Tor
0.4.7.0-alpha-dev
|
Functions and structures for associating routers' RSA key fingerprints with their ED25519 keys. More...
#include "orconfig.h"
#include "lib/cc/torint.h"
#include "lib/crypt_ops/crypto_digest.h"
#include "lib/crypt_ops/crypto_format.h"
#include "lib/ctime/di_ops.h"
#include "lib/encoding/binascii.h"
#include "lib/encoding/time_fmt.h"
#include "lib/fdio/fdio.h"
#include "lib/fs/files.h"
#include "lib/fs/mmap.h"
#include "lib/log/log.h"
#include "lib/log/util_bug.h"
#include "lib/string/compat_ctype.h"
#include "lib/string/printf.h"
#include "lib/wallclock/approx_time.h"
#include "ht.h"
#include "feature/dirauth/keypin.h"
#include "siphash.h"
#include <errno.h>
#include <string.h>
#include <stdlib.h>
Go to the source code of this file.
Macros | |
#define | KEYPIN_PRIVATE |
#define | O_SYNC 0 |
#define | JOURNAL_LINE_LEN (BASE64_DIGEST_LEN + BASE64_DIGEST256_LEN + 2) |
Functions | |
static int | keypin_journal_append_entry (const uint8_t *rsa_id_digest, const uint8_t *ed25519_id_key) |
static int | keypin_check_and_add_impl (const uint8_t *rsa_id_digest, const uint8_t *ed25519_id_key, const int do_not_add, const int replace) |
static int | keypin_add_or_replace_entry_in_map (keypin_ent_t *ent) |
static | HT_HEAD (rsamap, keypin_ent_st) |
static unsigned | keypin_ent_hash_rsa (const keypin_ent_t *a) |
static int | keypin_ents_eq_ed (const keypin_ent_t *a, const keypin_ent_t *b) |
static unsigned | keypin_ent_hash_ed (const keypin_ent_t *a) |
HT_PROTOTYPE (rsamap, keypin_ent_st, rsamap_node, keypin_ent_hash_rsa, keypin_ents_eq_rsa) | |
HT_GENERATE2 (rsamap, keypin_ent_st, rsamap_node, keypin_ent_hash_rsa, keypin_ents_eq_rsa, 0.6, tor_reallocarray, tor_free_) | |
HT_PROTOTYPE (edmap, keypin_ent_st, edmap_node, keypin_ent_hash_ed, keypin_ents_eq_ed) | |
HT_GENERATE2 (edmap, keypin_ent_st, edmap_node, keypin_ent_hash_ed, keypin_ents_eq_ed, 0.6, tor_reallocarray, tor_free_) | |
int | keypin_check_and_add (const uint8_t *rsa_id_digest, const uint8_t *ed25519_id_key, const int replace_existing_entry) |
int | keypin_check (const uint8_t *rsa_id_digest, const uint8_t *ed25519_id_key) |
STATIC void | keypin_add_entry_to_map (keypin_ent_t *ent) |
int | keypin_check_lone_rsa (const uint8_t *rsa_id_digest) |
int | keypin_open_journal (const char *fname) |
int | keypin_close_journal (void) |
STATIC int | keypin_load_journal_impl (const char *data, size_t size) |
int | keypin_load_journal (const char *fname) |
STATIC keypin_ent_t * | keypin_parse_journal_line (const char *cp) |
void | keypin_clear (void) |
Variables | |
static int | keypin_journal_fd = -1 |
Functions and structures for associating routers' RSA key fingerprints with their ED25519 keys.
Key-pinning for RSA and Ed25519 identity keys at directory authorities.
Many older clients, and many internal interfaces, still refer to relays by their RSA1024 identity keys. We can make this more secure, however: authorities use this module to track which RSA keys have been used along with which Ed25519 keys, and force such associations to be permanent.
This module implements a key-pinning mechanism to ensure that it's safe to use RSA keys as identifiers even as we migrate to Ed25519 keys. It remembers, for every Ed25519 key we've seen, what the associated RSA key is. This way, if we see a different Ed25519 key with that RSA key, we'll know that there's a mismatch.
As of Tor 0.3.0.2-alpha the AuthDirPinKeys option has been on, meaning we drop descriptors with mismatches.
We persist these entries to disk using a simple format, where each line has a base64-encoded RSA SHA1 hash, then a base64-encoded Ed25519 key. Empty lines, malformed lines, and lines beginning with # are ignored. Lines beginning with @ are reserved for future extensions.
The dirserv.c module is the main user of these functions.
Definition in file keypin.c.
#define JOURNAL_LINE_LEN (BASE64_DIGEST_LEN + BASE64_DIGEST256_LEN + 2) |
STATIC void keypin_add_entry_to_map | ( | keypin_ent_t * | ent | ) |
Helper: add ent to the hash tables.
Definition at line 216 of file keypin.c.
Referenced by keypin_add_or_replace_entry_in_map().
|
static |
Helper: add 'ent' to the maps, replacing any entries that contradict it. Take ownership of 'ent', freeing it if needed.
Return 0 if the entry was a duplicate, -1 if there was a conflict, and 1 if there was no conflict.
Definition at line 230 of file keypin.c.
Referenced by keypin_load_journal_impl().
int keypin_check | ( | const uint8_t * | rsa_id_digest, |
const uint8_t * | ed25519_id_key | ||
) |
int keypin_check_and_add | ( | const uint8_t * | rsa_id_digest, |
const uint8_t * | ed25519_id_key, | ||
const int | replace_existing_entry | ||
) |
Check whether we already have an entry in the key pinning table for a router with RSA ID digest rsa_id_digest or for ed25519 key ed25519_id_key. If we have an entry that matches both keys, return KEYPIN_FOUND. If we find an entry that matches one key but not the other, return KEYPIN_MISMATCH. If we have no entry for either key, add such an entry to the table and return KEYPIN_ADDED.
If replace_existing_entry is true, then any time we would have said KEYPIN_FOUND, we instead add this entry anyway and return KEYPIN_ADDED.
|
static |
Helper: implements keypin_check and keypin_check_and_add.
Definition at line 163 of file keypin.c.
Referenced by keypin_check(), and keypin_check_and_add().
int keypin_check_lone_rsa | ( | const uint8_t * | rsa_id_digest | ) |
Check whether we already have an entry in the key pinning table for a router with RSA ID digest rsa_id_digest. If we have no such entry, return KEYPIN_NOT_FOUND. If we find an entry that matches the RSA key but which has an ed25519 key, return KEYPIN_MISMATCH.
void keypin_clear | ( | void | ) |
int keypin_close_journal | ( | void | ) |
|
inlinestatic |
|
inlinestatic |
|
inlinestatic |
|
static |
int keypin_load_journal | ( | const char * | fname | ) |
STATIC int keypin_load_journal_impl | ( | const char * | data, |
size_t | size | ||
) |
int keypin_open_journal | ( | const char * | fname | ) |
STATIC keypin_ent_t* keypin_parse_journal_line | ( | const char * | cp | ) |
Parse a single keypinning journal line entry from cp. The input does not need to be NUL-terminated, but it does need to have KEYPIN_JOURNAL_LINE_LEN -1 bytes available to read. Return a new entry on success, and NULL on failure.
Definition at line 468 of file keypin.c.
Referenced by keypin_load_journal_impl().
|
static |
Open fd to the keypinning journal file.
Definition at line 296 of file keypin.c.
Referenced by keypin_close_journal(), and keypin_journal_append_entry().