diff options
Diffstat (limited to 'src/or')
37 files changed, 161 insertions, 114 deletions
diff --git a/src/or/bridges.h b/src/or/bridges.h index d6fec4b46d..70588c1b91 100644 --- a/src/or/bridges.h +++ b/src/or/bridges.h @@ -13,6 +13,7 @@ #define TOR_BRIDGES_H struct bridge_line_t; +struct ed25519_public_key_t; /* Opaque handle to a configured bridge */ typedef struct bridge_info_t bridge_info_t; @@ -38,7 +39,7 @@ int routerinfo_is_a_configured_bridge(const routerinfo_t *ri); int node_is_a_configured_bridge(const node_t *node); void learned_router_identity(const tor_addr_t *addr, uint16_t port, const char *digest, - const ed25519_public_key_t *ed_id); + const struct ed25519_public_key_t *ed_id); void bridge_add_from_config(struct bridge_line_t *bridge_line); void retry_bridge_descriptor_fetch_directly(const char *digest); @@ -77,4 +78,3 @@ STATIC void bridge_resolve_conflicts(const tor_addr_t *addr, #endif /* defined(TOR_BRIDGES_PRIVATE) */ #endif /* !defined(TOR_BRIDGES_H) */ - diff --git a/src/or/channel.h b/src/or/channel.h index cbcc13cc51..e732acec5d 100644 --- a/src/or/channel.h +++ b/src/or/channel.h @@ -12,6 +12,7 @@ #include "or/or.h" #include "or/circuitmux.h" #include "common/handles.h" +#include "lib/crypt_ops/crypto_ed25519.h" #include "tor_queue.h" @@ -255,7 +256,7 @@ struct channel_s { * necessarily its true identity. Don't believe this identity unless * authentication has happened. */ - ed25519_public_key_t ed25519_identity; + struct ed25519_public_key_t ed25519_identity; /** * Linked list of channels with the same RSA identity digest, for use with @@ -474,8 +475,8 @@ void channel_mark_incoming(channel_t *chan); void channel_mark_outgoing(channel_t *chan); void channel_mark_remote(channel_t *chan); void channel_set_identity_digest(channel_t *chan, - const char *identity_digest, - const ed25519_public_key_t *ed_identity); + const char *identity_digest, + const struct ed25519_public_key_t *ed_identity); void channel_listener_change_state(channel_listener_t *chan_l, channel_listener_state_t to_state); @@ -525,10 +526,10 @@ int channel_send_destroy(circid_t circ_id, channel_t *chan, channel_t * channel_connect(const tor_addr_t *addr, uint16_t port, const char *rsa_id_digest, - const ed25519_public_key_t *ed_id); + const struct ed25519_public_key_t *ed_id); channel_t * channel_get_for_extend(const char *rsa_id_digest, - const ed25519_public_key_t *ed_id, + const struct ed25519_public_key_t *ed_id, const tor_addr_t *target_addr, const char **msg_out, int *launch_out); @@ -541,7 +542,7 @@ int channel_is_better(channel_t *a, channel_t *b); channel_t * channel_find_by_global_id(uint64_t global_identifier); channel_t * channel_find_by_remote_identity(const char *rsa_id_digest, - const ed25519_public_key_t *ed_id); + const struct ed25519_public_key_t *ed_id); /** For things returned by channel_find_by_remote_digest(), walk the list. * The RSA key will match for all returned elements; the Ed25519 key might not. diff --git a/src/or/channeltls.h b/src/or/channeltls.h index be74127c9a..1ab899af96 100644 --- a/src/or/channeltls.h +++ b/src/or/channeltls.h @@ -12,6 +12,9 @@ #include "or/or.h" #include "or/channel.h" +struct ed25519_public_key_t; +struct curve25519_public_key_t; + #define BASE_CHAN_TO_TLS(c) (channel_tls_from_base((c))) #define TLS_CHAN_TO_BASE(c) (channel_tls_to_base((c))) @@ -30,7 +33,7 @@ struct channel_tls_s { channel_t * channel_tls_connect(const tor_addr_t *addr, uint16_t port, const char *id_digest, - const ed25519_public_key_t *ed_id); + const struct ed25519_public_key_t *ed_id); channel_listener_t * channel_tls_get_listener(void); channel_listener_t * channel_tls_start_listener(void); channel_t * channel_tls_handle_incoming(or_connection_t *orconn); @@ -72,4 +75,3 @@ STATIC void channel_tls_process_authenticate_cell(var_cell_t *cell, #endif /* defined(CHANNELTLS_PRIVATE) */ #endif /* !defined(TOR_CHANNELTLS_H) */ - diff --git a/src/or/circuitbuild.h b/src/or/circuitbuild.h index ffbb31e0d8..e2eb05c564 100644 --- a/src/or/circuitbuild.h +++ b/src/or/circuitbuild.h @@ -12,6 +12,9 @@ #ifndef TOR_CIRCUITBUILD_H #define TOR_CIRCUITBUILD_H +struct ed25519_public_key_t; +struct curve25519_public_key_t; + int route_len_for_purpose(uint8_t purpose, extend_info_t *exit_ei); char *circuit_list_path(origin_circuit_t *circ, int verbose); char *circuit_list_path_for_controller(origin_circuit_t *circ); @@ -52,9 +55,9 @@ int circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *info); void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop); extend_info_t *extend_info_new(const char *nickname, const char *rsa_id_digest, - const ed25519_public_key_t *ed_id, + const struct ed25519_public_key_t *ed_id, crypto_pk_t *onion_key, - const curve25519_public_key_t *ntor_key, + const struct curve25519_public_key_t *ntor_key, const tor_addr_t *addr, uint16_t port); extend_info_t *extend_info_from_node(const node_t *r, int for_direct_connect); extend_info_t *extend_info_dup(extend_info_t *info); @@ -100,4 +103,3 @@ unsigned int cpath_get_n_hops(crypt_path_t **head_ptr); #endif /* defined(CIRCUITBUILD_PRIVATE) */ #endif /* !defined(TOR_CIRCUITBUILD_H) */ - diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 71b3c8a0b8..41ec7e8bc4 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -68,6 +68,7 @@ #include "or/or_handshake_state_st.h" #include "or/routerinfo_st.h" #include "or/var_cell_st.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/tls/tortls.h" diff --git a/src/or/connection_or.h b/src/or/connection_or.h index 41abc199d3..27574c9e98 100644 --- a/src/or/connection_or.h +++ b/src/or/connection_or.h @@ -12,6 +12,9 @@ #ifndef TOR_CONNECTION_OR_H #define TOR_CONNECTION_OR_H +struct ed25519_public_key_t; +struct ed25519_keypair_t; + or_connection_t *TO_OR_CONN(connection_t *); void connection_or_clear_identity(or_connection_t *conn); @@ -42,7 +45,7 @@ MOCK_DECL(or_connection_t *, connection_or_connect, (const tor_addr_t *addr, uint16_t port, const char *id_digest, - const ed25519_public_key_t *ed_id, + const struct ed25519_public_key_t *ed_id, channel_tls_t *chan)); void connection_or_close_normally(or_connection_t *orconn, int flush); @@ -60,14 +63,14 @@ void connection_or_set_canonical(or_connection_t *or_conn, int connection_init_or_handshake_state(or_connection_t *conn, int started_here); void connection_or_init_conn_from_address(or_connection_t *conn, - const tor_addr_t *addr, - uint16_t port, - const char *rsa_id_digest, - const ed25519_public_key_t *ed_id, - int started_here); + const tor_addr_t *addr, + uint16_t port, + const char *rsa_id_digest, + const struct ed25519_public_key_t *ed_id, + int started_here); int connection_or_client_learned_peer_id(or_connection_t *conn, const uint8_t *rsa_peer_id, - const ed25519_public_key_t *ed_peer_id); + const struct ed25519_public_key_t *ed_peer_id); time_t connection_or_client_used(or_connection_t *conn); MOCK_DECL(int, connection_or_get_num_circuits, (or_connection_t *conn)); void or_handshake_state_free_(or_handshake_state_t *state); @@ -94,11 +97,12 @@ int connection_or_send_auth_challenge_cell(or_connection_t *conn); int authchallenge_type_is_supported(uint16_t challenge_type); int authchallenge_type_is_better(uint16_t challenge_type_a, uint16_t challenge_type_b); -var_cell_t *connection_or_compute_authenticate_cell_body(or_connection_t *conn, - const int authtype, - crypto_pk_t *signing_key, - const ed25519_keypair_t *ed_signing_key, - int server); +var_cell_t *connection_or_compute_authenticate_cell_body( + or_connection_t *conn, + const int authtype, + crypto_pk_t *signing_key, + const struct ed25519_keypair_t *ed_signing_key, + int server); MOCK_DECL(int,connection_or_send_authenticate_cell, (or_connection_t *conn, int type)); @@ -132,4 +136,3 @@ extern int certs_cell_ed25519_disabled_for_testing; #endif #endif /* !defined(TOR_CONNECTION_OR_H) */ - diff --git a/src/or/control.h b/src/or/control.h index 5d00727c0a..9189a871dd 100644 --- a/src/or/control.h +++ b/src/or/control.h @@ -162,6 +162,8 @@ void control_event_hs_descriptor_content(const char *onion_address, void control_free_all(void); #ifdef CONTROL_PRIVATE +#include "lib/crypt_ops/crypto_ed25519.h" + /* Recognized asynchronous event types. It's okay to expand this list * because it is used both as a list of v0 event types, and as indices * into the bitfield to determine which controllers want which events. diff --git a/src/or/dirauth/dirvote.c b/src/or/dirauth/dirvote.c index 66137d1a9b..5d6b39ea86 100644 --- a/src/or/dirauth/dirvote.c +++ b/src/or/dirauth/dirvote.c @@ -45,6 +45,7 @@ #include "lib/container/order.h" #include "lib/encoding/confline.h" +#include "lib/crypt_ops/crypto_format.h" /** * \file dirvote.c diff --git a/src/or/directory.c b/src/or/directory.c index 60f2a3285e..842cf631ed 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -44,6 +44,7 @@ #include "or/routerparse.h" #include "or/routerset.h" #include "lib/encoding/confline.h" +#include "lib/crypt_ops/crypto_format.h" #if defined(EXPORTMALLINFO) && defined(HAVE_MALLOC_H) && defined(HAVE_MALLINFO) #if !defined(OpenBSD) diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 9ad453356b..2980d63f0a 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -48,6 +48,7 @@ #include "lib/compress/compress.h" #include "lib/container/order.