summaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
Diffstat (limited to 'src/or')
-rw-r--r--src/or/shared_random.c68
-rw-r--r--src/or/shared_random.h11
-rw-r--r--src/or/shared_random_state.c18
3 files changed, 53 insertions, 44 deletions
diff --git a/src/or/shared_random.c b/src/or/shared_random.c
index f5f4ccf9f5..967e1e112d 100644
--- a/src/or/shared_random.c
+++ b/src/or/shared_random.c
@@ -120,20 +120,19 @@ srv_dup(const sr_srv_t *orig)
return dup;
}
-/* Allocate a new commit object and initializing it with <b>identity</b>
+/* Allocate a new commit object and initializing it with <b>rsa_identity</b>
* that MUST be provided. The digest algorithm is set to the default one
* that is supported. The rest is uninitialized. This never returns NULL. */
static sr_commit_t *
-commit_new(const char *rsa_identity_fpr)
+commit_new(const char *rsa_identity)
{
sr_commit_t *commit;
- tor_assert(rsa_identity_fpr);
+ tor_assert(rsa_identity);
commit = tor_malloc_zero(sizeof(*commit));
commit->alg = SR_DIGEST_ALG;
- strlcpy(commit->rsa_identity_fpr, rsa_identity_fpr,
- sizeof(commit->rsa_identity_fpr));
+ memcpy(commit->rsa_identity, rsa_identity, sizeof(commit->rsa_identity));
return commit;
}
@@ -143,7 +142,7 @@ commit_log(const sr_commit_t *commit)
{
tor_assert(commit);
- log_debug(LD_DIR, "SR: Commit from %s", commit->rsa_identity_fpr);
+ log_debug(LD_DIR, "SR: Commit from %s", sr_commit_get_rsa_fpr(commit));
log_debug(LD_DIR, "SR: Commit: [TS: %" PRIu64 "] [Encoded: %s]",
commit->commit_ts, commit->encoded_commit);
log_debug(LD_DIR, "SR: Reveal: [TS: %" PRIu64 "] [Encoded: %s]",
@@ -160,7 +159,7 @@ verify_commit_and_reveal(const sr_commit_t *commit)
tor_assert(commit);
log_debug(LD_DIR, "SR: Validating commit from authority %s",
- commit->rsa_identity_fpr);
+ sr_commit_get_rsa_fpr(commit));
/* Check that the timestamps match. */
if (commit->commit_ts != commit->reveal_ts) {
@@ -194,7 +193,7 @@ verify_commit_and_reveal(const sr_commit_t *commit)
sizeof(received_hashed_reveal))) {
log_warn(LD_BUG, "SR: Received reveal value from authority %s "
"does't match the commit value.",
- commit->rsa_identity_fpr);
+ sr_commit_get_rsa_fpr(commit));
goto invalid;
}
}
@@ -242,14 +241,14 @@ commit_decode(const char *encoded, sr_commit_t *commit)
encoded, strlen(encoded));
if (decoded_len < 0) {
log_warn(LD_BUG, "SR: Commit from authority %s can't be decoded.",
- commit->rsa_identity_fpr);
+ sr_commit_get_rsa_fpr(commit));
goto error;
}
if (decoded_len != SR_COMMIT_LEN) {
log_warn(LD_BUG, "SR: Commit from authority %s decoded length doesn't "
"match the expected length (%d vs %d).",
- commit->rsa_identity_fpr, decoded_len, SR_COMMIT_LEN);
+ sr_commit_get_rsa_fpr(commit), decoded_len, SR_COMMIT_LEN);
goto error;
}
@@ -295,14 +294,14 @@ reveal_decode(const char *encoded, sr_commit_t *commit)
encoded, strlen(encoded));
if (decoded_len < 0) {
log_warn(LD_BUG, "SR: Reveal from authority %s can't be decoded.",
- commit->rsa_identity_fpr);
+ sr_commit_get_rsa_fpr(commit));
goto error;
}
if (decoded_len != SR_REVEAL_LEN) {
log_warn(LD_BUG, "SR: Reveal from authority %s decoded length is "
"doesn't match the expected length (%d vs %d)",
