nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-28 06:13:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

prop224: Rename cert type to follow naming convention

Browse Source 
Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit is contained in:
David Goulet 2016-09-14 15:05:48 -04:00
parent 1517a8a2eb
commit 1263f74a12
4 changed files with 25 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/or/hs_descriptor.c
View File

@ -314,7 +314,7 @@ encode_enc_key(const ed25519_keypair_t *sig_key,
&ip->enc_key.curve25519)) {
goto err;
}
tor_cert_t *cross_cert = tor_cert_create(&curve_kp, CERT_TYPE_HS_IP_ENC,
tor_cert_t *cross_cert = tor_cert_create(&curve_kp, CERT_TYPE_CROSS_HS_IP_KEYS,
&sig_key->pubkey, now,
HS_DESC_CERT_LIFETIME,
CERT_FLAG_INCLUDE_SIGNING_KEY);
@ -748,7 +748,7 @@ desc_encode_v3(const hs_descriptor_t *desc, char **encoded_out)
char *encoded_cert;
/* Encode certificate then create the first line of the descriptor. */
if (desc->plaintext_data.signing_key_cert->cert_type
!= CERT_TYPE_HS_DESC_SIGN) {
!= CERT_TYPE_SIGNING_HS_DESC) {
log_err(LD_BUG, "HS descriptor signing key has an unexpected cert type "
"(%d)", (int) desc->plaintext_data.signing_key_cert->cert_type);
goto err;
@ -1237,7 +1237,7 @@ decode_introduction_point(const hs_descriptor_t *desc, const char *start)
/* Parse cert and do some validation. */
if (cert_parse_and_validate(&ip->auth_key_cert, tok->object_body,
tok->object_size, CERT_TYPE_HS_IP_AUTH,
tok->object_size, CERT_TYPE_AUTH_HS_IP_KEY,
"introduction point auth-key") < 0) {
goto err;
}
@ -1285,7 +1285,7 @@ decode_introduction_point(const hs_descriptor_t *desc, const char *start)
goto err;
}
if (cert_parse_and_validate(&cross_cert, tok->object_body,
tok->object_size, CERT_TYPE_HS_IP_ENC,
tok->object_size, CERT_TYPE_CROSS_HS_IP_KEYS,
"introduction point enc-key-certification") < 0) {
goto err;
}
@ -1509,7 +1509,7 @@ desc_decode_plaintext_v3(smartlist_t *tokens,
goto err;
}
if (cert_parse_and_validate(&desc->signing_key_cert, tok->object_body,
tok->object_size, CERT_TYPE_HS_DESC_SIGN,
tok->object_size, CERT_TYPE_SIGNING_HS_DESC,
"service descriptor signing key") < 0) {
goto err;
}

16
src/or/torcert.h
View File

@ -6,15 +6,15 @@
#include "crypto_ed25519.h"
#define SIGNED_KEY_TYPE_ED25519 0x01
#define SIGNED_KEY_TYPE_ED25519 0x01
#define CERT_TYPE_ID_SIGNING 0x04
#define CERT_TYPE_SIGNING_LINK 0x05
#define CERT_TYPE_SIGNING_AUTH 0x06
#define CERT_TYPE_HS_DESC_SIGN 0x08
#define CERT_TYPE_HS_IP_AUTH 0x09
#define CERT_TYPE_ONION_ID 0x0A
#define CERT_TYPE_HS_IP_ENC 0x0B
#define CERT_TYPE_ID_SIGNING 0x04
#define CERT_TYPE_SIGNING_LINK 0x05
#define CERT_TYPE_SIGNING_AUTH 0x06
#define CERT_TYPE_SIGNING_HS_DESC 0x08
#define CERT_TYPE_AUTH_HS_IP_KEY 0x09
#define CERT_TYPE_ONION_ID 0x0A
#define CERT_TYPE_CROSS_HS_IP_KEYS 0x0B
#define CERT_FLAG_INCLUDE_SIGNING_KEY 0x1

