Tor 0.4.9.2-alpha-dev
All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Modules Pages
routerkeys.h
Go to the documentation of this file.
1/* Copyright (c) 2014-2021, The Tor Project, Inc. */
2/* See LICENSE for licensing information */
3
4/**
5 * @file routerkeys.h
6 * @brief Header for routerkeys.c
7 **/
8
9#ifndef TOR_ROUTERKEYS_H
10#define TOR_ROUTERKEYS_H
11
12#include "lib/crypt_ops/crypto_ed25519.h"
13
14#ifdef HAVE_MODULE_RELAY
15
16const ed25519_public_key_t *get_master_identity_key(void);
17MOCK_DECL(const ed25519_keypair_t *, get_master_signing_keypair,(void));
18MOCK_DECL(const struct tor_cert_st *, get_master_signing_key_cert,(void));
19
20const ed25519_keypair_t *get_current_auth_keypair(void);
21const struct tor_cert_st *get_current_link_cert_cert(void);
22const struct tor_cert_st *get_current_auth_key_cert(void);
23
24smartlist_t *list_family_key_files(const or_options_t *options,
25 const char *keydir);
26const smartlist_t *get_current_family_id_keys(void);
27
28void get_master_rsa_crosscert(const uint8_t **cert_out,
29 size_t *size_out);
30
31int router_ed25519_id_is_me(const ed25519_public_key_t *id);
32
33/* These are only used by router.c */
34struct tor_cert_st *make_ntor_onion_key_crosscert(
35 const curve25519_keypair_t *onion_key,
36 const ed25519_public_key_t *master_id_key,
37 time_t now, time_t lifetime,
38 int *sign_out);
39uint8_t *make_tap_onion_key_crosscert(const crypto_pk_t *onion_key,
40 const ed25519_public_key_t *master_id_key,
41 const crypto_pk_t *rsa_id_key,
42 int *len_out);
43
44int log_cert_expiration(void);
45int load_ed_keys(const or_options_t *options, time_t now);
46int load_family_id_keys(const or_options_t *options,
47 const networkstatus_t *ns);
48int create_family_id_key(const char *fname, ed25519_public_key_t *pk_out);
49void warn_about_family_id_config(const or_options_t *options,
50 const networkstatus_t *ns);
51int should_make_new_ed_keys(const or_options_t *options, const time_t now);
52
53int generate_ed_link_cert(const or_options_t *options, time_t now, int force);
54
55void routerkeys_free_all(void);
56
57#else /* !defined(HAVE_MODULE_RELAY) */
58
59#define router_ed25519_id_is_me(id) \
60 ((void)(id), 0)
61
62static inline void *
63relay_key_is_unavailable_(void)
64{
65 return NULL;
66}
67#define relay_key_is_unavailable(type) \
68 ((type)(relay_key_is_unavailable_()))
69
70// Many of these can be removed once relay_handshake.c is relay-only.
71#define get_current_auth_keypair() \
72 relay_key_is_unavailable(const ed25519_keypair_t *)
73#define get_master_signing_keypair() \
74 relay_key_is_unavailable(const ed25519_keypair_t *)
75#define get_current_link_cert_cert() \
76 relay_key_is_unavailable(const struct tor_cert_st *)
77#define get_current_auth_key_cert() \
78 relay_key_is_unavailable(const struct tor_cert_st *)
79#define get_master_signing_key_cert() \
80 relay_key_is_unavailable(const struct tor_cert_st *)
81#define get_master_rsa_crosscert(cert_out, size_out) \
82 STMT_BEGIN \
83 tor_assert_nonfatal_unreached(); \
84 *(cert_out) = NULL; \
85 *(size_out) = 0; \
86 STMT_END
87#define get_master_identity_key() \
88 relay_key_is_unavailable(const ed25519_public_key_t *)
89
90#define generate_ed_link_cert(options, now, force) \
91 ((void)(options), (void)(now), (void)(force), 0)
92#define should_make_new_ed_keys(options, now) \
93 ((void)(options), (void)(now), 0)
94#define warn_about_family_id_config(options,ns) \
95 ((void)(options), (void)(ns))
96#define get_current_family_id_keys() \
97 (smartlist_new())
98
99// These can get removed once router.c becomes relay-only.
