dirnode: don't check MAC on entries in dirnodes

In an ancient version of directories, we needed a MAC on each entry. In modern times, the entire dirnode comes with a digital signature, so the MAC on each entry is redundant. With this patch, we no longer check those MACs when reading directories, but we still produce them so that older readers will accept directories that we write.
2025-06-23 01:08:53 +00:00 · 2008-12-21 17:35:18 -07:00
parent 8b7ce325d7
commit f1fbd4feae
3 changed files with 7 additions and 12 deletions
--- a/src/allmydata/dirnode.py
+++ b/src/allmydata/dirnode.py
@ -152,14 +152,12 @@ class NewDirectoryNode:
        mac = hashutil.hmac(key, IV + crypttext)
        assert len(mac) == 32
        return IV + crypttext + mac
+        # The MAC is not checked by readers in Tahoe >= 1.3.0, but we still produce it for the sake of older readers.

    def _decrypt_rwcapdata(self, encwrcap):
        IV = encwrcap[:16]
        crypttext = encwrcap[16:-32]
-        mac = encwrcap[-32:]
        key = hashutil.mutable_rwcap_key_hash(IV, self._node.get_writekey())
-        if mac != hashutil.hmac(key, IV+crypttext):
-            raise hashutil.IntegrityCheckError("HMAC does not match, crypttext is corrupted")
        cryptor = AES(key)
        plaintext = cryptor.process(crypttext)
        return plaintext