Commit 818e6f93 authored by Nick Mathewson's avatar Nick Mathewson 🥔
Browse files

prop220: Implement certificates and key storage/creation

For prop220, we have a new ed25519 certificate type. This patch
implements the code to create, parse, and validate those, along with
code for routers to maintain their own sets of certificates and
keys.  (Some parts of master identity key encryption are done, but
the implementation of that isn't finished)
parent a9720b90
Loading
Loading
Loading
Loading
+10 −0
Original line number Diff line number Diff line
@@ -351,3 +351,13 @@ ed25519_pubkey_read_from_file(ed25519_public_key_t *pubkey_out,
  return 0;
}

void
ed25519_keypair_free(ed25519_keypair_t *kp)
{
  if (! kp)
    return;

  memwipe(kp, 0, sizeof(*kp));
  tor_free(kp);
}
+4 −1
Original line number Diff line number Diff line
@@ -6,6 +6,7 @@

#include "testsupport.h"
#include "torint.h"
#include "crypto_curve25519.h"

#define ED25519_PUBKEY_LEN 32
#define ED25519_SECKEY_LEN 64
@@ -60,7 +61,7 @@ int ed25519_checksig(const ed25519_signature_t *signature,
 */
typedef struct {
  /** The public key that supposedly generated the signature. */
  ed25519_public_key_t *pubkey;
  const ed25519_public_key_t *pubkey;
  /** The signature to check. */
  ed25519_signature_t signature;
  /** The message that the signature is supposed to have been applied to. */
@@ -109,5 +110,7 @@ int ed25519_pubkey_read_from_file(ed25519_public_key_t *pubkey_out,
                                  char **tag_out,
                                  const char *filename);

void ed25519_keypair_free(ed25519_keypair_t *kp);

#endif
+4 −0
Original line number Diff line number Diff line
@@ -61,6 +61,10 @@ char *options_get_datadir_fname2_suffix(const or_options_t *options,
 * get_datadir_fname2_suffix.  */
#define get_datadir_fname2(sub1,sub2) \
  get_datadir_fname2_suffix((sub1), (sub2), NULL)
/** Return a newly allocated string containing datadir/sub1/sub2 relative to
 * opts.  See get_datadir_fname2_suffix.  */
#define options_get_datadir_fname2(opts,sub1,sub2)                      \
  options_get_datadir_fname2_suffix((opts),(sub1), (sub2), NULL)
/** Return a newly allocated string containing datadir/sub1suffix.  See
 * get_datadir_fname2_suffix. */
#define get_datadir_fname_suffix(sub1, suffix) \
+9 −4
Original line number Diff line number Diff line
@@ -71,12 +71,14 @@ LIBTOR_A_SOURCES = \
	src/or/rephist.c				\
	src/or/replaycache.c				\
	src/or/router.c					\
	src/or/routerkeys.c				\
	src/or/routerlist.c				\
	src/or/routerparse.c				\
	src/or/routerset.c				\
	src/or/scheduler.c				\
	src/or/statefile.c				\
	src/or/status.c					\
	src/or/torcert.c				\
	src/or/onion_ntor.c				\
	$(evdns_source)					\
	$(tor_platform_source)				\
@@ -87,7 +89,7 @@ src_or_libtor_testing_a_SOURCES = $(LIBTOR_A_SOURCES)

#libtor_a_LIBADD = ../common/libor.a ../common/libor-crypto.a \
#	../common/libor-event.a

#src_or_libtor_a_LIBADD = src/trunnel/libor-trunnel.a

src_or_tor_SOURCES = src/or/tor_main.c
AM_CPPFLAGS += -I$(srcdir)/src/or -Isrc/or
@@ -109,7 +111,7 @@ src_or_libtor_testing_a_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS)
src_or_tor_LDFLAGS = @TOR_LDFLAGS_zlib@ @TOR_LDFLAGS_openssl@ @TOR_LDFLAGS_libevent@
src_or_tor_LDADD = src/or/libtor.a src/common/libor.a \
	src/common/libor-crypto.a $(LIBDONNA) \
	src/common/libor-event.a \
	src/common/libor-event.a src/trunnel/libor-trunnel.a \
	@TOR_ZLIB_LIBS@ @TOR_LIB_MATH@ @TOR_LIBEVENT_LIBS@ @TOR_OPENSSL_LIBS@ \
	@TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ @TOR_SYSTEMD_LIBS@

@@ -120,7 +122,7 @@ src_or_tor_cov_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS)
src_or_tor_cov_LDFLAGS = @TOR_LDFLAGS_zlib@ @TOR_LDFLAGS_openssl@ @TOR_LDFLAGS_libevent@
src_or_tor_cov_LDADD = src/or/libtor-testing.a src/common/libor-testing.a \
	src/common/libor-crypto-testing.a $(LIBDONNA) \
	src/common/libor-event-testing.a \
	src/common/libor-event-testing.a src/trunnel/libor-trunnel-testing.a \
	@TOR_ZLIB_LIBS@ @TOR_LIB_MATH@ @TOR_LIBEVENT_LIBS@ @TOR_OPENSSL_LIBS@ \
	@TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ @TOR_SYSTEMD_LIBS@
TESTING_TOR_BINARY = ./src/or/tor-cov
@@ -180,12 +182,15 @@ ORHEADERS = \
	src/or/rephist.h				\
	src/or/replaycache.h				\
	src/or/router.h					\
	src/or/routerkeys.h				\
	src/or/routerlist.h				\
	src/or/routerkeys.h				\
	src/or/routerset.h				\
	src/or/routerparse.h				\
	src/or/scheduler.h				\
	src/or/statefile.h				\
	src/or/status.h
	src/or/status.h					\
	src/or/torcert.h

noinst_HEADERS+= $(ORHEADERS) micro-revision.i

+2 −0
Original line number Diff line number Diff line
@@ -51,6 +51,7 @@
#include "rendservice.h"
#include "rephist.h"
#include "router.h"
#include "routerkeys.h"
#include "routerlist.h"
#include "routerparse.h"
#include "scheduler.h"
@@ -2648,6 +2649,7 @@ tor_free_all(int postfork)
    config_free_all();
    or_state_free_all();
    router_free_all();
    routerkeys_free_all();
    policies_free_all();
  }
  if (!postfork) {
Loading