100static inline struct tor_cert_st *
101make_ntor_onion_key_crosscert(const curve25519_keypair_t *onion_key,
102 const ed25519_public_key_t *master_id_key,
103 time_t now, time_t lifetime,
104 int *sign_out)
105{
106 (void)onion_key;
107 (void)master_id_key;
108 (void)now;
109 (void)lifetime;
110 *sign_out = 0;
111 tor_assert_nonfatal_unreached();
112 return NULL;
113}
114static inline uint8_t *
115make_tap_onion_key_crosscert(const crypto_pk_t *onion_key,
116 const ed25519_public_key_t *master_id_key,
117 const crypto_pk_t *rsa_id_key,
118 int *len_out)
119{
120 (void)onion_key;
121 (void)master_id_key;
122 (void)rsa_id_key;
123 *len_out = 0;
124 tor_assert_nonfatal_unreached();
125 return NULL;
126}
127
128/* This calls is used outside of relay mode, but only to implement
129 * CMD_KEY_EXPIRATION */
130#define log_cert_expiration() \
131 (puts("Not available: Tor has been compiled without relay support"), 0)
132/* This calls is used outside of relay mode, but only to implement
133 * CMD_KEYGEN. */
134#define load_ed_keys(x,y) \
135 (puts("Not available: Tor has been compiled without relay support"), 0)
136#define load_family_id_keys(x,y) \
137 (puts("Not available: Tor has been compiled without relay support"), 0)
138#define create_family_id_key(x,y) \
139 (puts("Not available: Tor has been compiled without relay support"), -1)
140
141#endif /* defined(HAVE_MODULE_RELAY) */
142
143#ifdef TOR_UNIT_TESTS
144const ed25519_keypair_t *get_master_identity_keypair(void);
145void init_mock_ed_keys(const crypto_pk_t *rsa_identity_key);
146#endif
147
148#ifdef ROUTERKEYS_PRIVATE
149STATIC void set_family_id_keys(smartlist_t *keys);
150STATIC bool is_family_key_fname(const char *fname);
151STATIC int load_family_id_keys_impl(const or_options_t *options,
152 const char *keydir);
153#endif
154
155#endif /* !defined(TOR_ROUTERKEYS_H) */
crypto_ed25519.h
Header for crypto_ed25519.c.
set_family_id_keys
STATIC void set_family_id_keys(smartlist_t *keys)
Definition: routerkeys.c:1003
load_ed_keys
int load_ed_keys(const or_options_t *options, time_t now)
Definition: routerkeys.c:63
should_make_new_ed_keys
int should_make_new_ed_keys(const or_options_t *options, const time_t now)
Definition: routerkeys.c:427
router_ed25519_id_is_me
int router_ed25519_id_is_me(const ed25519_public_key_t *id)
Definition: routerkeys.c:639
load_family_id_keys_impl
STATIC int load_family_id_keys_impl(const or_options_t *options, const char *keydir)
Definition: routerkeys.c:805
is_family_key_fname
STATIC bool is_family_key_fname(const char *fname)
Definition: routerkeys.c:697
warn_about_family_id_config
void warn_about_family_id_config(const or_options_t *options, const networkstatus_t *ns)
Definition: routerkeys.c:948
make_tap_onion_key_crosscert
uint8_t * make_tap_onion_key_crosscert(const crypto_pk_t *onion_key, const ed25519_public_key_t *master_id_key, const crypto_pk_t *rsa_id_key, int *len_out)
Definition: routerkeys.c:1048
list_family_key_files
smartlist_t * list_family_key_files(const or_options_t *options, const char *keydir)
Definition: routerkeys.c:782
get_current_family_id_keys
const smartlist_t * get_current_family_id_keys(void)
Definition: routerkeys.c:989
make_ntor_onion_key_crosscert
tor_cert_t * make_ntor_onion_key_crosscert(const curve25519_keypair_t *onion_key, const ed25519_public_key_t *master_id_key, time_t now, time_t lifetime, int *sign_out)
Definition: routerkeys.c:1025
create_family_id_key
int create_family_id_key(const char *fname, ed25519_public_key_t *pk_out)
Definition: routerkeys.c:876
log_cert_expiration
int log_cert_expiration(void)
Definition: routerkeys.c:614
generate_ed_link_cert
int generate_ed_link_cert(const or_options_t *options, time_t now, int force)
Definition: routerkeys.c:373
load_family_id_keys
int load_family_id_keys(const or_options_t *options, const networkstatus_t *ns)
Definition: routerkeys.c:912
crypto_pk_t
Definition: crypto_rsa_nss.c:39
curve25519_keypair_t
Definition: crypto_curve25519.h:38
ed25519_keypair_t
Definition: crypto_ed25519.h:39
ed25519_public_key_t
Definition: crypto_ed25519.h:23
networkstatus_t
Definition: networkstatus_st.h:26
or_options_t
Definition: or_options_st.h:64
smartlist_t
Definition: smartlist_core.h:26
STATIC
#define STATIC
Definition: testsupport.h:32
MOCK_DECL
#define MOCK_DECL(rv, funcname, arglist)
Definition: testsupport.h:127
tor_assert_nonfatal_unreached
#define tor_assert_nonfatal_unreached()
Definition: util_bug.h:177
Generated by doxygen 1.9.4