aboutsummaryrefslogtreecommitdiff
path: root/src/trunnel/ed25519_cert.trunnel
blob: 012b2afc300b85a624ddfa690528dc97bd795d32 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
struct ed25519_cert {
  u8 version IN [1];
  u8 cert_type;
  u32 exp_field;
  u8 cert_key_type;
  u8 certified_key[32];
  u8 n_extensions;
  struct ed25519_cert_extension ext[n_extensions];
  u8 signature[64];
}

const CERTEXT_SIGNED_WITH_KEY = 4;
const CERTEXT_FLAG_AFFECTS_VALIDATION = 1;

struct ed25519_cert_extension {
  u16 ext_length;
  u8 ext_type;
  u8 ext_flags;
  union un[ext_type] with length ext_length {
    CERTEXT_SIGNED_WITH_KEY : u8 signing_key[32];
    default: u8 unparsed[];
  };
}

/*
struct cert_revocation {
  u8 prefix[8];
  u8 version IN [1];
  u8 keytype;
  u8 identity_key[32];
  u8 revoked_key[32];
  u64 published;
  u8 n_extensions;
  struct cert_extension ext[n_extensions];
  u8 signature[64];
}

struct crosscert_ed_rsa {
  u8 ed_key[32];
  u32 expiration_date;
  u8 signature[128];
}

struct auth02_cell {
  u8 type[8];
  u8 cid[32];
  u8 sid[32];
  u8 cid_ed[32];
  u8 sid_ed[32];
  u8 slog[32];
  u8 clog[32];
  u8 scert[32];
  u8 tlssecrets[32];
  u8 rand[24];
  u8 sig[64];
}
*/

const LS_IPV4 = 0x00;
const LS_IPV6 = 0x01;
const LS_LEGACY_ID = 0x02;
const LS_ED25519_ID = 0x03;

// amended from tor.trunnel
struct link_specifier {
  u8 ls_type;
  u8 ls_len;
  union un[ls_type] with length ls_len {
    LS_IPV4: u32 ipv4_addr; u16 ipv4_port;
    LS_IPV6: u8 ipv6_addr[16]; u16 ipv6_port;
    LS_LEGACY_ID: u8 legacy_id[20];
    LS_ED25519_ID: u8 ed25519_id[32];
    default: u8 unrecognized[];
  };
}

struct link_specifier_list {
  u8 n_spec;
  struct link_specifier spec[n_spec];
}