- commit->rsa_identity_fpr, decoded_len, SR_REVEAL_LEN);
+ sr_commit_get_rsa_fpr(commit), decoded_len, SR_REVEAL_LEN);
goto error;
}
@@ -396,7 +395,7 @@ get_srv_element_from_commit(const sr_commit_t *commit)
return NULL;
}
- tor_asprintf(&element, "%s%s", commit->rsa_identity_fpr,
+ tor_asprintf(&element, "%s%s", sr_commit_get_rsa_fpr(commit),
commit->encoded_reveal);
return element;
}
@@ -465,7 +464,7 @@ get_vote_line_from_commit(const sr_commit_t *commit, sr_phase_t phase)
tor_asprintf(&vote_line, "%s %s %s %s\n",
commit_ns_str,
crypto_digest_algorithm_get_name(commit->alg),
- commit->rsa_identity_fpr,
+ sr_commit_get_rsa_fpr(commit),
commit->encoded_commit);
break;
case SR_PHASE_REVEAL:
@@ -479,7 +478,7 @@ get_vote_line_from_commit(const sr_commit_t *commit, sr_phase_t phase)
tor_asprintf(&vote_line, "%s %s %s %s %s\n",
commit_ns_str,
crypto_digest_algorithm_get_name(commit->alg),
- commit->rsa_identity_fpr,
+ sr_commit_get_rsa_fpr(commit),
commit->encoded_commit, reveal_str);
break;
}
@@ -567,7 +566,8 @@ commit_is_authoritative(const sr_commit_t *commit,
tor_assert(commit);
tor_assert(voter_key);
- return !strcmp(commit->rsa_identity_fpr, voter_key);
+ return !memcmp(commit->rsa_identity, voter_key,
+ sizeof(commit->rsa_identity));
}
/* Decide if the newly received <b>commit</b> should be kept depending on
@@ -586,7 +586,8 @@ should_keep_commit(const sr_commit_t *commit, const char *voter_key,
tor_assert(voter_key);
log_debug(LD_DIR, "SR: Inspecting commit from %s (voter: %s)?",
- commit->rsa_identity_fpr, voter_key);
+ sr_commit_get_rsa_fpr(commit),
+ hex_str(voter_key, DIGEST_LEN));
/* For a commit to be considered, it needs to be authoritative (it should
* be the voter's own commit). */
@@ -597,7 +598,7 @@ should_keep_commit(const sr_commit_t *commit, const char *voter_key,
/* Check if the authority that voted for <b>commit</b> has already posted
* a commit before. */
- saved_commit = sr_state_get_commit(commit->rsa_identity_fpr);
+ saved_commit = sr_state_get_commit(commit->rsa_identity);
switch (phase) {
case SR_PHASE_COMMIT:
@@ -611,7 +612,8 @@ should_keep_commit(const sr_commit_t *commit, const char *voter_key,
if (commit_has_reveal_value(commit)) {
log_warn(LD_DIR, "SR: Commit from authority %s has a reveal value "
"during COMMIT phase. (voter: %s)",
- commit->rsa_identity_fpr, voter_key);
+ sr_commit_get_rsa_fpr(commit),
+ hex_str(voter_key, DIGEST_LEN));
goto ignore;
}
break;
@@ -635,7 +637,8 @@ should_keep_commit(const sr_commit_t *commit, const char *voter_key,
if (!commitments_are_the_same(commit, saved_commit)) {
log_warn(LD_DIR, "SR: Commit from authority %s is different from "
"previous commit in our state (voter: %s)",
- commit->rsa_identity_fpr, voter_key);
+ sr_commit_get_rsa_fpr(commit),
+ hex_str(voter_key, DIGEST_LEN));
goto ignore;
}
@@ -652,7 +655,8 @@ should_keep_commit(const sr_commit_t *commit, const char *voter_key,
if (verify_commit_and_reveal(commit) < 0) {
log_warn(LD_BUG, "SR: Commit from authority %s has an invalid "
"reveal value. (voter: %s)",
- commit->rsa_identity_fpr, voter_key);
+ sr_commit_get_rsa_fpr(commit),
+ hex_str(voter_key, DIGEST_LEN));
goto ignore;
}
break;