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/encoding/confline.h" /** diff --git a/src/or/dirserv.h b/src/or/dirserv.h index 757eba7ba2..7ecb0088de 100644 --- a/src/or/dirserv.h +++ b/src/or/dirserv.h @@ -12,6 +12,8 @@ #ifndef TOR_DIRSERV_H #define TOR_DIRSERV_H +struct ed25519_public_key_t; + #include "lib/testsupport/testsupport.h" /** What fraction (1 over this number) of the relay ID space do we @@ -138,7 +140,7 @@ int dirserv_get_routerdescs(smartlist_t *descs_out, const char *key, void dirserv_orconn_tls_done(const tor_addr_t *addr, uint16_t or_port, const char *digest_rcvd, - const ed25519_public_key_t *ed_id_rcvd); + const struct ed25519_public_key_t *ed_id_rcvd); int dirserv_should_launch_reachability_test(const routerinfo_t *ri, const routerinfo_t *ri_old); void dirserv_single_reachability_test(time_t now, routerinfo_t *router); @@ -220,4 +222,3 @@ void dirserv_spool_sort(dir_connection_t *conn); void dir_conn_clear_spool(dir_connection_t *conn); #endif /* !defined(TOR_DIRSERV_H) */ - diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h index e56d4632b6..56b961e9a0 100644 --- a/src/or/entrynodes.h +++ b/src/or/entrynodes.h @@ -64,6 +64,8 @@ typedef struct guard_pathbias_t { } guard_pathbias_t; #if defined(ENTRYNODES_PRIVATE) +#include "lib/crypt_ops/crypto_ed25519.h" + /** * @name values for entry_guard_t.is_reachable. * @@ -635,4 +637,3 @@ guard_get_guardfraction_bandwidth(guardfraction_bandwidth_t *guardfraction_bw, uint32_t guardfraction_percentage); #endif /* !defined(TOR_ENTRYNODES_H) */ - diff --git a/src/or/extend_info_st.h b/src/or/extend_info_st.h index 36eb3cd135..277766c4d6 100644 --- a/src/or/extend_info_st.h +++ b/src/or/extend_info_st.h @@ -7,6 +7,9 @@ #ifndef EXTEND_INFO_ST_H #define EXTEND_INFO_ST_H +#include "lib/crypt_ops/crypto_curve25519.h" +#include "lib/crypt_ops/crypto_ed25519.h" + /** Information on router used when extending a circuit. We don't need a * full routerinfo_t to extend: we only need addr:port:keyid to build an OR * connection, and onion_key to create the onionskin. Note that for onehop @@ -25,4 +28,3 @@ struct extend_info_t { }; #endif - diff --git a/src/or/hs_cache.c b/src/or/hs_cache.c index a42fe6b1a3..3772e0c0ed 100644 --- a/src/or/hs_cache.c +++ b/src/or/hs_cache.c @@ -11,6 +11,7 @@ #include "or/or.h" #include "or/config.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_util.h" #include "or/hs_ident.h" #include "or/hs_common.h" @@ -976,4 +977,3 @@ hs_cache_free_all(void) cache_client_intro_state_free_void); hs_cache_client_intro_state = NULL; } - diff --git a/src/or/hs_cache.h b/src/or/hs_cache.h index 78ed81b6e0..1e479700fa 100644 --- a/src/or/hs_cache.h +++ b/src/or/hs_cache.h @@ -11,12 +11,13 @@ #include <stdint.h> -#include "lib/crypt_ops/crypto_ed25519.h" #include "or/hs_common.h" #include "or/hs_descriptor.h" #include "or/rendcommon.h" #include "or/torcert.h" +struct ed25519_public_key_t; + /* This is the maximum time an introduction point state object can stay in the * client cache in seconds (2 mins or 120 seconds). */ #define HS_CACHE_CLIENT_INTRO_STATE_MAX_AGE (2 * 60) @@ -79,30 +80,32 @@ int hs_cache_lookup_as_dir(uint32_t version, const char *query, const char **desc_out); const hs_descriptor_t * -hs_cache_lookup_as_client(const ed25519_public_key_t *key); +hs_cache_lookup_as_client(const struct ed25519_public_key_t *key); const char * -hs_cache_lookup_encoded_as_client(const ed25519_public_key_t *key); +hs_cache_lookup_encoded_as_client(const struct ed25519_public_key_t *key); int hs_cache_store_as_client(const char *desc_str, - const ed25519_public_key_t *identity_pk); + const struct ed25519_public_key_t *identity_pk); void hs_cache_clean_as_client(time_t now); void hs_cache_purge_as_client(void); /* Client failure cache. */ -void hs_cache_client_intro_state_note(const ed25519_public_key_t *service_pk, - const ed25519_public_key_t *auth_key, - rend_intro_point_failure_t failure); +void