Merge remote-tracking branch 'tor-github/pr/1039' into maint-0.4.0

author: Nick Mathewson <nickm@torproject.org> 2019-06-05 16:13:53 -0400
committer: Nick Mathewson <nickm@torproject.org> 2019-06-05 16:13:53 -0400
commit: 2300a619a548ed529551c731dd706fea0b2a0a20 (patch)
tree: d5694d522b70479e2f79f07bf6db05d445e2f37c /src/trunnel
parent: 851e881f01355b0290e79100c09dbedd425f8946 (diff)
parent: 245dccb77d79dc432bb7aab21ce2c893da4b602a (diff)
download: tor-2300a619a548ed529551c731dd706fea0b2a0a20.tar.gz
tor-2300a619a548ed529551c731dd706fea0b2a0a20.zip
3 files changed, 42 insertions, 30 deletions
diff --git a/src/trunnel/hs/cell_introduce1.c b/src/trunnel/hs/cell_introduce1.c
index 358b355cda..53b3d299f2 100644
--- a/src/trunnel/hs/cell_introduce1.c
+++ b/src/trunnel/hs/cell_introduce1.c
@@ -50,6 +50,7 @@ trn_cell_introduce1_new(void)
   trn_cell_introduce1_t *val = trunnel_calloc(1, sizeof(trn_cell_introduce1_t));
   if (NULL == val)
     return NULL;
+  val->auth_key_type = TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_ED25519;
   return val;
 }
 
@@ -121,7 +122,7 @@ trn_cell_introduce1_get_auth_key_type(const trn_cell_introduce1_t *inp)
 int
 trn_cell_introduce1_set_auth_key_type(trn_cell_introduce1_t *inp, uint8_t val)
 {
-  if (! ((val == 0 || val == 1 || val == 2))) {
+  if (! ((val == TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_ED25519 || val == TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY0 || val == TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY1))) {
      TRUNNEL_SET_ERROR_CODE(inp);
      return -1;
   }
@@ -295,7 +296,7 @@ trn_cell_introduce1_check(const trn_cell_introduce1_t *obj)
     return "Object was NULL";
   if (obj->trunnel_error_code_)
     return "A set function failed on this object";
-  if (! (obj->auth_key_type == 0 || obj->auth_key_type == 1 || obj->auth_key_type == 2))
+  if (! (obj->auth_key_type == TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_ED25519 || obj->auth_key_type == TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY0 || obj->auth_key_type == TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY1))
     return "Integer out of bounds";
   if (TRUNNEL_DYNARRAY_LEN(&obj->auth_key) != obj->auth_key_len)
     return "Length mismatch for auth_key";
@@ -319,7 +320,7 @@ trn_cell_introduce1_encoded_len(const trn_cell_introduce1_t *obj)
   /* Length of u8 legacy_key_id[TRUNNEL_SHA1_LEN] */
   result += TRUNNEL_SHA1_LEN;
 
-  /* Length of u8 auth_key_type IN [0, 1, 2] */
+  /* Length of u8 auth_key_type IN [TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_ED25519, TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY0, TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY1] */
   result += 1;
 
   /* Length of u16 auth_key_len */
@@ -367,7 +368,7 @@ trn_cell_introduce1_encode(uint8_t *output, const size_t avail, const trn_cell_i
   memcpy(ptr, obj->legacy_key_id, TRUNNEL_SHA1_LEN);
   written += TRUNNEL_SHA1_LEN; ptr += TRUNNEL_SHA1_LEN;
 
-  /* Encode u8 auth_key_type IN [0, 1, 2] */
+  /* Encode u8 auth_key_type IN [TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_ED25519, TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY0, TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY1] */
   trunnel_assert(written <= avail);
   if (avail - written < 1)
     goto truncated;
@@ -451,11 +452,11 @@ trn_cell_introduce1_parse_into(trn_cell_introduce1_t *obj, const uint8_t *input,
   memcpy(obj->legacy_key_id, ptr, TRUNNEL_SHA1_LEN);
   remaining -= TRUNNEL_SHA1_LEN; ptr += TRUNNEL_SHA1_LEN;
 
-  /* Parse u8 auth_key_type IN [0, 1, 2] */
+  /* Parse u8 auth_key_type IN [TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_ED25519, TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY0, TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY1] */
   CHECK_REMAINING(1, truncated);
   obj->auth_key_type = (trunnel_get_uint8(ptr));
   remaining -= 1; ptr += 1;
-  if (! (obj->auth_key_type == 0 || obj->auth_key_type == 1 || obj->auth_key_type == 2))
+  if (! (obj->auth_key_type == TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_ED25519 || obj->auth_key_type == TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY0 || obj->auth_key_type == TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY1))
     goto fail;
 
