[tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed May 31 20:36:19 UTC 2017 

#22460: Received a bad CERTS cell: Link certificate does not match TLS certificate
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:
     Type:  defect                               |         Status:  new
 Priority:  High                                 |      Milestone:  Tor:
                                                 |  0.3.1.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Major                                |     Resolution:
 Keywords:  tor-relay certs handshake ed25519    |  Actual Points:
  needs-analysis 030-backport                    |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by nickm):

 Replying to [comment:21 arma]:
 > {{{
 > May 31 16:01:10.334 [info] channel_tls_process_versions_cell():
 Negotiated version 4 with 179.43.158.176:443; Sending cells: CERTS
 > May 31 16:01:10.334 [info] or_handshake_certs_ed25519_ok(): Received a
 bad CERTS cell: At least one Ed25519 certificate was badly signed
 > May 31 16:01:10.334 [info] channel_tls_process_certs_cell(): Received a
 bad CERTS cell from 179.43.158.176:443: Invalid certificate chain!
 > May 31 16:01:10.334 [info] dump_certs_cell(): certificate 4/5: type 5,
 body
 0105000657BB018FA6D469EA74707EC7EBBC8AE79A75434287ADBDAF1678B003736535228D76C200FE2D6FF56E4A9D5D15105B7891C6B58A284178DBA0EE9FEFEF1A60DBC571BA1FCAD6BC5D5C22F76314DE1D9A7A7518ABC36EB60B1FDBC45D7ACB722FA9520709

 This checks out okay; it's a master->signing cert, with an expiration time
 of 0x00065A5D ('Fri Jun 30 21:00:00 2017')

 > {{{
 > May 31 16:01:10.334 [info] dump_certs_cell(): certificate 5/5: type 7,
 body
 9D6030D9CD31261C33BFAD4571D6171C83ADEF6F2D1FAD82EC9451301FA6EAD00007AB37800EA89BB84B2256FEE30A6842B4AE0F236489C826D4162C43EF434B8F9D965A1F4DDC44785B097E0431471F88783BFE0042214A619BD1037961441CA2F6AFEE56C042C5B6EC679BFC2262A37E65F8ECCC9C76014D56650040C1FD98A697B3DB956B7EE9B25C3A6CF30C33036E27FFD88F85C42C9D54547E1E0401A6FA5549A578
 > }}}

 This one also looks okay (this time as a sign->link) but the signature
 does not validate as being correctly signed with the signing key from the
 first cert. Maybe it was signed with a different key? Maybe it's munged?
 This one has expiration of 0x657BB ('Fri Jun  2 19:00:00 2017').

 The RSA->Ed cert seems to be a also signing the claimed identity key.

 > {{{
 > ...
 > r greenlantern aYuHCM9OoC0nygknTzNRtPZqWDQ CkAtDfZZdApxyUSzF6FOq9OeC9A
 2017-05-31 13:56:02 179.43.158.176 443 80
 > s Fast Guard HSDir Running Stable V2Dir Valid
 > v Tor 0.3.0.6
 > }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22460#comment:22>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list