@@ -677,7 +681,7 @@ save_commit_during_reveal_phase(const sr_commit_t *commit)
tor_assert(commit);
/* Get the commit from our state. */
- saved_commit = sr_state_get_commit(commit->rsa_identity_fpr);
+ saved_commit = sr_state_get_commit(commit->rsa_identity);
tor_assert(saved_commit);
/* Safety net. They can not be different commitments at this point. */
int same_commits = commitments_are_the_same(commit, saved_commit);
@@ -868,18 +872,17 @@ sr_commit_t *
sr_generate_our_commit(time_t timestamp, const authority_cert_t *my_rsa_cert)
{
sr_commit_t *commit = NULL;
- char fingerprint[FINGERPRINT_LEN+1];
+ char digest[DIGEST_LEN];
tor_assert(my_rsa_cert);
/* Get our RSA identity fingerprint */
- if (crypto_pk_get_fingerprint(my_rsa_cert->identity_key,
- fingerprint, 0) < 0) {
+ if (crypto_pk_get_digest(my_rsa_cert->identity_key, digest) < 0) {
goto error;
}
/* New commit with our identity key. */
- commit = commit_new(fingerprint);
+ commit = commit_new(digest);
/* Generate the reveal random value */
crypto_strongest_rand(commit->random_number,
@@ -1036,7 +1039,7 @@ sr_parse_srv(const smartlist_t *args)
sr_commit_t *
sr_parse_commit(const smartlist_t *args)
{
- char *value;
+ char *value, digest[DIGEST_LEN];
digest_algorithm_t alg;
const char *rsa_identity_fpr;
sr_commit_t *commit = NULL;
@@ -1054,7 +1057,8 @@ sr_parse_commit(const smartlist_t *args)
goto error;
}
- /* Second argument is the RSA fingerprint of the auth */
+ /* Second argument is the RSA fingerprint of the auth and turn it into a
+ * digest value. */
rsa_identity_fpr = smartlist_get(args, 1);
if (base16_decode(digest, DIGEST_LEN, rsa_identity_fpr,
HEX_DIGEST_LEN) < 0) {
@@ -1073,7 +1077,7 @@ sr_parse_commit(const smartlist_t *args)
}
/* Allocate commit since we have a valid identity now. */
- commit = commit_new(rsa_identity_fpr);
+ commit = commit_new(digest);
/* Third argument is the commitment value base64-encoded. */
value = smartlist_get(args, 2);
@@ -1103,7 +1107,7 @@ sr_parse_commit(const smartlist_t *args)
void
sr_handle_received_commits(smartlist_t *commits, crypto_pk_t *voter_key)
{
- char rsa_identity_fpr[FINGERPRINT_LEN + 1];
+ char rsa_identity[DIGEST_LEN];
tor_assert(voter_key);
@@ -1113,7 +1117,7 @@ sr_handle_received_commits(smartlist_t *commits, crypto_pk_t *voter_key)
}
/* Get the RSA identity fingerprint of this voter */
- if (crypto_pk_get_fingerprint(voter_key, rsa_identity_fpr, 0) < 0) {
+ if (crypto_pk_get_digest(voter_key, rsa_identity) < 0) {
return;
}
@@ -1121,7 +1125,7 @@ sr_handle_received_commits(smartlist_t *commits, crypto_pk_t *voter_key)
/* We won't need the commit in this list anymore, kept or not. */
SMARTLIST_DEL_CURRENT(commits, commit);
/* Check if this commit is valid and should be stored in our state. */
- if (!should_keep_commit(commit, rsa_identity_fpr,
+ if (!should_keep_commit(commit, rsa_identity,
sr_state_get_phase())) {
sr_commit_free(commit);
continue;
diff --git a/src/or/shared_random.h b/src/or/shared_random.h
index 15eed8a25c..573c499efc 100644
--- a/src/or/shared_random.h
+++ b/src/or/shared_random.h
@@ -71,8 +71,8 @@ typedef struct sr_commit_t {
/* Commit owner info */
- /* The RSA identity fingerprint of the authority. */
