diff options
author | Nick Mathewson <nickm@torproject.org> | 2018-07-05 16:31:38 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2018-07-05 17:15:50 -0400 |
commit | 63b4ea22af8e8314dd718f02046de5f4b91edf9d (patch) | |
tree | af52b6fba37f22c86447fd5267dd5eb557807c8b /src/or/hs_ident.h | |
parent | ce84200542f48a92e8b56a8d032401ecd153e90c (diff) | |
download | tor-63b4ea22af8e8314dd718f02046de5f4b91edf9d.tar.gz tor-63b4ea22af8e8314dd718f02046de5f4b91edf9d.zip |
Move literally everything out of src/or
This commit won't build yet -- it just puts everything in a slightly
more logical place.
The reasoning here is that "src/core" will hold the stuff that every (or
nearly every) tor instance will need in order to do onion routing.
Other features (including some necessary ones) will live in
"src/feature". The "src/app" directory will hold the stuff needed
to have Tor be an application you can actually run.
This commit DOES NOT refactor the former contents of src/or into a
logical set of acyclic libraries, or change any code at all. That
will have to come in the future.
We will continue to move things around and split them in the future,
but I hope this lays a reasonable groundwork for doing so.
Diffstat (limited to 'src/or/hs_ident.h')
-rw-r--r-- | src/or/hs_ident.h | 146 |
1 files changed, 0 insertions, 146 deletions
diff --git a/src/or/hs_ident.h b/src/or/hs_ident.h deleted file mode 100644 index 8c53b9dbeb..0000000000 --- a/src/or/hs_ident.h +++ /dev/null @@ -1,146 +0,0 @@ -/* Copyright (c) 2017-2018, The Tor Project, Inc. */ -/* See LICENSE for licensing information */ - -/** - * \file hs_ident.h - * \brief Header file containing circuit and connection identifier data for - * the whole HS subsytem. - * - * \details - * This interface is used to uniquely identify a hidden service on a circuit - * or connection using the service identity public key. Once the circuit or - * connection subsystem calls in the hidden service one, we use those - * identifiers to lookup the corresponding objects like service, intro point - * and descriptor. - * - * Furthermore, the circuit identifier holds cryptographic material needed for - * the e2e encryption on the rendezvous circuit which is set once the - * rendezvous circuit has opened and ready to be used. - **/ - -#ifndef TOR_HS_IDENT_H -#define TOR_HS_IDENT_H - -#include "lib/crypt_ops/crypto_ed25519.h" - -#include "or/hs_common.h" - -/* Length of the rendezvous cookie that is used to connect circuits at the - * rendezvous point. */ -#define HS_REND_COOKIE_LEN DIGEST_LEN - -/* Type of circuit an hs_ident_t object is associated with. */ -typedef enum { - HS_IDENT_CIRCUIT_INTRO = 1, - HS_IDENT_CIRCUIT_RENDEZVOUS = 2, -} hs_ident_circuit_type_t; - -/* Client and service side circuit identifier that is used for hidden service - * circuit establishment. Not all fields contain data, it depends on the - * circuit purpose. This is attached to an origin_circuit_t. All fields are - * used by both client and service. */ -typedef struct hs_ident_circuit_t { - /* (All circuit) The public key used to uniquely identify the service. It is - * the one found in the onion address. */ - ed25519_public_key_t identity_pk; - - /* (All circuit) The type of circuit this identifier is attached to. - * Accessors of the fields in this object assert non fatal on this circuit - * type. In other words, if a rendezvous field is being accessed, the - * circuit type MUST BE of type HS_IDENT_CIRCUIT_RENDEZVOUS. This value is - * set when an object is initialized in its constructor. */ - hs_ident_circuit_type_t circuit_type; - - /* (All circuit) Introduction point authentication key. It's also needed on - * the rendezvous circuit for the ntor handshake. It's used as the unique