4
src/test/test_hs_cache.c
View File

@ -48,7 +48,7 @@ helper_build_intro_point(const ed25519_keypair_t *blinded_kp,
ret = ed25519_keypair_generate(&auth_kp, 0);
tt_int_op(ret, ==, 0);
ip->auth_key_cert = tor_cert_create(blinded_kp, CERT_TYPE_HS_IP_AUTH,
ip->auth_key_cert = tor_cert_create(blinded_kp, CERT_TYPE_AUTH_HS_IP_KEY,
&auth_kp.pubkey, time(NULL),
HS_DESC_CERT_LIFETIME,
CERT_FLAG_INCLUDE_SIGNING_KEY);
@ -83,7 +83,7 @@ helper_build_hs_desc(uint64_t revision_counter, uint32_t lifetime,
desc->plaintext_data.signing_key_cert =
tor_cert_create(&desc->plaintext_data.blinded_kp,
CERT_TYPE_HS_DESC_SIGN,
CERT_TYPE_SIGNING_HS_DESC,
&desc->plaintext_data.signing_kp.pubkey, time(NULL),
3600, CERT_FLAG_INCLUDE_SIGNING_KEY);
tt_assert(desc->plaintext_data.signing_key_cert);

20
src/test/test_hs_descriptor.c
View File

@ -51,7 +51,7 @@ helper_build_intro_point(const ed25519_keypair_t *blinded_kp, time_t now,
ret = ed25519_keypair_generate(&auth_kp, 0);
tt_int_op(ret, ==, 0);
ip->auth_key_cert = tor_cert_create(blinded_kp, CERT_TYPE_HS_IP_AUTH,
ip->auth_key_cert = tor_cert_create(blinded_kp, CERT_TYPE_AUTH_HS_IP_KEY,
&auth_kp.pubkey, now,
HS_DESC_CERT_LIFETIME,
CERT_FLAG_INCLUDE_SIGNING_KEY);
@ -91,7 +91,7 @@ helper_build_hs_desc(unsigned int no_ip)
desc->plaintext_data.signing_key_cert =
tor_cert_create(&desc->plaintext_data.blinded_kp,
CERT_TYPE_HS_DESC_SIGN,
CERT_TYPE_SIGNING_HS_DESC,
&desc->plaintext_data.signing_kp.pubkey, now,
3600,
CERT_FLAG_INCLUDE_SIGNING_KEY);
@ -1028,31 +1028,31 @@ test_validate_cert(void *arg)
ret = ed25519_keypair_generate(&kp, 0);
tt_int_op(ret, ==, 0);
/* Cert of type CERT_TYPE_HS_IP_AUTH. */
tor_cert_t *cert = tor_cert_create(&kp, CERT_TYPE_HS_IP_AUTH,
/* Cert of type CERT_TYPE_AUTH_HS_IP_KEY. */
tor_cert_t *cert = tor_cert_create(&kp, CERT_TYPE_AUTH_HS_IP_KEY,
&kp.pubkey, now, 3600,
CERT_FLAG_INCLUDE_SIGNING_KEY);
tt_assert(cert);
/* Test with empty certificate. */
ret = cert_is_valid(NULL, CERT_TYPE_HS_IP_AUTH, "unicorn");
ret = cert_is_valid(NULL, CERT_TYPE_AUTH_HS_IP_KEY, "unicorn");
tt_int_op(ret, OP_EQ, 0);
/* Test with a bad type. */
ret = cert_is_valid(cert, CERT_TYPE_HS_DESC_SIGN, "unicorn");
ret = cert_is_valid(cert, CERT_TYPE_SIGNING_HS_DESC, "unicorn");
tt_int_op(ret, OP_EQ, 0);
/* Normal validation. */
ret = cert_is_valid(cert, CERT_TYPE_HS_IP_AUTH, "unicorn");
ret = cert_is_valid(cert, CERT_TYPE_AUTH_HS_IP_KEY, "unicorn");
tt_int_op(ret, OP_EQ, 1);
/* Break signing key so signature verification will fails. */
memset(&cert->signing_key, 0, sizeof(cert->signing_key));
ret = cert_is_valid(cert, CERT_TYPE_HS_IP_AUTH, "unicorn");
ret = cert_is_valid(cert, CERT_TYPE_AUTH_HS_IP_KEY, "unicorn");
tt_int_op(ret, OP_EQ, 0);
tor_cert_free(cert);
/* Try a cert without including the signing key. */
cert = tor_cert_create(&kp, CERT_TYPE_HS_IP_AUTH, &kp.pubkey, now, 3600, 0);
cert = tor_cert_create(&kp, CERT_TYPE_AUTH_HS_IP_KEY, &kp.pubkey, now, 3600, 0);
tt_assert(cert);
/* Test with a bad type. */
ret = cert_is_valid(cert, CERT_TYPE_HS_IP_AUTH, "unicorn");
ret = cert_is_valid(cert, CERT_TYPE_AUTH_HS_IP_KEY, "unicorn");
tt_int_op(ret, OP_EQ, 0);
done: