Code to blacklist authority signing keys (50ad3939) · Commits · The Tor Project / Core / Tor

changes/bug11464_023

0 → 100644

+5 −0

Original line number	Diff line number	Diff line
		o Major features (security):
		- Block every authority signing key that was used on an authority
		vulnerable to the "heartbleed" bug in openssl (CVE-2014-0160).
		(We don't have any evidence that these keys _were_ compromised;
		we're doing this to be prudent.) Resolves ticket 11464.

+11 −0

Original line number	Diff line number	Diff line
		@@ -453,6 +453,17 @@ networkstatus_check_document_signature(const networkstatus_t *consensus,
		DIGEST_LEN))
		return -1;

		if (authority_cert_is_blacklisted(cert)) {
		/* We implement blacklisting for authority signing keys by treating
		* all their signatures as always bad. That way we don't get into
		* crazy loops of dropping and re-fetching signatures. */
		log_warn(LD_DIR, "Ignoring a consensus signature made with deprecated"
		" signing key %s",
		hex_str(cert->signing_key_digest, DIGEST_LEN));
		sig->bad_signature = 1;
		return 0;
		}

		signed_digest_len = crypto_pk_keysize(cert->signing_key);
		signed_digest = tor_malloc(signed_digest_len);
		if (crypto_pk_public_checksig(cert->signing_key,

+22 −0

Original line number	Diff line number	Diff line
		@@ -458,6 +458,28 @@ authority_cert_dl_failed(const char *id_digest, int status)
		download_status_failed(&cl->dl_status, status);
		}

		static const char *BAD_SIGNING_KEYS[] = {
		"----------------------------------------",
		NULL,
		};

		/** DOCDOC */
		int
		authority_cert_is_blacklisted(const authority_cert_t *cert)
		{
		char hex_digest[HEX_DIGEST_LEN+1];
		int i;
		base16_encode(hex_digest, sizeof(hex_digest),
		cert->signing_key_digest, sizeof(cert->signing_key_digest));

		for (i = 0; BAD_SIGNING_KEYS[i]; ++i) {
		if (!strcasecmp(hex_digest, BAD_SIGNING_KEYS[i])) {
		return 1;
		}
		}
		return 0;
		}

		/** Return true iff when we've been getting enough failures when trying to
		* download the certificate with ID digest <b>id_digest</b> that we're willing
		* to start bugging the user about it. */

+1 −0

Original line number	Diff line number	Diff line
		@@ -25,6 +25,7 @@ void authority_cert_dl_failed(const char *id_digest, int status);
		void authority_certs_fetch_missing(networkstatus_t *status, time_t now);
		int router_reload_router_list(void);
		int authority_cert_dl_looks_uncertain(const char *id_digest);
		int authority_cert_is_blacklisted(const authority_cert_t *cert);
		smartlist_t *router_get_trusted_dir_servers(void);

		const routerstatus_t *router_pick_directory_server(dirinfo_type_t type,

+8 −0

Original line number	Diff line number	Diff line
		@@ -3053,6 +3053,14 @@ networkstatus_parse_vote_from_string(const char s, const char *eos_out,
		log_warn(LD_DIR,"Mismatch between identities in certificate and vote");
		goto err;
		}
		if (ns->type != NS_TYPE_CONSENSUS) {
		if (authority_cert_is_blacklisted(ns->cert)) {
		log_warn(LD_DIR, "Rejecting vote signature made with blacklisted "
		"signing key %s",
		hex_str(ns->cert->signing_key_digest, DIGEST_LEN));
		goto err;
		}
		}
		voter->address = tor_strdup(tok->args[2]);
		if (!tor_inet_aton(tok->args[3], &in)) {
		log_warn(LD_DIR, "Error decoding IP address %s in network-status.",