summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2015-05-16 12:09:25 -0400
committerNick Mathewson <nickm@torproject.org>2016-11-03 08:37:21 -0400
commit2bf655394942e5b76944df92c8cd002fc15d3382 (patch)
tree32c6e40e52784160a9b79c1ce969d50ff56c8b81
parentb004ff45d7f637675be976737eb7efea8da5b49c (diff)
downloadtor-2bf655394942e5b76944df92c8cd002fc15d3382.tar.gz
tor-2bf655394942e5b76944df92c8cd002fc15d3382.zip
Code to send correct authentication data when we are using AUTHTYPE>2
Implements the major part of 19156, except doesn't actually send the new cell type yet.
-rw-r--r--src/or/channeltls.c3
-rw-r--r--src/or/connection_or.c42
-rw-r--r--src/or/connection_or.h8
-rw-r--r--src/or/or.h2
4 files changed, 44 insertions, 11 deletions
diff --git a/src/or/channeltls.c b/src/or/channeltls.c
index e30ecb0541..8009c0b3b3 100644
--- a/src/or/channeltls.c
+++ b/src/or/channeltls.c
@@ -2170,7 +2170,8 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan)
ssize_t bodylen =
connection_or_compute_authenticate_cell_body(
- chan->conn, expected, sizeof(expected), NULL, 1);
+ chan->conn, expected, sizeof(expected),
+ AUTHTYPE_RSA_SHA256_TLSSECRET, NULL, NULL, 1);
if (bodylen < 0 || bodylen != V3_AUTH_FIXED_PART_LEN)
ERR("Couldn't compute expected AUTHENTICATE cell body");
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index d06a246ee2..fed933be73 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -2312,7 +2312,9 @@ connection_or_send_auth_challenge_cell(or_connection_t *conn)
int
connection_or_compute_authenticate_cell_body(or_connection_t *conn,
uint8_t *out, size_t outlen,
+ const int authtype,
crypto_pk_t *signing_key,
+ ed25519_keypair_t *ed_signing_key,
int server)
{
auth1_t *auth = NULL;
@@ -2322,7 +2324,6 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
const char *authtype_str = NULL;
int is_ed = 0;
- const int authtype = 1; /* XXXX this should be an argument. */
/* assert state is reasonable XXXX */
switch (authtype) {
@@ -2343,6 +2344,7 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
}
auth = auth1_new();
+ ctx->is_ed = is_ed;
/* Type: 8 bytes. */
memcpy(auth1_getarray_type(auth), authtype_str, 8);
@@ -2371,6 +2373,20 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
memcpy(auth->sid, server_id, 32);
}
+ if (is_ed) {
+ const ed25519_public_key_t *my_ed_id, *their_ed_id;
+ if (!conn->handshake_state->ed_id_sign_cert)
+ goto err;
+ my_ed_id = get_master_identity_key();
+ their_ed_id = &conn->handshake_state->ed_id_sign_cert->signing_key;
+
+ const uint8_t *cid_ed = (server ? their_ed_id : my_ed_id)->pubkey;
+ const uint8_t *sid_ed = (server ? my_ed_id : their_ed_id)->pubkey;
+
+ memcpy(auth->u1_cid_ed, cid_ed, ED25519_PUBKEY_LEN);
+ memcpy(auth->u1_sid_ed, sid_ed, ED25519_PUBKEY_LEN);
+ }
+
{
crypto_digest_t *server_d, *client_d;
if (server) {
@@ -2450,7 +2466,14 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
goto done;
}
- if (signing_key) {
+ if (ed_signing_key && is_ed) {
+ ed25519_signature_t sig;
+ if (ed25519_sign(&sig, out, len, ed_signing_key) < 0)
+ goto err;
+ auth1_setlen_sig(auth, ED25519_SIG_LEN);
+ memcpy(auth1_getarray_sig(auth), sig.sig, ED25519_SIG_LEN);
+
+ } else if (signing_key && !is_ed) {
auth1_setlen_sig(auth, crypto_pk_keysize(signing_key));
char d[32];
@@ -2466,12 +2489,14 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
auth1_setlen_sig(auth, siglen);
- len = auth1_encode(out, outlen, auth, ctx);
- if (len < 0) {
- log_warn(LD_OR, "Unable to encode signed AUTH1 data.");
- goto err;
- }
}
+
+ len = auth1_encode(out, outlen, auth, ctx);
+ if (len < 0) {
+ log_warn(LD_OR, "Unable to encode signed AUTH1 data.");
+ goto err;
+ }
+
result = (int) len;
goto done;
@@ -2504,6 +2529,7 @@ connection_or_send_authenticate_cell,(or_connection_t *conn, int authtype))
return -1;
}
+ /* XXXX stop precomputing this. */
cell_maxlen = 4 + /* overhead */
V3_AUTH_BODY_LEN + /* Authentication body */
crypto_pk_keysize(pk) + /* Max signature length */
@@ -2517,7 +2543,9 @@ connection_or_send_authenticate_cell,(or_connection_t *conn, int authtype))
authlen = connection_or_compute_authenticate_cell_body(conn,
cell->payload+4,
cell_maxlen-4,
+ AUTHTYPE_RSA_SHA256_TLSSECRET,
pk,
+ NULL,
0 /* not server */);
if (authlen < 0) {
log_warn(LD_BUG, "Unable to compute authenticate cell!");
diff --git a/src/or/connection_or.h b/src/or/connection_or.h
index 2e8c6066cc..8373ed92f0 100644
--- a/src/or/connection_or.h
+++ b/src/or/connection_or.h
@@ -85,9 +85,11 @@ MOCK_DECL(int,connection_or_send_netinfo,(or_connection_t *conn));
int connection_or_send_certs_cell(or_connection_t *conn);
int connection_or_send_auth_challenge_cell(or_connection_t *conn);
int connection_or_compute_authenticate_cell_body(or_connection_t *conn,
- uint8_t *out, size_t outlen,
- crypto_pk_t *signing_key,
- int server);
+ uint8_t *out, size_t outlen,
+ const int authtype,
+ crypto_pk_t *signing_key,
+ ed25519_keypair_t *ed_signing_key,
+ int server);
MOCK_DECL(int,connection_or_send_authenticate_cell,
(or_connection_t *conn, int type));
diff --git a/src/or/or.h b/src/or/or.h
index 402fbfde6b..9e9b1bf3a6 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1445,6 +1445,8 @@ typedef struct or_handshake_state_t {
tor_x509_cert_t *auth_cert;
/** A self-signed identity certificate */
tor_x509_cert_t *id_cert;
+ /** DOCDOC */
+ struct tor_cert_st *ed_id_sign_cert;
/**@}*/
} or_handshake_state_t;