Tor 0.4.9.1-alpha-dev
|
Implementation for ed25519-signed certificates as used in the Tor protocol. More...
#include "core/or/or.h"
#include "app/config/config.h"
#include "lib/crypt_ops/crypto_util.h"
#include "feature/nodelist/torcert.h"
#include "trunnel/ed25519_cert.h"
#include "lib/log/log.h"
#include "trunnel/link_handshake.h"
#include "lib/tls/tortls.h"
#include "lib/tls/x509.h"
#include "core/or/or_handshake_certs_st.h"
Go to the source code of this file.
Macros | |
#define | RSA_ED_CROSSCERT_PREFIX "Tor TLS RSA/Ed25519 cross-certificate" |
#define | ERR(code, s) |
#define | ERR(s) |
#define | ADDCERT(cert, pk) |
Functions | |
tor_cert_t * | tor_cert_create_raw (const ed25519_keypair_t *signing_key, uint8_t cert_type, uint8_t signed_key_type, const uint8_t signed_key_info[32], time_t now, time_t lifetime, uint32_t flags) |
tor_cert_t * | tor_cert_create_ed25519 (const ed25519_keypair_t *signing_key, uint8_t cert_type, const ed25519_public_key_t *signed_key, time_t now, time_t lifetime, uint32_t flags) |
void | tor_cert_free_ (tor_cert_t *cert) |
tor_cert_t * | tor_cert_parse (const uint8_t *encoded, const size_t len) |
int | tor_cert_get_checkable_sig (ed25519_checkable_t *checkable_out, const tor_cert_t *cert, const ed25519_public_key_t *pubkey, time_t *expiration_out) |
int | tor_cert_checksig (tor_cert_t *cert, const ed25519_public_key_t *pubkey, time_t now) |
const char * | tor_cert_describe_signature_status (const tor_cert_t *cert) |
tor_cert_t * | tor_cert_dup (const tor_cert_t *cert) |
int | tor_cert_eq (const tor_cert_t *cert1, const tor_cert_t *cert2) |
int | tor_cert_opt_eq (const tor_cert_t *cert1, const tor_cert_t *cert2) |
ssize_t | tor_make_rsa_ed25519_crosscert (const ed25519_public_key_t *ed_key, const crypto_pk_t *rsa_key, time_t expires, uint8_t **cert) |
int | rsa_ed25519_crosscert_check (const uint8_t *crosscert, const size_t crosscert_len, const crypto_pk_t *rsa_id_key, const ed25519_public_key_t *master_key, const time_t reject_if_expired_before) |
or_handshake_certs_t * | or_handshake_certs_new (void) |
void | or_handshake_certs_free_ (or_handshake_certs_t *certs) |
int | or_handshake_certs_rsa_ok (int severity, or_handshake_certs_t *certs, tor_tls_t *tls, time_t now) |
int | or_handshake_certs_ed25519_ok (int severity, or_handshake_certs_t *certs, tor_tls_t *tls, time_t now) |
int | check_tap_onion_key_crosscert (const uint8_t *crosscert, int crosscert_len, const crypto_pk_t *onion_pkey, const ed25519_public_key_t *master_id_pkey, const uint8_t *rsa_id_digest) |
void | or_handshake_certs_check_both (int severity, or_handshake_certs_t *certs, tor_tls_t *tls, time_t now, const ed25519_public_key_t **ed_id_out, const common_digests_t **rsa_id_out) |
int | tor_cert_encode_ed22519 (const tor_cert_t *cert, char **cert_str_out) |
Implementation for ed25519-signed certificates as used in the Tor protocol.
This certificate format is designed to be simple and compact; it's documented in tor-spec.txt in the torspec.git repository. All of the certificates in this format are signed with an Ed25519 key; the contents themselves may be another Ed25519 key, a digest of a RSA key, or some other material.
In this module there is also support for a cross-certification of Ed25519 identities using (older) RSA1024 identities.
Tor uses other types of certificate too, beyond those described in this module. Notably, our use of TLS requires us to touch X.509 certificates, even though sensible people would stay away from those. Our X.509 certificates are represented with tor_x509_cert_t, and implemented in tortls.c. We also have a separate certificate type that authorities use to authenticate their RSA signing keys with their RSA identity keys: that one is authority_cert_t, and it's mostly handled in routerlist.c.
Definition in file torcert.c.
