summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2009-09-14 11:57:19 -0400
committerNick Mathewson <nickm@torproject.org>2009-10-15 15:17:12 -0400
commit8b2f6b27fdc03f12d092d37c42d1995ff7426916 (patch)
treee43bd2156f445597940f0b9b386920811e7a38de
parent8d41e6c47126fb467858f98b06ab7460dcc6647b (diff)
downloadtor-8b2f6b27fdc03f12d092d37c42d1995ff7426916.tar.gz
tor-8b2f6b27fdc03f12d092d37c42d1995ff7426916.zip
Make signature-generation code handle different key and digest lengths.
-rw-r--r--src/or/dirserv.c9
-rw-r--r--src/or/dirvote.c6
-rw-r--r--src/or/or.h1
-rw-r--r--src/or/rendcommon.c3
-rw-r--r--src/or/router.c5
-rw-r--r--src/or/routerparse.c9
6 files changed, 20 insertions, 13 deletions
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 47dc038454..f12ef2f3d5 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -1091,7 +1091,8 @@ dirserv_dump_directory_to_string(char **dir_out,
return -1;
}
note_crypto_pk_op(SIGN_DIR);
- if (router_append_dirobj_signature(buf,buf_len,digest,private_key)<0) {
+ if (router_append_dirobj_signature(buf,buf_len,digest,DIGEST_LEN,
+ private_key)<0) {
tor_free(buf);
return -1;
}
@@ -1549,7 +1550,8 @@ generate_runningrouters(void)
goto err;
}
note_crypto_pk_op(SIGN_DIR);
- if (router_append_dirobj_signature(s, len, digest, private_key)<0)
+ if (router_append_dirobj_signature(s, len, digest, DIGEST_LEN,
+ private_key)<0)
goto err;
set_cached_dir(&the_runningrouters, s, time(NULL));
@@ -2743,7 +2745,8 @@ generate_v2_networkstatus_opinion(void)
outp += strlen(outp);
note_crypto_pk_op(SIGN_DIR);
- if (router_append_dirobj_signature(outp,endp-outp,digest,private_key)<0) {
+ if (router_append_dirobj_signature(outp,endp-outp,digest,DIGEST_LEN,
+ private_key)<0) {
log_warn(LD_BUG, "Unable to sign router status.");
goto done;
}
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index 358246ae9d..4e94eb67e6 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -192,7 +192,7 @@ format_networkstatus_vote(crypto_pk_env_t *private_signing_key,
if (router_get_networkstatus_v3_hash(status, digest)<0)
goto err;
note_crypto_pk_op(SIGN_DIR);
- if (router_append_dirobj_signature(outp,endp-outp,digest,
+ if (router_append_dirobj_signature(outp,endp-outp,digest, DIGEST_LEN,
private_signing_key)<0) {
log_warn(LD_BUG, "Unable to sign networkstatus vote.");
goto err;
@@ -1257,7 +1257,7 @@ networkstatus_compute_consensus(smartlist_t *votes,
tor_snprintf(buf, sizeof(buf), "%s %s\n", fingerprint,
signing_key_fingerprint);
/* And the signature. */
- if (router_append_dirobj_signature(buf, sizeof(buf), digest,
+ if (router_append_dirobj_signature(buf, sizeof(buf), digest, DIGEST_LEN,
signing_key)) {
log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");
return NULL; /* This leaks, but it should never happen. */
@@ -1272,7 +1272,7 @@ networkstatus_compute_consensus(smartlist_t *votes,
signing_key_fingerprint, 0);
tor_snprintf(buf, sizeof(buf), "%s %s\n", fingerprint,
signing_key_fingerprint);
- if (router_append_dirobj_signature(buf, sizeof(buf), digest,
+ if (router_append_dirobj_signature(buf, sizeof(buf), digest, DIGEST_LEN,
legacy_signing_key)) {
log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");
return NULL; /* This leaks, but it should never happen. */
diff --git a/src/or/or.h b/src/or/or.h
index f0ea25e07e..d9e883f3e8 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4911,6 +4911,7 @@ int router_get_networkstatus_v3_hash(const char *s, char *digest);
int router_get_extrainfo_hash(const char *s, char *digest);
int router_append_dirobj_signature(char *buf, size_t buf_len,
const char *digest,
+ size_t digest_len,
crypto_pk_env_t *private_key);
int router_parse_list_from_string(const char **s, const char *eos,
smartlist_t *dest,
diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index df7195e3ea..c7eb2a9d08 100644
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -618,7 +618,8 @@ rend_encode_v2_descriptors(smartlist_t *descs_out,
}
if (router_append_dirobj_signature(desc_str + written,
desc_len - written,
- desc_digest, service_key) < 0) {
+ desc_digest, DIGEST_LEN,
+ service_key) < 0) {
log_warn(LD_BUG, "Couldn't sign desc.");
rend_encoded_v2_service_descriptor_free(enc);
goto err;
diff --git a/src/or/router.c b/src/or/router.c
index 5b260de1ca..85abc8c5fb 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -1788,7 +1788,7 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
note_crypto_pk_op(SIGN_RTR);
if (router_append_dirobj_signature(s+written,maxlen-written,
- digest,ident_key)<0) {
+ digest,DIGEST_LEN,ident_key)<0) {
log_warn(LD_BUG, "Couldn't sign router descriptor");
return -1;
}
@@ -1980,7 +1980,8 @@ extrainfo_dump_to_string(char *s, size_t maxlen, extrainfo_t *extrainfo,
len += strlen(s+len);
if (router_get_extrainfo_hash(s, digest)<0)
return -1;
- if (router_append_dirobj_signature(s+len, maxlen-len, digest, ident_key)<0)
+ if (router_append_dirobj_signature(s+len, maxlen-len, digest, DIGEST_LEN,
+ ident_key)<0)
return -1;
{
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index e35ece06de..02c5cdb44e 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -643,14 +643,15 @@ router_get_extrainfo_hash(const char *s, char *digest)
*/
int
router_append_dirobj_signature(char *buf, size_t buf_len, const char *digest,
- crypto_pk_env_t *private_key)
+ size_t digest_len, crypto_pk_env_t *private_key)
{
char *signature;
size_t i;
+ int siglen;
signature = tor_malloc(crypto_pk_keysize(private_key));
- if (crypto_pk_private_sign(private_key, signature, digest, DIGEST_LEN) < 0) {
-
+ siglen = crypto_pk_private_sign(private_key, signature, digest, digest_len);
+ if (siglen < 0) {
log_warn(LD_BUG,"Couldn't sign digest.");
goto err;
}
@@ -658,7 +659,7 @@ router_append_dirobj_signature(char *buf, size_t buf_len, const char *digest,
goto truncated;
i = strlen(buf);
- if (base64_encode(buf+i, buf_len-i, signature, 128) < 0) {
+ if (base64_encode(buf+i, buf_len-i, signature, siglen) < 0) {
log_warn(LD_BUG,"couldn't base64-encode signature");
goto err;
}