diff options
Diffstat (limited to 'src')
54 files changed, 2877 insertions, 1330 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index a5eb7b5c9a..a68510103e 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -467,7 +467,7 @@ crypto_new_pk_from_rsa_(RSA *rsa) return env; } -/** Helper, used by tor-checkkey.c and tor-gencert.c. Return the RSA from a +/** Helper, used by tor-gencert.c. Return the RSA from a * crypto_pk_t. */ RSA * crypto_pk_get_rsa_(crypto_pk_t *env) @@ -3459,3 +3459,15 @@ crypto_global_cleanup(void) /** @} */ +#ifdef USE_DMALLOC +/** Tell the crypto library to use Tor's allocation functions rather than + * calling libc's allocation functions directly. Return 0 on success, -1 + * on failure. */ +int +crypto_use_tor_alloc_functions(void) +{ + int r = CRYPTO_set_mem_ex_functions(tor_malloc_, tor_realloc_, tor_free_); + return r ? 0 : -1; +} +#endif + diff --git a/src/common/crypto.h b/src/common/crypto.h index 62c78b5d77..c70d91c262 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -131,6 +131,10 @@ int crypto_early_init(void) ATTR_WUR; int crypto_global_init(int hardwareAccel, const char *accelName, const char *accelPath) ATTR_WUR; +#ifdef USE_DMALLOC +int crypto_use_tor_alloc_functions(void); +#endif + void crypto_thread_cleanup(void); int crypto_global_cleanup(void); diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c index f97b289169..188e18c710 100644 --- a/src/common/crypto_ed25519.c +++ b/src/common/crypto_ed25519.c @@ -32,8 +32,6 @@ #include "ed25519/ref10/ed25519_ref10.h" #include "ed25519/donna/ed25519_donna_tor.h" -#include <openssl/sha.h> - static void pick_ed25519_impl(void); /** An Ed25519 implementation, as a set of function pointers. */ @@ -442,14 +440,16 @@ ed25519_keypair_from_curve25519_keypair(ed25519_keypair_t *out, { const char string[] = "Derive high part of ed25519 key from curve25519 key"; ed25519_public_key_t pubkey_check; - SHA512_CTX ctx; - uint8_t sha512_output[64]; + crypto_digest_t *ctx; + uint8_t sha512_output[DIGEST512_LEN]; memcpy(out->seckey.seckey, inp->seckey.secret_key, 32); - SHA512_Init(&ctx); - SHA512_Update(&ctx, out->seckey.seckey, 32); - SHA512_Update(&ctx, string, sizeof(string)); - SHA512_Final(sha512_output, &ctx); + + ctx = crypto_digest512_new(DIGEST_SHA512); + crypto_digest_add_bytes(ctx, (const char*)out->seckey.seckey, 32); + crypto_digest_add_bytes(ctx, (const char*)string, sizeof(string)); + crypto_digest_get_digest(ctx, (char *)sha512_output, sizeof(sha512_output)); + crypto_digest_free(ctx); memcpy(out->seckey.seckey + 32, sha512_output, 32); ed25519_public_key_generate(&out->pubkey, &out->seckey); diff --git a/src/common/tortls.c b/src/common/tortls.c index 3034fbcd57..fadf52fa0a 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -17,6 +17,7 @@ #include "orconfig.h" #define TORTLS_PRIVATE +#define TORTLS_OPENSSL_PRIVATE #include <assert.h> #ifdef _WIN32 /*wrkard for dtls1.h >= 0.9.8m of "#include <winsock.h>"*/ @@ -2263,6 +2264,24 @@ check_cert_lifetime_internal(int severity, const X509 *cert, return 0; } +#ifdef TOR_UNIT_TESTS +/* Testing only: return a new x509 cert with the same contents as <b>inp</b>, + but with the expiration time <b>new_expiration_time</b>, signed with + <b>signing_key</b>. */ +STATIC tor_x509_cert_t * +tor_x509_cert_replace_expiration(const tor_x509_cert_t *inp, + time_t new_expiration_time, + crypto_pk_t *signing_key) +{ + X509 *newc = X509_dup(inp->cert); + X509_time_adj(X509_get_notAfter(newc), 0, &new_expiration_time); + EVP_PKEY *pk = crypto_pk_get_evp_pkey_(signing_key, 1); + tor_assert(X509_sign(newc, pk, EVP_sha256())); + EVP_PKEY_free(pk); + return tor_x509_cert_new(newc); +} +#endif + /** Return the number of bytes available for reading from <b>tls</b>. */ int diff --git a/src/common/tortls.h b/src/common/tortls.h index dcb82fcb23..fd0186cf90 100644 --- a/src/common/tortls.h +++ b/src/common/tortls.h @@ -63,12 +63,17 @@ typedef enum { } tor_tls_state_t; #define tor_tls_state_bitfield_t ENUM_BF(tor_tls_state_t) +struct x509_st; +struct ssl_st; +struct ssl_ctx_st; +struct ssl_session_st; + /** Holds a SSL_CTX object and related state used to configure TLS * connections. */ typedef struct tor_tls_context_t { int refcnt; - SSL_CTX *ctx; + struct ssl_ctx_st *ctx; tor_x509_cert_t *my_link_cert; tor_x509_cert_t *my_id_cert; tor_x509_cert_t *my_auth_cert; @@ -78,7 +83,7 @@ typedef struct tor_tls_context_t { /** Structure that we use for a single certificate. */ struct tor_x509_cert_t { - X509 *cert; + struct x509_st *cert; uint8_t *encoded; size_t encoded_len; unsigned pkey_digests_set : 1; @@ -92,7 +97,7 @@ struct tor_x509_cert_t { struct tor_tls_t { uint32_t magic; tor_tls_context_t *context; /** A link to the context object for this tls. */ - SSL *ssl; /**< An OpenSSL SSL object. */ + struct ssl_st *ssl; /**< An OpenSSL SSL object. */ int socket; /**< The underlying file descriptor for this TLS connection. */ char *address; /**< An address to log when describing this connection. */ tor_tls_state_bitfield_t state : 3; /**< The current SSL state, @@ -128,35 +133,45 @@ struct tor_tls_t { STATIC int tor_errno_to_tls_error(int e); STATIC int tor_tls_get_error(tor_tls_t *tls, int r, int extra, const char *doing, int severity, int domain); -STATIC tor_tls_t *tor_tls_get_by_ssl(const SSL *ssl); +STATIC tor_tls_t *tor_tls_get_by_ssl(const struct ssl_st *ssl); STATIC void tor_tls_allocate_tor_tls_object_ex_data_index(void); +#ifdef TORTLS_OPENSSL_PRIVATE STATIC int always_accept_verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx); -STATIC int tor_tls_classify_client_ciphers(const SSL *ssl, +STATIC int tor_tls_classify_client_ciphers(const struct ssl_st *ssl, STACK_OF(SSL_CIPHER) *peer_ciphers); -STATIC int tor_tls_client_is_using_v2_ciphers(const SSL *ssl); +#endif +STATIC int tor_tls_client_is_using_v2_ciphers(const struct ssl_st *ssl); MOCK_DECL(STATIC void, try_to_extract_certs_from_tls, - (int severity, tor_tls_t *tls, X509 **cert_out, X509 **id_cert_out)); + (int severity, tor_tls_t *tls, struct x509_st **cert_out, + struct x509_st **id_cert_out)); #ifndef HAVE_SSL_SESSION_GET_MASTER_KEY -STATIC size_t SSL_SESSION_get_master_key(SSL_SESSION *s, uint8_t *out, +STATIC size_t SSL_SESSION_get_master_key(struct ssl_session_st *s, + uint8_t *out, size_t len); #endif -STATIC void tor_tls_debug_state_callback(const SSL *ssl, int type, int val); -STATIC void tor_tls_server_info_callback(const SSL *ssl, int type, int val); -STATIC int tor_tls_session_secret_cb(SSL *ssl, void *secret, +STATIC void tor_tls_debug_state_callback(const struct ssl_st *ssl, + int type, int val); +STATIC void tor_tls_server_info_callback(const struct ssl_st *ssl, + int type, int val); +#ifdef TORTLS_OPENSSL_PRIVATE +STATIC int tor_tls_session_secret_cb(struct ssl_st *ssl, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, CONST_IF_OPENSSL_1_1_API SSL_CIPHER **cipher, void *arg); STATIC int find_cipher_by_id(const SSL *ssl, const SSL_METHOD *m, uint16_t cipher); -MOCK_DECL(STATIC X509*, tor_tls_create_certificate,(crypto_pk_t *rsa, +#endif +MOCK_DECL(STATIC struct x509_st *, tor_tls_create_certificate, + (crypto_pk_t *rsa, crypto_pk_t *rsa_sign, const char *cname, const char *cname_sign, unsigned int cert_lifetime)); STATIC tor_tls_context_t *tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, unsigned flags, int is_client); -MOCK_DECL(STATIC tor_x509_cert_t *, tor_x509_cert_new,(X509 *x509_cert)); +MOCK_DECL(STATIC tor_x509_cert_t *, tor_x509_cert_new, + (struct x509_st *x509_cert)); STATIC int tor_tls_context_init_one(tor_tls_context_t **ppcontext, crypto_pk_t *identity, unsigned int key_lifetime, @@ -172,6 +187,11 @@ extern tor_tls_context_t *client_tls_context; extern uint16_t v2_cipher_list[]; extern uint64_t total_bytes_written_over_tls; extern uint64_t total_bytes_written_by_tls; + +STATIC tor_x509_cert_t *tor_x509_cert_replace_expiration( + const tor_x509_cert_t *inp, + time_t new_expiration_time, + crypto_pk_t *signing_key); #endif #endif /* endif TORTLS_PRIVATE */ diff --git a/src/common/util.h b/src/common/util.h index cfe47f07f2..18eb57f1bc 100644 --- a/src/common/util.h +++ b/src/common/util.h @@ -163,9 +163,9 @@ int64_t clamp_double_to_int64(double number); void simplify_fraction64(uint64_t *numer, uint64_t *denom); /* Compute the CEIL of <b>a</b> divided by <b>b</b>, for nonnegative <b>a</b> - * and positive <b>b</b>. Works on integer types only. Not defined if a+b can - * overflow. */ -#define CEIL_DIV(a,b) (((a)+(b)-1)/(b)) + * and positive <b>b</b>. Works on integer types only. Not defined if a+(b-1) + * can overflow. */ +#define CEIL_DIV(a,b) (((a)+((b)-1))/(b)) /* Return <b>v</b> if it's between <b>min</b> and <b>max</b>. Otherwise * return <b>min</b> if <b>v</b> is smaller than <b>min</b>, or <b>max</b> if diff --git a/src/common/util_format.c b/src/common/util_format.c index 51b299b1ba..1f7b8b03aa 100644 --- a/src/common/util_format.c +++ b/src/common/util_format.c @@ -22,13 +22,16 @@ #include <stdlib.h> /* Return the base32 encoded size in bytes using the source length srclen. - * The NUL terminated byte is added as well since every base32 encoding - * requires enough space for it. */ + * + * (WATCH OUT: This API counts the terminating NUL byte, but + * base64_encode_size does not.) + */ size_t base32_encoded_size(size_t srclen) { size_t enclen; - enclen = CEIL_DIV(srclen*8, 5) + 1; + tor_assert(srclen < SIZE_T_CEILING / 8); + enclen = BASE32_NOPAD_BUFSIZE(srclen); tor_assert(enclen < INT_MAX && enclen > srclen); return enclen; } @@ -41,7 +44,6 @@ base32_encode(char *dest, size_t destlen, const char *src, size_t srclen) size_t nbits = srclen * 8; size_t bit; - tor_assert(srclen < SIZE_T_CEILING/8); /* We need enough space for the encoded data and the extra NUL byte. */ tor_assert(base32_encoded_size(srclen) <= destlen); tor_assert(destlen < SIZE_T_CEILING); @@ -51,9 +53,10 @@ base32_encode(char *dest, size_t destlen, const char *src, size_t srclen) for (i=0,bit=0; bit < nbits; ++i, bit+=5) { /* set v to the 16-bit value starting at src[bits/8], 0-padded. */ - v = ((uint8_t)src[bit/8]) << 8; - if (bit+5<nbits) - v += (uint8_t)src[(bit/8)+1]; + size_t idx = bit / 8; + v = ((uint8_t)src[idx]) << 8; + if (idx+1 < srclen) + v += (uint8_t)src[idx+1]; /* set u to the 5-bit value at the bit'th bit of buf. */ u = (v >> (11-(bit%8))) & 0x1F; dest[i] = BASE32_CHARS[u]; @@ -133,6 +136,9 @@ base32_decode(char *dest, size_t destlen, const char *src, size_t srclen) /** Return the Base64 encoded size of <b>srclen</b> bytes of data in * bytes. * + * (WATCH OUT: This API <em>does not</em> count the terminating NUL byte, + * but base32_encoded_size does.) + * * If <b>flags</b>&BASE64_ENCODE_MULTILINE is true, return the size * of the encoded output as multiline output (64 character, `\n' terminated * lines). @@ -141,19 +147,16 @@ size_t base64_encode_size(size_t srclen, int flags) { size_t enclen; + + /* Use INT_MAX for overflow checking because base64_encode() returns int. */ tor_assert(srclen < INT_MAX); + tor_assert(CEIL_DIV(srclen, 3) < INT_MAX / 4); - if (srclen == 0) - return 0; + enclen = BASE64_LEN(srclen); + if (flags & BASE64_ENCODE_MULTILINE) + enclen += CEIL_DIV(enclen, BASE64_OPENSSL_LINELEN); - enclen = ((srclen - 1) / 3) * 4 + 4; - if (flags & BASE64_ENCODE_MULTILINE) { - size_t remainder = enclen % BASE64_OPENSSL_LINELEN; - enclen += enclen / BASE64_OPENSSL_LINELEN; - if (remainder) - enclen++; - } - tor_assert(enclen < INT_MAX && enclen > srclen); + tor_assert(enclen < INT_MAX && (enclen == 0 || enclen > srclen)); return enclen; } @@ -310,39 +313,6 @@ base64_encode_nopad(char *dest, size_t destlen, return (int)(out - dest); } -/** As base64_decode, but do not require any padding on the input */ -int -base64_decode_nopad(uint8_t *dest, size_t destlen, - const char *src, size_t srclen) -{ - if (srclen > SIZE_T_CEILING - 4) - return -1; - char *buf = tor_malloc(srclen + 4); - memcpy(buf, src, srclen+1); - size_t buflen; - switch (srclen % 4) - { - case 0: - default: - buflen = srclen; - break; - case 1: - tor_free(buf); - return -1; - case 2: - memcpy(buf+srclen, "==", 3); - buflen = srclen + 2; - break; - case 3: - memcpy(buf+srclen, "=", 2); - buflen = srclen + 1; - break; - } - int n = base64_decode((char*)dest, destlen, buf, buflen); - tor_free(buf); - return n; -} - #undef BASE64_OPENSSL_LINELEN /** @{ */ @@ -392,15 +362,9 @@ base64_decode(char *dest, size_t destlen, const char *src, size_t srclen) const char *eos = src+srclen; uint32_t n=0; int n_idx=0; - char *dest_orig = dest; + size_t di = 0; - /* Max number of bits == srclen*6. - * Number of bytes required to hold all bits == (srclen*6)/8. - * Yes, we want to round down: anything that hangs over the end of a - * byte is padding. */ - if (!size_mul_check(srclen, 3) || destlen < (srclen*3)/4) - return -1; - if (destlen > SIZE_T_CEILING) + if (destlen > INT_MAX) return -1; /* Make sure we leave no uninitialized data in the destination buffer. */ @@ -428,9 +392,11 @@ base64_decode(char *dest, size_t destlen, const char *src, size_t srclen) n = (n<<6) | v; if ((++n_idx) == 4) { /* We've accumulated 24 bits in n. Flush them. */ - *dest++ = (n>>16); - *dest++ = (n>>8) & 0xff; - *dest++ = (n) & 0xff; + if (destlen < 3 || di > destlen - 3) + return -1; + dest[di++] = (n>>16); + dest[di++] = (n>>8) & 0xff; + dest[di++] = (n) & 0xff; n_idx = 0; n = 0; } @@ -448,18 +414,21 @@ base64_decode(char *dest, size_t destlen, const char *src, size_t srclen) return -1; case 2: /* 12 leftover bits: The last 4 are padding and the first 8 are data. */ - *dest++ = n >> 4; + if (destlen < 1 || di > destlen - 1) + return -1; + dest[di++] = n >> 4; break; case 3: /* 18 leftover bits: The last 2 are padding and the first 16 are data. */ - *dest++ = n >> 10; - *dest++ = n >> 2; + if (destlen < 2 || di > destlen - 2) + return -1; + dest[di++] = n >> 10; + dest[di++] = n >> 2; } - tor_assert((dest-dest_orig) <= (ssize_t)destlen); - tor_assert((dest-dest_orig) <= INT_MAX); + tor_assert(di <= destlen); - return (int)(dest-dest_orig); + return (int)di; } #undef X #undef SP @@ -475,7 +444,8 @@ base16_encode(char *dest, size_t destlen, const char *src, size_t srclen) const char *end; char *cp; - tor_assert(destlen >= srclen*2+1); + tor_assert(srclen < SIZE_T_CEILING / 2 - 1); + tor_assert(destlen >= BASE16_BUFSIZE(srclen)); tor_assert(destlen < SIZE_T_CEILING); /* Make sure we leave no uninitialized data in the destination buffer. */ diff --git a/src/common/util_format.h b/src/common/util_format.h index 5fd82d6d99..adf48c0077 100644 --- a/src/common/util_format.h +++ b/src/common/util_format.h @@ -10,6 +10,26 @@ #include "testsupport.h" #include "torint.h" +/** @{ */ +/** These macros don't check for overflow. Use them only for constant inputs + * (like array declarations). The *_LEN macros are the raw encoding lengths + * (without terminating NUL), while the *_BUFSIZE macros count the terminating + * NUL. */ +#define BASE64_LEN(n) (CEIL_DIV((n), 3) * 4) +#define BASE32_LEN(n) (CEIL_DIV((n), 5) * 8) +#define BASE16_LEN(n) ((n) * 2) + +#define BASE64_BUFSIZE(n) (BASE64_LEN(n) + 1) +#define BASE32_BUFSIZE(n) (BASE32_LEN(n) + 1) +#define BASE16_BUFSIZE(n) (BASE16_LEN(n) + 1) + +#define BASE64_NOPAD_LEN(n) (CEIL_DIV((n) * 4, 3) +#define BASE32_NOPAD_LEN(n) (CEIL_DIV((n) * 8, 5) + +#define BASE64_NOPAD_BUFSIZE(n) (BASE64_NOPAD_LEN(n) + 1)) +#define BASE32_NOPAD_BUFSIZE(n) (BASE32_NOPAD_LEN(n) + 1)) +/** @} */ + #define BASE64_ENCODE_MULTILINE 1 size_t base64_encode_size(size_t srclen, int flags); int base64_encode(char *dest, size_t destlen, const char *src, size_t srclen, @@ -17,8 +37,6 @@ int base64_encode(char *dest, size_t destlen, const char *src, size_t srclen, int base64_decode(char *dest, size_t destlen, const char *src, size_t srclen); int base64_encode_nopad(char *dest, size_t destlen, const uint8_t *src, size_t srclen); -int base64_decode_nopad(uint8_t *dest, size_t destlen, - const char *src, size_t srclen); /** Characters that can appear (case-insensitively) in a base32 encoding. */ #define BASE32_CHARS "abcdefghijklmnopqrstuvwxyz234567" diff --git a/src/ext/ed25519/donna/ed25519-hash-custom.h b/src/ext/ed25519/donna/ed25519-hash-custom.h index 7dc249129d..609451abd5 100644 --- a/src/ext/ed25519/donna/ed25519-hash-custom.h +++ b/src/ext/ed25519/donna/ed25519-hash-custom.h @@ -9,3 +9,34 @@ void ed25519_hash(uint8_t *hash, const uint8_t *in, size_t inlen); */ +#include "crypto.h" + +typedef struct ed25519_hash_context { + crypto_digest_t *ctx; +} ed25519_hash_context; + + +static void +ed25519_hash_init(ed25519_hash_context *ctx) +{ + ctx->ctx = crypto_digest512_new(DIGEST_SHA512); +} +static void +ed25519_hash_update(ed25519_hash_context *ctx, const uint8_t *in, size_t inlen) +{ + crypto_digest_add_bytes(ctx->ctx, (const char *)in, inlen); +} +static void +ed25519_hash_final(ed25519_hash_context *ctx, uint8_t *hash) +{ + crypto_digest_get_digest(ctx->ctx, (char *)hash, DIGEST512_LEN); + crypto_digest_free(ctx->ctx); + ctx->ctx = NULL; +} +static void +ed25519_hash(uint8_t *hash, const uint8_t *in, size_t inlen) +{ + crypto_digest512((char *)hash, (const char *)in, inlen, + DIGEST_SHA512); +} + diff --git a/src/ext/ed25519/ref10/crypto_hash_sha512.h b/src/ext/ed25519/ref10/crypto_hash_sha512.h index 0278571522..5dad935c79 100644 --- a/src/ext/ed25519/ref10/crypto_hash_sha512.h +++ b/src/ext/ed25519/ref10/crypto_hash_sha512.h @@ -1,30 +1,32 @@ /* Added for Tor. */ -#include <openssl/sha.h> +#include "crypto.h" /* Set 'out' to the 512-bit SHA512 hash of the 'len'-byte string in 'inp' */ #define crypto_hash_sha512(out, inp, len) \ - SHA512((inp), (len), (out)) + crypto_digest512((char *)(out), (const char *)(inp), (len), DIGEST_SHA512) /* Set 'out' to the 512-bit SHA512 hash of the 'len1'-byte string in 'inp1', * concatenated with the 'len2'-byte string in 'inp2'. */ #define crypto_hash_sha512_2(out, inp1, len1, inp2, len2) \ do { \ - SHA512_CTX sha_ctx_; \ - SHA512_Init(&sha_ctx_); \ - SHA512_Update(&sha_ctx_, (inp1), (len1)); \ - SHA512_Update(&sha_ctx_, (inp2), (len2)); \ - SHA512_Final((out), &sha_ctx_); \ - } while(0) + crypto_digest_t *sha_ctx_; \ + sha_ctx_ = crypto_digest512_new(DIGEST_SHA512); \ + crypto_digest_add_bytes(sha_ctx_, (const char *)(inp1), (len1)); \ + crypto_digest_add_bytes(sha_ctx_, (const char *)(inp2), (len2)); \ + crypto_digest_get_digest(sha_ctx_, (char *)out, DIGEST512_LEN); \ + crypto_digest_free(sha_ctx_); \ + } while (0) /* Set 'out' to the 512-bit SHA512 hash of the 'len1'-byte string in 'inp1', * concatenated with the 'len2'-byte string in 'inp2', concatenated with * the 'len3'-byte string in 'len3'. */ #define crypto_hash_sha512_3(out, inp1, len1, inp2, len2, inp3, len3) \ do { \ - SHA512_CTX sha_ctx_; \ - SHA512_Init(&sha_ctx_); \ - SHA512_Update(&sha_ctx_, (inp1), (len1)); \ - SHA512_Update(&sha_ctx_, (inp2), (len2)); \ - SHA512_Update(&sha_ctx_, (inp3), (len3)); \ - SHA512_Final((out), &sha_ctx_); \ + crypto_digest_t *sha_ctx_; \ + sha_ctx_ = crypto_digest512_new(DIGEST_SHA512); \ + crypto_digest_add_bytes(sha_ctx_, (const char *)(inp1), (len1)); \ + crypto_digest_add_bytes(sha_ctx_, (const char *)(inp2), (len2)); \ + crypto_digest_add_bytes(sha_ctx_, (const char *)(inp3), (len3)); \ + crypto_digest_get_digest(sha_ctx_, (char *)out, DIGEST512_LEN); \ + crypto_digest_free(sha_ctx_); \ } while(0) diff --git a/src/ext/include.am b/src/ext/include.am index c18e58857e..7ec2e43312 100644 --- a/src/ext/include.am +++ b/src/ext/include.am @@ -101,6 +101,7 @@ noinst_LIBRARIES += $(LIBED25519_REF10) src_ext_ed25519_donna_libed25519_donna_a_CFLAGS=\ @CFLAGS_CONSTTIME@ \ -DED25519_CUSTOMRANDOM \ + -DED25519_CUSTOMHASH \ -DED25519_SUFFIX=_donna src_ext_ed25519_donna_libed25519_donna_a_SOURCES= \ diff --git a/src/ext/trunnel/trunnel.c b/src/ext/trunnel/trunnel.c index e98a2e0b66..6a42417241 100644 --- a/src/ext/trunnel/trunnel.c +++ b/src/ext/trunnel/trunnel.c @@ -31,7 +31,7 @@ # define IS_LITTLE_ENDIAN # endif #else -# if defined(__FreeBSD__) || defined(__NetBSD__) || defined(OpenBSD) +# if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) # include <sys/endian.h> # else # include <endian.h> diff --git a/src/or/config.c b/src/or/config.c index 7ae40053ee..809ff499fc 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -3510,6 +3510,20 @@ options_validate(or_options_t *old_options, or_options_t *options, return -1; } + /* Inform the hidden service operator that pinning EntryNodes can possibly + * be harmful for the service anonymity. */ + if (options->EntryNodes && + routerset_is_list(options->EntryNodes) && + (options->RendConfigLines != NULL)) { + log_warn(LD_CONFIG, + "EntryNodes is set with multiple entries and at least one " + "hidden service is configured. Pinning entry nodes can possibly " + "be harmful to the service anonymity. Because of this, we " + "recommend you either don't do that or make sure you know what " + "you are doing. For more details, please look at " + "https://trac.torproject.org/projects/tor/ticket/21155."); + } + /* Single Onion Services: non-anonymous hidden services */ if (rend_service_non_anonymous_mode_enabled(options)) { log_warn(LD_CONFIG, diff --git a/src/or/hs_intropoint.c b/src/or/hs_intropoint.c index 6a63fd6e72..b3c76db0b0 100644 --- a/src/or/hs_intropoint.c +++ b/src/or/hs_intropoint.c @@ -43,16 +43,16 @@ get_auth_key_from_cell(ed25519_public_key_t *auth_key_out, switch (cell_type) { case RELAY_COMMAND_ESTABLISH_INTRO: { - const hs_cell_establish_intro_t *c_cell = cell; - key_array = hs_cell_establish_intro_getconstarray_auth_key(c_cell); - auth_key_len = hs_cell_establish_intro_getlen_auth_key(c_cell); + const trn_cell_establish_intro_t *c_cell = cell; + key_array = trn_cell_establish_intro_getconstarray_auth_key(c_cell); + auth_key_len = trn_cell_establish_intro_getlen_auth_key(c_cell); break; } case RELAY_COMMAND_INTRODUCE1: { - const hs_cell_introduce1_t *c_cell = cell; - key_array = hs_cell_introduce1_getconstarray_auth_key(cell); - auth_key_len = hs_cell_introduce1_getlen_auth_key(c_cell); + const trn_cell_introduce1_t *c_cell = cell; + key_array = trn_cell_introduce1_getconstarray_auth_key(cell); + auth_key_len = trn_cell_introduce1_getlen_auth_key(c_cell); break; } default: @@ -68,7 +68,7 @@ get_auth_key_from_cell(ed25519_public_key_t *auth_key_out, /** We received an ESTABLISH_INTRO <b>cell</b>. Verify its signature and MAC, * given <b>circuit_key_material</b>. Return 0 on success else -1 on error. */ STATIC int -verify_establish_intro_cell(const hs_cell_establish_intro_t *cell, +verify_establish_intro_cell(const trn_cell_establish_intro_t *cell, const uint8_t *circuit_key_material, size_t circuit_key_material_len) { @@ -82,8 +82,8 @@ verify_establish_intro_cell(const hs_cell_establish_intro_t *cell, /* Make sure the auth key length is of the right size for this type. For * EXTRA safety, we check both the size of the array and the length which * must be the same. Safety first!*/ - if (hs_cell_establish_intro_getlen_auth_key(cell) != ED25519_PUBKEY_LEN || - hs_cell_establish_intro_get_auth_key_len(cell) != ED25519_PUBKEY_LEN) { + if (trn_cell_establish_intro_getlen_auth_key(cell) != ED25519_PUBKEY_LEN || + trn_cell_establish_intro_get_auth_key_len(cell) != ED25519_PUBKEY_LEN) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "ESTABLISH_INTRO auth key length is invalid"); return -1; @@ -94,13 +94,14 @@ verify_establish_intro_cell(const hs_cell_establish_intro_t *cell, /* Verify the sig */ { ed25519_signature_t sig_struct; - const uint8_t *sig_array = hs_cell_establish_intro_getconstarray_sig(cell); + const uint8_t *sig_array = + trn_cell_establish_intro_getconstarray_sig(cell); /* Make sure the signature length is of the right size. For EXTRA safety, * we check both the size of the array and the length which must be the * same. Safety first!*/ - if (hs_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig) || - hs_cell_establish_intro_get_sig_len(cell) != sizeof(sig_struct.sig)) { + if (trn_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig) || + trn_cell_establish_intro_get_sig_len(cell) != sizeof(sig_struct.sig)) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "ESTABLISH_INTRO sig len is invalid"); return -1; @@ -147,21 +148,21 @@ hs_intro_send_intro_established_cell,(or_circuit_t *circ)) int ret; uint8_t *encoded_cell = NULL; ssize_t encoded_len, result_len; - hs_cell_intro_established_t *cell; - cell_extension_t *ext; + trn_cell_intro_established_t *cell; + trn_cell_extension_t *ext; tor_assert(circ); /* Build the cell payload. */ - cell = hs_cell_intro_established_new(); - ext = cell_extension_new(); - cell_extension_set_num(ext, 0); - hs_cell_intro_established_set_extensions(cell, ext); + cell = trn_cell_intro_established_new(); + ext = trn_cell_extension_new(); + trn_cell_extension_set_num(ext, 0); + trn_cell_intro_established_set_extensions(cell, ext); /* Encode the cell to binary format. */ - encoded_len = hs_cell_intro_established_encoded_len(cell); + encoded_len = trn_cell_intro_established_encoded_len(cell); tor_assert(encoded_len > 0); encoded_cell = tor_malloc_zero(encoded_len); - result_len = hs_cell_intro_established_encode(encoded_cell, encoded_len, + result_len = trn_cell_intro_established_encode(encoded_cell, encoded_len, cell); tor_assert(encoded_len == result_len); @@ -170,7 +171,7 @@ hs_intro_send_intro_established_cell,(or_circuit_t *circ)) (char *) encoded_cell, encoded_len, NULL); /* On failure, the above function will close the circuit. */ - hs_cell_intro_established_free(cell); + trn_cell_intro_established_free(cell); tor_free(encoded_cell); return ret; } @@ -180,7 +181,7 @@ hs_intro_send_intro_established_cell,(or_circuit_t *circ)) * establish an intro point. */ static int handle_verified_establish_intro_cell(or_circuit_t *circ, - const hs_cell_establish_intro_t *parsed_cell) + const trn_cell_establish_intro_t *parsed_cell) { /* Get the auth key of this intro point */ ed25519_public_key_t auth_key; @@ -210,7 +211,7 @@ handle_establish_intro(or_circuit_t *circ, const uint8_t *request, size_t request_len) { int cell_ok, retval = -1; - hs_cell_establish_intro_t *parsed_cell = NULL; + trn_cell_establish_intro_t *parsed_cell = NULL; tor_assert(circ); tor_assert(request); @@ -224,7 +225,7 @@ handle_establish_intro(or_circuit_t *circ, const uint8_t *request, } /* Parse the cell */ - ssize_t parsing_result = hs_cell_establish_intro_parse(&parsed_cell, + ssize_t parsing_result = trn_cell_establish_intro_parse(&parsed_cell, request, request_len); if (parsing_result < 0) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, @@ -259,7 +260,7 @@ handle_establish_intro(or_circuit_t *circ, const uint8_t *request, circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL); done: - hs_cell_establish_intro_free(parsed_cell); + trn_cell_establish_intro_free(parsed_cell); return retval; } @@ -339,28 +340,28 @@ send_introduce_ack_cell(or_circuit_t *circ, hs_intro_ack_status_t status) int ret = -1; uint8_t *encoded_cell = NULL; ssize_t encoded_len, result_len; - hs_cell_introduce_ack_t *cell; - cell_extension_t *ext; + trn_cell_introduce_ack_t *cell; + trn_cell_extension_t *ext; tor_assert(circ); /* Setup the INTRODUCE_ACK cell. We have no extensions so the N_EXTENSIONS * field is set to 0 by default with a new object. */ - cell = hs_cell_introduce_ack_new(); - ret = hs_cell_introduce_ack_set_status(cell, status); + cell = trn_cell_introduce_ack_new(); + ret = trn_cell_introduce_ack_set_status(cell, status); /* We have no cell extensions in an INTRODUCE_ACK cell. */ - ext = cell_extension_new(); - cell_extension_set_num(ext, 0); - hs_cell_introduce_ack_set_extensions(cell, ext); + ext = trn_cell_extension_new(); + trn_cell_extension_set_num(ext, 0); + trn_cell_introduce_ack_set_extensions(cell, ext); /* A wrong status is a very bad code flow error as this value is controlled * by the code in this file and not an external input. This means we use a * code that is not known by the trunnel ABI. */ tor_assert(ret == 0); /* Encode the payload. We should never fail to get the encoded length. */ - encoded_len = hs_cell_introduce_ack_encoded_len(cell); + encoded_len = trn_cell_introduce_ack_encoded_len(cell); tor_assert(encoded_len > 0); encoded_cell = tor_malloc_zero(encoded_len); - result_len = hs_cell_introduce_ack_encode(encoded_cell, encoded_len, cell); + result_len = trn_cell_introduce_ack_encode(encoded_cell, encoded_len, cell); tor_assert(encoded_len == result_len); ret = relay_send_command_from_edge(CONTROL_CELL_ID, TO_CIRCUIT(circ), @@ -368,7 +369,7 @@ send_introduce_ack_cell(or_circuit_t *circ, hs_intro_ack_status_t status) (char *) encoded_cell, encoded_len, NULL); /* On failure, the above function will close the circuit. */ - hs_cell_introduce_ack_free(cell); + trn_cell_introduce_ack_free(cell); tor_free(encoded_cell); return ret; } @@ -376,7 +377,7 @@ send_introduce_ack_cell(or_circuit_t *circ, hs_intro_ack_status_t status) /* Validate a parsed INTRODUCE1 <b>cell</b>. Return 0 if valid or else a * negative value for an invalid cell that should be NACKed. */ STATIC int -validate_introduce1_parsed_cell(const hs_cell_introduce1_t *cell) +validate_introduce1_parsed_cell(const trn_cell_introduce1_t *cell) { size_t legacy_key_id_len; const uint8_t *legacy_key_id; @@ -385,29 +386,29 @@ validate_introduce1_parsed_cell(const hs_cell_introduce1_t *cell) /* This code path SHOULD NEVER be reached if the cell is a legacy type so * safety net here. The legacy ID must be zeroes in this case. */ - legacy_key_id_len = hs_cell_introduce1_getlen_legacy_key_id(cell); - legacy_key_id = hs_cell_introduce1_getconstarray_legacy_key_id(cell); + legacy_key_id_len = trn_cell_introduce1_getlen_legacy_key_id(cell); + legacy_key_id = trn_cell_introduce1_getconstarray_legacy_key_id(cell); if (BUG(!tor_mem_is_zero((char *) legacy_key_id, legacy_key_id_len))) { goto invalid; } /* The auth key of an INTRODUCE1 should be of type ed25519 thus leading to a * known fixed length as well. */ - if (hs_cell_introduce1_get_auth_key_type(cell) != + if (trn_cell_introduce1_get_auth_key_type(cell) != HS_INTRO_AUTH_KEY_TYPE_ED25519) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Rejecting invalid INTRODUCE1 cell auth key type. " "Responding with NACK."); goto invalid; } - if (hs_cell_introduce1_get_auth_key_len(cell) != ED25519_PUBKEY_LEN || - hs_cell_introduce1_getlen_auth_key(cell) != ED25519_PUBKEY_LEN) { + if (trn_cell_introduce1_get_auth_key_len(cell) != ED25519_PUBKEY_LEN || + trn_cell_introduce1_getlen_auth_key(cell) != ED25519_PUBKEY_LEN) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Rejecting invalid INTRODUCE1 cell auth key length. " "Responding with NACK."); goto invalid; } - if (hs_cell_introduce1_getlen_encrypted(cell) == 0) { + if (trn_cell_introduce1_getlen_encrypted(cell) == 0) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Rejecting invalid INTRODUCE1 cell encrypted length. " "Responding with NACK."); @@ -430,7 +431,7 @@ handle_introduce1(or_circuit_t *client_circ, const uint8_t *request, { int ret = -1; or_circuit_t *service_circ; - hs_cell_introduce1_t *parsed_cell; + trn_cell_introduce1_t *parsed_cell; hs_intro_ack_status_t status = HS_INTRO_ACK_STATUS_SUCCESS; tor_assert(client_circ); @@ -439,7 +440,7 @@ handle_introduce1(or_circuit_t *client_circ, const uint8_t *request, /* Parse cell. Note that we can only parse the non encrypted section for * which we'll use the authentication key to find the service introduction * circuit and relay the cell on it. */ - ssize_t cell_size = hs_cell_introduce1_parse(&parsed_cell, request, + ssize_t cell_size = trn_cell_introduce1_parse(&parsed_cell, request, request_len); if (cell_size < 0) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, @@ -505,7 +506,7 @@ handle_introduce1(or_circuit_t *client_circ, const uint8_t *request, circuit_mark_for_close(TO_CIRCUIT(client_circ), END_CIRC_REASON_INTERNAL); } done: - hs_cell_introduce1_free(parsed_cell); + trn_cell_introduce1_free(parsed_cell); return ret; } diff --git a/src/or/hs_intropoint.h b/src/or/hs_intropoint.h index 3a84a48dd8..163ed810e7 100644 --- a/src/or/hs_intropoint.h +++ b/src/or/hs_intropoint.h @@ -41,7 +41,7 @@ int hs_intro_circuit_is_suitable_for_establish_intro(const or_circuit_t *circ); #include "hs/cell_introduce1.h" STATIC int -verify_establish_intro_cell(const hs_cell_establish_intro_t *out, +verify_establish_intro_cell(const trn_cell_establish_intro_t *out, const uint8_t *circuit_key_material, size_t circuit_key_material_len); @@ -52,7 +52,7 @@ get_auth_key_from_cell(ed25519_public_key_t *auth_key_out, STATIC int introduce1_cell_is_legacy(const uint8_t *request); STATIC int handle_introduce1(or_circuit_t *client_circ, const uint8_t *request, size_t request_len); -STATIC int validate_introduce1_parsed_cell(const hs_cell_introduce1_t *cell); +STATIC int validate_introduce1_parsed_cell(const trn_cell_introduce1_t *cell); STATIC int circuit_is_suitable_for_introduce1(const or_circuit_t *circ); #endif /* HS_INTROPOINT_PRIVATE */ diff --git a/src/or/hs_ntor.c b/src/or/hs_ntor.c new file mode 100644 index 0000000000..119899817e --- /dev/null +++ b/src/or/hs_ntor.c @@ -0,0 +1,626 @@ +/* Copyright (c) 2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** \file hs_ntor.c + * \brief Implements the ntor variant used in Tor hidden services. + * + * \details + * This module handles the variant of the ntor handshake that is documented in + * section [NTOR-WITH-EXTRA-DATA] of rend-spec-ng.txt . + * + * The functions in this file provide an API that should be used when sending + * or receiving INTRODUCE1/RENDEZVOUS1 cells to generate the various key + * material required to create and handle those cells. + * + * In the case of INTRODUCE1 it provides encryption and MAC keys to + * encode/decode the encrypted blob (see hs_ntor_intro_cell_keys_t). The + * relevant pub functions are hs_ntor_{client,service}_get_introduce1_keys(). + * + * In the case of RENDEZVOUS1 it calculates the MAC required to authenticate + * the cell, and also provides the key seed that is used to derive the crypto + * material for rendezvous encryption (see hs_ntor_rend_cell_keys_t). The + * relevant pub functions are hs_ntor_{client,service}_get_rendezvous1_keys(). + * It also provides a function (hs_ntor_circuit_key_expansion()) that does the + * rendezvous key expansion to setup end-to-end rend circuit keys. + */ + +#include "or.h" +#include "hs_ntor.h" + +/* String constants used by the ntor HS protocol */ +#define PROTOID "tor-hs-ntor-curve25519-sha3-256-1" +#define PROTOID_LEN (sizeof(PROTOID) - 1) +#define SERVER_STR "Server" +#define SERVER_STR_LEN (sizeof(SERVER_STR) - 1) + +/* Protocol-specific tweaks to our crypto inputs */ +#define T_HSENC PROTOID ":hs_key_extract" +#define T_HSENC_LEN (sizeof(T_HSENC) - 1) +#define T_HSVERIFY PROTOID ":hs_verify" +#define T_HSMAC PROTOID ":hs_mac" +#define M_HSEXPAND PROTOID ":hs_key_expand" +#define M_HSEXPAND_LEN (sizeof(M_HSEXPAND) - 1) + +/************************* Helper functions: *******************************/ + +/** Helper macro: copy <b>len</b> bytes from <b>inp</b> to <b>ptr</b> and + *advance <b>ptr</b> by the number of bytes copied. Stolen from onion_ntor.c */ +#define APPEND(ptr, inp, len) \ + STMT_BEGIN { \ + memcpy(ptr, (inp), (len)); \ + ptr += len; \ + } STMT_END + +/* Length of EXP(X,y) | EXP(X,b) | AUTH_KEY | B | X | Y | PROTOID */ +#define REND_SECRET_HS_INPUT_LEN (CURVE25519_OUTPUT_LEN * 2 + \ + ED25519_PUBKEY_LEN + CURVE25519_PUBKEY_LEN * 3 + PROTOID_LEN) +/* Length of auth_input = verify | AUTH_KEY | B | Y | X | PROTOID | "Server" */ +#define REND_AUTH_INPUT_LEN (DIGEST256_LEN + ED25519_PUBKEY_LEN + \ + CURVE25519_PUBKEY_LEN * 3 + PROTOID_LEN + SERVER_STR_LEN) + +/** Helper function: Compute the last part of the HS ntor handshake which + * derives key material necessary to create and handle RENDEZVOUS1 + * cells. Function used by both client and service. The actual calculations is + * as follows: + * + * NTOR_KEY_SEED = MAC(rend_secret_hs_input, t_hsenc) + * verify = MAC(rend_secret_hs_input, t_hsverify) + * auth_input = verify | AUTH_KEY | B | Y | X | PROTOID | "Server" + * auth_input_mac = MAC(auth_input, t_hsmac) + * + * where in the above, AUTH_KEY is <b>intro_auth_pubkey</b>, B is + * <b>intro_enc_pubkey</b>, Y is <b>service_ephemeral_rend_pubkey</b>, and X + * is <b>client_ephemeral_enc_pubkey</b>. The provided + * <b>rend_secret_hs_input</b> is of size REND_SECRET_HS_INPUT_LEN. + * + * The final results of NTOR_KEY_SEED and auth_input_mac are placed in + * <b>hs_ntor_rend_cell_keys_out</b>. Return 0 if everything went fine. */ +static int +get_rendezvous1_key_material(const uint8_t *rend_secret_hs_input, + const ed25519_public_key_t *intro_auth_pubkey, + const curve25519_public_key_t *intro_enc_pubkey, + const curve25519_public_key_t *service_ephemeral_rend_pubkey, + const curve25519_public_key_t *client_ephemeral_enc_pubkey, + hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out) +{ + int bad = 0; + uint8_t ntor_key_seed[DIGEST256_LEN]; + uint8_t ntor_verify[DIGEST256_LEN]; + uint8_t rend_auth_input[REND_AUTH_INPUT_LEN]; + uint8_t rend_cell_auth[DIGEST256_LEN]; + uint8_t *ptr; + + /* Let's build NTOR_KEY_SEED */ + crypto_mac_sha3_256(ntor_key_seed, sizeof(ntor_key_seed), + rend_secret_hs_input, REND_SECRET_HS_INPUT_LEN, + (const uint8_t *)T_HSENC, strlen(T_HSENC)); + bad |= safe_mem_is_zero(ntor_key_seed, DIGEST256_LEN); + + /* Let's build ntor_verify */ + crypto_mac_sha3_256(ntor_verify, sizeof(ntor_verify), + rend_secret_hs_input, REND_SECRET_HS_INPUT_LEN, + (const