commit 1743dac078f2e060f3f6c7194deae90a2175fe92 Author: Nick Mathewson <nickm@torproject.org> Date: Sun Jul 1 13:04:21 2018 -0400 Minimize headers that include crypto_formats and x25519 stuff --- src/lib/crypt_ops/crypto_curve25519.h | 11 +-------- src/lib/crypt_ops/crypto_ed25519.h | 14 ++++------- src/lib/crypt_ops/crypto_format.h | 20 +++++++--------- src/lib/defs/include.am | 3 ++- src/lib/defs/x25519_sizes.h | 27 +++++++++++++++++++++ src/or/bridges.h | 4 ++-- src/or/channel.h | 13 ++++++----- src/or/channeltls.h | 6 +++-- src/or/circuitbuild.h | 8 ++++--- src/or/connection_or.c | 1 + src/or/connection_or.h | 29 ++++++++++++----------- src/or/control.h | 2 ++ src/or/dirauth/dirvote.c | 1 + src/or/directory.c | 1 + src/or/dirserv.c | 1 + src/or/dirserv.h | 5 ++-- src/or/entrynodes.h | 3 ++- src/or/extend_info_st.h | 4 +++- src/or/hs_cache.c | 2 +- src/or/hs_cache.h | 24 ++++++++++--------- src/or/hs_client.c | 1 + src/or/hs_common.c | 1 - src/or/hs_common.h | 32 ++++++++++++++----------- src/or/hs_control.c | 2 +- src/or/hs_descriptor.c | 1 + src/or/hs_intropoint.c | 2 +- src/or/hs_ntor.c | 3 ++- src/or/hs_ntor.h | 44 ++++++++++++++++++----------------- src/or/hs_service.c | 1 + src/or/microdesc_st.h | 8 ++++--- src/or/node_st.h | 2 +- src/or/nodelist.h | 15 +++++++----- src/or/onion.h | 11 +++++---- src/or/onion_ntor.h | 18 +++++++------- src/or/or.h | 4 +++- src/or/router.c | 1 + src/or/router.h | 14 ++++++----- src/or/routerinfo_st.h | 5 ++-- src/or/routerkeys.c | 1 + src/or/routerlist.c | 2 +- src/or/routerparse.c | 1 + src/or/vote_routerstatus_st.h | 2 +- src/test/fuzz/fuzz_consensus.c | 2 +- src/test/fuzz/fuzz_hsdescv2.c | 2 +- src/test/fuzz/fuzz_iptsv2.c | 2 +- src/test/fuzz/fuzz_microdesc.c | 3 ++- src/test/fuzz/fuzz_vrs.c | 2 +- src/test/test_controller.c | 2 +- src/test/test_crypto.c | 1 + src/test/test_crypto_slow.c | 3 ++- src/test/test_dir.c | 1 + src/test/test_hs_cache.c | 2 +- src/test/test_hs_common.c | 2 +- src/test/test_hs_control.c | 2 +- src/test/test_hs_descriptor.c | 2 +- src/test/test_hs_ntor.c | 3 ++- src/test/test_hs_ntor_cl.c | 3 ++- src/test/test_routerkeys.c | 2 +- src/test/test_util.c | 1 + src/test/testing_common.c | 1 + 60 files changed, 227 insertions(+), 159 deletions(-) diff --git a/src/lib/crypt_ops/crypto_curve25519.h b/src/lib/crypt_ops/crypto_curve25519.h index 2e614848e..acb36fde3 100644 --- a/src/lib/crypt_ops/crypto_curve25519.h +++ b/src/lib/crypt_ops/crypto_curve25519.h @@ -8,13 +8,7 @@ #include "lib/cc/torint.h" #include "lib/crypt_ops/crypto_digest.h" #include "lib/crypt_ops/crypto_openssl_mgt.h" - -/** Length of a curve25519 public key when encoded. */ -#define CURVE25519_PUBKEY_LEN 32 -/** Length of a curve25519 secret key when encoded. */ -#define CURVE25519_SECKEY_LEN 32 -/** Length of the result of a curve25519 handshake. */ -#define CURVE25519_OUTPUT_LEN 32 +#include "lib/defs/x25519_sizes.h" /** Wrapper type for a curve25519 public key. * @@ -75,8 +69,6 @@ STATIC int curve25519_impl(uint8_t *output, const uint8_t *secret, STATIC int curve25519_basepoint_impl(uint8_t *output, const uint8_t *secret); #endif /* defined(CRYPTO_CURVE25519_PRIVATE) */ -#define CURVE25519_BASE64_PADDED_LEN 44 - int curve25519_public_from_base64(curve25519_public_key_t *pkey, const char *input); int curve25519_public_to_base64(char *output, @@ -86,4 +78,3 @@ void curve25519_set_impl_params(int use_ed); void curve25519_init(void); #endif /* !defined(TOR_CRYPTO_CURVE25519_H) */ - diff --git a/src/lib/crypt_ops/crypto_ed25519.h b/src/lib/crypt_ops/crypto_ed25519.h index 7255a3ec9..5ecd4530d 100644 --- a/src/lib/crypt_ops/crypto_ed25519.h +++ b/src/lib/crypt_ops/crypto_ed25519.h @@ -7,24 +7,20 @@ #include "lib/testsupport/testsupport.h" #include "lib/cc/torint.h" #include "lib/crypt_ops/crypto_curve25519.h" - -#define ED25519_PUBKEY_LEN 32 -#define ED25519_SECKEY_LEN 64 -#define ED25519_SECKEY_SEED_LEN 32 -#define ED25519_SIG_LEN 64 +#include "lib/defs/x25519_sizes.h" /** An Ed25519 signature. */ -typedef struct { +typedef struct ed25519_signature_t { uint8_t sig[ED25519_SIG_LEN]; } ed25519_signature_t; /** An Ed25519 public key */ -typedef struct { +typedef struct ed25519_public_key_t { uint8_t pubkey[ED25519_PUBKEY_LEN]; } ed25519_public_key_t; /** An Ed25519 secret key */ -typedef struct { +typedef struct ed25519_secret_key_t { /** Note that we store secret keys in an expanded format that doesn't match * the format from standard ed25519. Ed25519 stores a 32-byte value k and * expands it into a 64-byte H(k), using the first 32 bytes for a multiplier @@ -35,7 +31,7 @@ typedef struct { } ed25519_secret_key_t; /** An Ed25519 keypair. */ -typedef struct { +typedef struct ed25519_keypair_t { ed25519_public_key_t pubkey; ed25519_secret_key_t seckey; } ed25519_keypair_t; diff --git a/src/lib/crypt_ops/crypto_format.h b/src/lib/crypt_ops/crypto_format.h index 77983f216..4a29b07b3 100644 --- a/src/lib/crypt_ops/crypto_format.h +++ b/src/lib/crypt_ops/crypto_format.h @@ -9,7 +9,10 @@ #include "lib/testsupport/testsupport.h" #include "lib/cc/torint.h" -#include "lib/crypt_ops/crypto_ed25519.h" +#include "lib/defs/x25519_sizes.h" + +struct ed25519_public_key_t; +struct ed25519_signature_t; int crypto_write_tagged_contents_to_file(const char *fname, const char *typestring, @@ -23,20 +26,16 @@ ssize_t crypto_read_tagged_contents_from_file(const char *fname, uint8_t *data_out, ssize_t data_out_len); -#define ED25519_BASE64_LEN 43 -int ed25519_public_from_base64(ed25519_public_key_t *pkey, +int ed25519_public_from_base64(struct ed25519_public_key_t *pkey, const char *input); int ed25519_public_to_base64(char *output, - const ed25519_public_key_t *pkey); -const char *ed25519_fmt(const ed25519_public_key_t *pkey); - -/* XXXX move these to crypto_format.h */ -#define ED25519_SIG_BASE64_LEN 86 + const struct ed25519_public_key_t *pkey); +const char *ed25519_fmt(const struct ed25519_public_key_t *pkey); -int ed25519_signature_from_base64(ed25519_signature_t *sig, +int ed25519_signature_from_base64(struct ed25519_signature_t *sig, const char *input); int ed25519_signature_to_base64(char *output, - const ed25519_signature_t *sig); + const struct ed25519_signature_t *sig); int digest_to_base64(char *d64, const char *digest); int digest_from_base64(char *digest, const char *d64); @@ -44,4 +43,3 @@ int digest256_to_base64(char *d64, const char *digest); int digest256_from_base64(char *digest, const char *d64); #endif /* !defined(TOR_CRYPTO_FORMAT_H) */ - diff --git a/src/lib/defs/include.am b/src/lib/defs/include.am index b54bac555..48ee7f29f 100644 --- a/src/lib/defs/include.am +++ b/src/lib/defs/include.am @@ -1,4 +1,5 @@ noinst_HEADERS += \ src/lib/defs/dh_sizes.h \ - src/lib/defs/digest_sizes.h + src/lib/defs/digest_sizes.h \ + src/lib/defs/x25519_sizes.h diff --git a/src/lib/defs/x25519_sizes.h b/src/lib/defs/x25519_sizes.h new file mode 100644 index 000000000..adaaab8c4 --- /dev/null +++ b/src/lib/defs/x25519_sizes.h @@ -0,0 +1,27 @@ +/* Copyright (c) 2001, Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2018, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef TOR_X25519_SIZES_H +#define TOR_X25519_SIZES_H + +/** Length of a curve25519 public key when encoded. */ +#define CURVE25519_PUBKEY_LEN 32 +/** Length of a curve25519 secret key when encoded. */ +#define CURVE25519_SECKEY_LEN 32 +/** Length of the result of a curve25519 handshake. */ +#define CURVE25519_OUTPUT_LEN 32 + +#define ED25519_PUBKEY_LEN 32 +#define ED25519_SECKEY_LEN 64 +#define ED25519_SECKEY_SEED_LEN 32 +#define ED25519_SIG_LEN 64 + +#define CURVE25519_BASE64_PADDED_LEN 44 + +#define ED25519_BASE64_LEN 43 +#define ED25519_SIG_BASE64_LEN 86 + +#endif diff --git a/src/or/bridges.h b/src/or/bridges.h index d6fec4b46..70588c1b9 100644 --- a/src/or/bridges.h +++ b/src/or/bridges.h @@ -13,6 +13,7 @@ #define TOR_BRIDGES_H struct bridge_line_t; +struct ed25519_public_key_t; /* Opaque handle to a configured bridge */ typedef struct bridge_info_t bridge_info_t; @@ -38,7 +39,7 @@ int routerinfo_is_a_configured_bridge(const routerinfo_t *ri); int node_is_a_configured_bridge(const node_t *node); void learned_router_identity(const tor_addr_t *addr, uint16_t port, const char *digest, - const ed25519_public_key_t *ed_id); + const struct ed25519_public_key_t *ed_id); void bridge_add_from_config(struct bridge_line_t *bridge_line); void retry_bridge_descriptor_fetch_directly(const char *digest); @@ -77,4 +78,3 @@ STATIC void bridge_resolve_conflicts(const tor_addr_t *addr, #endif /* defined(TOR_BRIDGES_PRIVATE) */ #endif /* !defined(TOR_BRIDGES_H) */ - diff --git a/src/or/channel.h b/src/or/channel.h index cbcc13cc5..e732acec5 100644 --- a/src/or/channel.h +++ b/src/or/channel.h @@ -12,6 +12,7 @@ #include "or/or.h" #include "or/circuitmux.h" #include "common/handles.h" +#include "lib/crypt_ops/crypto_ed25519.h" #include "tor_queue.h" @@ -255,7 +256,7 @@ struct channel_s { * necessarily its true identity. Don't believe this identity unless * authentication has happened. */ - ed25519_public_key_t ed25519_identity; + struct ed25519_public_key_t ed25519_identity; /** * Linked list of channels with the same RSA identity digest, for use with @@ -474,8 +475,8 @@ void channel_mark_incoming(channel_t *chan); void channel_mark_outgoing(channel_t *chan); void channel_mark_remote(channel_t *chan); void channel_set_identity_digest(channel_t *chan, - const char *identity_digest, - const ed25519_public_key_t *ed_identity); + const char *identity_digest, + const struct ed25519_public_key_t *ed_identity); void channel_listener_change_state(channel_listener_t *chan_l, channel_listener_state_t to_state); @@ -525,10 +526,10 @@ int channel_send_destroy(circid_t circ_id, channel_t *chan, channel_t * channel_connect(const tor_addr_t *addr, uint16_t port, const char *rsa_id_digest, - const ed25519_public_key_t *ed_id); + const struct ed25519_public_key_t *ed_id); channel_t * channel_get_for_extend(const char *rsa_id_digest, - const ed25519_public_key_t *ed_id, + const struct ed25519_public_key_t *ed_id, const tor_addr_t *target_addr, const char **msg_out, int *launch_out); @@ -541,7 +542,7 @@ int channel_is_better(channel_t *a, channel_t *b); channel_t * channel_find_by_global_id(uint64_t global_identifier); channel_t * channel_find_by_remote_identity(const char *rsa_id_digest, - const ed25519_public_key_t *ed_id); + const struct ed25519_public_key_t *ed_id); /** For things returned by channel_find_by_remote_digest(), walk the list. * The RSA key will match for all returned elements; the Ed25519 key might not. diff --git a/src/or/channeltls.h b/src/or/channeltls.h index be74127c9..1ab899af9 100644 --- a/src/or/channeltls.h +++ b/src/or/channeltls.h @@ -12,6 +12,9 @@ #include "or/or.h" #include "or/channel.h" +struct ed25519_public_key_t; +struct curve25519_public_key_t; + #define BASE_CHAN_TO_TLS(c) (channel_tls_from_base((c))) #define TLS_CHAN_TO_BASE(c) (channel_tls_to_base((c))) @@ -30,7 +33,7 @@ struct channel_tls_s { channel_t * channel_tls_connect(const tor_addr_t *addr, uint16_t port, const char *id_digest, - const ed25519_public_key_t *ed_id); + const struct ed25519_public_key_t *ed_id); channel_listener_t * channel_tls_get_listener(void); channel_listener_t * channel_tls_start_listener(void); channel_t * channel_tls_handle_incoming(or_connection_t *orconn); @@ -72,4 +75,3 @@ STATIC void channel_tls_process_authenticate_cell(var_cell_t *cell, #endif /* defined(CHANNELTLS_PRIVATE) */ #endif /* !defined(TOR_CHANNELTLS_H) */ - diff --git a/src/or/circuitbuild.h b/src/or/circuitbuild.h index ffbb31e0d..e2eb05c56 100644 --- a/src/or/circuitbuild.h +++ b/src/or/circuitbuild.h @@ -12,6 +12,9 @@ #ifndef TOR_CIRCUITBUILD_H #define TOR_CIRCUITBUILD_H +struct ed25519_public_key_t; +struct curve25519_public_key_t; + int route_len_for_purpose(uint8_t purpose, extend_info_t *exit_ei); char *circuit_list_path(origin_circuit_t *circ, int verbose); char *circuit_list_path_for_controller(origin_circuit_t *circ); @@ -52,9 +55,9 @@ int circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *info); void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop); extend_info_t *extend_info_new(const char *nickname, const char *rsa_id_digest, - const ed25519_public_key_t *ed_id, + const struct ed25519_public_key_t *ed_id, crypto_pk_t *onion_key, - const curve25519_public_key_t *ntor_key, + const struct curve25519_public_key_t *ntor_key, const tor_addr_t *addr, uint16_t port); extend_info_t *extend_info_from_node(const node_t *r, int for_direct_connect); extend_info_t *extend_info_dup(extend_info_t *info); @@ -100,4 +103,3 @@ unsigned int cpath_get_n_hops(crypt_path_t **head_ptr); #endif /* defined(CIRCUITBUILD_PRIVATE) */ #endif /* !defined(TOR_CIRCUITBUILD_H) */ - diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 71b3c8a0b..41ec7e8bc 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -68,6 +68,7 @@ #include "or/or_handshake_state_st.h" #include "or/routerinfo_st.h" #include "or/var_cell_st.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/tls/tortls.h" diff --git a/src/or/connection_or.h b/src/or/connection_or.h index 41abc199d..27574c9e9 100644 --- a/src/or/connection_or.h +++ b/src/or/connection_or.h @@ -12,6 +12,9 @@ #ifndef TOR_CONNECTION_OR_H #define TOR_CONNECTION_OR_H +struct ed25519_public_key_t; +struct ed25519_keypair_t; + or_connection_t *TO_OR_CONN(connection_t *); void connection_or_clear_identity(or_connection_t *conn); @@ -42,7 +45,7 @@ MOCK_DECL(or_connection_t *, connection_or_connect, (const tor_addr_t *addr, uint16_t port, const char *id_digest, - const ed25519_public_key_t *ed_id, + const struct ed25519_public_key_t *ed_id, channel_tls_t *chan)); void connection_or_close_normally(or_connection_t *orconn, int flush); @@ -60,14 +63,14 @@ void connection_or_set_canonical(or_connection_t *or_conn, int connection_init_or_handshake_state(or_connection_t *conn, int started_here); void connection_or_init_conn_from_address(or_connection_t *conn, - const tor_addr_t *addr, - uint16_t port, - const char *rsa_id_digest, - const ed25519_public_key_t *ed_id, - int started_here); + const tor_addr_t *addr, + uint16_t port, + const char *rsa_id_digest, + const struct ed25519_public_key_t *ed_id, + int started_here); int connection_or_client_learned_peer_id(or_connection_t *conn, const uint8_t *rsa_peer_id, - const ed25519_public_key_t *ed_peer_id); + const struct ed25519_public_key_t *ed_peer_id); time_t connection_or_client_used(or_connection_t *conn); MOCK_DECL(int, connection_or_get_num_circuits, (or_connection_t *conn)); void or_handshake_state_free_(or_handshake_state_t *state); @@ -94,11 +97,12 @@ int connection_or_send_auth_challenge_cell(or_connection_t *conn); int authchallenge_type_is_supported(uint16_t challenge_type); int authchallenge_type_is_better(uint16_t challenge_type_a, uint16_t challenge_type_b); -var_cell_t *connection_or_compute_authenticate_cell_body(or_connection_t *conn, - const int authtype, - crypto_pk_t *signing_key, - const ed25519_keypair_t *ed_signing_key, - int server); +var_cell_t *connection_or_compute_authenticate_cell_body( + or_connection_t *conn, + const int authtype, + crypto_pk_t *signing_key, + const struct ed25519_keypair_t *ed_signing_key, + int server); MOCK_DECL(int,connection_or_send_authenticate_cell, (or_connection_t *conn, int type)); @@ -132,4 +136,3 @@ extern int certs_cell_ed25519_disabled_for_testing; #endif #endif /* !defined(TOR_CONNECTION_OR_H) */ - diff --git a/src/or/control.h b/src/or/control.h index 5d00727c0..9189a871d 100644 --- a/src/or/control.h +++ b/src/or/control.h @@ -162,6 +162,8 @@ void control_event_hs_descriptor_content(const char *onion_address, void control_free_all(void); #ifdef CONTROL_PRIVATE +#include "lib/crypt_ops/crypto_ed25519.h" + /* Recognized asynchronous event types. It's okay to expand this list * because it is used both as a list of v0 event types, and as indices * into the bitfield to determine which controllers want which events. diff --git a/src/or/dirauth/dirvote.c b/src/or/dirauth/dirvote.c index 66137d1a9..5d6b39ea8 100644 --- a/src/or/dirauth/dirvote.c +++ b/src/or/dirauth/dirvote.c @@ -45,6 +45,7 @@ #include "lib/container/order.h" #include "lib/encoding/confline.h" +#include "lib/crypt_ops/crypto_format.h" /** * \file dirvote.c diff --git a/src/or/directory.c b/src/or/directory.c index 60f2a3285..842cf631e 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -44,6 +44,7 @@ #include "or/routerparse.h" #include "or/routerset.h" #include "lib/encoding/confline.h" +#include "lib/crypt_ops/crypto_format.h" #if defined(EXPORTMALLINFO) && defined(HAVE_MALLOC_H) && defined(HAVE_MALLINFO) #if !defined(OpenBSD) diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 9ad453356..2980d63f0 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -48,6 +48,7 @@ #include "lib/compress/compress.h" #include "lib/container/order.