diff options
| author | Nick Mathewson <nickm@torproject.org> | 2016-11-04 13:49:05 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-11-04 13:49:05 -0400 |
| commit | 09c750cce353d76c6b1e1481150c5dc0166f5a53 (patch) | |
| tree | 4071d845471259f27886242d7112fd0bdc35e226 /src/or/hs_descriptor.c | |
| parent | dbd01590cc9e6329fab1acd57b7380fb9f30a0ae (diff) | |
| download | tor-09c750cce353d76c6b1e1481150c5dc0166f5a53.tar.gz tor-09c750cce353d76c6b1e1481150c5dc0166f5a53.zip | |
Check the correct key when checking RSA crosscert in hs_descriptor.c
Note that the "signed key" in the signing key certificate is the
signing key. The "signing key" in the signing key certificate is
the key that signs the certificate -- that is, the blinded key.
Diffstat (limited to 'src/or/hs_descriptor.c')
| -rw-r--r-- | src/or/hs_descriptor.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c index f89bd4bf63..f5dafabcdf 100644 --- a/src/or/hs_descriptor.c +++ b/src/or/hs_descriptor.c @@ -1290,10 +1290,10 @@ decode_introduction_point(const hs_descriptor_t *desc, const char *start) } if (rsa_ed25519_crosscert_check((const uint8_t *) tok->object_body, tok->object_size, ip->enc_key.legacy, - &desc->plaintext_data.signing_key_cert->signing_key, + &desc->plaintext_data.signing_key_cert->signed_key, approx_time()-86400)) { - log_warn(LD_REND, "Unable to cross certify the introduction point " - "legacy encryption key."); + log_warn(LD_REND, "Unable to check cross-certification on the " + "introduction point legacy encryption key."); goto err; } break; |