diff options
| author | Nick Mathewson <nickm@torproject.org> | 2014-09-30 16:00:17 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-05-28 10:40:56 -0400 |
| commit | 818e6f939d4bd241e762970da4c6360858993cd5 (patch) | |
| tree | 08cabd70d8748a62b919555ebba4941a88533ee7 /src/or/routerkeys.h | |
| parent | a9720b90f860323781d37dbba6ce04f312ec3632 (diff) | |
| download | tor-818e6f939d4bd241e762970da4c6360858993cd5.tar.gz tor-818e6f939d4bd241e762970da4c6360858993cd5.zip | |
prop220: Implement certificates and key storage/creation
For prop220, we have a new ed25519 certificate type. This patch
implements the code to create, parse, and validate those, along with
code for routers to maintain their own sets of certificates and
keys. (Some parts of master identity key encryption are done, but
the implementation of that isn't finished)
Diffstat (limited to 'src/or/routerkeys.h')
| -rw-r--r-- | src/or/routerkeys.h | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/src/or/routerkeys.h b/src/or/routerkeys.h new file mode 100644 index 0000000000..eb21401d56 --- /dev/null +++ b/src/or/routerkeys.h @@ -0,0 +1,44 @@ +/* Copyright (c) 2014, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef TOR_ROUTERKEYS_H +#define TOR_ROUTERKEYS_H + +#include "crypto_ed25519.h" + +#define INIT_ED_KEY_CREATE (1u<<0) +#define INIT_ED_KEY_REPLACE (1u<<1) +#define INIT_ED_KEY_SPLIT (1u<<2) +#define INIT_ED_KEY_MISSING_SECRET_OK (1u<<3) +#define INIT_ED_KEY_NEEDCERT (1u<<4) +#define INIT_ED_KEY_EXTRA_STRONG (1u<<5) +#define INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT (1u<<6) + +struct tor_cert_st; +ed25519_keypair_t *ed_key_init_from_file(const char *fname, uint32_t flags, + int severity, + const ed25519_keypair_t *signing_key, + time_t now, + time_t lifetime, + uint8_t cert_type, + struct tor_cert_st **cert_out); +ed25519_keypair_t *ed_key_new(const ed25519_keypair_t *signing_key, + uint32_t flags, + time_t now, + time_t lifetime, + uint8_t cert_type, + struct tor_cert_st **cert_out); +const ed25519_public_key_t *get_master_identity_key(void); +const ed25519_keypair_t *get_master_signing_keypair(void); +const struct tor_cert_st *get_master_signing_key_cert(void); + +const ed25519_keypair_t *get_current_link_keypair(void); +const ed25519_keypair_t *get_current_auth_keypair(void); +const struct tor_cert_st *get_current_link_key_cert(void); +const struct tor_cert_st *get_current_auth_key_cert(void); + +int load_ed_keys(const or_options_t *options, time_t now); +void routerkeys_free_all(void); + +#endif + |