summaryrefslogtreecommitdiff
path: root/src/or/routerkeys.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2015-07-14 11:27:49 -0400
committerNick Mathewson <nickm@torproject.org>2015-07-14 11:27:49 -0400
commit3fcb74e98b7247f9b35e8a5067bfa915e1705d3e (patch)
treeba72630a274da038485a0505a58926d0f14d0144 /src/or/routerkeys.c
parent13603265888d1e34b7a1ab8d83a361c0e9c34684 (diff)
downloadtor-3fcb74e98b7247f9b35e8a5067bfa915e1705d3e.tar.gz
tor-3fcb74e98b7247f9b35e8a5067bfa915e1705d3e.zip
Add more consistency checks in load_ed_keys
Make sure that signing certs are signed by the right identity key, to prevent a recurrence of #16530. Also make sure that the master identity key we find on disk matches the one we have in RAM, if we have one. This is for #16581.
Diffstat (limited to 'src/or/routerkeys.c')
-rw-r--r--src/or/routerkeys.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c
index 81fa1152c1..d38b5a3ba3 100644
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -569,9 +569,24 @@ load_ed_keys(const or_options_t *options, time_t now)
sign_signing_key_with_id = id;
}
+ if (master_identity_key &&
+ !ed25519_pubkey_eq(&id->pubkey, &master_identity_key->pubkey)) {
+ FAIL("Identity key on disk does not match key we loaded earlier!");
+ }
+
if (need_new_signing_key && NULL == sign_signing_key_with_id)
FAIL("Can't load master key make a new signing key.");
+ if (sign_cert) {
+ if (! sign_cert->signing_key_included)
+ FAIL("Loaded a signing cert with no key included!");
+ if (! ed25519_pubkey_eq(&sign_cert->signing_key, &id->pubkey))
+ FAIL("The signing cert we have was not signed with the master key "
+ "we loaded!");
+ if (tor_cert_checksig(sign_cert, &id->pubkey, 0) < 0)
+ FAIL("The signing cert we loaded was not signed correctly!");
+ }
+
if (want_new_signing_key && sign_signing_key_with_id) {
uint32_t flags = (INIT_ED_KEY_CREATE|
INIT_ED_KEY_REPLACE|
@@ -589,6 +604,10 @@ load_ed_keys(const or_options_t *options, time_t now)
if (!sign)
FAIL("Missing signing key");
use_signing = sign;
+
+ tor_assert(sign_cert->signing_key_included);
+ tor_assert(ed25519_pubkey_eq(&sign_cert->signing_key, &id->pubkey));
+ tor_assert(ed25519_pubkey_eq(&sign_cert->signed_key, &sign->pubkey));
} else if (want_new_signing_key) {
static ratelim_t missing_master = RATELIM_INIT(3600);
log_fn_ratelim(&missing_master, LOG_WARN, LD_OR,