diff options
| author | George Kadianakis <desnacked@riseup.net> | 2017-02-08 14:43:43 +0200 |
|---|---|---|
| committer | George Kadianakis <desnacked@riseup.net> | 2017-03-13 15:55:20 +0200 |
| commit | b2e37b87a71704aa5274a8c9d47a6740f5953cf4 (patch) | |
| tree | 959a7d31298396b3ed1d8692b08c76a0d87546f1 /src/or/hs_descriptor.h | |
| parent | bb602f61972874aa03181ede877ee8e85ce0389d (diff) | |
| download | tor-b2e37b87a71704aa5274a8c9d47a6740f5953cf4.tar.gz tor-b2e37b87a71704aa5274a8c9d47a6740f5953cf4.zip | |
prop224: Implement encoding of superencrypted HS descriptor.
Also, relaxed the checks of encrypted_data_length_is_valid() since now
only one encrypted section has padding requirements and we don't
actually care to check that all the padding is there.
Consider starting code review from function encode_superencrypted_data().
Diffstat (limited to 'src/or/hs_descriptor.h')
| -rw-r--r-- | src/or/hs_descriptor.h | 19 |
1 files changed, 3 insertions, 16 deletions
diff --git a/src/or/hs_descriptor.h b/src/or/hs_descriptor.h index 3b5832bdf2..4e0e86681e 100644 --- a/src/or/hs_descriptor.h +++ b/src/or/hs_descriptor.h @@ -41,24 +41,11 @@ * the secret IV and MAC key length which is the length of H() output. */ #define HS_DESC_ENCRYPTED_KDF_OUTPUT_LEN \ CIPHER256_KEY_LEN + CIPHER_IV_LEN + DIGEST256_LEN -/* We need to pad the plaintext version of the encrypted data section before - * encryption and it has to be a multiple of this value. */ -#define HS_DESC_PLAINTEXT_PADDING_MULTIPLE 128 -/* XXX: Let's make sure this makes sense as an upper limit for the padded - * plaintext section. Then we should enforce it as now only an assert will be - * triggered if we are above it. */ -/* Once padded, this is the maximum length in bytes for the plaintext. */ -#define HS_DESC_PADDED_PLAINTEXT_MAX_LEN 8192 -/* Minimum length in bytes of the encrypted portion of the descriptor. */ -#define HS_DESC_ENCRYPTED_MIN_LEN \ - HS_DESC_ENCRYPTED_SALT_LEN + \ - HS_DESC_PLAINTEXT_PADDING_MULTIPLE + DIGEST256_LEN +/* Pad plaintext of superencrypted data section before encryption so that its + * length is a multiple of this value. */ +#define HS_DESC_SUPERENC_PLAINTEXT_PAD_MULTIPLE 10000 /* Maximum length in bytes of a full hidden service descriptor. */ #define HS_DESC_MAX_LEN 50000 /* 50kb max size */ -/* The minimum amount of fields a descriptor should contain. The parsing of - * the fields are version specific so the only required field, as a generic - * view of a descriptor, is 1 that is the version field. */ -#define HS_DESC_PLAINTEXT_MIN_FIELDS 1 /* Key length for the descriptor symmetric encryption. As specified in the * protocol, we use AES-256 for the encrypted section of the descriptor. The |