HSv3: Don't assert when reading bad client-side privkeys.

diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index af657c7c9ca85ae40529f2beba545ada7d4da89b..6f031eb3b92650aa500e958b98b64bfd8c129715 100644 (file)
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -1500,6 +1500,12 @@ parse_auth_file_content(const char *client_key_str)
     goto err;
   }
 
+  if (strlen(seckey_b32) != BASE32_NOPAD_LEN(CURVE25519_PUBKEY_LEN)) {
+    log_warn(LD_REND, "Client authorization encoded base32 private key "
+                      "length is invalid: %s", seckey_b32);
+    goto err;
+  }
+
   auth = tor_malloc_zero(sizeof(hs_client_service_authorization_t));
   if (base32_decode((char *) auth->enc_seckey.secret_key,
                     sizeof(auth->enc_seckey.secret_key),

diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c
index eacbd328e5bc20ecb92491ff3367e5dd20f92426..03d14924b6a3b0a4b5dd62055c2732484ca06100 100644 (file)
--- a/src/test/test_hs_client.c
+++ b/src/test/test_hs_client.c
@@ -660,7 +660,9 @@ test_parse_auth_file_content(void *arg)
       "x:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq"));
   /* Some malformed string. */
   tt_assert(!parse_auth_file_content("xx:descriptor:x25519:aa=="));
-
+  /* Bigger key than it should be */
+  tt_assert(!parse_auth_file_content("xx:descriptor:x25519:"
+                     "vjqea4jbhwwc4hto7ekyvqfbeodghbaq6nxi45hz4wr3qvhqv3yqa"));
  done:
   tor_free(auth);
 }