Merge branch 'tor-gitlab/mr/145'

5 files changed, 29 insertions, 22 deletions

diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index 3e264b4686..f2a8898b2c 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -1587,7 +1587,7 @@ setup_desc_intro_point(const ed25519_keypair_t *signing_kp,
   memcpy(&desc_ip->onion_key, &ip->onion_key, sizeof(desc_ip->onion_key));
 
   /* Key and certificate material. */
-  desc_ip->auth_key_cert = tor_cert_create(signing_kp,
+  desc_ip->auth_key_cert = tor_cert_create_ed25519(signing_kp,
                                            CERT_TYPE_AUTH_HS_IP_KEY,
                                            &ip->auth_key_kp.pubkey,
                                            nearest_hour,
@@ -1638,7 +1638,7 @@ setup_desc_intro_point(const ed25519_keypair_t *signing_kp,
     ed25519_public_key_from_curve25519_public_key(&ed25519_pubkey,
                                                   &ip->enc_key_kp.pubkey,
                                                   0);
-    desc_ip->enc_key_cert = tor_cert_create(signing_kp,
+    desc_ip->enc_key_cert = tor_cert_create_ed25519(signing_kp,
                                             CERT_TYPE_CROSS_HS_IP_KEYS,
                                             &ed25519_pubkey, nearest_hour,
                                             HS_DESC_CERT_LIFETIME,
@@ -1712,12 +1712,13 @@ build_desc_signing_key_cert(hs_service_descriptor_t *desc, time_t now)
 
   /* Fresh certificate for the signing key. */
   plaintext->signing_key_cert =
-    tor_cert_create(&desc->blinded_kp, CERT_TYPE_SIGNING_HS_DESC,
+    tor_cert_create_ed25519(&desc->blinded_kp, CERT_TYPE_SIGNING_HS_DESC,
                     &desc->signing_kp.pubkey, now, HS_DESC_CERT_LIFETIME,
                     CERT_FLAG_INCLUDE_SIGNING_KEY);
   /* If the cert creation fails, the descriptor encoding will fail and thus
    * ultimately won't be uploaded. We'll get a stack trace to help us learn
-   * where the call came from and the tor_cert_create() will log the error. */
+   * where the call came from and the tor_cert_create_ed25519() will log the
+   * error. */
   tor_assert_nonfatal(plaintext->signing_key_cert);
 }
 
diff --git a/src/feature/keymgt/loadkey.c b/src/feature/keymgt/loadkey.c
index 7958bd964f..9b8f2f018a 100644
--- a/src/feature/keymgt/loadkey.c
+++ b/src/feature/keymgt/loadkey.c
@@ -661,7 +661,7 @@ ed_key_init_from_file(const char *fname, uint32_t flags,
   uint32_t cert_flags = 0;
   if (flags & INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT)
     cert_flags |= CERT_FLAG_INCLUDE_SIGNING_KEY;
-  cert = tor_cert_create(signing_key, cert_type,
+  cert = tor_cert_create_ed25519(signing_key, cert_type,
                          &keypair->pubkey,
                          now, lifetime,
                          cert_flags);
@@ -739,7 +739,7 @@ ed_key_new(const ed25519_keypair_t *signing_key,
   uint32_t cert_flags = 0;
   if (flags & INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT)
     cert_flags |= CERT_FLAG_INCLUDE_SIGNING_KEY;
-  tor_cert_t *cert = tor_cert_create(signing_key, cert_type,
+  tor_cert_t *cert = tor_cert_create_ed25519(signing_key, cert_type,
                                      &keypair->pubkey,
                                      now, lifetime,
                                      cert_flags);
diff --git a/src/feature/nodelist/torcert.c b/src/feature/nodelist/torcert.c
index 89cc9c88fb..dc36626122 100644
--- a/src/feature/nodelist/torcert.c
+++ b/src/feature/nodelist/torcert.c
@@ -37,11 +37,11 @@
 
 #include "core/or/or_handshake_certs_st.h"
 