uint8_t *)T_HSVERIFY, strlen(T_HSVERIFY)); + bad |= safe_mem_is_zero(ntor_verify, DIGEST256_LEN); + + /* Let's build auth_input: */ + ptr = rend_auth_input; + /* Append ntor_verify */ + APPEND(ptr, ntor_verify, sizeof(ntor_verify)); + /* Append AUTH_KEY */ + APPEND(ptr, intro_auth_pubkey->pubkey, ED25519_PUBKEY_LEN); + /* Append B */ + APPEND(ptr, intro_enc_pubkey->public_key, CURVE25519_PUBKEY_LEN); + /* Append Y */ + APPEND(ptr, + service_ephemeral_rend_pubkey->public_key, CURVE25519_PUBKEY_LEN); + /* Append X */ + APPEND(ptr, + client_ephemeral_enc_pubkey->public_key, CURVE25519_PUBKEY_LEN); + /* Append PROTOID */ + APPEND(ptr, PROTOID, strlen(PROTOID)); + /* Append "Server" */ + APPEND(ptr, SERVER_STR, strlen(SERVER_STR)); + tor_assert(ptr == rend_auth_input + sizeof(rend_auth_input)); + + /* Let's build auth_input_mac that goes in RENDEZVOUS1 cell */ + crypto_mac_sha3_256(rend_cell_auth, sizeof(rend_cell_auth), + rend_auth_input, sizeof(rend_auth_input), + (const uint8_t *)T_HSMAC, strlen(T_HSMAC)); + bad |= safe_mem_is_zero(ntor_verify, DIGEST256_LEN); + + { /* Get the computed RENDEZVOUS1 material! */ + memcpy(&hs_ntor_rend_cell_keys_out->rend_cell_auth_mac, + rend_cell_auth, DIGEST256_LEN); + memcpy(&hs_ntor_rend_cell_keys_out->ntor_key_seed, + ntor_key_seed, DIGEST256_LEN); + } + + memwipe(rend_cell_auth, 0, sizeof(rend_cell_auth)); + memwipe(rend_auth_input, 0, sizeof(rend_auth_input)); + memwipe(ntor_key_seed, 0, sizeof(ntor_key_seed)); + + return bad; +} + +/** Length of secret_input = EXP(B,x) | AUTH_KEY | X | B | PROTOID */ +#define INTRO_SECRET_HS_INPUT_LEN (CURVE25519_OUTPUT_LEN +ED25519_PUBKEY_LEN +\ + CURVE25519_PUBKEY_LEN + CURVE25519_PUBKEY_LEN + PROTOID_LEN) +/* Length of info = m_hsexpand | subcredential */ +#define INFO_BLOB_LEN (M_HSEXPAND_LEN + DIGEST256_LEN) +/* Length of KDF input = intro_secret_hs_input | t_hsenc | info */ +#define KDF_INPUT_LEN (INTRO_SECRET_HS_INPUT_LEN + T_HSENC_LEN + INFO_BLOB_LEN) + +/** Helper function: Compute the part of the HS ntor handshake that generates + * key material for creating and handling INTRODUCE1 cells. Function used + * by both client and service. Specifically, calculate the following: + * + * info = m_hsexpand | subcredential + * hs_keys = KDF(intro_secret_hs_input | t_hsenc | info, S_KEY_LEN+MAC_LEN) + * ENC_KEY = hs_keys[0:S_KEY_LEN] + * MAC_KEY = hs_keys[S_KEY_LEN:S_KEY_LEN+MAC_KEY_LEN] + * + * where intro_secret_hs_input is <b>secret_input</b> (of size + * INTRO_SECRET_HS_INPUT_LEN), and <b>subcredential</b> is of size + * DIGEST256_LEN. + * + * If everything went well, fill <b>hs_ntor_intro_cell_keys_out</b> with the + * necessary key material, and return 0. */ +static void +get_introduce1_key_material(const uint8_t *secret_input, + const uint8_t *subcredential, + hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out) +{ + uint8_t keystream[CIPHER256_KEY_LEN + DIGEST256_LEN]; + uint8_t info_blob[INFO_BLOB_LEN]; + uint8_t kdf_input[KDF_INPUT_LEN]; + crypto_xof_t *xof; + uint8_t *ptr; + + /* Let's build info */ + ptr = info_blob; + APPEND(ptr, M_HSEXPAND, strlen(M_HSEXPAND)); + APPEND(ptr, subcredential, DIGEST256_LEN); + tor_assert(ptr == info_blob + sizeof(info_blob)); + + /* Let's build the input to the KDF */ + ptr = kdf_input; + APPEND(ptr, secret_input, INTRO_SECRET_HS_INPUT_LEN); + APPEND(ptr, T_HSENC, strlen(T_HSENC)); + APPEND(ptr, info_blob, sizeof(info_blob)); + tor_assert(ptr == kdf_input + sizeof(kdf_input)); + + /* Now we need to run kdf_input over SHAKE-256 */ + xof = crypto_xof_new(); + crypto_xof_add_bytes(xof, kdf_input, sizeof(kdf_input)); + crypto_xof_squeeze_bytes(xof, keystream, sizeof(keystream)) ; + crypto_xof_free(xof); + + { /* Get the keys */ + memcpy(&hs_ntor_intro_cell_keys_out->enc_key, keystream,CIPHER256_KEY_LEN); + memcpy(&hs_ntor_intro_cell_keys_out->mac_key, + keystream+CIPHER256_KEY_LEN, DIGEST256_LEN); + } + + memwipe(keystream, 0, sizeof(keystream)); + memwipe(kdf_input, 0, sizeof(kdf_input)); +} + +/** Helper function: Calculate the 'intro_secret_hs_input' element used by the + * HS ntor handshake and place it in <b>secret_input_out</b>. This function is + * used by both client and service code. + * + * For the client-side it looks like this: + * + * intro_secret_hs_input = EXP(B,x) | AUTH_KEY | X | B | PROTOID + * + * whereas for the service-side it looks like this: + * + * intro_secret_hs_input = EXP(X,b) | AUTH_KEY | X | B | PROTOID + * + * In this function, <b>dh_result</b> carries the EXP() result (and has size + * CURVE25519_OUTPUT_LEN) <b>intro_auth_pubkey</b> is AUTH_KEY, + * <b>client_ephemeral_enc_pubkey</b> is X, and <b>intro_enc_pubkey</b> is B. + */ +static void +get_intro_secret_hs_input(const uint8_t *dh_result, + const ed25519_public_key_t *intro_auth_pubkey, + const curve25519_public_key_t *client_ephemeral_enc_pubkey, + const curve25519_public_key_t *intro_enc_pubkey, + uint8_t *secret_input_out) +{ + uint8_t *ptr; + + /* Append EXP() */ + ptr = secret_input_out; + APPEND(ptr, dh_result, CURVE25519_OUTPUT_LEN); + /* Append AUTH_KEY */ + APPEND(ptr, intro_auth_pubkey->pubkey, ED25519_PUBKEY_LEN); + /* Append X */ + APPEND(ptr, client_ephemeral_enc_pubkey->public_key, CURVE25519_PUBKEY_LEN); + /* Append B */ + APPEND(ptr, intro_enc_pubkey->public_key, CURVE25519_PUBKEY_LEN); + /* Append PROTOID */ + APPEND(ptr, PROTOID, strlen(PROTOID)); + tor_assert(ptr == secret_input_out + INTRO_SECRET_HS_INPUT_LEN); +} + +/** Calculate the 'rend_secret_hs_input' element used by the HS ntor handshake + * and place it in <b>rend_secret_hs_input_out</b>. This function is used by + * both client and service code. + * + * The computation on the client side is: + * rend_secret_hs_input = EXP(X,y) | EXP(X,b) | AUTH_KEY | B | X | Y | PROTOID + * whereas on the service side it is: + * rend_secret_hs_input = EXP(Y,x) | EXP(B,x) | AUTH_KEY | B | X | Y | PROTOID + * + * where: + * <b>dh_result1</b> and <b>dh_result2</b> carry the two EXP() results (of size + * CURVE25519_OUTPUT_LEN) + * <b>intro_auth_pubkey</b> is AUTH_KEY, + * <b>intro_enc_pubkey</b> is B, + * <b>client_ephemeral_enc_pubkey</b> is X, and + * <b>service_ephemeral_rend_pubkey</b> is Y. + */ +static void +get_rend_secret_hs_input(const uint8_t *dh_result1, const uint8_t *dh_result2, + const ed25519_public_key_t *intro_auth_pubkey, + const curve25519_public_key_t *intro_enc_pubkey, + const curve25519_public_key_t *client_ephemeral_enc_pubkey, + const curve25519_public_key_t *service_ephemeral_rend_pubkey, + uint8_t *rend_secret_hs_input_out) +{ + uint8_t *ptr; + + ptr = rend_secret_hs_input_out; + /* Append the first EXP() */ + APPEND(ptr, dh_result1, CURVE25519_OUTPUT_LEN); + /* Append the other EXP() */ + APPEND(ptr, dh_result2, CURVE25519_OUTPUT_LEN); + /* Append AUTH_KEY */ + APPEND(ptr, intro_auth_pubkey->pubkey, ED25519_PUBKEY_LEN); + /* Append B */ + APPEND(ptr, intro_enc_pubkey->public_key, CURVE25519_PUBKEY_LEN); + /* Append X */ + APPEND(ptr, + client_ephemeral_enc_pubkey->public_key, CURVE25519_PUBKEY_LEN); + /* Append Y */ + APPEND(ptr, + service_ephemeral_rend_pubkey->public_key, CURVE25519_PUBKEY_LEN); + /* Append PROTOID */ + APPEND(ptr, PROTOID, strlen(PROTOID)); + tor_assert(ptr == rend_secret_hs_input_out + REND_SECRET_HS_INPUT_LEN); +} + +/************************* Public functions: *******************************/ + +/* Public function: Do the appropriate ntor calculations and derive the keys + * needed to encrypt and authenticate INTRODUCE1 cells. Return 0 and place the + * final key material in <b>hs_ntor_intro_cell_keys_out</b> if everything went + * well, otherwise return -1; + * + * The relevant calculations are as follows: + * + * intro_secret_hs_input = EXP(B,x) | AUTH_KEY | X | B | PROTOID + * info = m_hsexpand | subcredential + * hs_keys = KDF(intro_secret_hs_input | t_hsenc | info, S_KEY_LEN+MAC_LEN) + * ENC_KEY = hs_keys[0:S_KEY_LEN] + * MAC_KEY = hs_keys[S_KEY_LEN:S_KEY_LEN+MAC_KEY_LEN] + * + * where: + * <b>intro_auth_pubkey</b> is AUTH_KEY (found in HS descriptor), + * <b>intro_enc_pubkey</b> is B (also found in HS descriptor), + * <b>client_ephemeral_enc_keypair</b> is freshly generated keypair (x,X) + * <b>subcredential</b> is the hidden service subcredential (of size + * DIGEST256_LEN). */ +int +hs_ntor_client_get_introduce1_keys( + const ed25519_public_key_t *intro_auth_pubkey, + const curve25519_public_key_t *intro_enc_pubkey, + const curve25519_keypair_t *client_ephemeral_enc_keypair, + const uint8_t *subcredential, + hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out) +{ + int bad = 0; + uint8_t secret_input[INTRO_SECRET_HS_INPUT_LEN]; + uint8_t dh_result[CURVE25519_OUTPUT_LEN]; + + tor_assert(intro_auth_pubkey); + tor_assert(intro_enc_pubkey); + tor_assert(client_ephemeral_enc_keypair); + tor_assert(subcredential); + tor_assert(hs_ntor_intro_cell_keys_out); + + /* Calculate EXP(B,x) */ + curve25519_handshake(dh_result, + &client_ephemeral_enc_keypair->seckey, + intro_enc_pubkey); + bad |= safe_mem_is_zero(dh_result, CURVE25519_OUTPUT_LEN); + + /* Get intro_secret_hs_input */ + get_intro_secret_hs_input(dh_result, intro_auth_pubkey, + &client_ephemeral_enc_keypair->pubkey, + intro_enc_pubkey, secret_input); + bad |= safe_mem_is_zero(secret_input, CURVE25519_OUTPUT_LEN); + + /* Get ENC_KEY and MAC_KEY! */ + get_introduce1_key_material(secret_input, subcredential, + hs_ntor_intro_cell_keys_out); + + /* Cleanup */ + memwipe(secret_input, 0, sizeof(secret_input)); + if (bad) { + memwipe(hs_ntor_intro_cell_keys_out, 0, sizeof(hs_ntor_intro_cell_keys_t)); + } + + return bad ? -1 : 0; +} + +/* Public function: Do the appropriate ntor calculations and derive the keys + * needed to verify RENDEZVOUS1 cells and encrypt further rendezvous + * traffic. Return 0 and place the final key material in + * <b>hs_ntor_rend_cell_keys_out</b> if everything went well, else return -1. + * + * The relevant calculations are as follows: + * + * rend_secret_hs_input = EXP(Y,x) | EXP(B,x) | AUTH_KEY | B | X | Y | PROTOID + * NTOR_KEY_SEED = MAC(rend_secret_hs_input, t_hsenc) + * verify = MAC(rend_secret_hs_input, t_hsverify) + * auth_input = verify | AUTH_KEY | B | Y | X | PROTOID | "Server" + * auth_input_mac = MAC(auth_input, t_hsmac) + * + * where: + * <b>intro_auth_pubkey</b> is AUTH_KEY (found in HS descriptor), + * <b>client_ephemeral_enc_keypair</b> is freshly generated keypair (x,X) + * <b>intro_enc_pubkey</b> is B (also found in HS descriptor), + * <b>service_ephemeral_rend_pubkey</b> is Y (SERVER_PK in RENDEZVOUS1 cell) */ +int +hs_ntor_client_get_rendezvous1_keys( + const ed25519_public_key_t *intro_auth_pubkey, + const curve25519_keypair_t *client_ephemeral_enc_keypair, + const curve25519_public_key_t *intro_enc_pubkey, + const curve25519_public_key_t *service_ephemeral_rend_pubkey, + hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out) +{ + int bad = 0; + uint8_t rend_secret_hs_input[REND_SECRET_HS_INPUT_LEN]; + uint8_t dh_result1[CURVE25519_OUTPUT_LEN]; + uint8_t dh_result2[CURVE25519_OUTPUT_LEN]; + + tor_assert(intro_auth_pubkey); + tor_assert(client_ephemeral_enc_keypair); + tor_assert(intro_enc_pubkey); + tor_assert(service_ephemeral_rend_pubkey); + tor_assert(hs_ntor_rend_cell_keys_out); + + /* Compute EXP(Y, x) */ + curve25519_handshake(dh_result1, + &client_ephemeral_enc_keypair->seckey, + service_ephemeral_rend_pubkey); + bad |= safe_mem_is_zero(dh_result1, CURVE25519_OUTPUT_LEN); + + /* Compute EXP(B, x) */ + curve25519_handshake(dh_result2, + &client_ephemeral_enc_keypair->seckey, + intro_enc_pubkey); + bad |= safe_mem_is_zero(dh_result2, CURVE25519_OUTPUT_LEN); + + /* Get rend_secret_hs_input */ + get_rend_secret_hs_input(dh_result1, dh_result2, + intro_auth_pubkey, intro_enc_pubkey, + &client_ephemeral_enc_keypair->pubkey, + service_ephemeral_rend_pubkey, + rend_secret_hs_input); + + /* Get NTOR_KEY_SEED and the auth_input MAC */ + bad |= get_rendezvous1_key_material(rend_secret_hs_input, + intro_auth_pubkey, + intro_enc_pubkey, + service_ephemeral_rend_pubkey, + &client_ephemeral_enc_keypair->pubkey, + hs_ntor_rend_cell_keys_out); + + memwipe(rend_secret_hs_input, 0, sizeof(rend_secret_hs_input)); + if (bad) { + memwipe(hs_ntor_rend_cell_keys_out, 0, sizeof(hs_ntor_rend_cell_keys_t)); + } + + return bad ? -1 : 0; +} + +/* Public function: Do the appropriate ntor calculations and derive the keys + * needed to decrypt and verify INTRODUCE1 cells. Return 0 and place the final + * key material in <b>hs_ntor_intro_cell_keys_out</b> if everything went well, + * otherwise return -1; + * + * The relevant calculations are as follows: + * + * intro_secret_hs_input = EXP(X,b) | AUTH_KEY | X | B | PROTOID + * info = m_hsexpand | subcredential + * hs_keys = KDF(intro_secret_hs_input | t_hsenc | info, S_KEY_LEN+MAC_LEN) + * HS_DEC_KEY = hs_keys[0:S_KEY_LEN] + * HS_MAC_KEY = hs_keys[S_KEY_LEN:S_KEY_LEN+MAC_KEY_LEN] + * + * where: + * <b>intro_auth_pubkey</b> is AUTH_KEY (introduction point auth key), + * <b>intro_enc_keypair</b> is (b,B) (introduction point encryption keypair), + * <b>client_ephemeral_enc_pubkey</b> is X (CLIENT_PK in INTRODUCE2 cell), + * <b>subcredential</b> is the HS subcredential (of size DIGEST256_LEN) */ +int +hs_ntor_service_get_introduce1_keys( + const ed25519_public_key_t *intro_auth_pubkey, + const curve25519_keypair_t *intro_enc_keypair, + const curve25519_public_key_t *client_ephemeral_enc_pubkey, + const uint8_t *subcredential, + hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out) +{ + int bad = 0; + uint8_t secret_input[INTRO_SECRET_HS_INPUT_LEN]; + uint8_t dh_result[CURVE25519_OUTPUT_LEN]; + + tor_assert(intro_auth_pubkey); + tor_assert(intro_enc_keypair); + tor_assert(client_ephemeral_enc_pubkey); + tor_assert(subcredential); + tor_assert(hs_ntor_intro_cell_keys_out); + + /* Compute EXP(X, b) */ + curve25519_handshake(dh_result, + &intro_enc_keypair->seckey, + client_ephemeral_enc_pubkey); + bad |= safe_mem_is_zero(dh_result, CURVE25519_OUTPUT_LEN); + + /* Get intro_secret_hs_input */ + get_intro_secret_hs_input(dh_result, intro_auth_pubkey, + client_ephemeral_enc_pubkey, + &intro_enc_keypair->pubkey, + secret_input); + bad |= safe_mem_is_zero(secret_input, CURVE25519_OUTPUT_LEN); + + /* Get ENC_KEY and MAC_KEY! */ + get_introduce1_key_material(secret_input, subcredential, + hs_ntor_intro_cell_keys_out); + + memwipe(secret_input, 0, sizeof(secret_input)); + if (bad) { + memwipe(hs_ntor_intro_cell_keys_out, 0, sizeof(hs_ntor_intro_cell_keys_t)); + } + + return bad ? -1 : 0; +} + +/* Public function: Do the appropriate ntor calculations and derive the keys + * needed to create and authenticate RENDEZVOUS1 cells. Return 0 and place the + * final key material in <b>hs_ntor_rend_cell_keys_out</b> if all went fine, + * return -1 if error happened. + * + * The relevant calculations are as follows: + * + * rend_secret_hs_input = EXP(X,y) | EXP(X,b) | AUTH_KEY | B | X | Y | PROTOID + * NTOR_KEY_SEED = MAC(rend_secret_hs_input, t_hsenc) + * verify = MAC(rend_secret_hs_input, t_hsverify) + * auth_input = verify | AUTH_KEY | B | Y | X | PROTOID | "Server" + * auth_input_mac = MAC(auth_input, t_hsmac) + * + * where: + * <b>intro_auth_pubkey</b> is AUTH_KEY (intro point auth key), + * <b>intro_enc_keypair</b> is (b,B) (intro point enc keypair) + * <b>service_ephemeral_rend_keypair</b> is a fresh (y,Y) keypair + * <b>client_ephemeral_enc_pubkey</b> is X (CLIENT_PK in INTRODUCE2 cell) */ +int +hs_ntor_service_get_rendezvous1_keys( + const ed25519_public_key_t *intro_auth_pubkey, + const curve25519_keypair_t *intro_enc_keypair, + const curve25519_keypair_t *service_ephemeral_rend_keypair, + const curve25519_public_key_t *client_ephemeral_enc_pubkey, + hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out) +{ + int bad = 0; + uint8_t rend_secret_hs_input[REND_SECRET_HS_INPUT_LEN]; + uint8_t dh_result1[CURVE25519_OUTPUT_LEN]; + uint8_t dh_result2[CURVE25519_OUTPUT_LEN]; + + tor_assert(intro_auth_pubkey); + tor_assert(intro_enc_keypair); + tor_assert(service_ephemeral_rend_keypair); + tor_assert(client_ephemeral_enc_pubkey); + tor_assert(hs_ntor_rend_cell_keys_out); + + /* Compute EXP(X, y) */ + curve25519_handshake(dh_result1, + &service_ephemeral_rend_keypair->seckey, + client_ephemeral_enc_pubkey); + bad |= safe_mem_is_zero(dh_result1, CURVE25519_OUTPUT_LEN); + + /* Compute EXP(X, b) */ + curve25519_handshake(dh_result2, + &intro_enc_keypair->seckey, + client_ephemeral_enc_pubkey); + bad |= safe_mem_is_zero(dh_result2, CURVE25519_OUTPUT_LEN); + + /* Get rend_secret_hs_input */ + get_rend_secret_hs_input(dh_result1, dh_result2, + intro_auth_pubkey, + &intro_enc_keypair->pubkey, + client_ephemeral_enc_pubkey, + &service_ephemeral_rend_keypair->pubkey, + rend_secret_hs_input); + + /* Get NTOR_KEY_SEED and AUTH_INPUT_MAC! */ + bad |= get_rendezvous1_key_material(rend_secret_hs_input, + intro_auth_pubkey, + &intro_enc_keypair->pubkey, + &service_ephemeral_rend_keypair->pubkey, + client_ephemeral_enc_pubkey, + hs_ntor_rend_cell_keys_out); + + memwipe(rend_secret_hs_input, 0, sizeof(rend_secret_hs_input)); + if (bad) { + memwipe(hs_ntor_rend_cell_keys_out, 0, sizeof(hs_ntor_rend_cell_keys_t)); + } + + return bad ? -1 : 0; +} + +/** Given a received RENDEZVOUS2 MAC in <b>mac</b> (of length DIGEST256_LEN), + * and the RENDEZVOUS1 key material in <b>hs_ntor_rend_cell_keys</b>, return 1 + * if the MAC is good, otherwise return 0. */ +int +hs_ntor_client_rendezvous2_mac_is_good( + const hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys, + const uint8_t *rcvd_mac) +{ + tor_assert(rcvd_mac); + tor_assert(hs_ntor_rend_cell_keys); + + return tor_memeq(hs_ntor_rend_cell_keys->rend_cell_auth_mac, + rcvd_mac, DIGEST256_LEN); +} + +/* Input length to KDF for key expansion */ +#define NTOR_KEY_EXPANSION_KDF_INPUT_LEN (DIGEST256_LEN + M_HSEXPAND_LEN) +/* Output length of KDF for key expansion */ +#define NTOR_KEY_EXPANSION_KDF_OUTPUT_LEN (DIGEST256_LEN*3+CIPHER256_KEY_LEN*2) + +/** Given the rendezvous key material in <b>hs_ntor_rend_cell_keys</b>, do the + * circuit key expansion as specified by section '4.2.1. Key expansion' and + * return a hs_ntor_rend_circuit_keys_t structure with the computed keys. */ +hs_ntor_rend_circuit_keys_t * +hs_ntor_circuit_key_expansion( + const hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys) +{ + uint8_t *ptr; + uint8_t kdf_input[NTOR_KEY_EXPANSION_KDF_INPUT_LEN]; + uint8_t keys[NTOR_KEY_EXPANSION_KDF_OUTPUT_LEN]; + crypto_xof_t *xof; + hs_ntor_rend_circuit_keys_t *rend_circuit_keys = NULL; + + /* Let's build the input to the KDF */ + ptr = kdf_input; + APPEND(ptr, hs_ntor_rend_cell_keys->ntor_key_seed, DIGEST256_LEN); + APPEND(ptr, M_HSEXPAND, strlen(M_HSEXPAND)); + tor_assert(ptr == kdf_input + sizeof(kdf_input)); + + /* Generate the keys */ + xof = crypto_xof_new(); + crypto_xof_add_bytes(xof, kdf_input, sizeof(kdf_input)); + crypto_xof_squeeze_bytes(xof, keys, sizeof(keys)); + crypto_xof_free(xof); + + /* Generate keys structure and assign keys to it */ + rend_circuit_keys = tor_malloc_zero(sizeof(hs_ntor_rend_circuit_keys_t)); + ptr = keys; + memcpy(rend_circuit_keys->KH, ptr, DIGEST256_LEN); + ptr += DIGEST256_LEN;; + memcpy(rend_circuit_keys->Df, ptr, DIGEST256_LEN); + ptr += DIGEST256_LEN; + memcpy(rend_circuit_keys->Db, ptr, DIGEST256_LEN); + ptr += DIGEST256_LEN; + memcpy(rend_circuit_keys->Kf, ptr, CIPHER256_KEY_LEN); + ptr += CIPHER256_KEY_LEN; + memcpy(rend_circuit_keys->Kb, ptr, CIPHER256_KEY_LEN); + ptr += CIPHER256_KEY_LEN; + tor_assert(ptr == keys + sizeof(keys)); + + return rend_circuit_keys; +} + diff --git a/src/or/hs_ntor.h b/src/or/hs_ntor.h new file mode 100644 index 0000000000..cd75f46a4c --- /dev/null +++ b/src/or/hs_ntor.h @@ -0,0 +1,77 @@ +/* Copyright (c) 2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef TOR_HS_NTOR_H +#define TOR_HS_NTOR_H + +#include "or.h" + +/* Key material needed to encode/decode INTRODUCE1 cells */ +typedef struct { + /* Key used for encryption of encrypted INTRODUCE1 blob */ + uint8_t enc_key[CIPHER256_KEY_LEN]; + /* MAC key used to protect encrypted INTRODUCE1 blob */ + uint8_t mac_key[DIGEST256_LEN]; +} hs_ntor_intro_cell_keys_t; + +/* Key material needed to encode/decode RENDEZVOUS1 cells */ +typedef struct { + /* This is the MAC of the HANDSHAKE_INFO field */ + uint8_t rend_cell_auth_mac[DIGEST256_LEN]; + /* This is the key seed used to derive further rendezvous crypto keys as + * detailed in section 4.2.1 of rend-spec-ng.txt. */ + uint8_t ntor_key_seed[DIGEST256_LEN]; +} hs_ntor_rend_cell_keys_t; + +/* Key material resulting from key expansion as detailed in section "4.2.1. Key + * expansion" of rend-spec-ng.txt. */ +typedef struct { + /* Per-circuit key material used in ESTABLISH_INTRO cell */ + uint8_t KH[DIGEST256_LEN]; + /* Authentication key for outgoing RELAY cells */ + uint8_t Df[DIGEST256_LEN]; + /* Authentication key for incoming RELAY cells */ + uint8_t Db[DIGEST256_LEN]; + /* Encryption key for outgoing RELAY cells */ + uint8_t Kf[CIPHER256_KEY_LEN]; + /* Decryption key for incoming RELAY cells */ + uint8_t Kb[CIPHER256_KEY_LEN]; +} hs_ntor_rend_circuit_keys_t; + +int hs_ntor_client_get_introduce1_keys( + const ed25519_public_key_t *intro_auth_pubkey, + const curve25519_public_key_t *intro_enc_pubkey, + const curve25519_keypair_t *client_ephemeral_enc_keypair, + const uint8_t *subcredential, + hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out); + +int hs_ntor_client_get_rendezvous1_keys( + const ed25519_public_key_t *intro_auth_pubkey, + const curve25519_keypair_t *client_ephemeral_enc_keypair, + const curve25519_public_key_t *intro_enc_pubkey, + const curve25519_public_key_t *service_ephemeral_rend_pubkey, + hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out); + +int hs_ntor_service_get_introduce1_keys( + const ed25519_public_key_t *intro_auth_pubkey, + const curve25519_keypair_t *intro_enc_keypair, + const curve25519_public_key_t *client_ephemeral_enc_pubkey, + const uint8_t *subcredential, + hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out); + +int hs_ntor_service_get_rendezvous1_keys( + const ed25519_public_key_t *intro_auth_pubkey, + const curve25519_keypair_t *intro_enc_keypair, + const curve25519_keypair_t *service_ephemeral_rend_keypair, + const curve25519_public_key_t *client_ephemeral_enc_pubkey, + hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out); + +hs_ntor_rend_circuit_keys_t *hs_ntor_circuit_key_expansion( + const hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys); + +int hs_ntor_client_rendezvous2_mac_is_good( + const hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys, + const uint8_t *rcvd_mac); + +#endif + diff --git a/src/or/hs_service.c b/src/or/hs_service.c index 52de2bfa9d..71939e236b 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -27,7 +27,7 @@ * bytes written, or a negative integer if there was an error. */ ssize_t get_establish_intro_payload(uint8_t *buf_out, size_t buf_out_len, - const hs_cell_establish_intro_t *cell) + const trn_cell_establish_intro_t *cell) { ssize_t bytes_used = 0; @@ -35,31 +35,31 @@ get_establish_intro_payload(uint8_t *buf_out, size_t buf_out_len, return -1; } - bytes_used = hs_cell_establish_intro_encode(buf_out, buf_out_len, + bytes_used = trn_cell_establish_intro_encode(buf_out, buf_out_len, cell); return bytes_used; } /* Set the cell extensions of <b>cell</b>. */ static void -set_cell_extensions(hs_cell_establish_intro_t *cell) +set_trn_cell_extensions(trn_cell_establish_intro_t *cell) { - cell_extension_t *cell_extensions = cell_extension_new(); + trn_cell_extension_t *trn_cell_extensions = trn_cell_extension_new(); /* For now, we don't use extensions at all. */ - cell_extensions->num = 0; /* It's already zeroed, but be explicit. */ - hs_cell_establish_intro_set_extensions(cell, cell_extensions); + trn_cell_extensions->num = 0; /* It's already zeroed, but be explicit. */ + trn_cell_establish_intro_set_extensions(cell, trn_cell_extensions); } /** Given the circuit handshake info in <b>circuit_key_material</b>, create and * return an ESTABLISH_INTRO cell. Return NULL if something went wrong. The * returned cell is allocated on the heap and it's the responsibility of the * caller to free it. */ -hs_cell_establish_intro_t * +trn_cell_establish_intro_t * generate_establish_intro_cell(const uint8_t *circuit_key_material, size_t circuit_key_material_len) { - hs_cell_establish_intro_t *cell = NULL; + trn_cell_establish_intro_t *cell = NULL; ssize_t encoded_len; log_warn(LD_GENERAL, @@ -72,31 +72,31 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material, goto err; } - cell = hs_cell_establish_intro_new(); + cell = trn_cell_establish_intro_new(); /* Set AUTH_KEY_TYPE: 2 means ed25519 */ - hs_cell_establish_intro_set_auth_key_type(cell, AUTH_KEY_ED25519); + trn_cell_establish_intro_set_auth_key_type(cell, AUTH_KEY_ED25519); /* Set AUTH_KEY_LEN field */ /* Must also set byte-length of AUTH_KEY to match */ int auth_key_len = ED25519_PUBKEY_LEN; - hs_cell_establish_intro_set_auth_key_len(cell, auth_key_len); - hs_cell_establish_intro_setlen_auth_key(cell, auth_key_len); + trn_cell_establish_intro_set_auth_key_len(cell, auth_key_len); + trn_cell_establish_intro_setlen_auth_key(cell, auth_key_len); /* Set AUTH_KEY field */ - uint8_t *auth_key_ptr = hs_cell_establish_intro_getarray_auth_key(cell); + uint8_t *auth_key_ptr = trn_cell_establish_intro_getarray_auth_key(cell); memcpy(auth_key_ptr, key_struct.pubkey.pubkey, auth_key_len); /* No cell extensions needed */ - set_cell_extensions(cell); + set_trn_cell_extensions(cell); /* Set signature size. We need to do this up here, because _encode() needs it and we need to call _encode() to calculate the MAC and signature. */ int sig_len = ED25519_SIG_LEN; - hs_cell_establish_intro_set_sig_len(cell, sig_len); - hs_cell_establish_intro_setlen_sig(cell, sig_len); + trn_cell_establish_intro_set_sig_len(cell, sig_len); + trn_cell_establish_intro_setlen_sig(cell, sig_len); /* XXX How to make this process easier and nicer? */ @@ -107,7 +107,7 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material, uint8_t cell_bytes_tmp[RELAY_PAYLOAD_SIZE] = {0}; uint8_t mac[TRUNNEL_SHA3_256_LEN]; - encoded_len = hs_cell_establish_intro_encode(cell_bytes_tmp, + encoded_len = trn_cell_establish_intro_encode(cell_bytes_tmp, sizeof(cell_bytes_tmp), cell); if (encoded_len < 0) { @@ -126,7 +126,7 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material, (ED25519_SIG_LEN + 2 + TRUNNEL_SHA3_256_LEN)); /* Write the MAC to the cell */ uint8_t *handshake_ptr = - hs_cell_establish_intro_getarray_handshake_mac(cell); + trn_cell_establish_intro_getarray_handshake_mac(cell); memcpy(handshake_ptr, mac, sizeof(mac)); } @@ -137,7 +137,7 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material, uint8_t cell_bytes_tmp[RELAY_PAYLOAD_SIZE] = {0}; ed25519_signature_t sig; - encoded_len = hs_cell_establish_intro_encode(cell_bytes_tmp, + encoded_len = trn_cell_establish_intro_encode(cell_bytes_tmp, sizeof(cell_bytes_tmp), cell); if (encoded_len < 0) { @@ -158,7 +158,7 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material, } /* And write the signature to the cell */ - uint8_t *sig_ptr = hs_cell_establish_intro_getarray_sig(cell); + uint8_t *sig_ptr = trn_cell_establish_intro_getarray_sig(cell); memcpy(sig_ptr, sig.sig, sig_len); } @@ -166,7 +166,7 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material, return cell; err: - hs_cell_establish_intro_free(cell); + trn_cell_establish_intro_free(cell); return NULL; } diff --git a/src/or/hs_service.h b/src/or/hs_service.h index 1405b26cc8..3302592762 100644 --- a/src/or/hs_service.h +++ b/src/or/hs_service.h @@ -16,12 +16,12 @@ * hs_service.o ends up with no symbols in libor.a which makes clang throw a * warning at compile time. See #21825. */ -hs_cell_establish_intro_t * +trn_cell_establish_intro_t * generate_establish_intro_cell(const uint8_t *circuit_key_material, size_t circuit_key_material_len); ssize_t get_establish_intro_payload(uint8_t *buf, size_t buf_len, - const hs_cell_establish_intro_t *cell); + const trn_cell_establish_intro_t *cell); #endif /* TOR_HS_SERVICE_H */ diff --git a/src/or/include.am b/src/or/include.am index 688ac625ea..1841bbfe9d 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -50,6 +50,7 @@ LIBTOR_A_SOURCES = \ src/or/geoip.c \ src/or/hs_intropoint.c \ src/or/hs_circuitmap.c \ + src/or/hs_ntor.c \ src/or/hs_service.c \ src/or/entrynodes.c \ src/or/ext_orport.c \ @@ -175,6 +176,7 @@ ORHEADERS = \ src/or/hs_descriptor.h \ src/or/hs_intropoint.h \ src/or/hs_circuitmap.h \ + src/or/hs_ntor.h \ src/or/hs_service.h \ src/or/keypin.h \ src/or/main.h \ diff --git a/src/or/main.c b/src/or/main.c index 5b73aea70c..4505879adc 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -104,7 +104,6 @@ #include "ext_orport.h" #ifdef USE_DMALLOC #include <dmalloc.h> -#include <openssl/crypto.h> #endif #include "memarea.h" #include "sandbox.h" @@ -3617,8 +3616,8 @@ tor_main(int argc, char *argv[]) { /* Instruct OpenSSL to use our internal wrappers for malloc, realloc and free. */ - int r = CRYPTO_set_mem_ex_functions(tor_malloc_, tor_realloc_, tor_free_); - tor_assert(r); + int r = crypto_use_tor_alloc_functions(); + tor_assert(r == 0); } #endif #ifdef NT_SERVICE diff --git a/src/or/or.h b/src/or/or.h index 034cd5e010..a7b3a66561 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2278,6 +2278,16 @@ typedef struct routerstatus_t { * ed25519 identity keys on a link handshake. */ unsigned int supports_ed25519_link_handshake:1; + /** True iff this router has a protocol list that allows it to be an + * introduction point supporting ed25519 authentication key which is part of + * the v3 protocol detailed in proposal 224. This requires HSIntro=4. */ + unsigned int supports_ed25519_hs_intro : 1; + + /** True iff this router has a protocol list that allows it to be an hidden + * service directory supporting version 3 as seen in proposal 224. This + * requires HSDir=2. */ + unsigned int supports_v3_hsdir : 1; + unsigned int has_bandwidth:1; /**< The vote/consensus had bw info */ unsigned int has_exitsummary:1; /**< The vote/consensus had exit summaries */ unsigned int bw_is_unmeasured:1; /**< This is a consensus entry, with diff --git a/src/or/relay.c b/src/or/relay.c index a7a5071198..5139036327 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -257,8 +257,13 @@ circuit_receive_relay_cell(cell_t *cell, circuit_t *circ, log_debug(LD_OR,"Sending to origin."); if ((reason = connection_edge_process_relay_cell(cell, circ, conn, layer_hint)) < 0) { - log_warn(LD_OR, - "connection_edge_process_relay_cell (at origin) failed."); + /* If a client is trying to connect to unknown hidden service port, + * END_CIRC_AT_ORIGIN is sent back so we can then close the circuit. + * Do not log warn as this is an expected behavior for a service. */ + if (reason != END_CIRC_AT_ORIGIN) { + log_warn(LD_OR, + "connection_edge_process_relay_cell (at origin) failed."); + } return reason; } } diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 7220b992c4..fc0a4ab50a 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -2667,6 +2667,10 @@ routerstatus_parse_entry_from_string(memarea_t *area, protocol_list_supports_protocol(tok->args[0], PRT_RELAY, 2); rs->supports_ed25519_link_handshake = protocol_list_supports_protocol(tok->args[0], PRT_LINKAUTH, 3); + rs->supports_ed25519_hs_intro = + protocol_list_supports_protocol(tok->args[0], PRT_HSINTRO, 4); + rs->supports_v3_hsdir = + protocol_list_supports_protocol(tok->args[0], PRT_HSDIR, 2); } if ((tok = find_opt_by_keyword(tokens, K_V))) { tor_assert(tok->n_args == 1); diff --git a/src/or/shared_random.c b/src/or/shared_random.c index 73b4c1d0ea..25ca0611cd 100644 --- a/src/or/shared_random.c +++ b/src/or/shared_random.c @@ -230,9 +230,7 @@ commit_decode(const char *encoded, sr_commit_t *commit) { int decoded_len = 0; size_t offset = 0; - /* XXX: Needs two extra bytes for the base64 decode calculation matches - * the binary length once decoded. #17868. */ - char b64_decoded[SR_COMMIT_LEN + 2]; + char b64_decoded[SR_COMMIT_LEN]; tor_assert(encoded); tor_assert(commit); @@ -284,9 +282,7 @@ STATIC int reveal_decode(const char *encoded, sr_commit_t *commit) { int decoded_len = 0; - /* XXX: Needs two extra bytes for the base64 decode calculation matches - * the binary length once decoded. #17868. */ - char b64_decoded[SR_REVEAL_LEN + 2]; + char b64_decoded[SR_REVEAL_LEN]; tor_assert(encoded); tor_assert(commit); diff --git a/src/or/shared_random.h b/src/or/shared_random.h index ae390c469e..1f027c70e0 100644 --- a/src/or/shared_random.h +++ b/src/or/shared_random.h @@ -36,17 +36,14 @@ /* Length of base64 encoded commit NOT including the NUL terminated byte. * Formula is taken from base64_encode_size. This adds up to 56 bytes. */ -#define SR_COMMIT_BASE64_LEN \ - (((SR_COMMIT_LEN - 1) / 3) * 4 + 4) +#define SR_COMMIT_BASE64_LEN (BASE64_LEN(SR_COMMIT_LEN)) /* Length of base64 encoded reveal NOT including the NUL terminated byte. * Formula is taken from base64_encode_size. This adds up to 56 bytes. */ -#define SR_REVEAL_BASE64_LEN \ - (((SR_REVEAL_LEN - 1) / 3) * 4 + 4) +#define SR_REVEAL_BASE64_LEN (BASE64_LEN(SR_REVEAL_LEN)) /* Length of base64 encoded shared random value. It's 32 bytes long so 44 * bytes from the base64_encode_size formula. That includes the '=' * character at the end. */ -#define SR_SRV_VALUE_BASE64_LEN \ - (((DIGEST256_LEN - 1) / 3) * 4 + 4) +#define SR_SRV_VALUE_BASE64_LEN (BASE64_LEN(DIGEST256_LEN)) /* Assert if commit valid flag is not set. */ #define ASSERT_COMMIT_VALID(c) tor_assert((c)->valid) diff --git a/src/test/hs_ntor_ref.py b/src/test/hs_ntor_ref.py new file mode 100644 index 0000000000..813e797828 --- /dev/null +++ b/src/test/hs_ntor_ref.py @@ -0,0 +1,408 @@ +#!