1 /* Copyright (c) 2014-2021, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
3 
4 /**
5  * @file torcert.h
6  * @brief Header for torcert.c
7  **/
8 
9 #ifndef TORCERT_H_INCLUDED
10 #define TORCERT_H_INCLUDED
11 
12 #include "lib/crypt_ops/crypto_ed25519.h"
13 
14 #define SIGNED_KEY_TYPE_ED25519        0x01
15 #define SIGNED_KEY_TYPE_SHA256_OF_RSA  0x02
16 #define SIGNED_KEY_TYPE_SHA256_OF_X509 0x03
17 
18 #define CERT_TYPE_ID_SIGNING        0x04
19 #define CERT_TYPE_SIGNING_LINK      0x05
20 #define CERT_TYPE_SIGNING_AUTH      0x06
21 #define CERT_TYPE_SIGNING_HS_DESC   0x08
22 #define CERT_TYPE_AUTH_HS_IP_KEY    0x09
23 #define CERT_TYPE_ONION_ID          0x0A
24 #define CERT_TYPE_CROSS_HS_IP_KEYS  0x0B
25 
26 #define CERT_FLAG_INCLUDE_SIGNING_KEY 0x1
27 
28 /** An ed25519-signed certificate as used throughout the Tor protocol.
29  **/
30 typedef struct tor_cert_st {
31   /** The key authenticated by this certificate */
32   ed25519_public_key_t signed_key;
33   /** The key that signed this certificate. This value may be unset if the
34    * certificate has never been checked, and didn't include its own key. */
35   ed25519_public_key_t signing_key;
36   /** A time after which this certificate will no longer be valid. */
37   time_t valid_until;
38 
39   /** The encoded representation of this certificate */
40   uint8_t *encoded;
41   /** The length of <b>encoded</b> */
42   size_t encoded_len;
43 
44   /** One of CERT_TYPE_... */
45   uint8_t cert_type;
46   /** True iff we received a signing key embedded in this certificate */
47   unsigned signing_key_included : 1;
48   /** True iff we checked the signature and found it bad */
49   unsigned sig_bad : 1;
50   /** True iff we checked the signature and found it correct */
51   unsigned sig_ok : 1;
52   /** True iff we checked the signature and first found that the cert
53    * had expired */
54   unsigned cert_expired : 1;
55   /** True iff we checked the signature and found the whole cert valid */
56   unsigned cert_valid : 1;
57 } tor_cert_t;
58 
59 struct tor_tls_t;
60 
61 tor_cert_t *tor_cert_create_ed25519(const ed25519_keypair_t *signing_key,
62                             uint8_t cert_type,
63                             const ed25519_public_key_t *signed_key,
64                             time_t now, time_t lifetime,
65                             uint32_t flags);
66 tor_cert_t * tor_cert_create_raw(const ed25519_keypair_t *signing_key,
67                       uint8_t cert_type,
68                       uint8_t signed_key_type,
69                       const uint8_t signed_key_info[32],
70                       time_t now, time_t lifetime,
71                       uint32_t flags);
72 
73 tor_cert_t *tor_cert_parse(const uint8_t *cert, size_t certlen);
74 
75 void tor_cert_free_(tor_cert_t *cert);
76 #define tor_cert_free(cert) FREE_AND_NULL(tor_cert_t, tor_cert_free_, (cert))
77 
78 int tor_cert_get_checkable_sig(ed25519_checkable_t *checkable_out,
79                                const tor_cert_t *out,
80                                const ed25519_public_key_t *pubkey,
81                                time_t *expiration_out);
82 
83 int tor_cert_checksig(tor_cert_t *cert,
84                       const ed25519_public_key_t *pubkey, time_t now);
85 const char *tor_cert_describe_signature_status(const tor_cert_t *cert);
86 
87 MOCK_DECL(tor_cert_t *,tor_cert_dup,(const tor_cert_t *cert));
88 int tor_cert_eq(const tor_cert_t *cert1, const tor_cert_t *cert2);
89 int tor_cert_opt_eq(const tor_cert_t *cert1, const tor_cert_t *cert2);
90 
91 ssize_t tor_make_rsa_ed25519_crosscert(const ed25519_public_key_t *ed_key,
92                                        const crypto_pk_t *rsa_key,
93                                        time_t expires,
94                                        uint8_t **cert);
95 MOCK_DECL(int,
96 rsa_ed25519_crosscert_check, (const uint8_t *crosscert,
97                               const size_t crosscert_len,
98                               const crypto_pk_t *rsa_id_key,
99                               const ed25519_public_key_t *master_key,
100                               const time_t reject_if_expired_before));
101 
102 or_handshake_certs_t *or_handshake_certs_new(void);
103 void or_handshake_certs_free_(or_handshake_certs_t *certs);
104 #define or_handshake_certs_free(certs) \
105   FREE_AND_NULL(or_handshake_certs_t, or_handshake_certs_free_, (certs))
106 int or_handshake_certs_rsa_ok(int severity,
107                               or_handshake_certs_t *certs,
108                               struct tor_tls_t *tls,
109                               time_t now);
110 int or_handshake_certs_ed25519_ok(int severity,
111                                   or_handshake_certs_t *certs,
112                                   struct tor_tls_t *tls,
113                                   time_t now);
114 void or_handshake_certs_check_both(int severity,
115                               or_handshake_certs_t *certs,
116                               struct tor_tls_t *tls,
117                               time_t now,
118                               const ed25519_public_key_t **ed_id_out,
119                               const common_digests_t **rsa_id_out);
120 
121 int tor_cert_encode_ed22519(const tor_cert_t *cert, char **cert_str_out);
122 
123 MOCK_DECL(int, check_tap_onion_key_crosscert,(const uint8_t *crosscert,
124                                   int crosscert_len,
125                                   const crypto_pk_t *onion_pkey,
126                                   const ed25519_public_key_t *master_id_pkey,
127                                   const uint8_t *rsa_id_digest));
128 
129 #endif /* !defined(TORCERT_H_INCLUDED) */
130