bug in onion expire time, for 3 hop onions?
Matej Pfajfar
badbytes at freehaven.net
Fri Jul 19 08:38:30 UTC 2002
On 19 Jul 2002, Nick Mathewson wrote:
> On Thu, 2002-07-18 at 19:06, Roger Dingledine wrote:
>
> Hi, Roger! I'm not too deep in your code, but I've debugged similar
> stuff in Minion, and I think I may be able to suggest a good direction
>
> > Now that I've got more than 3 onion routers up, and my coinweight is
> > non-zero, sometimes I get onions which use 3 hops. Some of those onions
> > have invalid expire times:
> >
> > (gdb) print (time_t)((onion_layer_t *)circ->onion)->expire
> > $2 = -1241615826
> >
> > That's *really* invalid, not just off by a few seconds. Mat, do you
> > have any ideas on this one? I imagine it's somewhere in onion.c, which
> > I haven't really looked at since I grabbed it from your code.
> >
>
> This is happening in process_onion, right?
>
> My first guess is that this isn't an expiration problem. It looks more
> like a problem decrypting the onion; keep in mind that this is the first
> operation after you decrypt the onion. Are the other fields all
> reasonable?
I think you are right, I'll debug that now.
>
> By any chance, is >3 hops the point at which decrypt_onion starts using
> 3DES in addition to RSA?
No - DES gets used even at 2 or 3 hops. The first layer (28 bytes) is
padded to 128 bytes and that is RSA encrypted. For the second layer, the
last 28 bytes of the onion is then encrypted with DES.
> (A unit test to make sure that decrypt_onion inverts encrypt_onion for
> long onions might be in order.) :)
Yep =- watch this space ;-).
--
Matej Pfajfar
GPG Public Keys @ http://matejpfajfar.co.uk/keys
More information about the tor-dev
mailing list