[tor-commits] [stem/master] Stub minimal cell decryption function

atagar at torproject.org atagar at torproject.org
Sun Aug 26 20:49:21 UTC 2018 

commit 52edd22ca10d559270ee240409447351bd8639f8
Author: Damian Johnson <atagar at torproject.org>
Date:   Sat Aug 25 13:32:07 2018 -0700

    Stub minimal cell decryption function
    
    Ok, now into the meat of this sucker. Dave's branch introduces nice additions
    such as validating our backward digest and a flag to indicate if we've fully
    decrypted the cell or not.
    
    For the moment moving to a minimal decryption function that only supports what
    we did previously. Next gonna try to integrate his new features to make a
    hybrid approach that hopefully takes the best of both.
---
 stem/client/__init__.py | 22 +++++++---------------
 stem/client/cell.py     | 30 ++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+), 15 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index a216696a..19528d67 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -33,7 +33,7 @@ import stem.client.cell
 import stem.socket
 import stem.util.connection
 
-from stem.client.datatype import ZERO, LinkProtocol, Address, KDF
+from stem.client.datatype import ZERO, LinkProtocol, Address, KDF, split
 
 __all__ = [
   'cell',
@@ -253,22 +253,14 @@ class Circuit(object):
         raise stem.ProtocolError('Circuit response should be a series of RELAY cells, but received an unexpected size for a response: %i' % len(reply))
 
       while reply:
-        raw_cell, reply = stem.client.cell.Cell.pop(reply, self.relay.link_protocol)
+        encrypted_cell, reply = split(reply, self.relay.link_protocol.fixed_cell_length)
+        decrypted_cell, backward_key, backward_digest = stem.client.cell.RelayCell.decrypt(encrypted_cell, self.backward_key, self.backward_digest)
 
-        if raw_cell.VALUE != stem.client.cell.RelayCell.VALUE:
-          raise stem.ProtocolError('RELAY cell responses should be %i but was %i' % (stem.client.cell.RelayCell.VALUE, raw_cell.VALUE))
-        elif raw_cell.circ_id != self.id:
-          raise stem.ProtocolError('Response should be for circuit id %i, not %i' % (self.id, raw_cell.circ_id))
+        if self.id != decrypted_cell.circ_id:
+          raise stem.ProtocolError('Response should be for circuit id %i, not %i' % (self.id, decrypted_cell.circ_id))
 
-        decrypted_cell, fully_decrypted, new_backward_digest, new_backward_key = raw_cell.decrypt(self.backward_digest, self.backward_key, interpret = True)
-
-        if not fully_decrypted:
-          raise stem.ProtocolError('Response for circuit id %i was not fully decrypted, when expected to be' % self.id)
-
-        # Again, if the above raises the digest/key should remain unchanged.
-
-        self.backward_digest = new_backward_digest
-        self.backward_key = new_backward_key
+        self.backward_digest = backward_digest
+        self.backward_key = backward_key
 
         reply_cells.append(decrypted_cell)
 
diff --git a/stem/client/cell.py b/stem/client/cell.py
index 6587ebb5..3de1c731 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -551,6 +551,36 @@ class RelayCell(CircuitCell):
       elif stream_id and self.command in STREAM_ID_DISALLOWED:
         raise ValueError('%s relay cells concern the circuit itself and cannot have a stream id' % self.command)
 
+  @classmethod
+  def decrypt(link_protocol, content, digest, key):
+    """
+    Parse the given content as an encrypted RELAY cell.
+    """
+
+    # TODO: Fill in the above pydocs, deduplicate with the other decrypt
+    # method, yadda yadda. Starting with a minimal stub to see if this makes
+    # the Circuit class better. I'll circle back to clean up this module if it
+    # works.
+
+    if len(content) != link_protocol.fixed_cell_length:
+      raise stem.ProtocolError('RELAY cells should be %i bytes, but received %i' % (link_protocol.fixed_cell_length, len(content)))
+
+    circ_id, content = link_protocol.circ_id_size.pop(content)
+    command, payload = Size.CHAR.pop(content)
+
+    if command != RelayCell.VALUE:
+      raise stem.ProtocolError('Cannot decrypt as a RELAY cell. This had command %i instead.' % command)
+
+    key = copy.copy(key)
+    decrypted = key.update(payload)
+
+    # TODO: Integrate with check_digest() and flag for integrating if we're
+    # fully decrypted. For the moment we only handle direct responses (ie. all
+    # the cells we receive can be fully decrypted) but if we attempt to support
+    # relaying we'll need to pass along cells we can only partially decrypt.
+
+    return RelayCell._unpack(decrypted, circ_id, link_protocol), key, digest
+
   @staticmethod
   def _coerce_digest(digest):
     """

More information about the tor-commits mailing list