diff options
| author | George Kadianakis <desnacked@riseup.net> | 2018-09-06 16:07:27 +0300 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2018-09-07 14:05:07 -0400 |
| commit | 1e9428dc618250ba7a64f5e2e0451a9da9c75853 (patch) | |
| tree | 2f47f6bd6c1a924b497622f9c8df5cbe7e4f1630 /src/feature/hs/hs_descriptor.c | |
| parent | c76d00abfa779059b2936e5b84c032d0e36726d4 (diff) | |
| download | tor-1e9428dc618250ba7a64f5e2e0451a9da9c75853.tar.gz tor-1e9428dc618250ba7a64f5e2e0451a9da9c75853.zip | |
HSv3: Add subcredential in client auth KDF on the service-side.
Also update some client auth test vectors that broke...
Diffstat (limited to 'src/feature/hs/hs_descriptor.c')
| -rw-r--r-- | src/feature/hs/hs_descriptor.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index 9c3d4fc96b..f34685e232 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -2851,11 +2851,12 @@ hs_desc_build_fake_authorized_client(void) return client_auth; } -/* Using the client public key, auth ephemeral secret key, and descriptor - * cookie, build the auth client so we can then encode the descriptor for - * publication. client_out must be already allocated. */ +/* Using the service's subcredential, client public key, auth ephemeral secret + * key, and descriptor cookie, build the auth client so we can then encode the + * descriptor for publication. client_out must be already allocated. */ void -hs_desc_build_authorized_client(const curve25519_public_key_t *client_auth_pk, +hs_desc_build_authorized_client(const uint8_t *subcredential, + const curve25519_public_key_t *client_auth_pk, const curve25519_secret_key_t * auth_ephemeral_sk, const uint8_t *descriptor_cookie, @@ -2871,20 +2872,24 @@ hs_desc_build_authorized_client(const curve25519_public_key_t *client_auth_pk, tor_assert(auth_ephemeral_sk); tor_assert(descriptor_cookie); tor_assert(client_out); + tor_assert(subcredential); tor_assert(!tor_mem_is_zero((char *) auth_ephemeral_sk, sizeof(*auth_ephemeral_sk))); tor_assert(!tor_mem_is_zero((char *) client_auth_pk, sizeof(*client_auth_pk))); tor_assert(!tor_mem_is_zero((char *) descriptor_cookie, HS_DESC_DESCRIPTOR_COOKIE_LEN)); + tor_assert(!tor_mem_is_zero((char *) subcredential, + DIGEST256_LEN)); /* Calculate x25519(hs_y, client_X) */ curve25519_handshake(secret_seed, auth_ephemeral_sk, client_auth_pk); - /* Calculate KEYS = KDF(SECRET_SEED, 40) */ + /* Calculate KEYS = KDF(subcredential | SECRET_SEED, 40) */ xof = crypto_xof_new(); + crypto_xof_add_bytes(xof, subcredential, DIGEST256_LEN); crypto_xof_add_bytes(xof, secret_seed, sizeof(secret_seed)); crypto_xof_squeeze_bytes(xof, keystream, sizeof(keystream)); crypto_xof_free(xof); |