mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-25 07:07:52 +01:00
Code Issues Projects Releases Wiki Activity

HSv3: Don't assert when reading bad client-side privkeys.

Browse source
This commit is contained in:
George Kadianakis 2018-09-07 18:06:44 +03:00 committed by David Goulet
parent 6583d1e709
commit 3695ef6343
2 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/feature/hs/hs_client.c
View file

@ -1500,6 +1500,12 @@ parse_auth_file_content(const char *client_key_str)
goto err; goto err;
} }
if (strlen(seckey_b32) != BASE32_NOPAD_LEN(CURVE25519_PUBKEY_LEN)) {
log_warn(LD_REND, "Client authorization encoded base32 private key "
"length is invalid: %s", seckey_b32);
goto err;
}
auth = tor_malloc_zero(sizeof(hs_client_service_authorization_t)); auth = tor_malloc_zero(sizeof(hs_client_service_authorization_t));
if (base32_decode((char *) auth->enc_seckey.secret_key, if (base32_decode((char *) auth->enc_seckey.secret_key,
sizeof(auth->enc_seckey.secret_key), sizeof(auth->enc_seckey.secret_key),

4
src/test/test_hs_client.c
View file

@ -660,7 +660,9 @@ test_parse_auth_file_content(void *arg)
"x:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq")); "x:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq"));
/* Some malformed string. */ /* Some malformed string. */
tt_assert(!parse_auth_file_content("xx:descriptor:x25519:aa==")); tt_assert(!parse_auth_file_content("xx:descriptor:x25519:aa=="));
/* Bigger key than it should be */
tt_assert(!parse_auth_file_content("xx:descriptor:x25519:"
"vjqea4jbhwwc4hto7ekyvqfbeodghbaq6nxi45hz4wr3qvhqv3yqa"));
done: done:
tor_free(auth); tor_free(auth);
} }