diff options
| author | Nick Mathewson <nickm@torproject.org> | 2015-07-14 11:27:49 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-07-14 11:27:49 -0400 |
| commit | 3fcb74e98b7247f9b35e8a5067bfa915e1705d3e (patch) | |
| tree | ba72630a274da038485a0505a58926d0f14d0144 | |
| parent | 13603265888d1e34b7a1ab8d83a361c0e9c34684 (diff) | |
| download | tor-3fcb74e98b7247f9b35e8a5067bfa915e1705d3e.tar.gz tor-3fcb74e98b7247f9b35e8a5067bfa915e1705d3e.zip | |
Add more consistency checks in load_ed_keys
Make sure that signing certs are signed by the right identity key,
to prevent a recurrence of #16530. Also make sure that the master
identity key we find on disk matches the one we have in RAM, if we
have one.
This is for #16581.
| -rw-r--r-- | src/or/routerkeys.c | 19 | ||||
| -rw-r--r-- | src/or/torcert.c | 9 |
2 files changed, 24 insertions, 4 deletions
diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c index 81fa1152c1..d38b5a3ba3 100644 --- a/src/or/routerkeys.c +++ b/src/or/routerkeys.c @@ -569,9 +569,24 @@ load_ed_keys(const or_options_t *options, time_t now) sign_signing_key_with_id = id; } + if (master_identity_key && + !ed25519_pubkey_eq(&id->pubkey, &master_identity_key->pubkey)) { + FAIL("Identity key on disk does not match key we loaded earlier!"); + } + if (need_new_signing_key && NULL == sign_signing_key_with_id) FAIL("Can't load master key make a new signing key."); + if (sign_cert) { + if (! sign_cert->signing_key_included) + FAIL("Loaded a signing cert with no key included!"); + if (! ed25519_pubkey_eq(&sign_cert->signing_key, &id->pubkey)) + FAIL("The signing cert we have was not signed with the master key " + "we loaded!"); + if (tor_cert_checksig(sign_cert, &id->pubkey, 0) < 0) + FAIL("The signing cert we loaded was not signed correctly!"); + } + if (want_new_signing_key && sign_signing_key_with_id) { uint32_t flags = (INIT_ED_KEY_CREATE| INIT_ED_KEY_REPLACE| @@ -589,6 +604,10 @@ load_ed_keys(const or_options_t *options, time_t now) if (!sign) FAIL("Missing signing key"); use_signing = sign; + + tor_assert(sign_cert->signing_key_included); + tor_assert(ed25519_pubkey_eq(&sign_cert->signing_key, &id->pubkey)); + tor_assert(ed25519_pubkey_eq(&sign_cert->signed_key, &sign->pubkey)); } else if (want_new_signing_key) { static ratelim_t missing_master = RATELIM_INIT(3600); log_fn_ratelim(&missing_master, LOG_WARN, LD_OR, diff --git a/src/or/torcert.c b/src/or/torcert.c index f028910a70..596cd2be31 100644 --- a/src/or/torcert.c +++ b/src/or/torcert.c @@ -181,9 +181,10 @@ tor_cert_get_checkable_sig(ed25519_checkable_t *checkable_out, return 0; } -/** Validates the signature on <b>cert</b> with <b>pubkey</b> relative to - * the current time <b>now</b>. Return 0 on success, -1 on failure. - * Sets flags in <b>cert</b> as appropriate. +/** Validates the signature on <b>cert</b> with <b>pubkey</b> relative to the + * current time <b>now</b>. (If <b>now</b> is 0, do not check the expiration + * time.) Return 0 on success, -1 on failure. Sets flags in <b>cert</b> as + * appropriate. */ int tor_cert_checksig(tor_cert_t *cert, @@ -192,7 +193,7 @@ tor_cert_checksig(tor_cert_t *cert, ed25519_checkable_t checkable; int okay; - if (now > cert->valid_until) { + if (now && now > cert->valid_until) { cert->cert_expired = 1; return -1; } |