/usr/bin/python +# Copyright 2017, The Tor Project, Inc +# See LICENSE for licensing information + +""" +hs_ntor_ref.py + +This module is a reference implementation of the modified ntor protocol +proposed for Tor hidden services in proposal 224 (Next Generation Hidden +Services) in section [NTOR-WITH-EXTRA-DATA]. + +The modified ntor protocol is a single-round protocol, with three steps in total: + + 1: Client generates keys and sends them to service via INTRODUCE cell + + 2: Service computes key material based on client's keys, and sends its own + keys to client via RENDEZVOUS cell + + 3: Client computes key material as well. + +It's meant to be used to validate Tor's HS ntor implementation by conducting +various integration tests. Specifically it conducts the following three tests: + +- Tests our Python implementation by running the whole protocol in Python and + making sure that results are consistent. + +- Tests little-t-tor ntor implementation. We use this Python code to instrument + little-t-tor and carry out the handshake by using little-t-tor code. The + small C wrapper at src/test/test-hs-ntor-cl is used for this Python module to + interface with little-t-tor. + +- Cross-tests Python and little-t-tor implementation by running half of the + protocol in Python code and the other in little-t-tor. This is actually two + tests so that all parts of the protocol are run both by little-t-tor and + Python. + +It requires the curve25519 python module from the curve25519-donna package. + +The whole logic and concept for this test suite was taken from ntor_ref.py. + + *** DO NOT USE THIS IN PRODUCTION. *** +""" + +import struct +import os, sys +import binascii +import subprocess + +try: + import curve25519 + curve25519mod = curve25519.keys +except ImportError: + curve25519 = None + import slownacl_curve25519 + curve25519mod = slownacl_curve25519 + +try: + import sha3 +except ImportError: + # error code 77 tells automake to skip this test + sys.exit(77) + +# Import Nick's ntor reference implementation in Python +# We are gonna use a few of its utilities. +from ntor_ref import hash_nil +from ntor_ref import PrivateKey + +# String constants used in this protocol +PROTOID = "tor-hs-ntor-curve25519-sha3-256-1" +T_HSENC = PROTOID + ":hs_key_extract" +T_HSVERIFY = PROTOID + ":hs_verify" +T_HSMAC = PROTOID + ":hs_mac" +M_HSEXPAND = PROTOID + ":hs_key_expand" + +INTRO_SECRET_LEN = 161 +REND_SECRET_LEN = 225 +AUTH_INPUT_LEN = 199 + +# Implements MAC(k,m) = H(htonll(len(k)) | k | m) +def mac(k,m): + def htonll(num): + return struct.pack('!q', num) + + s = sha3.SHA3256() + s.update(htonll(len(k))) + s.update(k) + s.update(m) + return s.digest() + +###################################################################### + +# Functions that implement the modified HS ntor protocol + +"""As client compute key material for INTRODUCE cell as follows: + + intro_secret_hs_input = EXP(B,x) | AUTH_KEY | X | B | PROTOID + info = m_hsexpand | subcredential + hs_keys = KDF(intro_secret_hs_input | t_hsenc | info, S_KEY_LEN+MAC_LEN) + ENC_KEY = hs_keys[0:S_KEY_LEN] + MAC_KEY = hs_keys[S_KEY_LEN:S_KEY_LEN+MAC_KEY_LEN] +""" +def intro2_ntor_client(intro_auth_pubkey_str, intro_enc_pubkey, + client_ephemeral_enc_pubkey, client_ephemeral_enc_privkey, subcredential): + + dh_result = client_ephemeral_enc_privkey.get_shared_key(intro_enc_pubkey, hash_nil) + secret = dh_result + intro_auth_pubkey_str + client_ephemeral_enc_pubkey.serialize() + intro_enc_pubkey.serialize() + PROTOID + assert(len(secret) == INTRO_SECRET_LEN) + info = M_HSEXPAND + subcredential + + kdf = sha3.SHAKE256() + kdf.update(secret + T_HSENC + info) + key_material = kdf.squeeze(64*8) + + enc_key = key_material[0:32] + mac_key = key_material[32:64] + + return enc_key, mac_key + +"""Wrapper over intro2_ntor_client()""" +def client_part1(intro_auth_pubkey_str, intro_enc_pubkey, + client_ephemeral_enc_pubkey, client_ephemeral_enc_privkey, subcredential): + enc_key, mac_key = intro2_ntor_client(intro_auth_pubkey_str, intro_enc_pubkey, client_ephemeral_enc_pubkey, client_ephemeral_enc_privkey, subcredential) + assert(enc_key) + assert(mac_key) + + return enc_key, mac_key + +"""As service compute key material for INTRODUCE cell as follows: + + intro_secret_hs_input = EXP(X,b) | AUTH_KEY | X | B | PROTOID + info = m_hsexpand | subcredential + hs_keys = KDF(intro_secret_hs_input | t_hsenc | info, S_KEY_LEN+MAC_LEN) + HS_DEC_KEY = hs_keys[0:S_KEY_LEN] + HS_MAC_KEY = hs_keys[S_KEY_LEN:S_KEY_LEN+MAC_KEY_LEN] +""" +def intro2_ntor_service(intro_auth_pubkey_str, client_enc_pubkey, service_enc_privkey, service_enc_pubkey, subcredential): + dh_result = service_enc_privkey.get_shared_key(client_enc_pubkey, hash_nil) + secret = dh_result + intro_auth_pubkey_str + client_enc_pubkey.serialize() + service_enc_pubkey.serialize() + PROTOID + assert(len(secret) == INTRO_SECRET_LEN) + info = M_HSEXPAND + subcredential + + kdf = sha3.SHAKE256() + kdf.update(secret + T_HSENC + info) + key_material = kdf.squeeze(64*8) + + enc_key = key_material[0:32] + mac_key = key_material[32:64] + + return enc_key, mac_key + +"""As service compute key material for INTRODUCE and REDNEZVOUS cells. + + Use intro2_ntor_service() to calculate the INTRODUCE key material, and use + the following computations to do the RENDEZVOUS ones: + + rend_secret_hs_input = EXP(X,y) | EXP(X,b) | AUTH_KEY | B | X | Y | PROTOID + NTOR_KEY_SEED = MAC(rend_secret_hs_input, t_hsenc) + verify = MAC(rend_secret_hs_input, t_hsverify) + auth_input = verify | AUTH_KEY | B | Y | X | PROTOID | "Server" + AUTH_INPUT_MAC = MAC(auth_input, t_hsmac) +""" +def service_part1(intro_auth_pubkey_str, client_enc_pubkey, intro_enc_privkey, intro_enc_pubkey, subcredential): + intro_enc_key, intro_mac_key = intro2_ntor_service(intro_auth_pubkey_str, client_enc_pubkey, intro_enc_privkey, intro_enc_pubkey, subcredential) + assert(intro_enc_key) + assert(intro_mac_key) + + service_ephemeral_privkey = PrivateKey() + service_ephemeral_pubkey = service_ephemeral_privkey.get_public() + + dh_result1 = service_ephemeral_privkey.get_shared_key(client_enc_pubkey, hash_nil) + dh_result2 = intro_enc_privkey.get_shared_key(client_enc_pubkey, hash_nil) + rend_secret_hs_input = dh_result1 + dh_result2 + intro_auth_pubkey_str + intro_enc_pubkey.serialize() + client_enc_pubkey.serialize() + service_ephemeral_pubkey.serialize() + PROTOID + assert(len(rend_secret_hs_input) == REND_SECRET_LEN) + + ntor_key_seed = mac(rend_secret_hs_input, T_HSENC) + verify = mac(rend_secret_hs_input, T_HSVERIFY) + auth_input = verify + intro_auth_pubkey_str + intro_enc_pubkey.serialize() + service_ephemeral_pubkey.serialize() + client_enc_pubkey.serialize() + PROTOID + "Server" + assert(len(auth_input) == AUTH_INPUT_LEN) + auth_input_mac = mac(auth_input, T_HSMAC) + + assert(ntor_key_seed) + assert(auth_input_mac) + assert(service_ephemeral_pubkey) + + return intro_enc_key, intro_mac_key, ntor_key_seed, auth_input_mac, service_ephemeral_pubkey + +"""As client compute key material for rendezvous cells as follows: + + rend_secret_hs_input = EXP(Y,x) | EXP(B,x) | AUTH_KEY | B | X | Y | PROTOID + NTOR_KEY_SEED = MAC(ntor_secret_input, t_hsenc) + verify = MAC(ntor_secret_input, t_hsverify) + auth_input = verify | AUTH_KEY | B | Y | X | PROTOID | "Server" + AUTH_INPUT_MAC = MAC(auth_input, t_hsmac) +""" +def client_part2(intro_auth_pubkey_str, client_ephemeral_enc_pubkey, client_ephemeral_enc_privkey, + intro_enc_pubkey, service_ephemeral_rend_pubkey): + dh_result1 = client_ephemeral_enc_privkey.get_shared_key(service_ephemeral_rend_pubkey, hash_nil) + dh_result2 = client_ephemeral_enc_privkey.get_shared_key(intro_enc_pubkey, hash_nil) + rend_secret_hs_input = dh_result1 + dh_result2 + intro_auth_pubkey_str + intro_enc_pubkey.serialize() + client_ephemeral_enc_pubkey.serialize() + service_ephemeral_rend_pubkey.serialize() + PROTOID + assert(len(rend_secret_hs_input) == REND_SECRET_LEN) + + ntor_key_seed = mac(rend_secret_hs_input, T_HSENC) + verify = mac(rend_secret_hs_input, T_HSVERIFY) + auth_input = verify + intro_auth_pubkey_str + intro_enc_pubkey.serialize() + service_ephemeral_rend_pubkey.serialize() + client_ephemeral_enc_pubkey.serialize() + PROTOID + "Server" + assert(len(auth_input) == AUTH_INPUT_LEN) + auth_input_mac = mac(auth_input, T_HSMAC) + + assert(ntor_key_seed) + assert(auth_input_mac) + + return ntor_key_seed, auth_input_mac + +################################################################################# + +""" +Utilities for communicating with the little-t-tor ntor wrapper to conduct the +integration tests +""" + +PROG = b"./src/test/test-hs-ntor-cl" +enhex=lambda s: binascii.b2a_hex(s) +dehex=lambda s: binascii.a2b_hex(s.strip()) + +def tor_client1(intro_auth_pubkey_str, intro_enc_pubkey, + client_ephemeral_enc_privkey, subcredential): + p = subprocess.Popen([PROG, "client1", + enhex(intro_auth_pubkey_str), + enhex(intro_enc_pubkey.serialize()), + enhex(client_ephemeral_enc_privkey.serialize()), + enhex(subcredential)], + stdout=subprocess.PIPE) + return map(dehex, p.stdout.readlines()) + +def tor_server1(intro_auth_pubkey_str, intro_enc_privkey, + client_ephemeral_enc_pubkey, subcredential): + p = subprocess.Popen([PROG, "server1", + enhex(intro_auth_pubkey_str), + enhex(intro_enc_privkey.serialize()), + enhex(client_ephemeral_enc_pubkey.serialize()), + enhex(subcredential)], + stdout=subprocess.PIPE) + return map(dehex, p.stdout.readlines()) + +def tor_client2(intro_auth_pubkey_str, client_ephemeral_enc_privkey, + intro_enc_pubkey, service_ephemeral_rend_pubkey, subcredential): + p = subprocess.Popen([PROG, "client2", + enhex(intro_auth_pubkey_str), + enhex(client_ephemeral_enc_privkey.serialize()), + enhex(intro_enc_pubkey.serialize()), + enhex(service_ephemeral_rend_pubkey.serialize()), + enhex(subcredential)], + stdout=subprocess.PIPE) + return map(dehex, p.stdout.readlines()) + +################################################################################## + +# Perform a pure python ntor test +def do_pure_python_ntor_test(): + # Initialize all needed key material + client_ephemeral_enc_privkey = PrivateKey() + client_ephemeral_enc_pubkey = client_ephemeral_enc_privkey.get_public() + intro_enc_privkey = PrivateKey() + intro_enc_pubkey = intro_enc_privkey.get_public() + intro_auth_pubkey_str = os.urandom(32) + subcredential = os.urandom(32) + + client_enc_key, client_mac_key = client_part1(intro_auth_pubkey_str, intro_enc_pubkey, client_ephemeral_enc_pubkey, client_ephemeral_enc_privkey, subcredential) + + service_enc_key, service_mac_key, service_ntor_key_seed, service_auth_input_mac, service_ephemeral_pubkey = service_part1(intro_auth_pubkey_str, client_ephemeral_enc_pubkey, intro_enc_privkey, intro_enc_pubkey, subcredential) + + assert(client_enc_key == service_enc_key) + assert(client_mac_key == service_mac_key) + + client_ntor_key_seed, client_auth_input_mac = client_part2(intro_auth_pubkey_str, client_ephemeral_enc_pubkey, client_ephemeral_enc_privkey, + intro_enc_pubkey, service_ephemeral_pubkey) + + assert(client_ntor_key_seed == service_ntor_key_seed) + assert(client_auth_input_mac == service_auth_input_mac) + + print "DONE: python dance [%s]" % repr(client_auth_input_mac) + +# Perform a pure little-t-tor integration test. +def do_little_t_tor_ntor_test(): + # Initialize all needed key material + subcredential = os.urandom(32) + client_ephemeral_enc_privkey = PrivateKey() + client_ephemeral_enc_pubkey = client_ephemeral_enc_privkey.get_public() + intro_enc_privkey = PrivateKey() + intro_enc_pubkey = intro_enc_privkey.get_public() # service-side enc key + intro_auth_pubkey_str = os.urandom(32) + + client_enc_key, client_mac_key = tor_client1(intro_auth_pubkey_str, intro_enc_pubkey, + client_ephemeral_enc_privkey, subcredential) + assert(client_enc_key) + assert(client_mac_key) + + service_enc_key, service_mac_key, service_ntor_auth_mac, service_ntor_key_seed, service_eph_pubkey = tor_server1(intro_auth_pubkey_str, + intro_enc_privkey, + client_ephemeral_enc_pubkey, + subcredential) + assert(service_enc_key) + assert(service_mac_key) + assert(service_ntor_auth_mac) + assert(service_ntor_key_seed) + + assert(client_enc_key == service_enc_key) + assert(client_mac_key == service_mac_key) + + # Turn from bytes to key + service_eph_pubkey = curve25519mod.Public(service_eph_pubkey) + + client_ntor_auth_mac, client_ntor_key_seed = tor_client2(intro_auth_pubkey_str, client_ephemeral_enc_privkey, + intro_enc_pubkey, service_eph_pubkey, subcredential) + assert(client_ntor_auth_mac) + assert(client_ntor_key_seed) + + assert(client_ntor_key_seed == service_ntor_key_seed) + assert(client_ntor_auth_mac == service_ntor_auth_mac) + + print "DONE: tor dance [%s]" % repr(client_ntor_auth_mac) + +""" +Do mixed test as follows: + 1. C -> S (python mode) + 2. C <- S (tor mode) + 3. Client computes keys (python mode) +""" +def do_first_mixed_test(): + subcredential = os.urandom(32) + + client_ephemeral_enc_privkey = PrivateKey() + client_ephemeral_enc_pubkey = client_ephemeral_enc_privkey.get_public() + intro_enc_privkey = PrivateKey() + intro_enc_pubkey = intro_enc_privkey.get_public() # service-side enc key + + intro_auth_pubkey_str = os.urandom(32) + + # Let's do mixed + client_enc_key, client_mac_key = client_part1(intro_auth_pubkey_str, intro_enc_pubkey, + client_ephemeral_enc_pubkey, client_ephemeral_enc_privkey, + subcredential) + + service_enc_key, service_mac_key, service_ntor_auth_mac, service_ntor_key_seed, service_eph_pubkey = tor_server1(intro_auth_pubkey_str, + intro_enc_privkey, + client_ephemeral_enc_pubkey, + subcredential) + assert(service_enc_key) + assert(service_mac_key) + assert(service_ntor_auth_mac) + assert(service_ntor_key_seed) + assert(service_eph_pubkey) + + assert(client_enc_key == service_enc_key) + assert(client_mac_key == service_mac_key) + + # Turn from bytes to key + service_eph_pubkey = curve25519mod.Public(service_eph_pubkey) + + client_ntor_key_seed, client_auth_input_mac = client_part2(intro_auth_pubkey_str, client_ephemeral_enc_pubkey, client_ephemeral_enc_privkey, + intro_enc_pubkey, service_eph_pubkey) + + assert(client_auth_input_mac == service_ntor_auth_mac) + assert(client_ntor_key_seed == service_ntor_key_seed) + + print "DONE: 1st mixed dance [%s]" % repr(client_auth_input_mac) + +""" +Do mixed test as follows: + 1. C -> S (tor mode) + 2. C <- S (python mode) + 3. Client computes keys (tor mode) +""" +def do_second_mixed_test(): + subcredential = os.urandom(32) + + client_ephemeral_enc_privkey = PrivateKey() + client_ephemeral_enc_pubkey = client_ephemeral_enc_privkey.get_public() + intro_enc_privkey = PrivateKey() + intro_enc_pubkey = intro_enc_privkey.get_public() # service-side enc key + + intro_auth_pubkey_str = os.urandom(32) + + # Let's do mixed + client_enc_key, client_mac_key = tor_client1(intro_auth_pubkey_str, intro_enc_pubkey, + client_ephemeral_enc_privkey, subcredential) + assert(client_enc_key) + assert(client_mac_key) + + service_enc_key, service_mac_key, service_ntor_key_seed, service_ntor_auth_mac, service_ephemeral_pubkey = service_part1(intro_auth_pubkey_str, client_ephemeral_enc_pubkey, intro_enc_privkey, intro_enc_pubkey, subcredential) + + client_ntor_auth_mac, client_ntor_key_seed = tor_client2(intro_auth_pubkey_str, client_ephemeral_enc_privkey, + intro_enc_pubkey, service_ephemeral_pubkey, subcredential) + assert(client_ntor_auth_mac) + assert(client_ntor_key_seed) + + assert(client_ntor_key_seed == service_ntor_key_seed) + assert(client_ntor_auth_mac == service_ntor_auth_mac) + + print "DONE: 2nd mixed dance [%s]" % repr(client_ntor_auth_mac) + +def do_mixed_tests(): + do_first_mixed_test() + do_second_mixed_test() + +if __name__ == '__main__': + do_pure_python_ntor_test() + do_little_t_tor_ntor_test() + do_mixed_tests() diff --git a/src/test/include.am b/src/test/include.am index f88f0992f2..c92eab13c9 100644 --- a/src/test/include.am +++ b/src/test/include.am @@ -20,7 +20,7 @@ TESTSCRIPTS = \ src/test/test_switch_id.sh if USEPYTHON -TESTSCRIPTS += src/test/test_ntor.sh src/test/test_bt.sh +TESTSCRIPTS += src/test/test_ntor.sh src/test/test_hs_ntor.sh src/test/test_bt.sh endif TESTS += src/test/test src/test/test-slow src/test/test-memwipe \ @@ -93,6 +93,7 @@ src_test_test_SOURCES = \ src/test/test_controller.c \ src/test/test_controller_events.c \ src/test/test_crypto.c \ + src/test/test_crypto_openssl.c \ src/test/test_data.c \ src/test/test_dir.c \ src/test/test_dir_common.c \ @@ -253,6 +254,7 @@ noinst_HEADERS+= \ src/test/vote_descriptors.inc noinst_PROGRAMS+= src/test/test-ntor-cl +noinst_PROGRAMS+= src/test/test-hs-ntor-cl src_test_test_ntor_cl_SOURCES = src/test/test_ntor_cl.c src_test_test_ntor_cl_LDFLAGS = @TOR_LDFLAGS_zlib@ @TOR_LDFLAGS_openssl@ src_test_test_ntor_cl_LDADD = src/or/libtor.a src/common/libor.a \ @@ -263,6 +265,17 @@ src_test_test_ntor_cl_LDADD = src/or/libtor.a src/common/libor.a \ src_test_test_ntor_cl_AM_CPPFLAGS = \ -I"$(top_srcdir)/src/or" +src_test_test_hs_ntor_cl_SOURCES = src/test/test_hs_ntor_cl.c +src_test_test_hs_ntor_cl_LDFLAGS = @TOR_LDFLAGS_zlib@ @TOR_LDFLAGS_openssl@ +src_test_test_hs_ntor_cl_LDADD = src/or/libtor.a src/common/libor.a \ + src/common/libor-ctime.a \ + src/common/libor-crypto.a $(LIBKECCAK_TINY) $(LIBDONNA) \ + @TOR_ZLIB_LIBS@ @TOR_LIB_MATH@ \ + @TOR_OPENSSL_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ +src_test_test_hs_ntor_cl_AM_CPPFLAGS = \ + -I"$(top_srcdir)/src/or" + + noinst_PROGRAMS += src/test/test-bt-cl src_test_test_bt_cl_SOURCES = src/test/test_bt_cl.c src_test_test_bt_cl_LDADD = src/common/libor-testing.a \ @@ -275,12 +288,13 @@ src_test_test_bt_cl_CPPFLAGS= $(src_test_AM_CPPFLAGS) $(TEST_CPPFLAGS) EXTRA_DIST += \ src/test/bt_test.py \ src/test/ntor_ref.py \ + src/test/hs_ntor_ref.py \ src/test/fuzz_static_testcases.sh \ src/test/slownacl_curve25519.py \ src/test/zero_length_keys.sh \ src/test/test_keygen.sh \ src/test/test_zero_length_keys.sh \ - src/test/test_ntor.sh src/test/test_bt.sh \ + src/test/test_ntor.sh src/test/test_hs_ntor.sh src/test/test_bt.sh \ src/test/test-network.sh \ src/test/test_switch_id.sh \ src/test/test_workqueue_cancel.sh \ diff --git a/src/test/test.c b/src/test/test.c index f8c2db726d..77ea44970c 100644 --- a/src/test/test.c +++ b/src/test/test.c @@ -1201,6 +1201,7 @@ struct testgroup_t testgroups[] = { { "control/", controller_tests }, { "control/event/", controller_event_tests }, { "crypto/", crypto_tests }, + { "crypto/openssl/", crypto_openssl_tests }, { "dir/", dir_tests }, { "dir_handle_get/", dir_handle_get_tests }, { "dir/md/", microdesc_tests }, diff --git a/src/test/test.h b/src/test/test.h index 2c35314dcd..252a239afc 100644 --- a/src/test/test.h +++ b/src/test/test.h @@ -196,6 +196,7 @@ extern struct testcase_t container_tests[]; extern struct testcase_t controller_tests[]; extern struct testcase_t controller_event_tests[]; extern struct testcase_t crypto_tests[]; +extern struct testcase_t crypto_openssl_tests[]; extern struct testcase_t dir_tests[]; extern struct testcase_t dir_handle_get_tests[]; extern struct testcase_t entryconn_tests[]; diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c index 3a6c222bc4..ec9d4e2709 100644 --- a/src/test/test_crypto.c +++ b/src/test/test_crypto.c @@ -15,9 +15,6 @@ #include "crypto_ed25519.h" #include "ed25519_vectors.inc" -#include <openssl/evp.h> -#include <openssl/rand.h> - /** Run unit tests for Diffie-Hellman functionality. */ static void test_crypto_dh(void *arg) @@ -331,38 +328,6 @@ test_crypto_rng_strongest(void *arg) #undef N } -/* Test for rectifying openssl RAND engine. */ -static void -test_crypto_rng_engine(void *arg) -{ - (void)arg; - RAND_METHOD dummy_method; - memset(&dummy_method, 0, sizeof(dummy_method)); - - /* We should be a no-op if we're already on RAND_OpenSSL */ - tt_int_op(0, ==, crypto_force_rand_ssleay()); - tt_assert(RAND_get_rand_method() == RAND_OpenSSL()); - - /* We should correct the method if it's a dummy. */ - RAND_set_rand_method(&dummy_method); -#ifdef LIBRESSL_VERSION_NUMBER - /* On libressl, you can't override the RNG. */ - tt_assert(RAND_get_rand_method() == RAND_OpenSSL()); - tt_int_op(0, ==, crypto_force_rand_ssleay()); -#else - tt_assert(RAND_get_rand_method() == &dummy_method); - tt_int_op(1, ==, crypto_force_rand_ssleay()); -#endif - tt_assert(RAND_get_rand_method() == RAND_OpenSSL()); - - /* Make sure we aren't calling dummy_method */ - crypto_rand((void *) &dummy_method, sizeof(dummy_method)); - crypto_rand((void *) &dummy_method, sizeof(dummy_method)); - - done: - ; -} - /** Run unit tests for our AES128 functionality */ static void test_crypto_aes128(void *arg) @@ -1477,28 +1442,6 @@ test_crypto_digest_names(void *arg) ; } -#ifndef OPENSSL_1_1_API -#define EVP_ENCODE_CTX_new() tor_malloc_zero(sizeof(EVP_ENCODE_CTX)) -#define EVP_ENCODE_CTX_free(ctx) tor_free(ctx) -#endif - -/** Encode src into dest with OpenSSL's EVP Encode interface, returning the - * length of the encoded data in bytes. - */ -static int -base64_encode_evp(char *dest, char *src, size_t srclen) -{ - const unsigned char *s = (unsigned char*)src; - EVP_ENCODE_CTX *ctx = EVP_ENCODE_CTX_new(); - int len, ret; - - EVP_EncodeInit(ctx); - EVP_EncodeUpdate(ctx, (unsigned char *)dest, &len, s, (int)srclen); - EVP_EncodeFinal(ctx, (unsigned char *)(dest + len), &ret); - EVP_ENCODE_CTX_free(ctx); - return ret+ len; -} - /** Run unit tests for misc crypto formatting functionality (base64, base32, * fingerprints, etc) */ static void @@ -1527,7 +1470,7 @@ test_crypto_formats(void *arg) tt_int_op(i, OP_GE, 0); tt_int_op(i, OP_EQ, strlen(data2)); tt_assert(! strchr(data2, '=')); - j = base64_decode_nopad((uint8_t*)data3, 1024, data2, i); + j = base64_decode(data3, 1024, data2, i); tt_int_op(j, OP_EQ, idx); tt_mem_op(data3,OP_EQ, data1, idx); } @@ -1554,20 +1497,6 @@ test_crypto_formats(void *arg) tt_assert(digest_from_base64(data3, "###") < 0); - for (i = 0; i < 256; i++) { - /* Test the multiline format Base64 encoder with 0 .. 256 bytes of - * output against OpenSSL. - */ - const size_t enclen = base64_encode_size(i, BASE64_ENCODE_MULTILINE); - data1[i] = i; - j = base64_encode(data2, 1024, data1, i, BASE64_ENCODE_MULTILINE); - tt_int_op(j, OP_EQ, enclen); - j = base64_encode_evp(data3, data1, i); - tt_int_op(j, OP_EQ, enclen); - tt_mem_op(data2, OP_EQ, data3, enclen); - tt_int_op(j, OP_EQ, strlen(data2)); - } - /* Encoding SHA256 */ crypto_rand(data2, DIGEST256_LEN); memset(data2, 100, 1024); @@ -2941,7 +2870,6 @@ struct testcase_t crypto_tests[] = { CRYPTO_LEGACY(formats), CRYPTO_LEGACY(rng), { "rng_range", test_crypto_rng_range, 0, NULL, NULL }, - { "rng_engine", test_crypto_rng_engine, TT_FORK, NULL, NULL }, { "rng_strongest", test_crypto_rng_strongest, TT_FORK, NULL, NULL }, { "rng_strongest_nosyscall", test_crypto_rng_strongest, TT_FORK, &passthrough_setup, (void*)"nosyscall" }, diff --git a/src/test/test_crypto_openssl.c b/src/test/test_crypto_openssl.c new file mode 100644 index 0000000000..3d7d2b4639 --- /dev/null +++ b/src/test/test_crypto_openssl.c @@ -0,0 +1,107 @@ +/* Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "orconfig.h" + +#define CRYPTO_PRIVATE + +#include "crypto.h" +#include "util.h" +#include "util_format.h" +#include "compat.h" +#include "test.h" + +#include <openssl/evp.h> +#include <openssl/rand.h> +#include "compat_openssl.h" + +/* Test for rectifying openssl RAND engine. */ +static void +test_crypto_rng_engine(void *arg) +{ + (void)arg; + RAND_METHOD dummy_method; + memset(&dummy_method, 0, sizeof(dummy_method)); + + /* We should be a no-op if we're already on RAND_OpenSSL */ + tt_int_op(0, ==, crypto_force_rand_ssleay()); + tt_assert(RAND_get_rand_method() == RAND_OpenSSL()); + + /* We should correct the method if it's a dummy. */ + RAND_set_rand_method(&dummy_method); +#ifdef LIBRESSL_VERSION_NUMBER + /* On libressl, you can't override the RNG. */ + tt_assert(RAND_get_rand_method() == RAND_OpenSSL()); + tt_int_op(0, ==, crypto_force_rand_ssleay()); +#else + tt_assert(RAND_get_rand_method() == &dummy_method); + tt_int_op(1, ==, crypto_force_rand_ssleay()); +#endif + tt_assert(RAND_get_rand_method() == RAND_OpenSSL()); + + /* Make sure we aren't calling dummy_method */ + crypto_rand((void *) &dummy_method, sizeof(dummy_method)); + crypto_rand((void *) &dummy_method, sizeof(dummy_method)); + + done: + ; +} + +#ifndef OPENSSL_1_1_API +#define EVP_ENCODE_CTX_new() tor_malloc_zero(sizeof(EVP_ENCODE_CTX)) +#define EVP_ENCODE_CTX_free(ctx) tor_free(ctx) +#endif + +/** Encode src into dest with OpenSSL's EVP Encode interface, returning the + * length of the encoded data in bytes. + */ +static int +base64_encode_evp(char *dest, char *src, size_t srclen) +{ + const unsigned char *s = (unsigned char*)src; + EVP_ENCODE_CTX *ctx = EVP_ENCODE_CTX_new(); + int len, ret; + + EVP_EncodeInit(ctx); + EVP_EncodeUpdate(ctx, (unsigned char *)dest, &len, s, (int)srclen); + EVP_EncodeFinal(ctx, (unsigned char *)(dest + len), &ret); + EVP_ENCODE_CTX_free(ctx); + return ret+ len; +} + +static void +test_crypto_base64_encode_matches(void *arg) +{ + (void)arg; + int i, j; + char data1[1024]; + char data2[1024]; + char data3[1024]; + + for (i = 0; i < 256; i++) { + /* Test the multiline format Base64 encoder with 0 .. 256 bytes of + * output against OpenSSL. + */ + const size_t enclen = base64_encode_size(i, BASE64_ENCODE_MULTILINE); + data1[i] = i; + j = base64_encode(data2, 1024, data1, i, BASE64_ENCODE_MULTILINE); + tt_int_op(j, OP_EQ, enclen); + j = base64_encode_evp(data3, data1, i); + tt_int_op(j, OP_EQ, enclen); + tt_mem_op(data2, OP_EQ, data3, enclen); + tt_int_op(j, OP_EQ, strlen(data2)); + } + + done: + ; +} + +struct testcase_t crypto_openssl_tests[] = { + { "rng_engine", test_crypto_rng_engine, TT_FORK, NULL, NULL }, + { "base64_encode_match", test_crypto_base64_encode_matches, + TT_FORK, NULL, NULL }, + END_OF_TESTCASES +}; + diff --git a/src/test/test_crypto_slow.c b/src/test/test_crypto_slow.c index 6d676ff9b9..d6b0a43dd5 100644 --- a/src/test/test_crypto_slow.c +++ b/src/test/test_crypto_slow.c @@ -12,11 +12,8 @@ #if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_LIBSCRYPT_SCRYPT) #define HAVE_LIBSCRYPT -#include <libscrypt.h> #endif -#include <openssl/evp.h> - /** Run unit tests for our secret-to-key passphrase hashing functionality. */ static void test_crypto_s2k_rfc2440(void *arg) diff --git a/src/test/test_hs_intropoint.c b/src/test/test_hs_intropoint.c index 40d1f25705..5caa550dd4 100644 --- a/src/test/test_hs_intropoint.c +++ b/src/test/test_hs_intropoint.c @@ -69,10 +69,10 @@ helper_create_intro_circuit(void) return circ; } -static hs_cell_introduce1_t * +static trn_cell_introduce1_t * helper_create_introduce1_cell(void) { - hs_cell_introduce1_t *cell = NULL; + trn_cell_introduce1_t *cell = NULL; ed25519_keypair_t auth_key_kp; /* Generate the auth_key of the cell. */ @@ -80,39 +80,39 @@ helper_create_introduce1_cell(void) goto err; } - cell = hs_cell_introduce1_new(); + cell = trn_cell_introduce1_new(); tt_assert(cell); /* Set the auth key. */ { size_t auth_key_len = sizeof(auth_key_kp.pubkey); - hs_cell_introduce1_set_auth_key_type(cell, + trn_cell_introduce1_set_auth_key_type(cell, HS_INTRO_AUTH_KEY_TYPE_ED25519); - hs_cell_introduce1_set_auth_key_len(cell, auth_key_len); - hs_cell_introduce1_setlen_auth_key(cell, auth_key_len); - uint8_t *auth_key_ptr = hs_cell_introduce1_getarray_auth_key(cell); + trn_cell_introduce1_set_auth_key_len(cell, auth_key_len); + trn_cell_introduce1_setlen_auth_key(cell, auth_key_len); + uint8_t *auth_key_ptr = trn_cell_introduce1_getarray_auth_key(cell); memcpy(auth_key_ptr, auth_key_kp.pubkey.pubkey, auth_key_len); } /* Set the cell extentions to none. */ { - cell_extension_t *ext = cell_extension_new(); - cell_extension_set_num(ext, 0); - hs_cell_introduce1_set_extensions(cell, ext); + trn_cell_extension_t *ext = trn_cell_extension_new(); + trn_cell_extension_set_num(ext, 0); + trn_cell_introduce1_set_extensions(cell, ext); } /* Set the encrypted section to some data. */ { size_t enc_len = 128; - hs_cell_introduce1_setlen_encrypted(cell, enc_len); - uint8_t *enc_ptr = hs_cell_introduce1_getarray_encrypted(cell); + trn_cell_introduce1_setlen_encrypted(cell, enc_len); + uint8_t *enc_ptr = trn_cell_introduce1_getarray_encrypted(cell); memset(enc_ptr, 'a', enc_len); } return cell; err: done: - hs_cell_introduce1_free(cell); + trn_cell_introduce1_free(cell); return NULL; } @@ -122,7 +122,7 @@ static void test_establish_intro_wrong_purpose(void *arg) { int retval; - hs_cell_establish_intro_t *establish_intro_cell = NULL; + trn_cell_establish_intro_t *establish_intro_cell = NULL; or_circuit_t *intro_circ = or_circuit_new(0,NULL);; uint8_t cell_body[RELAY_PAYLOAD_SIZE]; ssize_t cell_len = 0; @@ -154,7 +154,7 @@ test_establish_intro_wrong_purpose(void *arg) tt_int_op(retval, ==, -1); done: - hs_cell_establish_intro_free(establish_intro_cell); + trn_cell_establish_intro_free(establish_intro_cell); circuit_free(TO_CIRCUIT(intro_circ)); } @@ -198,7 +198,7 @@ static void test_establish_intro_wrong_keytype2(void *arg) { int retval; - hs_cell_establish_intro_t *establish_intro_cell = NULL; + trn_cell_establish_intro_t *establish_intro_cell = NULL; or_circuit_t *intro_circ = or_circuit_new(0,NULL);; uint8_t cell_body[RELAY_PAYLOAD_SIZE]; ssize_t cell_len = 0; @@ -230,7 +230,7 @@ test_establish_intro_wrong_keytype2(void *arg) tt_int_op(retval, ==, -1); done: - hs_cell_establish_intro_free(establish_intro_cell); + trn_cell_establish_intro_free(establish_intro_cell); circuit_free(TO_CIRCUIT(intro_circ)); } @@ -239,7 +239,7 @@ static void test_establish_intro_wrong_mac(void *arg) { int retval; - hs_cell_establish_intro_t *establish_intro_cell = NULL; + trn_cell_establish_intro_t *establish_intro_cell = NULL; or_circuit_t *intro_circ = or_circuit_new(0,NULL);; uint8_t cell_body[RELAY_PAYLOAD_SIZE]; ssize_t cell_len = 0; @@ -258,7 +258,7 @@ test_establish_intro_wrong_mac(void *arg) tt_assert(establish_intro_cell); /* Mangle one byte of the MAC. */ uint8_t *handshake_ptr = - hs_cell_establish_intro_getarray_handshake_mac(establish_intro_cell); + trn_cell_establish_intro_getarray_handshake_mac(establish_intro_cell); handshake_ptr[TRUNNEL_SHA3_256_LEN - 1]++; /* We need to resign the payload with that change. */ { @@ -269,7 +269,7 @@ test_establish_intro_wrong_mac(void *arg) retval = ed25519_keypair_generate(&key_struct, 0); tt_int_op(retval, OP_EQ, 0); uint8_t *auth_key_ptr = - hs_cell_establish_intro_getarray_auth_key(establish_intro_cell); + trn_cell_establish_intro_getarray_auth_key(establish_intro_cell); memcpy(auth_key_ptr, key_struct.pubkey.pubkey, ED25519_PUBKEY_LEN); /* Encode payload so we can sign it. */ cell_len = get_establish_intro_payload(cell_body, sizeof(cell_body), @@ -284,7 +284,7 @@ test_establish_intro_wrong_mac(void *arg) tt_int_op(retval, OP_EQ, 0); /* And write the signature to the cell */ uint8_t *sig_ptr = - hs_cell_establish_intro_getarray_sig(establish_intro_cell); + trn_cell_establish_intro_getarray_sig(establish_intro_cell); memcpy(sig_ptr, sig.sig, establish_intro_cell->sig_len); /* Re-encode with the new signature. */ cell_len = get_establish_intro_payload(cell_body, sizeof(cell_body), @@ -299,7 +299,7 @@ test_establish_intro_wrong_mac(void *arg) tt_int_op(retval, ==, -1); done: - hs_cell_establish_intro_free(establish_intro_cell); + trn_cell_establish_intro_free(establish_intro_cell); circuit_free(TO_CIRCUIT(intro_circ)); } @@ -309,7 +309,7 @@ static void test_establish_intro_wrong_auth_key_len(void *arg) { int retval; - hs_cell_establish_intro_t *establish_intro_cell = NULL; + trn_cell_establish_intro_t *establish_intro_cell = NULL; or_circuit_t *intro_circ = or_circuit_new(0,NULL);; uint8_t cell_body[RELAY_PAYLOAD_SIZE]; ssize_t cell_len = 0; @@ -328,9 +328,9 @@ test_establish_intro_wrong_auth_key_len(void *arg) sizeof(circuit_key_material)); tt_assert(establish_intro_cell); /* Mangle the auth key length. */ - hs_cell_establish_intro_set_auth_key_len(establish_intro_cell, + trn_cell_establish_intro_set_auth_key_len(establish_intro_cell, bad_auth_key_len); - hs_cell_establish_intro_setlen_auth_key(establish_intro_cell, + trn_cell_establish_intro_setlen_auth_key(establish_intro_cell, bad_auth_key_len); cell_len = get_establish_intro_payload(cell_body, sizeof(cell_body), establish_intro_cell); @@ -344,7 +344,7 @@ test_establish_intro_wrong_auth_key_len(void *arg) tt_int_op(retval, ==, -1); done: - hs_cell_establish_intro_free(establish_intro_cell); + trn_cell_establish_intro_free(establish_intro_cell); circuit_free(TO_CIRCUIT(intro_circ)); } @@ -354,7 +354,7 @@ static void test_establish_intro_wrong_sig_len(void *arg) { int retval; - hs_cell_establish_intro_t *establish_intro_cell = NULL; + trn_cell_establish_intro_t *establish_intro_cell = NULL; or_circuit_t *intro_circ = or_circuit_new(0,NULL);; uint8_t cell_body[RELAY_PAYLOAD_SIZE]; ssize_t cell_len = 0; @@ -373,8 +373,8 @@ test_establish_intro_wrong_sig_len(void *arg) sizeof(circuit_key_material)); tt_assert(establish_intro_cell); /* Mangle the signature length. */ - hs_cell_establish_intro_set_sig_len(establish_intro_cell, bad_sig_len); - hs_cell_establish_intro_setlen_sig(establish_intro_cell, bad_sig_len); + trn_cell_establish_intro_set_sig_len(establish_intro_cell, bad_sig_len); + trn_cell_establish_intro_setlen_sig(establish_intro_cell, bad_sig_len); cell_len = get_establish_intro_payload(cell_body, sizeof(cell_body), establish_intro_cell); tt_int_op(cell_len, >, 0); @@ -387,7 +387,7 @@ test_establish_intro_wrong_sig_len(void *arg) tt_int_op(retval, ==, -1); done: - hs_cell_establish_intro_free(establish_intro_cell); + trn_cell_establish_intro_free(establish_intro_cell); circuit_free(TO_CIRCUIT(intro_circ)); } @@ -397,7 +397,7 @@ static void test_establish_intro_wrong_sig(void *arg) { int retval; - hs_cell_establish_intro_t *establish_intro_cell = NULL; + trn_cell_establish_intro_t *establish_intro_cell = NULL; or_circuit_t *intro_circ = or_circuit_new(0,NULL);; uint8_t cell_body[RELAY_PAYLOAD_SIZE]; ssize_t cell_len = 0; @@ -429,17 +429,17 @@ test_establish_intro_wrong_sig(void *arg) tt_int_op(retval, ==, -1); done: - hs_cell_establish_intro_free(establish_intro_cell); + trn_cell_establish_intro_free(establish_intro_cell); circuit_free(TO_CIRCUIT(intro_circ)); } /* Helper function: Send a well-formed v3 ESTABLISH_INTRO cell to * <b>intro_circ</b>. Return the cell. */ -static hs_cell_establish_intro_t * +static trn_cell_establish_intro_t * helper_establish_intro_v3(or_circuit_t *intro_circ) { int retval; - hs_cell_establish_intro_t *establish_intro_cell = NULL; + trn_cell_establish_intro_t *establish_intro_cell = NULL; uint8_t cell_body[RELAY_PAYLOAD_SIZE]; ssize_t cell_len = 0; uint8_t circuit_key_material[DIGEST_LEN] = {0}; @@ -512,7 +512,7 @@ test_intro_point_registration(void *arg) hs_circuitmap_ht *the_hs_circuitmap = NULL; or_circuit_t *intro_circ = NULL; - hs_cell_establish_intro_t *establish_intro_cell = NULL; + trn_cell_establish_intro_t *establish_intro_cell = NULL; ed25519_public_key_t auth_key; crypto_pk_t *legacy_auth_key = NULL; @@ -581,7 +581,7 @@ test_intro_point_registration(void *arg) crypto_pk_free(legacy_auth_key); circuit_free(TO_CIRCUIT(intro_circ)); circuit_free(TO_CIRCUIT(legacy_intro_circ)); - hs_cell_establish_intro_free(establish_intro_cell); + trn_cell_establish_intro_free(establish_intro_cell); { /* Test circuitmap free_all function. */ the_hs_circuitmap = get_hs_circuitmap(); @@ -675,7 +675,7 @@ static void test_introduce1_validation(void *arg) { int ret; - hs_cell_introduce1_t *cell = NULL; + trn_cell_introduce1_t *cell = NULL; (void) arg; @@ -715,25 +715,25 @@ test_introduce1_validation(void *arg) ret = validate_introduce1_parsed_cell(cell); tt_int_op(ret, OP_EQ, 0); /* Set an invalid size of the auth key buffer. */ - hs_cell_introduce1_setlen_auth_key(cell, 3); + trn_cell_introduce1_setlen_auth_key(cell, 3); ret = validate_introduce1_parsed_cell(cell); tt_int_op(ret, OP_EQ, -1); /* Reset auth key buffer and make sure it works. */ - hs_cell_introduce1_setlen_auth_key(cell, sizeof(ed25519_public_key_t)); + trn_cell_introduce1_setlen_auth_key(cell, sizeof(ed25519_public_key_t)); ret = validate_introduce1_parsed_cell(cell); tt_int_op(ret, OP_EQ, 0); /* Empty encrypted section. */ - hs_cell_introduce1_setlen_encrypted(cell, 0); + trn_cell_introduce1_setlen_encrypted(cell, 0); ret = validate_introduce1_parsed_cell(cell); tt_int_op(ret, OP_EQ, -1); /* Reset it to some non zero bytes and validate. */ - hs_cell_introduce1_setlen_encrypted(cell, 1); + trn_cell_introduce1_setlen_encrypted(cell, 1); ret = validate_introduce1_parsed_cell(cell); tt_int_op(ret, OP_EQ, 0); done: - hs_cell_introduce1_free(cell); + trn_cell_introduce1_free(cell); } static void @@ -741,7 +741,7 @@ test_received_introduce1_handling(void *arg) { int ret; uint8_t *request = NULL, buf[128]; - hs_cell_introduce1_t *cell = NULL; + trn_cell_introduce1_t *cell = NULL; or_circuit_t *circ = NULL; (void) arg; @@ -775,11 +775,11 @@ test_received_introduce1_handling(void *arg) /* Valid case. */ { cell = helper_create_introduce1_cell(); - ssize_t request_len = hs_cell_introduce1_encoded_len(cell); + ssize_t request_len = trn_cell_introduce1_encoded_len(cell); tt_size_op(request_len, OP_GT, 0); request = tor_malloc_zero(request_len); ssize_t encoded_len = - hs_cell_introduce1_encode(request, request_len, cell); + trn_cell_introduce1_encode(request, request_len, cell); tt_size_op(encoded_len, OP_GT, 0); circ = helper_create_intro_circuit(); @@ -789,7 +789,7 @@ test_received_introduce1_handling(void *arg) /* Register the circuit in the map for the auth key of the cell. */ ed25519_public_key_t auth_key; const uint8_t *cell_auth_key = - hs_cell_introduce1_getconstarray_auth_key(cell); + trn_cell_introduce1_getconstarray_auth_key(cell); memcpy(auth_key.pubkey, cell_auth_key, ED25519_PUBKEY_LEN); hs_circuitmap_register_intro_circ_v3_relay_side(service_circ, &auth_key); ret = hs_intro_received_introduce1(circ, request, request_len); @@ -801,16 +801,16 @@ test_received_introduce1_handling(void *arg) /* Valid legacy cell. */ { tor_free(request); - hs_cell_introduce1_free(cell); + trn_cell_introduce1_free(cell); cell = helper_create_introduce1_cell(); - uint8_t *legacy_key_id = hs_cell_introduce1_getarray_legacy_key_id(cell); + uint8_t *legacy_key_id = trn_cell_introduce1_getarray_legacy_key_id(cell); memset(legacy_key_id, 'a', DIGEST_LEN); /* Add an arbitrary amount of data for the payload of a v2 cell. */ - size_t request_len = hs_cell_introduce1_encoded_len(cell) + 256; + size_t request_len = trn_cell_introduce1_encoded_len(cell) + 256; tt_size_op(request_len, OP_GT, 0); request = tor_malloc_zero(request_len + 256); ssize_t encoded_len = - hs_cell_introduce1_encode(request, request_len, cell); + trn_cell_introduce1_encode(request, request_len, cell); tt_size_op(encoded_len, OP_GT, 0); circ = helper_create_intro_circuit(); @@ -828,7 +828,7 @@ test_received_introduce1_handling(void *arg) } done: - hs_cell_introduce1_free(cell); + trn_cell_introduce1_free(cell); tor_free(request); hs_circuitmap_free_all(); UNMOCK(relay_send_command_from_edge_); diff --git a/src/test/test_hs_ntor.sh b/src/test/test_hs_ntor.sh new file mode 100755 index 0000000000..8a0003d44a --- /dev/null +++ b/src/test/test_hs_ntor.sh @@ -0,0 +1,11 @@ +#!/bin/sh +# Validate Tor's ntor implementation. + +exitcode=0 + +# Run the python integration test sand return the exitcode of the python +# script. The python script might ask the testsuite to skip it if not all +# python dependencies are covered. +"${PYTHON:-python}" "${abs_top_srcdir:-.}/src/test/hs_ntor_ref.py" || exitcode=$? + +exit ${exitcode} diff --git a/src/test/test_hs_ntor_cl.c b/src/test/test_hs_ntor_cl.c new file mode 100644 index 0000000000..ed1eda58ea --- /dev/null +++ b/src/test/test_hs_ntor_cl.c @@ -0,0 +1,255 @@ +/* Copyright (c) 2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** This is a wrapper over the little-t-tor HS ntor functions. The wrapper is + * used by src/test/hs_ntor_ref.py to conduct the HS ntor integration + * tests. + * + * The logic of this wrapper is basically copied from src/test/test_ntor_cl.c + */ + +#include "orconfig.h" +#include <stdio.h> +#include <stdlib.h> + +#define ONION_NTOR_PRIVATE +#include "or.h" +#include "util.h" +#include "compat.h" +#include "crypto.h" +#include "crypto_curve25519.h" +#include "hs_ntor.h" +#include "onion_ntor.h" + +#define N_ARGS(n) STMT_BEGIN { \ + if (argc < (n)) { \ + fprintf(stderr, "%s needs %d arguments.