[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] Check the correct key when checking RSA crosscert in hs_descriptor.c
commit 09c750cce353d76c6b1e1481150c5dc0166f5a53
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Fri Nov 4 13:49:05 2016 -0400
Check the correct key when checking RSA crosscert in hs_descriptor.c
Note that the "signed key" in the signing key certificate is the
signing key. The "signing key" in the signing key certificate is
the key that signs the certificate -- that is, the blinded key.
---
src/or/hs_descriptor.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c
index f89bd4b..f5dafab 100644
--- a/src/or/hs_descriptor.c
+++ b/src/or/hs_descriptor.c
@@ -1290,10 +1290,10 @@ decode_introduction_point(const hs_descriptor_t *desc, const char *start)
}
if (rsa_ed25519_crosscert_check((const uint8_t *) tok->object_body,
tok->object_size, ip->enc_key.legacy,
- &desc->plaintext_data.signing_key_cert->signing_key,
+ &desc->plaintext_data.signing_key_cert->signed_key,
approx_time()-86400)) {
- log_warn(LD_REND, "Unable to cross certify the introduction point "
- "legacy encryption key.");
+ log_warn(LD_REND, "Unable to check cross-certification on the "
+ "introduction point legacy encryption key.");
goto err;
}
break;
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits