summaryrefslogtreecommitdiff
path: root/src/feature/hs
diff options
context:
space:
mode:
Diffstat (limited to 'src/feature/hs')
-rw-r--r--src/feature/hs/hs_client.c7
-rw-r--r--src/feature/hs/hs_client.h2
-rw-r--r--src/feature/hs/hs_descriptor.c8
3 files changed, 14 insertions, 3 deletions
diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index f7294447b2..4140dee8d2 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -2248,6 +2248,13 @@ parse_auth_file_content(const char *client_key_str)
"can't be decoded: %s", seckey_b32);
goto err;
}
+
+ if (fast_mem_is_zero((const char*)auth->enc_seckey.secret_key,
+ sizeof(auth->enc_seckey.secret_key))) {
+ log_warn(LD_REND, "Client authorization private key can't be all-zeroes");
+ goto err;
+ }
+
strncpy(auth->onion_address, onion_address, HS_SERVICE_ADDR_LEN_BASE32);
/* We are reading this from the disk, so set the permanent flag anyway. */
diff --git a/src/feature/hs/hs_client.h b/src/feature/hs/hs_client.h
index 685b10f955..a11caa309f 100644
--- a/src/feature/hs/hs_client.h
+++ b/src/feature/hs/hs_client.h
@@ -45,7 +45,7 @@ typedef enum {
REGISTER_SUCCESS_AND_DECRYPTED,
/* We failed to register these credentials, because of a bad HS address. */
REGISTER_FAIL_BAD_ADDRESS,
- /* We failed to register these credentials, because of a bad HS address. */
+ /* We failed to store these credentials in a persistent file on disk. */
REGISTER_FAIL_PERMANENT_STORAGE,
} hs_client_register_auth_status_t;
diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index a39a4a09c9..50a46fb40f 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -1429,11 +1429,15 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
tor_assert(!fast_mem_is_zero(
(char *) &desc->superencrypted_data.auth_ephemeral_pubkey,
sizeof(desc->superencrypted_data.auth_ephemeral_pubkey)));
- tor_assert(!fast_mem_is_zero((char *) client_auth_sk,
- sizeof(*client_auth_sk)));
tor_assert(!fast_mem_is_zero((char *) desc->subcredential.subcred,
DIGEST256_LEN));
+ /* Catch potential code-flow cases of an unitialized private key sneaking
+ * into this function. */
+ if (BUG(fast_mem_is_zero((char *)client_auth_sk, sizeof(*client_auth_sk)))) {
+ goto done;
+ }
+
/* Get the KEYS component to derive the CLIENT-ID and COOKIE-KEY. */
keystream_length =
build_descriptor_cookie_keys(&desc->subcredential,