#define ADDCERT | ( | cert, | |
pk | |||
) |
#define ERR | ( | code, | |
s | |||
) |
#define ERR | ( | s | ) |
#define RSA_ED_CROSSCERT_PREFIX "Tor TLS RSA/Ed25519 cross-certificate" |
int check_tap_onion_key_crosscert | ( | const uint8_t * | crosscert, |
int | crosscert_len, | ||
const crypto_pk_t * | onion_pkey, | ||
const ed25519_public_key_t * | master_id_pkey, | ||
const uint8_t * | rsa_id_digest | ||
) |
void or_handshake_certs_check_both | ( | int | severity, |
or_handshake_certs_t * | certs, | ||
tor_tls_t * | tls, | ||
time_t | now, | ||
const ed25519_public_key_t ** | ed_id_out, | ||
const common_digests_t ** | rsa_id_out | ||
) |
int or_handshake_certs_ed25519_ok | ( | int | severity, |
or_handshake_certs_t * | certs, | ||
tor_tls_t * | tls, | ||
time_t | now | ||
) |
Check all the ed25519 certificates in certs against each other, and against the peer certificate in tls if appropriate. On success, return 0; on failure, return a negative value and warn at level severity
Definition at line 541 of file torcert.c.
Referenced by or_handshake_certs_check_both().
void or_handshake_certs_free_ | ( | or_handshake_certs_t * | certs | ) |
or_handshake_certs_t * or_handshake_certs_new | ( | void | ) |
int or_handshake_certs_rsa_ok | ( | int | severity, |
or_handshake_certs_t * | certs, | ||
tor_tls_t * | tls, | ||
time_t | now | ||
) |
int rsa_ed25519_crosscert_check | ( | const uint8_t * | crosscert, |
const size_t | crosscert_len, | ||
const crypto_pk_t * | rsa_id_key, | ||
const ed25519_public_key_t * | master_key, | ||
const time_t | reject_if_expired_before | ||
) |
Check whether the crosscert_len byte certificate in crosscert is in fact a correct cross-certification of master_key using the RSA key rsa_id_key.
Also reject the certificate if it expired before reject_if_expired_before.
Return 0 on success, negative on failure.
int tor_cert_checksig | ( | tor_cert_t * | cert, |
const ed25519_public_key_t * | pubkey, | ||
time_t | now | ||
) |
tor_cert_t * tor_cert_create_ed25519 | ( | const ed25519_keypair_t * | signing_key, |
uint8_t | cert_type, | ||
const ed25519_public_key_t * | signed_key, | ||
time_t | now, | ||
time_t | lifetime, | ||
uint32_t | flags | ||
) |
Create and return a new new certificate of type cert_type to authenticate signed_key using the key signing_key. The certificate should remain valid for at least lifetime seconds after now.
If CERT_FLAG_INCLUDE_SIGNING_KEY is set in flags, embed the public part of signing_key in the certificate.
Definition at line 131 of file torcert.c.
Referenced by make_ntor_onion_key_crosscert(), and setup_desc_intro_point().
tor_cert_t * tor_cert_create_raw | ( | const ed25519_keypair_t * | signing_key, |
uint8_t | cert_type, | ||
uint8_t | signed_key_type, | ||
const uint8_t | signed_key_info[32], | ||
time_t | now, | ||
time_t | lifetime, | ||
uint32_t | flags | ||
) |
As tor_cert_create(), but accept an arbitrary signed_key_type as the subject key – not just an ed25519 key.
Definition at line 44 of file torcert.c.
Referenced by tor_cert_create_ed25519().
const char * tor_cert_describe_signature_status | ( | const tor_cert_t * | cert | ) |
tor_cert_t * tor_cert_dup | ( | const tor_cert_t * | cert | ) |
int tor_cert_encode_ed22519 | ( | const tor_cert_t * | cert, |
char ** | cert_str_out | ||
) |
int tor_cert_eq | ( | const tor_cert_t * | cert1, |
const tor_cert_t * | cert2 | ||
) |
Return true iff cert1 and cert2 are the same cert.
Definition at line 304 of file torcert.c.
Referenced by tor_cert_opt_eq().
void tor_cert_free_ | ( | tor_cert_t * | cert | ) |
int tor_cert_get_checkable_sig | ( | ed25519_checkable_t * | checkable_out, |
const tor_cert_t * | cert, | ||
const ed25519_public_key_t * | pubkey, | ||
time_t * | expiration_out | ||
) |
int tor_cert_opt_eq | ( | const tor_cert_t * | cert1, |
const tor_cert_t * | cert2 | ||
) |
Return true iff cert1 and cert2 are the same cert, or if they are both NULL.
Definition at line 315 of file torcert.c.
Referenced by routerinfo_incompatible_with_extrainfo().
tor_cert_t * tor_cert_parse | ( | const uint8_t * | encoded, |
const size_t | len | ||
) |
Parse a certificate encoded with len bytes in encoded.
Definition at line 159 of file torcert.c.
Referenced by cert_parse_and_validate().
ssize_t tor_make_rsa_ed25519_crosscert | ( | const ed25519_public_key_t * | ed_key, |
const crypto_pk_t * | rsa_key, | ||
time_t | expires, | ||
uint8_t ** | cert | ||
) |