-/** Helper for tor_cert_create(): signs any 32 bytes, not just an ed25519
- * key.
+/** As tor_cert_create(), but accept an arbitrary signed_key_type as the
+ * subject key -- not just an ed25519 key.
  */
-static tor_cert_t *
-tor_cert_sign_impl(const ed25519_keypair_t *signing_key,
+tor_cert_t *
+tor_cert_create_raw(const ed25519_keypair_t *signing_key,
                       uint8_t cert_type,
                       uint8_t signed_key_type,
                       const uint8_t signed_key_info[32],
@@ -128,13 +128,13 @@ tor_cert_sign_impl(const ed25519_keypair_t *signing_key,
  * the public part of <b>signing_key</b> in the certificate.
  */
 tor_cert_t *
-tor_cert_create(const ed25519_keypair_t *signing_key,
+tor_cert_create_ed25519(const ed25519_keypair_t *signing_key,
                 uint8_t cert_type,
                 const ed25519_public_key_t *signed_key,
                 time_t now, time_t lifetime,
                 uint32_t flags)
 {
-  return tor_cert_sign_impl(signing_key, cert_type,
+  return tor_cert_create_raw(signing_key, cert_type,
                             SIGNED_KEY_TYPE_ED25519, signed_key->pubkey,
                             now, lifetime, flags);
 }
diff --git a/src/feature/nodelist/torcert.h b/src/feature/nodelist/torcert.h
index f8fba2b794..3314ee2550 100644
--- a/src/feature/nodelist/torcert.h
+++ b/src/feature/nodelist/torcert.h
@@ -11,7 +11,9 @@
 
 #include "lib/crypt_ops/crypto_ed25519.h"
 
-#define SIGNED_KEY_TYPE_ED25519     0x01
+#define SIGNED_KEY_TYPE_ED25519        0x01
+#define SIGNED_KEY_TYPE_SHA256_OF_RSA  0x02
+#define SIGNED_KEY_TYPE_SHA256_OF_X509 0x03
 
 #define CERT_TYPE_ID_SIGNING        0x04
 #define CERT_TYPE_SIGNING_LINK      0x05
@@ -56,11 +58,17 @@ typedef struct tor_cert_st {
 
 struct tor_tls_t;
 
-tor_cert_t *tor_cert_create(const ed25519_keypair_t *signing_key,
+tor_cert_t *tor_cert_create_ed25519(const ed25519_keypair_t *signing_key,
                             uint8_t cert_type,
                             const ed25519_public_key_t *signed_key,
                             time_t now, time_t lifetime,
                             uint32_t flags);
+tor_cert_t * tor_cert_create_raw(const ed25519_keypair_t *signing_key,
+                      uint8_t cert_type,
+                      uint8_t signed_key_type,
+                      const uint8_t signed_key_info[32],
+                      time_t now, time_t lifetime,
+                      uint32_t flags);
 
 tor_cert_t *tor_cert_parse(const uint8_t *cert, size_t certlen);
 
diff --git a/src/feature/relay/routerkeys.c b/src/feature/relay/routerkeys.c
index 744a73d936..116f0b4e3d 100644
--- a/src/feature/relay/routerkeys.c
+++ b/src/feature/relay/routerkeys.c
@@ -387,12 +387,10 @@ generate_ed_link_cert(const or_options_t *options, time_t now,
     return 0;
   }
 
-  ed25519_public_key_t dummy_key;
-  memcpy(dummy_key.pubkey, digests->d[DIGEST_SHA256], DIGEST256_LEN);
-
-  link_cert = tor_cert_create(get_master_signing_keypair(),
+  link_cert = tor_cert_create_raw(get_master_signing_keypair(),
                               CERT_TYPE_SIGNING_LINK,
-                              &dummy_key,
+                              SIGNED_KEY_TYPE_SHA256_OF_X509,
+                              (const uint8_t*)digests->d[DIGEST_SHA256],
                               now,
                               options->TestingLinkCertLifetime, 0);
 
@@ -466,7 +464,7 @@ init_mock_ed_keys(const crypto_pk_t *rsa_identity_key)
   MAKEKEY(master_signing_key);
   MAKEKEY(current_auth_key);
 #define MAKECERT(cert, signing, signed_, type, flags)            \
-  cert = tor_cert_create(signing,                                \
+  cert = tor_cert_create_ed25519(signing,                        \
                          type,                                   \
                          &signed_->pubkey,                       \
                          time(NULL), 86400,                      \
@@ -699,8 +697,8 @@ make_ntor_onion_key_crosscert(const curve25519_keypair_t *onion_key,
                                               onion_key) < 0)
     goto end;
 
-  cert = tor_cert_create(&ed_onion_key, CERT_TYPE_ONION_ID, master_id_key,
-      now, lifetime, 0);
+  cert = tor_cert_create_ed25519(&ed_onion_key, CERT_TYPE_ONION_ID,
+                                  master_id_key, now, lifetime, 0);
 
  end:
   memwipe(&ed_onion_key, 0, sizeof(ed_onion_key));