Loading src/feature/hs/hs_client.c +4 −3 Original line number Diff line number Diff line Loading @@ -1233,7 +1233,7 @@ hs_client_decode_descriptor(const char *desc_str, uint8_t subcredential[DIGEST256_LEN]; ed25519_public_key_t blinded_pubkey; hs_client_service_authorization_t *client_auth = NULL; curve25519_secret_key_t *client_sk = NULL; curve25519_secret_key_t *client_auht_sk = NULL; tor_assert(desc_str); tor_assert(service_identity_pk); Loading @@ -1242,7 +1242,7 @@ hs_client_decode_descriptor(const char *desc_str, /* Check if we have a client authorization for this service in the map. */ client_auth = find_client_auth(service_identity_pk); if (client_auth) { client_sk = &client_auth->enc_seckey; client_auht_sk = &client_auth->enc_seckey; } /* Create subcredential for this HS so that we can decrypt */ Loading @@ -1254,7 +1254,8 @@ hs_client_decode_descriptor(const char *desc_str, } /* Parse descriptor */ ret = hs_desc_decode_descriptor(desc_str, subcredential, client_sk, desc); ret = hs_desc_decode_descriptor(desc_str, subcredential, client_auht_sk, desc); memwipe(subcredential, 0, sizeof(subcredential)); if (ret < 0) { log_warn(LD_GENERAL, "Could not parse received descriptor as client."); Loading src/feature/hs/hs_descriptor.c +17 −16 Original line number Diff line number Diff line Loading @@ -1408,7 +1408,7 @@ encrypted_data_length_is_valid(size_t len) static int decrypt_descriptor_cookie(const hs_descriptor_t *desc, const hs_desc_authorized_client_t *client, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, uint8_t **descriptor_cookie_out) { int ret = -1; Loading @@ -1421,15 +1421,15 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc, tor_assert(desc); tor_assert(client); tor_assert(client_sk); tor_assert(client_auth_sk); tor_assert(!tor_mem_is_zero( (char *) &desc->superencrypted_data.auth_ephemeral_pubkey, sizeof(desc->superencrypted_data.auth_ephemeral_pubkey))); tor_assert(!tor_mem_is_zero((char *) client_sk, sizeof(*client_sk))); tor_assert(!tor_mem_is_zero((char *) client_auth_sk, sizeof(*client_auth_sk))); /* Calculate x25519(client_x, hs_Y) */ curve25519_handshake(secret_seed, client_sk, curve25519_handshake(secret_seed, client_auth_sk, &desc->superencrypted_data.auth_ephemeral_pubkey); /* Calculate KEYS = KDF(SECRET_SEED, 40) */ Loading @@ -1440,7 +1440,7 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc, /* If the client id of auth client is not the same as the calculcated * client id, it means that this auth client is invaild according to the * client secret key client_sk. */ * client secret key client_auth_sk. */ if (tor_memneq(client->client_id, keystream, HS_DESC_CLIENT_ID_LEN)) { goto done; } Loading Loading @@ -1630,7 +1630,7 @@ desc_decrypt_superencrypted(const hs_descriptor_t *desc, char **decrypted_out) * decrypted_out is set to NULL. */ static size_t desc_decrypt_encrypted(const hs_descriptor_t *desc, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, char **decrypted_out) { size_t encrypted_len = 0; Loading @@ -1643,12 +1643,12 @@ desc_decrypt_encrypted(const hs_descriptor_t *desc, /* If the client secret key is provided, try to find a valid descriptor * cookie. Otherwise, leave it NULL. */ if (client_sk) { if (client_auth_sk) { SMARTLIST_FOREACH_BEGIN(desc->superencrypted_data.clients, hs_desc_authorized_client_t *, client) { /* If we can decrypt the descriptor cookie successfully, we will use that * descriptor cookie and break from the loop. */ if (!decrypt_descriptor_cookie(desc, client, client_sk, if (!decrypt_descriptor_cookie(desc, client, client_auth_sk, &descriptor_cookie)) { break; } Loading Loading @@ -2253,7 +2253,7 @@ desc_decode_superencrypted_v3(const hs_descriptor_t *desc, * success else -1. */ static int desc_decode_encrypted_v3(const