diff options
author | Felix Lange <fjl@twurst.com> | 2015-08-13 17:59:27 +0800 |
---|---|---|
committer | Felix Lange <fjl@twurst.com> | 2015-08-13 17:59:27 +0800 |
commit | a89cfe92ccdea31891bd7ea0869dac968c04202f (patch) | |
tree | 5af51353c05e3b00f3f91d72fffaa1cd10b608f7 /p2p/rlpx.go | |
parent | 0b0b31c7d2572a9ea9d88056b1951d6a2162ef23 (diff) | |
parent | 37efd08b42f595eac8146b6b81f3f36e2e6f340d (diff) | |
download | go-tangerine-a89cfe92ccdea31891bd7ea0869dac968c04202f.tar go-tangerine-a89cfe92ccdea31891bd7ea0869dac968c04202f.tar.gz go-tangerine-a89cfe92ccdea31891bd7ea0869dac968c04202f.tar.bz2 go-tangerine-a89cfe92ccdea31891bd7ea0869dac968c04202f.tar.lz go-tangerine-a89cfe92ccdea31891bd7ea0869dac968c04202f.tar.xz go-tangerine-a89cfe92ccdea31891bd7ea0869dac968c04202f.tar.zst go-tangerine-a89cfe92ccdea31891bd7ea0869dac968c04202f.zip |
Merge pull request #1470 from ebuchman/encHandshake
p2p: validate recovered ephemeral pubkey
Diffstat (limited to 'p2p/rlpx.go')
-rw-r--r-- | p2p/rlpx.go | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/p2p/rlpx.go b/p2p/rlpx.go index fd43f565e..aaa733854 100644 --- a/p2p/rlpx.go +++ b/p2p/rlpx.go @@ -267,6 +267,10 @@ func initiatorEncHandshake(conn io.ReadWriter, prv *ecdsa.PrivateKey, remoteID d } func newInitiatorHandshake(remoteID discover.NodeID) (*encHandshake, error) { + rpub, err := remoteID.Pubkey() + if err != nil { + return nil, fmt.Errorf("bad remoteID: %v", err) + } // generate random initiator nonce n := make([]byte, shaLen) if _, err := rand.Read(n); err != nil { @@ -277,10 +281,6 @@ func newInitiatorHandshake(remoteID discover.NodeID) (*encHandshake, error) { if err != nil { return nil, err } - rpub, err := remoteID.Pubkey() - if err != nil { - return nil, fmt.Errorf("bad remoteID: %v", err) - } h := &encHandshake{ initiator: true, remoteID: remoteID, @@ -417,6 +417,14 @@ func decodeAuthMsg(prv *ecdsa.PrivateKey, token []byte, auth []byte) (*encHandsh if err != nil { return nil, err } + + // validate the sha3 of recovered pubkey + remoteRandomPubMAC := msg[sigLen : sigLen+shaLen] + shaRemoteRandomPub := crypto.Sha3(remoteRandomPub[1:]) + if !bytes.Equal(remoteRandomPubMAC, shaRemoteRandomPub) { + return nil, fmt.Errorf("sha3 of recovered ephemeral pubkey does not match checksum in auth message") + } + h.remoteRandomPub, _ = importPublicKey(remoteRandomPub) return h, nil } |