- char rsa_identity_fpr[FINGERPRINT_LEN + 1];
+ /* The RSA identity key of the authority. */
+ char rsa_identity[DIGEST_LEN];
/* Commitment information */
@@ -112,11 +112,16 @@ void sr_commit_free(sr_commit_t *commit);
void sr_srv_encode(char *dst, const sr_srv_t *srv);
/* Private methods (only used by shared_random_state.c): */
+static inline
+const char *sr_commit_get_rsa_fpr(const sr_commit_t *commit)
+{
+ return hex_str((const char *) commit->rsa_identity,
+ sizeof(commit->rsa_identity));
+}
void sr_compute_srv(void);
sr_commit_t *sr_generate_our_commit(time_t timestamp,
const authority_cert_t *my_rsa_cert);
-
#ifdef SHARED_RANDOM_PRIVATE
/* Encode */
diff --git a/src/or/shared_random_state.c b/src/or/shared_random_state.c
index 7c75431040..326b8c9cf0 100644
--- a/src/or/shared_random_state.c
+++ b/src/or/shared_random_state.c
@@ -218,14 +218,14 @@ commit_add_to_state(sr_commit_t *commit, sr_state_t *state)
tor_assert(commit);
tor_assert(state);
- saved_commit = digestmap_set(state->commits, commit->rsa_identity_fpr,
+ saved_commit = digestmap_set(state->commits, commit->rsa_identity,
commit);
if (saved_commit != NULL) {
/* This means we already have that commit in our state so adding twice
* the same commit is either a code flow error, a corrupted disk state
* or some new unknown issue. */
log_warn(LD_DIR, "SR: Commit from %s exists in our state while "
- "adding it: '%s'", commit->rsa_identity_fpr,
+ "adding it: '%s'", sr_commit_get_rsa_fpr(commit),
commit->encoded_commit);
sr_commit_free(saved_commit);
}
@@ -562,7 +562,7 @@ disk_state_put_commit_line(const sr_commit_t *commit, config_line_t *line)
}
tor_asprintf(&line->value, "%s %s %s%s",
crypto_digest_algorithm_get_name(commit->alg),
- commit->rsa_identity_fpr,
+ sr_commit_get_rsa_fpr(commit),
commit->encoded_commit,
reveal_str != NULL ? reveal_str : "");
if (reveal_str != NULL) {
@@ -1124,17 +1124,17 @@ sr_state_update(time_t valid_after)
}
}
-/* Return commit object from the given authority digest <b>identity</b>.
+/* Return commit object from the given authority digest <b>rsa_identity</b>.
* Return NULL if not found. */
sr_commit_t *
-sr_state_get_commit(const char *rsa_fpr)
+sr_state_get_commit(const char *rsa_identity)
{
sr_commit_t *commit;
- tor_assert(rsa_fpr);
+ tor_assert(rsa_identity);
state_query(SR_STATE_ACTION_GET, SR_STATE_OBJ_COMMIT,
- (void *) rsa_fpr, (void *) &commit);
+ (void *) rsa_identity, (void *) &commit);
return commit;
}
@@ -1150,7 +1150,7 @@ sr_state_add_commit(sr_commit_t *commit)
(void *) commit, NULL);
log_debug(LD_DIR, "SR: Commit from %s has been added to our state.",
- commit->rsa_identity_fpr);
+ sr_commit_get_rsa_fpr(commit));
}
/* Remove all commits from our state. */
@@ -1178,7 +1178,7 @@ sr_state_copy_reveal_info(sr_commit_t *saved_commit, const sr_commit_t *commit)
state_query(SR_STATE_ACTION_SAVE, 0, NULL, NULL);
log_debug(LD_DIR, "SR: Reveal value learned %s (for commit %s) from %s",
saved_commit->encoded_reveal, saved_commit->encoded_commit,
- saved_commit->rsa_identity_fpr);
+ sr_commit_get_rsa_fpr(saved_commit));
}
/* Set the fresh SRV flag from our state. This doesn't need to trigger a