Generate weird certificates correctly

(Our link protocol assumes that the link cert certifies the TLS key,
and there is an RSA->Ed25519 crosscert)

1 files changed, 6 insertions, 2 deletions

diff --git a/src/or/routerkeys.h b/src/or/routerkeys.h
index 0c5042982c..b45a22ac12 100644
--- a/src/or/routerkeys.h
+++ b/src/or/routerkeys.h
@@ -33,11 +33,13 @@ const ed25519_public_key_t *get_master_identity_key(void);
 const ed25519_keypair_t *get_master_signing_keypair(void);
 const struct tor_cert_st *get_master_signing_key_cert(void);
 
-const ed25519_keypair_t *get_current_link_keypair(void);
 const ed25519_keypair_t *get_current_auth_keypair(void);
-const struct tor_cert_st *get_current_link_key_cert(void);
+const struct tor_cert_st *get_current_link_cert_cert(void);
 const struct tor_cert_st *get_current_auth_key_cert(void);
 
+void get_master_rsa_crosscert(const uint8_t **cert_out,
+                              size_t *size_out);
+
 struct tor_cert_st *make_ntor_onion_key_crosscert(
                                   const curve25519_keypair_t *onion_key,
                                   const ed25519_public_key_t *master_id_key,
@@ -57,6 +59,8 @@ int check_tap_onion_key_crosscert(const uint8_t *crosscert,
 int load_ed_keys(const or_options_t *options, time_t now);
 int should_make_new_ed_keys(const or_options_t *options, const time_t now);
 
+int generate_ed_link_cert(const or_options_t *options, time_t now);
+
 void routerkeys_free_all(void);
 
 #endif