\n",argv[1],n); \ + return 1; \ + } \ + } STMT_END +#define BASE16(idx, var, n) STMT_BEGIN { \ + const char *s = argv[(idx)]; \ + if (base16_decode((char*)var, n, s, strlen(s)) < (int)n ) { \ + fprintf(stderr, "couldn't decode argument %d (%s)\n",idx,s); \ + return 1; \ + } \ + } STMT_END +#define INT(idx, var) STMT_BEGIN { \ + var = atoi(argv[(idx)]); \ + if (var <= 0) { \ + fprintf(stderr, "bad integer argument %d (%s)\n",idx,argv[(idx)]); \ + } \ + } STMT_END + +/** The first part of the HS ntor protocol. The client-side computes all + necessary key material and sends the appropriate message to the service. */ +static int +client1(int argc, char **argv) +{ + int retval; + + /* Inputs */ + curve25519_public_key_t intro_enc_pubkey; + ed25519_public_key_t intro_auth_pubkey; + curve25519_keypair_t client_ephemeral_enc_keypair; + uint8_t subcredential[DIGEST256_LEN]; + + /* Output */ + hs_ntor_intro_cell_keys_t hs_ntor_intro_cell_keys; + + char buf[256]; + + N_ARGS(6); + BASE16(2, intro_auth_pubkey.pubkey, ED25519_PUBKEY_LEN); + BASE16(3, intro_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN); + BASE16(4, client_ephemeral_enc_keypair.seckey.secret_key, + CURVE25519_SECKEY_LEN); + BASE16(5, subcredential, DIGEST256_LEN); + + /* Generate keypair */ + curve25519_public_key_generate(&client_ephemeral_enc_keypair.pubkey, + &client_ephemeral_enc_keypair.seckey); + + retval = hs_ntor_client_get_introduce1_keys(&intro_auth_pubkey, + &intro_enc_pubkey, + &client_ephemeral_enc_keypair, + subcredential, + &hs_ntor_intro_cell_keys); + if (retval < 0) { + goto done; + } + + /* Send ENC_KEY */ + base16_encode(buf, sizeof(buf), + (const char*)hs_ntor_intro_cell_keys.enc_key, + sizeof(hs_ntor_intro_cell_keys.enc_key)); + printf("%s\n", buf); + /* Send MAC_KEY */ + base16_encode(buf, sizeof(buf), + (const char*)hs_ntor_intro_cell_keys.mac_key, + sizeof(hs_ntor_intro_cell_keys.mac_key)); + printf("%s\n", buf); + + done: + return retval; +} + +/** The second part of the HS ntor protocol. The service-side computes all + necessary key material and sends the appropriate message to the client */ +static int +server1(int argc, char **argv) +{ + int retval; + + /* Inputs */ + curve25519_keypair_t intro_enc_keypair; + ed25519_public_key_t intro_auth_pubkey; + curve25519_public_key_t client_ephemeral_enc_pubkey; + uint8_t subcredential[DIGEST256_LEN]; + + /* Output */ + hs_ntor_intro_cell_keys_t hs_ntor_intro_cell_keys; + hs_ntor_rend_cell_keys_t hs_ntor_rend_cell_keys; + curve25519_keypair_t service_ephemeral_rend_keypair; + + char buf[256]; + + N_ARGS(6); + BASE16(2, intro_auth_pubkey.pubkey, ED25519_PUBKEY_LEN); + BASE16(3, intro_enc_keypair.seckey.secret_key, CURVE25519_SECKEY_LEN); + BASE16(4, client_ephemeral_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN); + BASE16(5, subcredential, DIGEST256_LEN); + + /* Generate keypair */ + curve25519_public_key_generate(&intro_enc_keypair.pubkey, + &intro_enc_keypair.seckey); + curve25519_keypair_generate(&service_ephemeral_rend_keypair, 0); + + /* Get INTRODUCE1 keys */ + retval = hs_ntor_service_get_introduce1_keys(&intro_auth_pubkey, + &intro_enc_keypair, + &client_ephemeral_enc_pubkey, + subcredential, + &hs_ntor_intro_cell_keys); + if (retval < 0) { + goto done; + } + + /* Get RENDEZVOUS1 keys */ + retval = hs_ntor_service_get_rendezvous1_keys(&intro_auth_pubkey, + &intro_enc_keypair, + &service_ephemeral_rend_keypair, + &client_ephemeral_enc_pubkey, + &hs_ntor_rend_cell_keys); + if (retval < 0) { + goto done; + } + + /* Send ENC_KEY */ + base16_encode(buf, sizeof(buf), + (const char*)hs_ntor_intro_cell_keys.enc_key, + sizeof(hs_ntor_intro_cell_keys.enc_key)); + printf("%s\n", buf); + /* Send MAC_KEY */ + base16_encode(buf, sizeof(buf), + (const char*)hs_ntor_intro_cell_keys.mac_key, + sizeof(hs_ntor_intro_cell_keys.mac_key)); + printf("%s\n", buf); + /* Send AUTH_MAC */ + base16_encode(buf, sizeof(buf), + (const char*)hs_ntor_rend_cell_keys.rend_cell_auth_mac, + sizeof(hs_ntor_rend_cell_keys.rend_cell_auth_mac)); + printf("%s\n", buf); + /* Send NTOR_KEY_SEED */ + base16_encode(buf, sizeof(buf), + (const char*)hs_ntor_rend_cell_keys.ntor_key_seed, + sizeof(hs_ntor_rend_cell_keys.ntor_key_seed)); + printf("%s\n", buf); + /* Send service ephemeral pubkey (Y) */ + base16_encode(buf, sizeof(buf), + (const char*)service_ephemeral_rend_keypair.pubkey.public_key, + sizeof(service_ephemeral_rend_keypair.pubkey.public_key)); + printf("%s\n", buf); + + done: + return retval; +} + +/** The final step of the ntor protocol, the client computes and returns the + * rendezvous key material. */ +static int +client2(int argc, char **argv) +{ + int retval; + + /* Inputs */ + curve25519_public_key_t intro_enc_pubkey; + ed25519_public_key_t intro_auth_pubkey; + curve25519_keypair_t client_ephemeral_enc_keypair; + curve25519_public_key_t service_ephemeral_rend_pubkey; + uint8_t subcredential[DIGEST256_LEN]; + + /* Output */ + hs_ntor_rend_cell_keys_t hs_ntor_rend_cell_keys; + + char buf[256]; + + N_ARGS(7); + BASE16(2, intro_auth_pubkey.pubkey, ED25519_PUBKEY_LEN); + BASE16(3, client_ephemeral_enc_keypair.seckey.secret_key, + CURVE25519_SECKEY_LEN); + BASE16(4, intro_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN); + BASE16(5, service_ephemeral_rend_pubkey.public_key, CURVE25519_PUBKEY_LEN); + BASE16(6, subcredential, DIGEST256_LEN); + + /* Generate keypair */ + curve25519_public_key_generate(&client_ephemeral_enc_keypair.pubkey, + &client_ephemeral_enc_keypair.seckey); + + /* Get RENDEZVOUS1 keys */ + retval = hs_ntor_client_get_rendezvous1_keys(&intro_auth_pubkey, + &client_ephemeral_enc_keypair, + &intro_enc_pubkey, + &service_ephemeral_rend_pubkey, + &hs_ntor_rend_cell_keys); + if (retval < 0) { + goto done; + } + + /* Send AUTH_MAC */ + base16_encode(buf, sizeof(buf), + (const char*)hs_ntor_rend_cell_keys.rend_cell_auth_mac, + sizeof(hs_ntor_rend_cell_keys.rend_cell_auth_mac)); + printf("%s\n", buf); + /* Send NTOR_KEY_SEED */ + base16_encode(buf, sizeof(buf), + (const char*)hs_ntor_rend_cell_keys.ntor_key_seed, + sizeof(hs_ntor_rend_cell_keys.ntor_key_seed)); + printf("%s\n", buf); + + done: + return 1; +} + +/** Perform a different part of the protocol depdning on the argv used. */ +int +main(int argc, char **argv) +{ + if (argc < 2) { + fprintf(stderr, "I need arguments. Read source for more info.\n"); + return 1; + } + + curve25519_init(); + if (!strcmp(argv[1], "client1")) { + return client1(argc, argv); + } else if (!strcmp(argv[1], "server1")) { + return server1(argc, argv); + } else if (!strcmp(argv[1], "client2")) { + return client2(argc, argv); + } else { + fprintf(stderr, "What's a %s?\n", argv[1]); + return 1; + } +} + diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c index ae9c0a0300..ec9cc4579b 100644 --- a/src/test/test_hs_service.c +++ b/src/test/test_hs_service.c @@ -17,6 +17,8 @@ #include "hs_service.h" #include "hs_intropoint.h" +#include "hs_ntor.h" + /** We simulate the creation of an outgoing ESTABLISH_INTRO cell, and then we * parse it from the receiver side. */ static void @@ -26,8 +28,8 @@ test_gen_establish_intro_cell(void *arg) ssize_t retval; uint8_t circuit_key_material[DIGEST_LEN] = {0}; uint8_t buf[RELAY_PAYLOAD_SIZE]; - hs_cell_establish_intro_t *cell_out = NULL; - hs_cell_establish_intro_t *cell_in = NULL; + trn_cell_establish_intro_t *cell_out = NULL; + trn_cell_establish_intro_t *cell_in = NULL; crypto_rand((char *) circuit_key_material, sizeof(circuit_key_material)); @@ -44,7 +46,7 @@ test_gen_establish_intro_cell(void *arg) /* Parse it as the receiver */ { - ssize_t parse_result = hs_cell_establish_intro_parse(&cell_in, + ssize_t parse_result = trn_cell_establish_intro_parse(&cell_in, buf, sizeof(buf)); tt_int_op(parse_result, >=, 0); @@ -55,8 +57,8 @@ test_gen_establish_intro_cell(void *arg) } done: - hs_cell_establish_intro_free(cell_out); - hs_cell_establish_intro_free(cell_in); + trn_cell_establish_intro_free(cell_out); + trn_cell_establish_intro_free(cell_in); } /* Mocked ed25519_sign_prefixed() function that always fails :) */ @@ -78,7 +80,7 @@ static void test_gen_establish_intro_cell_bad(void *arg) { (void) arg; - hs_cell_establish_intro_t *cell = NULL; + trn_cell_establish_intro_t *cell = NULL; uint8_t circuit_key_material[DIGEST_LEN] = {0}; MOCK(ed25519_sign_prefixed, mock_ed25519_sign_prefixed); @@ -96,15 +98,110 @@ test_gen_establish_intro_cell_bad(void *arg) tt_assert(!cell); done: - hs_cell_establish_intro_free(cell); + trn_cell_establish_intro_free(cell); UNMOCK(ed25519_sign_prefixed); } +/** Test the HS ntor handshake. Simulate the sending of an encrypted INTRODUCE1 + * cell, and verify the proper derivation of decryption keys on the other end. + * Then simulate the sending of an authenticated RENDEZVOUS1 cell and verify + * the proper verification on the other end. */ +static void +test_hs_ntor(void *arg) +{ + int retval; + + uint8_t subcredential[DIGEST256_LEN]; + + ed25519_keypair_t service_intro_auth_keypair; + curve25519_keypair_t service_intro_enc_keypair; + curve25519_keypair_t service_ephemeral_rend_keypair; + + curve25519_keypair_t client_ephemeral_enc_keypair; + + hs_ntor_intro_cell_keys_t client_hs_ntor_intro_cell_keys; + hs_ntor_intro_cell_keys_t service_hs_ntor_intro_cell_keys; + + hs_ntor_rend_cell_keys_t service_hs_ntor_rend_cell_keys; + hs_ntor_rend_cell_keys_t client_hs_ntor_rend_cell_keys; + + (void) arg; + + /* Generate fake data for this unittest */ + { + /* Generate fake subcredential */ + memset(subcredential, 'Z', DIGEST256_LEN); + + /* service */ + curve25519_keypair_generate(&service_intro_enc_keypair, 0); + ed25519_keypair_generate(&service_intro_auth_keypair, 0); + curve25519_keypair_generate(&service_ephemeral_rend_keypair, 0); + /* client */ + curve25519_keypair_generate(&client_ephemeral_enc_keypair, 0); + } + + /* Client: Simulate the sending of an encrypted INTRODUCE1 cell */ + retval = + hs_ntor_client_get_introduce1_keys(&service_intro_auth_keypair.pubkey, + &service_intro_enc_keypair.pubkey, + &client_ephemeral_enc_keypair, + subcredential, + &client_hs_ntor_intro_cell_keys); + tt_int_op(retval, ==, 0); + + /* Service: Simulate the decryption of the received INTRODUCE1 */ + retval = + hs_ntor_service_get_introduce1_keys(&service_intro_auth_keypair.pubkey, + &service_intro_enc_keypair, + &client_ephemeral_enc_keypair.pubkey, + subcredential, + &service_hs_ntor_intro_cell_keys); + tt_int_op(retval, ==, 0); + + /* Test that the INTRODUCE1 encryption/mac keys match! */ + tt_mem_op(client_hs_ntor_intro_cell_keys.enc_key, OP_EQ, + service_hs_ntor_intro_cell_keys.enc_key, + CIPHER256_KEY_LEN); + tt_mem_op(client_hs_ntor_intro_cell_keys.mac_key, OP_EQ, + service_hs_ntor_intro_cell_keys.mac_key, + DIGEST256_LEN); + + /* Service: Simulate creation of RENDEZVOUS1 key material. */ + retval = + hs_ntor_service_get_rendezvous1_keys(&service_intro_auth_keypair.pubkey, + &service_intro_enc_keypair, + &service_ephemeral_rend_keypair, + &client_ephemeral_enc_keypair.pubkey, + &service_hs_ntor_rend_cell_keys); + tt_int_op(retval, ==, 0); + + /* Client: Simulate the verification of a received RENDEZVOUS1 cell */ + retval = + hs_ntor_client_get_rendezvous1_keys(&service_intro_auth_keypair.pubkey, + &client_ephemeral_enc_keypair, + &service_intro_enc_keypair.pubkey, + &service_ephemeral_rend_keypair.pubkey, + &client_hs_ntor_rend_cell_keys); + tt_int_op(retval, ==, 0); + + /* Test that the RENDEZVOUS1 key material match! */ + tt_mem_op(client_hs_ntor_rend_cell_keys.rend_cell_auth_mac, OP_EQ, + service_hs_ntor_rend_cell_keys.rend_cell_auth_mac, + DIGEST256_LEN); + tt_mem_op(client_hs_ntor_rend_cell_keys.ntor_key_seed, OP_EQ, + service_hs_ntor_rend_cell_keys.ntor_key_seed, + DIGEST256_LEN); + + done: + ; +} + struct testcase_t hs_service_tests[] = { { "gen_establish_intro_cell", test_gen_establish_intro_cell, TT_FORK, NULL, NULL }, { "gen_establish_intro_cell_bad", test_gen_establish_intro_cell_bad, TT_FORK, NULL, NULL }, + { "hs_ntor", test_hs_ntor, TT_FORK, NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c index 4e9fe040ff..217088ee37 100644 --- a/src/test/test_link_handshake.c +++ b/src/test/test_link_handshake.c @@ -10,13 +10,6 @@ #include "compat.h" -/* Some versions of OpenSSL declare SSL_get_selected_srtp_profile twice in - * srtp.h. Suppress the GCC warning so we can build with -Wredundant-decl. */ -DISABLE_GCC_WARNING(redundant-decls) -#include <openssl/x509.h> -#include <openssl/ssl.h> -ENABLE_GCC_WARNING(redundant-decls) - #include "or.h" #include "config.h" #include "connection.h" @@ -785,19 +778,14 @@ CERTS_FAIL(expired_rsa_id, /* both */ certs_cell_cert_t *cert = certs_cell_get_certs(d->ccell, 1); const tor_x509_cert_t *idc; tor_tls_get_my_certs(1, NULL, &idc); - X509 *newc = X509_dup(idc->cert); + tor_x509_cert_t *newc; time_t new_end = time(NULL) - 86400 * 10; - X509_time_adj(X509_get_notAfter(newc), 0, &new_end); - EVP_PKEY *pk = crypto_pk_get_evp_pkey_(d->key2, 1); - tt_assert(X509_sign(newc, pk, EVP_sha1())); - int len = i2d_X509(newc, NULL); - certs_cell_cert_setlen_body(cert, len); - uint8_t *body = certs_cell_cert_getarray_body(cert); - int len2 = i2d_X509(newc, &body); - tt_int_op(len, ==, len2); + newc = tor_x509_cert_replace_expiration(idc, new_end, d->key2); + certs_cell_cert_setlen_body(cert, newc->encoded_len); + memcpy(certs_cell_cert_getarray_body(cert), + newc->encoded, newc->encoded_len); REENCODE(); - X509_free(newc); - EVP_PKEY_free(pk); + tor_x509_cert_free(newc); }) CERTS_FAIL(expired_ed_id, /* ed25519 */ { diff --git a/src/test/test_microdesc.c b/src/test/test_microdesc.c index b8d96491d4..c78fda3b69 100644 --- a/src/test/test_microdesc.c +++ b/src/test/test_microdesc.c @@ -14,12 +14,6 @@ #include "test.h" -DISABLE_GCC_WARNING(redundant-decls) -#include <openssl/rsa.h> -#include <openssl/bn.h> -#include <openssl/pem.h> -ENABLE_GCC_WARNING(redundant-decls) - #ifdef _WIN32 /* For mkdir() */ #include <direct.h> diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c index 59d3be9003..feba8f664e 100644 --- a/src/test/test_rendcache.c +++ b/src/test/test_rendcache.c @@ -11,7 +11,6 @@ #include "routerlist.h" #include "config.h" #include "hs_common.h" -#include <openssl/rsa.h> #include "rend_test_helpers.h" #include "log_test_helpers.h" diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index 18ffd4a8c1..7aa3051464 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -2,6 +2,7 @@ /* See LICENSE for licensing information */ #define TORTLS_PRIVATE +#define TORTLS_OPENSSL_PRIVATE #define LOG_PRIVATE #include "orconfig.h" diff --git a/src/test/test_util_format.c b/src/test/test_util_format.c index a689b2de6c..ea0a86499f 100644 --- a/src/test/test_util_format.c +++ b/src/test/test_util_format.c @@ -133,48 +133,54 @@ test_util_format_base64_encode(void *ignored) } static void -test_util_format_base64_decode_nopad(void *ignored) +test_util_format_base64_decode_oddsize(void *ignored) { (void)ignored; int res; int i; char *src; - uint8_t *dst, *real_dst; - uint8_t expected[] = {0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65}; + char *dst, real_dst[7]; + char expected[] = {0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65}; char real_src[] = "ZXhhbXBsZQ"; + char expected40[] = "testing40characteroddsizebase64encoding!"; + char src40[] = "dGVzdGluZzQwY2hhcmFjdGVyb2Rkc2l6ZWJhc2U2NGVuY29kaW5nIQ"; + char pad40[] = "dGVzdGluZzQwY2hhcmFjdGVyb2Rkc2l6ZWJhc2U2NGVuY29kaW5nIQ=="; src = tor_malloc_zero(256); dst = tor_malloc_zero(1000); - real_dst = tor_malloc_zero(10); for (i=0;i<256;i++) { src[i] = (char)i; } - res = base64_decode_nopad(dst, 1, src, SIZE_T_CEILING); - tt_int_op(res, OP_EQ, -1); - - res = base64_decode_nopad(dst, 1, src, 5); + res = base64_decode(dst, 1, src, 5); tt_int_op(res, OP_EQ, -1); const char *s = "SGVsbG8gd29ybGQ"; - res = base64_decode_nopad(dst, 1000, s, strlen(s)); + res = base64_decode(dst, 1000, s, strlen(s)); tt_int_op(res, OP_EQ, 11); tt_mem_op(dst, OP_EQ, "Hello world", 11); s = "T3BhIG11bmRv"; - res = base64_decode_nopad(dst, 9, s, strlen(s)); + res = base64_decode(dst, 9, s, strlen(s)); tt_int_op(res, OP_EQ, 9); tt_mem_op(dst, OP_EQ, "Opa mundo", 9); - res = base64_decode_nopad(real_dst, 10, real_src, 10); + res = base64_decode(real_dst, sizeof(real_dst), real_src, 10); tt_int_op(res, OP_EQ, 7); tt_mem_op(real_dst, OP_EQ, expected, 7); + res = base64_decode(dst, 40, src40, strlen(src40)); + tt_int_op(res, OP_EQ, 40); + tt_mem_op(dst, OP_EQ, expected40, 40); + + res = base64_decode(dst, 40, pad40, strlen(pad40)); + tt_int_op(res, OP_EQ, 40); + tt_mem_op(dst, OP_EQ, expected40, 40); + done: tor_free(src); tor_free(dst); - tor_free(real_dst); } static void @@ -196,13 +202,10 @@ test_util_format_base64_decode(void *ignored) src[i] = (char)i; } - res = base64_decode(dst, 1, src, SIZE_T_CEILING); + res = base64_decode(dst, 1, src, 100); tt_int_op(res, OP_EQ, -1); - res = base64_decode(dst, SIZE_T_CEILING+1, src, 10); - tt_int_op(res, OP_EQ, -1); - - res = base64_decode(dst, 1, real_src, SIZE_MAX/3+1); + res = base64_decode(dst, 1, real_src, 10); tt_int_op(res, OP_EQ, -1); const char *s = "T3BhIG11bmRv"; @@ -370,11 +373,39 @@ test_util_format_base32_decode(void *arg) tor_free(dst); } +static void +test_util_format_encoded_size(void *arg) +{ + (void)arg; + uint8_t inbuf[256]; + char outbuf[1024]; + unsigned i; + + crypto_rand((char *)inbuf, sizeof(inbuf)); + for (i = 0; i <= sizeof(inbuf); ++i) { + /* XXXX (Once the return values are consistent, check them too.) */ + + base32_encode(outbuf, sizeof(outbuf), (char *)inbuf, i); + /* The "+ 1" below is an API inconsistency. */ + tt_int_op(strlen(outbuf) + 1, OP_EQ, base32_encoded_size(i)); + + base64_encode(outbuf, sizeof(outbuf), (char *)inbuf, i, 0); + tt_int_op(strlen(outbuf), OP_EQ, base64_encode_size(i, 0)); + base64_encode(outbuf, sizeof(outbuf), (char *)inbuf, i, + BASE64_ENCODE_MULTILINE); + tt_int_op(strlen(outbuf), OP_EQ, + base64_encode_size(i, BASE64_ENCODE_MULTILINE)); + } + + done: + ; +} + struct testcase_t util_format_tests[] = { { "unaligned_accessors", test_util_format_unaligned_accessors, 0, NULL, NULL }, { "base64_encode", test_util_format_base64_encode, 0, NULL, NULL }, - { "base64_decode_nopad", test_util_format_base64_decode_nopad, 0, + { "base64_decode_oddsize", test_util_format_base64_decode_oddsize, 0, NULL, NULL }, { "base64_decode", test_util_format_base64_decode, 0, NULL, NULL }, { "base16_decode", test_util_format_base16_decode, 0, NULL, NULL }, @@ -382,6 +413,7 @@ struct testcase_t util_format_tests[] = { NULL, NULL }, { "base32_decode", test_util_format_base32_decode, 0, NULL, NULL }, + { "encoded_size", test_util_format_encoded_size, 0, NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/testing_common.c b/src/test/testing_common.c index bb2bcbf44c..0e37e0d154 100644 --- a/src/test/testing_common.c +++ b/src/test/testing_common.c @@ -38,7 +38,6 @@ const char tor_git_revision[] = ""; #ifdef USE_DMALLOC #include <dmalloc.h> -#include <openssl/crypto.h> #include "main.h" #endif @@ -238,8 +237,8 @@ main(int c, const char **v) #ifdef USE_DMALLOC { - int r = CRYPTO_set_mem_ex_functions(tor_malloc_, tor_realloc_, tor_free_); - tor_assert(r); + int r = crypto_use_tor_alloc_functions(); + tor_assert(r == 0); } #endif diff --git a/src/tools/include.am b/src/tools/include.am index d0185b5887..5eadb03a05 100644 --- a/src/tools/include.am +++ b/src/tools/include.am @@ -1,5 +1,4 @@ bin_PROGRAMS+= src/tools/tor-resolve src/tools/tor-gencert -noinst_PROGRAMS+= src/tools/tor-checkkey if COVERAGE_ENABLED noinst_PROGRAMS+= src/tools/tor-cov-resolve src/tools/tor-cov-gencert @@ -43,14 +42,4 @@ src_tools_tor_cov_gencert_LDADD = src/common/libor-testing.a \ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ endif -src_tools_tor_checkkey_SOURCES = src/tools/tor-checkkey.c -src_tools_tor_checkkey_LDFLAGS = @TOR_LDFLAGS_zlib@ @TOR_LDFLAGS_openssl@ -src_tools_tor_checkkey_LDADD = src/common/libor.a \ - src/common/libor-ctime.a \ - src/common/libor-crypto.a \ - $(LIBKECCAK_TINY) \ - $(LIBDONNA) \ - @TOR_LIB_MATH@ @TOR_ZLIB_LIBS@ @TOR_OPENSSL_LIBS@ \ - @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ - EXTRA_DIST += src/tools/tor-fw-helper/README diff --git a/src/tools/tor-checkkey.c b/src/tools/tor-checkkey.c deleted file mode 100644 index f2f709dd78..0000000000 --- a/src/tools/tor-checkkey.c +++ /dev/null @@ -1,89 +0,0 @@ -/* Copyright (c) 2008-2017, The Tor Project, Inc. */ -/* See LICENSE for licensing information */ - -#include "orconfig.h" - -#include <stdio.h> -#include <stdlib.h> -#include "crypto.h" -#include "torlog.h" -#include "util.h" -#include "compat.h" -#include "compat_openssl.h" -#include <openssl/bn.h> -#include <openssl/rsa.h> - -int -main(int c, char **v) -{ - crypto_pk_t *env; - char *str; - RSA *rsa; - int wantdigest=0; - int fname_idx; - char *fname=NULL; - init_logging(1); - - if (c < 2) { - fprintf(stderr, "Hi. I'm tor-checkkey. Tell me a filename that " - "has a PEM-encoded RSA public key (like in a cert) and I'll " - "dump the modulus. Use the --digest option too and I'll " - "dump the digest.\n"); - return 1; - } - - if (crypto_global_init(0, NULL, NULL)) { - fprintf(stderr, "Couldn't initialize crypto library.\n"); - return 1; - } - - if (!strcmp(v[1], "--digest")) { - wantdigest = 1; - fname_idx = 2; - if (c<3) { - fprintf(stderr, "too few arguments"); - return 1; - } - } else { - wantdigest = 0; - fname_idx = 1; - } - - fname = expand_filename(v[fname_idx]); - str = read_file_to_str(fname, 0, NULL); - tor_free(fname); - if (!str) { - fprintf(stderr, "Couldn't read %s\n", v[fname_idx]); - return 1; - } - - env = crypto_pk_new(); - if (crypto_pk_read_public_key_from_string(env, str, strlen(str))<0) { - fprintf(stderr, "Couldn't parse key.\n"); - return 1; - } - tor_free(str); - - if (wantdigest) { - char digest[HEX_DIGEST_LEN+1]; - if (crypto_pk_get_fingerprint(env, digest, 0)<0) - return 1; - printf("%s\n",digest); - } else { - rsa = crypto_pk_get_rsa_(env); - - const BIGNUM *rsa_n; -#ifdef OPENSSL_1_1_API - const BIGNUM *rsa_e, *rsa_d; - RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d); -#else - rsa_n = rsa->n; -#endif - str = BN_bn2hex(rsa_n); - - printf("%s\n", str); - } - - return 0; -} - diff --git a/src/trunnel/hs/cell_common.c b/src/trunnel/hs/cell_common.c index 830f2260ee..b7f19ffc60 100644 --- a/src/trunnel/hs/cell_common.c +++ b/src/trunnel/hs/cell_common.c @@ -28,10 +28,10 @@ int cellcommon_deadcode_dummy__ = 0; } \ } while (0) -cell_extension_fields_t * -cell_extension_fields_new(void) +trn_cell_extension_fields_t * +trn_cell_extension_fields_new(void) { - cell_extension_fields_t *val = trunnel_calloc(1, sizeof(cell_extension_fields_t)); + trn_cell_extension_fields_t *val = trunnel_calloc(1, sizeof(trn_cell_extension_fields_t)); if (NULL == val) return NULL; return val; @@ -40,7 +40,7 @@ cell_extension_fields_new(void) /** Release all storage held inside 'obj', but do not free 'obj'. */ static void -cell_extension_fields_clear(cell_extension_fields_t *obj) +trn_cell_extension_fields_clear(trn_cell_extension_fields_t *obj) { (void) obj; TRUNNEL_DYNARRAY_WIPE(&obj->field); @@ -48,62 +48,62 @@ cell_extension_fields_clear(cell_extension_fields_t *obj) } void -cell_extension_fields_free(cell_extension_fields_t *obj) +trn_cell_extension_fields_free(trn_cell_extension_fields_t *obj) { if (obj == NULL) return; - cell_extension_fields_clear(obj); - trunnel_memwipe(obj, sizeof(cell_extension_fields_t)); + trn_cell_extension_fields_clear(obj); + trunnel_memwipe(obj, sizeof(trn_cell_extension_fields_t)); trunnel_free_(obj); } uint8_t -cell_extension_fields_get_field_type(const cell_extension_fields_t *inp) +trn_cell_extension_fields_get_field_type(const trn_cell_extension_fields_t *inp) { return inp->field_type; } int -cell_extension_fields_set_field_type(cell_extension_fields_t *inp, uint8_t val) +trn_cell_extension_fields_set_field_type(trn_cell_extension_fields_t *inp, uint8_t val) { inp->field_type = val; return 0; } uint8_t -cell_extension_fields_get_field_len(const cell_extension_fields_t *inp) +trn_cell_extension_fields_get_field_len(const trn_cell_extension_fields_t *inp) { return inp->field_len; } int -cell_extension_fields_set_field_len(cell_extension_fields_t *inp, uint8_t val) +trn_cell_extension_fields_set_field_len(trn_cell_extension_fields_t *inp, uint8_t val) { inp->field_len = val; return 0; } size_t -cell_extension_fields_getlen_field(const cell_extension_fields_t *inp) +trn_cell_extension_fields_getlen_field(const trn_cell_extension_fields_t *inp) { return TRUNNEL_DYNARRAY_LEN(&inp->field); } uint8_t -cell_extension_fields_get_field(cell_extension_fields_t *inp, size_t idx) +trn_cell_extension_fields_get_field(trn_cell_extension_fields_t *inp, size_t idx) { return TRUNNEL_DYNARRAY_GET(&inp->field, idx); } uint8_t -cell_extension_fields_getconst_field(const cell_extension_fields_t *inp, size_t idx) +trn_cell_extension_fields_getconst_field(const trn_cell_extension_fields_t *inp, size_t idx) { - return cell_extension_fields_get_field((cell_extension_fields_t*)inp, idx); + return trn_cell_extension_fields_get_field((trn_cell_extension_fields_t*)inp, idx); } int -cell_extension_fields_set_field(cell_extension_fields_t *inp, size_t idx, uint8_t elt) +trn_cell_extension_fields_set_field(trn_cell_extension_fields_t *inp, size_t idx, uint8_t elt) { TRUNNEL_DYNARRAY_SET(&inp->field, idx, elt); return 0; } int -cell_extension_fields_add_field(cell_extension_fields_t *inp, uint8_t elt) +trn_cell_extension_fields_add_field(trn_cell_extension_fields_t *inp, uint8_t elt) { #if SIZE_MAX >= UINT8_MAX if (inp->field.n_ == UINT8_MAX) @@ -117,17 +117,17 @@ cell_extension_fields_add_field(cell_extension_fields_t *inp, uint8_t elt) } uint8_t * -cell_extension_fields_getarray_field(cell_extension_fields_t *inp) +trn_cell_extension_fields_getarray_field(trn_cell_extension_fields_t *inp) { return inp->field.elts_; } const uint8_t * -cell_extension_fields_getconstarray_field(const cell_extension_fields_t *inp) +trn_cell_extension_fields_getconstarray_field(const trn_cell_extension_fields_t *inp) { - return (const uint8_t *)cell_extension_fields_getarray_field((cell_extension_fields_t*)inp); + return (const uint8_t *)trn_cell_extension_fields_getarray_field((trn_cell_extension_fields_t*)inp); } int -cell_extension_fields_setlen_field(cell_extension_fields_t *inp, size_t newlen) +trn_cell_extension_fields_setlen_field(trn_cell_extension_fields_t *inp, size_t newlen) { uint8_t *newptr; #if UINT8_MAX < SIZE_MAX @@ -147,7 +147,7 @@ cell_extension_fields_setlen_field(cell_extension_fields_t *inp, size_t newlen) return -1; } const char * -cell_extension_fields_check(const cell_extension_fields_t *obj) +trn_cell_extension_fields_check(const trn_cell_extension_fields_t *obj) { if (obj == NULL) return "Object was NULL"; @@ -159,11 +159,11 @@ cell_extension_fields_check(const cell_extension_fields_t *obj) } ssize_t -cell_extension_fields_encoded_len(const cell_extension_fields_t *obj) +trn_cell_extension_fields_encoded_len(const trn_cell_extension_fields_t *obj) { ssize_t result = 0; - if (NULL != cell_extension_fields_check(obj)) + if (NULL != trn_cell_extension_fields_check(obj)) return -1; @@ -178,24 +178,24 @@ cell_extension_fields_encoded_len(const cell_extension_fields_t *obj) return result; } int -cell_extension_fields_clear_errors(cell_extension_fields_t *obj) +trn_cell_extension_fields_clear_errors(trn_cell_extension_fields_t *obj) { int r = obj->trunnel_error_code_; obj->trunnel_error_code_ = 0; return r; } ssize_t -cell_extension_fields_encode(uint8_t *output, const size_t avail, const cell_extension_fields_t *obj) +trn_cell_extension_fields_encode(uint8_t *output, const size_t avail, const trn_cell_extension_fields_t *obj) { ssize_t result = 0; size_t written = 0; uint8_t *ptr = output; const char *msg; #ifdef TRUNNEL_CHECK_ENCODED_LEN - const ssize_t encoded_len = cell_extension_fields_encoded_len(obj); + const ssize_t encoded_len = trn_cell_extension_fields_encoded_len(obj); #endif - if (NULL != (msg = cell_extension_fields_check(obj))) + if (NULL != (msg = trn_cell_extension_fields_check(obj))) goto check_failed; #ifdef TRUNNEL_CHECK_ENCODED_LEN @@ -252,11 +252,11 @@ cell_extension_fields_encode(uint8_t *output, const size_t avail, const cell_ext return result; } -/** As cell_extension_fields_parse(), but do not allocate the output - * object. +/** As trn_cell_extension_fields_parse(), but do not allocate the + * output object. */ static ssize_t -cell_extension_fields_parse_into(cell_extension_fields_t *obj, const uint8_t *input, const size_t len_in) +trn_cell_extension_fields_parse_into(trn_cell_extension_fields_t *obj, const uint8_t *input, const size_t len_in) { const uint8_t *ptr = input; size_t remaining = len_in; @@ -290,23 +290,23 @@ cell_extension_fields_parse_into(cell_extension_fields_t *obj, const uint8_t *in } ssize_t -cell_extension_fields_parse(cell_extension_fields_t **output, const uint8_t *input, const size_t len_in) +trn_cell_extension_fields_parse(trn_cell_extension_fields_t **output, const uint8_t *input, const size_t len_in) { ssize_t result; - *output = cell_extension_fields_new(); + *output = trn_cell_extension_fields_new(); if (NULL == *output) return -1; - result = cell_extension_fields_parse_into(*output, input, len_in); + result = trn_cell_extension_fields_parse_into(*output, input, len_in); if (result < 0) { - cell_extension_fields_free(*output); + trn_cell_extension_fields_free(*output); *output = NULL; } return result; } -cell_extension_t * -cell_extension_new(void) +trn_cell_extension_t * +trn_cell_extension_new(void) { - cell_extension_t *val = trunnel_calloc(1, sizeof(cell_extension_t)); + trn_cell_extension_t *val = trunnel_calloc(1, sizeof(trn_cell_extension_t)); if (NULL == val) return NULL; return val; @@ -315,14 +315,14 @@ cell_extension_new(void) /** Release all storage held inside 'obj', but do not free 'obj'. */ static void -cell_extension_clear(cell_extension_t *obj) +trn_cell_extension_clear(trn_cell_extension_t *obj) { (void) obj; { unsigned idx; for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->fields); ++idx) { - cell_extension_fields_free(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); + trn_cell_extension_fields_free(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); } } TRUNNEL_DYNARRAY_WIPE(&obj->fields); @@ -330,92 +330,92 @@ cell_extension_clear(cell_extension_t *obj) } void -cell_extension_free(cell_extension_t *obj) +trn_cell_extension_free(trn_cell_extension_t *obj) { if (obj == NULL) return; - cell_extension_clear(obj); - trunnel_memwipe(obj, sizeof(cell_extension_t)); + trn_cell_extension_clear(obj); + trunnel_memwipe(obj, sizeof(trn_cell_extension_t)); trunnel_free_(obj); } uint8_t -cell_extension_get_num(const cell_extension_t *inp) +trn_cell_extension_get_num(const trn_cell_extension_t *inp) { return inp->num; } int -cell_extension_set_num(cell_extension_t *inp, uint8_t val) +trn_cell_extension_set_num(trn_cell_extension_t *inp, uint8_t val) { inp->num = val; return 0; } size_t -cell_extension_getlen_fields(const cell_extension_t *inp) +trn_cell_extension_getlen_fields(const trn_cell_extension_t *inp) { return TRUNNEL_DYNARRAY_LEN(&inp->fields); } -struct cell_extension_fields_st * -cell_extension_get_fields(cell_extension_t *inp, size_t idx) +struct trn_cell_extension_fields_st * +trn_cell_extension_get_fields(trn_cell_extension_t *inp, size_t idx) { return TRUNNEL_DYNARRAY_GET(&inp->fields, idx); } - const struct cell_extension_fields_st * -cell_extension_getconst_fields(const cell_extension_t *inp, size_t idx) + const struct trn_cell_extension_fields_st * +trn_cell_extension_getconst_fields(const trn_cell_extension_t *inp, size_t idx) { - return cell_extension_get_fields((cell_extension_t*)inp, idx); + return trn_cell_extension_get_fields((trn_cell_extension_t*)inp, idx); } int -cell_extension_set_fields(cell_extension_t *inp, size_t idx, struct cell_extension_fields_st * elt) +trn_cell_extension_set_fields(trn_cell_extension_t *inp, size_t idx, struct trn_cell_extension_fields_st * elt) { - cell_extension_fields_t *oldval = TRUNNEL_DYNARRAY_GET(&inp->fields, idx); + trn_cell_extension_fields_t *oldval = TRUNNEL_DYNARRAY_GET(&inp->fields, idx); if (oldval && oldval != elt) - cell_extension_fields_free(oldval); - return cell_extension_set0_fields(inp, idx, elt); + trn_cell_extension_fields_free(oldval); + return trn_cell_extension_set0_fields(inp, idx, elt); } int -cell_extension_set0_fields(cell_extension_t *inp, size_t idx, struct cell_extension_fields_st * elt) +trn_cell_extension_set0_fields(trn_cell_extension_t *inp, size_t idx, struct trn_cell_extension_fields_st * elt) { TRUNNEL_DYNARRAY_SET(&inp->fields, idx, elt); return 0; } int -cell_extension_add_fields(cell_extension_t *inp, struct cell_extension_fields_st * elt) +trn_cell_extension_add_fields(trn_cell_extension_t *inp, struct trn_cell_extension_fields_st * elt) { #if SIZE_MAX >= UINT8_MAX if (inp->fields.n_ == UINT8_MAX) goto trunnel_alloc_failed; #endif - TRUNNEL_DYNARRAY_ADD(struct cell_extension_fields_st *, &inp->fields, elt, {}); + TRUNNEL_DYNARRAY_ADD(struct trn_cell_extension_fields_st *, &inp->fields, elt, {}); return 0; trunnel_alloc_failed: TRUNNEL_SET_ERROR_CODE(inp); return -1; } -struct cell_extension_fields_st * * -cell_extension_getarray_fields(cell_extension_t *inp) +struct trn_cell_extension_fields_st * * +trn_cell_extension_getarray_fields(trn_cell_extension_t *inp) { return inp->fields.elts_; } -const struct cell_extension_fields_st * const * -cell_extension_getconstarray_fields(const cell_extension_t *inp) +const struct trn_cell_extension_fields_st * const * +trn_cell_extension_getconstarray_fields(const trn_cell_extension_t *inp) { - return (const struct cell_extension_fields_st * const *)cell_extension_getarray_fields((cell_extension_t*)inp); + return (const struct trn_cell_extension_fields_st * const *)trn_cell_extension_getarray_fields((trn_cell_extension_t*)inp); } int -cell_extension_setlen_fields(cell_extension_t *inp, size_t newlen) +trn_cell_extension_setlen_fields(trn_cell_extension_t *inp, size_t newlen) { - struct cell_extension_fields_st * *newptr; + struct trn_cell_extension_fields_st * *newptr; #if UINT8_MAX < SIZE_MAX if (newlen > UINT8_MAX) goto trunnel_alloc_failed; #endif newptr = trunnel_dynarray_setlen(&inp->fields.allocated_, &inp->fields.n_, inp->fields.elts_, newlen, - sizeof(inp->fields.elts_[0]), (trunnel_free_fn_t) cell_extension_fields_free, + sizeof(inp->fields.elts_[0]), (trunnel_free_fn_t) trn_cell_extension_fields_free, &inp->trunnel_error_code_); if (newlen != 0 && newptr == NULL) goto trunnel_alloc_failed; @@ -426,7 +426,7 @@ cell_extension_setlen_fields(cell_extension_t *inp, size_t newlen) return -1; } const char * -cell_extension_check(const cell_extension_t *obj) +trn_cell_extension_check(const trn_cell_extension_t *obj) { if (obj == NULL) return "Object was NULL"; @@ -437,7 +437,7 @@ cell_extension_check(const cell_extension_t *obj) unsigned idx; for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->fields); ++idx) { - if (NULL != (msg = cell_extension_fields_check(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)))) + if (NULL != (msg = trn_cell_extension_fields_check(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)))) return msg; } } @@ -447,46 +447,46 @@ cell_extension_check(const cell_extension_t *obj) } ssize_t -cell_extension_encoded_len(const cell_extension_t *obj) +trn_cell_extension_encoded_len(const trn_cell_extension_t *obj) { ssize_t result = 0; - if (NULL != cell_extension_check(obj)) + if (NULL != trn_cell_extension_check(obj)) return -1; /* Length of u8 num */ result += 1; - /* Length of struct cell_extension_fields fields[num] */ + /* Length of struct trn_cell_extension_fields fields[num] */ { unsigned idx; for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->fields); ++idx) { - result += cell_extension_fields_encoded_len(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); + result += trn_cell_extension_fields_encoded_len(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); } } return result; } int -cell_extension_clear_errors(cell_extension_t *obj) +trn_cell_extension_clear_errors(trn_cell_extension_t *obj) { int r = obj->trunnel_error_code_; obj->trunnel_error_code_ = 0; return r; } ssize_t -cell_extension_encode(uint8_t *output, const size_t avail, const cell_extension_t *obj) +trn_cell_extension_encode(uint8_t *output, const size_t avail, const trn_cell_extension_t *obj) { ssize_t result = 0; size_t written = 0; uint8_t *ptr = output; const char *msg; #ifdef TRUNNEL_CHECK_ENCODED_LEN - const ssize_t encoded_len = cell_extension_encoded_len(obj); + const ssize_t encoded_len = trn_cell_extension_encoded_len(obj); #endif - if (NULL != (msg = cell_extension_check(obj))) + if (NULL != (msg = trn_cell_extension_check(obj))) goto check_failed; #ifdef TRUNNEL_CHECK_ENCODED_LEN @@ -500,13 +500,13 @@ cell_extension_encode(uint8_t *output, const size_t avail, const cell_extension_ trunnel_set_uint8(ptr, (obj->num)); written += 1; ptr += 1; - /* Encode struct cell_extension_fields fields[num] */ + /* Encode struct trn_cell_extension_fields fields[num] */ { unsigned idx; for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->fields); ++idx) { trunnel_assert(written <= avail); - result = cell_extension_fields_encode(ptr, avail - written, TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); + result = trn_cell_extension_fields_encode(ptr, avail - written, TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); if (result < 0) goto fail; /* XXXXXXX !