|
@@ -48,13 +48,17 @@ circuit_purpose_is_correct_for_rend(unsigned int circ_purpose, int is_service_si
|
|
|
* If <b>is_service_side</b> is set, we are the hidden service and the final
|
|
|
* hop of the rendezvous circuit is the client on the other side. */
|
|
|
static crypt_path_t *
|
|
|
-create_rend_cpath(const uint8_t *ntor_key_seed, int is_service_side)
|
|
|
+create_rend_cpath(const uint8_t *ntor_key_seed, size_t seed_len,
|
|
|
+ int is_service_side)
|
|
|
{
|
|
|
uint8_t keys[HS_NTOR_KEY_EXPANSION_KDF_OUT_LEN];
|
|
|
crypt_path_t *cpath = NULL;
|
|
|
|
|
|
/* Do the key expansion */
|
|
|
- hs_ntor_circuit_key_expansion(ntor_key_seed, keys);
|
|
|
+ if (hs_ntor_circuit_key_expansion(ntor_key_seed, seed_len,
|
|
|
+ keys, sizeof(keys)) < 0) {
|
|
|
+ goto err;
|
|
|
+ }
|
|
|
|
|
|
/* Setup the cpath */
|
|
|
cpath = tor_malloc_zero(sizeof(crypt_path_t));
|
|
@@ -171,7 +175,7 @@ finalize_rend_circuit(origin_circuit_t *circ, crypt_path_t *hop,
|
|
|
* Return 0 if the operation went well; in case of error return -1. */
|
|
|
int
|
|
|
hs_circuit_setup_e2e_rend_circ(origin_circuit_t *circ,
|
|
|
- const uint8_t *ntor_key_seed,
|
|
|
+ const uint8_t *ntor_key_seed, size_t seed_len,
|
|
|
int is_service_side)
|
|
|
{
|
|
|
if (BUG(!circuit_purpose_is_correct_for_rend(TO_CIRCUIT(circ)->purpose,
|
|
@@ -179,7 +183,8 @@ hs_circuit_setup_e2e_rend_circ(origin_circuit_t *circ,
|
|
|
return -1;
|
|
|
}
|
|
|
|
|
|
- crypt_path_t *hop = create_rend_cpath(ntor_key_seed, is_service_side);
|
|
|
+ crypt_path_t *hop = create_rend_cpath(ntor_key_seed, seed_len,
|
|
|
+ is_service_side);
|
|
|
if (!hop) {
|
|
|
log_warn(LD_REND, "Couldn't get v3 %s cpath!",
|
|
|
is_service_side ? "service-side" : "client-side");
|