| blob | 3274e8e9c06d32064123ca0505d4ff5d6d0f1a97 |
1 /* Copyright (c) 2016-2017, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
4 /**
5 * \file hs_intropoint.c
6 * \brief Implement next generation introductions point functionality
7 **/
9 #define HS_INTROPOINT_PRIVATE
19 /* Trunnel */
30 /** Extract the authentication key from an ESTABLISH_INTRO or INTRODUCE1 using
31 * the given <b>cell_type</b> from <b>cell</b> and place it in
32 * <b>auth_key_out</b>. */
33 STATIC void
36 {
45 {
50 }
52 {
57 }
59 /* Getting here is really bad as it means we got a unknown cell type from
60 * this file where every call has an hardcoded value. */
62 }
66 }
68 /** We received an ESTABLISH_INTRO <b>cell</b>. Verify its signature and MAC,
69 * given <b>circuit_key_material</b>. Return 0 on success else -1 on error. */
70 STATIC int
74 {
75 /* We only reach this function if the first byte of the cell is 0x02 which
76 * means that auth_key_type is of ed25519 type, hence this check should
77 * always pass. See hs_intro_received_establish_intro(). */
80 }
82 /* Make sure the auth key length is of the right size for this type. For
83 * EXTRA safety, we check both the size of the array and the length which
84 * must be the same. Safety first!*/
90 }
94 /* Verify the sig */
95 {
96 ed25519_signature_t sig_struct;
100 /* Make sure the signature length is of the right size. For EXTRA safety,
101 * we check both the size of the array and the length which must be the
102 * same. Safety first!*/
108 }
109 /* We are now sure that sig_len is of the right size. */
112 ed25519_public_key_t auth_key;
118 ESTABLISH_INTRO_SIG_PREFIX,
124 }
125 }
127 /* Verify the MAC */
128 {
138 }
139 }
142 }
144 /* Send an INTRO_ESTABLISHED cell to <b>circ</b>. */
147 {
156 /* Build the cell payload. */
161 /* Encode the cell to binary format. */
166 cell);
170 RELAY_COMMAND_INTRO_ESTABLISHED,
172 NULL);
173 /* On failure, the above function will close the circuit. */
177 }
179 /** We received an ESTABLISH_INTRO <b>parsed_cell</b> on <b>circ</b>. It's
180 * well-formed and passed our verifications. Perform appropriate actions to
181 * establish an intro point. */
182 static int
185 {
186 /* Get the auth key of this intro point */
187 ed25519_public_key_t auth_key;
189 parsed_cell);
191 /* Then notify the hidden service that the intro point is established by
192 sending an INTRO_ESTABLISHED cell */
196 }
198 /* Associate intro point auth key with this circuit. */
200 /* Repurpose this circuit into an intro circuit. */
204 }
206 /** We just received an ESTABLISH_INTRO cell in <b>circ</b> with payload in
207 * <b>request</b>. Handle it by making <b>circ</b> an intro circuit. Return 0
208 * if everything went well, or -1 if there were errors. */
209 static int
212 {
222 /* Check that the circuit is in shape to become an intro point */
225 }
227 /* Parse the cell */
235 }
244 }
246 /* This cell is legit. Take the appropriate actions. */
250 }
252 /* We are done! */
256 err:
257 /* When sending the intro establish ack, on error the circuit can be marked
258 * as closed so avoid a double close. */
261 }
263 done:
266 }
268 /* Return True if circuit is suitable for being an intro circuit. */
269 static int
272 {
276 /* Basic circuit state sanity checks. */
281 }
287 }
289 /* Suitable. */
291 }
293 /* Return True if circuit is suitable for being service-side intro circuit. */
294 int
296 {
298 }
300 /* We just received an ESTABLISH_INTRO cell in <b>circ</b>. Figure out of it's
301 * a legacy or a next gen cell, and pass it to the appropriate handler. */
302 int
305 {
312 }
314 /* Using the first byte of the cell, figure out the version of
315 * ESTABLISH_INTRO and pass it to the appropriate cell handler */
327 }
329 err:
332 }
334 /* Send an INTRODUCE_ACK cell onto the circuit <b>circ</b> with the status
335 * value in <b>status</b>. Depending on the status, it can be ACK or a NACK.
