nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 05:33:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Check the correct key when checking RSA crosscert in hs_descriptor.c

Browse Source 
Note that the "signed key" in the signing key certificate is the
signing key.  The "signing key" in the  signing key certificate is
the key that signs the certificate -- that is, the blinded key.
This commit is contained in:
Nick Mathewson 2016-11-04 13:49:05 -04:00
parent dbd01590cc
commit 09c750cce3
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/or/hs_descriptor.c
View File

@ -1290,10 +1290,10 @@ decode_introduction_point(const hs_descriptor_t *desc, const char *start)
}
if (rsa_ed25519_crosscert_check((const uint8_t *) tok->object_body,
tok->object_size, ip->enc_key.legacy,
&desc->plaintext_data.signing_key_cert->signing_key,
&desc->plaintext_data.signing_key_cert->signed_key,
approx_time()-86400)) {
log_warn(LD_REND, "Unable to cross certify the introduction point "
"legacy encryption key.");
log_warn(LD_REND, "Unable to check cross-certification on the "
"introduction point legacy encryption key.");
goto err;
}
break;