Home Explore Help
Sign In
cbocovic
/
slitheen
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

fixed bug: extra input was seeded from TLS master secret instead of client-relay shared

cecylia 7 years ago
parent
28fdaefdc1
commit
0bc75ab1cd
2 changed files with 19 additions and 11 deletions
Split View Show Diff Stats
  1. 10 10
      doc/bytes.svg
  2. 9 1
      relay_station/crypto.c

+ 10 - 10
doc/bytes.svg
View File 

@@ -2362,8 +2362,8 @@
 
        d="m 171.42861,432.91146 376.78576,0"
 
        style="opacity:0.95899999;fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" />
 
     <text
 
-       inkscape:export-ydpi="90"
 
-       inkscape:export-xdpi="90"
 
+       inkscape:export-ydpi="200"
 
+       inkscape:export-xdpi="200"
 
        xml:space="preserve"
 
        style="font-style:normal;font-variant:normal;font-weight:500;font-stretch:normal;font-size:62.5px;line-height:125%;font-family:'CMU Sans Serif';-inkscape-font-specification:'CMU Sans Serif, Medium';text-align:start;letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;text-anchor:start;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
 
        x="273.71265"
 
@@ -2382,8 +2382,8 @@
 
        x="316.56995"
 
        style="font-style:normal;font-variant:normal;font-weight:500;font-stretch:normal;font-size:62.5px;line-height:125%;font-family:'CMU Sans Serif';-inkscape-font-specification:'CMU Sans Serif, Medium';text-align:start;letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;text-anchor:start;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
 
        xml:space="preserve"
 
-       inkscape:export-xdpi="90"
 
-       inkscape:export-ydpi="90"><tspan
 
+       inkscape:export-xdpi="200"
 
+       inkscape:export-ydpi="200"><tspan
 
          style="font-size:15px"
 
          y="426.50931"
 
          x="316.56995"
 
@@ -2404,8 +2404,8 @@
 
        d="m 171.42861,495.41152 376.78576,0"
 
        style="opacity:0.95899999;fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" />
 
     <text
 
-       inkscape:export-ydpi="90"
 
-       inkscape:export-xdpi="90"
 
+       inkscape:export-ydpi="200"
 
+       inkscape:export-xdpi="200"
 
        xml:space="preserve"
 
        style="font-style:normal;font-variant:normal;font-weight:500;font-stretch:normal;font-size:62.5px;line-height:125%;font-family:'CMU Sans Serif';-inkscape-font-specification:'CMU Sans Serif, Medium';text-align:start;letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;text-anchor:start;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
 
        x="259.42688"
 
@@ -2424,8 +2424,8 @@
 
        x="345.14148"
 
        style="font-style:normal;font-variant:normal;font-weight:500;font-stretch:normal;font-size:62.5px;line-height:125%;font-family:'CMU Sans Serif';-inkscape-font-specification:'CMU Sans Serif, Medium';text-align:start;letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;text-anchor:start;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
 
        xml:space="preserve"
 
-       inkscape:export-xdpi="90"
 
-       inkscape:export-ydpi="90"><tspan
 
+       inkscape:export-xdpi="200"
 
+       inkscape:export-ydpi="200"><tspan
 
          style="font-size:15px"
 
          y="488.76645"
 
          x="345.14148"
 
@@ -2439,8 +2439,8 @@
 
        inkscape:export-xdpi="200"
 
        inkscape:export-ydpi="200" />
 
     <text
 
-       inkscape:export-ydpi="90"
 
-       inkscape:export-xdpi="90"
 
+       inkscape:export-ydpi="200"
 
+       inkscape:export-xdpi="200"
 
        xml:space="preserve"
 
        style="font-style:normal;font-variant:normal;font-weight:500;font-stretch:normal;font-size:62.5px;line-height:125%;font-family:'CMU Sans Serif';-inkscape-font-specification:'CMU Sans Serif, Medium';text-align:start;letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;text-anchor:start;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
 
        x="205.85548"

+ 9 - 1
relay_station/crypto.c
View File 

@@ -533,11 +533,19 @@ int verify_finish_hash(flow *f, uint8_t *hs, int32_t incoming){
 
 		uint32_t extra_input_len = SSL3_RANDOM_SIZE;
 
 		uint8_t *extra_input = calloc(1, extra_input_len);
 
 
-		PRF(f, f->master_secret, SSL3_MASTER_SECRET_SIZE,
 
+		PRF(f, f->key, 16,
 
 			(uint8_t *) SLITHEEN_FINISHED_INPUT_CONST, SLITHEEN_FINISHED_INPUT_CONST_SIZE,
 
 			NULL, 0, NULL, 0, NULL, 0,
 
 			extra_input, extra_input_len);
 
 
+#ifdef DEBUG_HS
 
+		printf("Extra input:\n");
 
+		for(int i=0; i< extra_input_len; i++){
 
+			printf("%02x ", extra_input[i]);
 
+		}
 
+		printf("\n");
 
+#endif
 
+
 
 		EVP_MD_CTX_copy_ex(&ctx, f->finish_md_ctx);
 
 		EVP_DigestUpdate(&ctx, extra_input, extra_input_len);