Commit 5b3dd161 authored by Nick Mathewson's avatar Nick Mathewson 🥔
Browse files

Wrangle curve25519 onion keys: generate, store, load, publish, republish 

Here we try to handle curve25519 onion keys from generating them,
loading and storing them, publishing them in our descriptors, putting
them in microdescriptors, and so on.

This commit is untested and probably buggy like whoa
parent 6c883bc6

src/or/dirserv.c

+2 −1
Original line number Diff line number Diff line
@@ -74,7 +74,8 @@ static const struct consensus_method_range_t { 
} microdesc_consensus_methods[] = {

  {MIN_METHOD_FOR_MICRODESC, MIN_METHOD_FOR_A_LINES - 1},

  {MIN_METHOD_FOR_A_LINES, MIN_METHOD_FOR_P6_LINES - 1},

  {MIN_METHOD_FOR_P6_LINES, MAX_SUPPORTED_CONSENSUS_METHOD},

  {MIN_METHOD_FOR_P6_LINES, MIN_METHOD_FOR_NTOR_KEY - 1},

  {MIN_METHOD_FOR_NTOR_KEY, MAX_SUPPORTED_CONSENSUS_METHOD},

  {-1, -1}

};

src/or/dirvote.c

+9 −0
Original line number Diff line number Diff line
@@ -3554,6 +3554,15 @@ dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method) 


  smartlist_add_asprintf(chunks, "onion-key\n%s", key);



  if (consensus_method >= MIN_METHOD_FOR_NTOR_KEY &&

      ri->onion_curve25519_pkey) {

    char kbuf[128];

    base64_encode(kbuf, sizeof(kbuf),

                  (const char*)ri->onion_curve25519_pkey->public_key,

                  CURVE25519_PUBKEY_LEN);

    smartlist_add_asprintf(chunks, "ntor-onion-key %s", kbuf);

  }



  if (consensus_method >= MIN_METHOD_FOR_A_LINES &&

      !tor_addr_is_null(&ri->ipv6_addr) && ri->ipv6_orport)

    smartlist_add_asprintf(chunks, "a %s\n",

src/or/dirvote.h

+5 −1
Original line number Diff line number Diff line
@@ -20,7 +20,7 @@ 
#define MIN_VOTE_INTERVAL 300



/** The highest consensus method that we currently support. */

#define MAX_SUPPORTED_CONSENSUS_METHOD 15

#define MAX_SUPPORTED_CONSENSUS_METHOD 16



/** Lowest consensus method that contains a 'directory-footer' marker */

#define MIN_METHOD_FOR_FOOTER 9
@@ -48,6 +48,10 @@ 
/** Lowest consensus method where microdescs may include a "p6" line. */

#define MIN_METHOD_FOR_P6_LINES 15



/** Lowest consensus method where microdescs may include an onion-key-ntor

 * line */

#define MIN_METHOD_FOR_NTOR_KEY 16



void dirvote_free_all(void);



/* vote manipulation */

src/or/microdesc.c

+1 −0
Original line number Diff line number Diff line
@@ -575,6 +575,7 @@ microdesc_free(microdesc_t *md) 


  if (md->onion_pkey)

    crypto_pk_free(md->onion_pkey);

  tor_free(md->onion_curve25519_pkey);

  if (md->body && md->saved_location != SAVED_IN_CACHE)

    tor_free(md->body);

src/or/or.h

+5 −0
Original line number Diff line number Diff line
@@ -99,6 +99,7 @@ 
#include "compat_libevent.h"

#include "ht.h"

#include "replaycache.h"

#include "crypto_curve25519.h"



/* These signals are defined to help handle_control_signal work.

 */
@@ -1893,6 +1894,8 @@ typedef struct { 


  crypto_pk_t *onion_pkey; /**< Public RSA key for onions. */

  crypto_pk_t *identity_pkey;  /**< Public RSA key for signing. */

  /** Public curve25519 key for onions */

  curve25519_public_key_t *onion_curve25519_pkey;



  char *platform; /**< What software/operating system is this OR using? */
@@ -2106,6 +2109,8 @@ typedef struct microdesc_t { 


  /** As routerinfo_t.onion_pkey */

  crypto_pk_t *onion_pkey;

  /** As routerinfo_t.onion_curve25519_pkey */

  curve25519_public_key_t *onion_curve25519_pkey;

  /** As routerinfo_t.ipv6_add */

  tor_addr_t ipv6_addr;

  /** As routerinfo_t.ipv6_orport */