36 const char **end_of_string)
40 #define MAX_CERT_SIZE (128*1024)
51 const char *end_of_s = s + maxlen;
52 const char *s_dup = s;
55 eos = tor_memstr(s, end_of_s - s,
"\ndir-key-certification");
57 log_warn(
LD_DIR,
"No signature found on key certificate");
60 eos = tor_memstr(eos, end_of_s - eos,
"\n-----END SIGNATURE-----\n");
62 log_warn(
LD_DIR,
"No end-of-signature found on key certificate");
65 eos = memchr(eos+2,
'\n', end_of_s - (eos+2));
70 if (len > MAX_CERT_SIZE) {
71 log_warn(
LD_DIR,
"Certificate is far too big (at %lu bytes long); "
72 "rejecting", (
unsigned long)len);
79 log_warn(
LD_DIR,
"Error tokenizing key certificate");
83 "\ndir-key-certification",
'\n', DIGEST_SHA1) < 0)
85 tok = smartlist_get(tokens, 0);
86 if (tok->
tp != K_DIR_KEY_CERTIFICATE_VERSION || strcmp(tok->
args[0],
"3")) {
88 "Key certificate does not begin with a recognized version (3).");
95 tok = find_by_keyword(tokens, K_DIR_SIGNING_KEY);
102 tok = find_by_keyword(tokens, K_DIR_IDENTITY_KEY);
107 tok = find_by_keyword(tokens, K_FINGERPRINT);
111 log_warn(
LD_DIR,
"Couldn't decode key certificate fingerprint %s",
121 log_warn(
LD_DIR,
"Digest of certificate key didn't match declared "
129 char *address = NULL;
135 log_warn(
LD_DIR,
"Couldn't parse dir-address in certificate");
143 tok = find_by_keyword(tokens, K_DIR_KEY_PUBLISHED);
147 tok = find_by_keyword(tokens, K_DIR_KEY_EXPIRES);
152 tok = smartlist_get(tokens, smartlist_len(tokens)-1);
153 if (tok->
tp != K_DIR_KEY_CERTIFICATION) {
154 log_warn(
LD_DIR,
"Certificate didn't end with dir-key-certification.");
166 if (old_cert->cache_info.signed_descriptor_len == len &&
167 old_cert->cache_info.signed_descriptor_body &&
168 tor_memeq(s, old_cert->cache_info.signed_descriptor_body, len)) {
169 log_debug(
LD_DIR,
"We already checked the signature on this "
170 "certificate; no need to do so again.");
176 "key certificate")) {
180 tok = find_by_keyword(tokens, K_DIR_KEY_CROSSCERT);
185 CST_NO_CHECK_OBJTYPE,
186 "key cross-certification")) {
201 smartlist_free(tokens);
203 DUMP_AREA(area,
"authority cert");
209 authority_cert_free(cert);
211 smartlist_free(tokens);
213 DUMP_AREA(area,
"authority cert");
int tor_addr_port_split(int severity, const char *addrport, char **address_out, uint16_t *port_out)
#define tor_addr_from_in(dest, in)
authority_cert_t * authority_cert_get_by_digests(const char *id_digest, const char *sk_digest)
Header file for authcert.c.
List of tokens common to V3 authority certificates and V3 consensuses.
authority_cert_t * authority_cert_parse_from_string(const char *s, size_t maxlen, const char **end_of_string)
static token_rule_t dir_key_certificate_table[]
Header file for authcert_parse.c.
Authority certificate structure.
int base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
int tor_memeq(const void *a, const void *b, size_t sz)
#define tor_memneq(a, b, sz)
const char * escaped(const char *s)
int tor_inet_aton(const char *str, struct in_addr *addr)
memarea_t * memarea_new(void)
#define memarea_drop_all(area)
Master header file for Tor-specific functionality.
void token_clear(directory_token_t *tok)
int tokenize_string(memarea_t *area, const char *start, const char *end, smartlist_t *out, const token_rule_t *table, int flags)
directory_token_t * find_opt_by_keyword(const smartlist_t *s, directory_keyword keyword)
Header file for parsecommon.c.
int check_signature_token(const char *digest, ssize_t digest_len, directory_token_t *tok, crypto_pk_t *pkey, int flags, const char *doctype)
int router_get_hash_impl(const char *s, size_t s_len, char *digest, const char *start_str, const char *end_str, char end_c, digest_algorithm_t alg)
Header file for sigcommon.c.
smartlist_t * smartlist_new(void)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
crypto_pk_t * identity_key
crypto_pk_t * signing_key
char signing_key_digest[DIGEST_LEN]
signed_descriptor_t cache_info
char signed_descriptor_digest[DIGEST_LEN]
char identity_digest[DIGEST_LEN]
char * signed_descriptor_body
size_t signed_descriptor_len
saved_location_t saved_location
int parse_iso_time(const char *cp, time_t *t)
void dump_desc(const char *desc, const char *type)
Header file for unparseable.c.
const char * eat_whitespace_eos(const char *s, const char *eos)
const char * eat_whitespace(const char *s)