Tor 0.4.9.0-alpha-dev
routerkeys.h
Go to the documentation of this file.
1/* Copyright (c) 2014-2021, The Tor Project, Inc. */
2/* See LICENSE for licensing information */
3
4/**
5 * @file routerkeys.h
6 * @brief Header for routerkeys.c
7 **/
8
9#ifndef TOR_ROUTERKEYS_H
10#define TOR_ROUTERKEYS_H
11
12#include "lib/crypt_ops/crypto_ed25519.h"
13
14#ifdef HAVE_MODULE_RELAY
15
16const ed25519_public_key_t *get_master_identity_key(void);
17MOCK_DECL(const ed25519_keypair_t *, get_master_signing_keypair,(void));
18MOCK_DECL(const struct tor_cert_st *, get_master_signing_key_cert,(void));
19
20const ed25519_keypair_t *get_current_auth_keypair(void);
21const struct tor_cert_st *get_current_link_cert_cert(void);
22const struct tor_cert_st *get_current_auth_key_cert(void);
23
24void get_master_rsa_crosscert(const uint8_t **cert_out,
25 size_t *size_out);
26
27int router_ed25519_id_is_me(const ed25519_public_key_t *id);
28
29/* These are only used by router.c */
30struct tor_cert_st *make_ntor_onion_key_crosscert(
31 const curve25519_keypair_t *onion_key,
32 const ed25519_public_key_t *master_id_key,
33 time_t now, time_t lifetime,
34 int *sign_out);
35uint8_t *make_tap_onion_key_crosscert(const crypto_pk_t *onion_key,
36 const ed25519_public_key_t *master_id_key,
37 const crypto_pk_t *rsa_id_key,
38 int *len_out);
39
40int log_cert_expiration(void);
41int load_ed_keys(const or_options_t *options, time_t now);
42int should_make_new_ed_keys(const or_options_t *options, const time_t now);
43
44int generate_ed_link_cert(const or_options_t *options, time_t now, int force);
45
46void routerkeys_free_all(void);
47
48#else /* !defined(HAVE_MODULE_RELAY) */
49
50#define router_ed25519_id_is_me(id) \
51 ((void)(id), 0)
52
53static inline void *
54relay_key_is_unavailable_(void)
55{
56 return NULL;
57}
58#define relay_key_is_unavailable(type) \
59 ((type)(relay_key_is_unavailable_()))
60
61// Many of these can be removed once relay_handshake.c is relay-only.
62#define get_current_auth_keypair() \
63 relay_key_is_unavailable(const ed25519_keypair_t *)
64#define get_master_signing_keypair() \
65 relay_key_is_unavailable(const ed25519_keypair_t *)
66#define get_current_link_cert_cert() \
67 relay_key_is_unavailable(const struct tor_cert_st *)
68#define get_current_auth_key_cert() \
69 relay_key_is_unavailable(const struct tor_cert_st *)
70#define get_master_signing_key_cert() \
71 relay_key_is_unavailable(const struct tor_cert_st *)
72#define get_master_rsa_crosscert(cert_out, size_out) \
73 STMT_BEGIN \
74 tor_assert_nonfatal_unreached(); \
75 *(cert_out) = NULL; \
76 *(size_out) = 0; \
77 STMT_END
78#define get_master_identity_key() \
79 relay_key_is_unavailable(const ed25519_public_key_t *)
80
81#define generate_ed_link_cert(options, now, force) \
82 ((void)(options), (void)(now), (void)(force), 0)
83#define should_make_new_ed_keys(options, now) \
84 ((void)(options), (void)(now), 0)
85
86// These can get removed once router.c becomes relay-only.
87static inline struct tor_cert_st *
88make_ntor_onion_key_crosscert(const curve25519_keypair_t *onion_key,
89 const ed25519_public_key_t *master_id_key,
90 time_t now, time_t lifetime,
91 int *sign_out)
92{
93 (void)onion_key;
94 (void)master_id_key;
95 (void)now;
96 (void)lifetime;
97 *sign_out = 0;
98 tor_assert_nonfatal_unreached();
99 return NULL;
100}
101static inline uint8_t *
102make_tap_onion_key_crosscert(const crypto_pk_t *onion_key,
103 const ed25519_public_key_t *master_id_key,
104 const crypto_pk_t *rsa_id_key,
105 int *len_out)
106{
107 (void)onion_key;
108 (void)master_id_key;
109 (void)rsa_id_key;
110 *len_out = 0;
111 tor_assert_nonfatal_unreached();
112 return NULL;
113}
114
115/* This calls is used outside of relay mode, but only to implement
116 * CMD_KEY_EXPIRATION */
117#define log_cert_expiration() \
118 (puts("Not available: Tor has been compiled without relay support"), 0)
119/* This calls is used outside of relay mode, but only to implement
120 * CMD_KEYGEN. */
121#define load_ed_keys(x,y) \
122 (puts("Not available: Tor has been compiled without relay support"), 0)
123
124#endif /* defined(HAVE_MODULE_RELAY) */
125
126#ifdef TOR_UNIT_TESTS
127const ed25519_keypair_t *get_master_identity_keypair(void);
128void init_mock_ed_keys(const crypto_pk_t *rsa_identity_key);
129#endif
130
131#endif /* !defined(TOR_ROUTERKEYS_H) */
crypto_ed25519.h
Header for crypto_ed25519.c.
load_ed_keys
int load_ed_keys(const or_options_t *options, time_t now)
Definition: routerkeys.c:55
should_make_new_ed_keys
int should_make_new_ed_keys(const or_options_t *options, const time_t now)
Definition: routerkeys.c:419
router_ed25519_id_is_me
int router_ed25519_id_is_me(const ed25519_public_key_t *id)
Definition: routerkeys.c:631
make_tap_onion_key_crosscert
uint8_t * make_tap_onion_key_crosscert(const crypto_pk_t *onion_key, const ed25519_public_key_t *master_id_key, const crypto_pk_t *rsa_id_key, int *len_out)
Definition: routerkeys.c:712
make_ntor_onion_key_crosscert
tor_cert_t * make_ntor_onion_key_crosscert(const curve25519_keypair_t *onion_key, const ed25519_public_key_t *master_id_key, time_t now, time_t lifetime, int *sign_out)
Definition: routerkeys.c:689
log_cert_expiration
int log_cert_expiration(void)
Definition: routerkeys.c:606
generate_ed_link_cert
int generate_ed_link_cert(const or_options_t *options, time_t now, int force)
Definition: routerkeys.c:365
crypto_pk_t
Definition: crypto_rsa_nss.c:39
curve25519_keypair_t
Definition: crypto_curve25519.h:38
ed25519_keypair_t
Definition: crypto_ed25519.h:39
ed25519_public_key_t
Definition: crypto_ed25519.h:23
or_options_t
Definition: or_options_st.h:64
MOCK_DECL
#define MOCK_DECL(rv, funcname, arglist)
Definition: testsupport.h:127
tor_assert_nonfatal_unreached
#define tor_assert_nonfatal_unreached()
Definition: util_bug.h:177
Generated by doxygen 1.9.4