[tor-commits] [tor/master] prop289: Skip the first 4 unused bytes in a cell

asn at torproject.org asn at torproject.org
Thu May 2 15:16:20 UTC 2019 

commit 44750b0de60fe80ea81f7fc83f8713f814caf5a6
Author: David Goulet <dgoulet at torproject.org>
Date:   Thu Mar 7 12:45:16 2019 -0500

    prop289: Skip the first 4 unused bytes in a cell
    
    When adding random to a cell, skip the first 4 bytes and leave them zeroed. It
    has been very useful in the past for us to keep bytes like this.
    
    Some code trickery was added to make sure we have enough room for this 4 bytes
    offset when adding random.
    
    Part of #26288
    
    Signed-off-by: David Goulet <dgoulet at torproject.org>
---
 src/core/or/relay.c | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index fa008120b..504f391d9 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -547,6 +547,8 @@ relay_send_command_from_edge_,(streamid_t stream_id, circuit_t *circ,
   cell_t cell;
   relay_header_t rh;
   cell_direction_t cell_direction;
+  int random_bytes_len;
+  size_t random_bytes_offset = 0;
   /* XXXX NM Split this function into a separate versions per circuit type? */
 
   tor_assert(circ);
@@ -574,11 +576,20 @@ relay_send_command_from_edge_,(streamid_t stream_id, circuit_t *circ,
 
   /* Add random bytes to the unused portion of the payload, to foil attacks
    * where the other side can predict all of the bytes in the payload and thus
-   * compute authenticated sendme cells without seeing the traffic.  See
-   * proposal 289. */
+   * compute authenticated sendme cells without seeing the traffic. See
+   * proposal 289.
+   *
+   * We'll skip the first 4 bytes of unused data because having some unused
+   * zero bytes has saved us a lot of times in the past. */
+  random_bytes_len = RELAY_PAYLOAD_SIZE -
+                     (RELAY_HEADER_SIZE + payload_len + 4);
+  if (random_bytes_len < 0) {
+    random_bytes_len = 0;
+  }
+  random_bytes_offset = RELAY_PAYLOAD_SIZE - random_bytes_len;
   crypto_fast_rng_getbytes(get_thread_fast_rng(),
-                           cell.payload + RELAY_HEADER_SIZE + payload_len,
-                           RELAY_PAYLOAD_SIZE - payload_len);
+                           cell.payload + random_bytes_offset,
+                           random_bytes_len);
 
   log_debug(LD_OR,"delivering %d cell %s.", relay_command,
             cell_direction == CELL_DIRECTION_OUT ? "forward" : "backward");

More information about the tor-commits mailing list