Also, stop storing onion keys in microdesc_t.
(In prop350, for microdescs, we are making the body optional; the "onion-key"
entry is still mandatory, so that we can tell where microdescs begin.)
/** List of tokens recognized in microdescriptors */
// clang-format off
static token_rule_t microdesc_token_table[] = {
- T1_START("onion-key", K_ONION_KEY, NO_ARGS, NEED_KEY_1024),
+ T1_START("onion-key", K_ONION_KEY, NO_ARGS, OPT_KEY_1024),
T1("ntor-onion-key", K_ONION_KEY_NTOR, GE(1), NO_OBJ ),
T0N("id", K_ID, GE(2), NO_OBJ ),
T0N("a", K_A, GE(1), NO_OBJ ),
}
tok = find_by_keyword(tokens, K_ONION_KEY);
- if (!crypto_pk_public_exponent_ok(tok->key)) {
+ if (tok && tok->key && !crypto_pk_public_exponent_ok(tok->key)) {
log_warn(LD_DIR,
"Relay's onion key had invalid exponent.");
goto err;
}
- md->onion_pkey = tor_memdup(tok->object_body, tok->object_size);
- md->onion_pkey_len = tok->object_size;
- crypto_pk_free(tok->key);
if ((tok = find_opt_by_keyword(tokens, K_ONION_KEY_NTOR))) {
curve25519_public_key_t k;
RET_ERR(ebuf);
}
break;
+ case OPT_KEY_1024:
+ /* If there is anything, it must be a 1024-bit RSA key. */
+ if (tok->object_body && !tok->key) {
+ tor_snprintf(ebuf, sizeof(ebuf), "Unexpected object for %s", kwd);
+ RET_ERR(ebuf);
+ }
+ if (!tok->key) {
+ break;
+ }
+ FALLTHROUGH;
case NEED_KEY_1024: /* There must be a 1024-bit public key. */
if (tok->key && crypto_pk_num_bits(tok->key) != PK_BYTES*8) {
tor_snprintf(ebuf, sizeof(ebuf), "Wrong size on key for %s: %d bits",
}
if (!strcmp(tok->object_type, "RSA PUBLIC KEY")) { /* If it's a public key */
- if (o_syn != NEED_KEY && o_syn != NEED_KEY_1024 && o_syn != OBJ_OK) {
+ if (o_syn != OPT_KEY_1024 && o_syn != NEED_KEY &&
+ o_syn != NEED_KEY_1024 && o_syn != OBJ_OK) {
RET_ERR("Unexpected public key.");
}
tok->key = crypto_pk_asn1_decode(tok->object_body, tok->object_size);
typedef enum {
NO_OBJ, /**< No object, ever. */
NEED_OBJ, /**< Object is required. */
+ OPT_KEY_1024, /**< If object is present, it must be a 1024 bit public key */
NEED_KEY_1024, /**< Object is required, and must be a 1024 bit public key */
NEED_KEY, /**< Object is required, and must be a public key. */
OBJ_OK, /**< Object is optional. */
//tor_assert(md->held_in_map == 0);
//tor_assert(md->held_by_nodes == 0);
- if (md->onion_pkey)
- tor_free(md->onion_pkey);
tor_free(md->onion_curve25519_pkey);
tor_free(md->ed25519_identity_pkey);
if (md->body && md->saved_location != SAVED_IN_CACHE)
/* Fields in the microdescriptor. */
- /**
- * Public RSA TAP key for onions, ASN.1 encoded. We store this
- * in its encoded format since storing it as a crypto_pk_t uses
- * significantly more memory. */
- char *onion_pkey;
- /** Length of onion_pkey, in bytes. */
- size_t onion_pkey_len;
-
/** As routerinfo_t.onion_curve25519_pkey */
struct curve25519_public_key_t *onion_curve25519_pkey;
/** Ed25519 identity key, if included. */
if (node->ri) {
onion_pkey = node->ri->onion_pkey;
onion_pkey_len = node->ri->onion_pkey_len;
- } else if (node->rs && node->md) {
- onion_pkey = node->md->onion_pkey;
- onion_pkey_len = node->md->onion_pkey_len;
} else {
- /* No descriptor or microdescriptor. */
+ /* No descriptor; we don't take onion keys from microdescs. */
goto end;
}
pk = router_get_rsa_onion_pkey(onion_pkey, onion_pkey_len);
projects / thirdparty / tor.git / commitdiff