hs_descriptor_t *desc, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, hs_desc_encrypted_data_t *desc_encrypted_out) { int ret = -1; Loading @@ -2268,7 +2268,7 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc, /* Decrypt the encrypted data that is located in the superencrypted section * in the descriptor as a blob of bytes. */ message_len = desc_decrypt_encrypted(desc, client_sk, &message); message_len = desc_decrypt_encrypted(desc, client_auth_sk, &message); if (!message_len) { log_warn(LD_REND, "Service descriptor decryption failed."); goto err; Loading Loading @@ -2353,7 +2353,7 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc, static int (*decode_encrypted_handlers[])( const hs_descriptor_t *desc, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, hs_desc_encrypted_data_t *desc_encrypted) = { /* v0 */ NULL, /* v1 */ NULL, /* v2 */ NULL, Loading @@ -2365,7 +2365,7 @@ static int * negative value on error. */ int hs_desc_decode_encrypted(const hs_descriptor_t *desc, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, hs_desc_encrypted_data_t *desc_encrypted) { int ret; Loading @@ -2391,7 +2391,8 @@ hs_desc_decode_encrypted(const hs_descriptor_t *desc, tor_assert(decode_encrypted_handlers[version]); /* Run the version specific plaintext decoder. */ ret = decode_encrypted_handlers[version](desc, client_sk, desc_encrypted); ret = decode_encrypted_handlers[version](desc, client_auth_sk, desc_encrypted); if (ret < 0) { goto err; } Loading Loading @@ -2547,7 +2548,7 @@ hs_desc_decode_plaintext(const char *encoded, int hs_desc_decode_descriptor(const char *encoded, const uint8_t *subcredential, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, hs_descriptor_t **desc_out) { int ret = -1; Loading Loading @@ -2575,7 +2576,7 @@ hs_desc_decode_descriptor(const char *encoded, goto err; } ret = hs_desc_decode_encrypted(desc, client_sk, &desc->encrypted_data); ret = hs_desc_decode_encrypted(desc, client_auth_sk, &desc->encrypted_data); if (ret < 0) { goto err; } Loading src/feature/hs/hs_descriptor.h +2 −2 Original line number Diff line number Diff line Loading @@ -277,14 +277,14 @@ MOCK_DECL(int, int hs_desc_decode_descriptor(const char *encoded, const uint8_t *subcredential, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, hs_descriptor_t **desc_out); int hs_desc_decode_plaintext(const char *encoded, hs_desc_plaintext_data_t *plaintext); int hs_desc_decode_superencrypted(const hs_descriptor_t *desc, hs_desc_superencrypted_data_t *desc_out); int hs_desc_decode_encrypted(const hs_descriptor_t *desc, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, hs_desc_encrypted_data_t *desc_out); size_t hs_desc_obj_size(const hs_descriptor_t *data); Loading src/test/test_hs_descriptor.c +3 −3 Original line number Diff line number Diff line Loading @@ -867,7 +867,7 @@ test_build_authorized_client(void *arg) hs_desc_authorized_client_t *desc_client = NULL; uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN]; curve25519_secret_key_t auth_ephemeral_sk; curve25519_secret_key_t client_sk; curve25519_secret_key_t client_auth_sk; curve25519_public_key_t client_pk; const char ephemeral_sk_b16[] = "d023b674d993a5c8446bd2ca97e9961149b3c0e88c7dc14e8777744dd3468d6a"; Loading @@ -882,9 +882,9 @@ test_build_authorized_client(void *arg) ret = curve25519_secret_key_generate(&auth_ephemeral_sk, 0); tt_int_op(ret, OP_EQ, 0); ret = curve25519_secret_key_generate(&client_sk, 0); ret = curve25519_secret_key_generate(&client_auth_sk, 0); tt_int_op(ret, OP_EQ, 0); curve25519_public_key_generate(&client_pk, &client_sk); curve25519_public_key_generate(&client_pk, &client_auth_sk); desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t)); Loading Loading
