From c92e19268bcff04e4726e4f243f7125de66d2c2d Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Thu, 17 Sep 2020 08:17:36 -0400 Subject: [PATCH 1/3] Rename tor_cert_create to tor_cert_create_ed25519 This is an automated commit, generated by this command: ./scripts/maint/rename_c_identifier.py \ tor_cert_create tor_cert_create_ed25519 It was generated with --no-verify, so it probably breaks some commit hooks. The commiter should be sure to fix them up in a subsequent commit. --- src/feature/hs/hs_service.c | 8 ++++---- src/feature/keymgt/loadkey.c | 4 ++-- src/feature/nodelist/torcert.c | 4 ++-- src/feature/nodelist/torcert.h | 2 +- src/feature/relay/routerkeys.c | 6 +++--- src/test/hs_test_helpers.c | 6 +++--- src/test/test_dir.c | 4 ++-- src/test/test_hs_descriptor.c | 6 +++--- src/test/test_link_handshake.c | 2 +- src/test/test_routerkeys.c | 2 +- 10 files changed, 22 insertions(+), 22 deletions(-) diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index 3e264b4686..71f38dfb69 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -1587,7 +1587,7 @@ setup_desc_intro_point(const ed25519_keypair_t *signing_kp, memcpy(&desc_ip->onion_key, &ip->onion_key, sizeof(desc_ip->onion_key)); /* Key and certificate material. */ - desc_ip->auth_key_cert = tor_cert_create(signing_kp, + desc_ip->auth_key_cert = tor_cert_create_ed25519(signing_kp, CERT_TYPE_AUTH_HS_IP_KEY, &ip->auth_key_kp.pubkey, nearest_hour, @@ -1638,7 +1638,7 @@ setup_desc_intro_point(const ed25519_keypair_t *signing_kp, ed25519_public_key_from_curve25519_public_key(&ed25519_pubkey, &ip->enc_key_kp.pubkey, 0); - desc_ip->enc_key_cert = tor_cert_create(signing_kp, + desc_ip->enc_key_cert = tor_cert_create_ed25519(signing_kp, CERT_TYPE_CROSS_HS_IP_KEYS, &ed25519_pubkey, nearest_hour, HS_DESC_CERT_LIFETIME, @@ -1712,12 +1712,12 @@ build_desc_signing_key_cert(hs_service_descriptor_t *desc, time_t now) /* Fresh certificate for the signing key. */ plaintext->signing_key_cert = - tor_cert_create(&desc->blinded_kp, CERT_TYPE_SIGNING_HS_DESC, + tor_cert_create_ed25519(&desc->blinded_kp, CERT_TYPE_SIGNING_HS_DESC, &desc->signing_kp.pubkey, now, HS_DESC_CERT_LIFETIME, CERT_FLAG_INCLUDE_SIGNING_KEY); /* If the cert creation fails, the descriptor encoding will fail and thus * ultimately won't be uploaded. We'll get a stack trace to help us learn - * where the call came from and the tor_cert_create() will log the error. */ + * where the call came from and the tor_cert_create_ed25519() will log the error. */ tor_assert_nonfatal(plaintext->signing_key_cert); } diff --git a/src/feature/keymgt/loadkey.c b/src/feature/keymgt/loadkey.c index 7958bd964f..9b8f2f018a 100644 --- a/src/feature/keymgt/loadkey.c +++ b/src/feature/keymgt/loadkey.c @@ -661,7 +661,7 @@ ed_key_init_from_file(const char *fname, uint32_t flags, uint32_t cert_flags = 0; if (flags & INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT) cert_flags |= CERT_FLAG_INCLUDE_SIGNING_KEY; - cert = tor_cert_create(signing_key, cert_type, + cert = tor_cert_create_ed25519(signing_key, cert_type, &keypair->pubkey, now, lifetime, cert_flags); @@ -739,7 +739,7 @@ ed_key_new(const ed25519_keypair_t *signing_key, uint32_t cert_flags = 0; if (flags & INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT) cert_flags |= CERT_FLAG_INCLUDE_SIGNING_KEY; - tor_cert_t *cert = tor_cert_create(signing_key, cert_type, + tor_cert_t *cert = tor_cert_create_ed25519(signing_key, cert_type, &keypair->pubkey, now, lifetime, cert_flags); diff --git a/src/feature/nodelist/torcert.c b/src/feature/nodelist/torcert.c index 89cc9c88fb..3f1051b818 100644 --- a/src/feature/nodelist/torcert.c +++ b/src/feature/nodelist/torcert.c @@ -37,7 +37,7 @@ #include "core/or/or_handshake_certs_st.h" -/** Helper for tor_cert_create(): signs any 32 bytes, not just an ed25519 +/** Helper for tor_cert_create_ed25519(): signs any 32 bytes, not just an ed25519 * key. */ static tor_cert_t * @@ -128,7 +128,7 @@ tor_cert_sign_impl(const ed25519_keypair_t *signing_key, * the public part of signing_key in the certificate. */ tor_cert_t * -tor_cert_create(const ed25519_keypair_t *signing_key, +tor_cert_create_ed25519(const ed25519_keypair_t *signing_key, uint8_t cert_type, const ed25519_public_key_t *signed_key, time_t now, time_t lifetime, diff --git a/src/feature/nodelist/torcert.h b/src/feature/nodelist/torcert.h index f8fba2b794..d3b3b6a57b 100644 --- a/src/feature/nodelist/torcert.h +++ b/src/feature/nodelist/torcert.h @@ -56,7 +56,7 @@ typedef struct tor_cert_st { struct tor_tls_t; -tor_cert_t *tor_cert_create(const ed25519_keypair_t *signing_key, +tor_cert_t *tor_cert_create_ed25519(const ed25519_keypair_t *signing_key, uint8_t cert_type, const ed25519_public_key_t *signed_key, time_t now, time_t lifetime, diff --git a/src/feature/relay/routerkeys.c b/src/feature/relay/routerkeys.c index 744a73d936..ca13d0b9a1 100644 --- a/src/feature/relay/routerkeys.c +++ b/src/feature/relay/routerkeys.c @@ -390,7 +390,7 @@ generate_ed_link_cert(const or_options_t *options, time_t now, ed25519_public_key_t dummy_key; memcpy(dummy_key.pubkey, digests->d[DIGEST_SHA256], DIGEST256_LEN); - link_cert = tor_cert_create(get_master_signing_keypair(), + link_cert = tor_cert_create_ed25519(get_master_signing_keypair(), CERT_TYPE_SIGNING_LINK, &dummy_key, now, @@ -466,7 +466,7 @@ init_mock_ed_keys(const crypto_pk_t *rsa_identity_key) MAKEKEY(master_signing_key); MAKEKEY(current_auth_key); #define MAKECERT(cert, signing, signed_, type, flags) \ - cert = tor_cert_create(signing, \ + cert = tor_cert_create_ed25519(signing, \ type, \ &signed_->pubkey, \ time(NULL), 86400, \ @@ -699,7 +699,7 @@ make_ntor_onion_key_crosscert(const curve25519_keypair_t *onion_key, onion_key) < 0) goto end; - cert = tor_cert_create(&ed_onion_key, CERT_TYPE_ONION_ID, master_id_key, + cert = tor_cert_create_ed25519(&ed_onion_key, CERT_TYPE_ONION_ID, master_id_key, now, lifetime, 0); end: diff --git a/src/test/hs_test_helpers.c b/src/test/hs_test_helpers.c index 5116fc7169..ff98a35c48 100644 --- a/src/test/hs_test_helpers.c +++ b/src/test/hs_test_helpers.c @@ -75,7 +75,7 @@ hs_helper_build_intro_point(const ed25519_keypair_t *signing_kp, time_t now, ret = ed25519_keypair_generate(&auth_kp, 0); tt_int_op(ret, OP_EQ, 0); } - ip->auth_key_cert = tor_cert_create(signing_kp, CERT_TYPE_AUTH_HS_IP_KEY, + ip->auth_key_cert = tor_cert_create_ed25519(signing_kp, CERT_TYPE_AUTH_HS_IP_KEY, &auth_kp.pubkey, now, HS_DESC_CERT_LIFETIME, CERT_FLAG_INCLUDE_SIGNING_KEY); @@ -110,7 +110,7 @@ hs_helper_build_intro_point(const ed25519_keypair_t *signing_kp, time_t now, } ed25519_keypair_from_curve25519_keypair(&ed25519_kp, &signbit, &curve25519_kp); - cross_cert = tor_cert_create(signing_kp, CERT_TYPE_CROSS_HS_IP_KEYS, + cross_cert = tor_cert_create_ed25519(signing_kp, CERT_TYPE_CROSS_HS_IP_KEYS, &ed25519_kp.pubkey, time(NULL), HS_DESC_CERT_LIFETIME, CERT_FLAG_INCLUDE_SIGNING_KEY); @@ -155,7 +155,7 @@ hs_helper_build_hs_desc_impl(unsigned int no_ip, sizeof(ed25519_public_key_t)); desc->plaintext_data.signing_key_cert = - tor_cert_create(&blinded_kp, CERT_TYPE_SIGNING_HS_DESC, + tor_cert_create_ed25519(&blinded_kp, CERT_TYPE_SIGNING_HS_DESC, &signing_kp->pubkey, now, 3600, CERT_FLAG_INCLUDE_SIGNING_KEY); tt_assert(desc->plaintext_data.signing_key_cert); diff --git a/src/test/test_dir.c b/src/test/test_dir.c index ab0315aa2d..88fbd5ca7d 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -943,7 +943,7 @@ test_dir_formats_rsa_ed25519(void *arg) ed25519_secret_key_from_seed(&kp2.seckey, (const uint8_t*)"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); ed25519_public_key_generate(&kp2.pubkey, &kp2.seckey); - r2->cache_info.signing_key_cert = tor_cert_create(&kp1, + r2->cache_info.signing_key_cert = tor_cert_create_ed25519(&kp1, CERT_TYPE_ID_SIGNING, &kp2.pubkey, now, 86400, @@ -7290,7 +7290,7 @@ test_dir_dirserv_router_get_status(void *arg) ed25519_secret_key_from_seed(&kp2.seckey, (const uint8_t*)"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); ed25519_public_key_generate(&kp2.pubkey, &kp2.seckey); - ri->cache_info.signing_key_cert = tor_cert_create(&kp1, + ri->cache_info.signing_key_cert = tor_cert_create_ed25519(&kp1, CERT_TYPE_ID_SIGNING, &kp2.pubkey, now, 86400, diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index 782b78306c..0525335025 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -56,7 +56,7 @@ test_cert_encoding(void *arg) ret = ed25519_public_key_generate(&signed_key, &secret_key); tt_int_op(ret, == , 0); - cert = tor_cert_create(&kp, CERT_TYPE_SIGNING_AUTH, &signed_key, + cert = tor_cert_create_ed25519(&kp, CERT_TYPE_SIGNING_AUTH, &signed_key, now, 3600 * 2, CERT_FLAG_INCLUDE_SIGNING_KEY); tt_assert(cert); @@ -706,7 +706,7 @@ test_validate_cert(void *arg) tt_int_op(ret, OP_EQ, 0); /* Cert of type CERT_TYPE_AUTH_HS_IP_KEY. */ - cert = tor_cert_create(&kp, CERT_TYPE_AUTH_HS_IP_KEY, + cert = tor_cert_create_ed25519(&kp, CERT_TYPE_AUTH_HS_IP_KEY, &kp.pubkey, now, 3600, CERT_FLAG_INCLUDE_SIGNING_KEY); tt_assert(cert); @@ -726,7 +726,7 @@ test_validate_cert(void *arg) tor_cert_free(cert); /* Try a cert without including the signing key. */ - cert = tor_cert_create(&kp, CERT_TYPE_AUTH_HS_IP_KEY, &kp.pubkey, now, + cert = tor_cert_create_ed25519(&kp, CERT_TYPE_AUTH_HS_IP_KEY, &kp.pubkey, now, 3600, 0); tt_assert(cert); /* Test with a bad type. */ diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c index 1566b349ed..06af299056 100644 --- a/src/test/test_link_handshake.c +++ b/src/test/test_link_handshake.c @@ -710,7 +710,7 @@ CERTS_FAIL(missing_signing_key, /* ed25519 */ * signing key. */ const ed25519_keypair_t *mk = get_master_identity_keypair(); const ed25519_keypair_t *sk = get_master_signing_keypair(); - tor_cert_t *bad_cert = tor_cert_create(mk, CERT_TYPE_ID_SIGNING, + tor_cert_t *bad_cert = tor_cert_create_ed25519(mk, CERT_TYPE_ID_SIGNING, &sk->pubkey, time(NULL), 86400, 0 /* don't include signer */); certs_cell_cert_setlen_body(cert, bad_cert->encoded_len); diff --git a/src/test/test_routerkeys.c b/src/test/test_routerkeys.c index 8d653e44a2..e5314046b9 100644 --- a/src/test/test_routerkeys.c +++ b/src/test/test_routerkeys.c @@ -151,7 +151,7 @@ test_routerkeys_ed_certs(void *args) for (int i = 0; i <= 1; ++i) { uint32_t flags = i ? CERT_FLAG_INCLUDE_SIGNING_KEY : 0; - cert[i] = tor_cert_create(&kp1, 5, &kp2.pubkey, now, 10000, flags); + cert[i] = tor_cert_create_ed25519(&kp1, 5, &kp2.pubkey, now, 10000, flags); tt_assert(cert[i]); tt_uint_op(cert[i]->sig_bad, OP_EQ, 0); From 22643272d24fdcd106887b792f2e36dc604029c0 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Thu, 17 Sep 2020 08:19:53 -0400 Subject: [PATCH 2/3] Fix wide lines --- src/feature/hs/hs_service.c | 3 ++- src/feature/nodelist/torcert.c | 2 +- src/feature/relay/routerkeys.c | 6 +++--- src/test/hs_test_helpers.c | 6 ++++-- src/test/test_hs_descriptor.c | 5 +++-- 5 files changed, 13 insertions(+), 9 deletions(-) diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index 71f38dfb69..f2a8898b2c 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -1717,7 +1717,8 @@ build_desc_signing_key_cert(hs_service_descriptor_t *desc, time_t now) CERT_FLAG_INCLUDE_SIGNING_KEY); /* If the cert creation fails, the descriptor encoding will fail and thus * ultimately won't be uploaded. We'll get a stack trace to help us learn - * where the call came from and the tor_cert_create_ed25519() will log the error. */ + * where the call came from and the tor_cert_create_ed25519() will log the + * error. */ tor_assert_nonfatal(plaintext->signing_key_cert); } diff --git a/src/feature/nodelist/torcert.c b/src/feature/nodelist/torcert.c index 3f1051b818..603b8bf086 100644 --- a/src/feature/nodelist/torcert.c +++ b/src/feature/nodelist/torcert.c @@ -37,7 +37,7 @@ #include "core/or/or_handshake_certs_st.h" -/** Helper for tor_cert_create_ed25519(): signs any 32 bytes, not just an ed25519 +/** Helper for tor_cert_create_*(): signs any 32 bytes, not just an ed25519 * key. */ static tor_cert_t * diff --git a/src/feature/relay/routerkeys.c b/src/feature/relay/routerkeys.c index ca13d0b9a1..c7adf5b977 100644 --- a/src/feature/relay/routerkeys.c +++ b/src/feature/relay/routerkeys.c @@ -466,7 +466,7 @@ init_mock_ed_keys(const crypto_pk_t *rsa_identity_key) MAKEKEY(master_signing_key); MAKEKEY(current_auth_key); #define MAKECERT(cert, signing, signed_, type, flags) \ - cert = tor_cert_create_ed25519(signing, \ + cert = tor_cert_create_ed25519(signing, \ type, \ &signed_->pubkey, \ time(NULL), 86400, \ @@ -699,8 +699,8 @@ make_ntor_onion_key_crosscert(const curve25519_keypair_t *onion_key, onion_key) < 0) goto end; - cert = tor_cert_create_ed25519(&ed_onion_key, CERT_TYPE_ONION_ID, master_id_key, - now, lifetime, 0); + cert = tor_cert_create_ed25519(&ed_onion_key, CERT_TYPE_ONION_ID, + master_id_key, now, lifetime, 0); end: memwipe(&ed_onion_key, 0, sizeof(ed_onion_key)); diff --git a/src/test/hs_test_helpers.c b/src/test/hs_test_helpers.c index ff98a35c48..e9aafa4760 100644 --- a/src/test/hs_test_helpers.c +++ b/src/test/hs_test_helpers.c @@ -75,7 +75,8 @@ hs_helper_build_intro_point(const ed25519_keypair_t *signing_kp, time_t now, ret = ed25519_keypair_generate(&auth_kp, 0); tt_int_op(ret, OP_EQ, 0); } - ip->auth_key_cert = tor_cert_create_ed25519(signing_kp, CERT_TYPE_AUTH_HS_IP_KEY, + ip->auth_key_cert = tor_cert_create_ed25519(signing_kp, + CERT_TYPE_AUTH_HS_IP_KEY, &auth_kp.pubkey, now, HS_DESC_CERT_LIFETIME, CERT_FLAG_INCLUDE_SIGNING_KEY); @@ -110,7 +111,8 @@ hs_helper_build_intro_point(const ed25519_keypair_t *signing_kp, time_t now, } ed25519_keypair_from_curve25519_keypair(&ed25519_kp, &signbit, &curve25519_kp); - cross_cert = tor_cert_create_ed25519(signing_kp, CERT_TYPE_CROSS_HS_IP_KEYS, + cross_cert = tor_cert_create_ed25519(signing_kp, + CERT_TYPE_CROSS_HS_IP_KEYS, &ed25519_kp.pubkey, time(NULL), HS_DESC_CERT_LIFETIME, CERT_FLAG_INCLUDE_SIGNING_KEY); diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index 0525335025..b6e13c79a8 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -726,8 +726,9 @@ test_validate_cert(void *arg) tor_cert_free(cert); /* Try a cert without including the signing key. */ - cert = tor_cert_create_ed25519(&kp, CERT_TYPE_AUTH_HS_IP_KEY, &kp.pubkey, now, - 3600, 0); + cert = tor_cert_create_ed25519(&kp, CERT_TYPE_AUTH_HS_IP_KEY, + &kp.pubkey, now, 3600, 0); + tt_assert(cert); /* Test with a bad type. */ ret = cert_is_valid(cert, CERT_TYPE_AUTH_HS_IP_KEY, "unicorn"); From 5d1d7afcd319e1dcdc046b2227a13e0cb2d80534 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Thu, 17 Sep 2020 08:42:25 -0400 Subject: [PATCH 3/3] Use the correct SIGNED_KEY_TYPE value for signing->link certs Our code was using [01] as for the key type of signed->link certs, which was incorrect. The value should be [03], to indicate that the value as the SHA256 of an x.509 cert. Fortunately, nothing cares about this value, so there shouldn't be compatibility issues. Fixes bug 40124; bugfix on 0.2.7.2-alpha. --- changes/ticket40124 | 3 +++ src/feature/nodelist/torcert.c | 10 +++++----- src/feature/nodelist/torcert.h | 10 +++++++++- src/feature/relay/routerkeys.c | 8 +++----- 4 files changed, 20 insertions(+), 11 deletions(-) create mode 100644 changes/ticket40124 diff --git a/changes/ticket40124 b/changes/ticket40124 new file mode 100644 index 0000000000..e412c401df --- /dev/null +++ b/changes/ticket40124 @@ -0,0 +1,3 @@ + o Minor bugfixes (spec conformance): + - Use the correct key type when generating signing->link + certificates. Fixes bug 40124; bugfix on 0.2.7.2-alpha. diff --git a/src/feature/nodelist/torcert.c b/src/feature/nodelist/torcert.c index 603b8bf086..dc36626122 100644 --- a/src/feature/nodelist/torcert.c +++ b/src/feature/nodelist/torcert.c @@ -37,11 +37,11 @@ #include "core/or/or_handshake_certs_st.h" -/** Helper for tor_cert_create_*(): signs any 32 bytes, not just an ed25519 - * key. +/** As tor_cert_create(), but accept an arbitrary signed_key_type as the + * subject key -- not just an ed25519 key. */ -static tor_cert_t * -tor_cert_sign_impl(const ed25519_keypair_t *signing_key, +tor_cert_t * +tor_cert_create_raw(const ed25519_keypair_t *signing_key, uint8_t cert_type, uint8_t signed_key_type, const uint8_t signed_key_info[32], @@ -134,7 +134,7 @@ tor_cert_create_ed25519(const ed25519_keypair_t *signing_key, time_t now, time_t lifetime, uint32_t flags) { - return tor_cert_sign_impl(signing_key, cert_type, + return tor_cert_create_raw(signing_key, cert_type, SIGNED_KEY_TYPE_ED25519, signed_key->pubkey, now, lifetime, flags); } diff --git a/src/feature/nodelist/torcert.h b/src/feature/nodelist/torcert.h index d3b3b6a57b..3314ee2550 100644 --- a/src/feature/nodelist/torcert.h +++ b/src/feature/nodelist/torcert.h @@ -11,7 +11,9 @@ #include "lib/crypt_ops/crypto_ed25519.h" -#define SIGNED_KEY_TYPE_ED25519 0x01 +#define SIGNED_KEY_TYPE_ED25519 0x01 +#define SIGNED_KEY_TYPE_SHA256_OF_RSA 0x02 +#define SIGNED_KEY_TYPE_SHA256_OF_X509 0x03 #define CERT_TYPE_ID_SIGNING 0x04 #define CERT_TYPE_SIGNING_LINK 0x05 @@ -61,6 +63,12 @@ tor_cert_t *tor_cert_create_ed25519(const ed25519_keypair_t *signing_key, const ed25519_public_key_t *signed_key, time_t now, time_t lifetime, uint32_t flags); +tor_cert_t * tor_cert_create_raw(const ed25519_keypair_t *signing_key, + uint8_t cert_type, + uint8_t signed_key_type, + const uint8_t signed_key_info[32], + time_t now, time_t lifetime, + uint32_t flags); tor_cert_t *tor_cert_parse(const uint8_t *cert, size_t certlen); diff --git a/src/feature/relay/routerkeys.c b/src/feature/relay/routerkeys.c index c7adf5b977..116f0b4e3d 100644 --- a/src/feature/relay/routerkeys.c +++ b/src/feature/relay/routerkeys.c @@ -387,12 +387,10 @@ generate_ed_link_cert(const or_options_t *options, time_t now, return 0; } - ed25519_public_key_t dummy_key; - memcpy(dummy_key.pubkey, digests->d[DIGEST_SHA256], DIGEST256_LEN); - - link_cert = tor_cert_create_ed25519(get_master_signing_keypair(), + link_cert = tor_cert_create_raw(get_master_signing_keypair(), CERT_TYPE_SIGNING_LINK, - &dummy_key, + SIGNED_KEY_TYPE_SHA256_OF_X509, + (const uint8_t*)digests->d[DIGEST_SHA256], now, options->TestingLinkCertLifetime, 0);