Commit 8b2f6b27 authored by Nick Mathewson's avatar Nick Mathewson 🦀
Browse files

Make signature-generation code handle different key and digest lengths.

parent 8d41e6c4

src/or/dirserv.c

+6 −3
Original line number Diff line number Diff line
@@ -1091,7 +1091,8 @@ dirserv_dump_directory_to_string(char **dir_out, 
    return -1;

  }

  note_crypto_pk_op(SIGN_DIR);

  if (router_append_dirobj_signature(buf,buf_len,digest,private_key)<0) {

  if (router_append_dirobj_signature(buf,buf_len,digest,DIGEST_LEN,

                                     private_key)<0) {

    tor_free(buf);

    return -1;

  }
@@ -1549,7 +1550,8 @@ generate_runningrouters(void) 
    goto err;

  }

  note_crypto_pk_op(SIGN_DIR);

  if (router_append_dirobj_signature(s, len, digest, private_key)<0)

  if (router_append_dirobj_signature(s, len, digest, DIGEST_LEN,

                                     private_key)<0)

    goto err;



  set_cached_dir(&the_runningrouters, s, time(NULL));
@@ -2743,7 +2745,8 @@ generate_v2_networkstatus_opinion(void) 
  outp += strlen(outp);



  note_crypto_pk_op(SIGN_DIR);

  if (router_append_dirobj_signature(outp,endp-outp,digest,private_key)<0) {

  if (router_append_dirobj_signature(outp,endp-outp,digest,DIGEST_LEN,

                                     private_key)<0) {

    log_warn(LD_BUG, "Unable to sign router status.");

    goto done;

  }

src/or/dirvote.c

+3 −3
Original line number Diff line number Diff line
@@ -192,7 +192,7 @@ format_networkstatus_vote(crypto_pk_env_t *private_signing_key, 
  if (router_get_networkstatus_v3_hash(status, digest)<0)

    goto err;

  note_crypto_pk_op(SIGN_DIR);

  if (router_append_dirobj_signature(outp,endp-outp,digest,

  if (router_append_dirobj_signature(outp,endp-outp,digest, DIGEST_LEN,

                                     private_signing_key)<0) {

    log_warn(LD_BUG, "Unable to sign networkstatus vote.");

    goto err;
@@ -1257,7 +1257,7 @@ networkstatus_compute_consensus(smartlist_t *votes, 
    tor_snprintf(buf, sizeof(buf), "%s %s\n", fingerprint,

                 signing_key_fingerprint);

    /* And the signature. */

    if (router_append_dirobj_signature(buf, sizeof(buf), digest,

    if (router_append_dirobj_signature(buf, sizeof(buf), digest, DIGEST_LEN,

                                       signing_key)) {

      log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");

      return NULL; /* This leaks, but it should never happen. */
@@ -1272,7 +1272,7 @@ networkstatus_compute_consensus(smartlist_t *votes, 
                                signing_key_fingerprint, 0);

      tor_snprintf(buf, sizeof(buf), "%s %s\n", fingerprint,

                   signing_key_fingerprint);

      if (router_append_dirobj_signature(buf, sizeof(buf), digest,

      if (router_append_dirobj_signature(buf, sizeof(buf), digest, DIGEST_LEN,

                                         legacy_signing_key)) {

        log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");

        return NULL; /* This leaks, but it should never happen. */

src/or/or.h

+1 −0
Original line number Diff line number Diff line
@@ -4911,6 +4911,7 @@ int router_get_networkstatus_v3_hash(const char *s, char *digest); 
int router_get_extrainfo_hash(const char *s, char *digest);

int router_append_dirobj_signature(char *buf, size_t buf_len,

                                   const char *digest,

                                   size_t digest_len,

                                   crypto_pk_env_t *private_key);

int router_parse_list_from_string(const char **s, const char *eos,

                                  smartlist_t *dest,

src/or/rendcommon.c

+2 −1
Original line number Diff line number Diff line
@@ -618,7 +618,8 @@ rend_encode_v2_descriptors(smartlist_t *descs_out, 
    }

    if (router_append_dirobj_signature(desc_str + written,

                                       desc_len - written,

                                       desc_digest, service_key) < 0) {

                                       desc_digest, DIGEST_LEN,

                                       service_key) < 0) {

      log_warn(LD_BUG, "Couldn't sign desc.");

      rend_encoded_v2_service_descriptor_free(enc);

      goto err;

src/or/router.c

+3 −2
Original line number Diff line number Diff line
@@ -1788,7 +1788,7 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router, 


  note_crypto_pk_op(SIGN_RTR);

  if (router_append_dirobj_signature(s+written,maxlen-written,

                                     digest,ident_key)<0) {

                                     digest,DIGEST_LEN,ident_key)<0) {

    log_warn(LD_BUG, "Couldn't sign router descriptor");

    return -1;

  }
@@ -1980,7 +1980,8 @@ extrainfo_dump_to_string(char *s, size_t maxlen, extrainfo_t *extrainfo, 
  len += strlen(s+len);

  if (router_get_extrainfo_hash(s, digest)<0)

    return -1;

  if (router_append_dirobj_signature(s+len, maxlen-len, digest, ident_key)<0)

  if (router_append_dirobj_signature(s+len, maxlen-len, digest, DIGEST_LEN,

                                     ident_key)<0)

    return -1;



  {