1 files changed, 57 insertions, 0 deletions

diff --git a/src/trunnel/link_handshake.trunnel b/src/trunnel/link_handshake.trunnel
new file mode 100644
index 0000000000..b858e17c60
--- /dev/null
+++ b/src/trunnel/link_handshake.trunnel
@@ -0,0 +1,57 @@
+
+struct certs_cell {
+  u8 n_certs;
+  struct certs_cell_cert certs[n_certs];
+}
+
+const CERTTYPE_RSA1024_ID_LINK = 1;
+const CERTTYPE_RSA1024_ID_ID   = 2;
+const CERTTYPE_RSA1024_ID_AUTH = 3;
+const CERTTYPE_ED_ID_SIGN      = 4;
+const CERTTYPE_ED_SIGN_LINK    = 5;
+const CERTTYPE_ED_SIGN_AUTH    = 6;
+const CERTTYPE_RSA1024_ID_EDID = 7;
+
+struct certs_cell_cert {
+  u8 cert_type;
+  u16 cert_len;
+  u8 body[cert_len];
+}
+
+struct rsa_ed_crosscert {
+  u8 ed_key[32];
+  u32 expiration;
+  @ptr end_of_signed;
+  u8 sig_len;
+  u8 sig[sig_len]; // mismatches spec.
+}
+
+struct auth_challenge_cell {
+  u8 challenge[32];
+  u16 n_methods;
+  u16 methods[n_methods];
+}
+
+context auth_ctx {
+  u8 is_ed;
+}
+
+struct auth1 with context auth_ctx {
+  u8 type[8];
+  u8 cid[32];
+  u8 sid[32];
+  union u1[auth_ctx.is_ed] {
+    0 : ;
+    1 : u8 cid_ed[32];
+        u8 sid_ed[32];
+    default: fail;
+  };
+  u8 slog[32];
+  u8 clog[32];
+  u8 scert[32];
+  u8 tlssecrets[32];
+  @ptr end_of_fixed_part;
+  u8 rand[24];
+  @ptr end_of_signed;
+  u8 sig[];
+}