[tor-commits] [tor/master] hs-v3: Rename client_sk to client_auth_sk

nickm at torproject.org nickm at torproject.org
Fri Sep 7 19:06:18 UTC 2018


commit 9f975e99953fa57a7c1f43ebd22cc9e602037b6d
Author: Suphanat Chunhapanya <haxx.pop at gmail.com>
Date:   Tue May 22 00:01:52 2018 +0700

    hs-v3: Rename client_sk to client_auth_sk
    
    Signed-off-by: David Goulet <dgoulet at torproject.org>
---
 src/feature/hs/hs_client.c     |  7 ++++---
 src/feature/hs/hs_descriptor.c | 33 +++++++++++++++++----------------
 src/feature/hs/hs_descriptor.h |  4 ++--
 src/test/test_hs_descriptor.c  |  6 +++---
 4 files changed, 26 insertions(+), 24 deletions(-)

diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index 0038fdfa5..b178282c1 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -1233,7 +1233,7 @@ hs_client_decode_descriptor(const char *desc_str,
   uint8_t subcredential[DIGEST256_LEN];
   ed25519_public_key_t blinded_pubkey;
   hs_client_service_authorization_t *client_auth = NULL;
-  curve25519_secret_key_t *client_sk = NULL;
+  curve25519_secret_key_t *client_auht_sk = NULL;
 
   tor_assert(desc_str);
   tor_assert(service_identity_pk);
@@ -1242,7 +1242,7 @@ hs_client_decode_descriptor(const char *desc_str,
   /* Check if we have a client authorization for this service in the map. */
   client_auth = find_client_auth(service_identity_pk);
   if (client_auth) {
-    client_sk = &client_auth->enc_seckey;
+    client_auht_sk = &client_auth->enc_seckey;
   }
 
   /* Create subcredential for this HS so that we can decrypt */
@@ -1254,7 +1254,8 @@ hs_client_decode_descriptor(const char *desc_str,
   }
 
   /* Parse descriptor */
-  ret = hs_desc_decode_descriptor(desc_str, subcredential, client_sk, desc);
+  ret = hs_desc_decode_descriptor(desc_str, subcredential,
+                                  client_auht_sk, desc);
   memwipe(subcredential, 0, sizeof(subcredential));
   if (ret < 0) {
     log_warn(LD_GENERAL, "Could not parse received descriptor as client.");
diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index dc7012ec4..be8e206c7 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -1408,7 +1408,7 @@ encrypted_data_length_is_valid(size_t len)
 static int
 decrypt_descriptor_cookie(const hs_descriptor_t *desc,
                           const hs_desc_authorized_client_t *client,
-                          const curve25519_secret_key_t *client_sk,
+                          const curve25519_secret_key_t *client_auth_sk,
                           uint8_t **descriptor_cookie_out)
 {
   int ret = -1;
@@ -1421,15 +1421,15 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
 
   tor_assert(desc);
   tor_assert(client);
-  tor_assert(client_sk);
+  tor_assert(client_auth_sk);
   tor_assert(!tor_mem_is_zero(
         (char *) &desc->superencrypted_data.auth_ephemeral_pubkey,
         sizeof(desc->superencrypted_data.auth_ephemeral_pubkey)));
-  tor_assert(!tor_mem_is_zero((char *) client_sk,
-                              sizeof(*client_sk)));
+  tor_assert(!tor_mem_is_zero((char *) client_auth_sk,
+                              sizeof(*client_auth_sk)));
 
   /* Calculate x25519(client_x, hs_Y) */
-  curve25519_handshake(secret_seed, client_sk,
+  curve25519_handshake(secret_seed, client_auth_sk,
                        &desc->superencrypted_data.auth_ephemeral_pubkey);
 
   /* Calculate KEYS = KDF(SECRET_SEED, 40) */
@@ -1440,7 +1440,7 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
 
   /* If the client id of auth client is not the same as the calculcated
    * client id, it means that this auth client is invaild according to the
-   * client secret key client_sk. */
+   * client secret key client_auth_sk. */
   if (tor_memneq(client->client_id, keystream, HS_DESC_CLIENT_ID_LEN)) {
     goto done;
   }
@@ -1630,7 +1630,7 @@ desc_decrypt_superencrypted(const hs_descriptor_t *desc, char **decrypted_out)
  * decrypted_out is set to NULL. */
 static size_t
 desc_decrypt_encrypted(const hs_descriptor_t *desc,
-                       const curve25519_secret_key_t *client_sk,
+                       const curve25519_secret_key_t *client_auth_sk,
                        char **decrypted_out)
 {
   size_t encrypted_len = 0;
@@ -1643,12 +1643,12 @@ desc_decrypt_encrypted(const hs_descriptor_t *desc,
 
   /* If the client secret key is provided, try to find a valid descriptor
    * cookie. Otherwise, leave it NULL. */
-  if (client_sk) {
+  if (client_auth_sk) {
     SMARTLIST_FOREACH_BEGIN(desc->superencrypted_data.clients,
                             hs_desc_authorized_client_t *, client) {
       /* If we can decrypt the descriptor cookie successfully, we will use that
        * descriptor cookie and break from the loop. */
-      if (!decrypt_descriptor_cookie(desc, client, client_sk,
+      if (!decrypt_descriptor_cookie(desc, client, client_auth_sk,
                                      &descriptor_cookie)) {
         break;
       }
@@ -2253,7 +2253,7 @@ desc_decode_superencrypted_v3(const hs_descriptor_t *desc,
  * success else -1. */
 static int
 desc_decode_encrypted_v3(const hs_descriptor_t *desc,
-                         const curve25519_secret_key_t *client_sk,
+                         const curve25519_secret_key_t *client_auth_sk,
                          hs_desc_encrypted_data_t *desc_encrypted_out)
 {
   int ret = -1;
@@ -2268,7 +2268,7 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc,
 
