[tor-commits] [obfsproxy/master] When authenticating, also test epoch boundaries.
asn at torproject.org
asn at torproject.org
Tue Jul 15 12:23:07 UTC 2014
commit fd4a91192ccab2cfda2c4b7887730a84152d5fa7
Author: Philipp Winter <phw at torproject.org>
Date: Sat Mar 8 16:42:31 2014 +0100
When authenticating, also test epoch boundaries.
On occasion, a client's or a server's epoch might already have increased
whereas the epoch of the other party didn't. This is a benign event and there
is no reason to fail authentication because of this. As a result, as a server,
we now also test boundary values, i.e., epoch - 1, epoch, epoch + 1.
---
obfsproxy/transports/scramblesuit/scramblesuit.py | 22 +++++++++++++--------
obfsproxy/transports/scramblesuit/uniformdh.py | 22 +++++++++++++--------
obfsproxy/transports/scramblesuit/util.py | 10 ++++++++++
3 files changed, 38 insertions(+), 16 deletions(-)
diff --git a/obfsproxy/transports/scramblesuit/scramblesuit.py b/obfsproxy/transports/scramblesuit/scramblesuit.py
index 7e96044..87a7370 100644
--- a/obfsproxy/transports/scramblesuit/scramblesuit.py
+++ b/obfsproxy/transports/scramblesuit/scramblesuit.py
@@ -388,14 +388,20 @@ class ScrambleSuitTransport( base.BaseTransport ):
existingHMAC = potentialTicket[index + const.MARK_LENGTH:
index + const.MARK_LENGTH +
const.HMAC_SHA256_128_LENGTH]
- myHMAC = mycrypto.HMAC_SHA256_128(self.recvHMAC,
- potentialTicket[0:
- index + const.MARK_LENGTH] +
- util.getEpoch())
-
- if not util.isValidHMAC(myHMAC, existingHMAC, self.recvHMAC):
- log.warning("The HMAC is invalid: `%s' vs. `%s'." %
- (myHMAC.encode('hex'), existingHMAC.encode('hex')))
+ authenticated = False
+ for epoch in util.expandedEpoch():
+ myHMAC = mycrypto.HMAC_SHA256_128(self.recvHMAC,
+ potentialTicket[0:index + \
+ const.MARK_LENGTH] + epoch)
+
+ if util.isValidHMAC(myHMAC, existingHMAC, self.recvHMAC):
+ authenticated = True
+ break
+
+ log.debug("HMAC invalid. Trying next epoch value.")
+
+ if not authenticated:
+ log.warning("Could not verify the authentication message's HMAC.")
return False
# Do nothing if the ticket is replayed. Immediately closing the
diff --git a/obfsproxy/transports/scramblesuit/uniformdh.py b/obfsproxy/transports/scramblesuit/uniformdh.py
index 1b59575..dd16070 100644
--- a/obfsproxy/transports/scramblesuit/uniformdh.py
+++ b/obfsproxy/transports/scramblesuit/uniformdh.py
@@ -120,19 +120,25 @@ class UniformDH( object ):
if not index:
return False
- self.echoEpoch = util.getEpoch()
-
# Now that we know where the authenticating HMAC is: verify it.
hmacStart = index + const.MARK_LENGTH
existingHMAC = handshake[hmacStart:
(hmacStart + const.HMAC_SHA256_128_LENGTH)]
- myHMAC = mycrypto.HMAC_SHA256_128(self.sharedSecret,
- handshake[0 : hmacStart] +
- self.echoEpoch)
- if not util.isValidHMAC(myHMAC, existingHMAC, self.sharedSecret):
- log.warning("The HMAC is invalid: `%s' vs. `%s'." %
- (myHMAC.encode('hex'), existingHMAC.encode('hex')))
+ authenticated = False
+ for epoch in util.expandedEpoch():
+ myHMAC = mycrypto.HMAC_SHA256_128(self.sharedSecret,
+ handshake[0 : hmacStart] + epoch)
+
+ if util.isValidHMAC(myHMAC, existingHMAC, self.sharedSecret):
+ self.echoEpoch = epoch
+ authenticated = True
+ break
+
+ log.debug("HMAC invalid. Trying next epoch value.")
+
+ if not authenticated:
+ log.warning("Could not verify the authentication message's HMAC.")
return False
# Do nothing if the ticket is replayed. Immediately closing the
diff --git a/obfsproxy/transports/scramblesuit/util.py b/obfsproxy/transports/scramblesuit/util.py
index bb0557e..ee25f95 100644
--- a/obfsproxy/transports/scramblesuit/util.py
+++ b/obfsproxy/transports/scramblesuit/util.py
@@ -106,6 +106,16 @@ def getEpoch( ):
return str(int(time.time()) / const.EPOCH_GRANULARITY)
+def expandedEpoch( ):
+ """
+ Return [epoch, epoch-1, epoch+1].
+ """
+
+ epoch = int(getEpoch())
+
+ return [str(epoch), str(epoch - 1), str(epoch + 1)]
+
+
def writeToFile( data, fileName ):
"""
Writes the given `data' to the file specified by `fileName'.
More information about the tor-commits
mailing list