Migrate certificates into a sub-structure of or_handshake_state

This will help us do cert-checking in the background in the future,
perhaps.

6 files changed, 62 insertions, 38 deletions

diff --git a/src/or/channeltls.c b/src/or/channeltls.c
index 9e92aadfb1..fbe784c77c 100644
--- a/src/or/channeltls.c
+++ b/src/or/channeltls.c
@@ -1947,7 +1947,7 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan)
              "Got some good certificates from %s:%d: Authenticated it.",
              safe_str(chan->conn->base_.address), chan->conn->base_.port);
 
-    chan->conn->handshake_state->id_cert = id_cert;
+    chan->conn->handshake_state->certs->id_cert = id_cert;
     x509_certs[OR_CERT_TYPE_ID_1024] = NULL;
 
     if (!public_server_mode(get_options())) {
@@ -1973,8 +1973,8 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan)
              chan->conn->base_.port);
     /* XXXX check more stuff? */
 
-    chan->conn->handshake_state->id_cert = id_cert;
-    chan->conn->handshake_state->auth_cert = auth_cert;
+    chan->conn->handshake_state->certs->id_cert = id_cert;
+    chan->conn->handshake_state->certs->auth_cert = auth_cert;
     x509_certs[OR_CERT_TYPE_ID_1024] = x509_certs[OR_CERT_TYPE_AUTH_1024]
       = NULL;
   }
@@ -2147,9 +2147,9 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan)
   }
   if (!(chan->conn->handshake_state->received_certs_cell))
     ERR("We never got a certs cell");
-  if (chan->conn->handshake_state->auth_cert == NULL)
+  if (chan->conn->handshake_state->certs->auth_cert == NULL)
     ERR("We never got an authentication certificate");
-  if (chan->conn->handshake_state->id_cert == NULL)
+  if (chan->conn->handshake_state->certs->id_cert == NULL)
     ERR("We never got an identity certificate");
   if (cell->payload_len < 4)
     ERR("Cell was way too short");
@@ -2195,7 +2195,7 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan)
 
   {
     crypto_pk_t *pk = tor_tls_cert_get_key(
-                                   chan->conn->handshake_state->auth_cert);
+                                   chan->conn->handshake_state->certs->auth_cert);
     char d[DIGEST256_LEN];
     char *signed_data;
     size_t keysize;
@@ -2234,9 +2234,9 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan)
   chan->conn->handshake_state->digest_received_data = 0;
   {
     crypto_pk_t *identity_rcvd =
-      tor_tls_cert_get_key(chan->conn->handshake_state->id_cert);
+      tor_tls_cert_get_key(chan->conn->handshake_state->certs->id_cert);
     const common_digests_t *id_digests =
-      tor_x509_cert_get_id_digests(chan->conn->handshake_state->id_cert);
+      tor_x509_cert_get_id_digests(chan->conn->handshake_state->certs->id_cert);
 
     /* This must exist; we checked key type when reading the cert. */
     tor_assert(id_digests);
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index ed91595504..5a9c597772 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -1764,6 +1764,7 @@ connection_init_or_handshake_state(or_connection_t *conn, int started_here)
   s->started_here = started_here ? 1 : 0;
   s->digest_sent_data = 1;
   s->digest_received_data = 1;
+  s->certs = or_handshake_certs_new();
   return 0;
 }
 
@@ -1775,8 +1776,7 @@ or_handshake_state_free(or_handshake_state_t *state)
     return;
   crypto_digest_free(state->digest_sent);
   crypto_digest_free(state->digest_received);
-  tor_x509_cert_free(state->auth_cert);
-  tor_x509_cert_free(state->id_cert);
+  or_handshake_certs_free(state->certs);
   memwipe(state, 0xBE, sizeof(or_handshake_state_t));
   tor_free(state);
 }
@@ -2356,7 +2356,7 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
       goto err;
     my_digests = tor_x509_cert_get_id_digests(id_cert);
     their_digests =
-      tor_x509_cert_get_id_digests(conn->handshake_state->id_cert);
+      tor_x509_cert_get_id_digests(conn->handshake_state->certs->id_cert);
     tor_assert(my_digests);
     tor_assert(their_digests);
     my_id = (uint8_t*)my_digests->d[DIGEST_SHA256];
@@ -2374,10 +2374,10 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
 
   if (is_ed) {
     const ed25519_public_key_t *my_ed_id, *their_ed_id;
-    if (!conn->handshake_state->ed_id_sign_cert)
+    if (!conn->handshake_state->certs->ed_id_sign_cert)
       goto err;
     my_ed_id = get_master_identity_key();
-    their_ed_id = &conn->handshake_state->ed_id_sign_cert->signing_key;
+    their_ed_id = &conn->handshake_state->certs->ed_id_sign_cert->signing_key;
 
