Add trunnel-generated items for link handshake code.

This includes the link handshake variations for proposal220. We'll use this for testing first, and then use it to extend our current code to support prop220.

Add trunnel-generated items for link handshake code.
df05e195 · Nick Mathewson · 24b720a9 · df05e195 · df05e195 · df05e195
Commit df05e195 authored 10 years ago by Nick Mathewson
--- a/scripts/codegen/run_trunnel.sh
+++ b/scripts/codegen/run_trunnel.sh
@@ -5,7 +5,7 @@ if test "x$TRUNNEL_PATH" != "x"; then
  export PYTHONPATH
 fi

-python -m trunnel --require-version=1.2 ./src/trunnel/*.trunnel
+python -m trunnel --require-version=1.4 ./src/trunnel/*.trunnel

-python -m trunnel --require-version=1.2 --write-c-files --target-dir=./src/ext/trunnel/
+python -m trunnel --require-version=1.4 --write-c-files --target-dir=./src/ext/trunnel/

--- a/src/trunnel/include.am
+++ b/src/trunnel/include.am
@@ -11,11 +11,13 @@ AM_CPPFLAGS += -I$(srcdir)/src/ext/trunnel -I$(srcdir)/src/trunnel

 TRUNNELINPUTS = \
 	src/trunnel/ed25519_cert.trunnel \
+	src/trunnel/link_handshake.trunnel \
 	src/trunnel/pwbox.trunnel

 TRUNNELSOURCES = \
 	src/ext/trunnel/trunnel.c \
 	src/trunnel/ed25519_cert.c \
+	src/trunnel/link_handshake.c \
 	src/trunnel/pwbox.c

 TRUNNELHEADERS = \
@@ -23,6 +25,7 @@ TRUNNELHEADERS = \
 	src/ext/trunnel/trunnel-impl.h		\
 	src/trunnel/trunnel-local.h 		\
 	src/trunnel/ed25519_cert.h		\
+	src/trunnel/link_handshake.h	 	\
 	src/trunnel/pwbox.h

 src_trunnel_libor_trunnel_a_SOURCES = $(TRUNNELSOURCES)

--- a/src/trunnel/link_handshake.c
+++ b/src/trunnel/link_handshake.c
--- a/src/trunnel/link_handshake.h
+++ b/src/trunnel/link_handshake.h
--- a/src/trunnel/link_handshake.trunnel
+++ b/src/trunnel/link_handshake.trunnel
+
+struct certs_cell {
+  u8 n_certs;
+  struct certs_cell_cert certs[n_certs];
+}
+
+const CERTTYPE_RSA1024_ID_LINK = 1;
+const CERTTYPE_RSA1024_ID_ID   = 2;
+const CERTTYPE_RSA1024_ID_AUTH = 3;
+const CERTTYPE_ED_ID_SIGN      = 4;
+const CERTTYPE_ED_SIGN_LINK    = 5;
+const CERTTYPE_ED_SIGN_AUTH    = 6;
+const CERTTYPE_RSA1024_ID_EDID = 7;
+
+struct certs_cell_cert {
+  u8 cert_type;
+  u16 cert_len;
+  u8 body[cert_len];
+}
+
+struct rsa_ed_crosscert {
+  u8 ed_key[32];
+  u32 expiration;
+  @ptr end_of_signed;
+  u8 sig_len;
+  u8 sig[sig_len]; // mismatches spec.
+}
+
+struct auth_challenge_cell {
+  u8 challenge[32];
+  u16 n_methods;
+  u16 methods[n_methods];
+}
+
+context auth_ctx {
+  u8 is_ed;
+}
+
+struct auth1 with context auth_ctx {
+  u8 type[8];
+  u8 cid[32];
+  u8 sid[32];
+  union u1[auth_ctx.is_ed] {
+    0 : ;
+    1 : u8 cid_ed[32];
+        u8 sid_ed[32];
+    default: fail;
+  };
+  u8 slog[32];
+  u8 clog[32];
+  u8 scert[32];
+  u8 tlssecrets[32];
+  @ptr end_of_fixed_part;
+  u8 rand[24];
+  @ptr end_of_signed;
+  u8 sig[];
+}