hs_cache_client_intro_state_note( + const struct ed25519_public_key_t *service_pk, + const struct ed25519_public_key_t *auth_key, + rend_intro_point_failure_t failure); const hs_cache_intro_state_t *hs_cache_client_intro_state_find( - const ed25519_public_key_t *service_pk, - const ed25519_public_key_t *auth_key); + const struct ed25519_public_key_t *service_pk, + const struct ed25519_public_key_t *auth_key); void hs_cache_client_intro_state_clean(time_t now); void hs_cache_client_intro_state_purge(void); #ifdef HS_CACHE_PRIVATE +#include "lib/crypt_ops/crypto_ed25519.h" /** Represents a locally cached HS descriptor on a hidden service client. */ typedef struct hs_cache_client_descriptor_t { /* This object is indexed using the service identity public key */ - ed25519_public_key_t key; + struct ed25519_public_key_t key; /* When will this entry expire? We expire cached client descriptors in the * start of the next time period, since that's when clients need to start @@ -125,4 +128,3 @@ lookup_v3_desc_as_client(const uint8_t *key); #endif /* defined(HS_CACHE_PRIVATE) */ #endif /* !defined(TOR_HS_CACHE_H) */ - diff --git a/src/or/hs_client.c b/src/or/hs_client.c index 0b60c8dcfb..cc461e368d 100644 --- a/src/or/hs_client.c +++ b/src/or/hs_client.c @@ -16,6 +16,7 @@ #include "or/config.h" #include "or/connection.h" #include "or/connection_edge.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_rand.h" #include "lib/crypt_ops/crypto_util.h" #include "or/directory.h" diff --git a/src/or/hs_common.c b/src/or/hs_common.c index e88a04620e..d91f45a639 100644 --- a/src/or/hs_common.c +++ b/src/or/hs_common.c @@ -1823,4 +1823,3 @@ hs_inc_rdv_stream_counter(origin_circuit_t *circ) tor_assert_nonfatal_unreached(); } } - diff --git a/src/or/hs_common.h b/src/or/hs_common.h index 11806365e4..24f5f3a20f 100644 --- a/src/or/hs_common.h +++ b/src/or/hs_common.h @@ -10,6 +10,11 @@ #define TOR_HS_COMMON_H #include "or/or.h" +#include "lib/defs/x25519_sizes.h" + +struct curve25519_public_key_t; +struct ed25519_public_key_t; +struct ed25519_keypair_t; /* Trunnel */ #include "trunnel/ed25519_cert.h" @@ -167,20 +172,20 @@ int hs_check_service_private_dir(const char *username, const char *path, int hs_get_service_max_rend_failures(void); char *hs_path_from_filename(const char *directory, const char *filename); -void hs_build_address(const ed25519_public_key_t *key, uint8_t version, +void hs_build_address(const struct ed25519_public_key_t *key, uint8_t version, char *addr_out); int hs_address_is_valid(const char *address); -int hs_parse_address(const char *address, ed25519_public_key_t *key_out, +int hs_parse_address(const char *address, struct ed25519_public_key_t *key_out, uint8_t *checksum_out, uint8_t *version_out); -void hs_build_blinded_pubkey(const ed25519_public_key_t *pubkey, +void hs_build_blinded_pubkey(const struct ed25519_public_key_t *pubkey, const uint8_t *secret, size_t secret_len, uint64_t time_period_num, - ed25519_public_key_t *pubkey_out); -void hs_build_blinded_keypair(const ed25519_keypair_t *kp, + struct ed25519_public_key_t *pubkey_out); +void hs_build_blinded_keypair(const struct ed25519_keypair_t *kp, const uint8_t *secret, size_t secret_len, uint64_t time_period_num, - ed25519_keypair_t *kp_out); + struct ed25519_keypair_t *kp_out); int hs_service_requires_uptime_circ(const smartlist_t *ports); void rend_data_free_(rend_data_t *data); @@ -203,8 +208,8 @@ const uint8_t *rend_data_get_pk_digest(const rend_data_t *rend_data, routerstatus_t *pick_hsdir(const char *desc_id, const char *desc_id_base32); -void hs_get_subcredential(const ed25519_public_key_t *identity_pk, - const ed25519_public_key_t *blinded_pk, +void hs_get_subcredential(const struct ed25519_public_key_t *identity_pk, + const struct ed25519_public_key_t *blinded_pk, uint8_t *subcred_out); uint64_t hs_get_previous_time_period_num(time_t now); @@ -222,18 +227,18 @@ uint8_t *hs_get_current_srv(uint64_t time_period_num, uint8_t *hs_get_previous_srv(uint64_t time_period_num, const networkstatus_t *ns); -void hs_build_hsdir_index(const ed25519_public_key_t *identity_pk, +void hs_build_hsdir_index(const struct ed25519_public_key_t *identity_pk, const uint8_t *srv, uint64_t period_num, uint8_t *hsdir_index_out); void hs_build_hs_index(uint64_t replica, - const ed25519_public_key_t *blinded_pk, + const struct ed25519_public_key_t *blinded_pk, uint64_t period_num, uint8_t *hs_index_out); int32_t