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/encoding/confline.h" /** diff --git a/src/or/dirserv.h b/src/or/dirserv.h index 757eba7ba..7ecb0088d 100644 --- a/src/or/dirserv.h +++ b/src/or/dirserv.h @@ -12,6 +12,8 @@ #ifndef TOR_DIRSERV_H #define TOR_DIRSERV_H +struct ed25519_public_key_t; + #include "lib/testsupport/testsupport.h" /** What fraction (1 over this number) of the relay ID space do we @@ -138,7 +140,7 @@ int dirserv_get_routerdescs(smartlist_t *descs_out, const char *key, void dirserv_orconn_tls_done(const tor_addr_t *addr, uint16_t or_port, const char *digest_rcvd, - const ed25519_public_key_t *ed_id_rcvd); + const struct ed25519_public_key_t *ed_id_rcvd); int dirserv_should_launch_reachability_test(const routerinfo_t *ri, const routerinfo_t *ri_old); void dirserv_single_reachability_test(time_t now, routerinfo_t *router); @@ -220,4 +222,3 @@ void dirserv_spool_sort(dir_connection_t *conn); void dir_conn_clear_spool(dir_connection_t *conn); #endif /* !defined(TOR_DIRSERV_H) */ - diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h index e56d4632b..56b961e9a 100644 --- a/src/or/entrynodes.h +++ b/src/or/entrynodes.h @@ -64,6 +64,8 @@ typedef struct guard_pathbias_t { } guard_pathbias_t; #if defined(ENTRYNODES_PRIVATE) +#include "lib/crypt_ops/crypto_ed25519.h" + /** * @name values for entry_guard_t.is_reachable. * @@ -635,4 +637,3 @@ guard_get_guardfraction_bandwidth(guardfraction_bandwidth_t *guardfraction_bw, uint32_t guardfraction_percentage); #endif /* !defined(TOR_ENTRYNODES_H) */ - diff --git a/src/or/extend_info_st.h b/src/or/extend_info_st.h index 36eb3cd13..277766c4d 100644 --- a/src/or/extend_info_st.h +++ b/src/or/extend_info_st.h @@ -7,6 +7,9 @@ #ifndef EXTEND_INFO_ST_H #define EXTEND_INFO_ST_H +#include "lib/crypt_ops/crypto_curve25519.h" +#include "lib/crypt_ops/crypto_ed25519.h" + /** Information on router used when extending a circuit. We don't need a * full routerinfo_t to extend: we only need addr:port:keyid to build an OR * connection, and onion_key to create the onionskin. Note that for onehop @@ -25,4 +28,3 @@ struct extend_info_t { }; #endif - diff --git a/src/or/hs_cache.c b/src/or/hs_cache.c index a42fe6b1a..3772e0c0e 100644 --- a/src/or/hs_cache.c +++ b/src/or/hs_cache.c @@ -11,6 +11,7 @@ #include "or/or.h" #include "or/config.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_util.h" #include "or/hs_ident.h" #include "or/hs_common.h" @@ -976,4 +977,3 @@ hs_cache_free_all(void) cache_client_intro_state_free_void); hs_cache_client_intro_state = NULL; } - diff --git a/src/or/hs_cache.h b/src/or/hs_cache.h index 78ed81b6e..1e479700f 100644 --- a/src/or/hs_cache.h +++ b/src/or/hs_cache.h @@ -11,12 +11,13 @@ #include <stdint.h> -#include "lib/crypt_ops/crypto_ed25519.h" #include "or/hs_common.h" #include "or/hs_descriptor.h" #include "or/rendcommon.h" #include "or/torcert.h" +struct ed25519_public_key_t; + /* This is the maximum time an introduction point state object can stay in the * client cache in seconds (2 mins or 120 seconds). */ #define HS_CACHE_CLIENT_INTRO_STATE_MAX_AGE (2 * 60) @@ -79,30 +80,32 @@ int hs_cache_lookup_as_dir(uint32_t version, const char *query, const char **desc_out); const hs_descriptor_t * -hs_cache_lookup_as_client(const ed25519_public_key_t *key); +hs_cache_lookup_as_client(const struct ed25519_public_key_t *key); const char * -hs_cache_lookup_encoded_as_client(const ed25519_public_key_t *key); +hs_cache_lookup_encoded_as_client(const struct ed25519_public_key_t *key); int hs_cache_store_as_client(const char *desc_str, - const ed25519_public_key_t *identity_pk); + const struct ed25519_public_key_t *identity_pk); void hs_cache_clean_as_client(time_t now); void hs_cache_purge_as_client(void); /* Client failure cache. */ -void hs_cache_client_intro_state_note(const ed25519_public_key_t *service_pk, - const ed25519_public_key_t *auth_key, - rend_intro_point_failure_t failure); +void hs_cache_client_intro_state_note( + const struct ed25519_public_key_t *service_pk, + const struct ed25519_public_key_t *auth_key, + rend_intro_point_failure_t failure); const hs_cache_intro_state_t *hs_cache_client_intro_state_find( - const ed25519_public_key_t *service_pk, - const ed25519_public_key_t *auth_key); + const struct ed25519_public_key_t *service_pk, + const struct ed25519_public_key_t *auth_key); void hs_cache_client_intro_state_clean(time_t now); void hs_cache_client_intro_state_purge(void); #ifdef HS_CACHE_PRIVATE +#include "lib/crypt_ops/crypto_ed25519.h" /** Represents a locally cached HS descriptor on a hidden service client. */ typedef struct hs_cache_client_descriptor_t { /* This object is indexed using the service identity public key */ - ed25519_public_key_t key; + struct ed25519_public_key_t key; /* When will this entry expire? We expire cached client descriptors in the * start of the next time period, since that's when clients need to start @@ -125,4 +128,3 @@ lookup_v3_desc_as_client(const uint8_t *key); #endif /* defined(HS_CACHE_PRIVATE) */ #endif /* !defined(TOR_HS_CACHE_H) */ - diff --git a/src/or/hs_client.c b/src/or/hs_client.c index 0b60c8dcf..cc461e368 100644 --- a/src/or/hs_client.c +++ b/src/or/hs_client.c @@ -16,6 +16,7 @@ #include "or/config.h" #include "or/connection.h" #include "or/connection_edge.