*/ written += result; ptr += result; @@ -537,10 +537,11 @@ cell_extension_encode(uint8_t *output, const size_t avail, const cell_extension_ return result; } -/** As cell_extension_parse(), but do not allocate the output object. +/** As trn_cell_extension_parse(), but do not allocate the output + * object. */ static ssize_t -cell_extension_parse_into(cell_extension_t *obj, const uint8_t *input, const size_t len_in) +trn_cell_extension_parse_into(trn_cell_extension_t *obj, const uint8_t *input, const size_t len_in) { const uint8_t *ptr = input; size_t remaining = len_in; @@ -552,18 +553,18 @@ cell_extension_parse_into(cell_extension_t *obj, const uint8_t *input, const siz obj->num = (trunnel_get_uint8(ptr)); remaining -= 1; ptr += 1; - /* Parse struct cell_extension_fields fields[num] */ - TRUNNEL_DYNARRAY_EXPAND(cell_extension_fields_t *, &obj->fields, obj->num, {}); + /* Parse struct trn_cell_extension_fields fields[num] */ + TRUNNEL_DYNARRAY_EXPAND(trn_cell_extension_fields_t *, &obj->fields, obj->num, {}); { - cell_extension_fields_t * elt; + trn_cell_extension_fields_t * elt; unsigned idx; for (idx = 0; idx < obj->num; ++idx) { - result = cell_extension_fields_parse(&elt, ptr, remaining); + result = trn_cell_extension_fields_parse(&elt, ptr, remaining); if (result < 0) goto relay_fail; trunnel_assert((size_t)result <= remaining); remaining -= result; ptr += result; - TRUNNEL_DYNARRAY_ADD(cell_extension_fields_t *, &obj->fields, elt, {cell_extension_fields_free(elt);}); + TRUNNEL_DYNARRAY_ADD(trn_cell_extension_fields_t *, &obj->fields, elt, {trn_cell_extension_fields_free(elt);}); } } trunnel_assert(ptr + remaining == input + len_in); @@ -579,15 +580,15 @@ cell_extension_parse_into(cell_extension_t *obj, const uint8_t *input, const siz } ssize_t -cell_extension_parse(cell_extension_t **output, const uint8_t *input, const size_t len_in) +trn_cell_extension_parse(trn_cell_extension_t **output, const uint8_t *input, const size_t len_in) { ssize_t result; - *output = cell_extension_new(); + *output = trn_cell_extension_new(); if (NULL == *output) return -1; - result = cell_extension_parse_into(*output, input, len_in); + result = trn_cell_extension_parse_into(*output, input, len_in); if (result < 0) { - cell_extension_free(*output); + trn_cell_extension_free(*output); *output = NULL; } return result; diff --git a/src/trunnel/hs/cell_common.h b/src/trunnel/hs/cell_common.h index 8999f7da40..4d98a54cf4 100644 --- a/src/trunnel/hs/cell_common.h +++ b/src/trunnel/hs/cell_common.h @@ -8,191 +8,196 @@ #include <stdint.h> #include "trunnel.h" -#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_CELL_EXTENSION_FIELDS) -struct cell_extension_fields_st { +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_EXTENSION_FIELDS) +struct trn_cell_extension_fields_st { uint8_t field_type; uint8_t field_len; TRUNNEL_DYNARRAY_HEAD(, uint8_t) field; uint8_t trunnel_error_code_; }; #endif -typedef struct cell_extension_fields_st cell_extension_fields_t; -#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_CELL_EXTENSION) -struct cell_extension_st { +typedef struct trn_cell_extension_fields_st trn_cell_extension_fields_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_EXTENSION) +struct trn_cell_extension_st { uint8_t num; - TRUNNEL_DYNARRAY_HEAD(, struct cell_extension_fields_st *) fields; + TRUNNEL_DYNARRAY_HEAD(, struct trn_cell_extension_fields_st *) fields; uint8_t trunnel_error_code_; }; #endif -typedef struct cell_extension_st cell_extension_t; -/** Return a newly allocated cell_extension_fields with all elements - * set to zero. - */ -cell_extension_fields_t *cell_extension_fields_new(void); -/** Release all storage held by the cell_extension_fields in 'victim'. - * (Do nothing if 'victim' is NULL.) - */ -void cell_extension_fields_free(cell_extension_fields_t *victim); -/** Try to parse a cell_extension_fields from the buffer in 'input', - * using up to 'len_in' bytes from the input buffer. On success, - * return the number of bytes consumed and set *output to the newly - * allocated cell_extension_fields_t. On failure, return -2 if the - * input appears truncated, and -1 if the input is otherwise invalid. - */ -ssize_t cell_extension_fields_parse(cell_extension_fields_t **output, const uint8_t *input, const size_t len_in); +typedef struct trn_cell_extension_st trn_cell_extension_t; +/** Return a newly allocated trn_cell_extension_fields with all + * elements set to zero. + */ +trn_cell_extension_fields_t *trn_cell_extension_fields_new(void); +/** Release all storage held by the trn_cell_extension_fields in + * 'victim'. (Do nothing if 'victim' is NULL.) + */ +void trn_cell_extension_fields_free(trn_cell_extension_fields_t *victim); +/** Try to parse a trn_cell_extension_fields from the buffer in + * 'input', using up to 'len_in' bytes from the input buffer. On + * success, return the number of bytes consumed and set *output to the + * newly allocated trn_cell_extension_fields_t. On failure, return -2 + * if the input appears truncated, and -1 if the input is otherwise + * invalid. + */ +ssize_t trn_cell_extension_fields_parse(trn_cell_extension_fields_t **output, const uint8_t *input, const size_t len_in); /** Return the number of bytes we expect to need to encode the - * cell_extension_fields in 'obj'. On failure, return a negative + * trn_cell_extension_fields in 'obj'. On failure, return a negative * value. Note that this value may be an overestimate, and can even be * an underestimate for certain unencodeable objects. */ -ssize_t cell_extension_fields_encoded_len(const cell_extension_fields_t *obj); -/** Try to encode the cell_extension_fields from 'input' into the +ssize_t trn_cell_extension_fields_encoded_len(const trn_cell_extension_fields_t *obj); +/** Try to encode the trn_cell_extension_fields from 'input' into the * buffer at 'output', using up to 'avail' bytes of the output buffer. * On success, return the number of bytes used. On failure, return -2 * if the buffer was not long enough, and -1 if the input was invalid. */ -ssize_t cell_extension_fields_encode(uint8_t *output, size_t avail, const cell_extension_fields_t *input); -/** Check whether the internal state of the cell_extension_fields in - * 'obj' is consistent. Return NULL if it is, and a short message if - * it is not. +ssize_t trn_cell_extension_fields_encode(uint8_t *output, size_t avail, const trn_cell_extension_fields_t *input); +/** Check whether the internal state of the trn_cell_extension_fields + * in 'obj' is consistent. Return NULL if it is, and a short message + * if it is not. */ -const char *cell_extension_fields_check(const cell_extension_fields_t *obj); +const char *trn_cell_extension_fields_check(const trn_cell_extension_fields_t *obj); /** Clear any errors that were set on the object 'obj' by its setter * functions. Return true iff errors were cleared. */ -int cell_extension_fields_clear_errors(cell_extension_fields_t *obj); +int trn_cell_extension_fields_clear_errors(trn_cell_extension_fields_t *obj); /** Return the value of the field_type field of the - * cell_extension_fields_t in 'inp' + * trn_cell_extension_fields_t in 'inp' */ -uint8_t cell_extension_fields_get_field_type(const cell_extension_fields_t *inp); +uint8_t trn_cell_extension_fields_get_field_type(const trn_cell_extension_fields_t *inp); /** Set the value of the field_type field of the - * cell_extension_fields_t in 'inp' to 'val'. Return 0 on success; + * trn_cell_extension_fields_t in 'inp' to 'val'. Return 0 on success; * return -1 and set the error code on 'inp' on failure. */ -int cell_extension_fields_set_field_type(cell_extension_fields_t *inp, uint8_t val); +int trn_cell_extension_fields_set_field_type(trn_cell_extension_fields_t *inp, uint8_t val); /** Return the value of the field_len field of the - * cell_extension_fields_t in 'inp' + * trn_cell_extension_fields_t in 'inp' */ -uint8_t cell_extension_fields_get_field_len(const cell_extension_fields_t *inp); +uint8_t trn_cell_extension_fields_get_field_len(const trn_cell_extension_fields_t *inp); /** Set the value of the field_len field of the - * cell_extension_fields_t in 'inp' to 'val'. Return 0 on success; + * trn_cell_extension_fields_t in 'inp' to 'val'. Return 0 on success; * return -1 and set the error code on 'inp' on failure. */ -int cell_extension_fields_set_field_len(cell_extension_fields_t *inp, uint8_t val); +int trn_cell_extension_fields_set_field_len(trn_cell_extension_fields_t *inp, uint8_t val); /** Return the length of the dynamic array holding the field field of - * the cell_extension_fields_t in 'inp'. + * the trn_cell_extension_fields_t in 'inp'. */ -size_t cell_extension_fields_getlen_field(const cell_extension_fields_t *inp); +size_t trn_cell_extension_fields_getlen_field(const trn_cell_extension_fields_t *inp); /** Return the element at position 'idx' of the dynamic array field - * field of the cell_extension_fields_t in 'inp'. + * field of the trn_cell_extension_fields_t in 'inp'. */ -uint8_t cell_extension_fields_get_field(cell_extension_fields_t *inp, size_t idx); -/** As cell_extension_fields_get_field, but take and return a const - * pointer +uint8_t trn_cell_extension_fields_get_field(trn_cell_extension_fields_t *inp, size_t idx); +/** As trn_cell_extension_fields_get_field, but take and return a + * const pointer */ -uint8_t cell_extension_fields_getconst_field(const cell_extension_fields_t *inp, size_t idx); +uint8_t trn_cell_extension_fields_getconst_field(const trn_cell_extension_fields_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field - * field of the cell_extension_fields_t in 'inp', so that it will hold - * the value 'elt'. + * field of the trn_cell_extension_fields_t in 'inp', so that it will + * hold the value 'elt'. */ -int cell_extension_fields_set_field(cell_extension_fields_t *inp, size_t idx, uint8_t elt); +int trn_cell_extension_fields_set_field(trn_cell_extension_fields_t *inp, size_t idx, uint8_t elt); /** Append a new element 'elt' to the dynamic array field field of the - * cell_extension_fields_t in 'inp'. + * trn_cell_extension_fields_t in 'inp'. */ -int cell_extension_fields_add_field(cell_extension_fields_t *inp, uint8_t elt); +int trn_cell_extension_fields_add_field(trn_cell_extension_fields_t *inp, uint8_t elt); /** Return a pointer to the variable-length array field field of * 'inp'. */ -uint8_t * cell_extension_fields_getarray_field(cell_extension_fields_t *inp); -/** As cell_extension_fields_get_field, but take and return a const - * pointer +uint8_t * trn_cell_extension_fields_getarray_field(trn_cell_extension_fields_t *inp); +/** As trn_cell_extension_fields_get_field, but take and return a + * const pointer */ -const uint8_t * cell_extension_fields_getconstarray_field(const cell_extension_fields_t *inp); +const uint8_t * trn_cell_extension_fields_getconstarray_field(const trn_cell_extension_fields_t *inp); /** Change the length of the variable-length array field field of * 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on success; * return -1 and set the error code on 'inp' on failure. */ -int cell_extension_fields_setlen_field(cell_extension_fields_t *inp, size_t newlen); -/** Return a newly allocated cell_extension with all elements set to - * zero. +int trn_cell_extension_fields_setlen_field(trn_cell_extension_fields_t *inp, size_t newlen); +/** Return a newly allocated trn_cell_extension with all elements set + * to zero. */ -cell_extension_t *cell_extension_new(void); -/** Release all storage held by the cell_extension in 'victim'. (Do - * nothing if 'victim' is NULL.) +trn_cell_extension_t *trn_cell_extension_new(void); +/** Release all storage held by the trn_cell_extension in 'victim'. + * (Do nothing if 'victim' is NULL.) */ -void cell_extension_free(cell_extension_t *victim); -/** Try to parse a cell_extension from the buffer in 'input', using up - * to 'len_in' bytes from the input buffer. On success, return the - * number of bytes consumed and set *output to the newly allocated - * cell_extension_t. On failure, return -2 if the input appears - * truncated, and -1 if the input is otherwise invalid. +void trn_cell_extension_free(trn_cell_extension_t *victim); +/** Try to parse a trn_cell_extension from the buffer in 'input', + * using up to 'len_in' bytes from the input buffer. On success, + * return the number of bytes consumed and set *output to the newly + * allocated trn_cell_extension_t. On failure, return -2 if the input + * appears truncated, and -1 if the input is otherwise invalid. */ -ssize_t cell_extension_parse(cell_extension_t **output, const uint8_t *input, const size_t len_in); +ssize_t trn_cell_extension_parse(trn_cell_extension_t **output, const uint8_t *input, const size_t len_in); /** Return the number of bytes we expect to need to encode the - * cell_extension in 'obj'. On failure, return a negative value. Note - * that this value may be an overestimate, and can even be an + * trn_cell_extension in 'obj'. On failure, return a negative value. + * Note that this value may be an overestimate, and can even be an * underestimate for certain unencodeable objects. */ -ssize_t cell_extension_encoded_len(const cell_extension_t *obj); -/** Try to encode the cell_extension from 'input' into the buffer at - * 'output', using up to 'avail' bytes of the output buffer. On +ssize_t trn_cell_extension_encoded_len(const trn_cell_extension_t *obj); +/** Try to encode the trn_cell_extension from 'input' into the buffer + * at 'output', using up to 'avail' bytes of the output buffer. On * success, return the number of bytes used. On failure, return -2 if * the buffer was not long enough, and -1 if the input was invalid. */ -ssize_t cell_extension_encode(uint8_t *output, size_t avail, const cell_extension_t *input); -/** Check whether the internal state of the cell_extension in 'obj' is - * consistent. Return NULL if it is, and a short message if it is not. +ssize_t trn_cell_extension_encode(uint8_t *output, size_t avail, const trn_cell_extension_t *input); +/** Check whether the internal state of the trn_cell_extension in + * 'obj' is consistent. Return NULL if it is, and a short message if + * it is not. */ -const char *cell_extension_check(const cell_extension_t *obj); +const char *trn_cell_extension_check(const trn_cell_extension_t *obj); /** Clear any errors that were set on the object 'obj' by its setter * functions. Return true iff errors were cleared. */ -int cell_extension_clear_errors(cell_extension_t *obj); -/** Return the value of the num field of the cell_extension_t in 'inp' +int trn_cell_extension_clear_errors(trn_cell_extension_t *obj); +/** Return the value of the num field of the trn_cell_extension_t in + * 'inp' */ -uint8_t cell_extension_get_num(const cell_extension_t *inp); -/** Set the value of the num field of the cell_extension_t in 'inp' to - * 'val'. Return 0 on success; return -1 and set the error code on - * 'inp' on failure. +uint8_t trn_cell_extension_get_num(const trn_cell_extension_t *inp); +/** Set the value of the num field of the trn_cell_extension_t in + * 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. */ -int cell_extension_set_num(cell_extension_t *inp, uint8_t val); +int trn_cell_extension_set_num(trn_cell_extension_t *inp, uint8_t val); /** Return the length of the dynamic array holding the fields field of - * the cell_extension_t in 'inp'. + * the trn_cell_extension_t in 'inp'. */ -size_t cell_extension_getlen_fields(const cell_extension_t *inp); +size_t trn_cell_extension_getlen_fields(const trn_cell_extension_t *inp); /** Return the element at position 'idx' of the dynamic array field - * fields of the cell_extension_t in 'inp'. + * fields of the trn_cell_extension_t in 'inp'. */ -struct cell_extension_fields_st * cell_extension_get_fields(cell_extension_t *inp, size_t idx); -/** As cell_extension_get_fields, but take and return a const pointer +struct trn_cell_extension_fields_st * trn_cell_extension_get_fields(trn_cell_extension_t *inp, size_t idx); +/** As trn_cell_extension_get_fields, but take and return a const + * pointer */ - const struct cell_extension_fields_st * cell_extension_getconst_fields(const cell_extension_t *inp, size_t idx); + const struct trn_cell_extension_fields_st * trn_cell_extension_getconst_fields(const trn_cell_extension_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field - * fields of the cell_extension_t in 'inp', so that it will hold the - * value 'elt'. Free the previous value, if any. + * fields of the trn_cell_extension_t in 'inp', so that it will hold + * the value 'elt'. Free the previous value, if any. */ -int cell_extension_set_fields(cell_extension_t *inp, size_t idx, struct cell_extension_fields_st * elt); -/** As cell_extension_set_fields, but does not free the previous +int trn_cell_extension_set_fields(trn_cell_extension_t *inp, size_t idx, struct trn_cell_extension_fields_st * elt); +/** As trn_cell_extension_set_fields, but does not free the previous * value. */ -int cell_extension_set0_fields(cell_extension_t *inp, size_t idx, struct cell_extension_fields_st * elt); +int trn_cell_extension_set0_fields(trn_cell_extension_t *inp, size_t idx, struct trn_cell_extension_fields_st * elt); /** Append a new element 'elt' to the dynamic array field fields of - * the cell_extension_t in 'inp'. + * the trn_cell_extension_t in 'inp'. */ -int cell_extension_add_fields(cell_extension_t *inp, struct cell_extension_fields_st * elt); +int trn_cell_extension_add_fields(trn_cell_extension_t *inp, struct trn_cell_extension_fields_st * elt); /** Return a pointer to the variable-length array field fields of * 'inp'. */ -struct cell_extension_fields_st * * cell_extension_getarray_fields(cell_extension_t *inp); -/** As cell_extension_get_fields, but take and return a const pointer +struct trn_cell_extension_fields_st * * trn_cell_extension_getarray_fields(trn_cell_extension_t *inp); +/** As trn_cell_extension_get_fields, but take and return a const + * pointer */ -const struct cell_extension_fields_st * const * cell_extension_getconstarray_fields(const cell_extension_t *inp); +const struct trn_cell_extension_fields_st * const * trn_cell_extension_getconstarray_fields(const trn_cell_extension_t *inp); /** Change the length of the variable-length array field fields of * 'inp' to 'newlen'.Fill extra elements with NULL; free removed * elements. Return 0 on success; return -1 and set the error code on * 'inp' on failure. */ -int cell_extension_setlen_fields(cell_extension_t *inp, size_t newlen); +int trn_cell_extension_setlen_fields(trn_cell_extension_t *inp, size_t newlen); #endif diff --git a/src/trunnel/hs/cell_common.trunnel b/src/trunnel/hs/cell_common.trunnel index 1bbec5a1fe..1aa6999de7 100644 --- a/src/trunnel/hs/cell_common.trunnel +++ b/src/trunnel/hs/cell_common.trunnel @@ -1,12 +1,12 @@ /* This file contains common data structure that cells use. */ -struct cell_extension_fields { +struct trn_cell_extension_fields { u8 field_type; u8 field_len; u8 field[field_len]; }; -struct cell_extension { +struct trn_cell_extension { u8 num; - struct cell_extension_fields fields[num]; + struct trn_cell_extension_fields fields[num]; }; diff --git a/src/trunnel/hs/cell_establish_intro.c b/src/trunnel/hs/cell_establish_intro.c index 633bd7c214..22e198c369 100644 --- a/src/trunnel/hs/cell_establish_intro.c +++ b/src/trunnel/hs/cell_establish_intro.c @@ -28,18 +28,18 @@ int cellestablishintro_deadcode_dummy__ = 0; } \ } while (0) -typedef struct cell_extension_st cell_extension_t; -cell_extension_t *cell_extension_new(void); -void cell_extension_free(cell_extension_t *victim); -ssize_t cell_extension_parse(cell_extension_t **output, const uint8_t *input, const size_t len_in); -ssize_t cell_extension_encoded_len(const cell_extension_t *obj); -ssize_t cell_extension_encode(uint8_t *output, size_t avail, const cell_extension_t *input); -const char *cell_extension_check(const cell_extension_t *obj); -int cell_extension_clear_errors(cell_extension_t *obj); -hs_cell_establish_intro_t * -hs_cell_establish_intro_new(void) -{ - hs_cell_establish_intro_t *val = trunnel_calloc(1, sizeof(hs_cell_establish_intro_t)); +typedef struct trn_cell_extension_st trn_cell_extension_t; +trn_cell_extension_t *trn_cell_extension_new(void); +void trn_cell_extension_free(trn_cell_extension_t *victim); +ssize_t trn_cell_extension_parse(trn_cell_extension_t **output, const uint8_t *input, const size_t len_in); +ssize_t trn_cell_extension_encoded_len(const trn_cell_extension_t *obj); +ssize_t trn_cell_extension_encode(uint8_t *output, size_t avail, const trn_cell_extension_t *input); +const char *trn_cell_extension_check(const trn_cell_extension_t *obj); +int trn_cell_extension_clear_errors(trn_cell_extension_t *obj); +trn_cell_establish_intro_t * +trn_cell_establish_intro_new(void) +{ + trn_cell_establish_intro_t *val = trunnel_calloc(1, sizeof(trn_cell_establish_intro_t)); if (NULL == val) return NULL; return val; @@ -48,39 +48,39 @@ hs_cell_establish_intro_new(void) /** Release all storage held inside 'obj', but do not free 'obj'. */ static void -hs_cell_establish_intro_clear(hs_cell_establish_intro_t *obj) +trn_cell_establish_intro_clear(trn_cell_establish_intro_t *obj) { (void) obj; TRUNNEL_DYNARRAY_WIPE(&obj->auth_key); TRUNNEL_DYNARRAY_CLEAR(&obj->auth_key); - cell_extension_free(obj->extensions); + trn_cell_extension_free(obj->extensions); obj->extensions = NULL; TRUNNEL_DYNARRAY_WIPE(&obj->sig); TRUNNEL_DYNARRAY_CLEAR(&obj->sig); } void -hs_cell_establish_intro_free(hs_cell_establish_intro_t *obj) +trn_cell_establish_intro_free(trn_cell_establish_intro_t *obj) { if (obj == NULL) return; - hs_cell_establish_intro_clear(obj); - trunnel_memwipe(obj, sizeof(hs_cell_establish_intro_t)); + trn_cell_establish_intro_clear(obj); + trunnel_memwipe(obj, sizeof(trn_cell_establish_intro_t)); trunnel_free_(obj); } const uint8_t * -hs_cell_establish_intro_get_start_cell(const hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_get_start_cell(const trn_cell_establish_intro_t *inp) { return inp->start_cell; } uint8_t -hs_cell_establish_intro_get_auth_key_type(const hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_get_auth_key_type(const trn_cell_establish_intro_t *inp) { return inp->auth_key_type; } int -hs_cell_establish_intro_set_auth_key_type(hs_cell_establish_intro_t *inp, uint8_t val) +trn_cell_establish_intro_set_auth_key_type(trn_cell_establish_intro_t *inp, uint8_t val) { if (! ((val == 0 || val == 1 || val == 2))) { TRUNNEL_SET_ERROR_CODE(inp); @@ -90,41 +90,41 @@ hs_cell_establish_intro_set_auth_key_type(hs_cell_establish_intro_t *inp, uint8_ return 0; } uint16_t -hs_cell_establish_intro_get_auth_key_len(const hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_get_auth_key_len(const trn_cell_establish_intro_t *inp) { return inp->auth_key_len; } int -hs_cell_establish_intro_set_auth_key_len(hs_cell_establish_intro_t *inp, uint16_t val) +trn_cell_establish_intro_set_auth_key_len(trn_cell_establish_intro_t *inp, uint16_t val) { inp->auth_key_len = val; return 0; } size_t -hs_cell_establish_intro_getlen_auth_key(const hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_getlen_auth_key(const trn_cell_establish_intro_t *inp) { return TRUNNEL_DYNARRAY_LEN(&inp->auth_key); } uint8_t -hs_cell_establish_intro_get_auth_key(hs_cell_establish_intro_t *inp, size_t idx) +trn_cell_establish_intro_get_auth_key(trn_cell_establish_intro_t *inp, size_t idx) { return TRUNNEL_DYNARRAY_GET(&inp->auth_key, idx); } uint8_t -hs_cell_establish_intro_getconst_auth_key(const hs_cell_establish_intro_t *inp, size_t idx) +trn_cell_establish_intro_getconst_auth_key(const trn_cell_establish_intro_t *inp, size_t idx) { - return hs_cell_establish_intro_get_auth_key((hs_cell_establish_intro_t*)inp, idx); + return trn_cell_establish_intro_get_auth_key((trn_cell_establish_intro_t*)inp, idx); } int -hs_cell_establish_intro_set_auth_key(hs_cell_establish_intro_t *inp, size_t idx, uint8_t elt) +trn_cell_establish_intro_set_auth_key(trn_cell_establish_intro_t *inp, size_t idx, uint8_t elt) { TRUNNEL_DYNARRAY_SET(&inp->auth_key, idx, elt); return 0; } int -hs_cell_establish_intro_add_auth_key(hs_cell_establish_intro_t *inp, uint8_t elt) +trn_cell_establish_intro_add_auth_key(trn_cell_establish_intro_t *inp, uint8_t elt) { #if SIZE_MAX >= UINT16_MAX if (inp->auth_key.n_ == UINT16_MAX) @@ -138,17 +138,17 @@ hs_cell_establish_intro_add_auth_key(hs_cell_establish_intro_t *inp, uint8_t elt } uint8_t * -hs_cell_establish_intro_getarray_auth_key(hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_getarray_auth_key(trn_cell_establish_intro_t *inp) { return inp->auth_key.elts_; } const uint8_t * -hs_cell_establish_intro_getconstarray_auth_key(const hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_getconstarray_auth_key(const trn_cell_establish_intro_t *inp) { - return (const uint8_t *)hs_cell_establish_intro_getarray_auth_key((hs_cell_establish_intro_t*)inp); + return (const uint8_t *)trn_cell_establish_intro_getarray_auth_key((trn_cell_establish_intro_t*)inp); } int -hs_cell_establish_intro_setlen_auth_key(hs_cell_establish_intro_t *inp, size_t newlen) +trn_cell_establish_intro_setlen_auth_key(trn_cell_establish_intro_t *inp, size_t newlen) { uint8_t *newptr; #if UINT16_MAX < SIZE_MAX @@ -167,54 +167,54 @@ hs_cell_establish_intro_setlen_auth_key(hs_cell_establish_intro_t *inp, size_t n TRUNNEL_SET_ERROR_CODE(inp); return -1; } -struct cell_extension_st * -hs_cell_establish_intro_get_extensions(hs_cell_establish_intro_t *inp) +struct trn_cell_extension_st * +trn_cell_establish_intro_get_extensions(trn_cell_establish_intro_t *inp) { return inp->extensions; } -const struct cell_extension_st * -hs_cell_establish_intro_getconst_extensions(const hs_cell_establish_intro_t *inp) +const struct trn_cell_extension_st * +trn_cell_establish_intro_getconst_extensions(const trn_cell_establish_intro_t *inp) { - return hs_cell_establish_intro_get_extensions((hs_cell_establish_intro_t*) inp); + return trn_cell_establish_intro_get_extensions((trn_cell_establish_intro_t*) inp); } int -hs_cell_establish_intro_set_extensions(hs_cell_establish_intro_t *inp, struct cell_extension_st *val) +trn_cell_establish_intro_set_extensions(trn_cell_establish_intro_t *inp, struct trn_cell_extension_st *val) { if (inp->extensions && inp->extensions != val) - cell_extension_free(inp->extensions); - return hs_cell_establish_intro_set0_extensions(inp, val); + trn_cell_extension_free(inp->extensions); + return trn_cell_establish_intro_set0_extensions(inp, val); } int -hs_cell_establish_intro_set0_extensions(hs_cell_establish_intro_t *inp, struct cell_extension_st *val) +trn_cell_establish_intro_set0_extensions(trn_cell_establish_intro_t *inp, struct trn_cell_extension_st *val) { inp->extensions = val; return 0; } const uint8_t * -hs_cell_establish_intro_get_end_mac_fields(const hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_get_end_mac_fields(const trn_cell_establish_intro_t *inp) { return inp->end_mac_fields; } size_t -hs_cell_establish_intro_getlen_handshake_mac(const hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_getlen_handshake_mac(const trn_cell_establish_intro_t *inp) { (void)inp; return TRUNNEL_SHA3_256_LEN; } uint8_t -hs_cell_establish_intro_get_handshake_mac(hs_cell_establish_intro_t *inp, size_t idx) +trn_cell_establish_intro_get_handshake_mac(trn_cell_establish_intro_t *inp, size_t idx) { trunnel_assert(idx < TRUNNEL_SHA3_256_LEN); return inp->handshake_mac[idx]; } uint8_t -hs_cell_establish_intro_getconst_handshake_mac(const hs_cell_establish_intro_t *inp, size_t idx) +trn_cell_establish_intro_getconst_handshake_mac(const trn_cell_establish_intro_t *inp, size_t idx) { - return hs_cell_establish_intro_get_handshake_mac((hs_cell_establish_intro_t*)inp, idx); + return trn_cell_establish_intro_get_handshake_mac((trn_cell_establish_intro_t*)inp, idx); } int -hs_cell_establish_intro_set_handshake_mac(hs_cell_establish_intro_t *inp, size_t idx, uint8_t elt) +trn_cell_establish_intro_set_handshake_mac(trn_cell_establish_intro_t *inp, size_t idx, uint8_t elt) { trunnel_assert(idx < TRUNNEL_SHA3_256_LEN); inp->handshake_mac[idx] = elt; @@ -222,56 +222,56 @@ hs_cell_establish_intro_set_handshake_mac(hs_cell_establish_intro_t *inp, size_t } uint8_t * -hs_cell_establish_intro_getarray_handshake_mac(hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_getarray_handshake_mac(trn_cell_establish_intro_t *inp) { return inp->handshake_mac; } const uint8_t * -hs_cell_establish_intro_getconstarray_handshake_mac(const hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_getconstarray_handshake_mac(const trn_cell_establish_intro_t *inp) { - return (const uint8_t *)hs_cell_establish_intro_getarray_handshake_mac((hs_cell_establish_intro_t*)inp); + return (const uint8_t *)trn_cell_establish_intro_getarray_handshake_mac((trn_cell_establish_intro_t*)inp); } const uint8_t * -hs_cell_establish_intro_get_end_sig_fields(const hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_get_end_sig_fields(const trn_cell_establish_intro_t *inp) { return inp->end_sig_fields; } uint16_t -hs_cell_establish_intro_get_sig_len(const hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_get_sig_len(const trn_cell_establish_intro_t *inp) { return inp->sig_len; } int -hs_cell_establish_intro_set_sig_len(hs_cell_establish_intro_t *inp, uint16_t val) +trn_cell_establish_intro_set_sig_len(trn_cell_establish_intro_t *inp, uint16_t val) { inp->sig_len = val; return 0; } size_t -hs_cell_establish_intro_getlen_sig(const hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_getlen_sig(const trn_cell_establish_intro_t *inp) { return TRUNNEL_DYNARRAY_LEN(&inp->sig); } uint8_t -hs_cell_establish_intro_get_sig(hs_cell_establish_intro_t *inp, size_t idx) +trn_cell_establish_intro_get_sig(trn_cell_establish_intro_t *inp, size_t idx) { return TRUNNEL_DYNARRAY_GET(&inp->sig, idx); } uint8_t -hs_cell_establish_intro_getconst_sig(const hs_cell_establish_intro_t *inp, size_t idx) +trn_cell_establish_intro_getconst_sig(const trn_cell_establish_intro_t *inp, size_t idx) { - return hs_cell_establish_intro_get_sig((hs_cell_establish_intro_t*)inp, idx); + return trn_cell_establish_intro_get_sig((trn_cell_establish_intro_t*)inp, idx); } int -hs_cell_establish_intro_set_sig(hs_cell_establish_intro_t *inp, size_t idx, uint8_t elt) +trn_cell_establish_intro_set_sig(trn_cell_establish_intro_t *inp, size_t idx, uint8_t elt) { TRUNNEL_DYNARRAY_SET(&inp->sig, idx, elt); return 0; } int -hs_cell_establish_intro_add_sig(hs_cell_establish_intro_t *inp, uint8_t elt) +trn_cell_establish_intro_add_sig(trn_cell_establish_intro_t *inp, uint8_t elt) { #if SIZE_MAX >= UINT16_MAX if (inp->sig.n_ == UINT16_MAX) @@ -285,17 +285,17 @@ hs_cell_establish_intro_add_sig(hs_cell_establish_intro_t *inp, uint8_t elt) } uint8_t * -hs_cell_establish_intro_getarray_sig(hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_getarray_sig(trn_cell_establish_intro_t *inp) { return inp->sig.elts_; } const uint8_t * -hs_cell_establish_intro_getconstarray_sig(const hs_cell_establish_intro_t *inp) +trn_cell_establish_intro_getconstarray_sig(const trn_cell_establish_intro_t *inp) { - return (const uint8_t *)hs_cell_establish_intro_getarray_sig((hs_cell_establish_intro_t*)inp); + return (const uint8_t *)trn_cell_establish_intro_getarray_sig((trn_cell_establish_intro_t*)inp); } int -hs_cell_establish_intro_setlen_sig(hs_cell_establish_intro_t *inp, size_t newlen) +trn_cell_establish_intro_setlen_sig(trn_cell_establish_intro_t *inp, size_t newlen) { uint8_t *newptr; #if UINT16_MAX < SIZE_MAX @@ -315,7 +315,7 @@ hs_cell_establish_intro_setlen_sig(hs_cell_establish_intro_t *inp, size_t newlen return -1; } const char * -hs_cell_establish_intro_check(const hs_cell_establish_intro_t *obj) +trn_cell_establish_intro_check(const trn_cell_establish_intro_t *obj) { if (obj == NULL) return "Object was NULL"; @@ -327,7 +327,7 @@ hs_cell_establish_intro_check(const hs_cell_establish_intro_t *obj) return "Length mismatch for auth_key"; { const char *msg; - if (NULL != (msg = cell_extension_check(obj->extensions))) + if (NULL != (msg = trn_cell_extension_check(obj->extensions))) return msg; } if (TRUNNEL_DYNARRAY_LEN(&obj->sig) != obj->sig_len) @@ -336,11 +336,11 @@ hs_cell_establish_intro_check(const hs_cell_establish_intro_t *obj) } ssize_t -hs_cell_establish_intro_encoded_len(const hs_cell_establish_intro_t *obj) +trn_cell_establish_intro_encoded_len(const trn_cell_establish_intro_t *obj) { ssize_t result = 0; - if (NULL != hs_cell_establish_intro_check(obj)) + if (NULL != trn_cell_establish_intro_check(obj)) return -1; @@ -353,8 +353,8 @@ hs_cell_establish_intro_encoded_len(const hs_cell_establish_intro_t *obj) /* Length of u8 auth_key[auth_key_len] */ result += TRUNNEL_DYNARRAY_LEN(&obj->auth_key); - /* Length of struct cell_extension extensions */ - result += cell_extension_encoded_len(obj->extensions); + /* Length of struct trn_cell_extension extensions */ + result += trn_cell_extension_encoded_len(obj->extensions); /* Length of u8 handshake_mac[TRUNNEL_SHA3_256_LEN] */ result += TRUNNEL_SHA3_256_LEN; @@ -367,24 +367,24 @@ hs_cell_establish_intro_encoded_len(const hs_cell_establish_intro_t *obj) return result; } int -hs_cell_establish_intro_clear_errors(hs_cell_establish_intro_t *obj) +trn_cell_establish_intro_clear_errors(trn_cell_establish_intro_t *obj) { int r = obj->trunnel_error_code_; obj->trunnel_error_code_ = 0; return r; } ssize_t -hs_cell_establish_intro_encode(uint8_t *output, const size_t avail, const hs_cell_establish_intro_t *obj) +trn_cell_establish_intro_encode(uint8_t *output, const size_t avail, const trn_cell_establish_intro_t *obj) { ssize_t result = 0; size_t written = 0; uint8_t *ptr = output; const char *msg; #ifdef TRUNNEL_CHECK_ENCODED_LEN - const ssize_t encoded_len = hs_cell_establish_intro_encoded_len(obj); + const ssize_t encoded_len = trn_cell_establish_intro_encoded_len(obj); #endif - if (NULL != (msg = hs_cell_establish_intro_check(obj))) + if (NULL != (msg = trn_cell_establish_intro_check(obj))) goto check_failed; #ifdef TRUNNEL_CHECK_ENCODED_LEN @@ -417,9 +417,9 @@ hs_cell_establish_intro_encode(uint8_t *output, const size_t avail, const hs_cel written += elt_len; ptr += elt_len; } - /* Encode struct cell_extension extensions */ + /* Encode struct trn_cell_extension extensions */ trunnel_assert(written <= avail); - result = cell_extension_encode(ptr, avail - written, obj->extensions); + result = trn_cell_extension_encode(ptr, avail - written, obj->extensions); if (result < 0) goto fail; /* XXXXXXX !*/ written += result; ptr += result; @@ -474,11 +474,11 @@ hs_cell_establish_intro_encode(uint8_t *output, const size_t avail, const hs_cel return result; } -/** As hs_cell_establish_intro_parse(), but do not allocate the output - * object. +/** As trn_cell_establish_intro_parse(), but do not allocate the + * output object. */ static ssize_t -hs_cell_establish_intro_parse_into(hs_cell_establish_intro_t *obj, const uint8_t *input, const size_t len_in) +trn_cell_establish_intro_parse_into(trn_cell_establish_intro_t *obj, const uint8_t *input, const size_t len_in) { const uint8_t *ptr = input; size_t remaining = len_in; @@ -506,8 +506,8 @@ hs_cell_establish_intro_parse_into(hs_cell_establish_intro_t *obj, const uint8_t memcpy(obj->auth_key.elts_, ptr, obj->auth_key_len); ptr += obj->auth_key_len; remaining -= obj->auth_key_len; - /* Parse struct cell_extension extensions */ - result = cell_extension_parse(&obj->extensions, ptr, remaining); + /* Parse struct trn_cell_extension extensions */ + result = trn_cell_extension_parse(&obj->extensions, ptr, remaining); if (result < 0) goto relay_fail; trunnel_assert((size_t)result <= remaining); @@ -548,23 +548,23 @@ hs_cell_establish_intro_parse_into(hs_cell_establish_intro_t *obj, const uint8_t } ssize_t -hs_cell_establish_intro_parse(hs_cell_establish_intro_t **output, const uint8_t *input, const size_t len_in) +trn_cell_establish_intro_parse(trn_cell_establish_intro_t **output, const uint8_t *input, const size_t len_in) { ssize_t result; - *output = hs_cell_establish_intro_new(); + *output = trn_cell_establish_intro_new(); if (NULL == *output) return -1; - result = hs_cell_establish_intro_parse_into(*output, input, len_in); + result = trn_cell_establish_intro_parse_into(*output, input, len_in); if (result < 0) { - hs_cell_establish_intro_free(*output); + trn_cell_establish_intro_free(*output); *output = NULL; } return result; } -hs_cell_intro_established_t * -hs_cell_intro_established_new(void) +trn_cell_intro_established_t * +trn_cell_intro_established_new(void) { - hs_cell_intro_established_t *val = trunnel_calloc(1, sizeof(hs_cell_intro_established_t)); + trn_cell_intro_established_t *val = trunnel_calloc(1, sizeof(trn_cell_intro_established_t)); if (NULL == val) return NULL; return val; @@ -573,48 +573,48 @@ hs_cell_intro_established_new(void) /** Release all storage held inside 'obj', but do not free 'obj'. */ static void -hs_cell_intro_established_clear(hs_cell_intro_established_t *obj) +trn_cell_intro_established_clear(trn_cell_intro_established_t *obj) { (void) obj; - cell_extension_free(obj->extensions); + trn_cell_extension_free(obj->extensions); obj->extensions = NULL; } void -hs_cell_intro_established_free(hs_cell_intro_established_t *obj) +trn_cell_intro_established_free(trn_cell_intro_established_t *obj) { if (obj == NULL) return; - hs_cell_intro_established_clear(obj); - trunnel_memwipe(obj, sizeof(hs_cell_intro_established_t)); + trn_cell_intro_established_clear(obj); + trunnel_memwipe(obj, sizeof(trn_cell_intro_established_t)); trunnel_free_(obj); } -struct cell_extension_st * -hs_cell_intro_established_get_extensions(hs_cell_intro_established_t *inp) +struct trn_cell_extension_st * +trn_cell_intro_established_get_extensions(trn_cell_intro_established_t *inp) { return inp->extensions; } -const struct cell_extension_st * -hs_cell_intro_established_getconst_extensions(const hs_cell_intro_established_t *inp) +const struct trn_cell_extension_st * +trn_cell_intro_established_getconst_extensions(const trn_cell_intro_established_t *inp) { - return hs_cell_intro_established_get_extensions((hs_cell_intro_established_t*) inp); + return trn_cell_intro_established_get_extensions((trn_cell_intro_established_t*) inp); } int -hs_cell_intro_established_set_extensions(hs_cell_intro_established_t *inp, struct cell_extension_st *val) +trn_cell_intro_established_set_extensions(trn_cell_intro_established_t *inp, struct trn_cell_extension_st *val) { if (inp->extensions && inp->extensions != val) - cell_extension_free(inp->extensions); - return hs_cell_intro_established_set0_extensions(inp, val); + trn_cell_extension_free(inp->extensions); + return trn_cell_intro_established_set0_extensions(inp, val); } int -hs_cell_intro_established_set0_extensions(hs_cell_intro_established_t *inp, struct cell_extension_st *val) +trn_cell_intro_established_set0_extensions(trn_cell_intro_established_t *inp, struct trn_cell_extension_st *val) { inp->extensions = val; return 0; } const char * -hs_cell_intro_established_check(const hs_cell_intro_established_t *obj) +trn_cell_intro_established_check(const trn_cell_intro_established_t *obj) { if (obj == NULL) return "Object was NULL"; @@ -622,53 +622,53 @@ hs_cell_intro_established_check(const hs_cell_intro_established_t *obj) return "A set function failed on this object"; { const char *msg; - if (NULL != (msg = cell_extension_check(obj->extensions))) + if (NULL != (msg = trn_cell_extension_check(obj->extensions))) return msg; } return NULL; } ssize_t -hs_cell_intro_established_encoded_len(const hs_cell_intro_established_t *obj) +trn_cell_intro_established_encoded_len(const trn_cell_intro_established_t *obj) { ssize_t result = 0; - if (NULL != hs_cell_intro_established_check(obj)) + if (NULL != trn_cell_intro_established_check(obj)) return -1; - /* Length of struct cell_extension extensions */ - result += cell_extension_encoded_len(obj->extensions); + /* Length of struct trn_cell_extension extensions */ + result += trn_cell_extension_encoded_len(obj->extensions); return result; } int -hs_cell_intro_established_clear_errors(hs_cell_intro_established_t *obj) +trn_cell_intro_established_clear_errors(trn_cell_intro_established_t *obj) { int r = obj->trunnel_error_code_; obj->trunnel_error_code_ = 0; return r; } ssize_t -hs_cell_intro_established_encode(uint8_t *output, const size_t avail, const hs_cell_intro_established_t *obj) +trn_cell_intro_established_encode(uint8_t *output, const size_t avail, const trn_cell_intro_established_t *obj) { ssize_t result = 0; size_t written = 0; uint8_t *ptr = output; const char *msg; #ifdef TRUNNEL_CHECK_ENCODED_LEN - const ssize_t encoded_len = hs_cell_intro_established_encoded_len(obj); + const ssize_t encoded_len = trn_cell_intro_established_encoded_len(obj); #endif - if (NULL != (msg = hs_cell_intro_established_check(obj))) + if (NULL != (msg = trn_cell_intro_established_check(obj))) goto check_failed; #ifdef TRUNNEL_CHECK_ENCODED_LEN trunnel_assert(encoded_len >= 0); #endif - /* Encode struct cell_extension extensions */ + /* Encode struct trn_cell_extension extensions */ trunnel_assert(written <= avail); - result = cell_extension_encode(ptr, avail - written, obj->extensions); + result = trn_cell_extension_encode(ptr, avail - written, obj->extensions); if (result < 0) goto fail; /* XXXXXXX !