Skip to content

Signed key type fix

Nick Mathewson requested to merge nickm/tor:signed_key_type_fix into master
Use the correct SIGNED_KEY_TYPE value for signing->link certs

Our code was using [01] as for the key type of signed->link certs,
which was incorrect.  The value should be [03], to indicate that the
value as the SHA256 of an x.509 cert.

Fortunately, nothing cares about this value, so there shouldn't be
compatibility issues.

This fixes part of #40124 (closed) ; there is also a torspec fix.

Merge request reports