hs_get_hsdir_n_replicas(void); int32_t hs_get_hsdir_spread_fetch(void); int32_t hs_get_hsdir_spread_store(void); -void hs_get_responsible_hsdirs(const ed25519_public_key_t *blinded_pk, +void hs_get_responsible_hsdirs(const struct ed25519_public_key_t *blinded_pk, uint64_t time_period_num, int use_second_hsdir_index, int for_fetching, smartlist_t *responsible_dirs); @@ -254,8 +259,8 @@ void hs_inc_rdv_stream_counter(origin_circuit_t *circ); void hs_dec_rdv_stream_counter(origin_circuit_t *circ); extend_info_t *hs_get_extend_info_from_lspecs(const smartlist_t *lspecs, - const curve25519_public_key_t *onion_key, - int direct_conn); + const struct curve25519_public_key_t *onion_key, + int direct_conn); #ifdef HS_COMMON_PRIVATE @@ -281,4 +286,3 @@ STATIC uint8_t *get_second_cached_disaster_srv(void); #endif /* defined(HS_COMMON_PRIVATE) */ #endif /* !defined(TOR_HS_COMMON_H) */ - diff --git a/src/or/hs_control.c b/src/or/hs_control.c index 76c40918bb..be456e8da4 100644 --- a/src/or/hs_control.c +++ b/src/or/hs_control.c @@ -8,6 +8,7 @@ #include "or/or.h" #include "or/control.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_util.h" #include "or/hs_common.h" #include "or/hs_control.h" @@ -258,4 +259,3 @@ hs_control_hspost_command(const char *body, const char *onion_address, smartlist_free(hsdirs); return ret; } - diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c index f436c66150..5fd8971dc0 100644 --- a/src/or/hs_descriptor.c +++ b/src/or/hs_descriptor.c @@ -67,6 +67,7 @@ #include "or/hs_config.h" #include "or/torcert.h" /* tor_cert_encode_ed22519() */ #include "lib/memarea/memarea.h" +#include "lib/crypt_ops/crypto_format.h" #include "or/extend_info_st.h" diff --git a/src/or/hs_intropoint.c b/src/or/hs_intropoint.c index 6c0729b050..2594058679 100644 --- a/src/or/hs_intropoint.c +++ b/src/or/hs_intropoint.c @@ -15,6 +15,7 @@ #include "or/relay.h" #include "or/rendmid.h" #include "or/rephist.h" +#include "lib/crypt_ops/crypto_format.h" /* Trunnel */ #include "trunnel/ed25519_cert.h" @@ -611,4 +612,3 @@ hs_intropoint_clear(hs_intropoint_t *ip) smartlist_free(ip->link_specifiers); memset(ip, 0, sizeof(hs_intropoint_t)); } - diff --git a/src/or/hs_ntor.c b/src/or/hs_ntor.c index a8a76ed54d..b5007545db 100644 --- a/src/or/hs_ntor.c +++ b/src/or/hs_ntor.c @@ -26,6 +26,8 @@ #include "or/or.h" #include "lib/crypt_ops/crypto_util.h" +#include "lib/crypt_ops/crypto_curve25519.h" +#include "lib/crypt_ops/crypto_ed25519.h" #include "or/hs_ntor.h" /* String constants used by the ntor HS protocol */ @@ -616,4 +618,3 @@ hs_ntor_circuit_key_expansion(const uint8_t *ntor_key_seed, size_t seed_len, return 0; } - diff --git a/src/or/hs_ntor.h b/src/or/hs_ntor.h index cc4afd536b..67a9573436 100644 --- a/src/or/hs_ntor.h +++ b/src/or/hs_ntor.h @@ -5,6 +5,9 @@ #define TOR_HS_NTOR_H #include "or/or.h" +struct ed25519_public_key_t; +struct curve25519_public_key_t; +struct curve25519_keypair_t; /* Output length of KDF for key expansion */ #define HS_NTOR_KEY_EXPANSION_KDF_OUT_LEN \ @@ -28,32 +31,32 @@ typedef struct { } hs_ntor_rend_cell_keys_t; int hs_ntor_client_get_introduce1_keys( - const ed25519_public_key_t *intro_auth_pubkey, - const curve25519_public_key_t *intro_enc_pubkey, - const curve25519_keypair_t *client_ephemeral_enc_keypair, - const uint8_t *subcredential, - hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out); + const struct ed25519_public_key_t *intro_auth_pubkey, + const struct curve25519_public_key_t *intro_enc_pubkey, + const struct curve25519_keypair_t *client_ephemeral_enc_keypair, + const uint8_t *subcredential, + hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out); int hs_ntor_client_get_rendezvous1_keys( - const ed25519_public_key_t *intro_auth_pubkey, - const curve25519_keypair_t *client_ephemeral_enc_keypair, - const curve25519_public_key_t *intro_enc_pubkey, - const curve25519_public_key_t *service_ephemeral_rend_pubkey, - hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out); + const struct ed25519_public_key_t *intro_auth_pubkey, + const struct curve25519_keypair_t *client_ephemeral_enc_keypair, + const struct curve25519_public_key_t *intro_enc_pubkey, + const struct curve25519_public_key_t *service_ephemeral_rend_pubkey, + hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out); int hs_ntor_service_get_introduce1_keys( - const ed25519_public_key_t *intro_auth_pubkey, - const curve25519_keypair_t *intro_enc_keypair, - const