Merge branch 'extract_routerkeys_squashed'

This commit is contained in:
Nick Mathewson 2020-02-20 10:41:12 -05:00
commit 66bbdadbbe
9 changed files with 746 additions and 551 deletions

View File

@ -143,10 +143,8 @@ problem function-size /src/core/or/connection_edge.c:connection_exit_connect() 1
problem dependency-violation /src/core/or/connection_edge.c 27 problem dependency-violation /src/core/or/connection_edge.c 27
problem dependency-violation /src/core/or/connection_edge.h 1 problem dependency-violation /src/core/or/connection_edge.h 1
problem file-size /src/core/or/connection_or.c 3122 problem file-size /src/core/or/connection_or.c 3122
problem include-count /src/core/or/connection_or.c 51
problem function-size /src/core/or/connection_or.c:connection_or_group_set_badness_() 105 problem function-size /src/core/or/connection_or.c:connection_or_group_set_badness_() 105
problem function-size /src/core/or/connection_or.c:connection_or_client_learned_peer_id() 142 problem function-size /src/core/or/connection_or.c:connection_or_client_learned_peer_id() 142
problem function-size /src/core/or/connection_or.c:connection_or_compute_authenticate_cell_body() 231
problem dependency-violation /src/core/or/connection_or.c 20 problem dependency-violation /src/core/or/connection_or.c 20
problem dependency-violation /src/core/or/dos.c 6 problem dependency-violation /src/core/or/dos.c 6
problem dependency-violation /src/core/or/onion.c 2 problem dependency-violation /src/core/or/onion.c 2
@ -160,6 +158,7 @@ problem dependency-violation /src/core/or/policies.c 14
problem function-size /src/core/or/protover.c:protover_all_supported() 117 problem function-size /src/core/or/protover.c:protover_all_supported() 117
problem dependency-violation /src/core/or/reasons.c 2 problem dependency-violation /src/core/or/reasons.c 2
problem file-size /src/core/or/relay.c 3264 problem file-size /src/core/or/relay.c 3264
problem dependency-violation /src/core/or/relay_handshake.c 5
problem function-size /src/core/or/relay.c:circuit_receive_relay_cell() 127 problem function-size /src/core/or/relay.c:circuit_receive_relay_cell() 127
problem function-size /src/core/or/relay.c:relay_send_command_from_edge_() 109 problem function-size /src/core/or/relay.c:relay_send_command_from_edge_() 109
problem function-size /src/core/or/relay.c:connection_ap_process_end_not_open() 192 problem function-size /src/core/or/relay.c:connection_ap_process_end_not_open() 192
@ -275,6 +274,7 @@ problem function-size /src/feature/nodelist/routerlist.c:update_extrainfo_downlo
problem function-size /src/feature/relay/dns.c:dns_resolve_impl() 131 problem function-size /src/feature/relay/dns.c:dns_resolve_impl() 131
problem function-size /src/feature/relay/dns.c:configure_nameservers() 161 problem function-size /src/feature/relay/dns.c:configure_nameservers() 161
problem function-size /src/feature/relay/dns.c:evdns_callback() 108 problem function-size /src/feature/relay/dns.c:evdns_callback() 108
problem function-size /src/feature/relay/relay_handshake.c:connection_or_compute_authenticate_cell_body() 231
problem file-size /src/feature/relay/router.c 3520 problem file-size /src/feature/relay/router.c 3520
problem include-count /src/feature/relay/router.c 57 problem include-count /src/feature/relay/router.c 57
problem function-size /src/feature/relay/router.c:init_keys() 252 problem function-size /src/feature/relay/router.c:init_keys() 252

View File

@ -47,6 +47,7 @@
#include "app/config/config.h" #include "app/config/config.h"
#include "core/mainloop/connection.h" #include "core/mainloop/connection.h"
#include "core/or/connection_or.h" #include "core/or/connection_or.h"
#include "feature/relay/relay_handshake.h"
#include "feature/control/control.h" #include "feature/control/control.h"
#include "feature/client/entrynodes.h" #include "feature/client/entrynodes.h"
#include "trunnel/link_handshake.h" #include "trunnel/link_handshake.h"

