[tor-commits] [stem/master] Revert _decrypt_layer() crypto changes
atagar at torproject.org
atagar at torproject.org
Sun Nov 17 23:40:39 UTC 2019
commit c40db8f7c28e6b5b90e61317e256911fb8661dc7
Author: Damian Johnson <atagar at torproject.org>
Date: Thu Oct 31 15:48:07 2019 -0700
Revert _decrypt_layer() crypto changes
George adjusted _decrypt_layer() to use his hsv3_crypto module. Swapping this
back to what we had.
---
stem/descriptor/hidden_service.py | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/stem/descriptor/hidden_service.py b/stem/descriptor/hidden_service.py
index bb8937d8..a490f3b7 100644
--- a/stem/descriptor/hidden_service.py
+++ b/stem/descriptor/hidden_service.py
@@ -36,6 +36,7 @@ import datetime
import hashlib
import io
import os
+import struct
import time
import stem.client.datatype
@@ -213,8 +214,8 @@ class IntroductionPointV3(collections.namedtuple('IntroductionPointV3', ['link_s
lines = []
link_count = stem.client.datatype.Size.CHAR.pack(len(self.link_specifiers))
- link_specifiers = link_count + ''.join([l.pack() for l in self.link_specifiers])
- lines.append('introduction-point %s' % base64.b64encode(link_specifiers))
+ link_specifiers = link_count + b''.join([l.pack() for l in self.link_specifiers])
+ lines.append('introduction-point %s' % stem.util.str_tools._to_unicode(base64.b64encode(link_specifiers)))
if self.onion_key_raw:
lines.append('onion-key ntor %s' % self.onion_key_raw)
@@ -365,6 +366,9 @@ def _decrypt_layer(encrypted_block, constant, revision_counter, subcredential, b
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
+ def pack(val):
+ return struct.pack('>Q', val)
+
if encrypted_block.startswith('-----BEGIN MESSAGE-----\n') and encrypted_block.endswith('\n-----END MESSAGE-----'):
encrypted_block = encrypted_block[24:-22]
@@ -380,10 +384,14 @@ def _decrypt_layer(encrypted_block, constant, revision_counter, subcredential, b
ciphertext = encrypted[SALT_LEN:-MAC_LEN]
expected_mac = encrypted[-MAC_LEN:]
- secret_key, secret_iv, mac_key = hsv3_crypto.get_desc_keys(blinded_key, constant,
- subcredential, revision_counter, salt, )
+ kdf = hashlib.shake_256(blinded_key + subcredential + pack(revision_counter) + salt + constant)
+ keys = kdf.digest(S_KEY_LEN + S_IV_LEN + MAC_LEN)
+
+ secret_key = keys[:S_KEY_LEN]
+ secret_iv = keys[S_KEY_LEN:S_KEY_LEN + S_IV_LEN]
+ mac_key = keys[S_KEY_LEN + S_IV_LEN:]
- mac = hsv3_crypto.get_desc_encryption_mac(mac_key, salt, ciphertext)
+ mac = hashlib.sha3_256(pack(len(mac_key)) + mac_key + pack(len(salt)) + salt + ciphertext).digest()
if mac != expected_mac:
raise ValueError('Malformed mac (expected %s, but was %s)' % (expected_mac, mac))
More information about the tor-commits
mailing list