Introduce a constant for the length of the output of hs_mac()

2023-03-01 11:26:35 -05:00 · 2023-03-01 11:26:35 -05:00 · 5131703c22
parent b36082255b
commit 5131703c22
2 changed files with 8 additions and 5 deletions
--- a/crates/tor-cell/src/relaycell/hs/est_intro.rs
+++ b/crates/tor-cell/src/relaycell/hs/est_intro.rs
@ -3,7 +3,7 @@
 use caret::caret_int;
 use tor_bytes::{EncodeError, EncodeResult, Readable, Reader, Result, Writeable, Writer};
 use tor_error::bad_api_usage;
-use tor_hscrypto::ops::hs_mac;
+use tor_hscrypto::ops::{hs_mac, HS_MAC_LEN};
 use tor_llcrypto::{
    pk::ed25519::{self, Ed25519Identity, ED25519_ID_LEN, ED25519_SIGNATURE_LEN},
    util::ct::CtByteArray,
@ -165,7 +165,7 @@ pub struct EstablishIntro {
    ///
    /// This MAC binds the EstablishIntro message to a single circuit, and keeps
    /// it from being replayed.
-    handshake_auth: CtByteArray<32>,
+    handshake_auth: CtByteArray<HS_MAC_LEN>,
    /// A textual record of all the fields in the
    #[educe(Debug(ignore))]
    mac_plaintext: Vec<u8>,
@ -332,7 +332,7 @@ impl EstablishIntro {
    #[cfg(feature = "testing")]
    pub fn from_parts_for_test(
        body: EstablishIntroDetails,
-        mac: CtByteArray<32>,
+        mac: CtByteArray<HS_MAC_LEN>,
        signature: ed25519::Signature,
    ) -> Self {
        use tor_llcrypto::pk::ed25519::ValidatableEd25519Signature;
--- a/crates/tor-hscrypto/src/ops.rs
+++ b/crates/tor-hscrypto/src/ops.rs
@ -5,10 +5,13 @@ use tor_llcrypto::util::ct::CtByteArray;

 use digest::Digest;

+/// The length of the MAC returned by [`hs_mac`].
+pub const HS_MAC_LEN: usize = 32;
+
 /// Compute the lightweight MAC function used in the onion service protocol.
 ///
 /// (rend-spec-v3 section 0.3 `MAC`)
-pub fn hs_mac(key: &[u8], msg: &[u8]) -> CtByteArray<32> {
+pub fn hs_mac(key: &[u8], msg: &[u8]) -> CtByteArray<HS_MAC_LEN> {
    // rend-spec-v3 says: "Instantiate H with SHA3-256... Instantiate MAC(key=k,
    // message=m) with H(k_len | k | m), where k_len is htonll(len(k))."

@ -17,7 +20,7 @@ pub fn hs_mac(key: &[u8], msg: &[u8]) -> CtByteArray<32> {
    hasher.update(klen.to_be_bytes());
    hasher.update(key);
    hasher.update(msg);
-    let a: [u8; 32] = hasher.finalize().into();
+    let a: [u8; HS_MAC_LEN] = hasher.finalize().into();
    a.into()
 }