Tor
0.4.7.0-alpha-dev
|
Hidden service API for cell creation and handling. More...
#include "core/or/or.h"
#include "app/config/config.h"
#include "lib/crypt_ops/crypto_util.h"
#include "feature/hs_common/replaycache.h"
#include "feature/hs/hs_cell.h"
#include "feature/hs/hs_ob.h"
#include "core/crypto/hs_ntor.h"
#include "core/or/origin_circuit_st.h"
#include "trunnel/ed25519_cert.h"
#include "trunnel/hs/cell_common.h"
#include "trunnel/hs/cell_establish_intro.h"
#include "trunnel/hs/cell_introduce1.h"
#include "trunnel/hs/cell_rendezvous.h"
Go to the source code of this file.
Functions | |
static void | compute_introduce_mac (const uint8_t *encoded_cell, size_t encoded_cell_len, const uint8_t *encrypted, size_t encrypted_len, const uint8_t *mac_key, size_t mac_key_len, uint8_t *mac_out, size_t mac_out_len) |
static hs_ntor_intro_cell_keys_t * | get_introduce2_key_material (const ed25519_public_key_t *auth_key, const curve25519_keypair_t *enc_key, size_t n_subcredentials, const hs_subcredential_t *subcredentials, const uint8_t *encrypted_section, curve25519_public_key_t *client_pk) |
static uint8_t * | decrypt_introduce2 (const uint8_t *enc_key, const uint8_t *encrypted_section, size_t encrypted_section_len) |
static trn_cell_introduce_encrypted_t * | parse_introduce2_encrypted (const uint8_t *decrypted_data, size_t decrypted_len, const origin_circuit_t *circ, const hs_service_t *service) |
static int | parse_introduce2_cell (const hs_service_t *service, const origin_circuit_t *circ, const uint8_t *payload, size_t payload_len, trn_cell_introduce1_t **cell_ptr_out) |
static void | introduce1_set_encrypted_onion_key (trn_cell_introduce_encrypted_t *cell, const uint8_t *onion_pk) |
static void | introduce1_set_encrypted_link_spec (trn_cell_introduce_encrypted_t *cell, const smartlist_t *lspecs) |
static void | introduce1_set_encrypted_padding (const trn_cell_introduce1_t *cell, trn_cell_introduce_encrypted_t *enc_cell) |
static void | introduce1_encrypt_and_encode (trn_cell_introduce1_t *cell, const trn_cell_introduce_encrypted_t *enc_cell, const hs_cell_introduce1_data_t *data) |
static void | introduce1_set_encrypted (trn_cell_introduce1_t *cell, const hs_cell_introduce1_data_t *data) |
static void | introduce1_set_auth_key (trn_cell_introduce1_t *cell, const hs_cell_introduce1_data_t *data) |
static void | build_establish_intro_dos_param (trn_cell_extension_dos_t *dos_ext, uint8_t param_type, uint64_t param_value) |
static int | build_establish_intro_dos_extension (const hs_service_config_t *service_config, trn_cell_extension_t *extensions) |
STATIC trn_cell_extension_t * | build_establish_intro_extensions (const hs_service_config_t *service_config, const hs_service_intro_point_t *ip) |
ssize_t | hs_cell_build_establish_intro (const char *circ_nonce, const hs_service_config_t *service_config, const hs_service_intro_point_t *ip, uint8_t *cell_out) |
ssize_t | hs_cell_parse_intro_established (const uint8_t *payload, size_t payload_len) |
static hs_ntor_intro_cell_keys_t * | get_introduce2_keys_and_verify_mac (hs_cell_introduce2_data_t *data, const uint8_t *encrypted_section, size_t encrypted_section_len) |
ssize_t | hs_cell_parse_introduce2 (hs_cell_introduce2_data_t *data, const origin_circuit_t *circ, const hs_service_t *service) |
ssize_t | hs_cell_build_rendezvous1 (const uint8_t *rendezvous_cookie, size_t rendezvous_cookie_len, const uint8_t *rendezvous_handshake_info, size_t rendezvous_handshake_info_len, uint8_t *cell_out) |
ssize_t | hs_cell_build_introduce1 (const hs_cell_introduce1_data_t *data, uint8_t *cell_out) |
ssize_t | hs_cell_build_establish_rendezvous (const uint8_t *rendezvous_cookie, uint8_t *cell_out) |
int | hs_cell_parse_introduce_ack (const uint8_t *payload, size_t payload_len) |
int | hs_cell_parse_rendezvous2 (const uint8_t *payload, size_t payload_len, uint8_t *handshake_info, size_t handshake_info_len) |
void | hs_cell_introduce1_data_clear (hs_cell_introduce1_data_t *data) |
Hidden service API for cell creation and handling.
Definition in file hs_cell.c.
|
static |
Build the DoS defense cell extension and put it in the given extensions object. Return 0 on success, -1 on failure. (Right now, failure is only possible if there is a bug.)
Definition at line 456 of file hs_cell.c.
Referenced by build_establish_intro_extensions().
|
static |
Build and add to the given DoS cell extension the given parameter type and value.
Definition at line 435 of file hs_cell.c.
Referenced by build_establish_intro_dos_extension().
STATIC trn_cell_extension_t* build_establish_intro_extensions | ( | const hs_service_config_t * | service_config, |
const hs_service_intro_point_t * | ip | ||
) |
Allocate and build all the ESTABLISH_INTRO cell extension. The given extensions pointer is always set to a valid cell extension object.
Definition at line 530 of file hs_cell.c.
Referenced by hs_cell_build_establish_intro().
|
static |
Compute the MAC of an INTRODUCE cell in mac_out. The encoded_cell param is the cell content up to the ENCRYPTED section of length encoded_cell_len. The encrypted param is the start of the ENCRYPTED section of length encrypted_len. The mac_key is the key needed for the computation of the MAC derived from the ntor handshake of length mac_key_len.
The length mac_out_len must be at least DIGEST256_LEN.
|
static |
|
static |
From a set of keys, a list of subcredentials, and the ENCRYPTED section of an INTRODUCE2 cell, return an array of newly allocated intro cell keys structures. Finally, the client public key is copied in client_pk. On error, return NULL.
Definition at line 77 of file hs_cell.c.
Referenced by get_introduce2_keys_and_verify_mac().
|
static |
For the encrypted INTRO2 cell in encrypted_section, use the crypto material in data to compute the right ntor keys. Also validate the INTRO2 MAC to ensure that the keys are the right ones.
Return NULL on failure to either produce the key material or on MAC validation. Else return a newly allocated intro keys object.
ssize_t hs_cell_build_establish_intro | ( | const char * | circ_nonce, |
const hs_service_config_t * | service_config, | ||
const hs_service_intro_point_t * | ip, | ||
uint8_t * | cell_out | ||
) |
Build an ESTABLISH_INTRO cell with the given circuit nonce and intro point object. The encoded cell is put in cell_out that MUST at least be of the size of RELAY_PAYLOAD_SIZE. Return the encoded cell length on success else a negative value and cell_out is untouched.
Definition at line 563 of file hs_cell.c.
Referenced by send_establish_intro().
ssize_t hs_cell_build_establish_rendezvous | ( | const uint8_t * | rendezvous_cookie, |
uint8_t * | cell_out | ||
) |
Build an ESTABLISH_RENDEZVOUS cell from the given rendezvous_cookie. The encoded cell is put in cell_out which must be of at least RELAY_PAYLOAD_SIZE. On success, the encoded length is returned and the caller should clear up the content of the cell.
This function can't fail.
ssize_t hs_cell_build_introduce1 | ( | const hs_cell_introduce1_data_t * | data, |
uint8_t * | cell_out | ||
) |
ssize_t hs_cell_build_rendezvous1 | ( | const uint8_t * | rendezvous_cookie, |
size_t | rendezvous_cookie_len, | ||
const uint8_t * | rendezvous_handshake_info, | ||
size_t | rendezvous_handshake_info_len, | ||
uint8_t * | cell_out | ||
) |
void hs_cell_introduce1_data_clear | ( | hs_cell_introduce1_data_t * | data | ) |
ssize_t hs_cell_parse_intro_established | ( | const uint8_t * | payload, |
size_t | payload_len | ||
) |
ssize_t hs_cell_parse_introduce2 | ( | hs_cell_introduce2_data_t * | data, |
const origin_circuit_t * | circ, | ||
const hs_service_t * | service | ||
) |
Parse the INTRODUCE2 cell using data which contains everything we need to do so and contains the destination buffers of information we extract and compute from the cell. Return 0 on success else a negative value. The service and circ are only used for logging purposes.
Definition at line 768 of file hs_cell.c.
Referenced by hs_circ_handle_introduce2().
int hs_cell_parse_introduce_ack | ( | const uint8_t * | payload, |
size_t | payload_len | ||
) |
int hs_cell_parse_rendezvous2 | ( | const uint8_t * | payload, |
size_t | payload_len, | ||
uint8_t * | handshake_info, | ||
size_t | handshake_info_len | ||
) |
Handle a RENDEZVOUS2 cell encoded in payload of length payload_len. On success, handshake_info contains the data in the HANDSHAKE_INFO field, and 0 is returned. On error, a negative value is returned.
Definition at line 1022 of file hs_cell.c.
Referenced by handle_rendezvous2().
|
static |
Encrypt the ENCRYPTED payload and encode it in the cell using the enc_cell and the INTRODUCE1 data.
This can't fail but it is very important that the caller sets every field in data so the computation of the INTRODUCE1 keys doesn't fail.
Definition at line 293 of file hs_cell.c.
Referenced by introduce1_set_encrypted().
|
static |
Set the authentication key in the INTRODUCE1 cell from the given data.
Definition at line 418 of file hs_cell.c.
Referenced by hs_cell_build_introduce1().
|
static |
Using the INTRODUCE1 data, setup the ENCRYPTED section in cell. This means set it, encrypt it and encode it.
Definition at line 378 of file hs_cell.c.
Referenced by hs_cell_build_introduce1().
|
static |
Set the link specifiers in lspecs in cell, the encrypted section of an INTRODUCE1 cell.
Definition at line 250 of file hs_cell.c.
Referenced by introduce1_set_encrypted().
|
static |
Set the onion public key onion_pk in cell, the encrypted section of an INTRODUCE1 cell.
Definition at line 233 of file hs_cell.c.
Referenced by introduce1_set_encrypted().
|
static |
Set padding in the enc_cell only if needed that is the total length of both sections are below the minimum required for an INTRODUCE1 cell.
Definition at line 270 of file hs_cell.c.
Referenced by introduce1_set_encrypted().
|
static |
Parse an INTRODUCE2 cell from payload of size payload_len for the given service and circuit which are used only for logging purposes. The resulting parsed cell is put in cell_ptr_out.
Return 0 on success else a negative value and cell_ptr_out is untouched.
Definition at line 202 of file hs_cell.c.
Referenced by hs_cell_parse_introduce2().
|
static |
Given a pointer to the decrypted data of the ENCRYPTED section of an INTRODUCE2 cell of length decrypted_len, parse and validate the cell content. Return a newly allocated cell structure or NULL on error. The circuit and service object are only used for logging purposes.