25#include "trunnel/link_handshake.h"
41 const uint8_t *cert_encoded,
45 certs_cell_cert_t *ccc = certs_cell_cert_new();
46 ccc->cert_type = cert_type;
47 ccc->cert_len = cert_len;
48 certs_cell_cert_setlen_body(ccc, cert_len);
49 memcpy(certs_cell_cert_getarray_body(ccc), cert_encoded, cert_len);
51 certs_cell_add_certs(certs_cell, ccc);
61 const tor_x509_cert_t *cert)
66 const uint8_t *cert_encoded = NULL;
89int certs_cell_ed25519_disabled_for_testing = 0;
91#define certs_cell_ed25519_disabled_for_testing 0
99 const tor_x509_cert_t *global_link_cert = NULL, *id_cert = NULL;
100 tor_x509_cert_t *own_link_cert = NULL;
103 certs_cell_t *certs_cell = NULL;
114 &global_link_cert, &id_cert) < 0)
117 if (conn_in_server_mode) {
122 certs_cell = certs_cell_new();
125 if (conn_in_server_mode) {
126 tor_assert_nonfatal(own_link_cert);
142 get_master_signing_key_cert());
143 if (conn_in_server_mode) {
145 certs_cell_ed25519_disabled_for_testing);
147 CERTTYPE_ED_SIGN_LINK,
151 CERTTYPE_ED_SIGN_AUTH,
152 get_current_auth_key_cert());
157 const uint8_t *crosscert=NULL;
158 size_t crosscert_len;
159 get_master_rsa_crosscert(&crosscert, &crosscert_len);
162 CERTTYPE_RSA1024_ID_EDID,
163 crosscert, crosscert_len);
168 certs_cell->n_certs = certs_cell_getlen_certs(certs_cell);
170 ssize_t alloc_len = certs_cell_encoded_len(certs_cell);
171 tor_assert(alloc_len >= 0 && alloc_len <= UINT16_MAX);
174 ssize_t enc_len = certs_cell_encode(cell->
payload, alloc_len, certs_cell);
175 tor_assert(enc_len > 0 && enc_len <= alloc_len);
180 certs_cell_free(certs_cell);
181 tor_x509_cert_free(own_link_cert);
191 switch (challenge_type) {
206 uint16_t challenge_type_b)
216 return (challenge_type_a > challenge_type_b);
231 auth_challenge_cell_t *ac = auth_challenge_cell_new();
234 crypto_rand((
char*)ac->challenge,
sizeof(ac->challenge));
238 auth_challenge_cell_set_n_methods(ac,
239 auth_challenge_cell_getlen_methods(ac));
241 cell =
var_cell_new(auth_challenge_cell_encoded_len(ac));
246 log_warn(
LD_BUG,
"Encoded auth challenge cell length not as expected");
250 cell->
command = CELL_AUTH_CHALLENGE;
257 auth_challenge_cell_free(ac);
287 auth1_t *auth = NULL;
289 const char *authtype_str = NULL;
296 tor_assert_nonfatal_unreached_once();
300 authtype_str =
"AUTH0003";
310 memcpy(auth1_getarray_type(auth), authtype_str, 8);
313 const tor_x509_cert_t *id_cert=NULL;
315 const uint8_t *my_id, *their_id, *client_id, *server_id;
323 my_id = (uint8_t*)my_digests->
d[DIGEST_SHA256];
324 their_id = (uint8_t*)their_digests->
d[DIGEST_SHA256];
326 client_id = server ? their_id : my_id;
327 server_id = server ? my_id : their_id;
330 memcpy(auth->cid, client_id, 32);
333 memcpy(auth->sid, server_id, 32);
339 log_warn(
LD_OR,
"Ed authenticate without Ed ID cert from peer.");
342 my_ed_id = get_master_identity_key();
345 const uint8_t *cid_ed = (server ? their_ed_id : my_ed_id)->pubkey;
346 const uint8_t *sid_ed = (server ? my_ed_id : their_ed_id)->pubkey;
371 tor_x509_cert_t *cert = NULL;
378 log_warn(
LD_OR,
"Unable to find cert when making %s data.",
386 tor_x509_cert_free(cert);
393 "EXPORTER FOR TOR TLS CLIENT BINDING %s", authtype_str);
395 auth->cid,
sizeof(auth->cid),
399 log_warn(
LD_BUG,
"TLS key export failed for unknown reason.");
410 ssize_t maxlen = auth1_encoded_len(auth);
411 if (ed_signing_key) {
415 const int AUTH_CELL_HEADER_LEN = 4;
417 uint8_t *
const out = result->
payload + AUTH_CELL_HEADER_LEN;
418 const size_t outlen = maxlen;
421 result->
command = CELL_AUTHENTICATE;
424 if ((len = auth1_encode(out, outlen, auth)) < 0) {
426 log_warn(
LD_BUG,
"Unable to encode signed part of AUTH1 data.");
433 ssize_t len2 = auth1_parse(&tmp, out, len);
436 log_warn(
LD_BUG,
"Unable to parse signed part of AUTH1 data that "
446 log_warn(
LD_BUG,
"Mismatched length when re-parsing AUTH1 data.");
453 if (ed_signing_key) {
457 log_warn(
LD_BUG,
"Unable to sign ed25519 authentication data");
465 len = auth1_encode(out, outlen, auth);
468 log_warn(
LD_BUG,
"Unable to encode signed AUTH1 data.");
472 tor_assert(len + AUTH_CELL_HEADER_LEN <= result->payload_len);
479 var_cell_free(result);
495 log_warn(
LD_BUG,
"Tried to send authenticate cell with unknown "
496 "authentication type %d", authtype);
502 get_current_auth_keypair(),
505 log_fn(LOG_PROTOCOL_WARN,
LD_NET,
"Unable to compute authenticate cell!");
static void set_uint16(void *cp, uint16_t v)
Header file for config.c.