*/ written += result; ptr += result; @@ -694,19 +694,19 @@ hs_cell_intro_established_encode(uint8_t *output, const size_t avail, const hs_c return result; } -/** As hs_cell_intro_established_parse(), but do not allocate the +/** As trn_cell_intro_established_parse(), but do not allocate the * output object. */ static ssize_t -hs_cell_intro_established_parse_into(hs_cell_intro_established_t *obj, const uint8_t *input, const size_t len_in) +trn_cell_intro_established_parse_into(trn_cell_intro_established_t *obj, const uint8_t *input, const size_t len_in) { const uint8_t *ptr = input; size_t remaining = len_in; ssize_t result = 0; (void)result; - /* Parse struct cell_extension extensions */ - result = cell_extension_parse(&obj->extensions, ptr, remaining); + /* Parse struct trn_cell_extension extensions */ + result = trn_cell_extension_parse(&obj->extensions, ptr, remaining); if (result < 0) goto relay_fail; trunnel_assert((size_t)result <= remaining); @@ -720,15 +720,15 @@ hs_cell_intro_established_parse_into(hs_cell_intro_established_t *obj, const uin } ssize_t -hs_cell_intro_established_parse(hs_cell_intro_established_t **output, const uint8_t *input, const size_t len_in) +trn_cell_intro_established_parse(trn_cell_intro_established_t **output, const uint8_t *input, const size_t len_in) { ssize_t result; - *output = hs_cell_intro_established_new(); + *output = trn_cell_intro_established_new(); if (NULL == *output) return -1; - result = hs_cell_intro_established_parse_into(*output, input, len_in); + result = trn_cell_intro_established_parse_into(*output, input, len_in); if (result < 0) { - hs_cell_intro_established_free(*output); + trn_cell_intro_established_free(*output); *output = NULL; } return result; diff --git a/src/trunnel/hs/cell_establish_intro.h b/src/trunnel/hs/cell_establish_intro.h index 725d47cd85..2f0d893659 100644 --- a/src/trunnel/hs/cell_establish_intro.h +++ b/src/trunnel/hs/cell_establish_intro.h @@ -8,15 +8,15 @@ #include <stdint.h> #include "trunnel.h" -struct cell_extension_st; +struct trn_cell_extension_st; #define TRUNNEL_SHA3_256_LEN 32 -#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_HS_CELL_ESTABLISH_INTRO) -struct hs_cell_establish_intro_st { +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_ESTABLISH_INTRO) +struct trn_cell_establish_intro_st { const uint8_t *start_cell; uint8_t auth_key_type; uint16_t auth_key_len; TRUNNEL_DYNARRAY_HEAD(, uint8_t) auth_key; - struct cell_extension_st *extensions; + struct trn_cell_extension_st *extensions; const uint8_t *end_mac_fields; uint8_t handshake_mac[TRUNNEL_SHA3_256_LEN]; const uint8_t *end_sig_fields; @@ -25,251 +25,252 @@ struct hs_cell_establish_intro_st { uint8_t trunnel_error_code_; }; #endif -typedef struct hs_cell_establish_intro_st hs_cell_establish_intro_t; -#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_HS_CELL_INTRO_ESTABLISHED) -struct hs_cell_intro_established_st { - struct cell_extension_st *extensions; +typedef struct trn_cell_establish_intro_st trn_cell_establish_intro_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_INTRO_ESTABLISHED) +struct trn_cell_intro_established_st { + struct trn_cell_extension_st *extensions; uint8_t trunnel_error_code_; }; #endif -typedef struct hs_cell_intro_established_st hs_cell_intro_established_t; -/** Return a newly allocated hs_cell_establish_intro with all elements - * set to zero. +typedef struct trn_cell_intro_established_st trn_cell_intro_established_t; +/** Return a newly allocated trn_cell_establish_intro with all + * elements set to zero. */ -hs_cell_establish_intro_t *hs_cell_establish_intro_new(void); -/** Release all storage held by the hs_cell_establish_intro in +trn_cell_establish_intro_t *trn_cell_establish_intro_new(void); +/** Release all storage held by the trn_cell_establish_intro in * 'victim'. (Do nothing if 'victim' is NULL.) */ -void hs_cell_establish_intro_free(hs_cell_establish_intro_t *victim); -/** Try to parse a hs_cell_establish_intro from the buffer in 'input', - * using up to 'len_in' bytes from the input buffer. On success, - * return the number of bytes consumed and set *output to the newly - * allocated hs_cell_establish_intro_t. On failure, return -2 if the - * input appears truncated, and -1 if the input is otherwise invalid. +void trn_cell_establish_intro_free(trn_cell_establish_intro_t *victim); +/** Try to parse a trn_cell_establish_intro from the buffer in + * 'input', using up to 'len_in' bytes from the input buffer. On + * success, return the number of bytes consumed and set *output to the + * newly allocated trn_cell_establish_intro_t. On failure, return -2 + * if the input appears truncated, and -1 if the input is otherwise + * invalid. */ -ssize_t hs_cell_establish_intro_parse(hs_cell_establish_intro_t **output, const uint8_t *input, const size_t len_in); +ssize_t trn_cell_establish_intro_parse(trn_cell_establish_intro_t **output, const uint8_t *input, const size_t len_in); /** Return the number of bytes we expect to need to encode the - * hs_cell_establish_intro in 'obj'. On failure, return a negative + * trn_cell_establish_intro in 'obj'. On failure, return a negative * value. Note that this value may be an overestimate, and can even be * an underestimate for certain unencodeable objects. */ -ssize_t hs_cell_establish_intro_encoded_len(const hs_cell_establish_intro_t *obj); -/** Try to encode the hs_cell_establish_intro from 'input' into the +ssize_t trn_cell_establish_intro_encoded_len(const trn_cell_establish_intro_t *obj); +/** Try to encode the trn_cell_establish_intro from 'input' into the * buffer at 'output', using up to 'avail' bytes of the output buffer. * On success, return the number of bytes used. On failure, return -2 * if the buffer was not long enough, and -1 if the input was invalid. */ -ssize_t hs_cell_establish_intro_encode(uint8_t *output, size_t avail, const hs_cell_establish_intro_t *input); -/** Check whether the internal state of the hs_cell_establish_intro in - * 'obj' is consistent. Return NULL if it is, and a short message if - * it is not. +ssize_t trn_cell_establish_intro_encode(uint8_t *output, size_t avail, const trn_cell_establish_intro_t *input); +/** Check whether the internal state of the trn_cell_establish_intro + * in 'obj' is consistent. Return NULL if it is, and a short message + * if it is not. */ -const char *hs_cell_establish_intro_check(const hs_cell_establish_intro_t *obj); +const char *trn_cell_establish_intro_check(const trn_cell_establish_intro_t *obj); /** Clear any errors that were set on the object 'obj' by its setter * functions. Return true iff errors were cleared. */ -int hs_cell_establish_intro_clear_errors(hs_cell_establish_intro_t *obj); +int trn_cell_establish_intro_clear_errors(trn_cell_establish_intro_t *obj); /** Return the position for start_cell when we parsed this object */ -const uint8_t * hs_cell_establish_intro_get_start_cell(const hs_cell_establish_intro_t *inp); +const uint8_t * trn_cell_establish_intro_get_start_cell(const trn_cell_establish_intro_t *inp); /** Return the value of the auth_key_type field of the - * hs_cell_establish_intro_t in 'inp' + * trn_cell_establish_intro_t in 'inp' */ -uint8_t hs_cell_establish_intro_get_auth_key_type(const hs_cell_establish_intro_t *inp); +uint8_t trn_cell_establish_intro_get_auth_key_type(const trn_cell_establish_intro_t *inp); /** Set the value of the auth_key_type field of the - * hs_cell_establish_intro_t in 'inp' to 'val'. Return 0 on success; + * trn_cell_establish_intro_t in 'inp' to 'val'. Return 0 on success; * return -1 and set the error code on 'inp' on failure. */ -int hs_cell_establish_intro_set_auth_key_type(hs_cell_establish_intro_t *inp, uint8_t val); +int trn_cell_establish_intro_set_auth_key_type(trn_cell_establish_intro_t *inp, uint8_t val); /** Return the value of the auth_key_len field of the - * hs_cell_establish_intro_t in 'inp' + * trn_cell_establish_intro_t in 'inp' */ -uint16_t hs_cell_establish_intro_get_auth_key_len(const hs_cell_establish_intro_t *inp); +uint16_t trn_cell_establish_intro_get_auth_key_len(const trn_cell_establish_intro_t *inp); /** Set the value of the auth_key_len field of the - * hs_cell_establish_intro_t in 'inp' to 'val'. Return 0 on success; + * trn_cell_establish_intro_t in 'inp' to 'val'. Return 0 on success; * return -1 and set the error code on 'inp' on failure. */ -int hs_cell_establish_intro_set_auth_key_len(hs_cell_establish_intro_t *inp, uint16_t val); +int trn_cell_establish_intro_set_auth_key_len(trn_cell_establish_intro_t *inp, uint16_t val); /** Return the length of the dynamic array holding the auth_key field - * of the hs_cell_establish_intro_t in 'inp'. + * of the trn_cell_establish_intro_t in 'inp'. */ -size_t hs_cell_establish_intro_getlen_auth_key(const hs_cell_establish_intro_t *inp); +size_t trn_cell_establish_intro_getlen_auth_key(const trn_cell_establish_intro_t *inp); /** Return the element at position 'idx' of the dynamic array field - * auth_key of the hs_cell_establish_intro_t in 'inp'. + * auth_key of the trn_cell_establish_intro_t in 'inp'. */ -uint8_t hs_cell_establish_intro_get_auth_key(hs_cell_establish_intro_t *inp, size_t idx); -/** As hs_cell_establish_intro_get_auth_key, but take and return a +uint8_t trn_cell_establish_intro_get_auth_key(trn_cell_establish_intro_t *inp, size_t idx); +/** As trn_cell_establish_intro_get_auth_key, but take and return a * const pointer */ -uint8_t hs_cell_establish_intro_getconst_auth_key(const hs_cell_establish_intro_t *inp, size_t idx); +uint8_t trn_cell_establish_intro_getconst_auth_key(const trn_cell_establish_intro_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field - * auth_key of the hs_cell_establish_intro_t in 'inp', so that it will - * hold the value 'elt'. + * auth_key of the trn_cell_establish_intro_t in 'inp', so that it + * will hold the value 'elt'. */ -int hs_cell_establish_intro_set_auth_key(hs_cell_establish_intro_t *inp, size_t idx, uint8_t elt); +int trn_cell_establish_intro_set_auth_key(trn_cell_establish_intro_t *inp, size_t idx, uint8_t elt); /** Append a new element 'elt' to the dynamic array field auth_key of - * the hs_cell_establish_intro_t in 'inp'. + * the trn_cell_establish_intro_t in 'inp'. */ -int hs_cell_establish_intro_add_auth_key(hs_cell_establish_intro_t *inp, uint8_t elt); +int trn_cell_establish_intro_add_auth_key(trn_cell_establish_intro_t *inp, uint8_t elt); /** Return a pointer to the variable-length array field auth_key of * 'inp'. */ -uint8_t * hs_cell_establish_intro_getarray_auth_key(hs_cell_establish_intro_t *inp); -/** As hs_cell_establish_intro_get_auth_key, but take and return a +uint8_t * trn_cell_establish_intro_getarray_auth_key(trn_cell_establish_intro_t *inp); +/** As trn_cell_establish_intro_get_auth_key, but take and return a * const pointer */ -const uint8_t * hs_cell_establish_intro_getconstarray_auth_key(const hs_cell_establish_intro_t *inp); +const uint8_t * trn_cell_establish_intro_getconstarray_auth_key(const trn_cell_establish_intro_t *inp); /** Change the length of the variable-length array field auth_key of * 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on success; * return -1 and set the error code on 'inp' on failure. */ -int hs_cell_establish_intro_setlen_auth_key(hs_cell_establish_intro_t *inp, size_t newlen); +int trn_cell_establish_intro_setlen_auth_key(trn_cell_establish_intro_t *inp, size_t newlen); /** Return the value of the extensions field of the - * hs_cell_establish_intro_t in 'inp' + * trn_cell_establish_intro_t in 'inp' */ -struct cell_extension_st * hs_cell_establish_intro_get_extensions(hs_cell_establish_intro_t *inp); -/** As hs_cell_establish_intro_get_extensions, but take and return a +struct trn_cell_extension_st * trn_cell_establish_intro_get_extensions(trn_cell_establish_intro_t *inp); +/** As trn_cell_establish_intro_get_extensions, but take and return a * const pointer */ -const struct cell_extension_st * hs_cell_establish_intro_getconst_extensions(const hs_cell_establish_intro_t *inp); +const struct trn_cell_extension_st * trn_cell_establish_intro_getconst_extensions(const trn_cell_establish_intro_t *inp); /** Set the value of the extensions field of the - * hs_cell_establish_intro_t in 'inp' to 'val'. Free the old value if + * trn_cell_establish_intro_t in 'inp' to 'val'. Free the old value if * any. Steals the referenceto 'val'.Return 0 on success; return -1 * and set the error code on 'inp' on failure. */ -int hs_cell_establish_intro_set_extensions(hs_cell_establish_intro_t *inp, struct cell_extension_st *val); -/** As hs_cell_establish_intro_set_extensions, but does not free the +int trn_cell_establish_intro_set_extensions(trn_cell_establish_intro_t *inp, struct trn_cell_extension_st *val); +/** As trn_cell_establish_intro_set_extensions, but does not free the * previous value. */ -int hs_cell_establish_intro_set0_extensions(hs_cell_establish_intro_t *inp, struct cell_extension_st *val); +int trn_cell_establish_intro_set0_extensions(trn_cell_establish_intro_t *inp, struct trn_cell_extension_st *val); /** Return the position for end_mac_fields when we parsed this object */ -const uint8_t * hs_cell_establish_intro_get_end_mac_fields(const hs_cell_establish_intro_t *inp); +const uint8_t * trn_cell_establish_intro_get_end_mac_fields(const trn_cell_establish_intro_t *inp); /** Return the (constant) length of the array holding the - * handshake_mac field of the hs_cell_establish_intro_t in 'inp'. + * handshake_mac field of the trn_cell_establish_intro_t in 'inp'. */ -size_t hs_cell_establish_intro_getlen_handshake_mac(const hs_cell_establish_intro_t *inp); +size_t trn_cell_establish_intro_getlen_handshake_mac(const trn_cell_establish_intro_t *inp); /** Return the element at position 'idx' of the fixed array field - * handshake_mac of the hs_cell_establish_intro_t in 'inp'. + * handshake_mac of the trn_cell_establish_intro_t in 'inp'. */ -uint8_t hs_cell_establish_intro_get_handshake_mac(hs_cell_establish_intro_t *inp, size_t idx); -/** As hs_cell_establish_intro_get_handshake_mac, but take and return +uint8_t trn_cell_establish_intro_get_handshake_mac(trn_cell_establish_intro_t *inp, size_t idx); +/** As trn_cell_establish_intro_get_handshake_mac, but take and return * a const pointer */ -uint8_t hs_cell_establish_intro_getconst_handshake_mac(const hs_cell_establish_intro_t *inp, size_t idx); +uint8_t trn_cell_establish_intro_getconst_handshake_mac(const trn_cell_establish_intro_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field - * handshake_mac of the hs_cell_establish_intro_t in 'inp', so that it - * will hold the value 'elt'. + * handshake_mac of the trn_cell_establish_intro_t in 'inp', so that + * it will hold the value 'elt'. */ -int hs_cell_establish_intro_set_handshake_mac(hs_cell_establish_intro_t *inp, size_t idx, uint8_t elt); +int trn_cell_establish_intro_set_handshake_mac(trn_cell_establish_intro_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the TRUNNEL_SHA3_256_LEN-element array field * handshake_mac of 'inp'. */ -uint8_t * hs_cell_establish_intro_getarray_handshake_mac(hs_cell_establish_intro_t *inp); -/** As hs_cell_establish_intro_get_handshake_mac, but take and return +uint8_t * trn_cell_establish_intro_getarray_handshake_mac(trn_cell_establish_intro_t *inp); +/** As trn_cell_establish_intro_get_handshake_mac, but take and return * a const pointer */ -const uint8_t * hs_cell_establish_intro_getconstarray_handshake_mac(const hs_cell_establish_intro_t *inp); +const uint8_t * trn_cell_establish_intro_getconstarray_handshake_mac(const trn_cell_establish_intro_t *inp); /** Return the position for end_sig_fields when we parsed this object */ -const uint8_t * hs_cell_establish_intro_get_end_sig_fields(const hs_cell_establish_intro_t *inp); +const uint8_t * trn_cell_establish_intro_get_end_sig_fields(const trn_cell_establish_intro_t *inp); /** Return the value of the sig_len field of the - * hs_cell_establish_intro_t in 'inp' + * trn_cell_establish_intro_t in 'inp' */ -uint16_t hs_cell_establish_intro_get_sig_len(const hs_cell_establish_intro_t *inp); +uint16_t trn_cell_establish_intro_get_sig_len(const trn_cell_establish_intro_t *inp); /** Set the value of the sig_len field of the - * hs_cell_establish_intro_t in 'inp' to 'val'. Return 0 on success; + * trn_cell_establish_intro_t in 'inp' to 'val'. Return 0 on success; * return -1 and set the error code on 'inp' on failure. */ -int hs_cell_establish_intro_set_sig_len(hs_cell_establish_intro_t *inp, uint16_t val); +int trn_cell_establish_intro_set_sig_len(trn_cell_establish_intro_t *inp, uint16_t val); /** Return the length of the dynamic array holding the sig field of - * the hs_cell_establish_intro_t in 'inp'. + * the trn_cell_establish_intro_t in 'inp'. */ -size_t hs_cell_establish_intro_getlen_sig(const hs_cell_establish_intro_t *inp); +size_t trn_cell_establish_intro_getlen_sig(const trn_cell_establish_intro_t *inp); /** Return the element at position 'idx' of the dynamic array field - * sig of the hs_cell_establish_intro_t in 'inp'. + * sig of the trn_cell_establish_intro_t in 'inp'. */ -uint8_t hs_cell_establish_intro_get_sig(hs_cell_establish_intro_t *inp, size_t idx); -/** As hs_cell_establish_intro_get_sig, but take and return a const +uint8_t trn_cell_establish_intro_get_sig(trn_cell_establish_intro_t *inp, size_t idx); +/** As trn_cell_establish_intro_get_sig, but take and return a const * pointer */ -uint8_t hs_cell_establish_intro_getconst_sig(const hs_cell_establish_intro_t *inp, size_t idx); +uint8_t trn_cell_establish_intro_getconst_sig(const trn_cell_establish_intro_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field - * sig of the hs_cell_establish_intro_t in 'inp', so that it will hold - * the value 'elt'. + * sig of the trn_cell_establish_intro_t in 'inp', so that it will + * hold the value 'elt'. */ -int hs_cell_establish_intro_set_sig(hs_cell_establish_intro_t *inp, size_t idx, uint8_t elt); +int trn_cell_establish_intro_set_sig(trn_cell_establish_intro_t *inp, size_t idx, uint8_t elt); /** Append a new element 'elt' to the dynamic array field sig of the - * hs_cell_establish_intro_t in 'inp'. + * trn_cell_establish_intro_t in 'inp'. */ -int hs_cell_establish_intro_add_sig(hs_cell_establish_intro_t *inp, uint8_t elt); +int trn_cell_establish_intro_add_sig(trn_cell_establish_intro_t *inp, uint8_t elt); /** Return a pointer to the variable-length array field sig of 'inp'. */ -uint8_t * hs_cell_establish_intro_getarray_sig(hs_cell_establish_intro_t *inp); -/** As hs_cell_establish_intro_get_sig, but take and return a const +uint8_t * trn_cell_establish_intro_getarray_sig(trn_cell_establish_intro_t *inp); +/** As trn_cell_establish_intro_get_sig, but take and return a const * pointer */ -const uint8_t * hs_cell_establish_intro_getconstarray_sig(const hs_cell_establish_intro_t *inp); +const uint8_t * trn_cell_establish_intro_getconstarray_sig(const trn_cell_establish_intro_t *inp); /** Change the length of the variable-length array field sig of 'inp' * to 'newlen'.Fill extra elements with 0. Return 0 on success; return * -1 and set the error code on 'inp' on failure. */ -int hs_cell_establish_intro_setlen_sig(hs_cell_establish_intro_t *inp, size_t newlen); -/** Return a newly allocated hs_cell_intro_established with all +int trn_cell_establish_intro_setlen_sig(trn_cell_establish_intro_t *inp, size_t newlen); +/** Return a newly allocated trn_cell_intro_established with all * elements set to zero. */ -hs_cell_intro_established_t *hs_cell_intro_established_new(void); -/** Release all storage held by the hs_cell_intro_established in +trn_cell_intro_established_t *trn_cell_intro_established_new(void); +/** Release all storage held by the trn_cell_intro_established in * 'victim'. (Do nothing if 'victim' is NULL.) */ -void hs_cell_intro_established_free(hs_cell_intro_established_t *victim); -/** Try to parse a hs_cell_intro_established from the buffer in +void trn_cell_intro_established_free(trn_cell_intro_established_t *victim); +/** Try to parse a trn_cell_intro_established from the buffer in * 'input', using up to 'len_in' bytes from the input buffer. On * success, return the number of bytes consumed and set *output to the - * newly allocated hs_cell_intro_established_t. On failure, return -2 + * newly allocated trn_cell_intro_established_t. On failure, return -2 * if the input appears truncated, and -1 if the input is otherwise * invalid. */ -ssize_t hs_cell_intro_established_parse(hs_cell_intro_established_t **output, const uint8_t *input, const size_t len_in); +ssize_t trn_cell_intro_established_parse(trn_cell_intro_established_t **output, const uint8_t *input, const size_t len_in); /** Return the number of bytes we expect to need to encode the - * hs_cell_intro_established in 'obj'. On failure, return a negative + * trn_cell_intro_established in 'obj'. On failure, return a negative * value. Note that this value may be an overestimate, and can even be * an underestimate for certain unencodeable objects. */ -ssize_t hs_cell_intro_established_encoded_len(const hs_cell_intro_established_t *obj); -/** Try to encode the hs_cell_intro_established from 'input' into the +ssize_t trn_cell_intro_established_encoded_len(const trn_cell_intro_established_t *obj); +/** Try to encode the trn_cell_intro_established from 'input' into the * buffer at 'output', using up to 'avail' bytes of the output buffer. * On success, return the number of bytes used. On failure, return -2 * if the buffer was not long enough, and -1 if the input was invalid. */ -ssize_t hs_cell_intro_established_encode(uint8_t *output, size_t avail, const hs_cell_intro_established_t *input); -/** Check whether the internal state of the hs_cell_intro_established +ssize_t trn_cell_intro_established_encode(uint8_t *output, size_t avail, const trn_cell_intro_established_t *input); +/** Check whether the internal state of the trn_cell_intro_established * in 'obj' is consistent. Return NULL if it is, and a short message * if it is not. */ -const char *hs_cell_intro_established_check(const hs_cell_intro_established_t *obj); +const char *trn_cell_intro_established_check(const trn_cell_intro_established_t *obj); /** Clear any errors that were set on the object 'obj' by its setter * functions. Return true iff errors were cleared. */ -int hs_cell_intro_established_clear_errors(hs_cell_intro_established_t *obj); +int trn_cell_intro_established_clear_errors(trn_cell_intro_established_t *obj); /** Return the value of the extensions field of the - * hs_cell_intro_established_t in 'inp' + * trn_cell_intro_established_t in 'inp' */ -struct cell_extension_st * hs_cell_intro_established_get_extensions(hs_cell_intro_established_t *inp); -/** As hs_cell_intro_established_get_extensions, but take and return a - * const pointer +struct trn_cell_extension_st * trn_cell_intro_established_get_extensions(trn_cell_intro_established_t *inp); +/** As trn_cell_intro_established_get_extensions, but take and return + * a const pointer */ -const struct cell_extension_st * hs_cell_intro_established_getconst_extensions(const hs_cell_intro_established_t *inp); +const struct trn_cell_extension_st * trn_cell_intro_established_getconst_extensions(const trn_cell_intro_established_t *inp); /** Set the value of the extensions field of the - * hs_cell_intro_established_t in 'inp' to 'val'. Free the old value + * trn_cell_intro_established_t in 'inp' to 'val'. Free the old value * if any. Steals the referenceto 'val'.Return 0 on success; return -1 * and set the error code on 'inp' on failure. */ -int hs_cell_intro_established_set_extensions(hs_cell_intro_established_t *inp, struct cell_extension_st *val); -/** As hs_cell_intro_established_set_extensions, but does not free the - * previous value. +int trn_cell_intro_established_set_extensions(trn_cell_intro_established_t *inp, struct trn_cell_extension_st *val); +/** As trn_cell_intro_established_set_extensions, but does not free + * the previous value. */ -int hs_cell_intro_established_set0_extensions(hs_cell_intro_established_t *inp, struct cell_extension_st *val); +int trn_cell_intro_established_set0_extensions(trn_cell_intro_established_t *inp, struct trn_cell_extension_st *val); #endif diff --git a/src/trunnel/hs/cell_establish_intro.trunnel b/src/trunnel/hs/cell_establish_intro.trunnel index 33a133bf67..011ee62a15 100644 --- a/src/trunnel/hs/cell_establish_intro.trunnel +++ b/src/trunnel/hs/cell_establish_intro.trunnel @@ -4,12 +4,12 @@ * specified in proposal 224 section 3.1. */ -extern struct cell_extension; +extern struct trn_cell_extension; const TRUNNEL_SHA3_256_LEN = 32; /* ESTABLISH_INTRO payload. See details in section 3.1.1 */ -struct hs_cell_establish_intro { +struct trn_cell_establish_intro { /* Indicate the start of the handshake authentication data. */ @ptr start_cell; @@ -19,7 +19,7 @@ struct hs_cell_establish_intro { u8 auth_key[auth_key_len]; /* Extension(s). Reserved fields. */ - struct cell_extension extensions; + struct trn_cell_extension extensions; @ptr end_mac_fields; /* Handshake MAC. */ @@ -35,7 +35,7 @@ struct hs_cell_establish_intro { /* INTRO_ESTABLISHED payload which is an acknowledge of the ESTABLISH_INTRO * cell. For legacy node, this payload is empty so the following only applies * to version >= 3. */ -struct hs_cell_intro_established { +struct trn_cell_intro_established { /* Extension(s). Reserved fields. */ - struct cell_extension extensions; + struct trn_cell_extension extensions; }; diff --git a/src/trunnel/hs/cell_introduce1.c b/src/trunnel/hs/cell_introduce1.c index 5922a086dc..7501f6f196 100644 --- a/src/trunnel/hs/cell_introduce1.c +++ b/src/trunnel/hs/cell_introduce1.c @@ -28,14 +28,14 @@ int cellintroduce_deadcode_dummy__ = 0; } \ } while (0) -typedef struct cell_extension_st cell_extension_t; -cell_extension_t *cell_extension_new(void); -void cell_extension_free(cell_extension_t *victim); -ssize_t cell_extension_parse(cell_extension_t **output, const uint8_t *input, const size_t len_in); -ssize_t cell_extension_encoded_len(const cell_extension_t *obj); -ssize_t cell_extension_encode(uint8_t *output, size_t avail, const cell_extension_t *input); -const char *cell_extension_check(const cell_extension_t *obj); -int cell_extension_clear_errors(cell_extension_t *obj); +typedef struct trn_cell_extension_st trn_cell_extension_t; +trn_cell_extension_t *trn_cell_extension_new(void); +void trn_cell_extension_free(trn_cell_extension_t *victim); +ssize_t trn_cell_extension_parse(trn_cell_extension_t **output, const uint8_t *input, const size_t len_in); +ssize_t trn_cell_extension_encoded_len(const trn_cell_extension_t *obj); +ssize_t trn_cell_extension_encode(uint8_t *output, size_t avail, const trn_cell_extension_t *input); +const char *trn_cell_extension_check(const trn_cell_extension_t *obj); +int trn_cell_extension_clear_errors(trn_cell_extension_t *obj); typedef struct link_specifier_st link_specifier_t; link_specifier_t *link_specifier_new(void); void link_specifier_free(link_specifier_t *victim); @@ -44,10 +44,10 @@ ssize_t link_specifier_encoded_len(const link_specifier_t *obj); ssize_t link_specifier_encode(uint8_t *output, size_t avail, const link_specifier_t *input); const char *link_specifier_check(const link_specifier_t *obj); int link_specifier_clear_errors(link_specifier_t *obj); -hs_cell_introduce1_t * -hs_cell_introduce1_new(void) +trn_cell_introduce1_t * +trn_cell_introduce1_new(void) { - hs_cell_introduce1_t *val = trunnel_calloc(1, sizeof(hs_cell_introduce1_t)); + trn_cell_introduce1_t *val = trunnel_calloc(1, sizeof(trn_cell_introduce1_t)); if (NULL == val) return NULL; return val; @@ -56,47 +56,47 @@ hs_cell_introduce1_new(void) /** Release all storage held inside 'obj', but do not free 'obj'. */ static void -hs_cell_introduce1_clear(hs_cell_introduce1_t *obj) +trn_cell_introduce1_clear(trn_cell_introduce1_t *obj) { (void) obj; TRUNNEL_DYNARRAY_WIPE(&obj->auth_key); TRUNNEL_DYNARRAY_CLEAR(&obj->auth_key); - cell_extension_free(obj->extensions); + trn_cell_extension_free(obj->extensions); obj->extensions = NULL; TRUNNEL_DYNARRAY_WIPE(&obj->encrypted); TRUNNEL_DYNARRAY_CLEAR(&obj->encrypted); } void -hs_cell_introduce1_free(hs_cell_introduce1_t *obj) +trn_cell_introduce1_free(trn_cell_introduce1_t *obj) { if (obj == NULL) return; - hs_cell_introduce1_clear(obj); - trunnel_memwipe(obj, sizeof(hs_cell_introduce1_t)); + trn_cell_introduce1_clear(obj); + trunnel_memwipe(obj, sizeof(trn_cell_introduce1_t)); trunnel_free_(obj); } size_t -hs_cell_introduce1_getlen_legacy_key_id(const hs_cell_introduce1_t *inp) +trn_cell_introduce1_getlen_legacy_key_id(const trn_cell_introduce1_t *inp) { (void)inp; return TRUNNEL_SHA1_LEN; } uint8_t -hs_cell_introduce1_get_legacy_key_id(hs_cell_introduce1_t *inp, size_t idx) +trn_cell_introduce1_get_legacy_key_id(trn_cell_introduce1_t *inp, size_t idx) { trunnel_assert(idx < TRUNNEL_SHA1_LEN); return inp->legacy_key_id[idx]; } uint8_t -hs_cell_introduce1_getconst_legacy_key_id(const hs_cell_introduce1_t *inp, size_t idx) +trn_cell_introduce1_getconst_legacy_key_id(const trn_cell_introduce1_t *inp, size_t idx) { - return hs_cell_introduce1_get_legacy_key_id((hs_cell_introduce1_t*)inp, idx); + return trn_cell_introduce1_get_legacy_key_id((trn_cell_introduce1_t*)inp, idx); } int -hs_cell_introduce1_set_legacy_key_id(hs_cell_introduce1_t *inp, size_t idx, uint8_t elt) +trn_cell_introduce1_set_legacy_key_id(trn_cell_introduce1_t *inp, size_t idx, uint8_t elt) { trunnel_assert(idx < TRUNNEL_SHA1_LEN); inp->legacy_key_id[idx] = elt; @@ -104,22 +104,22 @@ hs_cell_introduce1_set_legacy_key_id(hs_cell_introduce1_t *inp, size_t idx, uint } uint8_t * -hs_cell_introduce1_getarray_legacy_key_id(hs_cell_introduce1_t *inp) +trn_cell_introduce1_getarray_legacy_key_id(trn_cell_introduce1_t *inp) { return inp->legacy_key_id; } const uint8_t * -hs_cell_introduce1_getconstarray_legacy_key_id(const hs_cell_introduce1_t *inp) +trn_cell_introduce1_getconstarray_legacy_key_id(const trn_cell_introduce1_t *inp) { - return (const uint8_t *)hs_cell_introduce1_getarray_legacy_key_id((hs_cell_introduce1_t*)inp); + return (const uint8_t *)trn_cell_introduce1_getarray_legacy_key_id((trn_cell_introduce1_t*)inp); } uint8_t -hs_cell_introduce1_get_auth_key_type(const hs_cell_introduce1_t *inp) +trn_cell_introduce1_get_auth_key_type(const trn_cell_introduce1_t *inp) { return inp->auth_key_type; } int -hs_cell_introduce1_set_auth_key_type(hs_cell_introduce1_t *inp, uint8_t val) +trn_cell_introduce1_set_auth_key_type(trn_cell_introduce1_t *inp, uint8_t val) { if (! ((val == 0 || val == 1 || val == 2))) { TRUNNEL_SET_ERROR_CODE(inp); @@ -129,41 +129,41 @@ hs_cell_introduce1_set_auth_key_type(hs_cell_introduce1_t *inp, uint8_t val) return 0; } uint16_t -hs_cell_introduce1_get_auth_key_len(const hs_cell_introduce1_t *inp) +trn_cell_introduce1_get_auth_key_len(const trn_cell_introduce1_t *inp) { return inp->auth_key_len; } int -hs_cell_introduce1_set_auth_key_len(hs_cell_introduce1_t *inp, uint16_t val) +trn_cell_introduce1_set_auth_key_len(trn_cell_introduce1_t *inp, uint16_t val) { inp->auth_key_len = val; return 0; } size_t -hs_cell_introduce1_getlen_auth_key(const hs_cell_introduce1_t *inp) +trn_cell_introduce1_getlen_auth_key(const trn_cell_introduce1_t *inp) { return TRUNNEL_DYNARRAY_LEN(&inp->auth_key); } uint8_t -hs_cell_introduce1_get_auth_key(hs_cell_introduce1_t *inp, size_t idx) +trn_cell_introduce1_get_auth_key(trn_cell_introduce1_t *inp, size_t idx) { return TRUNNEL_DYNARRAY_GET(&inp->auth_key, idx); } uint8_t -hs_cell_introduce1_getconst_auth_key(const hs_cell_introduce1_t *inp, size_t idx) +trn_cell_introduce1_getconst_auth_key(const trn_cell_introduce1_t *inp, size_t idx) { - return hs_cell_introduce1_get_auth_key((hs_cell_introduce1_t*)inp, idx); + return trn_cell_introduce1_get_auth_key((trn_cell_introduce1_t*)inp, idx); } int -hs_cell_introduce1_set_auth_key(hs_cell_introduce1_t *inp, size_t idx, uint8_t elt) +trn_cell_introduce1_set_auth_key(trn_cell_introduce1_t *inp, size_t idx, uint8_t elt) { TRUNNEL_DYNARRAY_SET(&inp->auth_key, idx, elt); return 0; } int -hs_cell_introduce1_add_auth_key(hs_cell_introduce1_t *inp, uint8_t elt) +trn_cell_introduce1_add_auth_key(trn_cell_introduce1_t *inp, uint8_t elt) { #if SIZE_MAX >= UINT16_MAX if (inp->auth_key.n_ == UINT16_MAX) @@ -177,17 +177,17 @@ hs_cell_introduce1_add_auth_key(hs_cell_introduce1_t *inp, uint8_t elt) } uint8_t * -hs_cell_introduce1_getarray_auth_key(hs_cell_introduce1_t *inp) +trn_cell_introduce1_getarray_auth_key(trn_cell_introduce1_t *inp) { return inp->auth_key.elts_; } const uint8_t * -hs_cell_introduce1_getconstarray_auth_key(const hs_cell_introduce1_t *inp) +trn_cell_introduce1_getconstarray_auth_key(const trn_cell_introduce1_t *inp) { - return (const uint8_t *)hs_cell_introduce1_getarray_auth_key((hs_cell_introduce1_t*)inp); + return (const uint8_t *)trn_cell_introduce1_getarray_auth_key((trn_cell_introduce1_t*)inp); } int -hs_cell_introduce1_setlen_auth_key(hs_cell_introduce1_t *inp, size_t newlen) +trn_cell_introduce1_setlen_auth_key(trn_cell_introduce1_t *inp, size_t newlen) { uint8_t *newptr; #if UINT16_MAX < SIZE_MAX @@ -206,54 +206,54 @@ hs_cell_introduce1_setlen_auth_key(hs_cell_introduce1_t *inp, size_t newlen) TRUNNEL_SET_ERROR_CODE(inp); return -1; } -struct cell_extension_st * -hs_cell_introduce1_get_extensions(hs_cell_introduce1_t *inp) +struct trn_cell_extension_st * +trn_cell_introduce1_get_extensions(trn_cell_introduce1_t *inp) { return inp->extensions; } -const struct cell_extension_st * -hs_cell_introduce1_getconst_extensions(const hs_cell_introduce1_t *inp) +const struct trn_cell_extension_st * +trn_cell_introduce1_getconst_extensions(const trn_cell_introduce1_t *inp) { - return hs_cell_introduce1_get_extensions((hs_cell_introduce1_t*) inp); + return trn_cell_introduce1_get_extensions((trn_cell_introduce1_t*) inp); } int -hs_cell_introduce1_set_extensions(hs_cell_introduce1_t *inp, struct cell_extension_st *val) +trn_cell_introduce1_set_extensions(trn_cell_introduce1_t *inp, struct trn_cell_extension_st *val) { if (inp->extensions && inp->extensions != val) - cell_extension_free(inp->extensions); - return hs_cell_introduce1_set0_extensions(inp, val); + trn_cell_extension_free(inp->extensions); + return trn_cell_introduce1_set0_extensions(inp, val); } int -hs_cell_introduce1_set0_extensions(hs_cell_introduce1_t *inp, struct cell_extension_st *val) +trn_cell_introduce1_set0_extensions(trn_cell_introduce1_t *inp, struct trn_cell_extension_st *val) { inp->extensions = val; return 0; } size_t -hs_cell_introduce1_getlen_encrypted(const hs_cell_introduce1_t *inp) +trn_cell_introduce1_getlen_encrypted(const trn_cell_introduce1_t *inp) { return TRUNNEL_DYNARRAY_LEN(&inp->encrypted); } uint8_t -hs_cell_introduce1_get_encrypted(hs_cell_introduce1_t *inp, size_t idx) +trn_cell_introduce1_get_encrypted(trn_cell_introduce1_t *inp, size_t idx) { return TRUNNEL_DYNARRAY_GET(&inp->encrypted, idx); } uint8_t -hs_cell_introduce1_getconst_encrypted(const hs_cell_introduce1_t *inp, size_t idx) +trn_cell_introduce1_getconst_encrypted(const trn_cell_introduce1_t *inp, size_t idx) { - return hs_cell_introduce1_get_encrypted((hs_cell_introduce1_t*)inp, idx); + return trn_cell_introduce1_get_encrypted((trn_cell_introduce1_t*)inp, idx); } int -hs_cell_introduce1_set_encrypted(hs_cell_introduce1_t *inp, size_t idx, uint8_t elt) +trn_cell_introduce1_set_encrypted(trn_cell_introduce1_t *inp, size_t idx, uint8_t elt) { TRUNNEL_DYNARRAY_SET(&inp->encrypted, idx, elt); return 0; } int -hs_cell_introduce1_add_encrypted(hs_cell_introduce1_t *inp, uint8_t elt) +trn_cell_introduce1_add_encrypted(trn_cell_introduce1_t *inp, uint8_t elt) { TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->encrypted, elt, {}); return 0; @@ -263,17 +263,17 @@ hs_cell_introduce1_add_encrypted(hs_cell_introduce1_t *inp, uint8_t elt) } uint8_t * -hs_cell_introduce1_getarray_encrypted(hs_cell_introduce1_t *inp) +trn_cell_introduce1_getarray_encrypted(trn_cell_introduce1_t *inp) { return inp->encrypted.elts_; } const uint8_t * -hs_cell_introduce1_getconstarray_encrypted(const hs_cell_introduce1_t *inp) +trn_cell_introduce1_getconstarray_encrypted(const trn_cell_introduce1_t *inp) { - return (const uint8_t *)hs_cell_introduce1_getarray_encrypted((hs_cell_introduce1_t*)inp); + return (const uint8_t *)trn_cell_introduce1_getarray_encrypted((trn_cell_introduce1_t*)inp); } int -hs_cell_introduce1_setlen_encrypted(hs_cell_introduce1_t *inp, size_t newlen) +trn_cell_introduce1_setlen_encrypted(trn_cell_introduce1_t *inp, size_t newlen) { uint8_t *newptr; newptr = trunnel_dynarray_setlen(&inp->encrypted.allocated_, @@ -289,7 +289,7 @@ hs_cell_introduce1_setlen_encrypted(hs_cell_introduce1_t *inp, size_t newlen) return -1; } const char * -hs_cell_introduce1_check(const hs_cell_introduce1_t *obj) +trn_cell_introduce1_check(const trn_cell_introduce1_t *obj) { if (obj == NULL) return "Object was NULL"; @@ -301,18 +301,18 @@ hs_cell_introduce1_check(const hs_cell_introduce1_t *obj) return "Length mismatch for auth_key"; { const char *msg; - if (NULL != (msg = cell_extension_check(obj->extensions))) + if (NULL != (msg = trn_cell_extension_check(obj->extensions))) return msg; } return NULL; } ssize_t -hs_cell_introduce1_encoded_len(const hs_cell_introduce1_t *obj) +trn_cell_introduce1_encoded_len(const trn_cell_introduce1_t *obj) { ssize_t result = 0; - if (NULL != hs_cell_introduce1_check(obj)) + if (NULL != trn_cell_introduce1_check(obj)) return -1; @@ -328,32 +328,32 @@ hs_cell_introduce1_encoded_len(const hs_cell_introduce1_t *obj) /* Length of u8 auth_key[auth_key_len] */ result += TRUNNEL_DYNARRAY_LEN(&obj->auth_key); - /* Length of struct cell_extension extensions */ - result += cell_extension_encoded_len(obj->extensions); + /* Length of struct trn_cell_extension extensions */ + result += trn_cell_extension_encoded_len(obj->extensions); /* Length of u8 encrypted[] */ result += TRUNNEL_DYNARRAY_LEN(&obj->encrypted); return result; } int -hs_cell_introduce1_clear_errors(hs_cell_introduce1_t *obj) +trn_cell_introduce1_clear_errors(trn_cell_introduce1_t *obj) { int r = obj->trunnel_error_code_; obj->trunnel_error_code_ = 0; return r; } ssize_t -hs_cell_introduce1_encode(uint8_t *output, const size_t avail, const hs_cell_introduce1_t *obj) +trn_cell_introduce1_encode(uint8_t *output, const size_t avail, const trn_cell_introduce1_t *obj) { ssize_t result = 0; size_t written = 0; uint8_t *ptr = output; const char *msg; #ifdef TRUNNEL_CHECK_ENCODED_LEN - const ssize_t encoded_len = hs_cell_introduce1_encoded_len(obj); + const ssize_t encoded_len = trn_cell_introduce1_encoded_len(obj); #endif - if (NULL != (msg = hs_cell_introduce1_check(obj))) + if (NULL != (msg = trn_cell_introduce1_check(obj))) goto check_failed; #ifdef TRUNNEL_CHECK_ENCODED_LEN @@ -393,9 +393,9 @@ hs_cell_introduce1_encode(uint8_t *output, const size_t avail, const hs_cell_int written += elt_len; ptr += elt_len; } - /* Encode struct cell_extension extensions */ + /* Encode struct trn_cell_extension extensions */ trunnel_assert(written <= avail); - result = cell_extension_encode(ptr, avail - written, obj->extensions); + result = trn_cell_extension_encode(ptr, avail - written, obj->extensions); if (result < 0) goto fail; /* XXXXXXX !*/ written += result; ptr += result; @@ -435,11 +435,11 @@ hs_cell_introduce1_encode(uint8_t *output, const size_t avail, const hs_cell_int return result; } -/** As hs_cell_introduce1_parse(), but do not allocate the output +/** As trn_cell_introduce1_parse(), but do not allocate the output * object. */ static ssize_t -hs_cell_introduce1_parse_into(hs_cell_introduce1_t *obj, const uint8_t *input, const size_t len_in) +trn_cell_introduce1_parse_into(trn_cell_introduce1_t *obj, const uint8_t *input, const size_t len_in) { const uint8_t *ptr = input; size_t remaining = len_in; @@ -471,8 +471,8 @@ hs_cell_introduce1_parse_into(hs_cell_introduce1_t *obj, const uint8_t *input, c memcpy(obj->auth_key.elts_, ptr, obj->auth_key_len); ptr += obj->auth_key_len; remaining -= obj->auth_key_len; - /* Parse struct cell_extension extensions */ - result = cell_extension_parse(&obj->extensions, ptr, remaining); + /* Parse struct trn_cell_extension extensions */ + result = trn_cell_extension_parse(&obj->extensions, ptr, remaining); if (result < 0) goto relay_fail; trunnel_assert((size_t)result <= remaining); @@ -500,23 +500,23 @@ hs_cell_introduce1_parse_into(hs_cell_introduce1_t *obj, const uint8_t *input, c } ssize_t -hs_cell_introduce1_parse(hs_cell_introduce1_t **output, const uint8_t *input, const size_t len_in) +trn_cell_introduce1_parse(trn_cell_introduce1_t **output, const uint8_t *input, const size_t len_in) { ssize_t result; - *output = hs_cell_introduce1_new(); + *output = trn_cell_introduce1_new(); if (NULL == *output) return -1; - result = hs_cell_introduce1_parse_into(*output, input, len_in); + result = trn_cell_introduce1_parse_into(*output, input, len_in); if (result < 0) { - hs_cell_introduce1_free(*output); + trn_cell_introduce1_free(*output); *output = NULL; } return result; } -hs_cell_introduce_ack_t * -hs_cell_introduce_ack_new(void) +trn_cell_introduce_ack_t * +trn_cell_introduce_ack_new(void) { - hs_cell_introduce_ack_t *val = trunnel_calloc(1, sizeof(hs_cell_introduce_ack_t)); + trn_cell_introduce_ack_t *val = trunnel_calloc(1, sizeof(trn_cell_introduce_ack_t)); if (NULL == val) return NULL; return val; @@ -525,30 +525,30 @@ hs_cell_introduce_ack_new(void) /** Release all storage held inside 'obj', but do not free 'obj'. */ static void -hs_cell_introduce_ack_clear(hs_cell_introduce_ack_t *obj) +trn_cell_introduce_ack_clear(trn_cell_introduce_ack_t *obj) { (void) obj; - cell_extension_free(obj->extensions); + trn_cell_extension_free(obj->extensions); obj->extensions = NULL; } void -hs_cell_introduce_ack_free(hs_cell_introduce_ack_t *obj) +trn_cell_introduce_ack_free(trn_cell_introduce_ack_t *obj) { if (obj == NULL) return; - hs_cell_introduce_ack_clear(obj); - trunnel_memwipe(obj, sizeof(hs_cell_introduce_ack_t)); + trn_cell_introduce_ack_clear(obj); + trunnel_memwipe(obj, sizeof(trn_cell_introduce_ack_t)); trunnel_free_(obj); } uint16_t -hs_cell_introduce_ack_get_status(const hs_cell_introduce_ack_t *inp) +trn_cell_introduce_ack_get_status(const trn_cell_introduce_ack_t *inp) { return inp->status; } int -hs_cell_introduce_ack_set_status(hs_cell_introduce_ack_t *inp, uint16_t val) +trn_cell_introduce_ack_set_status(trn_cell_introduce_ack_t *inp, uint16_t val) { if (! ((val == 0 || val == 1 || val == 2))) { TRUNNEL_SET_ERROR_CODE(inp); @@ -557,31 +557,31 @@ hs_cell_introduce_ack_set_status(hs_cell_introduce_ack_t *inp, uint16_t val) inp->status = val; return 0; } -struct cell_extension_st * -hs_cell_introduce_ack_get_extensions(hs_cell_introduce_ack_t *inp) +struct trn_cell_extension_st * +trn_cell_introduce_ack_get_extensions(trn_cell_introduce_ack_t *inp) { return inp->extensions; } -const struct cell_extension_st * -hs_cell_introduce_ack_getconst_extensions(const hs_cell_introduce_ack_t *inp) +const struct trn_cell_extension_st * +trn_cell_introduce_ack_getconst_extensions(const trn_cell_introduce_ack_t *inp) { - return hs_cell_introduce_ack_get_extensions((hs_cell_introduce_ack_t*) inp); + return trn_cell_introduce_ack_get_extensions((trn_cell_introduce_ack_t*) inp); } int -hs_cell_introduce_ack_set_extensions(hs_cell_introduce_ack_t *inp, struct cell_extension_st *val) +trn_cell_introduce_ack_set_extensions(trn_cell_introduce_ack_t *inp, struct trn_cell_extension_st *val) { if (inp->extensions && inp->extensions != val) - cell_extension_free(inp->extensions); - return hs_cell_introduce_ack_set0_extensions(inp, val); + trn_cell_extension_free(inp->extensions); + return trn_cell_introduce_ack_set0_extensions(inp, val); } int -hs_cell_introduce_ack_set0_extensions(hs_cell_introduce_ack_t *inp, struct cell_extension_st *val) +trn_cell_introduce_ack_set0_extensions(trn_cell_introduce_ack_t *inp, struct trn_cell_extension_st *val) { inp->extensions = val; return 0; } const char * -hs_cell_introduce_ack_check(const hs_cell_introduce_ack_t *obj) +trn_cell_introduce_ack_check(const trn_cell_introduce_ack_t *obj) { if (obj == NULL) return "Object was NULL"; @@ -591,47 +591,47 @@ hs_cell_introduce_ack_check(const hs_cell_introduce_ack_t *obj) return "Integer out of bounds"; { const char *msg; - if (NULL != (msg = cell_extension_check(obj->extensions))) + if (NULL != (msg = trn_cell_extension_check(obj->extensions))) return msg; } return NULL; } ssize_t -hs_cell_introduce_ack_encoded_len(const hs_cell_introduce_ack_t *obj) +trn_cell_introduce_ack_encoded_len(const trn_cell_introduce_ack_t *obj) { ssize_t result = 0; - if (NULL != hs_cell_introduce_ack_check(obj)) + if (NULL != trn_cell_introduce_ack_check(obj)) return -1; /* Length of u16 status IN [0, 1, 2] */ result += 2; - /* Length of struct cell_extension extensions */ - result += cell_extension_encoded_len(obj->extensions); + /* Length of struct trn_cell_extension extensions */ + result += trn_cell_extension_encoded_len(obj->extensions); return result; } int -hs_cell_introduce_ack_clear_errors(hs_cell_introduce_ack_t *obj) +trn_cell_introduce_ack_clear_errors(trn_cell_introduce_ack_t *obj) { int r = obj->trunnel_error_code_; obj->trunnel_error_code_ = 0; return r; } ssize_t -hs_cell_introduce_ack_encode(uint8_t *output, const size_t avail, const hs_cell_introduce_ack_t *obj) +trn_cell_introduce_ack_encode(uint8_t *output, const size_t avail, const trn_cell_introduce_ack_t *obj) { ssize_t result = 0; size_t written = 0; uint8_t *ptr = output; const char *msg; #ifdef TRUNNEL_CHECK_ENCODED_LEN - const ssize_t encoded_len = hs_cell_introduce_ack_encoded_len(obj); + const ssize_t encoded_len = trn_cell_introduce_ack_encoded_len(obj); #endif - if (NULL != (msg = hs_cell_introduce_ack_check(obj))) + if (NULL != (msg = trn_cell_introduce_ack_check(obj))) goto check_failed; #ifdef TRUNNEL_CHECK_ENCODED_LEN @@ -645,9 +645,9 @@ hs_cell_introduce_ack_encode(uint8_t *output, const size_t avail, const hs_cell_ trunnel_set_uint16(ptr, trunnel_htons(obj->status)); written += 2; ptr += 2; - /* Encode struct cell_extension extensions */ + /* Encode struct trn_cell_extension extensions */ trunnel_assert(written <= avail); - result = cell_extension_encode(ptr, avail - written, obj->extensions); + result = trn_cell_extension_encode(ptr, avail - written, obj->extensions); if (result < 0) goto fail; /* XXXXXXX !*/ written += result; ptr += result; @@ -676,11 +676,11 @@ hs_cell_introduce_ack_encode(uint8_t *output, const size_t avail, const hs_cell_ return result; } -/** As hs_cell_introduce_ack_parse(), but do not allocate the output +/** As trn_cell_introduce_ack_parse(), but do not allocate the output * object. */ static ssize_t -hs_cell_introduce_ack_parse_into(hs_cell_introduce_ack_t *obj, const uint8_t *input, const size_t len_in) +trn_cell_introduce_ack_parse_into(trn_cell_introduce_ack_t *obj, const uint8_t *input, const size_t len_in) { const uint8_t *ptr = input; size_t remaining = len_in; @@ -694,8 +694,8 @@ hs_cell_introduce_ack_parse_into(hs_cell_introduce_ack_t *obj, const uint8_t *in if (! (obj->status == 0 || obj->status == 1 || obj->status == 2)) goto fail; - /* Parse struct cell_extension extensions */ - result = cell_extension_parse(&obj->extensions, ptr, remaining); + /* Parse struct trn_cell_extension extensions */ + result = trn_cell_extension_parse(&obj->extensions, ptr, remaining); if (result < 0) goto relay_fail; trunnel_assert((size_t)result <= remaining); @@ -714,23 +714,23 @@ hs_cell_introduce_ack_parse_into(hs_cell_introduce_ack_t *obj, const uint8_t *in } ssize_t -hs_cell_introduce_ack_parse(hs_cell_introduce_ack_t **output, const uint8_t *input, const size_t len_in) +trn_cell_introduce_ack_parse(trn_cell_introduce_ack_t **output, const uint8_t *input, const size_t len_in) { ssize_t result; - *output = hs_cell_introduce_ack_new(); + *output = trn_cell_introduce_ack_new(); if (NULL == *output) return -1; - result = hs_cell_introduce_ack_parse_into(*output, input, len_in); + result = trn_cell_introduce_ack_parse_into(*output, input, len_in); if (result < 0) { - hs_cell_introduce_ack_free(*output); + trn_cell_introduce_ack_free(*output); *output = NULL; } return result; } -hs_cell_introduce_encrypted_t * -hs_cell_introduce_encrypted_new(void) +trn_cell_introduce_encrypted_t * +trn_cell_introduce_encrypted_new(void) { - hs_cell_introduce_encrypted_t *val = trunnel_calloc(1, sizeof(hs_cell_introduce_encrypted_t)); + trn_cell_introduce_encrypted_t *val = trunnel_calloc(1, sizeof(trn_cell_introduce_encrypted_t)); if (NULL == val) return NULL; val->onion_key_type = 1; @@ -740,10 +740,10 @@ hs_cell_introduce_encrypted_new(void) /** Release all storage held inside 'obj', but do not free 'obj'. */ static void -hs_cell_introduce_encrypted_clear(hs_cell_introduce_encrypted_t *obj) +trn_cell_introduce_encrypted_clear(trn_cell_introduce_encrypted_t *obj) { (void) obj; - cell_extension_free(obj->extensions); + trn_cell_extension_free(obj->extensions); obj->extensions = NULL; TRUNNEL_DYNARRAY_WIPE(&obj->onion_key); TRUNNEL_DYNARRAY_CLEAR(&obj->onion_key); @@ -761,35 +761,35 @@ hs_cell_introduce_encrypted_clear(hs_cell_introduce_encrypted_t *obj) } void -hs_cell_introduce_encrypted_free(hs_cell_introduce_encrypted_t *obj) +trn_cell_introduce_encrypted_free(trn_cell_introduce_encrypted_t *obj) { if (obj == NULL) return; - hs_cell_introduce_encrypted_clear(obj); - trunnel_memwipe(obj, sizeof(hs_cell_introduce_encrypted_t)); + trn_cell_introduce_encrypted_clear(obj); + trunnel_memwipe(obj, sizeof(trn_cell_introduce_encrypted_t)); trunnel_free_(obj); } size_t -hs_cell_introduce_encrypted_getlen_rend_cookie(const hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_getlen_rend_cookie(const trn_cell_introduce_encrypted_t *inp) { (void)inp; return TRUNNEL_REND_COOKIE_LEN; } uint8_t -hs_cell_introduce_encrypted_get_rend_cookie(hs_cell_introduce_encrypted_t *inp, size_t idx) +trn_cell_introduce_encrypted_get_rend_cookie(trn_cell_introduce_encrypted_t *inp, size_t idx) { trunnel_assert(idx < TRUNNEL_REND_COOKIE_LEN); return inp->rend_cookie[idx]; } uint8_t -hs_cell_introduce_encrypted_getconst_rend_cookie(const hs_cell_introduce_encrypted_t *inp, size_t idx) +trn_cell_introduce_encrypted_getconst_rend_cookie(const trn_cell_introduce_encrypted_t *inp, size_t idx) { - return hs_cell_introduce_encrypted_get_rend_cookie((hs_cell_introduce_encrypted_t*)inp, idx); + return trn_cell_introduce_encrypted_get_rend_cookie((trn_cell_introduce_encrypted_t*)inp, idx); } int -hs_cell_introduce_encrypted_set_rend_cookie(hs_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt) +trn_cell_introduce_encrypted_set_rend_cookie(trn_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt) { trunnel_assert(idx < TRUNNEL_REND_COOKIE_LEN); inp->rend_cookie[idx] = elt; @@ -797,45 +797,45 @@ hs_cell_introduce_encrypted_set_rend_cookie(hs_cell_introduce_encrypted_t *inp, } uint8_t * -hs_cell_introduce_encrypted_getarray_rend_cookie(hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_getarray_rend_cookie(trn_cell_introduce_encrypted_t *inp) { return inp->rend_cookie; } const uint8_t * -hs_cell_introduce_encrypted_getconstarray_rend_cookie(const hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_getconstarray_rend_cookie(const trn_cell_introduce_encrypted_t *inp) { - return (const uint8_t *)hs_cell_introduce_encrypted_getarray_rend_cookie((hs_cell_introduce_encrypted_t*)inp); + return (const uint8_t *)trn_cell_introduce_encrypted_getarray_rend_cookie((trn_cell_introduce_encrypted_t*)inp); } -struct cell_extension_st * -hs_cell_introduce_encrypted_get_extensions(hs_cell_introduce_encrypted_t *inp) +struct trn_cell_extension_st * +trn_cell_introduce_encrypted_get_extensions(trn_cell_introduce_encrypted_t *inp) { return inp->extensions; } -const struct cell_extension_st * -hs_cell_introduce_encrypted_getconst_extensions(const hs_cell_introduce_encrypted_t *inp) +const struct trn_cell_extension_st * +trn_cell_introduce_encrypted_getconst_extensions(const trn_cell_introduce_encrypted_t *inp) { - return hs_cell_introduce_encrypted_get_extensions((hs_cell_introduce_encrypted_t*) inp); + return trn_cell_introduce_encrypted_get_extensions((trn_cell_introduce_encrypted_t*) inp); } int -hs_cell_introduce_encrypted_set_extensions(hs_cell_introduce_encrypted_t *inp, struct cell_extension_st *val) +trn_cell_introduce_encrypted_set_extensions(trn_cell_introduce_encrypted_t *inp, struct trn_cell_extension_st *val) { if (inp->extensions && inp->extensions != val) - cell_extension_free(inp->extensions); - return hs_cell_introduce_encrypted_set0_extensions(inp, val); + trn_cell_extension_free(inp->extensions); + return trn_cell_introduce_encrypted_set0_extensions(inp, val); } int -hs_cell_introduce_encrypted_set0_extensions(hs_cell_introduce_encrypted_t *inp, struct cell_extension_st *val) +trn_cell_introduce_encrypted_set0_extensions(trn_cell_introduce_encrypted_t *inp, struct trn_cell_extension_st *val) { inp->extensions = val; return 0; } uint8_t -hs_cell_introduce_encrypted_get_onion_key_type(const hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_get_onion_key_type(const trn_cell_introduce_encrypted_t *inp) { return inp->onion_key_type; } int -hs_cell_introduce_encrypted_set_onion_key_type(hs_cell_introduce_encrypted_t *inp, uint8_t val) +trn_cell_introduce_encrypted_set_onion_key_type(trn_cell_introduce_encrypted_t *inp, uint8_t val) { if (! ((val == 1))) { TRUNNEL_SET_ERROR_CODE(inp); @@ -845,41 +845,41 @@ hs_cell_introduce_encrypted_set_onion_key_type(hs_cell_introduce_encrypted_t *in return 0; } uint16_t -hs_cell_introduce_encrypted_get_onion_key_len(const hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_get_onion_key_len(const trn_cell_introduce_encrypted_t *inp) { return inp->onion_key_len; } int -hs_cell_introduce_encrypted_set_onion_key_len(hs_cell_introduce_encrypted_t *inp, uint16_t val) +trn_cell_introduce_encrypted_set_onion_key_len(trn_cell_introduce_encrypted_t *inp, uint16_t val) { inp->onion_key_len = val; return 0; } size_t -hs_cell_introduce_encrypted_getlen_onion_key(const hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_getlen_onion_key(const trn_cell_introduce_encrypted_t *inp) { return TRUNNEL_DYNARRAY_LEN(&inp->onion_key); } uint8_t -hs_cell_introduce_encrypted_get_onion_key(hs_cell_introduce_encrypted_t *inp, size_t idx) +trn_cell_introduce_encrypted_get_onion_key(trn_cell_introduce_encrypted_t *inp, size_t idx) { return TRUNNEL_DYNARRAY_GET(&inp->onion_key, idx); } uint8_t -hs_cell_introduce_encrypted_getconst_onion_key(const hs_cell_introduce_encrypted_t *inp, size_t idx) +trn_cell_introduce_encrypted_getconst_onion_key(const trn_cell_introduce_encrypted_t *inp, size_t idx) { - return hs_cell_introduce_encrypted_get_onion_key((hs_cell_introduce_encrypted_t*)inp, idx); + return trn_cell_introduce_encrypted_get_onion_key((trn_cell_introduce_encrypted_t*)inp, idx); } int -hs_cell_introduce_encrypted_set_onion_key(hs_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt) +trn_cell_introduce_encrypted_set_onion_key(trn_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt) { TRUNNEL_DYNARRAY_SET(&inp->onion_key, idx, elt); return 0; } int -hs_cell_introduce_encrypted_add_onion_key(hs_cell_introduce_encrypted_t *inp, uint8_t elt) +trn_cell_introduce_encrypted_add_onion_key(trn_cell_introduce_encrypted_t *inp, uint8_t elt) { #if SIZE_MAX >= UINT16_MAX if (inp->onion_key.n_ == UINT16_MAX) @@ -893,17 +893,17 @@ hs_cell_introduce_encrypted_add_onion_key(hs_cell_introduce_encrypted_t *inp, ui } uint8_t * -hs_cell_introduce_encrypted_getarray_onion_key(hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_getarray_onion_key(trn_cell_introduce_encrypted_t *inp) { return inp->onion_key.elts_; } const uint8_t * -hs_cell_introduce_encrypted_getconstarray_onion_key(const hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_getconstarray_onion_key(const trn_cell_introduce_encrypted_t *inp) { - return (const uint8_t *)hs_cell_introduce_encrypted_getarray_onion_key((hs_cell_introduce_encrypted_t*)inp); + return (const uint8_t *)trn_cell_introduce_encrypted_getarray_onion_key((trn_cell_introduce_encrypted_t*)inp); } int -hs_cell_introduce_encrypted_setlen_onion_key(hs_cell_introduce_encrypted_t *inp, size_t newlen) +trn_cell_introduce_encrypted_setlen_onion_key(trn_cell_introduce_encrypted_t *inp, size_t newlen) { uint8_t *newptr; #if UINT16_MAX < SIZE_MAX @@ -923,49 +923,49 @@ hs_cell_introduce_encrypted_setlen_onion_key(hs_cell_introduce_encrypted_t *inp, return -1; } uint8_t -hs_cell_introduce_encrypted_get_nspec(const hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_get_nspec(const trn_cell_introduce_encrypted_t *inp) { return inp->nspec; } int -hs_cell_introduce_encrypted_set_nspec(hs_cell_introduce_encrypted_t *inp, uint8_t val) +trn_cell_introduce_encrypted_set_nspec(trn_cell_introduce_encrypted_t *inp, uint8_t val) { inp->nspec = val; return 0; } size_t -hs_cell_introduce_encrypted_getlen_nspecs(const hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_getlen_nspecs(const trn_cell_introduce_encrypted_t *inp) { return TRUNNEL_DYNARRAY_LEN(&inp->nspecs); } struct link_specifier_st * -hs_cell_introduce_encrypted_get_nspecs(hs_cell_introduce_encrypted_t *inp, size_t idx) +trn_cell_introduce_encrypted_get_nspecs(trn_cell_introduce_encrypted_t *inp, size_t idx) { return TRUNNEL_DYNARRAY_GET(&inp->nspecs, idx); } const struct link_specifier_st * -hs_cell_introduce_encrypted_getconst_nspecs(const hs_cell_introduce_encrypted_t *inp, size_t idx) +trn_cell_introduce_encrypted_getconst_nspecs(const trn_cell_introduce_encrypted_t *inp, size_t idx) { - return hs_cell_introduce_encrypted_get_nspecs((hs_cell_introduce_encrypted_t*)inp, idx); + return trn_cell_introduce_encrypted_get_nspecs((trn_cell_introduce_encrypted_t*)inp, idx); } int -hs_cell_introduce_encrypted_set_nspecs(hs_cell_introduce_encrypted_t *inp, size_t idx, struct link_specifier_st * elt) +trn_cell_introduce_encrypted_set_nspecs(trn_cell_introduce_encrypted_t *inp, size_t idx, struct link_specifier_st * elt) { link_specifier_t *oldval = TRUNNEL_DYNARRAY_GET(&inp->nspecs, idx); if (oldval && oldval != elt) link_specifier_free(oldval); - return hs_cell_introduce_encrypted_set0_nspecs(inp, idx, elt); + return trn_cell_introduce_encrypted_set0_nspecs(inp, idx, elt); } int -hs_cell_introduce_encrypted_set0_nspecs(hs_cell_introduce_encrypted_t *inp, size_t idx, struct link_specifier_st * elt) +trn_cell_introduce_encrypted_set0_nspecs(trn_cell_introduce_encrypted_t *inp, size_t idx, struct link_specifier_st * elt) { TRUNNEL_DYNARRAY_SET(&inp->nspecs, idx, elt); return 0; } int -hs_cell_introduce_encrypted_add_nspecs(hs_cell_introduce_encrypted_t *inp, struct link_specifier_st * elt) +trn_cell_introduce_encrypted_add_nspecs(trn_cell_introduce_encrypted_t *inp, struct link_specifier_st * elt) { #if SIZE_MAX >= UINT8_MAX if (inp->nspecs.n_ == UINT8_MAX) @@ -979,17 +979,17 @@ hs_cell_introduce_encrypted_add_nspecs(hs_cell_introduce_encrypted_t *inp, struc } struct link_specifier_st * * -hs_cell_introduce_encrypted_getarray_nspecs(hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_getarray_nspecs(trn_cell_introduce_encrypted_t *inp) { return inp->nspecs.elts_; } const struct link_specifier_st * const * -hs_cell_introduce_encrypted_getconstarray_nspecs(const hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_getconstarray_nspecs(const trn_cell_introduce_encrypted_t *inp) { - return (const struct link_specifier_st * const *)hs_cell_introduce_encrypted_getarray_nspecs((hs_cell_introduce_encrypted_t*)inp); + return (const struct link_specifier_st * const *)trn_cell_introduce_encrypted_getarray_nspecs((trn_cell_introduce_encrypted_t*)inp); } int -hs_cell_introduce_encrypted_setlen_nspecs(hs_cell_introduce_encrypted_t *inp, size_t newlen) +trn_cell_introduce_encrypted_setlen_nspecs(trn_cell_introduce_encrypted_t *inp, size_t newlen) { struct link_specifier_st * *newptr; #if UINT8_MAX < SIZE_MAX @@ -1009,30 +1009,30 @@ hs_cell_introduce_encrypted_setlen_nspecs(hs_cell_introduce_encrypted_t *inp, si return -1; } size_t -hs_cell_introduce_encrypted_getlen_pad(const hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_getlen_pad(const trn_cell_introduce_encrypted_t *inp) { return TRUNNEL_DYNARRAY_LEN(&inp->pad); } uint8_t -hs_cell_introduce_encrypted_get_pad(hs_cell_introduce_encrypted_t *inp, size_t idx) +trn_cell_introduce_encrypted_get_pad(trn_cell_introduce_encrypted_t *inp, size_t idx) { return TRUNNEL_DYNARRAY_GET(&inp->pad, idx); } uint8_t -hs_cell_introduce_encrypted_getconst_pad(const hs_cell_introduce_encrypted_t *inp, size_t idx) +trn_cell_introduce_encrypted_getconst_pad(const trn_cell_introduce_encrypted_t *inp, size_t idx) { - return hs_cell_introduce_encrypted_get_pad((hs_cell_introduce_encrypted_t*)inp, idx); + return trn_cell_introduce_encrypted_get_pad((trn_cell_introduce_encrypted_t*)inp, idx); } int -hs_cell_introduce_encrypted_set_pad(hs_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt) +trn_cell_introduce_encrypted_set_pad(trn_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt) { TRUNNEL_DYNARRAY_SET(&inp->pad, idx, elt); return 0; } int -hs_cell_introduce_encrypted_add_pad(hs_cell_introduce_encrypted_t *inp, uint8_t elt) +trn_cell_introduce_encrypted_add_pad(trn_cell_introduce_encrypted_t *inp, uint8_t elt) { TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->pad, elt, {}); return 0; @@ -1042,17 +1042,17 @@ hs_cell_introduce_encrypted_add_pad(hs_cell_introduce_encrypted_t *inp, uint8_t } uint8_t * -hs_cell_introduce_encrypted_getarray_pad(hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_getarray_pad(trn_cell_introduce_encrypted_t *inp) { return inp->pad.elts_; } const uint8_t * -hs_cell_introduce_encrypted_getconstarray_pad(const hs_cell_introduce_encrypted_t *inp) +trn_cell_introduce_encrypted_getconstarray_pad(const trn_cell_introduce_encrypted_t *inp) { - return (const uint8_t *)hs_cell_introduce_encrypted_getarray_pad((hs_cell_introduce_encrypted_t*)inp); + return (const uint8_t *)trn_cell_introduce_encrypted_getarray_pad((trn_cell_introduce_encrypted_t*)inp); } int -hs_cell_introduce_encrypted_setlen_pad(hs_cell_introduce_encrypted_t *inp, size_t newlen) +trn_cell_introduce_encrypted_setlen_pad(trn_cell_introduce_encrypted_t *inp, size_t newlen) { uint8_t *newptr; newptr = trunnel_dynarray_setlen(&inp->pad.allocated_, @@ -1068,7 +1068,7 @@ hs_cell_introduce_encrypted_setlen_pad(hs_cell_introduce_encrypted_t *inp, size_ return -1; } const char * -hs_cell_introduce_encrypted_check(const hs_cell_introduce_encrypted_t *obj) +trn_cell_introduce_encrypted_check(const trn_cell_introduce_encrypted_t *obj) { if (obj == NULL) return "Object was NULL"; @@ -1076,7 +1076,7 @@ hs_cell_introduce_encrypted_check(const hs_cell_introduce_encrypted_t *obj) return "A set function failed on this object"; { const char *msg; - if (NULL != (msg = cell_extension_check(obj->extensions))) + if (NULL != (msg = trn_cell_extension_check(obj->extensions))) return msg; } if (! (obj->onion_key_type == 1)) @@ -1098,19 +1098,19 @@ hs_cell_introduce_encrypted_check(const hs_cell_introduce_encrypted_t *obj) } ssize_t -hs_cell_introduce_encrypted_encoded_len(const hs_cell_introduce_encrypted_t *obj) +trn_cell_introduce_encrypted_encoded_len(const trn_cell_introduce_encrypted_t *obj) { ssize_t result = 0; - if (NULL != hs_cell_introduce_encrypted_check(obj)) + if (NULL != trn_cell_introduce_encrypted_check(obj)) return -1; /* Length of u8 rend_cookie[TRUNNEL_REND_COOKIE_LEN] */ result += TRUNNEL_REND_COOKIE_LEN; - /* Length of struct cell_extension extensions */ - result += cell_extension_encoded_len(obj->extensions); + /* Length of struct trn_cell_extension extensions */ + result += trn_cell_extension_encoded_len(obj->extensions); /* Length of u8 onion_key_type IN [1] */ result += 1; @@ -1138,24 +1138,24 @@ hs_cell_introduce_encrypted_encoded_len(const hs_cell_introduce_encrypted_t *obj return result; } int -hs_cell_introduce_encrypted_clear_errors(hs_cell_introduce_encrypted_t *obj) +trn_cell_introduce_encrypted_clear_errors(trn_cell_introduce_encrypted_t *obj) { int r = obj->trunnel_error_code_; obj->trunnel_error_code_ = 0; return r; } ssize_t -hs_cell_introduce_encrypted_encode(uint8_t *output, const size_t avail, const hs_cell_introduce_encrypted_t *obj) +trn_cell_introduce_encrypted_encode(uint8_t *output, const size_t avail, const trn_cell_introduce_encrypted_t *obj) { ssize_t result = 0; size_t written = 0; uint8_t *ptr = output; const char *msg; #ifdef TRUNNEL_CHECK_ENCODED_LEN - const ssize_t encoded_len = hs_cell_introduce_encrypted_encoded_len(obj); + const ssize_t encoded_len = trn_cell_introduce_encrypted_encoded_len(obj); #endif - if (NULL != (msg = hs_cell_introduce_encrypted_check(obj))) + if (NULL != (msg = trn_cell_introduce_encrypted_check(obj))) goto check_failed; #ifdef TRUNNEL_CHECK_ENCODED_LEN @@ -1169,9 +1169,9 @@ hs_cell_introduce_encrypted_encode(uint8_t *output, const size_t avail, const hs memcpy(ptr, obj->rend_cookie, TRUNNEL_REND_COOKIE_LEN); written += TRUNNEL_REND_COOKIE_LEN; ptr += TRUNNEL_REND_COOKIE_LEN; - /* Encode struct cell_extension extensions */ + /* Encode struct trn_cell_extension extensions */ trunnel_assert(written <= avail); - result = cell_extension_encode(ptr, avail - written, obj->extensions); + result = trn_cell_extension_encode(ptr, avail - written, obj->extensions); if (result < 0) goto fail; /* XXXXXXX !*/ written += result; ptr += result; @@ -1257,11 +1257,11 @@ hs_cell_introduce_encrypted_encode(uint8_t *output, const size_t avail, const hs return result; } -/** As hs_cell_introduce_encrypted_parse(), but do not allocate the +/** As trn_cell_introduce_encrypted_parse(), but do not allocate the * output object. */ static ssize_t -hs_cell_introduce_encrypted_parse_into(hs_cell_introduce_encrypted_t *obj, const uint8_t *input, const size_t len_in) +trn_cell_introduce_encrypted_parse_into(trn_cell_introduce_encrypted_t *obj, const uint8_t *input, const size_t len_in) { const uint8_t *ptr = input; size_t remaining = len_in; @@ -1273,8 +1273,8 @@ hs_cell_introduce_encrypted_parse_into(hs_cell_introduce_encrypted_t *obj, const memcpy(obj->rend_cookie, ptr, TRUNNEL_REND_COOKIE_LEN); remaining -= TRUNNEL_REND_COOKIE_LEN; ptr += TRUNNEL_REND_COOKIE_LEN; - /* Parse struct cell_extension extensions */ - result = cell_extension_parse(&obj->extensions, ptr, remaining); + /* Parse struct trn_cell_extension extensions */ + result = trn_cell_extension_parse(&obj->extensions, ptr, remaining); if (result < 0) goto relay_fail; trunnel_assert((size_t)result <= remaining); @@ -1342,15 +1342,15 @@ hs_cell_introduce_encrypted_parse_into(hs_cell_introduce_encrypted_t *obj, const } ssize_t -hs_cell_introduce_encrypted_parse(hs_cell_introduce_encrypted_t **output, const uint8_t *input, const size_t len_in) +trn_cell_introduce_encrypted_parse(trn_cell_introduce_encrypted_t **output, const uint8_t *input, const size_t len_in) { ssize_t result; - *output = hs_cell_introduce_encrypted_new(); + *output = trn_cell_introduce_encrypted_new(); if (NULL == *output) return -1; - result = hs_cell_introduce_encrypted_parse_into(*output, input, len_in); + result = trn_cell_introduce_encrypted_parse_into(*output, input, len_in); if (result < 0) { - hs_cell_introduce_encrypted_free(*output); + trn_cell_introduce_encrypted_free(*output); *output = NULL; } return result; diff --git a/src/trunnel/hs/cell_introduce1.h b/src/trunnel/hs/cell_introduce1.h index ccd2cda904..cca825a431 100644 --- a/src/trunnel/hs/cell_introduce1.h +++ b/src/trunnel/hs/cell_introduce1.h @@ -8,34 +8,34 @@ #include <stdint.h> #include "trunnel.h" -struct cell_extension_st; +struct trn_cell_extension_st; struct link_specifier_st; #define TRUNNEL_SHA1_LEN 20 #define TRUNNEL_REND_COOKIE_LEN 20 -#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_HS_CELL_INTRODUCE1) -struct hs_cell_introduce1_st { +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_INTRODUCE1) +struct trn_cell_introduce1_st { uint8_t legacy_key_id[TRUNNEL_SHA1_LEN]; uint8_t auth_key_type; uint16_t auth_key_len; TRUNNEL_DYNARRAY_HEAD(, uint8_t) auth_key; - struct cell_extension_st *extensions; + struct trn_cell_extension_st *extensions; TRUNNEL_DYNARRAY_HEAD(, uint8_t) encrypted; uint8_t trunnel_error_code_; }; #endif -typedef struct hs_cell_introduce1_st hs_cell_introduce1_t; -#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_HS_CELL_INTRODUCE_ACK) -struct hs_cell_introduce_ack_st { +typedef struct trn_cell_introduce1_st trn_cell_introduce1_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_INTRODUCE_ACK) +struct trn_cell_introduce_ack_st { uint16_t status; - struct cell_extension_st *extensions; + struct trn_cell_extension_st *extensions; uint8_t trunnel_error_code_; }; #endif -typedef struct hs_cell_introduce_ack_st hs_cell_introduce_ack_t; -#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_HS_CELL_INTRODUCE_ENCRYPTED) -struct hs_cell_introduce_encrypted_st { +typedef struct trn_cell_introduce_ack_st trn_cell_introduce_ack_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_INTRODUCE_ENCRYPTED) +struct trn_cell_introduce_encrypted_st { uint8_t rend_cookie[TRUNNEL_REND_COOKIE_LEN]; - struct cell_extension_st *extensions; + struct trn_cell_extension_st *extensions; uint8_t onion_key_type; uint16_t onion_key_len; TRUNNEL_DYNARRAY_HEAD(, uint8_t) onion_key; @@ -45,449 +45,449 @@ struct hs_cell_introduce_encrypted_st { uint8_t trunnel_error_code_; }; #endif -typedef struct hs_cell_introduce_encrypted_st hs_cell_introduce_encrypted_t; -/** Return a newly allocated hs_cell_introduce1 with all elements set +typedef struct trn_cell_introduce_encrypted_st trn_cell_introduce_encrypted_t; +/** Return a newly allocated trn_cell_introduce1 with all elements set * to zero. */ -hs_cell_introduce1_t *hs_cell_introduce1_new(void); -/** Release all storage held by the hs_cell_introduce1 in 'victim'. +trn_cell_introduce1_t *trn_cell_introduce1_new(void); +/** Release all storage held by the trn_cell_introduce1 in 'victim'. * (Do nothing if 'victim' is NULL.) */ -void hs_cell_introduce1_free(hs_cell_introduce1_t *victim); -/** Try to parse a hs_cell_introduce1 from the buffer in 'input', +void trn_cell_introduce1_free(trn_cell_introduce1_t *victim); +/** Try to parse a trn_cell_introduce1 from the buffer in 'input', * using up to 'len_in' bytes from the input buffer. On success, * return the number of bytes consumed and set *output to the newly - * allocated hs_cell_introduce1_t. On failure, return -2 if the input + * allocated trn_cell_introduce1_t. On failure, return -2 if the input * appears truncated, and -1 if the input is otherwise invalid. */ -ssize_t hs_cell_introduce1_parse(hs_cell_introduce1_t **output, const uint8_t *input, const size_t len_in); +ssize_t trn_cell_introduce1_parse(trn_cell_introduce1_t **output, const uint8_t *input, const size_t len_in); /** Return the number of bytes we expect to need to encode the - * hs_cell_introduce1 in 'obj'. On failure, return a negative value. + * trn_cell_introduce1 in 'obj'. On failure, return a negative value. * Note that this value may be an overestimate, and can even be an * underestimate for certain unencodeable objects. */ -ssize_t hs_cell_introduce1_encoded_len(const hs_cell_introduce1_t *obj); -/** Try to encode the hs_cell_introduce1 from 'input' into the buffer +ssize_t trn_cell_introduce1_encoded_len(const trn_cell_introduce1_t *obj); +/** Try to encode the trn_cell_introduce1 from 'input' into the buffer * at 'output', using up to 'avail' bytes of the output buffer. On * success, return the number of bytes used. On failure, return -2 if * the buffer was not long enough, and -1 if the input was invalid. */ -ssize_t hs_cell_introduce1_encode(uint8_t *output, size_t avail, const hs_cell_introduce1_t *input); -/** Check whether the internal state of the hs_cell_introduce1 in +ssize_t trn_cell_introduce1_encode(uint8_t *output, size_t avail, const trn_cell_introduce1_t *input); +/** Check whether the internal state of the trn_cell_introduce1 in * 'obj' is consistent. Return NULL if it is, and a short message if * it is not. */ -const char *hs_cell_introduce1_check(const hs_cell_introduce1_t *obj); +const char *trn_cell_introduce1_check(const trn_cell_introduce1_t *obj); /** Clear any errors that were set on the object 'obj' by its setter * functions. Return true iff errors were cleared. */ -int hs_cell_introduce1_clear_errors(hs_cell_introduce1_t *obj); +int trn_cell_introduce1_clear_errors(trn_cell_introduce1_t *obj); /** Return the (constant) length of the array holding the - * legacy_key_id field of the hs_cell_introduce1_t in 'inp'. + * legacy_key_id field of the trn_cell_introduce1_t in 'inp'. */ -size_t hs_cell_introduce1_getlen_legacy_key_id(const hs_cell_introduce1_t *inp); +size_t trn_cell_introduce1_getlen_legacy_key_id(const trn_cell_introduce1_t *inp); /** Return the element at position 'idx' of the fixed array field - * legacy_key_id of the hs_cell_introduce1_t in 'inp'. + * legacy_key_id of the trn_cell_introduce1_t in 'inp'. */ -uint8_t hs_cell_introduce1_get_legacy_key_id(hs_cell_introduce1_t *inp, size_t idx); -/** As hs_cell_introduce1_get_legacy_key_id, but take and return a +uint8_t trn_cell_introduce1_get_legacy_key_id(trn_cell_introduce1_t *inp, size_t idx); +/** As trn_cell_introduce1_get_legacy_key_id, but take and return a * const pointer */ -uint8_t hs_cell_introduce1_getconst_legacy_key_id(const hs_cell_introduce1_t *inp, size_t idx); +uint8_t trn_cell_introduce1_getconst_legacy_key_id(const trn_cell_introduce1_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field - * legacy_key_id of the hs_cell_introduce1_t in 'inp', so that it will - * hold the value 'elt'. + * legacy_key_id of the trn_cell_introduce1_t in 'inp', so that it + * will hold the value 'elt'. */ -int hs_cell_introduce1_set_legacy_key_id(hs_cell_introduce1_t *inp, size_t idx, uint8_t elt); +int trn_cell_introduce1_set_legacy_key_id(trn_cell_introduce1_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the TRUNNEL_SHA1_LEN-element array field * legacy_key_id of 'inp'. */ -uint8_t * hs_cell_introduce1_getarray_legacy_key_id(hs_cell_introduce1_t *inp); -/** As hs_cell_introduce1_get_legacy_key_id, but take and return a +uint8_t * trn_cell_introduce1_getarray_legacy_key_id(trn_cell_introduce1_t *inp); +/** As trn_cell_introduce1_get_legacy_key_id, but take and return a * const pointer */ -const uint8_t * hs_cell_introduce1_getconstarray_legacy_key_id(const hs_cell_introduce1_t *inp); +const uint8_t * trn_cell_introduce1_getconstarray_legacy_key_id(const trn_cell_introduce1_t *inp); /** Return the value of the auth_key_type field of the - * hs_cell_introduce1_t in 'inp' + * trn_cell_introduce1_t in 'inp' */ -uint8_t hs_cell_introduce1_get_auth_key_type(const hs_cell_introduce1_t *inp); +uint8_t trn_cell_introduce1_get_auth_key_type(const trn_cell_introduce1_t *inp); /** Set the value of the auth_key_type field of the - * hs_cell_introduce1_t in 'inp' to 'val'. Return 0 on success; return - * -1 and set the error code on 'inp' on failure. + * trn_cell_introduce1_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. */ -int hs_cell_introduce1_set_auth_key_type(hs_cell_introduce1_t *inp, uint8_t val); +int trn_cell_introduce1_set_auth_key_type(trn_cell_introduce1_t *inp, uint8_t val); /** Return the value of the auth_key_len field of the - * hs_cell_introduce1_t in 'inp' + * trn_cell_introduce1_t in 'inp' */ -uint16_t hs_cell_introduce1_get_auth_key_len(const hs_cell_introduce1_t *inp); +uint16_t trn_cell_introduce1_get_auth_key_len(const trn_cell_introduce1_t *inp); /** Set the value of the auth_key_len field of the - * hs_cell_introduce1_t in 'inp' to 'val'. Return 0 on success; return - * -1 and set the error code on 'inp' on failure. + * trn_cell_introduce1_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. */ -int hs_cell_introduce1_set_auth_key_len(hs_cell_introduce1_t *inp, uint16_t val); +int trn_cell_introduce1_set_auth_key_len(trn_cell_introduce1_t *inp, uint16_t val); /** Return the length of the dynamic array holding the auth_key field - * of the hs_cell_introduce1_t in 'inp'. + * of the trn_cell_introduce1_t in 'inp'. */ -size_t hs_cell_introduce1_getlen_auth_key(const hs_cell_introduce1_t *inp); +size_t trn_cell_introduce1_getlen_auth_key(const trn_cell_introduce1_t *inp); /** Return the element at position 'idx' of the dynamic array field - * auth_key of the hs_cell_introduce1_t in 'inp'. + * auth_key of the trn_cell_introduce1_t in 'inp'. */ -uint8_t hs_cell_introduce1_get_auth_key(hs_cell_introduce1_t *inp, size_t idx); -/** As hs_cell_introduce1_get_auth_key, but take and return a const +uint8_t trn_cell_introduce1_get_auth_key(trn_cell_introduce1_t *inp, size_t idx); +/** As trn_cell_introduce1_get_auth_key, but take and return a const * pointer */ -uint8_t hs_cell_introduce1_getconst_auth_key(const hs_cell_introduce1_t *inp, size_t idx); +uint8_t trn_cell_introduce1_getconst_auth_key(const trn_cell_introduce1_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field - * auth_key of the hs_cell_introduce1_t in 'inp', so that it will hold - * the value 'elt'. + * auth_key of the trn_cell_introduce1_t in 'inp', so that it will + * hold the value 'elt'. */ -int hs_cell_introduce1_set_auth_key(hs_cell_introduce1_t *inp, size_t idx, uint8_t elt); +int trn_cell_introduce1_set_auth_key(trn_cell_introduce1_t *inp, size_t idx, uint8_t elt); /** Append a new element 'elt' to the dynamic array field auth_key of - * the hs_cell_introduce1_t in 'inp'. + * the trn_cell_introduce1_t in 'inp'. */ -int hs_cell_introduce1_add_auth_key(hs_cell_introduce1_t *inp, uint8_t elt); +int trn_cell_introduce1_add_auth_key(trn_cell_introduce1_t *inp, uint8_t elt); /** Return a pointer to the variable-length array field auth_key of * 'inp'. */ -uint8_t * hs_cell_introduce1_getarray_auth_key(hs_cell_introduce1_t *inp); -/** As hs_cell_introduce1_get_auth_key, but take and return a const +uint8_t * trn_cell_introduce1_getarray_auth_key(trn_cell_introduce1_t *inp); +/** As trn_cell_introduce1_get_auth_key, but take and return a const * pointer */ -const uint8_t * hs_cell_introduce1_getconstarray_auth_key(const hs_cell_introduce1_t *inp); +const uint8_t * trn_cell_introduce1_getconstarray_auth_key(const trn_cell_introduce1_t *inp); /** Change the length of the variable-length array field auth_key of * 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on success; * return -1 and set the error code on 'inp' on failure. */ -int hs_cell_introduce1_setlen_auth_key(hs_cell_introduce1_t *inp, size_t newlen); +int trn_cell_introduce1_setlen_auth_key(trn_cell_introduce1_t *inp, size_t newlen); /** Return the value of the extensions field of the - * hs_cell_introduce1_t in 'inp' + * trn_cell_introduce1_t in 'inp' */ -struct cell_extension_st * hs_cell_introduce1_get_extensions(hs_cell_introduce1_t *inp); -/** As hs_cell_introduce1_get_extensions, but take and return a const +struct trn_cell_extension_st * trn_cell_introduce1_get_extensions(trn_cell_introduce1_t *inp); +/** As trn_cell_introduce1_get_extensions, but take and return a const * pointer */ -const struct cell_extension_st * hs_cell_introduce1_getconst_extensions(const hs_cell_introduce1_t *inp); -/** Set the value of the extensions field of the hs_cell_introduce1_t +const struct trn_cell_extension_st * trn_cell_introduce1_getconst_extensions(const trn_cell_introduce1_t *inp); +/** Set the value of the extensions field of the trn_cell_introduce1_t * in 'inp' to 'val'. Free the old value if any. Steals the * referenceto 'val'.Return 0 on success; return -1 and set the error * code on 'inp' on failure. */ -int hs_cell_introduce1_set_extensions(hs_cell_introduce1_t *inp, struct cell_extension_st *val); -/** As hs_cell_introduce1_set_extensions, but does not free the +int trn_cell_introduce1_set_extensions(trn_cell_introduce1_t *inp, struct trn_cell_extension_st *val); +/** As trn_cell_introduce1_set_extensions, but does not free the * previous value. */ -int hs_cell_introduce1_set0_extensions(hs_cell_introduce1_t *inp, struct cell_extension_st *val); +int trn_cell_introduce1_set0_extensions(trn_cell_introduce1_t *inp, struct trn_cell_extension_st *val); /** Return the length of the dynamic array holding the encrypted field - * of the hs_cell_introduce1_t in 'inp'. + * of the trn_cell_introduce1_t in 'inp'. */ -size_t hs_cell_introduce1_getlen_encrypted(const hs_cell_introduce1_t *inp); +size_t trn_cell_introduce1_getlen_encrypted(const trn_cell_introduce1_t *inp); /** Return the element at position 'idx' of the dynamic array field - * encrypted of the hs_cell_introduce1_t in 'inp'. + * encrypted of the trn_cell_introduce1_t in 'inp'. */ -uint8_t hs_cell_introduce1_get_encrypted(hs_cell_introduce1_t *inp, size_t idx); -/** As hs_cell_introduce1_get_encrypted, but take and return a const +uint8_t trn_cell_introduce1_get_encrypted(trn_cell_introduce1_t *inp, size_t idx); +/** As trn_cell_introduce1_get_encrypted, but take and return a const * pointer */ -uint8_t hs_cell_introduce1_getconst_encrypted(const hs_cell_introduce1_t *inp, size_t idx); +uint8_t trn_cell_introduce1_getconst_encrypted(const trn_cell_introduce1_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field - * encrypted of the hs_cell_introduce1_t in 'inp', so that it will + * encrypted of the trn_cell_introduce1_t in 'inp', so that it will * hold the value 'elt'. */ -int hs_cell_introduce1_set_encrypted(hs_cell_introduce1_t *inp, size_t idx, uint8_t elt); +int trn_cell_introduce1_set_encrypted(trn_cell_introduce1_t *inp, size_t idx, uint8_t elt); /** Append a new element 'elt' to the dynamic array field encrypted of - * the hs_cell_introduce1_t in 'inp'. + * the trn_cell_introduce1_t in 'inp'. */ -int hs_cell_introduce1_add_encrypted(hs_cell_introduce1_t *inp, uint8_t elt); +int trn_cell_introduce1_add_encrypted(trn_cell_introduce1_t *inp, uint8_t elt); /** Return a pointer to the variable-length array field encrypted of * 'inp'. */ -uint8_t * hs_cell_introduce1_getarray_encrypted(hs_cell_introduce1_t *inp); -/** As hs_cell_introduce1_get_encrypted, but take and return a const +uint8_t * trn_cell_introduce1_getarray_encrypted(trn_cell_introduce1_t *inp); +/** As trn_cell_introduce1_get_encrypted, but take and return a const * pointer */ -const uint8_t * hs_cell_introduce1_getconstarray_encrypted(const hs_cell_introduce1_t *inp); +const uint8_t * trn_cell_introduce1_getconstarray_encrypted(const trn_cell_introduce1_t *inp); /** Change the length of the variable-length array field encrypted of * 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on success; * return -1 and set the error code on 'inp' on failure. */ -int hs_cell_introduce1_setlen_encrypted(hs_cell_introduce1_t *inp, size_t newlen); -/** Return a newly allocated hs_cell_introduce_ack with all elements +int trn_cell_introduce1_setlen_encrypted(trn_cell_introduce1_t *inp, size_t newlen); +/** Return a newly allocated trn_cell_introduce_ack with all elements * set to zero. */ -hs_cell_introduce_ack_t *hs_cell_introduce_ack_new(void); -/** Release all storage held by the hs_cell_introduce_ack in 'victim'. - * (Do nothing if 'victim' is NULL.) +trn_cell_introduce_ack_t *trn_cell_introduce_ack_new(void); +/** Release all storage held by the trn_cell_introduce_ack in + * 'victim'. (Do nothing if 'victim' is NULL.) */ -void hs_cell_introduce_ack_free(hs_cell_introduce_ack_t *victim); -/** Try to parse a hs_cell_introduce_ack from the buffer in 'input', +void trn_cell_introduce_ack_free(trn_cell_introduce_ack_t *victim); +/** Try to parse a trn_cell_introduce_ack from the buffer in 'input', * using up to 'len_in' bytes from the input buffer. On success, * return the number of bytes consumed and set *output to the newly - * allocated hs_cell_introduce_ack_t. On failure, return -2 if the + * allocated trn_cell_introduce_ack_t. On failure, return -2 if the * input appears truncated, and -1 if the input is otherwise invalid. */ -ssize_t hs_cell_introduce_ack_parse(hs_cell_introduce_ack_t **output, const uint8_t *input, const size_t len_in); +ssize_t trn_cell_introduce_ack_parse(trn_cell_introduce_ack_t **output, const uint8_t *input, const size_t len_in); /** Return the number of bytes we expect to need to encode the - * hs_cell_introduce_ack in 'obj'. On failure, return a negative + * trn_cell_introduce_ack in 'obj'. On failure, return a negative * value. Note that this value may be an overestimate, and can even be * an underestimate for certain unencodeable objects. */ -ssize_t hs_cell_introduce_ack_encoded_len(const hs_cell_introduce_ack_t *obj); -/** Try to encode the hs_cell_introduce_ack from 'input' into the +ssize_t trn_cell_introduce_ack_encoded_len(const trn_cell_introduce_ack_t *obj); +/** Try to encode the trn_cell_introduce_ack from 'input' into the * buffer at 'output', using up to 'avail' bytes of the output buffer. * On success, return the number of bytes used. On failure, return -2 * if the buffer was not long enough, and -1 if the input was invalid. */ -ssize_t hs_cell_introduce_ack_encode(uint8_t *output, size_t avail, const hs_cell_introduce_ack_t *input); -/** Check whether the internal state of the hs_cell_introduce_ack in +ssize_t trn_cell_introduce_ack_encode(uint8_t *output, size_t avail, const trn_cell_introduce_ack_t *input); +/** Check whether the internal state of the trn_cell_introduce_ack in * 'obj' is consistent. Return NULL if it is, and a short message if * it is not. */ -const char *hs_cell_introduce_ack_check(const hs_cell_introduce_ack_t *obj); +const char *trn_cell_introduce_ack_check(const trn_cell_introduce_ack_t *obj); /** Clear any errors that were set on the object 'obj' by its setter * functions. Return true iff errors were cleared. */ -int hs_cell_introduce_ack_clear_errors(hs_cell_introduce_ack_t *obj); +int trn_cell_introduce_ack_clear_errors(trn_cell_introduce_ack_t *obj); /** Return the value of the status field of the - * hs_cell_introduce_ack_t in 'inp' + * trn_cell_introduce_ack_t in 'inp' */ -uint16_t hs_cell_introduce_ack_get_status(const hs_cell_introduce_ack_t *inp); -/** Set the value of the status field of the hs_cell_introduce_ack_t +uint16_t trn_cell_introduce_ack_get_status(const trn_cell_introduce_ack_t *inp); +/** Set the value of the status field of the trn_cell_introduce_ack_t * in 'inp' to 'val'. Return 0 on success; return -1 and set the error * code on 'inp' on failure. */ -int hs_cell_introduce_ack_set_status(hs_cell_introduce_ack_t *inp, uint16_t val); +int trn_cell_introduce_ack_set_status(trn_cell_introduce_ack_t *inp, uint16_t val); /** Return the value of the extensions field of the - * hs_cell_introduce_ack_t in 'inp' + * trn_cell_introduce_ack_t in 'inp' */ -struct cell_extension_st * hs_cell_introduce_ack_get_extensions(hs_cell_introduce_ack_t *inp); -/** As hs_cell_introduce_ack_get_extensions, but take and return a +struct trn_cell_extension_st * trn_cell_introduce_ack_get_extensions(trn_cell_introduce_ack_t *inp); +/** As trn_cell_introduce_ack_get_extensions, but take and return a * const pointer */ -const struct cell_extension_st * hs_cell_introduce_ack_getconst_extensions(const hs_cell_introduce_ack_t *inp); +const struct trn_cell_extension_st * trn_cell_introduce_ack_getconst_extensions(const trn_cell_introduce_ack_t *inp); /** Set the value of the extensions field of the - * hs_cell_introduce_ack_t in 'inp' to 'val'. Free the old value if + * trn_cell_introduce_ack_t in 'inp' to 'val'. Free the old value if * any. Steals the referenceto 'val'.Return 0 on success; return -1 * and set the error code on 'inp' on failure. */ -int hs_cell_introduce_ack_set_extensions(hs_cell_introduce_ack_t *inp, struct cell_extension_st *val); -/** As hs_cell_introduce_ack_set_extensions, but does not free the +int trn_cell_introduce_ack_set_extensions(trn_cell_introduce_ack_t *inp, struct trn_cell_extension_st *val); +/** As trn_cell_introduce_ack_set_extensions, but does not free the * previous value. */ -int hs_cell_introduce_ack_set0_extensions(hs_cell_introduce_ack_t *inp, struct cell_extension_st *val); -/** Return a newly allocated hs_cell_introduce_encrypted with all +int trn_cell_introduce_ack_set0_extensions(trn_cell_introduce_ack_t *inp, struct trn_cell_extension_st *val); +/** Return a newly allocated trn_cell_introduce_encrypted with all * elements set to zero. */ -hs_cell_introduce_encrypted_t *hs_cell_introduce_encrypted_new(void); -/** Release all storage held by the hs_cell_introduce_encrypted in +trn_cell_introduce_encrypted_t *trn_cell_introduce_encrypted_new(void); +/** Release all storage held by the trn_cell_introduce_encrypted in * 'victim'. (Do nothing if 'victim' is NULL.) */ -void hs_cell_introduce_encrypted_free(hs_cell_introduce_encrypted_t *victim); -/** Try to parse a hs_cell_introduce_encrypted from the buffer in +void trn_cell_introduce_encrypted_free(trn_cell_introduce_encrypted_t *victim); +/** Try to parse a trn_cell_introduce_encrypted from the buffer in * 'input', using up to 'len_in' bytes from the input buffer. On * success, return the number of bytes consumed and set *output to the - * newly allocated hs_cell_introduce_encrypted_t. On failure, return + * newly allocated trn_cell_introduce_encrypted_t. On failure, return * -2 if the input appears truncated, and -1 if the input is otherwise * invalid. */ -ssize_t hs_cell_introduce_encrypted_parse(hs_cell_introduce_encrypted_t **output, const uint8_t *input, const size_t len_in); +ssize_t trn_cell_introduce_encrypted_parse(trn_cell_introduce_encrypted_t **output, const uint8_t *input, const size_t len_in); /** Return the number of bytes we expect to need to encode the - * hs_cell_introduce_encrypted in 'obj'. On failure, return a negative - * value. Note that this value may be an overestimate, and can even be - * an underestimate for certain unencodeable objects. + * trn_cell_introduce_encrypted in 'obj'. On failure, return a + * negative value. Note that this value may be an overestimate, and + * can even be an underestimate for certain unencodeable objects. */ -ssize_t hs_cell_introduce_encrypted_encoded_len(const hs_cell_introduce_encrypted_t *obj); -/** Try to encode the hs_cell_introduce_encrypted from 'input' into +ssize_t trn_cell_introduce_encrypted_encoded_len(const trn_cell_introduce_encrypted_t *obj); +/** Try to encode the trn_cell_introduce_encrypted from 'input' into * the buffer at 'output', using up to 'avail' bytes of the output * buffer. On success, return the number of bytes used. On failure, * return -2 if the buffer was not long enough, and -1 if the input * was invalid. */ -ssize_t hs_cell_introduce_encrypted_encode(uint8_t *output, size_t avail, const hs_cell_introduce_encrypted_t *input); +ssize_t trn_cell_introduce_encrypted_encode(uint8_t *output, size_t avail, const trn_cell_introduce_encrypted_t *input); /** Check whether the internal state of the - * hs_cell_introduce_encrypted in 'obj' is consistent. Return NULL if + * trn_cell_introduce_encrypted in 'obj' is consistent. Return NULL if * it is, and a short message if it is not. */ -const char *hs_cell_introduce_encrypted_check(const hs_cell_introduce_encrypted_t *obj); +const char *trn_cell_introduce_encrypted_check(const trn_cell_introduce_encrypted_t *obj); /** Clear any errors that were set on the object 'obj' by its setter * functions. Return true iff errors were cleared. */ -int hs_cell_introduce_encrypted_clear_errors(hs_cell_introduce_encrypted_t *obj); +int trn_cell_introduce_encrypted_clear_errors(trn_cell_introduce_encrypted_t *obj); /** Return the (constant) length of the array holding the rend_cookie - * field of the hs_cell_introduce_encrypted_t in 'inp'. + * field of the trn_cell_introduce_encrypted_t in 'inp'. */ -size_t hs_cell_introduce_encrypted_getlen_rend_cookie(const hs_cell_introduce_encrypted_t *inp); +size_t trn_cell_introduce_encrypted_getlen_rend_cookie(const trn_cell_introduce_encrypted_t *inp); /** Return the element at position 'idx' of the fixed array field - * rend_cookie of the hs_cell_introduce_encrypted_t in 'inp'. + * rend_cookie of the trn_cell_introduce_encrypted_t in 'inp'. */ -uint8_t hs_cell_introduce_encrypted_get_rend_cookie(hs_cell_introduce_encrypted_t *inp, size_t idx); -/** As hs_cell_introduce_encrypted_get_rend_cookie, but take and +uint8_t trn_cell_introduce_encrypted_get_rend_cookie(trn_cell_introduce_encrypted_t *inp, size_t idx); +/** As trn_cell_introduce_encrypted_get_rend_cookie, but take and * return a const pointer */ -uint8_t hs_cell_introduce_encrypted_getconst_rend_cookie(const hs_cell_introduce_encrypted_t *inp, size_t idx); +uint8_t trn_cell_introduce_encrypted_getconst_rend_cookie(const trn_cell_introduce_encrypted_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field - * rend_cookie of the hs_cell_introduce_encrypted_t in 'inp', so that + * rend_cookie of the trn_cell_introduce_encrypted_t in 'inp', so that * it will hold the value 'elt'. */ -int hs_cell_introduce_encrypted_set_rend_cookie(hs_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt); +int trn_cell_introduce_encrypted_set_rend_cookie(trn_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the TRUNNEL_REND_COOKIE_LEN-element array * field rend_cookie of 'inp'. */ -uint8_t * hs_cell_introduce_encrypted_getarray_rend_cookie(hs_cell_introduce_encrypted_t *inp); -/** As hs_cell_introduce_encrypted_get_rend_cookie, but take and +uint8_t * trn_cell_introduce_encrypted_getarray_rend_cookie(trn_cell_introduce_encrypted_t *inp); +/** As trn_cell_introduce_encrypted_get_rend_cookie, but take and * return a const pointer */ -const uint8_t * hs_cell_introduce_encrypted_getconstarray_rend_cookie(const hs_cell_introduce_encrypted_t *inp); +const uint8_t * trn_cell_introduce_encrypted_getconstarray_rend_cookie(const trn_cell_introduce_encrypted_t *inp); /** Return the value of the extensions field of the - * hs_cell_introduce_encrypted_t in 'inp' + * trn_cell_introduce_encrypted_t in 'inp' */ -struct cell_extension_st * hs_cell_introduce_encrypted_get_extensions(hs_cell_introduce_encrypted_t *inp); -/** As hs_cell_introduce_encrypted_get_extensions, but take and return - * a const pointer +struct trn_cell_extension_st * trn_cell_introduce_encrypted_get_extensions(trn_cell_introduce_encrypted_t *inp); +/** As trn_cell_introduce_encrypted_get_extensions, but take and + * return a const pointer */ -const struct cell_extension_st * hs_cell_introduce_encrypted_getconst_extensions(const hs_cell_introduce_encrypted_t *inp); +const struct trn_cell_extension_st * trn_cell_introduce_encrypted_getconst_extensions(const trn_cell_introduce_encrypted_t *inp); /** Set the value of the extensions field of the - * hs_cell_introduce_encrypted_t in 'inp' to 'val'. Free the old value - * if any. Steals the referenceto 'val'.Return 0 on success; return -1 - * and set the error code on 'inp' on failure. + * trn_cell_introduce_encrypted_t in 'inp' to 'val'. Free the old + * value if any. Steals the referenceto 'val'.Return 0 on success; + * return -1 and set the error code on 'inp' on failure. */ -int hs_cell_introduce_encrypted_set_extensions(hs_cell_introduce_encrypted_t *inp, struct cell_extension_st *val); -/** As hs_cell_introduce_encrypted_set_extensions, but does not free +int trn_cell_introduce_encrypted_set_extensions(trn_cell_introduce_encrypted_t *inp, struct trn_cell_extension_st *val); +/** As trn_cell_introduce_encrypted_set_extensions, but does not free * the previous value. */ -int hs_cell_introduce_encrypted_set0_extensions(hs_cell_introduce_encrypted_t *inp, struct cell_extension_st *val); +int trn_cell_introduce_encrypted_set0_extensions(trn_cell_introduce_encrypted_t *inp, struct trn_cell_extension_st *val); /** Return the value of the onion_key_type field of the - * hs_cell_introduce_encrypted_t in 'inp' + * trn_cell_introduce_encrypted_t in 'inp' */ -uint8_t hs_cell_introduce_encrypted_get_onion_key_type(const hs_cell_introduce_encrypted_t *inp); +uint8_t trn_cell_introduce_encrypted_get_onion_key_type(const trn_cell_introduce_encrypted_t *inp); /** Set the value of the onion_key_type field of the - * hs_cell_introduce_encrypted_t in 'inp' to 'val'. Return 0 on + * trn_cell_introduce_encrypted_t in 'inp' to 'val'. Return 0 on * success; return -1 and set the error code on 'inp' on failure. */ -int hs_cell_introduce_encrypted_set_onion_key_type(hs_cell_introduce_encrypted_t *inp, uint8_t val); +int trn_cell_introduce_encrypted_set_onion_key_type(trn_cell_introduce_encrypted_t *inp, uint8_t val); /** Return the value of the onion_key_len field of the - * hs_cell_introduce_encrypted_t in 'inp' + * trn_cell_introduce_encrypted_t in 'inp' */ -uint16_t hs_cell_introduce_encrypted_get_onion_key_len(const hs_cell_introduce_encrypted_t *inp); +uint16_t trn_cell_introduce_encrypted_get_onion_key_len(const trn_cell_introduce_encrypted_t *inp); /** Set the value of the onion_key_len field of the - * hs_cell_introduce_encrypted_t in 'inp' to 'val'. Return 0 on + * trn_cell_introduce_encrypted_t in 'inp' to 'val'. Return 0 on * success; return -1 and set the error code on 'inp' on failure. */ -int hs_cell_introduce_encrypted_set_onion_key_len(hs_cell_introduce_encrypted_t *inp, uint16_t val); +int trn_cell_introduce_encrypted_set_onion_key_len(trn_cell_introduce_encrypted_t *inp, uint16_t val); /** Return the length of the dynamic array holding the onion_key field - * of the hs_cell_introduce_encrypted_t in 'inp'. + * of the trn_cell_introduce_encrypted_t in 'inp'. */ -size_t hs_cell_introduce_encrypted_getlen_onion_key(const hs_cell_introduce_encrypted_t *inp); +size_t trn_cell_introduce_encrypted_getlen_onion_key(const trn_cell_introduce_encrypted_t *inp); /** Return the element at position 'idx' of the dynamic array field - * onion_key of the hs_cell_introduce_encrypted_t in 'inp'. + * onion_key of the trn_cell_introduce_encrypted_t in 'inp'. */ -uint8_t hs_cell_introduce_encrypted_get_onion_key(hs_cell_introduce_encrypted_t *inp, size_t idx); -/** As hs_cell_introduce_encrypted_get_onion_key, but take and return +uint8_t trn_cell_introduce_encrypted_get_onion_key(trn_cell_introduce_encrypted_t *inp, size_t idx); +/** As trn_cell_introduce_encrypted_get_onion_key, but take and return * a const pointer */ -uint8_t hs_cell_introduce_encrypted_getconst_onion_key(const hs_cell_introduce_encrypted_t *inp, size_t idx); +uint8_t trn_cell_introduce_encrypted_getconst_onion_key(const trn_cell_introduce_encrypted_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field - * onion_key of the hs_cell_introduce_encrypted_t in 'inp', so that it - * will hold the value 'elt'. + * onion_key of the trn_cell_introduce_encrypted_t in 'inp', so that + * it will hold the value 'elt'. */ -int hs_cell_introduce_encrypted_set_onion_key(hs_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt); +int trn_cell_introduce_encrypted_set_onion_key(trn_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt); /** Append a new element 'elt' to the dynamic array field onion_key of - * the hs_cell_introduce_encrypted_t in 'inp'. + * the trn_cell_introduce_encrypted_t in 'inp'. */ -int hs_cell_introduce_encrypted_add_onion_key(hs_cell_introduce_encrypted_t *inp, uint8_t elt); +int trn_cell_introduce_encrypted_add_onion_key(trn_cell_introduce_encrypted_t *inp, uint8_t elt); /** Return a pointer to the variable-length array field onion_key of * 'inp'. */ -uint8_t * hs_cell_introduce_encrypted_getarray_onion_key(hs_cell_introduce_encrypted_t *inp); -/** As hs_cell_introduce_encrypted_get_onion_key, but take and return +uint8_t * trn_cell_introduce_encrypted_getarray_onion_key(trn_cell_introduce_encrypted_t *inp); +/** As trn_cell_introduce_encrypted_get_onion_key, but take and return * a const pointer */ -const uint8_t * hs_cell_introduce_encrypted_getconstarray_onion_key(const hs_cell_introduce_encrypted_t *inp); +const uint8_t * trn_cell_introduce_encrypted_getconstarray_onion_key(const trn_cell_introduce_encrypted_t *inp); /** Change the length of the variable-length array field onion_key of * 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on success; * return -1 and set the error code on 'inp' on failure. */ -int hs_cell_introduce_encrypted_setlen_onion_key(hs_cell_introduce_encrypted_t *inp, size_t newlen); +int trn_cell_introduce_encrypted_setlen_onion_key(trn_cell_introduce_encrypted_t *inp, size_t newlen); /** Return the value of the nspec field of the - * hs_cell_introduce_encrypted_t in 'inp' + * trn_cell_introduce_encrypted_t in 'inp' */ -uint8_t hs_cell_introduce_encrypted_get_nspec(const hs_cell_introduce_encrypted_t *inp); +uint8_t trn_cell_introduce_encrypted_get_nspec(const trn_cell_introduce_encrypted_t *inp); /** Set the value of the nspec field of the - * hs_cell_introduce_encrypted_t in 'inp' to 'val'. Return 0 on + * trn_cell_introduce_encrypted_t in 'inp' to 'val'. Return 0 on * success; return -1 and set the error code on 'inp' on failure. */ -int hs_cell_introduce_encrypted_set_nspec(hs_cell_introduce_encrypted_t *inp, uint8_t val); +int trn_cell_introduce_encrypted_set_nspec(trn_cell_introduce_encrypted_t *inp, uint8_t val); /** Return the length of the dynamic array holding the nspecs field of - * the hs_cell_introduce_encrypted_t in 'inp'. + * the trn_cell_introduce_encrypted_t in 'inp'. */ -size_t hs_cell_introduce_encrypted_getlen_nspecs(const hs_cell_introduce_encrypted_t *inp); +size_t trn_cell_introduce_encrypted_getlen_nspecs(const trn_cell_introduce_encrypted_t *inp); /** Return the element at position 'idx' of the dynamic array field - * nspecs of the hs_cell_introduce_encrypted_t in 'inp'. + * nspecs of the trn_cell_introduce_encrypted_t in 'inp'. */ -struct link_specifier_st * hs_cell_introduce_encrypted_get_nspecs(hs_cell_introduce_encrypted_t *inp, size_t idx); -/** As hs_cell_introduce_encrypted_get_nspecs, but take and return a +struct link_specifier_st * trn_cell_introduce_encrypted_get_nspecs(trn_cell_introduce_encrypted_t *inp, size_t idx); +/** As trn_cell_introduce_encrypted_get_nspecs, but take and return a * const pointer */ - const struct link_specifier_st * hs_cell_introduce_encrypted_getconst_nspecs(const hs_cell_introduce_encrypted_t *inp, size_t idx); + const struct link_specifier_st * trn_cell_introduce_encrypted_getconst_nspecs(const trn_cell_introduce_encrypted_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field - * nspecs of the hs_cell_introduce_encrypted_t in 'inp', so that it + * nspecs of the trn_cell_introduce_encrypted_t in 'inp', so that it * will hold the value 'elt'. Free the previous value, if any. */ -int hs_cell_introduce_encrypted_set_nspecs(hs_cell_introduce_encrypted_t *inp, size_t idx, struct link_specifier_st * elt); -/** As hs_cell_introduce_encrypted_set_nspecs, but does not free the +int trn_cell_introduce_encrypted_set_nspecs(trn_cell_introduce_encrypted_t *inp, size_t idx, struct link_specifier_st * elt); +/** As trn_cell_introduce_encrypted_set_nspecs, but does not free the * previous value. */ -int hs_cell_introduce_encrypted_set0_nspecs(hs_cell_introduce_encrypted_t *inp, size_t idx, struct link_specifier_st * elt); +int trn_cell_introduce_encrypted_set0_nspecs(trn_cell_introduce_encrypted_t *inp, size_t idx, struct link_specifier_st * elt); /** Append a new element 'elt' to the dynamic array field nspecs of - * the hs_cell_introduce_encrypted_t in 'inp'. + * the trn_cell_introduce_encrypted_t in 'inp'. */ -int hs_cell_introduce_encrypted_add_nspecs(hs_cell_introduce_encrypted_t *inp, struct link_specifier_st * elt); +int trn_cell_introduce_encrypted_add_nspecs(trn_cell_introduce_encrypted_t *inp, struct link_specifier_st * elt); /** Return a pointer to the variable-length array field nspecs of * 'inp'. */ -struct link_specifier_st * * hs_cell_introduce_encrypted_getarray_nspecs(hs_cell_introduce_encrypted_t *inp); -/** As hs_cell_introduce_encrypted_get_nspecs, but take and return a +struct link_specifier_st * * trn_cell_introduce_encrypted_getarray_nspecs(trn_cell_introduce_encrypted_t *inp); +/** As trn_cell_introduce_encrypted_get_nspecs, but take and return a * const pointer */ -const struct link_specifier_st * const * hs_cell_introduce_encrypted_getconstarray_nspecs(const hs_cell_introduce_encrypted_t *inp); +const struct link_specifier_st * const * trn_cell_introduce_encrypted_getconstarray_nspecs(const trn_cell_introduce_encrypted_t *inp); /** Change the length of the variable-length array field nspecs of * 'inp' to 'newlen'.Fill extra elements with NULL; free removed * elements. Return 0 on success; return -1 and set the error code on * 'inp' on failure. */ -int hs_cell_introduce_encrypted_setlen_nspecs(hs_cell_introduce_encrypted_t *inp, size_t newlen); +int trn_cell_introduce_encrypted_setlen_nspecs(trn_cell_introduce_encrypted_t *inp, size_t newlen); /** Return the length of the dynamic array holding the pad field of - * the hs_cell_introduce_encrypted_t in 'inp'. + * the trn_cell_introduce_encrypted_t in 'inp'. */ -size_t hs_cell_introduce_encrypted_getlen_pad(const hs_cell_introduce_encrypted_t *inp); +size_t trn_cell_introduce_encrypted_getlen_pad(const trn_cell_introduce_encrypted_t *inp); /** Return the element at position 'idx' of the dynamic array field - * pad of the hs_cell_introduce_encrypted_t in 'inp'. + * pad of the trn_cell_introduce_encrypted_t in 'inp'. */ -uint8_t hs_cell_introduce_encrypted_get_pad(hs_cell_introduce_encrypted_t *inp, size_t idx); -/** As hs_cell_introduce_encrypted_get_pad, but take and return a +uint8_t trn_cell_introduce_encrypted_get_pad(trn_cell_introduce_encrypted_t *inp, size_t idx); +/** As trn_cell_introduce_encrypted_get_pad, but take and return a * const pointer */ -uint8_t hs_cell_introduce_encrypted_getconst_pad(const hs_cell_introduce_encrypted_t *inp, size_t idx); +uint8_t trn_cell_introduce_encrypted_getconst_pad(const trn_cell_introduce_encrypted_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field - * pad of the hs_cell_introduce_encrypted_t in 'inp', so that it will + * pad of the trn_cell_introduce_encrypted_t in 'inp', so that it will * hold the value 'elt'. */ -int hs_cell_introduce_encrypted_set_pad(hs_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt); +int trn_cell_introduce_encrypted_set_pad(trn_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt); /** Append a new element 'elt' to the dynamic array field pad of the - * hs_cell_introduce_encrypted_t in 'inp'. + * trn_cell_introduce_encrypted_t in 'inp'. */ -int hs_cell_introduce_encrypted_add_pad(hs_cell_introduce_encrypted_t *inp, uint8_t elt); +int trn_cell_introduce_encrypted_add_pad(trn_cell_introduce_encrypted_t *inp, uint8_t elt); /** Return a pointer to the variable-length array field pad of 'inp'. */ -uint8_t * hs_cell_introduce_encrypted_getarray_pad(hs_cell_introduce_encrypted_t *inp); -/** As hs_cell_introduce_encrypted_get_pad, but take and return a +uint8_t * trn_cell_introduce_encrypted_getarray_pad(trn_cell_introduce_encrypted_t *inp); +/** As trn_cell_introduce_encrypted_get_pad, but take and return a * const pointer */ -const uint8_t * hs_cell_introduce_encrypted_getconstarray_pad(const hs_cell_introduce_encrypted_t *inp); +const uint8_t * trn_cell_introduce_encrypted_getconstarray_pad(const trn_cell_introduce_encrypted_t *inp); /** Change the length of the variable-length array field pad of 'inp' * to 'newlen'.Fill extra elements with 0. Return 0 on success; return * -1 and set the error code on 'inp' on failure. */ -int hs_cell_introduce_encrypted_setlen_pad(hs_cell_introduce_encrypted_t *inp, size_t newlen); +int trn_cell_introduce_encrypted_setlen_pad(trn_cell_introduce_encrypted_t *inp, size_t newlen); #endif diff --git a/src/trunnel/hs/cell_introduce1.trunnel b/src/trunnel/hs/cell_introduce1.trunnel index f7776879cd..7577c1526f 100644 --- a/src/trunnel/hs/cell_introduce1.trunnel +++ b/src/trunnel/hs/cell_introduce1.trunnel @@ -5,7 +5,7 @@ */ /* From cell_common.trunnel. */ -extern struct cell_extension; +extern struct trn_cell_extension; /* From ed25519_cert.trunnel. */ extern struct link_specifier; @@ -13,7 +13,7 @@ const TRUNNEL_SHA1_LEN = 20; const TRUNNEL_REND_COOKIE_LEN = 20; /* INTRODUCE1 payload. See details in section 3.2.1. */ -struct hs_cell_introduce1 { +struct trn_cell_introduce1 { /* Always zeroed. MUST be checked explicitely by the caller. */ u8 legacy_key_id[TRUNNEL_SHA1_LEN]; @@ -23,28 +23,28 @@ struct hs_cell_introduce1 { u8 auth_key[auth_key_len]; /* Extension(s). Reserved fields. */ - struct cell_extension extensions; + struct trn_cell_extension extensions; /* Variable length, up to the end of cell. */ u8 encrypted[]; }; /* INTRODUCE_ACK payload. See details in section 3.2.2. */ -struct hs_cell_introduce_ack { +struct trn_cell_introduce_ack { /* Status of introduction. */ u16 status IN [0x0000, 0x0001, 0x0002]; /* Extension(s). Reserved fields. */ - struct cell_extension extensions; + struct trn_cell_extension extensions; }; /* Encrypted section of the INTRODUCE1/INTRODUCE2 cell. */ -struct hs_cell_introduce_encrypted { +struct trn_cell_introduce_encrypted { /* Rendezvous cookie. */ u8 rend_cookie[TRUNNEL_REND_COOKIE_LEN]; /* Extension(s). Reserved fields. */ - struct cell_extension extensions; + struct trn_cell_extension extensions; /* Onion key material. */ u8 onion_key_type IN [0x01]; |