25 #include "trunnel/link_handshake.h"
41 const uint8_t *cert_encoded,
45 certs_cell_cert_t *ccc = certs_cell_cert_new();
46 ccc->cert_type = cert_type;
47 ccc->cert_len = cert_len;
48 certs_cell_cert_setlen_body(ccc, cert_len);
49 memcpy(certs_cell_cert_getarray_body(ccc), cert_encoded, cert_len);
51 certs_cell_add_certs(certs_cell, ccc);
61 const tor_x509_cert_t *cert)
66 const uint8_t *cert_encoded = NULL;
89 int certs_cell_ed25519_disabled_for_testing = 0;
91 #define certs_cell_ed25519_disabled_for_testing 0
99 const tor_x509_cert_t *global_link_cert = NULL, *id_cert = NULL;
100 tor_x509_cert_t *own_link_cert = NULL;
103 certs_cell_t *certs_cell = NULL;
114 &global_link_cert, &id_cert) < 0)
117 if (conn_in_server_mode) {
122 certs_cell = certs_cell_new();
125 if (conn_in_server_mode) {
126 tor_assert_nonfatal(own_link_cert);
142 get_master_signing_key_cert());
143 if (conn_in_server_mode) {
145 certs_cell_ed25519_disabled_for_testing);
147 CERTTYPE_ED_SIGN_LINK,
151 CERTTYPE_ED_SIGN_AUTH,
152 get_current_auth_key_cert());
157 const uint8_t *crosscert=NULL;
158 size_t crosscert_len;
159 get_master_rsa_crosscert(&crosscert, &crosscert_len);
162 CERTTYPE_RSA1024_ID_EDID,
163 crosscert, crosscert_len);
168 certs_cell->n_certs = certs_cell_getlen_certs(certs_cell);
170 ssize_t alloc_len = certs_cell_encoded_len(certs_cell);
171 tor_assert(alloc_len >= 0 && alloc_len <= UINT16_MAX);
174 ssize_t enc_len = certs_cell_encode(cell->
payload, alloc_len, certs_cell);
175 tor_assert(enc_len > 0 && enc_len <= alloc_len);
180 certs_cell_free(certs_cell);
181 tor_x509_cert_free(own_link_cert);
186 #ifdef TOR_UNIT_TESTS
187 int testing__connection_or_pretend_TLSSECRET_is_supported = 0;
189 #define testing__connection_or_pretend_TLSSECRET_is_supported 0
197 switch (challenge_type) {
199 #ifdef HAVE_WORKING_TOR_TLS_GET_TLSSECRETS
202 return testing__connection_or_pretend_TLSSECRET_is_supported;
216 uint16_t challenge_type_b)
226 return (challenge_type_a > challenge_type_b);
241 auth_challenge_cell_t *ac = auth_challenge_cell_new();
244 crypto_rand((
char*)ac->challenge,
sizeof(ac->challenge));
253 auth_challenge_cell_set_n_methods(ac,
254 auth_challenge_cell_getlen_methods(ac));
256 cell =
var_cell_new(auth_challenge_cell_encoded_len(ac));
261 log_warn(
LD_BUG,
"Encoded auth challenge cell length not as expected");
265 cell->
command = CELL_AUTH_CHALLENGE;
272 auth_challenge_cell_free(ac);
302 auth1_t *auth = NULL;
303 auth_ctx_t *ctx = auth_ctx_new();
305 int old_tlssecrets_algorithm = 0;
306 const char *authtype_str = NULL;
313 authtype_str =
"AUTH0001";
314 old_tlssecrets_algorithm = 1;
317 authtype_str =
"AUTH0002";
320 authtype_str =
"AUTH0003";
332 memcpy(auth1_getarray_type(auth), authtype_str, 8);
335 const tor_x509_cert_t *id_cert=NULL;
337 const uint8_t *my_id, *their_id, *client_id, *server_id;
345 my_id = (uint8_t*)my_digests->
d[DIGEST_SHA256];
346 their_id = (uint8_t*)their_digests->
d[DIGEST_SHA256];
348 client_id = server ? their_id : my_id;
349 server_id = server ? my_id : their_id;
352 memcpy(auth->cid, client_id, 32);
355 memcpy(auth->sid, server_id, 32);
361 log_warn(
LD_OR,
"Ed authenticate without Ed ID cert from peer.");
364 my_ed_id = get_master_identity_key();
367 const uint8_t *cid_ed = (server ? their_ed_id : my_ed_id)->pubkey;
368 const uint8_t *sid_ed = (server ? my_ed_id : their_ed_id)->pubkey;
393 tor_x509_cert_t *cert = NULL;
400 log_warn(
LD_OR,
"Unable to find cert when making %s data.",
408 tor_x509_cert_free(cert);
412 if (old_tlssecrets_algorithm) {
414 log_fn(LOG_PROTOCOL_WARN,
LD_OR,
"Somebody asked us for an older TLS "
415 "authentication method (AUTHTYPE_RSA_SHA256_TLSSECRET) "
416 "which we don't support.");
421 "EXPORTER FOR TOR TLS CLIENT BINDING %s", authtype_str);
423 auth->cid,
sizeof(auth->cid),
427 log_warn(
LD_BUG,
"TLS key export failed for unknown reason.");
438 ssize_t maxlen = auth1_encoded_len(auth, ctx);
439 if (ed_signing_key && is_ed) {
441 }
else if (signing_key && !is_ed) {
445 const int AUTH_CELL_HEADER_LEN = 4;
447 uint8_t *
const out = result->
payload + AUTH_CELL_HEADER_LEN;
448 const size_t outlen = maxlen;
451 result->
command = CELL_AUTHENTICATE;
454 if ((len = auth1_encode(out, outlen, auth, ctx)) < 0) {
456 log_warn(
LD_BUG,
"Unable to encode signed part of AUTH1 data.");
463 ssize_t len2 = auth1_parse(&tmp, out, len, ctx);
466 log_warn(
LD_BUG,
"Unable to parse signed part of AUTH1 data that "
476 log_warn(
LD_BUG,
"Mismatched length when re-parsing AUTH1 data.");
483 if (ed_signing_key && is_ed) {
487 log_warn(
LD_BUG,
"Unable to sign ed25519 authentication data");
494 }
else if (signing_key && !is_ed) {
500 (
char*)auth1_getarray_sig(auth),
501 auth1_getlen_sig(auth),
504 log_warn(
LD_OR,
"Unable to sign AUTH1 data.");
508 auth1_setlen_sig(auth, siglen);
511 len = auth1_encode(out, outlen, auth, ctx);
514 log_warn(
LD_BUG,
"Unable to encode signed AUTH1 data.");
518 tor_assert(len + AUTH_CELL_HEADER_LEN <= result->payload_len);
525 var_cell_free(result);
543 log_warn(
LD_BUG,
"Can't compute authenticate cell: no client auth key");
547 log_warn(
LD_BUG,
"Tried to send authenticate cell with unknown "
548 "authentication type %d", authtype);
555 get_current_auth_keypair(),
558 log_fn(LOG_PROTOCOL_WARN,
LD_NET,
"Unable to compute authenticate cell!");