var_cell_t * var_cell_new(uint16_t payload_len)
void connection_or_write_var_cell_to_buf(const var_cell_t *cell, or_connection_t *conn)
Header file for connection_or.c.
void crypto_digest_get_digest(crypto_digest_t *digest, char *out, size_t out_len)
int ed25519_sign(ed25519_signature_t *signature_out, const uint8_t *msg, size_t len, const ed25519_keypair_t *keypair)
void crypto_rand(char *to, size_t n)
Common functions for using (pseudo-)random number generators.
#define log_fn(severity, domain, args,...)
Master header file for Tor-specific functionality.
#define OR_CERT_TYPE_ID_1024
#define AUTHTYPE_RSA_SHA256_TLSSECRET
#define OR_CERT_TYPE_AUTH_1024
#define OR_CERT_TYPE_TLS_LINK
#define AUTHTYPE_RSA_SHA256_RFC5705
#define AUTHTYPE_ED25519_SHA256_RFC5705
OR handshake certs structure.
OR handshake state structure.
#define OR_CONN_STATE_OR_HANDSHAKING_V3
int tor_snprintf(char *str, size_t size, const char *format,...)
int authchallenge_type_is_better(uint16_t challenge_type_a, uint16_t challenge_type_b)
static void add_certs_cell_cert_helper(certs_cell_t *certs_cell, uint8_t cert_type, const uint8_t *cert_encoded, size_t cert_len)
int connection_or_send_certs_cell(or_connection_t *conn)
static void add_ed25519_cert(certs_cell_t *certs_cell, uint8_t cert_type, const tor_cert_t *cert)
var_cell_t * connection_or_compute_authenticate_cell_body(or_connection_t *conn, const int authtype, const ed25519_keypair_t *ed_signing_key, int server)
int authchallenge_type_is_supported(uint16_t challenge_type)
int connection_or_send_authenticate_cell(or_connection_t *conn, int authtype)
int connection_or_send_auth_challenge_cell(or_connection_t *conn)
static void add_x509_cert(certs_cell_t *certs_cell, uint8_t cert_type, const tor_x509_cert_t *cert)
Header for feature/relay/relay_handshake.c.
char d[N_COMMON_DIGEST_ALGORITHMS][DIGEST256_LEN]
or_handshake_state_t * handshake_state
struct tor_cert_st * ed_id_sign
struct tor_x509_cert_t * id_cert
struct tor_cert_st * own_link_cert
unsigned int started_here
crypto_digest_t * digest_sent
or_handshake_certs_t * certs
uint8_t payload[FLEXIBLE_ARRAY_MEMBER]
#define MOCK_IMPL(rv, funcname, arglist)
int tor_tls_get_my_certs(int server, const tor_x509_cert_t **link_cert_out, const tor_x509_cert_t **id_cert_out)
struct tor_x509_cert_t * tor_tls_get_peer_cert(tor_tls_t *tls)
struct tor_x509_cert_t * tor_tls_get_own_cert(tor_tls_t *tls)
int tor_tls_export_key_material(tor_tls_t *tls, uint8_t *secrets_out, const uint8_t *context, size_t context_len, const char *label)
Variable-length cell structure.
#define ED25519_PUBKEY_LEN
const common_digests_t * tor_x509_cert_get_cert_digests(const tor_x509_cert_t *cert)
const common_digests_t * tor_x509_cert_get_id_digests(const tor_x509_cert_t *cert)
void tor_x509_cert_get_der(const tor_x509_cert_t *cert, const uint8_t **encoded_out, size_t *size_out)