diff options
Diffstat (limited to 'src/or')
| -rw-r--r-- | src/or/hs_ident.c | 3 | ||||
| -rw-r--r-- | src/or/hs_ident.h | 21 |
2 files changed, 12 insertions, 12 deletions
diff --git a/src/or/hs_ident.c b/src/or/hs_ident.c index 5b5dc9aaff..c3f789db56 100644 --- a/src/or/hs_ident.c +++ b/src/or/hs_ident.c @@ -30,9 +30,6 @@ hs_ident_circuit_free(hs_ident_circuit_t *ident) if (ident == NULL) { return; } - if (ident->auth_key_type == HS_AUTH_KEY_TYPE_LEGACY) { - crypto_pk_free(ident->auth_rsa_pk); - } memwipe(ident, 0, sizeof(hs_ident_circuit_t)); tor_free(ident); } diff --git a/src/or/hs_ident.h b/src/or/hs_ident.h index 8a7c3598cf..ca1fa3d707 100644 --- a/src/or/hs_ident.h +++ b/src/or/hs_ident.h @@ -52,27 +52,30 @@ typedef struct hs_ident_circuit_t { * set when an object is initialized in its constructor. */ hs_ident_circuit_type_t circuit_type; - /* (Only intro point circuit) Which type of authentication key this - * circuit identifier is using. */ - hs_auth_key_type_t auth_key_type; + /* (All circuit) Introduction point authentication key. It's also needed on + * the rendezvous circuit for the ntor handshake. */ + ed25519_public_key_t intro_auth_pk; - /* (Only intro point circuit) Introduction point authentication key. In - * legacy mode, we use an RSA key else an ed25519 public key. */ - crypto_pk_t *auth_rsa_pk; - ed25519_public_key_t auth_ed25519_pk; + /* (Only client rendezvous circuit) Introduction point encryption public + * key. We keep it in the rendezvous identifier for the ntor handshake. */ + curve25519_public_key_t intro_enc_pk; /* (Only rendezvous circuit) Rendezvous cookie sent from the client to the * service with an INTRODUCE1 cell and used by the service in an * RENDEZVOUS1 cell. */ uint8_t rendezvous_cookie[HS_REND_COOKIE_LEN]; - /* (Only rendezvous circuit) The HANDSHAKE_INFO needed in the RENDEZVOUS1 - * cell of the service. The construction is as follows: + /* (Only service rendezvous circuit) The HANDSHAKE_INFO needed in the + * RENDEZVOUS1 cell of the service. The construction is as follows: * SERVER_PK [32 bytes] * AUTH_MAC [32 bytes] */ uint8_t rendezvous_handshake_info[CURVE25519_PUBKEY_LEN + DIGEST256_LEN]; + /* (Only client rendezvous circuit) Client ephemeral keypair needed for the + * e2e encryption with the service. */ + curve25519_keypair_t rendezvous_client_kp; + /* (Only rendezvous circuit) The NTOR_KEY_SEED needed for key derivation for * the e2e encryption with the client on the circuit. */ uint8_t rendezvous_ntor_key_seed[DIGEST256_LEN]; |