src/feature/hs/hs_client.c +4 −3 Original line number Diff line number Diff line Loading @@ -1233,7 +1233,7 @@ hs_client_decode_descriptor(const char *desc_str, uint8_t subcredential[DIGEST256_LEN]; ed25519_public_key_t blinded_pubkey; hs_client_service_authorization_t *client_auth = NULL; curve25519_secret_key_t *client_sk = NULL; curve25519_secret_key_t *client_auht_sk = NULL; tor_assert(desc_str); tor_assert(service_identity_pk); Loading @@ -1242,7 +1242,7 @@ hs_client_decode_descriptor(const char *desc_str, /* Check if we have a client authorization for this service in the map. */ client_auth = find_client_auth(service_identity_pk); if (client_auth) { client_sk = &client_auth->enc_seckey; client_auht_sk = &client_auth->enc_seckey; } /* Create subcredential for this HS so that we can decrypt */ Loading @@ -1254,7 +1254,8 @@ hs_client_decode_descriptor(const char *desc_str, } /* Parse descriptor */ ret = hs_desc_decode_descriptor(desc_str, subcredential, client_sk, desc); ret = hs_desc_decode_descriptor(desc_str, subcredential, client_auht_sk, desc); memwipe(subcredential, 0, sizeof(subcredential)); if (ret < 0) { log_warn(LD_GENERAL, "Could not parse received descriptor as client."); Loading
src/feature/hs/hs_descriptor.c +17 −16 Original line number Diff line number Diff line Loading @@ -1408,7 +1408,7 @@ encrypted_data_length_is_valid(size_t len) static int decrypt_descriptor_cookie(const hs_descriptor_t *desc, const hs_desc_authorized_client_t *client, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, uint8_t **descriptor_cookie_out) { int ret = -1; Loading @@ -1421,15 +1421,15 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc, tor_assert(desc); tor_assert(client); tor_assert(client_sk); tor_assert(client_auth_sk); tor_assert(!tor_mem_is_zero( (char *) &desc->superencrypted_data.auth_ephemeral_pubkey, sizeof(desc->superencrypted_data.auth_ephemeral_pubkey))); tor_assert(!tor_mem_is_zero((char *) client_sk, sizeof(*client_sk))); tor_assert(!tor_mem_is_zero((char *) client_auth_sk, sizeof(*client_auth_sk))); /* Calculate x25519(client_x, hs_Y) */ curve25519_handshake(secret_seed, client_sk, curve25519_handshake(secret_seed, client_auth_sk, &desc->superencrypted_data.auth_ephemeral_pubkey); /* Calculate KEYS = KDF(SECRET_SEED, 40) */ Loading @@ -1440,7 +1440,7 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc, /* If the client id of auth client is not the same as the calculcated * client id, it means that this auth client is invaild according to the * client secret key client_sk. */ * client secret key client_auth_sk. */ if (tor_memneq(client->client_id, keystream, HS_DESC_CLIENT_ID_LEN)) { goto done; } Loading Loading @@ -1630,7 +1630,7 @@ desc_decrypt_superencrypted(const hs_descriptor_t *desc, char **decrypted_out) * decrypted_out is set to NULL. */ static size_t desc_decrypt_encrypted(const hs_descriptor_t *desc, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, char **decrypted_out) { size_t encrypted_len = 0; Loading @@ -1643,12 +1643,12 @@ desc_decrypt_encrypted(const hs_descriptor_t *desc, /* If the client secret key is provided, try to find a valid descriptor * cookie. Otherwise, leave it NULL. */ if (client_sk) { if (client_auth_sk) { SMARTLIST_FOREACH_BEGIN(desc->superencrypted_data.clients, hs_desc_authorized_client_t *, client) { /* If we can decrypt the descriptor cookie successfully, we will use that * descriptor cookie and break from the loop. */ if (!decrypt_descriptor_cookie(desc, client, client_sk, if (!decrypt_descriptor_cookie(desc, client, client_auth_sk, &descriptor_cookie)) { break; } Loading Loading @@ -2253,7 +2253,7 @@ desc_decode_superencrypted_v3(const hs_descriptor_t *desc, * success else -1. */ static int desc_decode_encrypted_v3(const hs_descriptor_t *desc, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, hs_desc_encrypted_data_t *desc_encrypted_out) { int ret = -1; Loading @@ -2268,7 +2268,7 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc, /* Decrypt the encrypted data that is located in the superencrypted section * in the descriptor as a blob of bytes. */ message_len = desc_decrypt_encrypted(desc, client_sk, &message); message_len = desc_decrypt_encrypted(desc, client_auth_sk, &message); if (!message_len) { log_warn(LD_REND, "Service descriptor decryption failed."); goto err; Loading Loading @@ -2353,7 +2353,7 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc, static int (*decode_encrypted_handlers[])( const hs_descriptor_t *desc, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, hs_desc_encrypted_data_t *desc_encrypted) = { /* v0 */ NULL, /* v1 */ NULL, /* v2 */ NULL, Loading @@ -2365,7 +2365,7 @@ static int * negative value on error. */ int hs_desc_decode_encrypted(const hs_descriptor_t *desc, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, hs_desc_encrypted_data_t *desc_encrypted) { int ret; Loading @@ -2391,7 +2391,8 @@ hs_desc_decode_encrypted(const hs_descriptor_t *desc, tor_assert(decode_encrypted_handlers[version]); /* Run the version specific plaintext decoder. */ ret = decode_encrypted_handlers[version](desc, client_sk, desc_encrypted); ret = decode_encrypted_handlers[version](desc, client_auth_sk, desc_encrypted); if (ret < 0) { goto err; } Loading Loading @@ -2547,7 +2548,7 @@ hs_desc_decode_plaintext(const char *encoded, int hs_desc_decode_descriptor(const char *encoded, const uint8_t *subcredential, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, hs_descriptor_t **desc_out) { int ret = -1; Loading Loading @@ -2575,7 +2576,7 @@ hs_desc_decode_descriptor(const char *encoded, goto err; } ret = hs_desc_decode_encrypted(desc, client_sk, &desc->encrypted_data); ret = hs_desc_decode_encrypted(desc, client_auth_sk, &desc->encrypted_data); if (ret < 0) { goto err; } Loading
src/feature/hs/hs_descriptor.h +2 −2 Original line number Diff line number Diff line Loading @@ -277,14 +277,14 @@ MOCK_DECL(int, int hs_desc_decode_descriptor(const char *encoded, const uint8_t *subcredential, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, hs_descriptor_t **desc_out); int hs_desc_decode_plaintext(const char *encoded, hs_desc_plaintext_data_t *plaintext); int hs_desc_decode_superencrypted(const hs_descriptor_t *desc, hs_desc_superencrypted_data_t *desc_out); int hs_desc_decode_encrypted(const hs_descriptor_t *desc, const curve25519_secret_key_t *client_sk, const curve25519_secret_key_t *client_auth_sk, hs_desc_encrypted_data_t *desc_out); size_t hs_desc_obj_size(const hs_descriptor_t *data); Loading
src/test/test_hs_descriptor.c +3 −3 Original line number Diff line number Diff line Loading @@ -867,7 +867,7 @@ test_build_authorized_client(void *arg) hs_desc_authorized_client_t *desc_client = NULL; uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN]; curve25519_secret_key_t auth_ephemeral_sk; curve25519_secret_key_t client_sk; curve25519_secret_key_t client_auth_sk; curve25519_public_key_t client_pk; const char ephemeral_sk_b16[] = "d023b674d993a5c8446bd2ca97e9961149b3c0e88c7dc14e8777744dd3468d6a"; Loading @@ -882,9 +882,9 @@ test_build_authorized_client(void *arg) ret = curve25519_secret_key_generate(&auth_ephemeral_sk, 0); tt_int_op(ret, OP_EQ, 0); ret = curve25519_secret_key_generate(&client_sk, 0); ret = curve25519_secret_key_generate(&client_auth_sk, 0); tt_int_op(ret, OP_EQ, 0); curve25519_public_key_generate(&client_pk, &client_sk); curve25519_public_key_generate(&client_pk, &client_auth_sk); desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t)); Loading
David Goulet <dgoulet@torproject.org>David Goulet <dgoulet@torproject.org>