def _recvRelayCell(self, cell):
'''Called when this circuit receives some sort of RelayCell from
the network.
Decrypt this cell and take action based on the cell type and this
circuit's current state. Each valid backward cell type has a
handler function that's called when that cell type is received.
.. note:: oppy just drops any unrecognized cells.
:param cell cell: cell received from the network
'''
try:
cell, origin = crypto.decryptCell(cell, self._crypt_path)
except Exception as e:
msg = ("Circuit {} failed to decrypt an incoming cell. Reason: {}"
". Dropping cell.".format(self.circuit_id, e))
logging.debug(msg)
return
if type(cell) not in BACKWARD_RELAY_CELL_TYPES:
msg = ("Circuit {} received a non-backward {} relay cell. This "
"is a violation of the Tor protocol, and the circuit will "
"be destroyed.".format(self.circuit_id, type(cell)))
logging.warning(msg)
self._sendDestroyCell()
self._closeCircuit()
elif isinstance(cell, RelayDataCell):
self._processRelayDataCell(cell, origin)
elif isinstance(cell, RelayEndCell):
self._processRelayEndCell(cell, origin)
elif isinstance(cell, RelayConnectedCell):
self._processRelayConnectedCell(cell, origin)
elif isinstance(cell, RelaySendMeCell):
self._processRelaySendMeCell(cell, origin)
elif isinstance(cell, RelayTruncatedCell):
self._processRelayTruncatedCell(cell, origin)
elif isinstance(cell, RelayDropCell):
self._processRelayDropCell(cell, origin)
elif isinstance(cell, RelayResolvedCell):
self._processRelayResolvedCell(cell, origin)
else:
msg = ("Circuit {} received an unexpected backward cell {} "
"from relay in position {}. Dropping cell.".format(
self.circuit_id, type(cell), origin))
logging.debug(msg)
def _recvRelayCell(self, cell):
'''Called when this circuit receives some sort of RelayCell from
the network.
Decrypt this cell and take action based on the cell type and this
circuit's current state. Each valid backward cell type has a
handler function that's called when that cell type is received.
.. note:: oppy just drops any unrecognized cells.
:param cell cell: cell received from the network
'''
try:
cell, origin = crypto.decryptCell(cell, self._crypt_path)
except Exception as e:
msg = ("Circuit {} failed to decrypt an incoming cell. Reason: {}"
". Dropping cell.".format(self.circuit_id, e))
logging.debug(msg)
return
if type(cell) not in BACKWARD_RELAY_CELL_TYPES:
msg = ("Circuit {} received a non-backward {} relay cell. This "
"is a violation of the Tor protocol, and the circuit will "
"be destroyed.".format(self.circuit_id, type(cell)))
logging.warning(msg)
self._sendDestroyCell()
self._closeCircuit()
elif isinstance(cell, RelayDataCell):
self._processRelayDataCell(cell, origin)
elif isinstance(cell, RelayEndCell):
self._processRelayEndCell(cell, origin)
elif isinstance(cell, RelayConnectedCell):
self._processRelayConnectedCell(cell, origin)
elif isinstance(cell, RelaySendMeCell):
self._processRelaySendMeCell(cell, origin)
elif isinstance(cell, RelayTruncatedCell):
self._processRelayTruncatedCell(cell, origin)
elif isinstance(cell, RelayDropCell):
self._processRelayDropCell(cell, origin)
elif isinstance(cell, RelayResolvedCell):
self._processRelayResolvedCell(cell, origin)
else:
msg = ("Circuit {} received an unexpected backward cell {} "
"from relay in position {}. Dropping cell."
