prop224: Implement subcredential creation

Signed-off-by: David Goulet <dgoulet@torproject.org>
author: David Goulet <dgoulet@torproject.org> 2017-05-11 10:16:28 -0400
committer: Nick Mathewson <nickm@torproject.org> 2017-08-08 20:29:33 -0400
commit: c4ba4d4cc8a1d31f78d1dc54c7851bed32a25e5c (patch)
tree: af7d5951bcea3bb7de2758c7f8c26c59bc9a10b4 /src/or/hs_common.c
parent: f53b72baf7472423f662b49bebde1a88727901fb (diff)
download: tor-c4ba4d4cc8a1d31f78d1dc54c7851bed32a25e5c.tar.gz
tor-c4ba4d4cc8a1d31f78d1dc54c7851bed32a25e5c.zip
1 files changed, 37 insertions, 0 deletions
diff --git a/src/or/hs_common.c b/src/or/hs_common.c
index 631e4b7115..102e4689fa 100644
--- a/src/or/hs_common.c
+++ b/src/or/hs_common.c
@@ -500,6 +500,43 @@ hs_parse_address_impl(const char *address, ed25519_public_key_t *key_out,
   tor_assert(offset == HS_SERVICE_ADDR_LEN);
 }
 
+/* Using the given identity public key and a blinded public key, compute the
+ * subcredential and put it in subcred_out. This can't fail. */
+void
+hs_get_subcredential(const ed25519_public_key_t *identity_pk,
+                     const ed25519_public_key_t *blinded_pk,
+                     uint8_t *subcred_out)
+{
+  uint8_t credential[DIGEST256_LEN];
+  crypto_digest_t *digest;
+
+  tor_assert(identity_pk);
+  tor_assert(blinded_pk);
+  tor_assert(subcred_out);
+
+  /* First, build the credential. Construction is as follow:
+   *  credential = H("credential" | public-identity-key) */
+  digest = crypto_digest256_new(DIGEST_SHA3_256);
+  crypto_digest_add_bytes(digest, HS_CREDENTIAL_PREFIX,
+                          HS_CREDENTIAL_PREFIX_LEN);
+  crypto_digest_add_bytes(digest, (const char *) identity_pk->pubkey,
+                          ED25519_PUBKEY_LEN);
+  crypto_digest_get_digest(digest, (char *) credential, DIGEST256_LEN);
+  crypto_digest_free(digest);
+
+  /* Now, compute the subcredential. Construction is as follow:
+   *  subcredential = H("subcredential" | credential | blinded-public-key). */
+  digest = crypto_digest256_new(DIGEST_SHA3_256);
+  crypto_digest_add_bytes(digest, HS_SUBCREDENTIAL_PREFIX,
+                          HS_SUBCREDENTIAL_PREFIX_LEN);
+  crypto_digest_add_bytes(digest, (const char *) credential,
+                          sizeof(credential));
+  crypto_digest_add_bytes(digest, (const char *) blinded_pk->pubkey,
+                          ED25519_PUBKEY_LEN);
+  crypto_digest_get_digest(digest, (char *) subcred_out, DIGEST256_LEN);
+  crypto_digest_free(digest);
+}
+
 /* Using a base32 representation of a service address, parse its content into
  * the key_out, checksum_out and version_out. Any out variable can be NULL in
  * case the caller would want only one field. checksum_out MUST at least be 2
author	David Goulet <dgoulet@torproject.org>	2017-05-11 10:16:28 -0400
committer	Nick Mathewson <nickm@torproject.org>	2017-08-08 20:29:33 -0400
commit	c4ba4d4cc8a1d31f78d1dc54c7851bed32a25e5c (patch)
tree	af7d5951bcea3bb7de2758c7f8c26c59bc9a10b4 /src/or/hs_common.c
parent	f53b72baf7472423f662b49bebde1a88727901fb (diff)
download	tor-c4ba4d4cc8a1d31f78d1dc54c7851bed32a25e5c.tar.gz tor-c4ba4d4cc8a1d31f78d1dc54c7851bed32a25e5c.zip