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_rand.h" #include "lib/crypt_ops/crypto_util.h" #include "or/directory.h" diff --git a/src/or/hs_common.c b/src/or/hs_common.c index e88a04620..d91f45a63 100644 --- a/src/or/hs_common.c +++ b/src/or/hs_common.c @@ -1823,4 +1823,3 @@ hs_inc_rdv_stream_counter(origin_circuit_t *circ) tor_assert_nonfatal_unreached(); } } - diff --git a/src/or/hs_common.h b/src/or/hs_common.h index 11806365e..24f5f3a20 100644 --- a/src/or/hs_common.h +++ b/src/or/hs_common.h @@ -10,6 +10,11 @@ #define TOR_HS_COMMON_H #include "or/or.h" +#include "lib/defs/x25519_sizes.h" + +struct curve25519_public_key_t; +struct ed25519_public_key_t; +struct ed25519_keypair_t; /* Trunnel */ #include "trunnel/ed25519_cert.h" @@ -167,20 +172,20 @@ int hs_check_service_private_dir(const char *username, const char *path, int hs_get_service_max_rend_failures(void); char *hs_path_from_filename(const char *directory, const char *filename); -void hs_build_address(const ed25519_public_key_t *key, uint8_t version, +void hs_build_address(const struct ed25519_public_key_t *key, uint8_t version, char *addr_out); int hs_address_is_valid(const char *address); -int hs_parse_address(const char *address, ed25519_public_key_t *key_out, +int hs_parse_address(const char *address, struct ed25519_public_key_t *key_out, uint8_t *checksum_out, uint8_t *version_out); -void hs_build_blinded_pubkey(const ed25519_public_key_t *pubkey, +void hs_build_blinded_pubkey(const struct ed25519_public_key_t *pubkey, const uint8_t *secret, size_t secret_len, uint64_t time_period_num, - ed25519_public_key_t *pubkey_out); -void hs_build_blinded_keypair(const ed25519_keypair_t *kp, + struct ed25519_public_key_t *pubkey_out); +void hs_build_blinded_keypair(const struct ed25519_keypair_t *kp, const uint8_t *secret, size_t secret_len, uint64_t time_period_num, - ed25519_keypair_t *kp_out); + struct ed25519_keypair_t *kp_out); int hs_service_requires_uptime_circ(const smartlist_t *ports); void rend_data_free_(rend_data_t *data); @@ -203,8 +208,8 @@ const uint8_t *rend_data_get_pk_digest(const rend_data_t *rend_data, routerstatus_t *pick_hsdir(const char *desc_id, const char *desc_id_base32); -void hs_get_subcredential(const ed25519_public_key_t *identity_pk, - const ed25519_public_key_t *blinded_pk, +void hs_get_subcredential(const struct ed25519_public_key_t *identity_pk, + const struct ed25519_public_key_t *blinded_pk, uint8_t *subcred_out); uint64_t hs_get_previous_time_period_num(time_t now); @@ -222,18 +227,18 @@ uint8_t *hs_get_current_srv(uint64_t time_period_num, uint8_t *hs_get_previous_srv(uint64_t time_period_num, const networkstatus_t *ns); -void hs_build_hsdir_index(const ed25519_public_key_t *identity_pk, +void hs_build_hsdir_index(const struct ed25519_public_key_t *identity_pk, const uint8_t *srv, uint64_t period_num, uint8_t *hsdir_index_out); void hs_build_hs_index(uint64_t replica, - const ed25519_public_key_t *blinded_pk, + const struct ed25519_public_key_t *blinded_pk, uint64_t period_num, uint8_t *hs_index_out); int32_t hs_get_hsdir_n_replicas(void); int32_t hs_get_hsdir_spread_fetch(void); int32_t hs_get_hsdir_spread_store(void); -void hs_get_responsible_hsdirs(const ed25519_public_key_t *blinded_pk, +void hs_get_responsible_hsdirs(const struct ed25519_public_key_t *blinded_pk, uint64_t time_period_num, int use_second_hsdir_index, int for_fetching, smartlist_t *responsible_dirs); @@ -254,8 +259,8 @@ void hs_inc_rdv_stream_counter(origin_circuit_t *circ); void hs_dec_rdv_stream_counter(origin_circuit_t *circ); extend_info_t *hs_get_extend_info_from_lspecs(const smartlist_t *lspecs, - const curve25519_public_key_t *onion_key, - int direct_conn); + const struct curve25519_public_key_t *onion_key, + int direct_conn); #ifdef HS_COMMON_PRIVATE @@ -281,4 +286,3 @@ STATIC uint8_t *get_second_cached_disaster_srv(void); #endif /* defined(HS_COMMON_PRIVATE) */ #endif /* !defined(TOR_HS_COMMON_H) */ - diff --git a/src/or/hs_control.c b/src/or/hs_control.c index 76c40918b..be456e8da 100644 --- a/src/or/hs_control.c +++ b/src/or/hs_control.c @@ -8,6 +8,7 @@ #include "or/or.h" #include "or/control.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_util.h" #include "or/hs_common.h" #include "or/hs_control.h" @@ -258,4 +259,3 @@ hs_control_hspost_command(const char *body, const char *onion_address, smartlist_free(hsdirs); return ret; } - diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c index f436c6615..5fd8971dc 100644 --- a/src/or/hs_descriptor.c +++ b/src/or/hs_descriptor.c @@ -67,6 +67,7 @@ #include "or/hs_config.h" #include "or/torcert.h" /* tor_cert_encode_ed22519() */ #include "lib/memarea/memarea.h" +#include "lib/crypt_ops/crypto_format.h" #include "or/extend_info_st.h" diff --git a/src/or/hs_intropoint.c b/src/or/hs_intropoint.c index 6c0729b05..259405867 100644 --- a/src/or/hs_intropoint.c +++ b/src/or/hs_intropoint.c @@ -15,6 +15,7 @@ #include "or/relay.h" #include "or/rendmid.h" #include "or/rephist.h" +#include "lib/crypt_ops/crypto_format.h" /* Trunnel */ #include "trunnel/ed25519_cert.h" @@ -611,4 +612,3 @@ hs_intropoint_clear(hs_intropoint_t *ip) smartlist_free(ip->link_specifiers); memset(ip, 0, sizeof(hs_intropoint_t)); } - diff --git a/src/or/hs_ntor.c b/src/or/hs_ntor.c index a8a76ed54..b5007545d 100644 --- a/src/or/hs_ntor.c +++ b/src/or/hs_ntor.c @@ -26,6 +26,8 @@ #include "or/or.h" #include "lib/crypt_ops/crypto_util.h" +#include "lib/crypt_ops/crypto_curve25519.h" +#include "lib/crypt_ops/crypto_ed25519.h" #include "or/hs_ntor.h" /* String constants used by the ntor HS protocol */ @@ -616,4 +618,3 @@ hs_ntor_circuit_key_expansion(const uint8_t *ntor_key_seed, size_t seed_len, return 0; } - diff --git a/src/or/hs_ntor.h b/src/or/hs_ntor.h index cc4afd536..67a957343 100644 --- a/src/or/hs_ntor.h +++ b/src/or/hs_ntor.h @@ -5,6 +5,9 @@ #define TOR_HS_NTOR_H #include "or/or.h" +struct ed25519_public_key_t; +struct curve25519_public_key_t; +struct curve25519_keypair_t; /* Output length of KDF for key expansion */ #define HS_NTOR_KEY_EXPANSION_KDF_OUT_LEN \ @@ -28,32 +31,32 @@ typedef struct { } hs_ntor_rend_cell_keys_t; int hs_ntor_client_get_introduce1_keys( - const ed25519_public_key_t *intro_auth_pubkey, - const curve25519_public_key_t *intro_enc_pubkey, - const curve25519_keypair_t *client_ephemeral_enc_keypair, - const uint8_t *subcredential, - hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out); + const struct ed25519_public_key_t *intro_auth_pubkey, + const struct curve25519_public_key_t *intro_enc_pubkey, + const struct curve25519_keypair_t *client_ephemeral_enc_keypair, + const uint8_t *subcredential, + hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out); int hs_ntor_client_get_rendezvous1_keys( - const ed25519_public_key_t *intro_auth_pubkey, - const curve25519_keypair_t *client_ephemeral_enc_keypair, - const curve25519_public_key_t *intro_enc_pubkey, - const curve25519_public_key_t *service_ephemeral_rend_pubkey, - hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out); + const struct ed25519_public_key_t *intro_auth_pubkey, + const struct curve25519_keypair_t *client_ephemeral_enc_keypair, + const struct curve25519_public_key_t *intro_enc_pubkey, + const struct curve25519_public_key_t *service_ephemeral_rend_pubkey, + hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out); int hs_ntor_service_get_introduce1_keys( - const ed25519_public_key_t *intro_auth_pubkey, - const curve25519_keypair_t *intro_enc_keypair, - const curve25519_public_key_t *client_ephemeral_enc_pubkey, - const uint8_t *subcredential, - hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out); + const struct ed25519_public_key_t *intro_auth_pubkey, + const struct curve25519_keypair_t *intro_enc_keypair, + const struct curve25519_public_key_t *client_ephemeral_enc_pubkey, + const uint8_t *subcredential, + hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out); int hs_ntor_service_get_rendezvous1_keys( - const ed25519_public_key_t *intro_auth_pubkey, - const curve25519_keypair_t *intro_enc_keypair, - const curve25519_keypair_t *service_ephemeral_rend_keypair, - const curve25519_public_key_t *client_ephemeral_enc_pubkey, - hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out); + const struct ed25519_public_key_t *intro_auth_pubkey, + const struct curve25519_keypair_t *intro_enc_keypair, + const struct curve25519_keypair_t *service_ephemeral_rend_keypair, + const struct curve25519_public_key_t *client_ephemeral_enc_pubkey, + hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out); int hs_ntor_circuit_key_expansion(const uint8_t *ntor_key_seed, size_t seed_len, @@ -64,4 +67,3 @@ int hs_ntor_client_rendezvous2_mac_is_good( const uint8_t *rcvd_mac); #endif /* !defined(TOR_HS_NTOR_H) */ - diff --git a/src/or/hs_service.c b/src/or/hs_service.c index 994a5687b..6c134136f 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -48,6 +48,7 @@ #include "or/routerstatus_st.h" #include "lib/encoding/confline.h" +#include "lib/crypt_ops/crypto_format.h" /* Trunnel */ #include "trunnel/ed25519_cert.h" diff --git a/src/or/microdesc_st.h b/src/or/microdesc_st.h index 256659e67..0a58ffb85 100644 --- a/src/or/microdesc_st.h +++ b/src/or/microdesc_st.h @@ -7,6 +7,9 @@ #ifndef MICRODESC_ST_H #define MICRODESC_ST_H +struct curve25519_public_key_t; +struct ed25519_public_key_t; + /** A microdescriptor is the smallest amount of information needed to build a * circuit through a router. They are generated by the directory authorities, * using information from the uploaded routerinfo documents. They are not @@ -52,9 +55,9 @@ struct microdesc_t { /** As routerinfo_t.onion_pkey */ crypto_pk_t *onion_pkey; /** As routerinfo_t.onion_curve25519_pkey */ - curve25519_public_key_t *onion_curve25519_pkey; + struct curve25519_public_key_t *onion_curve25519_pkey; /** Ed25519 identity key, if included. */ - ed25519_public_key_t *ed25519_identity_pkey; + struct ed25519_public_key_t *ed25519_identity_pkey; /** As routerinfo_t.ipv6_addr */ tor_addr_t ipv6_addr; /** As routerinfo_t.ipv6_orport */ @@ -68,4 +71,3 @@ struct microdesc_t { }; #endif - diff --git a/src/or/node_st.h b/src/or/node_st.h index cc777003d..d56ce2788 100644 --- a/src/or/node_st.h +++ b/src/or/node_st.h @@ -8,6 +8,7 @@ #define NODE_ST_H #include "or/hsdir_index_st.h" +#include "lib/crypt_ops/crypto_ed25519.h" /** A node_t represents a Tor router. * @@ -99,4 +100,3 @@ struct node_t { }; #endif - diff --git a/src/or/nodelist.h b/src/or/nodelist.h index 06aec0bad..ed3a54297 100644 --- a/src/or/nodelist.h +++ b/src/or/nodelist.h @@ -12,15 +12,19 @@ #ifndef TOR_NODELIST_H #define TOR_NODELIST_H +struct ed25519_public_key_t; +struct curve25519_public_key_t; + #define node_assert_ok(n) STMT_BEGIN { \ tor_assert((n)->ri || (n)->rs); \ } STMT_END MOCK_DECL(node_t *, node_get_mutable_by_id,(const char *identity_digest)); MOCK_DECL(const node_t *, node_get_by_id, (const char *identity_digest)); -node_t *node_get_mutable_by_ed25519_id(const ed25519_public_key_t *ed_id); +node_t *node_get_mutable_by_ed25519_id( + const struct ed25519_public_key_t *ed_id); MOCK_DECL(const node_t *, node_get_by_ed25519_id, - (const ed25519_public_key_t *ed_id)); + (const struct ed25519_public_key_t *ed_id)); #define NNF_NO_WARN_UNNAMED (1u<<0) @@ -65,9 +69,9 @@ uint32_t node_get_prim_addr_ipv4h(const node_t *node); void node_get_address_string(const node_t *node, char *cp, size_t len); long node_get_declared_uptime(const node_t *node); const smartlist_t *node_get_declared_family(const node_t *node); -const ed25519_public_key_t *node_get_ed25519_id(const node_t *node); +const struct ed25519_public_key_t *node_get_ed25519_id(const node_t *node); int node_ed25519_id_matches(const node_t *node, - const ed25519_public_key_t *id); + const struct ed25519_public_key_t *id); int node_supports_ed25519_link_authentication(const node_t *node, int compatible_with_us); int node_supports_v3_hsdir(const node_t *node); @@ -89,7 +93,7 @@ void node_get_prim_dirport(const node_t *node, tor_addr_port_t *ap_out); void node_get_pref_dirport(const node_t *node, tor_addr_port_t *ap_out); void node_get_pref_ipv6_dirport(const node_t *node, tor_addr_port_t *ap_out); int node_has_curve25519_onion_key(const node_t *node); -const curve25519_public_key_t *node_get_curve25519_onion_key( +const struct curve25519_public_key_t *node_get_curve25519_onion_key( const node_t *node); MOCK_DECL(smartlist_t *, nodelist_get_list, (void)); @@ -162,4 +166,3 @@ node_set_hsdir_index(node_t *node, const networkstatus_t *ns); MOCK_DECL(int, get_estimated_address_per_node, (void)); #endif /* !defined(TOR_NODELIST_H) */ - diff --git a/src/or/onion.h b/src/or/onion.h index 57224f629..ff70f299d 100644 --- a/src/or/onion.h +++ b/src/or/onion.h @@ -13,6 +13,10 @@ #define TOR_ONION_H struct create_cell_t; +struct curve25519_keypair_t; +struct curve25519_public_key_t; +#include "lib/crypt_ops/crypto_ed25519.h" + int onion_pending_add(or_circuit_t *circ, struct create_cell_t *onionskin); or_circuit_t *onion_next_task(struct create_cell_t **onionskin_out); int onion_num_pending(uint16_t handshake_type); @@ -23,8 +27,8 @@ typedef struct server_onion_keys_t { uint8_t my_identity[DIGEST_LEN]; crypto_pk_t *onion_key; crypto_pk_t *last_onion_key; - di_digest256_map_t *curve25519_key_map; - curve25519_keypair_t *junk_keypair; + struct di_digest256_map_t *curve25519_key_map; + struct curve25519_keypair_t *junk_keypair; } server_onion_keys_t; #define MAX_ONIONSKIN_CHALLENGE_LEN 255 @@ -88,7 +92,7 @@ typedef struct extend_cell_t { /** Identity fingerprint of the node we're conecting to.*/ uint8_t node_id[DIGEST_LEN]; /** Ed25519 public identity key. Zero if not set. */ - ed25519_public_key_t ed_pubkey; + struct ed25519_public_key_t ed_pubkey; /** The "create cell" embedded in this extend cell. Note that unlike the * create cells we generate ourself, this once can have a handshake type we * don't recognize. */ @@ -122,4 +126,3 @@ int extended_cell_format(uint8_t *command_out, uint16_t *len_out, uint8_t *payload_out, const extended_cell_t *cell_in); #endif /* !defined(TOR_ONION_H) */ - diff --git a/src/or/onion_ntor.h b/src/or/onion_ntor.h index 4855f9819..0ba4abe49 100644 --- a/src/or/onion_ntor.h +++ b/src/or/onion_ntor.h @@ -5,9 +5,10 @@ #define TOR_ONION_NTOR_H #include "lib/cc/torint.h" -#include "lib/crypt_ops/crypto_curve25519.h" struct di_digest256_map_t; +struct curve25519_public_key_t; +struct curve25519_keypair_t; /** State to be maintained by a client between sending an ntor onionskin * and receiving a reply. */ @@ -23,17 +24,17 @@ void ntor_handshake_state_free_(ntor_handshake_state_t *state); FREE_AND_NULL(ntor_handshake_state_t, ntor_handshake_state_free_, (state)) int onion_skin_ntor_create(const uint8_t *router_id, - const curve25519_public_key_t *router_key, + const struct curve25519_public_key_t *router_key, ntor_handshake_state_t **handshake_state_out, uint8_t *onion_skin_out); int onion_skin_ntor_server_handshake(const uint8_t *onion_skin, - const struct di_digest256_map_t *private_keys, - const curve25519_keypair_t *junk_keypair, - const uint8_t *my_node_id, - uint8_t *handshake_reply_out, - uint8_t *key_out, - size_t key_out_len); + const struct di_digest256_map_t *private_keys, + const struct curve25519_keypair_t *junk_keypair, + const uint8_t *my_node_id, + uint8_t *handshake_reply_out, + uint8_t *key_out, + size_t key_out_len); int onion_skin_ntor_client_handshake( const ntor_handshake_state_t *handshake_state, @@ -43,6 +44,7 @@ int onion_skin_ntor_client_handshake( const char **msg_out); #ifdef ONION_NTOR_PRIVATE +#include "lib/crypt_ops/crypto_curve25519.h" /** Storage held by a client while waiting for an ntor reply from a server. */ struct ntor_handshake_state_t { diff --git a/src/or/or.h b/src/or/or.h index 2f3dba2b0..f0204be40 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -68,7 +68,6 @@ #include "lib/container/map.h" #include "lib/container/smartlist.h" #include "lib/crypt_ops/crypto.h" -#include "lib/crypt_ops/crypto_format.h" #include "lib/defs/dh_sizes.h" #include "lib/encoding/binascii.h" #include "lib/net/address.h" @@ -79,6 +78,9 @@ // definitions working. We should remove them when we minimize our includes. #include "or/entry_port_cfg_st.h" +struct ed25519_public_key_t; +struct curve25519_public_key_t; + /* These signals are defined to help handle_control_signal work. */ #ifndef SIGHUP diff --git a/src/or/router.c b/src/or/router.c index 091809a22..cc7102228 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -53,6 +53,7 @@ #include "lib/osinfo/uname.h" #include "lib/tls/tortls.h" #include "lib/encoding/confline.h" +#include "lib/crypt_ops/crypto_format.h" /** * \file router.c diff --git a/src/or/router.h b/src/or/router.h index 54f61c45a..51ac36579 100644 --- a/src/or/router.h +++ b/src/or/router.h @@ -14,6 +14,9 @@ #include "lib/testsupport/testsupport.h" +struct curve25519_keypair_t; +struct ed25519_keypair_t; + #define TOR_ROUTERINFO_ERROR_NO_EXT_ADDR (-1) #define TOR_ROUTERINFO_ERROR_CANNOT_PARSE (-2) #define TOR_ROUTERINFO_ERROR_NOT_A_SERVER (-3) @@ -107,10 +110,10 @@ MOCK_DECL(int,router_pick_published_address,(const or_options_t *options, int router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e); int router_rebuild_descriptor(int force); char *router_dump_router_to_string(routerinfo_t *router, - const crypto_pk_t *ident_key, - const crypto_pk_t *tap_key, - const curve25519_keypair_t *ntor_keypair, - const ed25519_keypair_t *signing_keypair); + const crypto_pk_t *ident_key, + const crypto_pk_t *tap_key, + const struct curve25519_keypair_t *ntor_keypair, + const struct ed25519_keypair_t *signing_keypair); char *router_dump_exit_policy_to_string(const