   /* Parse u16 auth_key_len */
@@ -550,10 +551,6 @@ trn_cell_introduce_ack_get_status(const trn_cell_introduce_ack_t *inp)
 int
 trn_cell_introduce_ack_set_status(trn_cell_introduce_ack_t *inp, uint16_t val)
 {
-  if (! ((val == 0 || val == 1 || val == 2))) {
-     TRUNNEL_SET_ERROR_CODE(inp);
-     return -1;
-  }
   inp->status = val;
   return 0;
 }
@@ -587,8 +584,6 @@ trn_cell_introduce_ack_check(const trn_cell_introduce_ack_t *obj)
     return "Object was NULL";
   if (obj->trunnel_error_code_)
     return "A set function failed on this object";
-  if (! (obj->status == 0 || obj->status == 1 || obj->status == 2))
-    return "Integer out of bounds";
   {
     const char *msg;
     if (NULL != (msg = trn_cell_extension_check(obj->extensions)))
@@ -606,7 +601,7 @@ trn_cell_introduce_ack_encoded_len(const trn_cell_introduce_ack_t *obj)
      return -1;
 
 
-  /* Length of u16 status IN [0, 1, 2] */
+  /* Length of u16 status */
   result += 2;
 
   /* Length of struct trn_cell_extension extensions */
@@ -638,7 +633,7 @@ trn_cell_introduce_ack_encode(uint8_t *output, const size_t avail, const trn_cel
   trunnel_assert(encoded_len >= 0);
 #endif
 
-  /* Encode u16 status IN [0, 1, 2] */
+  /* Encode u16 status */
   trunnel_assert(written <= avail);
   if (avail - written < 2)
     goto truncated;
@@ -687,12 +682,10 @@ trn_cell_introduce_ack_parse_into(trn_cell_introduce_ack_t *obj, const uint8_t *
   ssize_t result = 0;
   (void)result;
 
-  /* Parse u16 status IN [0, 1, 2] */
+  /* Parse u16 status */
   CHECK_REMAINING(2, truncated);
   obj->status = trunnel_ntohs(trunnel_get_uint16(ptr));
   remaining -= 2; ptr += 2;
-  if (! (obj->status == 0 || obj->status == 1 || obj->status == 2))
-    goto fail;
 
   /* Parse struct trn_cell_extension extensions */
   result = trn_cell_extension_parse(&obj->extensions, ptr, remaining);
@@ -708,9 +701,6 @@ trn_cell_introduce_ack_parse_into(trn_cell_introduce_ack_t *obj, const uint8_t *
  relay_fail:
   trunnel_assert(result < 0);
   return result;
- fail:
-  result = -1;
-  return result;
 }
 
 ssize_t
@@ -733,7 +723,7 @@ trn_cell_introduce_encrypted_new(void)
   trn_cell_introduce_encrypted_t *val = trunnel_calloc(1, sizeof(trn_cell_introduce_encrypted_t));
   if (NULL == val)
     return NULL;
-  val->onion_key_type = 1;
+  val->onion_key_type = TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR;
   return val;
 }
 
@@ -837,7 +827,7 @@ trn_cell_introduce_encrypted_get_onion_key_type(const trn_cell_introduce_encrypt
 int
 trn_cell_introduce_encrypted_set_onion_key_type(trn_cell_introduce_encrypted_t *inp, uint8_t val)
 {
-  if (! ((val == 1))) {
+  if (! ((val == TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR))) {
      TRUNNEL_SET_ERROR_CODE(inp);
      return -1;
   }
@@ -1079,7 +1069,7 @@ trn_cell_introduce_encrypted_check(const trn_cell_introduce_encrypted_t *obj)
     if (NULL != (msg = trn_cell_extension_check(obj->extensions)))
       return msg;
   }
-  if (! (obj->onion_key_type == 1))
+  if (! (obj->onion_key_type == TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR))
     return "Integer out of bounds";
   if (TRUNNEL_DYNARRAY_LEN(&obj->onion_key) != obj->onion_key_len)
     return "Length mismatch for onion_key";
@@ -1112,7 +1102,7 @@ trn_cell_introduce_encrypted_encoded_len(const trn_cell_introduce_encrypted_t *o
   /* Length of struct trn_cell_extension extensions */
   result += trn_cell_extension_encoded_len(obj->extensions);
 
-  /* Length of u8 onion_key_type IN [1] */
+  /* Length of u8 onion_key_type IN [TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR] */
   result += 1;
 
   /* Length of u16 onion_key_len */
@@ -1176,7 +1166,7 @@ trn_cell_introduce_encrypted_encode(uint8_t *output, const size_t avail, const t
     goto fail; /* XXXXXXX !*/
   written += result; ptr += result;
 
