Re: [tor-bugs] #5170 [Tor]: crypto_pk_get_digest (et al.?) use i2d_RSAPublicKey obsoletely

["Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>]

#5170: crypto_pk_get_digest (et al.?) use i2d_RSAPublicKey obsoletely
-----------------------------+----------------------------------------------
 Reporter:  rransom          |          Owner:                    
     Type:  defect           |         Status:  needs_revision    
 Priority:  trivial          |      Milestone:  Tor: 0.2.5.x-final
Component:  Tor              |        Version:                    
 Keywords:  easy tor-client  |         Parent:                    
   Points:                   |   Actualpoints:                    
-----------------------------+----------------------------------------------

Comment(by marek):

 Modified functions:
  - covered by `src/test/test`: `crypto_pk_asn1_encode`,
 `crypto_pk_get_digest`
  - not covered: `crypto_pk_get_all_digests`,
 `crypto_store_dynamic_dh_modulus`, `tor_cert_new`, `pkey_eq` (used via
 `tor_tls_cert_matches_key`).

 Any idea how to test the latter?

 I can't find a manual page on`i2d_PublicKey` confirming that the buffer
 semantics are the same as for `i2d_X509`. It's only a guess that it
 actually works the way @nickm suggested.

 `pkeq_eq` contained a bug - return value of `i2d_PublicKey` was not
 checked. If both certs were invalid (return == -1) then it would run
 `tor_memeq(..,.., (size_t)-1)`. In updated code I assume that the
 certificates don't match if both are invalid.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5170#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs