nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 13:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'tor-github/pr/1317'

Browse Source
This commit is contained in:
Nick Mathewson 2019-10-07 10:23:44 -04:00
commit 7a26f14a37
3 changed files with 22 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
changes/ticket29669 Normal file
View File

@ -0,0 +1,3 @@
o Minor feature (hidden service, control port):
- The ADD_ONION key blob keyword "BEST" now defaults from RSA1024 (v2) to
ED25519-V3 (v3). Closes ticket 29669.

7
src/feature/control/control_cmd.c
View File

@ -1982,8 +1982,7 @@ add_onion_helper_keyarg(const char *arg, int discard_pk,
*hs_version = HS_VERSION_THREE; *hs_version = HS_VERSION_THREE;
} else if (!strcasecmp(key_type_new, key_type)) { } else if (!strcasecmp(key_type_new, key_type)) {
/* "NEW:<Algorithm>" - Generating a new key, blob as algorithm. */ /* "NEW:<Algorithm>" - Generating a new key, blob as algorithm. */
if (!strcasecmp(key_type_rsa1024, key_blob) || if (!strcasecmp(key_type_rsa1024, key_blob)) {
!strcasecmp(key_type_best, key_blob)) {
/* "RSA1024", RSA 1024 bit, also currently "BEST" by default. */ /* "RSA1024", RSA 1024 bit, also currently "BEST" by default. */
pk = crypto_pk_new(); pk = crypto_pk_new();
if (crypto_pk_generate_key(pk)) { if (crypto_pk_generate_key(pk)) {
@ -2002,7 +2001,9 @@ add_onion_helper_keyarg(const char *arg, int discard_pk,
} }
decoded_key->v2 = pk; decoded_key->v2 = pk;
*hs_version = HS_VERSION_TWO; *hs_version = HS_VERSION_TWO;
} else if (!strcasecmp(key_type_ed25519_v3, key_blob)) { } else if (!strcasecmp(key_type_ed25519_v3, key_blob) ||
!strcasecmp(key_type_best, key_blob)) {
/* "ED25519-V3", ed25519 key, also currently "BEST" by default. */
ed25519_secret_key_t *sk = tor_malloc_zero(sizeof(*sk)); ed25519_secret_key_t *sk = tor_malloc_zero(sizeof(*sk));
if (ed25519_secret_key_generate(sk, 1) < 0) { if (ed25519_secret_key_generate(sk, 1) < 0) {
tor_free(sk); tor_free(sk);

28
src/test/test_controller.c
View File

@ -243,8 +243,22 @@ test_add_onion_helper_keyarg_v3(void *arg)
tor_free(pk.v3); pk.v3 = NULL; tor_free(pk.v3); pk.v3 = NULL;
tor_free(key_new_blob); tor_free(key_new_blob);
/* Test "BEST" key generation (Assumes BEST = ED25519-V3). */
tor_free(pk.v3); pk.v3 = NULL;
tor_free(key_new_blob);
ret = add_onion_helper_keyarg("NEW:BEST", 0, &key_new_alg, &key_new_blob,
&pk, &hs_version, NULL);
tt_int_op(ret, OP_EQ, 0);
tt_int_op(hs_version, OP_EQ, HS_VERSION_THREE);
tt_assert(pk.v3);
tt_str_op(key_new_alg, OP_EQ, "ED25519-V3");
tt_assert(key_new_blob);
tt_ptr_op(reply_str, OP_EQ, NULL);
/* Test discarding the private key. */ /* Test discarding the private key. */
tor_free(reply_str); tor_free(reply_str);
tor_free(pk.v3); pk.v3 = NULL;
tor_free(key_new_blob);
ret = add_onion_helper_keyarg("NEW:ED25519-V3", 1, &key_new_alg, ret = add_onion_helper_keyarg("NEW:ED25519-V3", 1, &key_new_alg,
&key_new_blob, &pk, &hs_version, &key_new_blob, &pk, &hs_version,
NULL); NULL);
@ -323,22 +337,10 @@ test_add_onion_helper_keyarg_v2(void *arg)
tt_assert(key_new_blob); tt_assert(key_new_blob);
tt_ptr_op(reply_str, OP_EQ, NULL); tt_ptr_op(reply_str, OP_EQ, NULL);
/* Test "BEST" key generation (Assumes BEST = RSA1024). */
crypto_pk_free(pk.v2); pk.v2 = NULL;
tor_free(key_new_blob);
ret = add_onion_helper_keyarg("NEW:BEST", 0, &key_new_alg, &key_new_blob,
&pk, &hs_version, NULL);
tt_int_op(ret, OP_EQ, 0);
tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO);
tt_assert(pk.v2);
tt_str_op(key_new_alg, OP_EQ, "RSA1024");
tt_assert(key_new_blob);
tt_ptr_op(reply_str, OP_EQ, NULL);
/* Test discarding the private key. */ /* Test discarding the private key. */
crypto_pk_free(pk.v2); pk.v2 = NULL; crypto_pk_free(pk.v2); pk.v2 = NULL;
tor_free(key_new_blob); tor_free(key_new_blob);
ret = add_onion_helper_keyarg("NEW:BEST", 1, &key_new_alg, &key_new_blob, ret = add_onion_helper_keyarg("NEW:RSA1024", 1, &key_new_alg, &key_new_blob,
&pk, &hs_version, NULL); &pk, &hs_version, NULL);
tt_int_op(ret, OP_EQ, 0); tt_int_op(ret, OP_EQ, 0);
tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO);