From b0ccb6bfa505dc072c7af87261f6ac04e5e106db Mon Sep 17 00:00:00 2001 From: David Goulet Date: Fri, 16 Dec 2016 12:09:22 -0500 Subject: hs: Add an extra safety check on ESTABLISH_INTRO sig len Signed-off-by: David Goulet --- src/or/hs_intropoint.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'src/or') diff --git a/src/or/hs_intropoint.c b/src/or/hs_intropoint.c index bfc7ec3876..7bd80d5c9d 100644 --- a/src/or/hs_intropoint.c +++ b/src/or/hs_intropoint.c @@ -70,7 +70,11 @@ verify_establish_intro_cell(const hs_cell_establish_intro_t *cell, ed25519_signature_t sig_struct; const uint8_t *sig_array = hs_cell_establish_intro_getconstarray_sig(cell); - if (hs_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig)) { + /* Make sure the signature length is of the right size. For EXTRA safety, + * we check both the size of the array and the length which must be the + * same. Safety first!*/ + if (hs_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig) || + hs_cell_establish_intro_get_sig_len(cell) != sizeof(sig_struct.sig)) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "ESTABLISH_INTRO sig len is invalid"); return -1; -- cgit v1.2.3-54-g00ecf From db0e926849954b36f3eeba274308f2c9bb8292f1 Mon Sep 17 00:00:00 2001 From: David Goulet Date: Fri, 16 Dec 2016 12:12:37 -0500 Subject: hs: Remove a useless cast in verify_establish_intro_cell() Signed-off-by: David Goulet --- src/or/hs_intropoint.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/or') diff --git a/src/or/hs_intropoint.c b/src/or/hs_intropoint.c index 7bd80d5c9d..b37c9a1b9f 100644 --- a/src/or/hs_intropoint.c +++ b/src/or/hs_intropoint.c @@ -87,7 +87,7 @@ verify_establish_intro_cell(const hs_cell_establish_intro_t *cell, const size_t sig_msg_len = cell->end_sig_fields - msg; int sig_mismatch = ed25519_checksig_prefixed(&sig_struct, - (uint8_t*) msg, sig_msg_len, + msg, sig_msg_len, ESTABLISH_INTRO_SIG_PREFIX, &auth_key); if (sig_mismatch) { -- cgit v1.2.3-54-g00ecf From e76b072defa5f5d6f5429d4df9afdd1335591658 Mon Sep 17 00:00:00 2001 From: David Goulet Date: Fri, 16 Dec 2016 12:18:05 -0500 Subject: test: fix the generate ESTABLISH_INTRO v3 cell The "sig_len" fields was moved below the "end_sig_fields" in the trunnel specification so when signing the cell content, the function generating such a cell needed to be adjust. Closes #20991 Signed-off-by: David Goulet --- src/or/hs_service.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src/or') diff --git a/src/or/hs_service.c b/src/or/hs_service.c index 3b5a3e7853..7b12b63065 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -152,8 +152,9 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material, tor_assert(encoded_len > ED25519_SIG_LEN); if (ed25519_sign_prefixed(&sig, - (uint8_t*) cell_bytes_tmp, - encoded_len - ED25519_SIG_LEN, + cell_bytes_tmp, + encoded_len - + (ED25519_SIG_LEN + sizeof(cell->sig_len)), ESTABLISH_INTRO_SIG_PREFIX, &key_struct)) { log_warn(LD_BUG, "Unable to gen signature for ESTABLISH_INTRO cell."); -- cgit v1.2.3-54-g00ecf