-  /* Encode u8 onion_key_type IN [1] */
+  /* Encode u8 onion_key_type IN [TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR] */
   trunnel_assert(written <= avail);
   if (avail - written < 1)
     goto truncated;
@@ -1280,11 +1270,11 @@ trn_cell_introduce_encrypted_parse_into(trn_cell_introduce_encrypted_t *obj, con
   trunnel_assert((size_t)result <= remaining);
   remaining -= result; ptr += result;
 
-  /* Parse u8 onion_key_type IN [1] */
+  /* Parse u8 onion_key_type IN [TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR] */
   CHECK_REMAINING(1, truncated);
   obj->onion_key_type = (trunnel_get_uint8(ptr));
   remaining -= 1; ptr += 1;
-  if (! (obj->onion_key_type == 1))
+  if (! (obj->onion_key_type == TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR))
     goto fail;
 
   /* Parse u16 onion_key_len */
diff --git a/src/trunnel/hs/cell_introduce1.h b/src/trunnel/hs/cell_introduce1.h
index fa218adc6d..986a531ca7 100644
--- a/src/trunnel/hs/cell_introduce1.h
+++ b/src/trunnel/hs/cell_introduce1.h
@@ -12,6 +12,13 @@ struct trn_cell_extension_st;
 struct link_specifier_st;
 #define TRUNNEL_SHA1_LEN 20
 #define TRUNNEL_REND_COOKIE_LEN 20
+#define TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS 0
+#define TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID 1
+#define TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT 2
+#define TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY0 0
+#define TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY1 1
+#define TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_ED25519 2
+#define TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR 1
 #if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_INTRODUCE1)
 struct trn_cell_introduce1_st {
   uint8_t legacy_key_id[TRUNNEL_SHA1_LEN];
diff --git a/src/trunnel/hs/cell_introduce1.trunnel b/src/trunnel/hs/cell_introduce1.trunnel
index 574382b163..5911c695a2 100644
--- a/src/trunnel/hs/cell_introduce1.trunnel
+++ b/src/trunnel/hs/cell_introduce1.trunnel
@@ -12,13 +12,28 @@ extern struct link_specifier;
 const TRUNNEL_SHA1_LEN = 20;
 const TRUNNEL_REND_COOKIE_LEN = 20;
 
+/* Introduce ACK status code. */
+const TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS    = 0x0000;
+const TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID = 0x0001;
+const TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT = 0x0002;
+
+/* Authentication key type. */
+const TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY0 = 0x00;
+const TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY1 = 0x01;
+const TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_ED25519 = 0x02;
+
+/* Onion key type. */
+const TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR = 0x01;
+
 /* INTRODUCE1 payload. See details in section 3.2.1. */
 struct trn_cell_introduce1 {
   /* Always zeroed. MUST be checked explicitly by the caller. */
   u8 legacy_key_id[TRUNNEL_SHA1_LEN];
 
   /* Authentication key material. */
-  u8 auth_key_type IN [0x00, 0x01, 0x02];
+  u8 auth_key_type IN [TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY0,
+                       TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY1,
+                       TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_ED25519];
   u16 auth_key_len;
   u8 auth_key[auth_key_len];
 
@@ -32,7 +47,7 @@ struct trn_cell_introduce1 {
 /* INTRODUCE_ACK payload. See details in section 3.2.2. */
 struct trn_cell_introduce_ack {
   /* Status of introduction. */
-  u16 status IN [0x0000, 0x0001, 0x0002];
+  u16 status;
 
   /* Extension(s). Reserved fields. */
   struct trn_cell_extension extensions;
@@ -47,7 +62,7 @@ struct trn_cell_introduce_encrypted {
   struct trn_cell_extension extensions;
 
   /* Onion key material. */
-  u8 onion_key_type IN [0x01];
+  u8 onion_key_type IN [TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR];
   u16 onion_key_len;
   u8 onion_key[onion_key_len];
author	Nick Mathewson <nickm@torproject.org>	2019-06-05 16:13:53 -0400
committer	Nick Mathewson <nickm@torproject.org>	2019-06-05 16:13:53 -0400
commit	2300a619a548ed529551c731dd706fea0b2a0a20 (patch)
tree	d5694d522b70479e2f79f07bf6db05d445e2f37c /src/trunnel
parent	851e881f01355b0290e79100c09dbedd425f8946 (diff)
parent	245dccb77d79dc432bb7aab21ce2c893da4b602a (diff)
download	tor-2300a619a548ed529551c731dd706fea0b2a0a20.tar.gz tor-2300a619a548ed529551c731dd706fea0b2a0a20.zip