curve25519_public_key_t *client_ephemeral_enc_pubkey, - const uint8_t *subcredential, - hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out); + const struct ed25519_public_key_t *intro_auth_pubkey, + const struct curve25519_keypair_t *intro_enc_keypair, + const struct curve25519_public_key_t *client_ephemeral_enc_pubkey, + const uint8_t *subcredential, + hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out); int hs_ntor_service_get_rendezvous1_keys( - const ed25519_public_key_t *intro_auth_pubkey, - const curve25519_keypair_t *intro_enc_keypair, - const curve25519_keypair_t *service_ephemeral_rend_keypair, - const curve25519_public_key_t *client_ephemeral_enc_pubkey, - hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out); + const struct ed25519_public_key_t *intro_auth_pubkey, + const struct curve25519_keypair_t *intro_enc_keypair, + const struct curve25519_keypair_t *service_ephemeral_rend_keypair, + const struct curve25519_public_key_t *client_ephemeral_enc_pubkey, + hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out); int hs_ntor_circuit_key_expansion(const uint8_t *ntor_key_seed, size_t seed_len, @@ -64,4 +67,3 @@ int hs_ntor_client_rendezvous2_mac_is_good( const uint8_t *rcvd_mac); #endif /* !defined(TOR_HS_NTOR_H) */ - diff --git a/src/or/hs_service.c b/src/or/hs_service.c index 994a5687bc..6c134136fe 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -48,6 +48,7 @@ #include "or/routerstatus_st.h" #include "lib/encoding/confline.h" +#include "lib/crypt_ops/crypto_format.h" /* Trunnel */ #include "trunnel/ed25519_cert.h" diff --git a/src/or/microdesc_st.h b/src/or/microdesc_st.h index 256659e679..0a58ffb850 100644 --- a/src/or/microdesc_st.h +++ b/src/or/microdesc_st.h @@ -7,6 +7,9 @@ #ifndef MICRODESC_ST_H #define MICRODESC_ST_H +struct curve25519_public_key_t; +struct ed25519_public_key_t; + /** A microdescriptor is the smallest amount of information needed to build a * circuit through a router. They are generated by the directory authorities, * using information from the uploaded routerinfo documents. They are not @@ -52,9 +55,9 @@ struct microdesc_t { /** As routerinfo_t.onion_pkey */ crypto_pk_t *onion_pkey; /** As routerinfo_t.onion_curve25519_pkey */ - curve25519_public_key_t *onion_curve25519_pkey; + struct curve25519_public_key_t *onion_curve25519_pkey; /** Ed25519 identity key, if included. */ - ed25519_public_key_t *ed25519_identity_pkey; + struct ed25519_public_key_t *ed25519_identity_pkey; /** As routerinfo_t.ipv6_addr */ tor_addr_t ipv6_addr; /** As routerinfo_t.ipv6_orport */ @@ -68,4 +71,3 @@ struct microdesc_t { }; #endif - diff --git a/src/or/node_st.h b/src/or/node_st.h index cc777003d8..d56ce27884 100644 --- a/src/or/node_st.h +++ b/src/or/node_st.h @@ -8,6 +8,7 @@ #define NODE_ST_H #include "or/hsdir_index_st.h" +#include "lib/crypt_ops/crypto_ed25519.h" /** A node_t represents a Tor router. * @@ -99,4 +100,3 @@ struct node_t { }; #endif - diff --git a/src/or/nodelist.h b/src/or/nodelist.h index 06aec0bad5..ed3a542971 100644 --- a/src/or/nodelist.h +++ b/src/or/nodelist.h @@ -12,15 +12,19 @@ #ifndef TOR_NODELIST_H #define TOR_NODELIST_H +struct ed25519_public_key_t; +struct curve25519_public_key_t; + #define node_assert_ok(n) STMT_BEGIN { \ tor_assert((n)->ri || (n)->rs); \ } STMT_END MOCK_DECL(node_t *, node_get_mutable_by_id,(const char *identity_digest)); MOCK_DECL(const node_t *, node_get_by_id, (const char *identity_digest)); -node_t *node_get_mutable_by_ed25519_id(const ed25519_public_key_t *ed_id); +node_t *node_get_mutable_by_ed25519_id( + const struct ed25519_public_key_t *ed_id); MOCK_DECL(const node_t *, node_get_by_ed25519_id, - (const ed25519_public_key_t *ed_id)); + (const struct ed25519_public_key_t *ed_id)); #define NNF_NO_WARN_UNNAMED (1u<<0) @@ -65,9 +69,9 @@ uint32_t node_get_prim_addr_ipv4h(const node_t *node); void node_get_address_string(const node_t *node, char *cp, size_t len); long node_get_declared_uptime(const node_t *node); const smartlist_t *node_get_declared_family(const node_t *node); -const ed25519_public_key_t *node_get_ed25519_id(const node_t *node); +const struct ed25519_public_key_t *node_get_ed25519_id(const node_t *node); int node_ed25519_id_matches(const node_t *node, - const ed25519_public_key_t *id); + const struct ed25519_public_key_t *id); int node_supports_ed25519_link_authentication(const node_t *node, int compatible_with_us); int node_supports_v3_hsdir(const node_t *node); @@ -89,7 +93,7 @@ void node_get_prim_dirport(const node_t *node, tor_addr_port_t *ap_out); void node_get_pref_dirport(const node_t *node, tor_addr_port_t *ap_out); void node_get_pref_ipv6_dirport(const node_t *node, tor_addr_port_t *ap_out); int node_has_curve25519_onion_key(const node_t *node); -const curve25519_public_key_t *node_get_curve25519_onion_key( +const struct curve25519_public_key_t *node_get_curve25519_onion_key( const node_t *node); MOCK_DECL(smartlist_t *, nodelist_get_list, (void)); @@ -162,4 +166,3 @@ node_set_hsdir_index(node_t *node, const networkstatus_t *ns); MOCK_DECL(int, get_estimated_address_per_node, (void)); #endif /* !defined(TOR_NODELIST_H) */ - diff --git a/src/or/onion.h b/src/or/onion.h index 57224f629e..ff70f299d5 100644 --- a/src/or/onion.h +++ b/src/or/onion.h @@ -13,6 +13,10 @@ #define TOR_ONION_H struct create_cell_t; +struct curve25519_keypair_t; +struct curve25519_public_key_t; +#include "lib/crypt_ops/crypto_ed25519.h" + int onion_pending_add(or_circuit_t *circ, struct create_cell_t *onionskin); or_circuit_t *onion_next_task(struct create_cell_t **onionskin_out); int onion_num_pending(uint16_t handshake_type); @@ -23,8 +27,8 @@ typedef struct server_onion_keys_t { uint8_t my_identity[DIGEST_LEN]; crypto_pk_t *onion_key; crypto_pk_t *last_onion_key; - di_digest256_map_t *curve25519_key_map; - curve25519_keypair_t *junk_keypair; + struct di_digest256_map_t *curve25519_key_map; + struct curve25519_keypair_t *junk_keypair; } server_onion_keys_t; #define MAX_ONIONSKIN_CHALLENGE_LEN 255 @@ -88,7 +92,7 @@ typedef struct extend_cell_t { /** Identity fingerprint of the node we're conecting to.*/ uint8_t node_id[DIGEST_LEN]; /** Ed25519 public identity key. Zero if not set. */ - ed25519_public_key_t ed_pubkey; + struct ed25519_public_key_t ed_pubkey; /** The "create cell" embedded in this extend cell. Note that unlike the * create cells we generate ourself, this once can have a handshake type we * don't recognize. */ @@ -122,4 +126,3 @@ int extended_cell_format(uint8_t *command_out, uint16_t *len_out, uint8_t *payload_out, const extended_cell_t *cell_in); #endif /* !defined(TOR_ONION_H) */ - diff --git a/src/or/onion_ntor.h b/src/or/onion_ntor.h index 4855f9819e..0ba4abe49e 100644 --- a/src/or/onion_ntor.h +++ b/src/or/onion_ntor.h @@ -5,9 +5,10 @@ #define TOR_ONION_NTOR_H #include "lib/cc/torint.h" -#include "lib/crypt_ops/crypto_curve25519.h" struct di_digest256_map_t; +struct curve25519_public_key_t; +struct curve25519_keypair_t; /** State to be maintained by a client between sending an ntor onionskin * and receiving a reply. */ @@ -23,17 +24,17 @@ void ntor_handshake_state_free_(ntor_handshake_state_t *state); FREE_AND_NULL(ntor_handshake_state_t, ntor_handshake_state_free_, (state)) int onion_skin_ntor_create(const uint8_t *router_id, - const curve25519_public_key_t *router_key, + const struct curve25519_public_key_t *router_key, ntor_handshake_state_t **handshake_state_out, uint8_t *onion_skin_out); int onion_skin_ntor_server_handshake(const uint8_t *onion_skin, - const struct di_digest256_map_t *private_keys, - const curve25519_keypair_t *junk_keypair, - const uint8_t *my_node_id, - uint8_t *handshake_reply_out, - uint8_t *key_out, - size_t key_out_len); + const struct di_digest256_map_t *private_keys, + const struct curve25519_keypair_t *junk_keypair, + const uint8_t *my_node_id, + uint8_t *handshake_reply_out, + uint8_t *key_out, + size_t key_out_len); int onion_skin_ntor_client_handshake( const ntor_handshake_state_t *handshake_state, @@ -43,6 +44,7 @@ int onion_skin_ntor_client_handshake( const char **msg_out); #ifdef ONION_NTOR_PRIVATE +#include "lib/crypt_ops/crypto_curve25519.h" /** Storage held by a client while waiting for an ntor reply from a server. */ struct ntor_handshake_state_t { diff --git a/src/or/or.h b/src/or/or.h index 2f3dba2b0c..f0204be402 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -68,7 +68,6 @@ #include "lib/container/map.h" #include "lib/container/smartlist.h" #include "lib/crypt_ops/crypto.h" -#include "lib/crypt_ops/crypto_format.h" #include "lib/defs/dh_sizes.h" #include "lib/encoding/binascii.h" #include "lib/net/address.h" @@ -79,6 +78,9 @@ // definitions working. We should remove them when we minimize our includes. #include "or/entry_port_cfg_st.h" +struct ed25519_public_key_t; +struct curve25519_public_key_t; + /* These