diff options
author | Nick Mathewson <nickm@torproject.org> | 2015-05-16 12:09:25 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2016-11-03 08:37:21 -0400 |
commit | 2bf655394942e5b76944df92c8cd002fc15d3382 (patch) | |
tree | 32c6e40e52784160a9b79c1ce969d50ff56c8b81 /src/or | |
parent | b004ff45d7f637675be976737eb7efea8da5b49c (diff) | |
download | tor-2bf655394942e5b76944df92c8cd002fc15d3382.tar.gz tor-2bf655394942e5b76944df92c8cd002fc15d3382.zip |
Code to send correct authentication data when we are using AUTHTYPE>2
Implements the major part of 19156, except doesn't actually send the
new cell type yet.
Diffstat (limited to 'src/or')
-rw-r--r-- | src/or/channeltls.c | 3 | ||||
-rw-r--r-- | src/or/connection_or.c | 42 | ||||
-rw-r--r-- | src/or/connection_or.h | 8 | ||||
-rw-r--r-- | src/or/or.h | 2 |
4 files changed, 44 insertions, 11 deletions
diff --git a/src/or/channeltls.c b/src/or/channeltls.c index e30ecb0541..8009c0b3b3 100644 --- a/src/or/channeltls.c +++ b/src/or/channeltls.c @@ -2170,7 +2170,8 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) ssize_t bodylen = connection_or_compute_authenticate_cell_body( - chan->conn, expected, sizeof(expected), NULL, 1); + chan->conn, expected, sizeof(expected), + AUTHTYPE_RSA_SHA256_TLSSECRET, NULL, NULL, 1); if (bodylen < 0 || bodylen != V3_AUTH_FIXED_PART_LEN) ERR("Couldn't compute expected AUTHENTICATE cell body"); diff --git a/src/or/connection_or.c b/src/or/connection_or.c index d06a246ee2..fed933be73 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -2312,7 +2312,9 @@ connection_or_send_auth_challenge_cell(or_connection_t *conn) int connection_or_compute_authenticate_cell_body(or_connection_t *conn, uint8_t *out, size_t outlen, + const int authtype, crypto_pk_t *signing_key, + ed25519_keypair_t *ed_signing_key, int server) { auth1_t *auth = NULL; @@ -2322,7 +2324,6 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, const char *authtype_str = NULL; int is_ed = 0; - const int authtype = 1; /* XXXX this should be an argument. */ /* assert state is reasonable XXXX */ switch (authtype) { @@ -2343,6 +2344,7 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, } auth = auth1_new(); + ctx->is_ed = is_ed; /* Type: 8 bytes. */ memcpy(auth1_getarray_type(auth), authtype_str, 8); @@ -2371,6 +2373,20 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, memcpy(auth->sid, server_id, 32); } + if (is_ed) { + const ed25519_public_key_t *my_ed_id, *their_ed_id; + if (!conn->handshake_state->ed_id_sign_cert) + goto err; + my_ed_id = get_master_identity_key(); + their_ed_id = &conn->handshake_state->ed_id_sign_cert->signing_key; + + const uint8_t *cid_ed = (server ? their_ed_id : my_ed_id)->pubkey; + const uint8_t *sid_ed = (server ? my_ed_id : their_ed_id)->pubkey; + + memcpy(auth->u1_cid_ed, cid_ed, ED25519_PUBKEY_LEN); + memcpy(auth->u1_sid_ed, sid_ed, ED25519_PUBKEY_LEN); + } + { crypto_digest_t *server_d, *client_d; if (server) { @@ -2450,7 +2466,14 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, goto done; } - if (signing_key) { + if (ed_signing_key && is_ed) { + ed25519_signature_t sig; + if (ed25519_sign(&sig, out, len, ed_signing_key) < 0) + goto err; + auth1_setlen_sig(auth, ED25519_SIG_LEN); + memcpy(auth1_getarray_sig(auth), sig.sig, ED25519_SIG_LEN); + + } else if (signing_key && !is_ed) { auth1_setlen_sig(auth, crypto_pk_keysize(signing_key)); char d[32]; @@ -2466,12 +2489,14 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, auth1_setlen_sig(auth, siglen); - len = auth1_encode(out, outlen, auth, ctx); - if (len < 0) { - log_warn(LD_OR, "Unable to encode signed AUTH1 data."); - goto err; - } } + + len = auth1_encode(out, outlen, auth, ctx); + if (len < 0) { + log_warn(LD_OR, "Unable to encode signed AUTH1 data."); + goto err; + } + result = (int) len; goto done; @@ -2504,6 +2529,7 @@ connection_or_send_authenticate_cell,(or_connection_t *conn, int authtype)) return -1; } + /* XXXX stop precomputing this. */ cell_maxlen = 4 + /* overhead */ V3_AUTH_BODY_LEN + /* Authentication body */ crypto_pk_keysize(pk) + /* Max signature length */ @@ -2517,7 +2543,9 @@ connection_or_send_authenticate_cell,(or_connection_t *conn, int authtype)) authlen = connection_or_compute_authenticate_cell_body(conn, cell->payload+4, cell_maxlen-4, + AUTHTYPE_RSA_SHA256_TLSSECRET, pk, + NULL, 0 /* not server */); if (authlen < 0) { log_warn(LD_BUG, "Unable to compute authenticate cell!"); diff --git a/src/or/connection_or.h b/src/or/connection_or.h index 2e8c6066cc..8373ed92f0 100644 --- a/src/or/connection_or.h +++ b/src/or/connection_or.h @@ -85,9 +85,11 @@ MOCK_DECL(int,connection_or_send_netinfo,(or_connection_t *conn)); int connection_or_send_certs_cell(or_connection_t *conn); int connection_or_send_auth_challenge_cell(or_connection_t *conn); int connection_or_compute_authenticate_cell_body(or_connection_t *conn, - uint8_t *out, size_t outlen, - crypto_pk_t *signing_key, - int server); + uint8_t *out, size_t outlen, + const int authtype, + crypto_pk_t *signing_key, + ed25519_keypair_t *ed_signing_key, + int server); MOCK_DECL(int,connection_or_send_authenticate_cell, (or_connection_t *conn, int type)); diff --git a/src/or/or.h b/src/or/or.h index 402fbfde6b..9e9b1bf3a6 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1445,6 +1445,8 @@ typedef struct or_handshake_state_t { tor_x509_cert_t *auth_cert; /** A self-signed identity certificate */ tor_x509_cert_t *id_cert; + /** DOCDOC */ + struct tor_cert_st *ed_id_sign_cert; /**@}*/ } or_handshake_state_t; |