Tor  0.4.7.0-alpha-dev
routerkeys.h
Go to the documentation of this file.
1 /* Copyright (c) 2014-2021, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
3 
4 /**
5  * @file routerkeys.h
6  * @brief Header for routerkeys.c
7  **/
8 
9 #ifndef TOR_ROUTERKEYS_H
10 #define TOR_ROUTERKEYS_H
11 
12 #include "lib/crypt_ops/crypto_ed25519.h"
13 
14 #ifdef HAVE_MODULE_RELAY
15 
16 const ed25519_public_key_t *get_master_identity_key(void);
17 MOCK_DECL(const ed25519_keypair_t *, get_master_signing_keypair,(void));
18 MOCK_DECL(const struct tor_cert_st *, get_master_signing_key_cert,(void));
19 
20 const ed25519_keypair_t *get_current_auth_keypair(void);
21 const struct tor_cert_st *get_current_link_cert_cert(void);
22 const struct tor_cert_st *get_current_auth_key_cert(void);
23 
24 void get_master_rsa_crosscert(const uint8_t **cert_out,
25  size_t *size_out);
26 
27 int router_ed25519_id_is_me(const ed25519_public_key_t *id);
28 
29 /* These are only used by router.c */
30 struct tor_cert_st *make_ntor_onion_key_crosscert(
31  const curve25519_keypair_t *onion_key,
32  const ed25519_public_key_t *master_id_key,
33  time_t now, time_t lifetime,
34  int *sign_out);
35 uint8_t *make_tap_onion_key_crosscert(const crypto_pk_t *onion_key,
36  const ed25519_public_key_t *master_id_key,
37  const crypto_pk_t *rsa_id_key,
38  int *len_out);
39 
40 int log_cert_expiration(void);
41 int load_ed_keys(const or_options_t *options, time_t now);
42 int should_make_new_ed_keys(const or_options_t *options, const time_t now);
43 
44 int generate_ed_link_cert(const or_options_t *options, time_t now, int force);
45 
46 void routerkeys_free_all(void);
47 
48 #else /* !defined(HAVE_MODULE_RELAY) */
49 
50 #define router_ed25519_id_is_me(id) \
51  ((void)(id), 0)
52 
53 static inline void *
54 relay_key_is_unavailable_(void)
55 {
56  tor_assert_nonfatal_unreached();
57  return NULL;
58 }
59 #define relay_key_is_unavailable(type) \
60  ((type)(relay_key_is_unavailable_()))
61 
62 // Many of these can be removed once relay_handshake.c is relay-only.
63 #define get_current_auth_keypair() \
64  relay_key_is_unavailable(const ed25519_keypair_t *)
65 #define get_master_signing_keypair() \
66  relay_key_is_unavailable(const ed25519_keypair_t *)
67 #define get_current_link_cert_cert() \
68  relay_key_is_unavailable(const struct tor_cert_st *)
69 #define get_current_auth_key_cert() \
70  relay_key_is_unavailable(const struct tor_cert_st *)
71 #define get_master_signing_key_cert() \
72  relay_key_is_unavailable(const struct tor_cert_st *)
73 #define get_master_rsa_crosscert(cert_out, size_out) \
74  STMT_BEGIN \
75  tor_assert_nonfatal_unreached(); \
76  *(cert_out) = NULL; \
77  *(size_out) = 0; \
78  STMT_END
79 #define get_master_identity_key() \
80  relay_key_is_unavailable(const ed25519_public_key_t *)
81 
82 #define generate_ed_link_cert(options, now, force) \
83  ((void)(options), (void)(now), (void)(force), 0)
84 #define should_make_new_ed_keys(options, now) \
85  ((void)(options), (void)(now), 0)
86 
87 // These can get removed once router.c becomes relay-only.
88 static inline struct tor_cert_st *
89 make_ntor_onion_key_crosscert(const curve25519_keypair_t *onion_key,
90  const ed25519_public_key_t *master_id_key,
91  time_t now, time_t lifetime,
92  int *sign_out)
93 {
94  (void)onion_key;
95  (void)master_id_key;
96  (void)now;
97  (void)lifetime;
98  *sign_out = 0;
99  tor_assert_nonfatal_unreached();
100  return NULL;
101 }
102 static inline uint8_t *
103 make_tap_onion_key_crosscert(const crypto_pk_t *onion_key,
104  const ed25519_public_key_t *master_id_key,
105  const crypto_pk_t *rsa_id_key,
106  int *len_out)
107 {
108  (void)onion_key;
109  (void)master_id_key;
110  (void)rsa_id_key;
111  *len_out = 0;
112  tor_assert_nonfatal_unreached();
113  return NULL;
114 }
115 
116 /* This calls is used outside of relay mode, but only to implement
117  * CMD_KEY_EXPIRATION */
118 #define log_cert_expiration() \
119  (puts("Not available: Tor has been compiled without relay support"), 0)
120 /* This calls is used outside of relay mode, but only to implement
121  * CMD_KEYGEN. */
122 #define load_ed_keys(x,y) \
123  (puts("Not available: Tor has been compiled without relay support"), 0)
124 
125 #endif /* defined(HAVE_MODULE_RELAY) */
126 
127 #ifdef TOR_UNIT_TESTS
128 const ed25519_keypair_t *get_master_identity_keypair(void);
129 void init_mock_ed_keys(const crypto_pk_t *rsa_identity_key);
130 #endif
131 
132 #endif /* !defined(TOR_ROUTERKEYS_H) */
crypto_ed25519.h
Header for crypto_ed25519.c.
load_ed_keys
int load_ed_keys(const or_options_t *options, time_t now)
Definition: routerkeys.c:55
should_make_new_ed_keys
int should_make_new_ed_keys(const or_options_t *options, const time_t now)
Definition: routerkeys.c:419
router_ed25519_id_is_me
int router_ed25519_id_is_me(const ed25519_public_key_t *id)
Definition: routerkeys.c:631
make_tap_onion_key_crosscert
uint8_t * make_tap_onion_key_crosscert(const crypto_pk_t *onion_key, const ed25519_public_key_t *master_id_key, const crypto_pk_t *rsa_id_key, int *len_out)
Definition: routerkeys.c:712
log_cert_expiration
int log_cert_expiration(void)
Definition: routerkeys.c:606
generate_ed_link_cert
int generate_ed_link_cert(const or_options_t *options, time_t now, int force)
Definition: routerkeys.c:365
make_ntor_onion_key_crosscert
tor_cert_t * make_ntor_onion_key_crosscert(const curve25519_keypair_t *onion_key, const ed25519_public_key_t *master_id_key, time_t now, time_t lifetime, int *sign_out)
Definition: routerkeys.c:689
crypto_pk_t
Definition: crypto_rsa_nss.c:37
curve25519_keypair_t
Definition: crypto_curve25519.h:38
ed25519_keypair_t
Definition: crypto_ed25519.h:39
ed25519_public_key_t
Definition: crypto_ed25519.h:23
or_options_t
Definition: or_options_st.h:64
MOCK_DECL
#define MOCK_DECL(rv, funcname, arglist)
Definition: testsupport.h:127
tor_assert_nonfatal_unreached
#define tor_assert_nonfatal_unreached()
Definition: util_bug.h:176
Generated by doxygen 1.9.1