signals are defined to help handle_control_signal work. */ #ifndef SIGHUP diff --git a/src/or/router.c b/src/or/router.c index 091809a22f..cc7102228d 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -53,6 +53,7 @@ #include "lib/osinfo/uname.h" #include "lib/tls/tortls.h" #include "lib/encoding/confline.h" +#include "lib/crypt_ops/crypto_format.h" /** * \file router.c diff --git a/src/or/router.h b/src/or/router.h index 54f61c45a6..51ac365798 100644 --- a/src/or/router.h +++ b/src/or/router.h @@ -14,6 +14,9 @@ #include "lib/testsupport/testsupport.h" +struct curve25519_keypair_t; +struct ed25519_keypair_t; + #define TOR_ROUTERINFO_ERROR_NO_EXT_ADDR (-1) #define TOR_ROUTERINFO_ERROR_CANNOT_PARSE (-2) #define TOR_ROUTERINFO_ERROR_NOT_A_SERVER (-3) @@ -107,10 +110,10 @@ MOCK_DECL(int,router_pick_published_address,(const or_options_t *options, int router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e); int router_rebuild_descriptor(int force); char *router_dump_router_to_string(routerinfo_t *router, - const crypto_pk_t *ident_key, - const crypto_pk_t *tap_key, - const curve25519_keypair_t *ntor_keypair, - const ed25519_keypair_t *signing_keypair); + const crypto_pk_t *ident_key, + const crypto_pk_t *tap_key, + const struct curve25519_keypair_t *ntor_keypair, + const struct ed25519_keypair_t *signing_keypair); char *router_dump_exit_policy_to_string(const routerinfo_t *router, int include_ipv4, int include_ipv6); @@ -126,7 +129,7 @@ int router_has_orport(const routerinfo_t *router, const tor_addr_port_t *orport); int extrainfo_dump_to_string(char **s, extrainfo_t *extrainfo, crypto_pk_t *ident_key, - const ed25519_keypair_t *signing_keypair); + const struct ed25519_keypair_t *signing_keypair); int is_legal_nickname(const char *s); int is_legal_nickname_or_hexdigest(const char *s); int is_legal_hexdigest(const char *s); @@ -156,4 +159,3 @@ STATIC int router_write_fingerprint(int hashed); #endif #endif /* !defined(TOR_ROUTER_H) */ - diff --git a/src/or/routerinfo_st.h b/src/or/routerinfo_st.h index feb3b41fc6..89a7702b30 100644 --- a/src/or/routerinfo_st.h +++ b/src/or/routerinfo_st.h @@ -9,6 +9,8 @@ #include "or/signed_descriptor_st.h" +struct curve25519_public_key_t; + /** Information about another onion router in the network. */ struct routerinfo_t { signed_descriptor_t cache_info; @@ -28,7 +30,7 @@ struct routerinfo_t { crypto_pk_t *onion_pkey; /**< Public RSA key for onions. */ crypto_pk_t *identity_pkey; /**< Public RSA key for signing. */ /** Public curve25519 key for onions */ - curve25519_public_key_t *onion_curve25519_pkey; + struct curve25519_public_key_t *onion_curve25519_pkey; /** What's the earliest expiration time on all the certs in this * routerinfo? */ time_t cert_expiration_time; @@ -104,4 +106,3 @@ struct routerinfo_t { }; #endif - diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c index d6e7c752cd..b92ec76aac 100644 --- a/src/or/routerkeys.c +++ b/src/or/routerkeys.c @@ -24,6 +24,7 @@ #include "lib/crypt_ops/crypto_util.h" #include "lib/term/getpass.h" #include "lib/tls/tortls.h" +#include "lib/crypt_ops/crypto_format.h" #define ENC_KEY_HEADER "Boxed Ed25519 key" #define ENC_KEY_TAG "master" diff --git a/src/or/routerlist.c b/src/or/routerlist.c index ad6555fe19..189ea8acd4 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -95,6 +95,7 @@ #include "lib/err/backtrace.h" #include "or/bridges.h" #include "lib/crypt_ops/crypto_ed25519.h" +#include "lib/crypt_ops/crypto_format.h" #include "or/circuitstats.h" #include "or/config.h" #include "or/connection.h" @@ -5841,4 +5842,3 @@ refresh_all_country_info(void) nodelist_refresh_countries(); } - diff --git a/src/or/routerparse.c b/src/or/routerparse.c index dfc298286b..a095c222b5 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -58,6 +58,7 @@ #include "or/or.h" #include "or/circuitstats.h" #include "or/config.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_util.h" #include "or/dirauth/shared_random.h" #include "or/dirserv.h" diff --git a/src/or/vote_routerstatus_st.h b/src/or/vote_routerstatus_st.h index 7ec0c962fe..1b85737df8 100644 --- a/src/or/vote_routerstatus_st.h +++ b/src/or/vote_routerstatus_st.h @@ -8,6 +8,7 @@ #define VOTE_ROUTERSTATUS_ST_H #include "or/routerstatus_st.h" +#include "lib/defs/x25519_sizes.h" /** The claim about a single router, made in a vote. */ struct vote_routerstatus_t { @@ -38,4 +39,3 @@ struct vote_routerstatus_t { }; #endif - |