.format(self.circuit_id, type(cell), origin))
logging.debug(msg)
def test_decryptCell_origin_2_link_proto_3(self, mock_sp, mock_cellp,
mock_mpwd, mock_cr):
mock_mpwd.return_value = 'updated payload'
mock_cell = mock.Mock()
mock_cell.header = mock.Mock()
mock_cell.header.link_version = 3
mock_cell.getPayload = mock.Mock()
mock_cell.getPayload.return_value = 'initial payload'
mock_cnode2 = mock.Mock()
mock_cnode2.backward_digest = mock.Mock()
mock_cnode2.backward_digest.update = mock.Mock()
mock_cnode2.backward_cipher.decrypt = mock.Mock()
mock_cnode2.backward_cipher.decrypt.return_value = 'dec payload 2'
mock_cnode1 = mock.Mock()
mock_cnode1.backward_digest = mock.Mock()
mock_cnode1.backward_digest.update = mock.Mock()
mock_cnode1.backward_cipher.decrypt = mock.Mock()
mock_cnode1.backward_cipher.decrypt.return_value = 'dec payload 1'
mock_cnode0 = mock.Mock()
mock_cnode0.backward_digest = mock.Mock()
mock_cnode0.backward_digest.update = mock.Mock()
mock_cnode0.backward_cipher.decrypt = mock.Mock()
mock_cnode0.backward_cipher.decrypt.return_value = 'dec payload 0'
mock_crypt_path = [mock_cnode2, mock_cnode1, mock_cnode0]
ret = util.decryptCell(mock_cell, mock_crypt_path)
mock_cnode2.backward_cipher.decrypt.assert_called_once_with(
'initial payload')
self.assertEqual(mock_cnode1.backward_cipher.decrypt.call_count, 0)
self.assertEqual(mock_cnode0.backward_cipher.decrypt.call_count, 0)
mock_mpwd.assert_called_once_with('dec payload 2')
mock_cnode2.backward_digest.update.assert_called_once_with(
'updated payload')
self.assertEqual(mock_cnode1.backward_digest.update.call_count, 0)
self.assertEqual(mock_cnode0.backward_digest.update.call_count, 0)
# TODO: check struct.pack calls
mock_cellp.assert_called_once_with('packedpackeddec payload 2')
self.assertEqual(ret, ('dec', 0))
def _deriveExtend2CellSecrets(self, response, path_node):
if isinstance(response, DestroyCell):
msg = "Destroy cell received from {} on pending circuit {}.".format(
path_node.router_status_entry.fingerprint, self.circuit_id
)
raise ValueError(msg)
cell, _ = crypto.decryptCell(response, self._crypt_path)
if not isinstance(cell, RelayExtended2Cell):
msg = "CircuitBuildTask {} received an unexpected cell: {}. " "Destroying the circuit.".format(
self.circuit_id, type(cell)
)
destroy = DestroyCell.make(self.circuit_id)
self._conn.send(destroy)
raise ValueError(msg)
self._crypt_path.append(ntor.deriveRelayCrypto(self._hs_state, cell))
# TODO: implement this
# self._hs_state.memwipe()
self._hs = None
def _deriveExtend2CellSecrets(self, response, path_node):
if isinstance(response, DestroyCell):
msg = (
"Destroy cell received from {} on pending circuit {}.".format(
path_node.router_status_entry.fingerprint,
self.circuit_id))
raise ValueError(msg)
cell, _ = crypto.decryptCell(response, self._crypt_path)
if not isinstance(cell, RelayExtended2Cell):
msg = ("CircuitBuildTask {} received an unexpected cell: {}. "
"Destroying the circuit.".format(self.circuit_id,
type(cell)))
destroy = DestroyCell.make(self.circuit_id)
self._conn.send(destroy)
raise ValueError(msg)
self._crypt_path.append(ntor.deriveRelayCrypto(self._hs_state, cell))
# TODO: implement this
#self._hs_state.memwipe()
self._hs = None
def test_decryptCell_origin_2_link_proto_3(self, mock_sp, mock_cellp, mock_mpwd, mock_cr):
mock_mpwd.return_value = 'updated payload'
mock_cell = mock.Mock()
mock_cell.header = mock.Mock()
mock_cell.header.link_version = 3
mock_cell.getPayload = mock.Mock()
mock_cell.getPayload.return_value = 'initial payload'
mock_cnode2 = mock.Mock()
mock_cnode2.backward_digest = mock.Mock()
mock_cnode2.backward_digest.update = mock.Mock()
mock_cnode2.backward_cipher.decrypt = mock.Mock()
mock_cnode2.backward_cipher.decrypt.return_value = 'dec payload 2'
mock_cnode1 = mock.Mock()
mock_cnode1.backward_digest = mock.Mock()
mock_cnode1.backward_digest.update = mock.Mock()
mock_cnode1.backward_cipher.decrypt = mock.Mock()
mock_cnode1.backward_cipher.decrypt.return_value = 'dec payload 1'
mock_cnode0 = mock.Mock()
mock_cnode0.backward_digest = mock.Mock()
mock_cnode0.backward_digest.update = mock.Mock()
mock_cnode0.backward_cipher.decrypt = mock.Mock()
mock_cnode0.backward_cipher.decrypt.return_value = 'dec payload 0'
mock_crypt_path = [mock_cnode2, mock_cnode1, mock_cnode0]
ret = util.decryptCell(mock_cell, mock_crypt_path)
mock_cnode2.backward_cipher.decrypt.assert_called_once_with('initial payload')
self.assertEqual(mock_cnode1.backward_cipher.decrypt.call_count, 0)
self.assertEqual(mock_cnode0.backward_cipher.decrypt.call_count, 0)
mock_mpwd.assert_called_once_with('dec payload 2')
mock_cnode2.backward_digest.update.assert_called_once_with('updated payload')
self.assertEqual(mock_cnode1.backward_digest.update.call_count, 0)
self.assertEqual(mock_cnode0.backward_digest.update.call_count, 0)
# TODO: check struct.pack calls
mock_cellp.assert_called_once_with('packedpackeddec payload 2')
self.assertEqual(ret, ('dec', 0))
