summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorGeorge Kadianakis <desnacked@riseup.net>2018-09-07 18:06:44 +0300
committerDavid Goulet <dgoulet@torproject.org>2018-09-07 14:05:07 -0400
commit3695ef6343fa1c05cd15a3ddf35c3fe6991ff2ad (patch)
treea218492f0a884d39e3a3b2d36dff0663424b174a /src
parent6583d1e7091ba368b66c6f3038df223d3b7652cb (diff)
downloadtor-3695ef6343fa1c05cd15a3ddf35c3fe6991ff2ad.tar.gz
tor-3695ef6343fa1c05cd15a3ddf35c3fe6991ff2ad.zip
HSv3: Don't assert when reading bad client-side privkeys.
Diffstat (limited to 'src')
-rw-r--r--src/feature/hs/hs_client.c6
-rw-r--r--src/test/test_hs_client.c4
2 files changed, 9 insertions, 1 deletions
diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index af657c7c9c..6f031eb3b9 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -1500,6 +1500,12 @@ parse_auth_file_content(const char *client_key_str)
goto err;
}
+ if (strlen(seckey_b32) != BASE32_NOPAD_LEN(CURVE25519_PUBKEY_LEN)) {
+ log_warn(LD_REND, "Client authorization encoded base32 private key "
+ "length is invalid: %s", seckey_b32);
+ goto err;
+ }
+
auth = tor_malloc_zero(sizeof(hs_client_service_authorization_t));
if (base32_decode((char *) auth->enc_seckey.secret_key,
sizeof(auth->enc_seckey.secret_key),
diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c
index eacbd328e5..03d14924b6 100644
--- a/src/test/test_hs_client.c
+++ b/src/test/test_hs_client.c
@@ -660,7 +660,9 @@ test_parse_auth_file_content(void *arg)
"x:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq"));
/* Some malformed string. */
tt_assert(!parse_auth_file_content("xx:descriptor:x25519:aa=="));
-
+ /* Bigger key than it should be */
+ tt_assert(!parse_auth_file_content("xx:descriptor:x25519:"
+ "vjqea4jbhwwc4hto7ekyvqfbeodghbaq6nxi45hz4wr3qvhqv3yqa"));
done:
tor_free(auth);
}