[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[minion-cvs] Make PacketHandler more paranoid about data whose RSA-e...

To: mixminion-cvs@freehaven.net
Subject: [minion-cvs] Make PacketHandler more paranoid about data whose RSA-e...
From: nickm@seul.org (Nick Mathewson)
Date: Wed, 8 Oct 2003 23:55:11 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: mixminion-cvs-outgoing@seul.org
Delivered-to: mixminion-cvs@seul.org
Delivery-date: Wed, 08 Oct 2003 23:55:29 -0400
Reply-to: mixminion-dev@freehaven.net
Sender: owner-mixminion-cvs@freehaven.net

Update of /home/minion/cvsroot/src/minion/lib/mixminion/server
In directory moria.mit.edu:/tmp/cvs-serv27931/lib/mixminion/server

Modified Files:
	PacketHandler.py 
Log Message:
Make PacketHandler more paranoid about data whose RSA-encrypted portion is too short.

Index: PacketHandler.py
===================================================================
RCS file: /home/minion/cvsroot/src/minion/lib/mixminion/server/PacketHandler.py,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -d -r1.26 -r1.27
--- PacketHandler.py	3 Sep 2003 15:54:40 -0000	1.26
+++ PacketHandler.py	9 Oct 2003 03:55:07 -0000	1.27
@@ -113,6 +113,9 @@
         encSubh = header1[:Packet.ENC_SUBHEADER_LEN]
         header1 = header1[Packet.ENC_SUBHEADER_LEN:]
 
+        assert len(header1) == Packet.HEADER_LEN - Packet.ENC_SUBHEADER_LEN
+        assert len(header1) == (128*16) - 256 == 1792
+
         # Try to decrypt the first subheader.  Try each private key in
         # order.  Only fail if all private keys fail.
         subh = None
@@ -132,6 +135,9 @@
             # most-recently-received error.
             raise e
 
+        if len(subh) != Packet.MAX_SUBHEADER_LEN:
+            raise ContentError("Bad length in RSA-encrypted part of subheader")
+
         subh = Packet.parseSubheader(subh) #may raise ParseError
 
         # Check the version: can we read it?
@@ -169,6 +175,12 @@
                                Packet.OAEP_OVERHEAD + Packet.MIN_SUBHEADER_LEN
                                + subh.routinglen)
 
+        assert len(header1) == (Packet.HEADER_LEN - Packet.ENC_SUBHEADER_LEN
+                             + Packet.OAEP_OVERHEAD+Packet.MIN_SUBHEADER_LEN
+                                + subh.routinglen)
+        assert len(header1) == 1792 + 42 + 42 + subh.routinglen == \
+               1876 + subh.routinglen
+
         # Decrypt the rest of header 1, encrypting the padding.
         header1 = Crypto.ctr_crypt(header1, header_sec_key)
 
@@ -179,7 +191,13 @@
             subh.appendOverflow(header1[:overflowLength])
             header1 = header1[overflowLength:]
 
+        assert len(header1) == (
+            1876 + subh.routinglen 
+            - max(0,subh.routinglen-Packet.MAX_ROUTING_INFO_LEN))
+
         header1 = subh.underflow + header1
+
+        assert len(header1) == Packet.HEADER_LEN
 
         # Decrypt the payload.
         payload = Crypto.lioness_decrypt(pkt.payload,

Prev by Author: [minion-cvs] Commit last nights path selection work. Better, but st...
Next by Author: [minion-cvs] Update copyright dates
Previous by thread: [minion-cvs] Commit last nights path selection work. Better, but st...
Next by thread: [minion-cvs] Update copyright dates
Index(es):
- Author
- Thread