[tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed May 31 19:50:17 UTC 2017


#22460: Received a bad CERTS cell: Link certificate does not match TLS certificate
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:
     Type:  defect                               |         Status:  new
 Priority:  High                                 |      Milestone:  Tor:
                                                 |  0.3.1.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Major                                |     Resolution:
 Keywords:  tor-relay certs handshake ed25519    |  Actual Points:
  needs-analysis 030-backport                    |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by nickm):

 Replying to [comment:18 arma]:
 > {{{
 > May 31 15:20:00.993 [info] channel_tls_process_versions_cell():
 Negotiated version 4 with 78.52.211.211:443; Sending cells: CERTS
 > May 31 15:20:00.993 [info] rsa_ed25519_crosscert_check(): Received a bad
 RSA->Ed25519 crosscert: Crosscert is expired
 > May 31 15:20:00.993 [info] or_handshake_certs_ed25519_ok(): Received a
 bad CERTS cell: Invalid RSA->Ed25519 crosscert
 > May 31 15:20:00.993 [info] channel_tls_process_certs_cell(): Received a
 bad CERTS cell from 78.52.211.211:443: Invalid certificate chain!
 > May 31 15:20:00.993 [info] dump_certs_cell(): certificate 3/5: type 4,
 body
 0104000658E501A85A541FF2B5D4FBC156155D939779733E3AB55E8607D99942D470EBA1E79D96010020040006232608577AC3AF530DF8B046C51722C0C9529C5C98557F5515ACEB195ABCF0824974D7B657073ACEBB35EC2B12C0DA6BC3E602A7AAB3F8523633E073CFAD3E099100B33C9B5DBA09346D5CADD577A0216E0A09BF7895534B01566DBB796907
 > ...
 > }}}

 This is the master cert; it says that the master ID key is
 06232608577AC3AF530DF8B046C51722C0C9529C5C98557F5515ACEB195ABCF0, and that
 the current signing key is
 A85A541FF2B5D4FBC156155D939779733E3AB55E8607D99942D470EBA1E79D96.  The
 expiration type is 3600 * 0x000658E5, or Jun 15 at 5 am.

 > {{{
 > ...
 > May 31 15:20:00.993 [info] dump_certs_cell(): certificate 5/5: type 7,
 body
 06232608577AC3AF530DF8B046C51722C0C9529C5C98557F5515ACEB195ABCF00001563180463B800A78747A0759A51E037CA30C5253F5CAE555B8B3E9C50520FC3C72259E50339FA76474BC6A693043E443BDEA73F82A82CD94FD550945E9690BC610DB1938E12926781D37B5E72BB0F1991ACD376F45D29B9B8837CC49F5A128130CD553017BF1A4CE9770EE694403F9CE9E9A3C362EC59142B42DC3982A17653ABB64C5
 > }}}

 This one is the RSA->Ed crosscert.  The signed key is
 06232608577AC3AF530DF8B046C51722C0C9529C5C98557F5515ACEB195ABCF0, which is
 what we had hoped for.  But the expiration date here is 0x15631 * 3600 ==
 1979, Dec 30, 1am!  That's very wrong.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22460#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list