commit 91c1e88b7a6d41f93f88cd8754746c836b25721f Author: Nick Mathewson nickm@torproject.org Date: Sat Aug 11 19:54:11 2018 -0400

Refactor some of the certificate-manipulation logic --- src/lib/tls/tortls.c | 5 ++-- src/lib/tls/x509.c | 68 ++++++++++++++++++++++++++++++++-------------------- src/lib/tls/x509.h | 14 +++++++---- 3 files changed, 55 insertions(+), 32 deletions(-)

diff --git a/src/lib/tls/tortls.c b/src/lib/tls/tortls.c index cb507057e..4c5dedb57 100644 --- a/src/lib/tls/tortls.c +++ b/src/lib/tls/tortls.c @@ -1856,8 +1856,9 @@ tor_tls_check_lifetime(int severity, tor_tls_t *tls, if (!(cert = SSL_get_peer_certificate(tls->ssl))) goto done;

- if (check_cert_lifetime_internal(severity, cert, now, - past_tolerance, future_tolerance) < 0) + if (tor_x509_check_cert_lifetime_internal(severity, cert, now, + past_tolerance, + future_tolerance) < 0) goto done;

r = 0; diff --git a/src/lib/tls/x509.c b/src/lib/tls/x509.c index 27cba1be6..8bed6f5a1 100644 --- a/src/lib/tls/x509.c +++ b/src/lib/tls/x509.c @@ -85,6 +85,42 @@ tor_x509_name_new(const char *cname) /* LCOV_EXCL_STOP */ }

+/** Choose the start and end times for a certificate */ +void +tor_tls_pick_certificate_lifetime(time_t now, + unsigned int cert_lifetime, + time_t *start_time_out, + time_t *end_time_out) +{ + time_t start_time, end_time; + /* Make sure we're part-way through the certificate lifetime, rather + * than having it start right now. Don't choose quite uniformly, since + * then we might pick a time where we're about to expire. Lastly, be + * sure to start on a day boundary. */ + /* Our certificate lifetime will be cert_lifetime no matter what, but if we + * start cert_lifetime in the past, we'll have 0 real lifetime. instead we + * start up to (cert_lifetime - min_real_lifetime - start_granularity) in + * the past. */ + const time_t min_real_lifetime = 24*3600; + const time_t start_granularity = 24*3600; + time_t earliest_start_time; + /* Don't actually start in the future! */ + if (cert_lifetime <= min_real_lifetime + start_granularity) { + earliest_start_time = now - 1; + } else { + earliest_start_time = now + min_real_lifetime + start_granularity + - cert_lifetime; + } + start_time = crypto_rand_time_range(earliest_start_time, now); + /* Round the start time back to the start of a day. */ + start_time -= start_time % start_granularity; + + end_time = start_time + cert_lifetime; + + *start_time_out = start_time; + *end_time_out = end_time; +} + /** Generate and sign an X509 certificate with the public key <b>rsa</b>, * signed by the private key <b>rsa_sign</b>. The commonName of the * certificate will be <b>cname</b>; the commonName of the issuer will be @@ -113,30 +149,10 @@ tor_tls_create_certificate,(crypto_pk_t *rsa,

tor_tls_init();

- /* Make sure we're part-way through the certificate lifetime, rather - * than having it start right now. Don't choose quite uniformly, since - * then we might pick a time where we're about to expire. Lastly, be - * sure to start on a day boundary. */ time_t now = time(NULL); - /* Our certificate lifetime will be cert_lifetime no matter what, but if we - * start cert_lifetime in the past, we'll have 0 real lifetime. instead we - * start up to (cert_lifetime - min_real_lifetime - start_granularity) in - * the past. */ - const time_t min_real_lifetime = 24*3600; - const time_t start_granularity = 24*3600; - time_t earliest_start_time; - /* Don't actually start in the future! */ - if (cert_lifetime <= min_real_lifetime + start_granularity) { - earliest_start_time = now - 1; - } else { - earliest_start_time = now + min_real_lifetime + start_granularity - - cert_lifetime; - } - start_time = crypto_rand_time_range(earliest_start_time, now); - /* Round the start time back to the start of a day. */ - start_time -= start_time % start_granularity;

- end_time = start_time + cert_lifetime; + tor_tls_pick_certificate_lifetime(now, cert_lifetime, + &start_time, &end_time);

tor_assert(rsa); tor_assert(cname); @@ -410,7 +426,7 @@ tor_tls_cert_is_valid(int severity,

/* okay, the signature checked out right. Now let's check the check the * lifetime. */ - if (check_cert_lifetime_internal(severity, cert->cert, now, + if (tor_x509_check_cert_lifetime_internal(severity, cert->cert, now, 48*60*60, 30*24*60*60) < 0) goto bad;

@@ -509,9 +525,9 @@ log_cert_lifetime(int severity, const X509 *cert, const char *problem, * <b>now</b>.) If it is live, return 0. If it is not live, log a message * and return -1. */ int -check_cert_lifetime_internal(int severity, const X509 *cert, - time_t now, - int past_tolerance, int future_tolerance) +tor_x509_check_cert_lifetime_internal(int severity, const X509 *cert, + time_t now, + int past_tolerance, int future_tolerance) { time_t t;

diff --git a/src/lib/tls/x509.h b/src/lib/tls/x509.h index 4dadba06d..e3dfcf393 100644 --- a/src/lib/tls/x509.h +++ b/src/lib/tls/x509.h @@ -33,6 +33,11 @@ struct tor_x509_cert_t { }; #endif

+void tor_tls_pick_certificate_lifetime(time_t now, + unsigned cert_lifetime, + time_t *start_time_out, + time_t *end_time_out); + MOCK_DECL(tor_x509_cert_impl_t *, tor_tls_create_certificate, (crypto_pk_t *rsa, crypto_pk_t *rsa_sign, @@ -74,9 +79,10 @@ int tor_tls_cert_is_valid(int severity, time_t now, int check_rsa_1024);

-int check_cert_lifetime_internal(int severity, - const tor_x509_cert_impl_t *cert, - time_t now, - int past_tolerance, int future_tolerance); +int tor_x509_check_cert_lifetime_internal(int severity, + const tor_x509_cert_impl_t *cert, + time_t now, + int past_tolerance, + int future_tolerance);

#endif