     const uint8_t *cid_ed = (server ? their_ed_id : my_ed_id)->pubkey;
     const uint8_t *sid_ed = (server ? my_ed_id : their_ed_id)->pubkey;
diff --git a/src/or/or.h b/src/or/or.h
index 9e9b1bf3a6..cdde448bc9 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1386,6 +1386,15 @@ typedef struct listener_connection_t {
  * signs. */
 #define V3_AUTH_BODY_LEN (V3_AUTH_FIXED_PART_LEN + 8 + 16)
 
+typedef struct or_handshake_certs_t {
+  /** The cert for the key that's supposed to sign the AUTHENTICATE cell */
+  tor_x509_cert_t *auth_cert;
+  /** A self-signed identity certificate */
+  tor_x509_cert_t *id_cert;
+  /** DOCDOC */
+  struct tor_cert_st *ed_id_sign_cert;
+} or_handshake_certs_t;
+
 /** Stores flags and information related to the portion of a v2/v3 Tor OR
  * connection handshake that happens after the TLS handshake is finished.
  */
@@ -1438,16 +1447,8 @@ typedef struct or_handshake_state_t {
 
   /** Certificates that a connection initiator sent us in a CERTS cell; we're
    * holding on to them until we get an AUTHENTICATE cell.
-   *
-   * @{
    */
-  /** The cert for the key that's supposed to sign the AUTHENTICATE cell */
-  tor_x509_cert_t *auth_cert;
-  /** A self-signed identity certificate */
-  tor_x509_cert_t *id_cert;
-  /** DOCDOC */
-  struct tor_cert_st *ed_id_sign_cert;
-  /**@}*/
+  or_handshake_certs_t *certs;
 } or_handshake_state_t;
 
 /** Length of Extended ORPort connection identifier. */
diff --git a/src/or/torcert.c b/src/or/torcert.c
index a6a33c675a..e8bee54d52 100644
--- a/src/or/torcert.c
+++ b/src/or/torcert.c
@@ -8,6 +8,7 @@
  * protocol.
  */
 
+#include "or.h"
 #include "crypto.h"
 #include "torcert.h"
 #include "ed25519_cert.h"
@@ -295,3 +296,22 @@ tor_make_rsa_ed25519_crosscert(const ed25519_public_key_t *ed_key,
   return sz;
 }
 
+or_handshake_certs_t *
+or_handshake_certs_new(void)
+{
+  return tor_malloc_zero(sizeof(or_handshake_certs_t));
+}
+
+/** DODCDOC */
+void
+or_handshake_certs_free(or_handshake_certs_t *certs)
+{
+  if (!certs)
+    return;
+
+  tor_x509_cert_free(certs->auth_cert);
+  tor_x509_cert_free(certs->id_cert);
+
+  memwipe(certs, 0xBD, sizeof(*certs));
+  tor_free(certs);
+}
diff --git a/src/or/torcert.h b/src/or/torcert.h
index 9c819c0abb..3f81fcdd81 100644
--- a/src/or/torcert.h
+++ b/src/or/torcert.h
@@ -72,5 +72,8 @@ ssize_t tor_make_rsa_ed25519_crosscert(const ed25519_public_key_t *ed_key,
                                        time_t expires,
                                        uint8_t **cert);
 
+or_handshake_certs_t *or_handshake_certs_new(void);
+void or_handshake_certs_free(or_handshake_certs_t *certs);
+
 #endif
 
diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c
index 6c0567098f..3314880785 100644
--- a/src/test/test_link_handshake.c
+++ b/src/test/test_link_handshake.c
@@ -147,8 +147,8 @@ test_link_handshake_certs_ok(void *arg)
   channel_tls_process_certs_cell(cell2, chan1);
 
   tt_assert(c1->handshake_state->received_certs_cell);
-  tt_assert(c1->handshake_state->auth_cert == NULL);
-  tt_assert(c1->handshake_state->id_cert);
+  tt_assert(c1->handshake_state->certs->auth_cert == NULL);
+  tt_assert(c1->handshake_state->certs->id_cert);
   tt_assert(! tor_mem_is_zero(
                   (char*)c1->handshake_state->authenticated_peer_id, 20));
 
