[Pkg-privacy-commits] [obfsproxy] 317/353: When authenticating, also test epoch boundaries.

Ximin Luo infinity0 at moszumanska.debian.org
Sat Aug 22 13:02:16 UTC 2015 

This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch master
in repository obfsproxy.

commit fd4a91192ccab2cfda2c4b7887730a84152d5fa7
Author: Philipp Winter <phw at torproject.org>
Date:   Sat Mar 8 16:42:31 2014 +0100

    When authenticating, also test epoch boundaries.
    
    On occasion, a client's or a server's epoch might already have increased
    whereas the epoch of the other party didn't.  This is a benign event and there
    is no reason to fail authentication because of this.  As a result, as a server,
    we now also test boundary values, i.e., epoch - 1, epoch, epoch + 1.
---
 obfsproxy/transports/scramblesuit/scramblesuit.py | 22 ++++++++++++++--------
 obfsproxy/transports/scramblesuit/uniformdh.py    | 22 ++++++++++++++--------
 obfsproxy/transports/scramblesuit/util.py         | 10 ++++++++++
 3 files changed, 38 insertions(+), 16 deletions(-)

diff --git a/obfsproxy/transports/scramblesuit/scramblesuit.py b/obfsproxy/transports/scramblesuit/scramblesuit.py
index 7e96044..87a7370 100644
--- a/obfsproxy/transports/scramblesuit/scramblesuit.py
+++ b/obfsproxy/transports/scramblesuit/scramblesuit.py
@@ -388,14 +388,20 @@ class ScrambleSuitTransport( base.BaseTransport ):
         existingHMAC = potentialTicket[index + const.MARK_LENGTH:
                                        index + const.MARK_LENGTH +
                                        const.HMAC_SHA256_128_LENGTH]
-        myHMAC = mycrypto.HMAC_SHA256_128(self.recvHMAC,
-                                          potentialTicket[0:
-                                          index + const.MARK_LENGTH] +
-                                          util.getEpoch())
-
-        if not util.isValidHMAC(myHMAC, existingHMAC, self.recvHMAC):
-            log.warning("The HMAC is invalid: `%s' vs. `%s'." %
-                        (myHMAC.encode('hex'), existingHMAC.encode('hex')))
+        authenticated = False
+        for epoch in util.expandedEpoch():
+            myHMAC = mycrypto.HMAC_SHA256_128(self.recvHMAC,
+                                              potentialTicket[0:index + \
+                                              const.MARK_LENGTH] + epoch)
+
+            if util.isValidHMAC(myHMAC, existingHMAC, self.recvHMAC):
+                authenticated = True
+                break
+
+            log.debug("HMAC invalid.  Trying next epoch value.")
+
+        if not authenticated:
+            log.warning("Could not verify the authentication message's HMAC.")
             return False
 
         # Do nothing if the ticket is replayed.  Immediately closing the
diff --git a/obfsproxy/transports/scramblesuit/uniformdh.py b/obfsproxy/transports/scramblesuit/uniformdh.py
index 1b59575..dd16070 100644
--- a/obfsproxy/transports/scramblesuit/uniformdh.py
+++ b/obfsproxy/transports/scramblesuit/uniformdh.py
@@ -120,19 +120,25 @@ class UniformDH( object ):
         if not index:
             return False
 
-        self.echoEpoch = util.getEpoch()
-
         # Now that we know where the authenticating HMAC is: verify it.
         hmacStart = index + const.MARK_LENGTH
         existingHMAC = handshake[hmacStart:
                                  (hmacStart + const.HMAC_SHA256_128_LENGTH)]
-        myHMAC = mycrypto.HMAC_SHA256_128(self.sharedSecret,
-                                          handshake[0 : hmacStart] +
-                                          self.echoEpoch)
 
-        if not util.isValidHMAC(myHMAC, existingHMAC, self.sharedSecret):
-            log.warning("The HMAC is invalid: `%s' vs. `%s'." %
-                        (myHMAC.encode('hex'), existingHMAC.encode('hex')))
+        authenticated = False
+        for epoch in util.expandedEpoch():
+            myHMAC = mycrypto.HMAC_SHA256_128(self.sharedSecret,
+                                              handshake[0 : hmacStart] + epoch)
+
+            if util.isValidHMAC(myHMAC, existingHMAC, self.sharedSecret):
+                self.echoEpoch = epoch
+                authenticated = True
+                break
+
+            log.debug("HMAC invalid.  Trying next epoch value.")
+
+        if not authenticated:
+            log.warning("Could not verify the authentication message's HMAC.")
             return False
 
         # Do nothing if the ticket is replayed.  Immediately closing the
diff --git a/obfsproxy/transports/scramblesuit/util.py b/obfsproxy/transports/scramblesuit/util.py
index bb0557e..ee25f95 100644
--- a/obfsproxy/transports/scramblesuit/util.py
+++ b/obfsproxy/transports/scramblesuit/util.py
@@ -106,6 +106,16 @@ def getEpoch( ):
     return str(int(time.time()) / const.EPOCH_GRANULARITY)
 
 
+def expandedEpoch( ):
+    """
+    Return [epoch, epoch-1, epoch+1].
+    """
+
+    epoch = int(getEpoch())
+
+    return [str(epoch), str(epoch - 1), str(epoch + 1)]
+
+
 def writeToFile( data, fileName ):
     """
     Writes the given `data' to the file specified by `fileName'.

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/obfsproxy.git

More information about the Pkg-privacy-commits mailing list