336 * Return 0 on success else a negative value on error which will close the
337 * circuit. */
338 static int
340 {
349 /* Setup the INTRODUCE_ACK cell. We have no extensions so the N_EXTENSIONS
350 * field is set to 0 by default with a new object. */
353 /* We have no cell extensions in an INTRODUCE_ACK cell. */
357 /* A wrong status is a very bad code flow error as this value is controlled
358 * by the code in this file and not an external input. This means we use a
359 * code that is not known by the trunnel ABI. */
361 /* Encode the payload. We should never fail to get the encoded length. */
369 RELAY_COMMAND_INTRODUCE_ACK,
371 NULL);
372 /* On failure, the above function will close the circuit. */
376 }
378 /* Validate a parsed INTRODUCE1 <b>cell</b>. Return 0 if valid or else a
379 * negative value for an invalid cell that should be NACKed. */
380 STATIC int
382 {
388 /* This code path SHOULD NEVER be reached if the cell is a legacy type so
389 * safety net here. The legacy ID must be zeroes in this case. */
394 }
396 /* The auth key of an INTRODUCE1 should be of type ed25519 thus leading to a
397 * known fixed length as well. */
399 HS_INTRO_AUTH_KEY_TYPE_ED25519) {
401 "Rejecting invalid INTRODUCE1 cell auth key type. "
404 }
408 "Rejecting invalid INTRODUCE1 cell auth key length. "
411 }
414 "Rejecting invalid INTRODUCE1 cell encrypted length. "
417 }
420 invalid:
422 }
424 /* We just received a non legacy INTRODUCE1 cell on <b>client_circ</b> with
425 * the payload in <b>request</b> of size <b>request_len</b>. Return 0 if
426 * everything went well, or -1 if an error occurred. This function is in charge
427 * of sending back an INTRODUCE_ACK cell and will close client_circ on error.
428 */
429 STATIC int
432 {
441 /* Parse cell. Note that we can only parse the non encrypted section for
442 * which we'll use the authentication key to find the service introduction
443 * circuit and relay the cell on it. */
445 request_len);
450 /* Inform client that the INTRODUCE1 has a bad format. */
453 }
455 /* Once parsed validate the cell format. */
457 /* Inform client that the INTRODUCE1 has bad format. */
460 }
462 /* Find introduction circuit through our circuit map. */
463 {
464 ed25519_public_key_t auth_key;
474 /* Inform the client that we don't know the requested service ID. */
477 }
478 }
480 /* Relay the cell to the service on its intro circuit with an INTRODUCE2
481 * cell which is the same exact payload. */
483 RELAY_COMMAND_INTRODUCE2,
486 /* Inform the client that we can't relay the cell. */
489 }
491 /* Success! Send an INTRODUCE_ACK success status onto the client circuit. */
495 send_ack:
496 /* Send INTRODUCE_ACK or INTRODUCE_NACK to client */
500 /* Circuit has been closed on failure of transmission. */
502 }
504 /* We just sent a NACK that is a non success status code so close the
505 * circuit because it's not useful to keep it open. Remember, a client can
506 * only send one INTRODUCE1 cell on a circuit. */
508 }
509 done:
512 }
514 /* Identify if the encoded cell we just received is a legacy one or not. The
515 * <b>request</b> should be at least DIGEST_LEN bytes long. */
516 STATIC int
518 {
521 /* If the first 20 bytes of the cell (DIGEST_LEN) are NOT zeroes, it
522 * indicates a legacy cell (v2). */
524 /* Legacy cell. */
526 }
527 /* Not a legacy cell. */
529 }
531 /* Return true iff the circuit <b>circ</b> is suitable for receiving an
532 * INTRODUCE1 cell. */
533 STATIC int
535 {
538 /* Is this circuit an intro point circuit? */
541 }
545 "Blocking multiple introductions on the same circuit. "
546 "Someone might be trying to attack a hidden service through "
549 }
552 }
554 /* We just received an INTRODUCE1 cell on <b>circ</b>. Figure out which type
555 * it is and pass it to the appropriate handler. Return 0 on success else a
556 * negative value and the circuit is closed. */
557 int
560 {
566 /* A cell that can't hold a DIGEST_LEN is invalid as we need to check if
567 * it's a legacy cell or not using the first DIGEST_LEN bytes. */
571 }
573 /* Make sure we have a circuit that can have an INTRODUCE1 cell on it. */
575 /* We do not send a NACK because the circuit is not suitable for any kind
576 * of response or transmission as it's a violation of the protocol. */
578 }
579 /* Mark the circuit that we got this cell. None are allowed after this as a
580 * DoS mitigation since one circuit with one client can hammer a service. */
583 /* We are sure here to have at least DIGEST_LEN bytes. */
585 /* Handle a legacy cell. */
588 /* Handle a non legacy cell. */
590 }
593 err:
596 }
598 /* Clear memory allocated by the given intropoint object ip (but don't free the
599 * object itself). */
600 void
602 {
605 }
611 }