1 /* Copyright (c) 2014-2021, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
6 * @brief Header for routerkeys.c
9 #ifndef TOR_ROUTERKEYS_H
10 #define TOR_ROUTERKEYS_H
12 #include "lib/crypt_ops/crypto_ed25519.h"
14 #ifdef HAVE_MODULE_RELAY
16 const ed25519_public_key_t
*get_master_identity_key(void);
17 MOCK_DECL(const ed25519_keypair_t
*, get_master_signing_keypair
,(void));
18 MOCK_DECL(const struct tor_cert_st
*, get_master_signing_key_cert
,(void));
20 const ed25519_keypair_t
*get_current_auth_keypair(void);
21 const struct tor_cert_st
*get_current_link_cert_cert(void);
22 const struct tor_cert_st
*get_current_auth_key_cert(void);
24 void get_master_rsa_crosscert(const uint8_t **cert_out
,
27 int router_ed25519_id_is_me(const ed25519_public_key_t
*id
);
29 /* These are only used by router.c */
30 struct tor_cert_st
*make_ntor_onion_key_crosscert(
31 const curve25519_keypair_t
*onion_key
,
32 const ed25519_public_key_t
*master_id_key
,
33 time_t now
, time_t lifetime
,
35 uint8_t *make_tap_onion_key_crosscert(const crypto_pk_t
*onion_key
,
36 const ed25519_public_key_t
*master_id_key
,
37 const crypto_pk_t
*rsa_id_key
,
40 int log_cert_expiration(void);
41 int load_ed_keys(const or_options_t
*options
, time_t now
);
42 int should_make_new_ed_keys(const or_options_t
*options
, const time_t now
);
44 int generate_ed_link_cert(const or_options_t
*options
, time_t now
, int force
);
46 void routerkeys_free_all(void);
48 #else /* !defined(HAVE_MODULE_RELAY) */
50 #define router_ed25519_id_is_me(id) \
54 relay_key_is_unavailable_(void)
56 tor_assert_nonfatal_unreached();
59 #define relay_key_is_unavailable(type) \
60 ((type)(relay_key_is_unavailable_()))
62 // Many of these can be removed once relay_handshake.c is relay-only.
63 #define get_current_auth_keypair() \
64 relay_key_is_unavailable(const ed25519_keypair_t *)
65 #define get_master_signing_keypair() \
66 relay_key_is_unavailable(const ed25519_keypair_t *)
67 #define get_current_link_cert_cert() \
68 relay_key_is_unavailable(const struct tor_cert_st *)
69 #define get_current_auth_key_cert() \
70 relay_key_is_unavailable(const struct tor_cert_st *)
71 #define get_master_signing_key_cert() \
72 relay_key_is_unavailable(const struct tor_cert_st *)
73 #define get_master_rsa_crosscert(cert_out, size_out) \
75 tor_assert_nonfatal_unreached(); \
79 #define get_master_identity_key() \
80 relay_key_is_unavailable(const ed25519_public_key_t *)
82 #define generate_ed_link_cert(options, now, force) \
83 ((void)(options), (void)(now), (void)(force), 0)
84 #define should_make_new_ed_keys(options, now) \
85 ((void)(options), (void)(now), 0)
87 // These can get removed once router.c becomes relay-only.
88 static inline struct tor_cert_st
*
89 make_ntor_onion_key_crosscert(const curve25519_keypair_t
*onion_key
,
90 const ed25519_public_key_t
*master_id_key
,
91 time_t now
, time_t lifetime
,
99 tor_assert_nonfatal_unreached();
102 static inline uint8_t *
103 make_tap_onion_key_crosscert(const crypto_pk_t
*onion_key
,
104 const ed25519_public_key_t
*master_id_key
,
105 const crypto_pk_t
*rsa_id_key
,
112 tor_assert_nonfatal_unreached();
116 /* This calls is used outside of relay mode, but only to implement
117 * CMD_KEY_EXPIRATION */
118 #define log_cert_expiration() \
119 (puts("Not available: Tor has been compiled without relay support"), 0)
120 /* This calls is used outside of relay mode, but only to implement
122 #define load_ed_keys(x,y) \
123 (puts("Not available: Tor has been compiled without relay support"), 0)
125 #endif /* defined(HAVE_MODULE_RELAY) */
127 #ifdef TOR_UNIT_TESTS
128 const ed25519_keypair_t
*get_master_identity_keypair(void);
129 void init_mock_ed_keys(const crypto_pk_t
*rsa_identity_key
);
132 #endif /* !defined(TOR_ROUTERKEYS_H) */