9 #ifndef TORCERT_H_INCLUDED
10 #define TORCERT_H_INCLUDED
14 #define SIGNED_KEY_TYPE_ED25519 0x01
15 #define SIGNED_KEY_TYPE_SHA256_OF_RSA 0x02
16 #define SIGNED_KEY_TYPE_SHA256_OF_X509 0x03
18 #define CERT_TYPE_ID_SIGNING 0x04
19 #define CERT_TYPE_SIGNING_LINK 0x05
20 #define CERT_TYPE_SIGNING_AUTH 0x06
21 #define CERT_TYPE_SIGNING_HS_DESC 0x08
22 #define CERT_TYPE_AUTH_HS_IP_KEY 0x09
23 #define CERT_TYPE_ONION_ID 0x0A
24 #define CERT_TYPE_CROSS_HS_IP_KEYS 0x0B
26 #define CERT_FLAG_INCLUDE_SIGNING_KEY 0x1
30 typedef struct tor_cert_st {
64 time_t now, time_t lifetime,
68 uint8_t signed_key_type,
69 const uint8_t signed_key_info[32],
70 time_t now, time_t lifetime,
76 #define tor_cert_free(cert) FREE_AND_NULL(tor_cert_t, tor_cert_free_, (cert))
81 time_t *expiration_out);
97 const size_t crosscert_len,
100 const time_t reject_if_expired_before));
104 #define or_handshake_certs_free(certs) \
105 FREE_AND_NULL(or_handshake_certs_t, or_handshake_certs_free_, (certs))
106 int or_handshake_certs_rsa_ok(
int severity,
121 int tor_cert_encode_ed22519(
const tor_cert_t *cert,
char **cert_str_out);
127 const uint8_t *rsa_id_digest));
Header for crypto_ed25519.c.
ed25519_public_key_t signing_key
ed25519_public_key_t signed_key
unsigned signing_key_included
#define MOCK_DECL(rv, funcname, arglist)
void tor_cert_free_(tor_cert_t *cert)
ssize_t tor_make_rsa_ed25519_crosscert(const ed25519_public_key_t *ed_key, const crypto_pk_t *rsa_key, time_t expires, uint8_t **cert)
int rsa_ed25519_crosscert_check(const uint8_t *crosscert, const size_t crosscert_len, const crypto_pk_t *rsa_id_key, const ed25519_public_key_t *master_key, const time_t reject_if_expired_before)
or_handshake_certs_t * or_handshake_certs_new(void)
void or_handshake_certs_free_(or_handshake_certs_t *certs)
int tor_cert_checksig(tor_cert_t *cert, const ed25519_public_key_t *pubkey, time_t now)
int tor_cert_opt_eq(const tor_cert_t *cert1, const tor_cert_t *cert2)
tor_cert_t * tor_cert_create_raw(const ed25519_keypair_t *signing_key, uint8_t cert_type, uint8_t signed_key_type, const uint8_t signed_key_info[32], time_t now, time_t lifetime, uint32_t flags)
int tor_cert_eq(const tor_cert_t *cert1, const tor_cert_t *cert2)
const char * tor_cert_describe_signature_status(const tor_cert_t *cert)
tor_cert_t * tor_cert_dup(const tor_cert_t *cert)
int tor_cert_get_checkable_sig(ed25519_checkable_t *checkable_out, const tor_cert_t *out, const ed25519_public_key_t *pubkey, time_t *expiration_out)
int check_tap_onion_key_crosscert(const uint8_t *crosscert, int crosscert_len, const crypto_pk_t *onion_pkey, const ed25519_public_key_t *master_id_pkey, const uint8_t *rsa_id_digest)
void or_handshake_certs_check_both(int severity, or_handshake_certs_t *certs, struct tor_tls_t *tls, time_t now, const ed25519_public_key_t **ed_id_out, const common_digests_t **rsa_id_out)
int or_handshake_certs_ed25519_ok(int severity, or_handshake_certs_t *certs, struct tor_tls_t *tls, time_t now)
tor_cert_t * tor_cert_parse(const uint8_t *cert, size_t certlen)
tor_cert_t * tor_cert_create_ed25519(const ed25519_keypair_t *signing_key, uint8_t cert_type, const ed25519_public_key_t *signed_key, time_t now, time_t lifetime, uint32_t flags)