View File

@ -39,14 +39,13 @@
#include "app/config/config.h" #include "app/config/config.h"
#include "core/mainloop/connection.h" #include "core/mainloop/connection.h"
#include "core/or/connection_or.h" #include "core/or/connection_or.h"
#include "feature/relay/relay_handshake.h"
#include "feature/control/control_events.h" #include "feature/control/control_events.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_util.h" #include "lib/crypt_ops/crypto_util.h"
#include "feature/dirauth/reachability.h" #include "feature/dirauth/reachability.h"
#include "feature/client/entrynodes.h" #include "feature/client/entrynodes.h"
#include "lib/geoip/geoip.h" #include "lib/geoip/geoip.h"
#include "core/mainloop/mainloop.h" #include "core/mainloop/mainloop.h"
#include "trunnel/link_handshake.h"
#include "trunnel/netinfo.h" #include "trunnel/netinfo.h"
#include "feature/nodelist/microdesc.h" #include "feature/nodelist/microdesc.h"
#include "feature/nodelist/networkstatus.h" #include "feature/nodelist/networkstatus.h"
@ -78,7 +77,6 @@
#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_format.h"
#include "lib/tls/tortls.h" #include "lib/tls/tortls.h"
#include "lib/tls/x509.h"
#include "core/or/orconn_event.h" #include "core/or/orconn_event.h"
@ -2527,533 +2525,3 @@ connection_or_send_netinfo,(or_connection_t *conn))
return r; return r;
} }
/** Helper used to add an encoded certs to a cert cell */
static void
add_certs_cell_cert_helper(certs_cell_t *certs_cell,
uint8_t cert_type,
const uint8_t *cert_encoded,
size_t cert_len)
{
tor_assert(cert_len <= UINT16_MAX);
certs_cell_cert_t *ccc = certs_cell_cert_new();
ccc->cert_type = cert_type;
ccc->cert_len = cert_len;
certs_cell_cert_setlen_body(ccc, cert_len);
memcpy(certs_cell_cert_getarray_body(ccc), cert_encoded, cert_len);
certs_cell_add_certs(certs_cell, ccc);
}
/** Add an encoded X509 cert (stored as <b>cert_len</b> bytes at
* <b>cert_encoded</b>) to the trunnel certs_cell_t object that we are
* building in <b>certs_cell</b>. Set its type field to <b>cert_type</b>.
* (If <b>cert</b> is NULL, take no action.) */
static void
add_x509_cert(certs_cell_t *certs_cell,
uint8_t cert_type,
const tor_x509_cert_t *cert)
{
if (NULL == cert)
return;
const uint8_t *cert_encoded = NULL;
size_t cert_len;
tor_x509_cert_get_der(cert, &cert_encoded, &cert_len);
add_certs_cell_cert_helper(certs_cell, cert_type, cert_encoded, cert_len);
}
/** Add an Ed25519 cert from <b>cert</b> to the trunnel certs_cell_t object
* that we are building in <b>certs_cell</b>. Set its type field to
* <b>cert_type</b>. (If <b>cert</b> is NULL, take no action.) */
static void
add_ed25519_cert(certs_cell_t *certs_cell,
uint8_t cert_type,
const tor_cert_t *cert)
{
if (NULL == cert)
return;
add_certs_cell_cert_helper(certs_cell, cert_type,
cert->encoded, cert->encoded_len);
}
#ifdef TOR_UNIT_TESTS
int certs_cell_ed25519_disabled_for_testing = 0;
#else
#define certs_cell_ed25519_disabled_for_testing 0
#endif
/** Send a CERTS cell on the connection <b>conn</b>. Return 0 on success, -1
* on failure. */
int
connection_or_send_certs_cell(or_connection_t *conn)
{
const tor_x509_cert_t *global_link_cert = NULL, *id_cert = NULL;
tor_x509_cert_t *own_link_cert = NULL;
var_cell_t *cell;
certs_cell_t *certs_cell = NULL;
tor_assert(conn->base_.state == OR_CONN_STATE_OR_HANDSHAKING_V3);
if (! conn->handshake_state)
return -1;
const int conn_in_server_mode = ! conn->handshake_state->started_here;
/* Get the encoded values of the X509 certificates */
if (tor_tls_get_my_certs(conn_in_server_mode,
&global_link_cert, &id_cert) < 0)
return -1;
if (conn_in_server_mode) {
own_link_cert = tor_tls_get_own_cert(conn->tls);
}
tor_assert(id_cert);
certs_cell = certs_cell_new();
/* Start adding certs. First the link cert or auth1024 cert. */
if (conn_in_server_mode) {
tor_assert_nonfatal(own_link_cert);
add_x509_cert(certs_cell,
OR_CERT_TYPE_TLS_LINK, own_link_cert);
} else {
tor_assert(global_link_cert);
add_x509_cert(certs_cell,
OR_CERT_TYPE_AUTH_1024, global_link_cert);
}
/* Next the RSA->RSA ID cert */
add_x509_cert(certs_cell,
OR_CERT_TYPE_ID_1024, id_cert);
/* Next the Ed25519 certs */
add_ed25519_cert(certs_cell,
CERTTYPE_ED_ID_SIGN,
get_master_signing_key_cert());
if (conn_in_server_mode) {
tor_assert_nonfatal(conn->handshake_state->own_link_cert ||
certs_cell_ed25519_disabled_for_testing);
add_ed25519_cert(certs_cell,
CERTTYPE_ED_SIGN_LINK,
conn->handshake_state->own_link_cert);
} else {
add_ed25519_cert(certs_cell,
CERTTYPE_ED_SIGN_AUTH,
get_current_auth_key_cert());
}
/* And finally the crosscert. */
{
const uint8_t *crosscert=NULL;
size_t crosscert_len;
get_master_rsa_crosscert(&crosscert, &crosscert_len);
if (crosscert) {
add_certs_cell_cert_helper(certs_cell,
CERTTYPE_RSA1024_ID_EDID,
crosscert, crosscert_len);
}
}
/* We've added all the certs; make the cell. */
certs_cell->n_certs = certs_cell_getlen_certs(certs_cell);
ssize_t alloc_len = certs_cell_encoded_len(certs_cell);
tor_assert(alloc_len >= 0 && alloc_len <= UINT16_MAX);
cell = var_cell_new(alloc_len);
cell->command = CELL_CERTS;
ssize_t enc_len = certs_cell_encode(cell->payload, alloc_len, certs_cell);
tor_assert(enc_len > 0 && enc_len <= alloc_len);
cell->payload_len = enc_len;
connection_or_write_var_cell_to_buf(cell, conn);
var_cell_free(cell);
