diff options
| author | Nick Mathewson <nickm@torproject.org> | 2014-10-08 08:32:00 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-05-28 10:41:49 -0400 |
| commit | 592a43910706a67048c7d05e45d35dc79712820a (patch) | |
| tree | be4ae3a131e54248a845bea08e9d3c688bec3ce6 /src/or/keypin.c | |
| parent | eacbe03c71a9ddc7c3745ef8da88580a60021201 (diff) | |
| download | tor-592a43910706a67048c7d05e45d35dc79712820a.tar.gz tor-592a43910706a67048c7d05e45d35dc79712820a.zip | |
Tie key-pinning logic into directory authority operation
With this patch:
* Authorities load the key-pinning log at startup.
* Authorities open a key-pinning log for writing at startup.
* Authorities reject any router with an ed25519 key where they have
previously seen that ed25519 key with a different RSA key, or vice
versa.
* Authorities warn about, but *do not* reject, RSA-only descriptors
when the RSA key has previously gone along with an Ed25519 key.
(We should make this a 'reject' too, but we can't do that until we're
sure there's no legit reason to downgrade to 0.2.5.)
Diffstat (limited to 'src/or/keypin.c')
| -rw-r--r-- | src/or/keypin.c | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/src/or/keypin.c b/src/or/keypin.c index 87e49cdff6..7b0c0c7dcf 100644 --- a/src/or/keypin.c +++ b/src/or/keypin.c @@ -44,6 +44,9 @@ static int keypin_journal_append_entry(const uint8_t *rsa_id_digest, const uint8_t *ed25519_id_key); +static int keypin_check_and_add_impl(const uint8_t *rsa_id_digest, + const uint8_t *ed25519_id_key, + int do_not_add); static HT_HEAD(rsamap, keypin_ent_st) the_rsa_map = HT_INITIALIZER(); static HT_HEAD(edmap, keypin_ent_st) the_ed_map = HT_INITIALIZER(); @@ -100,6 +103,28 @@ int keypin_check_and_add(const uint8_t *rsa_id_digest, const uint8_t *ed25519_id_key) { + return keypin_check_and_add_impl(rsa_id_digest, ed25519_id_key, 0); +} + +/** + * As keypin_check_and_add, but do not add. Return KEYPIN_NOT_FOUND if + * we would add. + */ +int +keypin_check(const uint8_t *rsa_id_digest, + const uint8_t *ed25519_id_key) +{ + return keypin_check_and_add_impl(rsa_id_digest, ed25519_id_key, 1); +} + +/** + * Helper: implements keypin_check and keypin_check_and_add. + */ +static int +keypin_check_and_add_impl(const uint8_t *rsa_id_digest, + const uint8_t *ed25519_id_key, + int do_not_add) +{ keypin_ent_t search, *ent; memset(&search, 0, sizeof(search)); memcpy(search.rsa_id, rsa_id_digest, sizeof(search.rsa_id)); @@ -127,6 +152,9 @@ keypin_check_and_add(const uint8_t *rsa_id_digest, } /* Okay, this one is new to us. */ + if (do_not_add) + return KEYPIN_NOT_FOUND; + ent = tor_memdup(&search, sizeof(search)); keypin_add_entry_to_map(ent); keypin_journal_append_entry(rsa_id_digest, ed25519_id_key); |