   /* Decrypt the encrypted data that is located in the superencrypted section
    * in the descriptor as a blob of bytes. */
-  message_len = desc_decrypt_encrypted(desc, client_sk, &message);
+  message_len = desc_decrypt_encrypted(desc, client_auth_sk, &message);
   if (!message_len) {
     log_warn(LD_REND, "Service descriptor decryption failed.");
     goto err;
@@ -2353,7 +2353,7 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc,
 static int
   (*decode_encrypted_handlers[])(
       const hs_descriptor_t *desc,
-      const curve25519_secret_key_t *client_sk,
+      const curve25519_secret_key_t *client_auth_sk,
       hs_desc_encrypted_data_t *desc_encrypted) =
 {
   /* v0 */ NULL, /* v1 */ NULL, /* v2 */ NULL,
@@ -2365,7 +2365,7 @@ static int
  * negative value on error. */
 int
 hs_desc_decode_encrypted(const hs_descriptor_t *desc,
-                         const curve25519_secret_key_t *client_sk,
+                         const curve25519_secret_key_t *client_auth_sk,
                          hs_desc_encrypted_data_t *desc_encrypted)
 {
   int ret;
@@ -2391,7 +2391,8 @@ hs_desc_decode_encrypted(const hs_descriptor_t *desc,
   tor_assert(decode_encrypted_handlers[version]);
 
   /* Run the version specific plaintext decoder. */
-  ret = decode_encrypted_handlers[version](desc, client_sk, desc_encrypted);
+  ret = decode_encrypted_handlers[version](desc, client_auth_sk,
+                                           desc_encrypted);
   if (ret < 0) {
     goto err;
   }
@@ -2547,7 +2548,7 @@ hs_desc_decode_plaintext(const char *encoded,
 int
 hs_desc_decode_descriptor(const char *encoded,
                           const uint8_t *subcredential,
-                          const curve25519_secret_key_t *client_sk,
+                          const curve25519_secret_key_t *client_auth_sk,
                           hs_descriptor_t **desc_out)
 {
   int ret = -1;
@@ -2575,7 +2576,7 @@ hs_desc_decode_descriptor(const char *encoded,
     goto err;
   }
 
-  ret = hs_desc_decode_encrypted(desc, client_sk, &desc->encrypted_data);
+  ret = hs_desc_decode_encrypted(desc, client_auth_sk, &desc->encrypted_data);
   if (ret < 0) {
     goto err;
   }
diff --git a/src/feature/hs/hs_descriptor.h b/src/feature/hs/hs_descriptor.h
index 5f589f927..06d3bfe75 100644
--- a/src/feature/hs/hs_descriptor.h
+++ b/src/feature/hs/hs_descriptor.h
@@ -277,14 +277,14 @@ MOCK_DECL(int,
 
 int hs_desc_decode_descriptor(const char *encoded,
                               const uint8_t *subcredential,
-                              const curve25519_secret_key_t *client_sk,
+                              const curve25519_secret_key_t *client_auth_sk,
                               hs_descriptor_t **desc_out);
 int hs_desc_decode_plaintext(const char *encoded,
                              hs_desc_plaintext_data_t *plaintext);
 int hs_desc_decode_superencrypted(const hs_descriptor_t *desc,
                                  hs_desc_superencrypted_data_t *desc_out);
 int hs_desc_decode_encrypted(const hs_descriptor_t *desc,
-                             const curve25519_secret_key_t *client_sk,
+                             const curve25519_secret_key_t *client_auth_sk,
                              hs_desc_encrypted_data_t *desc_out);
 
 size_t hs_desc_obj_size(const hs_descriptor_t *data);
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index 2a2e3a527..50a073b41 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -867,7 +867,7 @@ test_build_authorized_client(void *arg)
   hs_desc_authorized_client_t *desc_client = NULL;
   uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN];
   curve25519_secret_key_t auth_ephemeral_sk;
-  curve25519_secret_key_t client_sk;
+  curve25519_secret_key_t client_auth_sk;
   curve25519_public_key_t client_pk;
   const char ephemeral_sk_b16[] =
     "d023b674d993a5c8446bd2ca97e9961149b3c0e88c7dc14e8777744dd3468d6a";
@@ -882,9 +882,9 @@ test_build_authorized_client(void *arg)
   ret = curve25519_secret_key_generate(&auth_ephemeral_sk, 0);
   tt_int_op(ret, OP_EQ, 0);
 
-  ret = curve25519_secret_key_generate(&client_sk, 0);
+  ret = curve25519_secret_key_generate(&client_auth_sk, 0);
   tt_int_op(ret, OP_EQ, 0);
-  curve25519_public_key_generate(&client_pk, &client_sk);
+  curve25519_public_key_generate(&client_pk, &client_auth_sk);
 
   desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t));
 





More information about the tor-commits mailing list