certs_cell_free(certs_cell);
tor_x509_cert_free(own_link_cert);
return 0;
}
#ifdef TOR_UNIT_TESTS
int testing__connection_or_pretend_TLSSECRET_is_supported = 0;
#else
#define testing__connection_or_pretend_TLSSECRET_is_supported 0
#endif
/** Return true iff <b>challenge_type</b> is an AUTHCHALLENGE type that
* we can send and receive. */
int
authchallenge_type_is_supported(uint16_t challenge_type)
{
switch (challenge_type) {
case AUTHTYPE_RSA_SHA256_TLSSECRET:
#ifdef HAVE_WORKING_TOR_TLS_GET_TLSSECRETS
return 1;
#else
return testing__connection_or_pretend_TLSSECRET_is_supported;
#endif
case AUTHTYPE_ED25519_SHA256_RFC5705:
return 1;
case AUTHTYPE_RSA_SHA256_RFC5705:
default:
return 0;
}
}
/** Return true iff <b>challenge_type_a</b> is one that we would rather
* use than <b>challenge_type_b</b>. */
int
authchallenge_type_is_better(uint16_t challenge_type_a,
uint16_t challenge_type_b)
{
/* Any supported type is better than an unsupported one;
* all unsupported types are equally bad. */
if (!authchallenge_type_is_supported(challenge_type_a))
return 0;
if (!authchallenge_type_is_supported(challenge_type_b))
return 1;
/* It happens that types are superior in numerically ascending order.
* If that ever changes, this must change too. */
return (challenge_type_a > challenge_type_b);
}
/** Send an AUTH_CHALLENGE cell on the connection <b>conn</b>. Return 0
* on success, -1 on failure. */
int
connection_or_send_auth_challenge_cell(or_connection_t *conn)
{
var_cell_t *cell = NULL;
int r = -1;
tor_assert(conn->base_.state == OR_CONN_STATE_OR_HANDSHAKING_V3);
if (! conn->handshake_state)
return -1;
auth_challenge_cell_t *ac = auth_challenge_cell_new();
tor_assert(sizeof(ac->challenge) == 32);
crypto_rand((char*)ac->challenge, sizeof(ac->challenge));
if (authchallenge_type_is_supported(AUTHTYPE_RSA_SHA256_TLSSECRET))
auth_challenge_cell_add_methods(ac, AUTHTYPE_RSA_SHA256_TLSSECRET);
/* Disabled, because everything that supports this method also supports
* the much-superior ED25519_SHA256_RFC5705 */
/* auth_challenge_cell_add_methods(ac, AUTHTYPE_RSA_SHA256_RFC5705); */
if (authchallenge_type_is_supported(AUTHTYPE_ED25519_SHA256_RFC5705))
auth_challenge_cell_add_methods(ac, AUTHTYPE_ED25519_SHA256_RFC5705);
auth_challenge_cell_set_n_methods(ac,
auth_challenge_cell_getlen_methods(ac));
cell = var_cell_new(auth_challenge_cell_encoded_len(ac));
ssize_t len = auth_challenge_cell_encode(cell->payload, cell->payload_len,
ac);
if (len != cell->payload_len) {
/* LCOV_EXCL_START */
log_warn(LD_BUG, "Encoded auth challenge cell length not as expected");
goto done;
/* LCOV_EXCL_STOP */
}
cell->command = CELL_AUTH_CHALLENGE;
connection_or_write_var_cell_to_buf(cell, conn);
r = 0;
done:
var_cell_free(cell);
auth_challenge_cell_free(ac);
return r;
}
/** Compute the main body of an AUTHENTICATE cell that a client can use
* to authenticate itself on a v3 handshake for <b>conn</b>. Return it
* in a var_cell_t.
*
* If <b>server</b> is true, only calculate the first
* V3_AUTH_FIXED_PART_LEN bytes -- the part of the authenticator that's
* determined by the rest of the handshake, and which match the provided value
* exactly.
*
* If <b>server</b> is false and <b>signing_key</b> is NULL, calculate the
* first V3_AUTH_BODY_LEN bytes of the authenticator (that is, everything
* that should be signed), but don't actually sign it.
*
* If <b>server</b> is false and <b>signing_key</b> is provided, calculate the
* entire authenticator, signed with <b>signing_key</b>.
*
* Return the length of the cell body on success, and -1 on failure.
*/
var_cell_t *
connection_or_compute_authenticate_cell_body(or_connection_t *conn,
const int authtype,
crypto_pk_t *signing_key,
const ed25519_keypair_t *ed_signing_key,
int server)
{
auth1_t *auth = NULL;
auth_ctx_t *ctx = auth_ctx_new();
var_cell_t *result = NULL;
int old_tlssecrets_algorithm = 0;
const char *authtype_str = NULL;
int is_ed = 0;
/* assert state is reasonable XXXX */
switch (authtype) {
case AUTHTYPE_RSA_SHA256_TLSSECRET:
authtype_str = "AUTH0001";
old_tlssecrets_algorithm = 1;
break;
case AUTHTYPE_RSA_SHA256_RFC5705:
authtype_str = "AUTH0002";
break;
case AUTHTYPE_ED25519_SHA256_RFC5705:
authtype_str = "AUTH0003";
is_ed = 1;
break;
default:
tor_assert(0);
break;
}
auth = auth1_new();
ctx->is_ed = is_ed;
/* Type: 8 bytes. */
memcpy(auth1_getarray_type(auth), authtype_str, 8);
{
const tor_x509_cert_t *id_cert=NULL;
const common_digests_t *my_digests, *their_digests;
const uint8_t *my_id, *their_id, *client_id, *server_id;
if (tor_tls_get_my_certs(server, NULL, &id_cert))
goto err;
my_digests = tor_x509_cert_get_id_digests(id_cert);
their_digests =
tor_x509_cert_get_id_digests(conn->handshake_state->certs->id_cert);
tor_assert(my_digests);
tor_assert(their_digests);
my_id = (uint8_t*)my_digests->d[DIGEST_SHA256];
their_id = (uint8_t*)their_digests->d[DIGEST_SHA256];
client_id = server ? their_id : my_id;
server_id = server ? my_id : their_id;
/* Client ID digest: 32 octets. */
memcpy(auth->cid, client_id, 32);
/* Server ID digest: 32 octets. */
memcpy(auth->sid, server_id, 32);
}
if (is_ed) {
const ed25519_public_key_t *my_ed_id, *their_ed_id;
if (!conn->handshake_state->certs->ed_id_sign) {
log_warn(LD_OR, "Ed authenticate without Ed ID cert from peer.");
goto err;
}
my_ed_id = get_master_identity_key();