key - * of the introduction point so it should not be shared between multiple - * intro points. */ - ed25519_public_key_t intro_auth_pk; - - /* (Only client rendezvous circuit) Introduction point encryption public - * key. We keep it in the rendezvous identifier for the ntor handshake. */ - curve25519_public_key_t intro_enc_pk; - - /* (Only rendezvous circuit) Rendezvous cookie sent from the client to the - * service with an INTRODUCE1 cell and used by the service in an - * RENDEZVOUS1 cell. */ - uint8_t rendezvous_cookie[HS_REND_COOKIE_LEN]; - - /* (Only service rendezvous circuit) The HANDSHAKE_INFO needed in the - * RENDEZVOUS1 cell of the service. The construction is as follows: - * SERVER_PK [32 bytes] - * AUTH_MAC [32 bytes] - */ - uint8_t rendezvous_handshake_info[CURVE25519_PUBKEY_LEN + DIGEST256_LEN]; - - /* (Only client rendezvous circuit) Client ephemeral keypair needed for the - * e2e encryption with the service. */ - curve25519_keypair_t rendezvous_client_kp; - - /* (Only rendezvous circuit) The NTOR_KEY_SEED needed for key derivation for - * the e2e encryption with the client on the circuit. */ - uint8_t rendezvous_ntor_key_seed[DIGEST256_LEN]; - - /* (Only rendezvous circuit) Number of streams associated with this - * rendezvous circuit. We track this because there is a check on a maximum - * value. */ - uint64_t num_rdv_streams; -} hs_ident_circuit_t; - -/* Client and service side directory connection identifier used for a - * directory connection to identify which service is being queried. This is - * attached to a dir_connection_t. */ -typedef struct hs_ident_dir_conn_t { - /* The public key used to uniquely identify the service. It is the one found - * in the onion address. */ - ed25519_public_key_t identity_pk; - - /* The blinded public key used to uniquely identify the descriptor that this - * directory connection identifier is for. Only used by the service-side code - * to fine control descriptor uploads. */ - ed25519_public_key_t blinded_pk; - - /* XXX: Client authorization. */ -} hs_ident_dir_conn_t; - -/* Client and service side edge connection identifier used for an edge - * connection to identify which service is being queried. This is attached to - * a edge_connection_t. */ -typedef struct hs_ident_edge_conn_t { - /* The public key used to uniquely identify the service. It is the one found - * in the onion address. */ - ed25519_public_key_t identity_pk; - - /* XXX: Client authorization. */ -} hs_ident_edge_conn_t; - -/* Circuit identifier API. */ -hs_ident_circuit_t *hs_ident_circuit_new( - const ed25519_public_key_t *identity_pk, - hs_ident_circuit_type_t circuit_type); -void hs_ident_circuit_free_(hs_ident_circuit_t *ident); -#define hs_ident_circuit_free(id) \ - FREE_AND_NULL(hs_ident_circuit_t, hs_ident_circuit_free_, (id)) -hs_ident_circuit_t *hs_ident_circuit_dup(const hs_ident_circuit_t *src); - -/* Directory connection identifier API. */ -hs_ident_dir_conn_t *hs_ident_dir_conn_dup(const hs_ident_dir_conn_t *src); -void hs_ident_dir_conn_free_(hs_ident_dir_conn_t *ident); -#define hs_ident_dir_conn_free(id) \ - FREE_AND_NULL(hs_ident_dir_conn_t, hs_ident_dir_conn_free_, (id)) -void hs_ident_dir_conn_init(const ed25519_public_key_t *identity_pk, - const ed25519_public_key_t *blinded_pk, - hs_ident_dir_conn_t *ident); - -/* Edge connection identifier API. */ -hs_ident_edge_conn_t *hs_ident_edge_conn_new( - const ed25519_public_key_t *identity_pk); -void hs_ident_edge_conn_free_(hs_ident_edge_conn_t *ident); -#define hs_ident_edge_conn_free(id) \ - FREE_AND_NULL(hs_ident_edge_conn_t, hs_ident_edge_conn_free_, (id)) - -/* Validators */ -int hs_ident_intro_circ_is_valid(const hs_ident_circuit_t *ident); - -#endif /* !defined(TOR_HS_IDENT_H) */ - |