@@ -165,8 +165,8 @@ test_link_handshake_certs_ok(void *arg)
   channel_tls_process_certs_cell(cell1, chan2);
 
   tt_assert(c2->handshake_state->received_certs_cell);
-  tt_assert(c2->handshake_state->auth_cert);
-  tt_assert(c2->handshake_state->id_cert);
+  tt_assert(c2->handshake_state->certs->auth_cert);
+  tt_assert(c2->handshake_state->certs->id_cert);
   tt_assert(tor_mem_is_zero(
                 (char*)c2->handshake_state->authenticated_peer_id, 20));
 
@@ -303,8 +303,8 @@ test_link_handshake_recv_certs_ok(void *arg)
   tt_int_op(0, ==, mock_close_called);
   tt_int_op(d->c->handshake_state->authenticated, ==, 1);
   tt_int_op(d->c->handshake_state->received_certs_cell, ==, 1);
-  tt_assert(d->c->handshake_state->id_cert != NULL);
-  tt_assert(d->c->handshake_state->auth_cert == NULL);
+  tt_assert(d->c->handshake_state->certs->id_cert != NULL);
+  tt_assert(d->c->handshake_state->certs->auth_cert == NULL);
 
  done:
   ;
@@ -324,8 +324,8 @@ test_link_handshake_recv_certs_ok_server(void *arg)
   tt_int_op(0, ==, mock_close_called);
   tt_int_op(d->c->handshake_state->authenticated, ==, 0);
   tt_int_op(d->c->handshake_state->received_certs_cell, ==, 1);
-  tt_assert(d->c->handshake_state->id_cert != NULL);
-  tt_assert(d->c->handshake_state->auth_cert != NULL);
+  tt_assert(d->c->handshake_state->certs->id_cert != NULL);
+  tt_assert(d->c->handshake_state->certs->auth_cert != NULL);
 
  done:
   ;
@@ -767,15 +767,15 @@ authenticate_data_setup(const struct testcase_t *test)
   const uint8_t *der;
   size_t sz;
   tor_x509_cert_get_der(id_cert, &der, &sz);
-  d->c1->handshake_state->id_cert = tor_x509_cert_decode(der, sz);
-  d->c2->handshake_state->id_cert = tor_x509_cert_decode(der, sz);
+  d->c1->handshake_state->certs->id_cert = tor_x509_cert_decode(der, sz);
+  d->c2->handshake_state->certs->id_cert = tor_x509_cert_decode(der, sz);
 
   tor_x509_cert_get_der(link_cert, &der, &sz);
   mock_peer_cert = tor_x509_cert_decode(der, sz);
   tt_assert(mock_peer_cert);
   tt_assert(! tor_tls_get_my_certs(0, &auth_cert, &id_cert));
   tor_x509_cert_get_der(auth_cert, &der, &sz);
-  d->c2->handshake_state->auth_cert = tor_x509_cert_decode(der, sz);
+  d->c2->handshake_state->certs->auth_cert = tor_x509_cert_decode(der, sz);
 
   /* Make an authenticate cell ... */
   tt_int_op(0, ==, connection_or_send_authenticate_cell(d->c1,
@@ -825,7 +825,7 @@ test_link_handshake_auth_cell(void *arg)
   uint8_t sig[128];
   uint8_t digest[32];
 
-  auth_pubkey = tor_tls_cert_get_key(d->c2->handshake_state->auth_cert);
+  auth_pubkey = tor_tls_cert_get_key(d->c2->handshake_state->certs->auth_cert);
   int n = crypto_pk_public_checksig(
               auth_pubkey,
               (char*)sig, sizeof(sig), (char*)auth1_getarray_sig(auth1),
@@ -898,13 +898,13 @@ AUTHENTICATE_FAIL(nocerts,
 AUTHENTICATE_FAIL(noidcert,
                   require_failure_message = "We never got an identity "
                     "certificate";
-                  tor_x509_cert_free(d->c2->handshake_state->id_cert);
-                  d->c2->handshake_state->id_cert = NULL)
+                  tor_x509_cert_free(d->c2->handshake_state->certs->id_cert);
+                  d->c2->handshake_state->certs->id_cert = NULL)
 AUTHENTICATE_FAIL(noauthcert,
                   require_failure_message = "We never got an authentication "
                     "certificate";
-                  tor_x509_cert_free(d->c2->handshake_state->auth_cert);
-                  d->c2->handshake_state->auth_cert = NULL)
+                  tor_x509_cert_free(d->c2->handshake_state->certs->auth_cert);
+                  d->c2->handshake_state->certs->auth_cert = NULL)
 AUTHENTICATE_FAIL(tooshort,
                   require_failure_message = "Cell was way too short";
                   d->cell->payload_len = 3)