Commit Graph

38 Commits

Author SHA1 Message Date
Nick Mathewson
2f683465d4 Bump copyright date to 2019 2019-01-16 12:33:22 -05:00
Nick Mathewson
934859cf80 Move key-loading and crosscert-checking out of feature/relay
This is also used by onion services, so it needs to go in another
module.
2018-09-25 15:14:57 -04:00
Nick Mathewson
0db5c54957 Merge branch 'nss_squashed' into nss_merge 2018-09-04 20:21:07 -04:00
David Goulet
cb466ee7d6 key: Make ed_key_init_from_file() take an or_options_t
Part of #27215, we need to call the ed_key_init_from_file function during
option_validate() which is before the global_options variable is set.

This commit make ed_key_init_from_file() stop using get_options() and instead
now has a or_options_t parameter.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-08-22 11:32:57 -04:00
Nick Mathewson
f45107e7de Rename crypto.c to crypto_cipher.c (since that's all it still has.) 2018-07-11 14:12:36 -04:00
Nick Mathewson
ef486e3c02 Fix every include path changed in the previous commit (automated)
I am very glad to have written this script.
2018-07-05 17:15:50 -04:00
Nick Mathewson
4593829861 Remove util.h
Inline its contents (which were all includes) into or.h, and some of
its contents into other places that didn't include or.h at all.
2018-07-05 15:04:18 -04:00
Nick Mathewson
6c440da926 Remove system headers from or.h 2018-07-01 15:20:37 -04:00
Nick Mathewson
1743dac078 Minimize headers that include crypto_formats and x25519 stuff 2018-07-01 15:20:37 -04:00
Nick Mathewson
accf239fa3 Rectify include paths (automated) 2018-06-21 13:19:00 -04:00
Nick Mathewson
0dab29ce10 Run rectify_include_paths.py 2018-06-20 09:35:05 -04:00
Nick Mathewson
fb0019daf9 Update copyrights to 2018. 2018-06-20 08:13:28 -04:00
Nick Mathewson
a57bcffcc7 Implement the various get_foodir_*() functions. 2017-12-05 19:49:29 -05:00
Nick Mathewson
c1deabd3b0 Run our #else/#endif annotator on our source code. 2017-09-15 16:24:44 -04:00
Alexander Færøy
77b92c2214 Ensure that make check-spaces is happy.
The `test-operator-cleanup` patch, and related coccinelle patches,
don't do any checks for line length. This patch fixes the line
length issues caused by the previous commits.
2017-08-24 16:09:41 -04:00
Nick Mathewson
047790a253 apply ahf's test_assert_int.cocci 2017-08-24 15:49:59 -04:00
Alexander Færøy
c4744a01cc Fix operator usage in src/test/*.c
This patch fixes the operator usage in src/test/*.c to use the symbolic
operators instead of the normal C comparison operators.

This patch was generated using:

    ./scripts/coccinelle/test-operator-cleanup src/test/*.[ch]
2017-08-24 15:24:34 -04:00
Nick Mathewson
e3b1573be6 Merge branch 'maint-0.3.0' 2017-06-05 15:52:06 -04:00
Nick Mathewson
a9be768959 Bugfix: Regenerate more certificates when appropriate
Previously we could sometimes change our signing key, but not
regenerate the certificates (signing->link and signing->auth) that
were signed with it.  Also, we would regularly replace our TLS x.509
link certificate (by rotating our TLS context) but not replace our
signing->link ed25519 certificate.  In both cases, the resulting
inconsistency would make other relays reject our link handshakes.

Fixes two cases of bug 22460; bugfix on 0.3.0.1-alpha.
2017-05-31 18:45:35 -04:00
Nick Mathewson
7505f452c8 Run the copyright update script. 2017-03-15 16:13:17 -04:00
Nick Mathewson
32854aef28 whitespace fixes 2016-11-03 08:55:54 -04:00
Nick Mathewson
e3c8253721 Add function to check RSA->Ed cross-certifications
Also, adjust signing approach to more closely match the signing
scheme in the proposal.

(The format doesn't quite match the format in the proposal, since
RSA signatures aren't fixed-length.)

Closes 19020.
2016-11-03 08:37:22 -04:00
Nick Mathewson
57699de005 Update the copyright year. 2016-02-27 18:48:19 +01:00
Nick Mathewson
83ad7d2fbb Memory leak in tor_cert_parse. CID 1301382. 2015-05-28 13:11:54 -04:00
Nick Mathewson
3262f3c3f6 Fix leak-on-test-failure in test_routerkeys.c
CID 1301379
2015-05-28 13:06:30 -04:00
Nick Mathewson
72714270e2 Fix memory leak in test_routerkeys
CID 1301376
2015-05-28 13:00:25 -04:00
Nick Mathewson
8f15423b76 Do not allocate our ed-link crosscert till after tls ctx
We need this to prevent some annoying chutney crash-at-starts
2015-05-28 10:47:47 -04:00
Nick Mathewson
3bee74c6d1 Generate weird certificates correctly
(Our link protocol assumes that the link cert certifies the TLS key,
and there is an RSA->Ed25519 crosscert)
2015-05-28 10:47:47 -04:00
Nick Mathewson
57189acd6f # This is a combination of 2 commits.
# The first commit's message is:

Regenerate ed25519 keys when they will expire soon.

Also, have testing-level options to set the lifetimes and
expiration-tolerances of all key types, plus a non-testing-level
option to set the lifetime of any auto-generated signing key.

# The 2nd commit message will be skipped:

#	fixup! Regenerate ed25519 keys when they will expire soon.
2015-05-28 10:42:30 -04:00
Nick Mathewson
efa21bb941 Implement proposal 228: cross-certification with onion keys
Routers now use TAP and ntor onion keys to sign their identity keys,
and put these signatures in their descriptors.  That allows other
parties to be confident that the onion keys are indeed controlled by
the router that generated the descriptor.
2015-05-28 10:40:57 -04:00
Nick Mathewson
fe5d2477aa Implement ed25519-signed descriptors
Now that we have ed25519 keys, we can sign descriptors with them
and check those signatures as documented in proposal 220.
2015-05-28 10:40:56 -04:00
Nick Mathewson
818e6f939d prop220: Implement certificates and key storage/creation
For prop220, we have a new ed25519 certificate type. This patch
implements the code to create, parse, and validate those, along with
code for routers to maintain their own sets of certificates and
keys.  (Some parts of master identity key encryption are done, but
the implementation of that isn't finished)
2015-05-28 10:40:56 -04:00
Nick Mathewson
f54e54b0b4 Bump copyright dates to 2015, in case someday this matters. 2015-01-02 14:27:39 -05:00
Nick Mathewson
a3dafd3f58 Replace operators used as macro arguments with OP_XX macros
Part of fix for 13172
2014-11-12 13:28:07 -05:00
Nick Mathewson
fcdcb377a4 Add another year to our copyright dates.
Because in 95 years, we or our successors will surely care about
enforcing the BSD license terms on this code.  Right?
2014-10-28 15:30:16 -04:00
Nick Mathewson
aa0eb20223 Fix leaks in tests related to setting options->DataDirectory
We pre-populate that value in main(), and we weren't freeing it
before overriding it.
2014-04-29 12:48:02 -04:00
Nick Mathewson
119896cd43 Fix some leaks/missed checks in the unit tests
Coverity spotted these.
2014-03-13 10:07:10 -04:00
Nick Mathewson
886d4be149 Unit tests for test_routerkeys_write_fingerprint 2014-02-28 08:53:14 -05:00