their_ed_id = &conn->handshake_state->certs->ed_id_sign->signing_key;
const uint8_t *cid_ed = (server ? their_ed_id : my_ed_id)->pubkey;
const uint8_t *sid_ed = (server ? my_ed_id : their_ed_id)->pubkey;
memcpy(auth->u1_cid_ed, cid_ed, ED25519_PUBKEY_LEN);
memcpy(auth->u1_sid_ed, sid_ed, ED25519_PUBKEY_LEN);
}
{
crypto_digest_t *server_d, *client_d;
if (server) {
server_d = conn->handshake_state->digest_sent;
client_d = conn->handshake_state->digest_received;
} else {
client_d = conn->handshake_state->digest_sent;
server_d = conn->handshake_state->digest_received;
}
/* Server log digest : 32 octets */
crypto_digest_get_digest(server_d, (char*)auth->slog, 32);
/* Client log digest : 32 octets */
crypto_digest_get_digest(client_d, (char*)auth->clog, 32);
}
{
/* Digest of cert used on TLS link : 32 octets. */
tor_x509_cert_t *cert = NULL;
if (server) {
cert = tor_tls_get_own_cert(conn->tls);
} else {
cert = tor_tls_get_peer_cert(conn->tls);
}
if (!cert) {
log_warn(LD_OR, "Unable to find cert when making %s data.",
authtype_str);
goto err;
}
memcpy(auth->scert,
tor_x509_cert_get_cert_digests(cert)->d[DIGEST_SHA256], 32);
tor_x509_cert_free(cert);
}
/* HMAC of clientrandom and serverrandom using master key : 32 octets */
if (old_tlssecrets_algorithm) {
if (tor_tls_get_tlssecrets(conn->tls, auth->tlssecrets) < 0) {
log_fn(LOG_PROTOCOL_WARN, LD_OR, "Somebody asked us for an older TLS "
"authentication method (AUTHTYPE_RSA_SHA256_TLSSECRET) "
"which we don't support.");
}
} else {
char label[128];
tor_snprintf(label, sizeof(label),
"EXPORTER FOR TOR TLS CLIENT BINDING %s", authtype_str);
int r = tor_tls_export_key_material(conn->tls, auth->tlssecrets,
auth->cid, sizeof(auth->cid),
label);
if (r < 0) {
if (r != -2)
log_warn(LD_BUG, "TLS key export failed for unknown reason.");
// If r == -2, this was openssl bug 7712.
goto err;
}
}
/* 8 octets were reserved for the current time, but we're trying to get out
* of the habit of sending time around willynilly. Fortunately, nothing
* checks it. That's followed by 16 bytes of nonce. */
crypto_rand((char*)auth->rand, 24);
ssize_t maxlen = auth1_encoded_len(auth, ctx);
if (ed_signing_key && is_ed) {
maxlen += ED25519_SIG_LEN;
} else if (signing_key && !is_ed) {
maxlen += crypto_pk_keysize(signing_key);
}
const int AUTH_CELL_HEADER_LEN = 4; /* 2 bytes of type, 2 bytes of length */
result = var_cell_new(AUTH_CELL_HEADER_LEN + maxlen);
uint8_t *const out = result->payload + AUTH_CELL_HEADER_LEN;
const size_t outlen = maxlen;
ssize_t len;
result->command = CELL_AUTHENTICATE;
set_uint16(result->payload, htons(authtype));
if ((len = auth1_encode(out, outlen, auth, ctx)) < 0) {
/* LCOV_EXCL_START */
log_warn(LD_BUG, "Unable to encode signed part of AUTH1 data.");
goto err;
/* LCOV_EXCL_STOP */
}
if (server) {
auth1_t *tmp = NULL;
ssize_t len2 = auth1_parse(&tmp, out, len, ctx);
if (!tmp) {
/* LCOV_EXCL_START */
log_warn(LD_BUG, "Unable to parse signed part of AUTH1 data that "
"we just encoded");
goto err;
/* LCOV_EXCL_STOP */
}
result->payload_len = (tmp->end_of_signed - result->payload);
auth1_free(tmp);
if (len2 != len) {
/* LCOV_EXCL_START */
log_warn(LD_BUG, "Mismatched length when re-parsing AUTH1 data.");
goto err;
/* LCOV_EXCL_STOP */
}
goto done;
}
if (ed_signing_key && is_ed) {
ed25519_signature_t sig;
if (ed25519_sign(&sig, out, len, ed_signing_key) < 0) {
/* LCOV_EXCL_START */
log_warn(LD_BUG, "Unable to sign ed25519 authentication data");
goto err;
/* LCOV_EXCL_STOP */
}
auth1_setlen_sig(auth, ED25519_SIG_LEN);
memcpy(auth1_getarray_sig(auth), sig.sig, ED25519_SIG_LEN);
} else if (signing_key && !is_ed) {
auth1_setlen_sig(auth, crypto_pk_keysize(signing_key));
char d[32];
crypto_digest256(d, (char*)out, len, DIGEST_SHA256);
int siglen = crypto_pk_private_sign(signing_key,
(char*)auth1_getarray_sig(auth),
auth1_getlen_sig(auth),
d, 32);
if (siglen < 0) {
log_warn(LD_OR, "Unable to sign AUTH1 data.");
goto err;
}
auth1_setlen_sig(auth, siglen);
}
len = auth1_encode(out, outlen, auth, ctx);
if (len < 0) {
/* LCOV_EXCL_START */
log_warn(LD_BUG, "Unable to encode signed AUTH1 data.");
goto err;
/* LCOV_EXCL_STOP */
}
tor_assert(len + AUTH_CELL_HEADER_LEN <= result->payload_len);
result->payload_len = len + AUTH_CELL_HEADER_LEN;
set_uint16(result->payload+2, htons(len));
goto done;
err:
var_cell_free(result);
result = NULL;
done:
auth1_free(auth);
auth_ctx_free(ctx);
return result;
}
/** Send an AUTHENTICATE cell on the connection <b>conn</b>. Return 0 on
* success, -1 on failure */
MOCK_IMPL(int,
connection_or_send_authenticate_cell,(or_connection_t *conn, int authtype))
{
var_cell_t *cell;
crypto_pk_t *pk = tor_tls_get_my_client_auth_key();
/* XXXX make sure we're actually supposed to send this! */
if (!pk) {
log_warn(LD_BUG, "Can't compute authenticate cell: no client auth key");
return -1;
}
if (! authchallenge_type_is_supported(authtype)) {
log_warn(LD_BUG, "Tried to send authenticate cell with unknown "
"authentication type %d", authtype);
return -1;
}
cell = connection_or_compute_authenticate_cell_body(conn,
authtype,
pk,
get_current_auth_keypair(),
0 /* not server */);
if (! cell) {
log_fn(LOG_PROTOCOL_WARN, LD_NET, "Unable to compute authenticate cell!");
return -1;
}
connection_or_write_var_cell_to_buf(cell, conn);
var_cell_free(cell);
return 0;
}

View File

@ -97,19 +97,6 @@ MOCK_DECL(void,connection_or_write_var_cell_to_buf,(const var_cell_t *cell,
or_connection_t *conn)); or_connection_t *conn));
int connection_or_send_versions(or_connection_t *conn, int v3_plus); int connection_or_send_versions(or_connection_t *conn, int v3_plus);
MOCK_DECL(int,connection_or_send_netinfo,(or_connection_t *conn)); MOCK_DECL(int,connection_or_send_netinfo,(or_connection_t *conn));
int connection_or_send_certs_cell(or_connection_t *conn);
int connection_or_send_auth_challenge_cell(or_connection_t *conn);
int authchallenge_type_is_supported(uint16_t challenge_type);
int authchallenge_type_is_better(uint16_t challenge_type_a,
uint16_t challenge_type_b);
var_cell_t *connection_or_compute_authenticate_cell_body(
or_connection_t *conn,
const int authtype,
crypto_pk_t *signing_key,
const struct ed25519_keypair_t *ed_signing_key,
int server);
MOCK_DECL(int,connection_or_send_authenticate_cell,
(or_connection_t *conn, int type));
int is_or_protocol_version_known(uint16_t version); int is_or_protocol_version_known(uint16_t version);
@ -144,7 +131,6 @@ MOCK_DECL(STATIC void,connection_or_change_state,
#endif /* defined(CONNECTION_OR_PRIVATE) */ #endif /* defined(CONNECTION_OR_PRIVATE) */
#ifdef TOR_UNIT_TESTS #ifdef TOR_UNIT_TESTS
extern int certs_cell_ed25519_disabled_for_testing;
extern int testing__connection_or_pretend_TLSSECRET_is_supported; extern int testing__connection_or_pretend_TLSSECRET_is_supported;
#endif #endif

View File

@ -2,8 +2,7 @@
# Legacy shared relay code: migrate to the relay module over time # Legacy shared relay code: migrate to the relay module over time
LIBTOR_APP_A_SOURCES += \ LIBTOR_APP_A_SOURCES += \
src/feature/relay/onion_queue.c \ src/feature/relay/onion_queue.c \
src/feature/relay/router.c \ src/feature/relay/router.c
src/feature/relay/routerkeys.c
# The Relay module. # The Relay module.
@ -13,8 +12,10 @@ MODULE_RELAY_SOURCES = \
src/feature/relay/ext_orport.c \ src/feature/relay/ext_orport.c \
src/feature/relay/routermode.c \ src/feature/relay/routermode.c \
src/feature/relay/relay_config.c \ src/feature/relay/relay_config.c \
src/feature/relay/relay_handshake.c \
src/feature/relay/relay_periodic.c \ src/feature/relay/relay_periodic.c \
src/feature/relay/relay_sys.c \ src/feature/relay/relay_sys.c \
src/feature/relay/routerkeys.c \
src/feature/relay/selftest.c \ src/feature/relay/selftest.c \
src/feature/relay/transport_config.c src/feature/relay/transport_config.c
@ -25,6 +26,7 @@ noinst_HEADERS += \
src/feature/relay/ext_orport.h \ src/feature/relay/ext_orport.h \
src/feature/relay/onion_queue.h \ src/feature/relay/onion_queue.h \
src/feature/relay/relay_config.h \ src/feature/relay/relay_config.h \
src/feature/relay/relay_handshake.h \
src/feature/relay/relay_periodic.h \ src/feature/relay/relay_periodic.h \
src/feature/relay/relay_sys.h \ src/feature/relay/relay_sys.h \
src/feature/relay/router.h \ src/feature/relay/router.h \

