summaryrefslogtreecommitdiff
path: root/src/or/hs_descriptor.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2016-11-04 13:49:05 -0400
committerNick Mathewson <nickm@torproject.org>2016-11-04 13:49:05 -0400
commit09c750cce353d76c6b1e1481150c5dc0166f5a53 (patch)
tree4071d845471259f27886242d7112fd0bdc35e226 /src/or/hs_descriptor.c
parentdbd01590cc9e6329fab1acd57b7380fb9f30a0ae (diff)
downloadtor-09c750cce353d76c6b1e1481150c5dc0166f5a53.tar.gz
tor-09c750cce353d76c6b1e1481150c5dc0166f5a53.zip
Check the correct key when checking RSA crosscert in hs_descriptor.c
Note that the "signed key" in the signing key certificate is the signing key. The "signing key" in the signing key certificate is the key that signs the certificate -- that is, the blinded key.
Diffstat (limited to 'src/or/hs_descriptor.c')
-rw-r--r--src/or/hs_descriptor.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c
index f89bd4bf63..f5dafabcdf 100644
--- a/src/or/hs_descriptor.c
+++ b/src/or/hs_descriptor.c
@@ -1290,10 +1290,10 @@ decode_introduction_point(const hs_descriptor_t *desc, const char *start)
}
if (rsa_ed25519_crosscert_check((const uint8_t *) tok->object_body,
tok->object_size, ip->enc_key.legacy,
- &desc->plaintext_data.signing_key_cert->signing_key,
+ &desc->plaintext_data.signing_key_cert->signed_key,
approx_time()-86400)) {
- log_warn(LD_REND, "Unable to cross certify the introduction point "
- "legacy encryption key.");
+ log_warn(LD_REND, "Unable to check cross-certification on the "
+ "introduction point legacy encryption key.");
goto err;
}
break;