Turn hs_subcredential_t into a proper struct.

1 files changed, 13 insertions, 11 deletions

diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index 65d6c7a581..7f28e1c341 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -211,7 +211,7 @@ build_secret_input(const hs_descriptor_t *desc,
   memcpy(secret_input, secret_data, secret_data_len);
   offset += secret_data_len;
   /* Copy subcredential. */
-  memcpy(secret_input + offset, desc->subcredential, DIGEST256_LEN);
+  memcpy(secret_input + offset, desc->subcredential.subcred, DIGEST256_LEN);
   offset += DIGEST256_LEN;
   /* Copy revision counter value. */
   set_uint64(secret_input + offset,
@@ -1018,9 +1018,11 @@ desc_encode_v3(const hs_descriptor_t *desc,
   tor_assert(encoded_out);
   tor_assert(desc->plaintext_data.version == 3);
 
+  /* This is impossible; this is a member of desc.
   if (BUG(desc->subcredential == NULL)) {
     goto err;
   }
+  */
 
   /* Build the non-encrypted values. */
   {
@@ -1366,8 +1368,7 @@ encrypted_data_length_is_valid(size_t len)
  * and return the buffer's length. The caller should wipe and free its content
  * once done with it. This function can't fail. */
 static size_t
-build_descriptor_cookie_keys(const uint8_t *subcredential,
-                             size_t subcredential_len,
+build_descriptor_cookie_keys(const hs_subcredential_t *subcredential,
                              const curve25519_secret_key_t *sk,
                              const curve25519_public_key_t *pk,
                              uint8_t **keys_out)
@@ -1389,7 +1390,7 @@ build_descriptor_cookie_keys(const uint8_t *subcredential,
 
   /* Calculate KEYS = KDF(subcredential | SECRET_SEED, 40) */
   xof = crypto_xof_new();
-  crypto_xof_add_bytes(xof, subcredential, subcredential_len);
+  crypto_xof_add_bytes(xof, subcredential->subcred, SUBCRED_LEN);
   crypto_xof_add_bytes(xof, secret_seed, sizeof(secret_seed));
   crypto_xof_squeeze_bytes(xof, keystream, keystream_len);
   crypto_xof_free(xof);
@@ -1426,11 +1427,12 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
         sizeof(desc->superencrypted_data.auth_ephemeral_pubkey)));
   tor_assert(!fast_mem_is_zero((char *) client_auth_sk,
                               sizeof(*client_auth_sk)));
-  tor_assert(!fast_mem_is_zero((char *) desc->subcredential, DIGEST256_LEN));
+  tor_assert(!fast_mem_is_zero((char *) desc->subcredential.subcred,
+                               DIGEST256_LEN));
 
   /* Get the KEYS component to derive the CLIENT-ID and COOKIE-KEY. */
   keystream_length =
-    build_descriptor_cookie_keys(desc->subcredential, DIGEST256_LEN,
+    build_descriptor_cookie_keys(&desc->subcredential,
                              client_auth_sk,
                              &desc->superencrypted_data.auth_ephemeral_pubkey,
                              &keystream);
@@ -2558,7 +2560,7 @@ hs_desc_decode_plaintext(const char *encoded,
  * set to NULL. */
 hs_desc_decode_status_t
 hs_desc_decode_descriptor(const char *encoded,
-                          const uint8_t *subcredential,
+                          const hs_subcredential_t *subcredential,
                           const curve25519_secret_key_t *client_auth_sk,
                           hs_descriptor_t **desc_out)
 {
@@ -2576,7 +2578,7 @@ hs_desc_decode_descriptor(const char *encoded,
     goto err;
   }
 
-  memcpy(desc->subcredential, subcredential, sizeof(desc->subcredential));
+  memcpy(&desc->subcredential, subcredential, sizeof(desc->subcredential));
 
   ret = hs_desc_decode_plaintext(encoded, &desc->plaintext_data);
   if (ret != HS_DESC_DECODE_OK) {
@@ -2666,7 +2668,7 @@ hs_desc_encode_descriptor,(const hs_descriptor_t *desc,
    * symmetric only if the client auth is disabled. That is, the descriptor
    * cookie will be NULL. */
   if (!descriptor_cookie) {
-    ret = hs_desc_decode_descriptor(*encoded_out, desc->subcredential,
+    ret = hs_desc_decode_descriptor(*encoded_out, &desc->subcredential,
                                     NULL, NULL);
     if (BUG(ret != HS_DESC_DECODE_OK)) {
       ret = -1;
@@ -2870,7 +2872,7 @@ hs_desc_build_fake_authorized_client(void)
  * key, and descriptor cookie, build the auth client so we can then encode the
  * descriptor for publication. client_out must be already allocated. */
 void
-hs_desc_build_authorized_client(const uint8_t *subcredential,
+hs_desc_build_authorized_client(const hs_subcredential_t *subcredential,
                                 const curve25519_public_key_t *client_auth_pk,
                                 const curve25519_secret_key_t *
                                 auth_ephemeral_sk,
@@ -2898,7 +2900,7 @@ hs_desc_build_authorized_client(const uint8_t *subcredential,
 
   /* Get the KEYS part so we can derive the CLIENT-ID and COOKIE-KEY. */
   keystream_length =
-    build_descriptor_cookie_keys(subcredential, DIGEST256_LEN,
+    build_descriptor_cookie_keys(subcredential,
                                  auth_ephemeral_sk, client_auth_pk,
                                  &keystream);
   tor_assert(keystream_length > 0);