View File

@ -0,0 +1,565 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2020, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
* @file relay_handshake.c
* @brief Functions to implement the relay-only parts of our
* connection handshake.
*
* Some parts of our TLS link handshake are only done by relays (including
* bridges). Specifically, only relays need to send CERTS cells; only
* relays need to send or receive AUTHCHALLENGE cells, and only relays need to
* send or receive AUTHENTICATE cells.
**/
#include "orconfig.h"
#include "core/or/or.h"
#include "feature/relay/relay_handshake.h"
#include "app/config/config.h"
#include "core/or/connection_or.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "trunnel/link_handshake.h"
#include "feature/relay/routerkeys.h"
#include "feature/nodelist/torcert.h"
#include "core/or/or_connection_st.h"
#include "core/or/or_handshake_certs_st.h"
#include "core/or/or_handshake_state_st.h"
#include "core/or/var_cell_st.h"
#include "lib/tls/tortls.h"
#include "lib/tls/x509.h"
/** Helper used to add an encoded certs to a cert cell */
static void
add_certs_cell_cert_helper(certs_cell_t *certs_cell,
uint8_t cert_type,
const uint8_t *cert_encoded,
size_t cert_len)
{
tor_assert(cert_len <= UINT16_MAX);
certs_cell_cert_t *ccc = certs_cell_cert_new();
ccc->cert_type = cert_type;
ccc->cert_len = cert_len;
certs_cell_cert_setlen_body(ccc, cert_len);
memcpy(certs_cell_cert_getarray_body(ccc), cert_encoded, cert_len);
certs_cell_add_certs(certs_cell, ccc);
}
/** Add an encoded X509 cert (stored as <b>cert_len</b> bytes at
* <b>cert_encoded</b>) to the trunnel certs_cell_t object that we are
* building in <b>certs_cell</b>. Set its type field to <b>cert_type</b>.
* (If <b>cert</b> is NULL, take no action.) */
static void
add_x509_cert(certs_cell_t *certs_cell,
uint8_t cert_type,
const tor_x509_cert_t *cert)
{
if (NULL == cert)
return;
const uint8_t *cert_encoded = NULL;
size_t cert_len;
tor_x509_cert_get_der(cert, &cert_encoded, &cert_len);
add_certs_cell_cert_helper(certs_cell, cert_type, cert_encoded, cert_len);
}
/** Add an Ed25519 cert from <b>cert</b> to the trunnel certs_cell_t object
* that we are building in <b>certs_cell</b>. Set its type field to
* <b>cert_type</b>. (If <b>cert</b> is NULL, take no action.) */
static void
add_ed25519_cert(certs_cell_t *certs_cell,
uint8_t cert_type,
const tor_cert_t *cert)
{
if (NULL == cert)
return;
add_certs_cell_cert_helper(certs_cell, cert_type,
cert->encoded, cert->encoded_len);
}
#ifdef TOR_UNIT_TESTS
int certs_cell_ed25519_disabled_for_testing = 0;
#else
#define certs_cell_ed25519_disabled_for_testing 0
#endif
/** Send a CERTS cell on the connection <b>conn</b>. Return 0 on success, -1
* on failure. */
int
connection_or_send_certs_cell(or_connection_t *conn)
{
const tor_x509_cert_t *global_link_cert = NULL, *id_cert = NULL;
tor_x509_cert_t *own_link_cert = NULL;
var_cell_t *cell;
certs_cell_t *certs_cell = NULL;
tor_assert(conn->base_.state == OR_CONN_STATE_OR_HANDSHAKING_V3);
if (! conn->handshake_state)
return -1;
const int conn_in_server_mode = ! conn->handshake_state->started_here;
/* Get the encoded values of the X509 certificates */
if (tor_tls_get_my_certs(conn_in_server_mode,
&global_link_cert, &id_cert) < 0)
return -1;
if (conn_in_server_mode) {
own_link_cert = tor_tls_get_own_cert(conn->tls);
}
tor_assert(id_cert);
certs_cell = certs_cell_new();
/* Start adding certs. First the link cert or auth1024 cert. */
if (conn_in_server_mode) {
tor_assert_nonfatal(own_link_cert);
add_x509_cert(certs_cell,
OR_CERT_TYPE_TLS_LINK, own_link_cert);
} else {
tor_assert(global_link_cert);
add_x509_cert(certs_cell,
OR_CERT_TYPE_AUTH_1024, global_link_cert);
}
/* Next the RSA->RSA ID cert */
add_x509_cert(certs_cell,
OR_CERT_TYPE_ID_1024, id_cert);
/* Next the Ed25519 certs */
add_ed25519_cert(certs_cell,
CERTTYPE_ED_ID_SIGN,
get_master_signing_key_cert());
if (conn_in_server_mode) {
tor_assert_nonfatal(conn->handshake_state->own_link_cert ||
certs_cell_ed25519_disabled_for_testing);
add_ed25519_cert(certs_cell,
CERTTYPE_ED_SIGN_LINK,
conn->handshake_state->own_link_cert);
} else {
add_ed25519_cert(certs_cell,
CERTTYPE_ED_SIGN_AUTH,
get_current_auth_key_cert());
}
/* And finally the crosscert. */
{
const uint8_t *crosscert=NULL;
size_t crosscert_len;
get_master_rsa_crosscert(&crosscert, &crosscert_len);
if (crosscert) {
add_certs_cell_cert_helper(certs_cell,
CERTTYPE_RSA1024_ID_EDID,
crosscert, crosscert_len);
}
}
/* We've added all the certs; make the cell. */
certs_cell->n_certs = certs_cell_getlen_certs(certs_cell);
ssize_t alloc_len = certs_cell_encoded_len(certs_cell);
tor_assert(alloc_len >= 0 && alloc_len <= UINT16_MAX);
cell = var_cell_new(alloc_len);
cell->command = CELL_CERTS;
ssize_t enc_len = certs_cell_encode(cell->payload, alloc_len, certs_cell);
tor_assert(enc_len > 0 && enc_len <= alloc_len);
cell->payload_len = enc_len;
connection_or_write_var_cell_to_buf(cell, conn);
var_cell_free(cell);
certs_cell_free(certs_cell);
tor_x509_cert_free(own_link_cert);
return 0;
}
#ifdef TOR_UNIT_TESTS
int testing__connection_or_pretend_TLSSECRET_is_supported = 0;
#else
#define testing__connection_or_pretend_TLSSECRET_is_supported 0
#endif
/** Return true iff <b>challenge_type</b> is an AUTHCHALLENGE type that
* we can send and receive. */
int
authchallenge_type_is_supported(uint16_t challenge_type)
{
switch (challenge_type) {
case AUTHTYPE_RSA_SHA256_TLSSECRET:
#ifdef HAVE_WORKING_TOR_TLS_GET_TLSSECRETS
return 1;
#else
return testing__connection_or_pretend_TLSSECRET_is_supported;
#endif
case AUTHTYPE_ED25519_SHA256_RFC5705:
return 1;
case AUTHTYPE_RSA_SHA256_RFC5705:
default:
return 0;
}
}
/** Return true iff <b>challenge_type_a</b> is one that we would rather
* use than <b>challenge_type_b</b>. */
int
authchallenge_type_is_better(uint16_t challenge_type_a,
uint16_t challenge_type_b)
{
/* Any supported type is better than an unsupported one;
* all unsupported types are equally bad. */
if (!authchallenge_type_is_supported(challenge_type_a))
return 0;
if (!authchallenge_type_is_supported(challenge_type_b))
return 1;
/* It happens that types are superior in numerically ascending order.
* If that ever changes, this must change too. */
return (challenge_type_a > challenge_type_b);
}
/** Send an AUTH_CHALLENGE cell on the connection <b>conn</b>. Return 0
* on success, -1 on failure. */
int
connection_or_send_auth_challenge_cell(or_connection_t *conn)
{
var_cell_t *cell = NULL;
int r = -1;
tor_assert(conn->base_.state == OR_CONN_STATE_OR_HANDSHAKING_V3);
if (! conn->handshake_state)
return -1;
auth_challenge_cell_t *ac = auth_challenge_cell_new();
tor_assert(sizeof(ac->challenge) == 32);
crypto_rand((char*)ac->challenge, sizeof(ac->challenge));
if (authchallenge_type_is_supported(AUTHTYPE_RSA_SHA256_TLSSECRET))
auth_challenge_cell_add_methods(ac, AUTHTYPE_RSA_SHA256_TLSSECRET);
/* Disabled, because everything that supports this method also supports
* the much-superior ED25519_SHA256_RFC5705 */
/* auth_challenge_cell_add_methods(ac, AUTHTYPE_RSA_SHA256_RFC5705); */
if (authchallenge_type_is_supported(AUTHTYPE_ED25519_SHA256_RFC5705))
auth_challenge_cell_add_methods(ac, AUTHTYPE_ED25519_SHA256_RFC5705);
auth_challenge_cell_set_n_methods(ac,
auth_challenge_cell_getlen_methods(ac));
cell = var_cell_new(auth_challenge_cell_encoded_len(ac));
ssize_t len = auth_challenge_cell_encode(cell->payload, cell->payload_len,
ac);
if (len != cell->payload_len) {
/* LCOV_EXCL_START */
log_warn(LD_BUG, "Encoded auth challenge cell length not as expected");
goto done;
/* LCOV_EXCL_STOP */
}
cell->command = CELL_AUTH_CHALLENGE;
connection_or_write_var_cell_to_buf(cell, conn);
r = 0;
done:
var_cell_free(cell);
auth_challenge_cell_free(ac);
return r;
}
/** Compute the main body of an AUTHENTICATE cell that a client can use
* to authenticate itself on a v3 handshake for <b>conn</b>. Return it
* in a var_cell_t.
*
* If <b>server</b> is true, only calculate the first
* V3_AUTH_FIXED_PART_LEN bytes -- the part of the authenticator that's
* determined by the rest of the handshake, and which match the provided value
* exactly.
*
* If <b>server</b> is false and <b>signing_key</b> is NULL, calculate the
* first V3_AUTH_BODY_LEN bytes of the authenticator (that is, everything
* that should be signed), but don't actually sign it.
*
* If <b>server</b> is false and <b>signing_key</b> is provided, calculate the
* entire authenticator, signed with <b>signing_key</b>.
*
* Return the length of the cell body on success, and -1 on failure.
*/
var_cell_t *
connection_or_compute_authenticate_cell_body(or_connection_t *conn,
const int authtype,
crypto_pk_t *signing_key,
const ed25519_keypair_t *ed_signing_key,
int server)
{
auth1_t *auth = NULL;
auth_ctx_t *ctx = auth_ctx_new();
var_cell_t *result = NULL;
int old_tlssecrets_algorithm = 0;
const char *authtype_str = NULL;
int is_ed = 0;
/* assert state is reasonable XXXX */
switch (authtype) {
case AUTHTYPE_RSA_SHA256_TLSSECRET:
authtype_str = "AUTH0001";
old_tlssecrets_algorithm = 1;
break;
case AUTHTYPE_RSA_SHA256_RFC5705:
authtype_str = "AUTH0002";
break;
case AUTHTYPE_ED25519_SHA256_RFC5705:
authtype_str = "AUTH0003";
is_ed = 1;
break;
default:
tor_assert(0);
break;
}
auth = auth1_new();
ctx->is_ed = is_ed;
/* Type: 8 bytes. */
memcpy(auth1_getarray_type(auth), authtype_str, 8);
{
const tor_x509_cert_t *id_cert=NULL;
const common_digests_t *my_digests, *their_digests;
const uint8_t *my_id, *their_id, *client_id, *server_id;
if (tor_tls_get_my_certs(server, NULL, &id_cert))
goto err;
my_digests = tor_x509_cert_get_id_digests(id_cert);
their_digests =
tor_x509_cert_get_id_digests(conn->handshake_state->certs->id_cert);
tor_assert(my_digests);
tor_assert(their_digests);
my_id = (uint8_t*)my_digests->d[DIGEST_SHA256];
their_id = (uint8_t*)their_digests->d[DIGEST_SHA256];
client_id = server ? their_id : my_id;
server_id = server ? my_id : their_id;
/* Client ID digest: 32 octets. */
memcpy(auth->cid, client_id, 32);
/* Server ID digest: 32 octets. */
memcpy(auth->sid, server_id, 32);
}
if (is_ed) {
const ed25519_public_key_t *my_ed_id, *their_ed_id;
if (!conn->handshake_state->certs->ed_id_sign) {
log_warn(LD_OR, "Ed authenticate without Ed ID cert from peer.");
goto err;
}
my_ed_id = get_master_identity_key();
their_ed_id = &conn->handshake_state->certs->ed_id_sign->signing_key;
const uint8_t *cid_ed = (server ? their_ed_id : my_ed_id)->pubkey;
const uint8_t *sid_ed = (server ? my_ed_id : their_ed_id)->pubkey;
memcpy(auth->u1_cid_ed, cid_ed, ED25519_PUBKEY_LEN);
memcpy(auth->u1_sid_ed, sid_ed, ED25519_PUBKEY_LEN);
}
{
crypto_digest_t *server_d, *client_d;
if (server) {
server_d = conn->handshake_state->digest_sent;
client_d = conn->handshake_state->digest_received;
} else {
client_d = conn->handshake_state->digest_sent;
server_d = conn->handshake_state->digest_received;
}
/* Server log digest : 32 octets */
crypto_digest_get_digest(server_d, (char*)auth->slog, 32);
/* Client log digest : 32 octets */
crypto_digest_get_digest(client_d, (char*)auth->clog, 32);
}
{
/* Digest of cert used on TLS link : 32 octets. */
tor_x509_cert_t *cert = NULL;
if (server) {
cert = tor_tls_get_own_cert(conn->tls);
} else {
cert = tor_tls_get_peer_cert(conn->tls);
}
if (!cert) {
log_warn(LD_OR, "Unable to find cert when making %s data.",
authtype_str);
goto err;
}
memcpy(auth->scert,
tor_x509_cert_get_cert_digests(cert)->d[DIGEST_SHA256], 32);
tor_x509_cert_free(cert);
}
/* HMAC of clientrandom and serverrandom using master key : 32 octets */
if (old_tlssecrets_algorithm) {
if (tor_tls_get_tlssecrets(conn->tls, auth->tlssecrets) < 0) {
log_fn(LOG_PROTOCOL_WARN, LD_OR, "Somebody asked us for an older TLS "
"authentication method (AUTHTYPE_RSA_SHA256_TLSSECRET) "
"which we don't support.");
}
} else {
char label[128];
tor_snprintf(label, sizeof(label),
"EXPORTER FOR TOR TLS CLIENT BINDING %s", authtype_str);
int r = tor_tls_export_key_material(conn->tls, auth->tlssecrets,
auth->cid, sizeof(auth->cid),
label);
if (r < 0) {
if (r != -2)
log_warn(LD_BUG, "TLS key export failed for unknown reason.");
// If r == -2, this was openssl bug 7712.
goto err;
}
}
/* 8 octets were reserved for the current time, but we're trying to get out
* of the habit of sending time around willynilly. Fortunately, nothing
* checks it. That's followed by 16 bytes of nonce. */
crypto_rand((char*)auth->rand, 24);
ssize_t maxlen = auth1_encoded_len(auth, ctx);
if (ed_signing_key && is_ed) {
maxlen += ED25519_SIG_LEN;
} else if (signing_key && !is_ed) {
maxlen += crypto_pk_keysize(signing_key);
}
const int AUTH_CELL_HEADER_LEN = 4; /* 2 bytes of type, 2 bytes of length */
result = var_cell_new(AUTH_CELL_HEADER_LEN + maxlen);
uint8_t *const out = result->payload + AUTH_CELL_HEADER_LEN;
const size_t outlen = maxlen;
ssize_t len;
result->command = CELL_AUTHENTICATE;
set_uint16(result->payload, htons(authtype));
if ((len = auth1_encode(out, outlen, auth, ctx)) < 0) {
/* LCOV_EXCL_START */
log_warn(LD_BUG, "Unable to encode signed part of AUTH1 data.");
goto err;
/* LCOV_EXCL_STOP */
}
if (server) {
auth1_t *tmp = NULL;
ssize_t len2 = auth1_parse(&tmp, out, len, ctx);
if (!tmp) {
/* LCOV_EXCL_START */
log_warn(LD_BUG, "Unable to parse signed part of AUTH1 data that "
"we just encoded");
goto err;
/* LCOV_EXCL_STOP */
}
result->payload_len = (tmp->end_of_signed - result->payload);
auth1_free(tmp);
if (len2 != len) {
/* LCOV_EXCL_START */
log_warn(LD_BUG, "Mismatched length when re-parsing AUTH1 data.");
goto err;
/* LCOV_EXCL_STOP */
}
goto done;
}
if (ed_signing_key && is_ed) {
ed25519_signature_t sig;
if (ed25519_sign(&sig, out, len, ed_signing_key) < 0) {
/* LCOV_EXCL_START */
log_warn(LD_BUG, "Unable to sign ed25519 authentication data");
goto err;
/* LCOV_EXCL_STOP */
}
auth1_setlen_sig(auth, ED25519_SIG_LEN);
memcpy(auth1_getarray_sig(auth), sig.sig, ED25519_SIG_LEN);
} else if (signing_key && !is_ed) {
auth1_setlen_sig(auth, crypto_pk_keysize(signing_key));
char d[32];
crypto_digest256(d, (char*)out, len, DIGEST_SHA256);
int siglen = crypto_pk_private_sign(signing_key,
(char*)auth1_getarray_sig(auth),
auth1_getlen_sig(auth),
d, 32);
if (siglen < 0) {
log_warn(LD_OR, "Unable to sign AUTH1 data.");
goto err;
}
auth1_setlen_sig(auth, siglen);
}
len = auth1_encode(out, outlen, auth, ctx);
if (len < 0) {
/* LCOV_EXCL_START */
log_warn(LD_BUG, "Unable to encode signed AUTH1 data.");
goto err;
/* LCOV_EXCL_STOP */
}
tor_assert(len + AUTH_CELL_HEADER_LEN <= result->payload_len);
result->payload_len = len + AUTH_CELL_HEADER_LEN;
set_uint16(result->payload+2, htons(len));
goto done;
err:
var_cell_free(result);
result = NULL;
done:
auth1_free(auth);
auth_ctx_free(ctx);
return result;
}
/** Send an AUTHENTICATE cell on the connection <b>conn</b>. Return 0 on
* success, -1 on failure */
MOCK_IMPL(int,
connection_or_send_authenticate_cell,(or_connection_t *conn, int authtype))
{
var_cell_t *cell;
crypto_pk_t *pk = tor_tls_get_my_client_auth_key();
/* XXXX make sure we're actually supposed to send this! */
if (!pk) {
log_warn(LD_BUG, "Can't compute authenticate cell: no client auth key");
return -1;
}
if (! authchallenge_type_is_supported(authtype)) {
log_warn(LD_BUG, "Tried to send authenticate cell with unknown "
"authentication type %d", authtype);
return -1;
}
cell = connection_or_compute_authenticate_cell_body(conn,
authtype,
pk,
get_current_auth_keypair(),
0 /* not server */);
if (! cell) {
log_fn(LOG_PROTOCOL_WARN, LD_NET, "Unable to compute authenticate cell!");
return -1;
}
connection_or_write_var_cell_to_buf(cell, conn);
var_cell_free(cell);
return 0;
}

