypted data "
"is too small.");
teardown_capture_of_logs();
}
/* Now finally the good one */
retval = decode_superencrypted(correct_superencrypted_text,
strlen(correct_superencrypted_text),
&encrypted_out);
tt_u64_op(retval, OP_EQ, strlen(correct_encrypted_plaintext));
tt_mem_op(encrypted_out, OP_EQ, correct_encrypted_plaintext,
strlen(correct_encrypted_plaintext));
done:
tor_free(encrypted_out);
}
struct testcase_t hs_descriptor[] = {
/* Encoding tests. */
{ "cert_encoding", test_cert_encoding, TT_FORK,
......@@ -980,8 +884,5 @@ struct testcase_t hs_descriptor[] = {
{ "build_authorized_client", test_build_authorized_client, TT_FORK,
NULL, NULL },
{ "parse_hs_desc_superencrypted", test_parse_hs_desc_superencrypted,
TT_FORK, NULL, NULL },
END_OF_TESTCASES
};
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment