Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Add more consistency checks in load_ed_keys

Make sure that signing certs are signed by the right identity key,
to prevent a recurrence of #16530.  Also make sure that the master
identity key we find on disk matches the one we have in RAM, if we
have one.

This is for #16581.
Nick Mathewson 8 years ago
parent
1360326588
commit
3fcb74e98b
2 changed files with 24 additions and 4 deletions
Split View Show Diff Stats
  1. 19 0
      src/or/routerkeys.c
  2. 5 4
      src/or/torcert.c

+ 19 - 0
src/or/routerkeys.c
View File 

@@ -569,9 +569,24 @@ load_ed_keys(const or_options_t *options, time_t now)
 
       sign_signing_key_with_id = id;
 
   }
 
 
+  if (master_identity_key &&
 
+      !ed25519_pubkey_eq(&id->pubkey, &master_identity_key->pubkey)) {
 
+    FAIL("Identity key on disk does not match key we loaded earlier!");
 
+  }
 
+
 
   if (need_new_signing_key && NULL == sign_signing_key_with_id)
 
     FAIL("Can't load master key make a new signing key.");
 
 
+  if (sign_cert) {
 
+    if (! sign_cert->signing_key_included)
 
+      FAIL("Loaded a signing cert with no key included!");
 
+    if (! ed25519_pubkey_eq(&sign_cert->signing_key, &id->pubkey))
 
+      FAIL("The signing cert we have was not signed with the master key "
 
+           "we loaded!");
 
+    if (tor_cert_checksig(sign_cert, &id->pubkey, 0) < 0)
 
+      FAIL("The signing cert we loaded was not signed correctly!");
 
+  }
 
+
 
   if (want_new_signing_key && sign_signing_key_with_id) {
 
     uint32_t flags = (INIT_ED_KEY_CREATE|
 
                       INIT_ED_KEY_REPLACE|
 
@@ -589,6 +604,10 @@ load_ed_keys(const or_options_t *options, time_t now)
 
     if (!sign)
 
       FAIL("Missing signing key");
 
     use_signing = sign;
 
+
 
+    tor_assert(sign_cert->signing_key_included);
 
+    tor_assert(ed25519_pubkey_eq(&sign_cert->signing_key, &id->pubkey));
 
+    tor_assert(ed25519_pubkey_eq(&sign_cert->signed_key, &sign->pubkey));
 
   } else if (want_new_signing_key) {
 
     static ratelim_t missing_master = RATELIM_INIT(3600);
 
     log_fn_ratelim(&missing_master, LOG_WARN, LD_OR,

+ 5 - 4
src/or/torcert.c
View File 

@@ -181,9 +181,10 @@ tor_cert_get_checkable_sig(ed25519_checkable_t *checkable_out,
 
   return 0;
 
 }
 
 
-/** Validates the signature on <b>cert</b> with <b>pubkey</b> relative to
 
- * the current time <b>now</b>.  Return 0 on success, -1 on failure.
 
- * Sets flags in <b>cert</b> as appropriate.
 
+/** Validates the signature on <b>cert</b> with <b>pubkey</b> relative to the
 
+ * current time <b>now</b>.  (If <b>now</b> is 0, do not check the expiration
 
+ * time.) Return 0 on success, -1 on failure.  Sets flags in <b>cert</b> as
 
+ * appropriate.
 
  */
 
 int
 
 tor_cert_checksig(tor_cert_t *cert,
 
@@ -192,7 +193,7 @@ tor_cert_checksig(tor_cert_t *cert,
 
   ed25519_checkable_t checkable;
 
   int okay;
 
 
-  if (now > cert->valid_until) {
 
+  if (now && now > cert->valid_until) {
 
     cert->cert_expired = 1;
 
     return -1;
 
   }