View File

@ -0,0 +1,90 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2020, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
* @file relay_handshake.h
* @brief Header for feature/relay/relay_handshake.c
**/
#ifndef TOR_CORE_OR_RELAY_HANDSHAKE_H
#define TOR_CORE_OR_RELAY_HANDSHAKE_H
#ifdef HAVE_MODULE_RELAY
struct ed25519_keypair_t;
int connection_or_send_certs_cell(or_connection_t *conn);
int connection_or_send_auth_challenge_cell(or_connection_t *conn);
var_cell_t *connection_or_compute_authenticate_cell_body(
or_connection_t *conn,
const int authtype,
crypto_pk_t *signing_key,
const struct ed25519_keypair_t *ed_signing_key,
int server);
int authchallenge_type_is_supported(uint16_t challenge_type);
int authchallenge_type_is_better(uint16_t challenge_type_a,
uint16_t challenge_type_b);
MOCK_DECL(int,connection_or_send_authenticate_cell,
(or_connection_t *conn, int type));
#ifdef TOR_UNIT_TESTS
extern int certs_cell_ed25519_disabled_for_testing;
#endif
#else /* !defined(HAVE_MODULE_RELAY) */
static inline int
connection_or_send_certs_cell(or_connection_t *conn)
{
(void)conn;
tor_assert_nonfatal_unreached();
return -1;
}
static inline int
connection_or_send_auth_challenge_cell(or_connection_t *conn)
{
(void)conn;
tor_assert_nonfatal_unreached();
return -1;
}
static inline var_cell_t *
connection_or_compute_authenticate_cell_body(
or_connection_t *conn,
const int authtype,
crypto_pk_t *signing_key,
const struct ed25519_keypair_t *ed_signing_key,
int server)
{
(void)conn;
(void)authtype;
(void)signing_key;
(void)ed_signing_key;
(void)server;
tor_assert_nonfatal_unreached();
return NULL;
}
#define authchallenge_type_is_supported(t) (0)
#define authchallenge_type_is_better(a, b) (0)
static inline int
connection_or_send_authenticate_cell(or_connection_t *conn, int type)
{
(void)conn;
(void)type;
tor_assert_nonfatal_unreached();
return -1;
}
#ifdef TOR_UNIT_TESTS
extern int certs_cell_ed25519_disabled_for_testing;
#endif
#endif /* defined(HAVE_MODULE_RELAY) */
#endif /* !defined(TOR_CORE_OR_RELAY_HANDSHAKE_H) */

View File

@ -11,6 +11,8 @@
#include "lib/crypt_ops/crypto_ed25519.h" #include "lib/crypt_ops/crypto_ed25519.h"
#ifdef HAVE_MODULE_RELAY
const ed25519_public_key_t *get_master_identity_key(void); const ed25519_public_key_t *get_master_identity_key(void);
MOCK_DECL(const ed25519_keypair_t *, get_master_signing_keypair,(void)); MOCK_DECL(const ed25519_keypair_t *, get_master_signing_keypair,(void));
MOCK_DECL(const struct tor_cert_st *, get_master_signing_key_cert,(void)); MOCK_DECL(const struct tor_cert_st *, get_master_signing_key_cert,(void));
@ -24,6 +26,7 @@ void get_master_rsa_crosscert(const uint8_t **cert_out,
int router_ed25519_id_is_me(const ed25519_public_key_t *id); int router_ed25519_id_is_me(const ed25519_public_key_t *id);
/* These are only used by router.c */
struct tor_cert_st *make_ntor_onion_key_crosscert( struct tor_cert_st *make_ntor_onion_key_crosscert(
const curve25519_keypair_t *onion_key, const curve25519_keypair_t *onion_key,
const ed25519_public_key_t *master_id_key, const ed25519_public_key_t *master_id_key,
@ -42,6 +45,85 @@ int generate_ed_link_cert(const or_options_t *options, time_t now, int force);
void routerkeys_free_all(void); void routerkeys_free_all(void);
#else /* !defined(HAVE_MODULE_RELAY) */
#define router_ed25519_id_is_me(id) \
((void)(id), 0)
static inline void *
relay_key_is_unavailable_(void)
{
tor_assert_nonfatal_unreached();
return NULL;
}
#define relay_key_is_unavailable(type) \
((type)(relay_key_is_unavailable_()))
// Many of these can be removed once relay_handshake.c is relay-only.
#define get_current_auth_keypair() \
relay_key_is_unavailable(const ed25519_keypair_t *)
#define get_master_signing_keypair() \
relay_key_is_unavailable(const ed25519_keypair_t *)
#define get_current_link_cert_cert() \
relay_key_is_unavailable(const struct tor_cert_st *)
#define get_current_auth_key_cert() \
relay_key_is_unavailable(const struct tor_cert_st *)
#define get_master_signing_key_cert() \
relay_key_is_unavailable(const struct tor_cert_st *)
#define get_master_rsa_crosscert(cert_out, size_out) \
STMT_BEGIN \
tor_assert_nonfatal_unreached(); \
*(cert_out) = NULL; \
*(size_out) = 0; \
STMT_END
#define get_master_identity_key() \
relay_key_is_unavailable(const ed25519_public_key_t *)
#define generate_ed_link_cert(options, now, force) \
((void)(options), (void)(now), (void)(force), 0)
#define should_make_new_ed_keys(options, now) \
((void)(options), (void)(now), 0)
// These can get removed once router.c becomes relay-only.
static inline struct tor_cert_st *
make_ntor_onion_key_crosscert(const curve25519_keypair_t *onion_key,
const ed25519_public_key_t *master_id_key,
time_t now, time_t lifetime,
int *sign_out)
{
(void)onion_key;
(void)master_id_key;
(void)now;
(void)lifetime;
(void)sign_out;
tor_assert_nonfatal_unreached();
return NULL;
}
static inline uint8_t *
make_tap_onion_key_crosscert(const crypto_pk_t *onion_key,
const ed25519_public_key_t *master_id_key,
const crypto_pk_t *rsa_id_key,
int *len_out)
{
(void)onion_key;
(void)master_id_key;
(void)rsa_id_key;
(void)len_out;
tor_assert_nonfatal_unreached();
return NULL;
}
/* This calls is used outside of relay mode, but only to implement
* CMD_KEY_EXPIRATION */
#define log_cert_expiration() \
(puts("Not available: Tor has been compiled without relay support"), 0)
/* This calls is used outside of relay mode, but only to implement
* CMD_KEYGEN. */
#define load_ed_keys(x,y) \
(puts("Not available: Tor has been compiled without relay support"), 0)
#endif /* defined(HAVE_MODULE_RELAY) */
#ifdef TOR_UNIT_TESTS #ifdef TOR_UNIT_TESTS
const ed25519_keypair_t *get_master_identity_keypair(void); const ed25519_keypair_t *get_master_identity_keypair(void);
void init_mock_ed_keys(const crypto_pk_t *rsa_identity_key); void init_mock_ed_keys(const crypto_pk_t *rsa_identity_key);

View File

@ -18,6 +18,7 @@
#include "feature/relay/routerkeys.h" #include "feature/relay/routerkeys.h"
#include "core/or/scheduler.h" #include "core/or/scheduler.h"
#include "feature/nodelist/torcert.h" #include "feature/nodelist/torcert.h"
#include "feature/relay/relay_handshake.h"
#include "core/or/or_connection_st.h" #include "core/or/or_connection_st.h"
#include "core/or/or_handshake_certs_st.h" #include "core/or/or_handshake_certs_st.h"