routerinfo_t *router, int include_ipv4, int include_ipv6); @@ -126,7 +129,7 @@ int router_has_orport(const routerinfo_t *router, const tor_addr_port_t *orport); int extrainfo_dump_to_string(char **s, extrainfo_t *extrainfo, crypto_pk_t *ident_key, - const ed25519_keypair_t *signing_keypair); + const struct ed25519_keypair_t *signing_keypair); int is_legal_nickname(const char *s); int is_legal_nickname_or_hexdigest(const char *s); int is_legal_hexdigest(const char *s); @@ -156,4 +159,3 @@ STATIC int router_write_fingerprint(int hashed); #endif #endif /* !defined(TOR_ROUTER_H) */ - diff --git a/src/or/routerinfo_st.h b/src/or/routerinfo_st.h index feb3b41fc..89a7702b3 100644 --- a/src/or/routerinfo_st.h +++ b/src/or/routerinfo_st.h @@ -9,6 +9,8 @@ #include "or/signed_descriptor_st.h" +struct curve25519_public_key_t; + /** Information about another onion router in the network. */ struct routerinfo_t { signed_descriptor_t cache_info; @@ -28,7 +30,7 @@ struct routerinfo_t { crypto_pk_t *onion_pkey; /**< Public RSA key for onions. */ crypto_pk_t *identity_pkey; /**< Public RSA key for signing. */ /** Public curve25519 key for onions */ - curve25519_public_key_t *onion_curve25519_pkey; + struct curve25519_public_key_t *onion_curve25519_pkey; /** What's the earliest expiration time on all the certs in this * routerinfo? */ time_t cert_expiration_time; @@ -104,4 +106,3 @@ struct routerinfo_t { }; #endif - diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c index d6e7c752c..b92ec76aa 100644 --- a/src/or/routerkeys.c +++ b/src/or/routerkeys.c @@ -24,6 +24,7 @@ #include "lib/crypt_ops/crypto_util.h" #include "lib/term/getpass.h" #include "lib/tls/tortls.h" +#include "lib/crypt_ops/crypto_format.h" #define ENC_KEY_HEADER "Boxed Ed25519 key" #define ENC_KEY_TAG "master" diff --git a/src/or/routerlist.c b/src/or/routerlist.c index ad6555fe1..189ea8acd 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -95,6 +95,7 @@ #include "lib/err/backtrace.h" #include "or/bridges.h" #include "lib/crypt_ops/crypto_ed25519.h" +#include "lib/crypt_ops/crypto_format.h" #include "or/circuitstats.h" #include "or/config.h" #include "or/connection.h" @@ -5841,4 +5842,3 @@ refresh_all_country_info(void) nodelist_refresh_countries(); } - diff --git a/src/or/routerparse.c b/src/or/routerparse.c index dfc298286..a095c222b 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -58,6 +58,7 @@ #include "or/or.h" #include "or/circuitstats.h" #include "or/config.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_util.h" #include "or/dirauth/shared_random.h" #include "or/dirserv.h" diff --git a/src/or/vote_routerstatus_st.h b/src/or/vote_routerstatus_st.h index 7ec0c962f..1b85737df 100644 --- a/src/or/vote_routerstatus_st.h +++ b/src/or/vote_routerstatus_st.h @@ -8,6 +8,7 @@ #define VOTE_ROUTERSTATUS_ST_H #include "or/routerstatus_st.h" +#include "lib/defs/x25519_sizes.h" /** The claim about a single router, made in a vote. */ struct vote_routerstatus_t { @@ -38,4 +39,3 @@ struct vote_routerstatus_t { }; #endif - diff --git a/src/test/fuzz/fuzz_consensus.c b/src/test/fuzz/fuzz_consensus.c index de54da61b..25dc75a7b 100644 --- a/src/test/fuzz/fuzz_consensus.c +++ b/src/test/fuzz/fuzz_consensus.c @@ -4,6 +4,7 @@ #include "or/or.h" #include "or/routerparse.h" #include "or/networkstatus.h" +#include "lib/crypt_ops/crypto_ed25519.h" #include "test/fuzz/fuzzing.h" static void @@ -75,4 +76,3 @@ fuzz_main(const uint8_t *data, size_t sz) tor_free(str); return 0; } - diff --git a/src/test/fuzz/fuzz_hsdescv2.c b/src/test/fuzz/fuzz_hsdescv2.c index 5cf2cffb8..7fd86f40b 100644 --- a/src/test/fuzz/fuzz_hsdescv2.c +++ b/src/test/fuzz/fuzz_hsdescv2.c @@ -4,6 +4,7 @@ #include "or/or.h" #include "or/routerparse.h" #include "or/rendcommon.h" +#include "lib/crypt_ops/crypto_ed25519.h" #include "test/fuzz/fuzzing.h" static void @@ -49,4 +50,3 @@ fuzz_main(const uint8_t *data, size_t sz) tor_free(str); return 0; } - diff --git a/src/test/fuzz/fuzz_iptsv2.c b/src/test/fuzz/fuzz_iptsv2.c index 7bf4d1282..e4ec7fffc 100644 --- a/src/test/fuzz/fuzz_iptsv2.c +++ b/src/test/fuzz/fuzz_iptsv2.c @@ -4,6 +4,7 @@ #include "or/or.h" #include "or/routerparse.h" #include "or/rendcommon.h" +#include "lib/crypt_ops/crypto_ed25519.h" #include "or/rend_service_descriptor_st.h" @@ -46,4 +47,3 @@ fuzz_main(const uint8_t *data, size_t sz) rend_service_descriptor_free(desc); return 0; } - diff --git a/src/test/fuzz/fuzz_microdesc.c b/src/test/fuzz/fuzz_microdesc.c index 74e0ef4f4..a7fe1bb66 100644 --- a/src/test/fuzz/fuzz_microdesc.c +++ b/src/test/fuzz/fuzz_microdesc.c @@ -4,6 +4,8 @@ #include "or/or.h" #include "or/routerparse.h" #include "or/microdesc.h" +#include "lib/crypt_ops/crypto_ed25519.h" + #include "test/fuzz/fuzzing.h" static void @@ -44,4 +46,3 @@ fuzz_main(const uint8_t *data, size_t sz) } return 0; } - diff --git a/src/test/fuzz/fuzz_vrs.c b/src/test/fuzz/fuzz_vrs.c index 0713f99c3..7d28ef1c7 100644 --- a/src/test/fuzz/fuzz_vrs.c +++ b/src/test/fuzz/fuzz_vrs.c @@ -10,6 +10,7 @@ #include "or/networkstatus_st.h" #include "or/vote_routerstatus_st.h" +#include "lib/crypt_ops/crypto_ed25519.h" #include "test/fuzz/fuzzing.h" @@ -83,4 +84,3 @@ fuzz_main(const uint8_t *data, size_t sz) tor_free(str); return 0; } - diff --git a/src/test/test_controller.c b/src/test/test_controller.c index de8e4630c..54c2e0a2e 100644 --- a/src/test/test_controller.c +++ b/src/test/test_controller.c @@ -3,6 +3,7 @@ #define CONTROL_PRIVATE #include "or/or.h" +#include "lib/crypt_ops/crypto_ed25519.h" #include "or/bridges.h" #include "or/control.h" #include "or/entrynodes.h" @@ -1625,4 +1626,3 @@ struct testcase_t controller_tests[] = { { "getinfo_md_all", test_getinfo_md_all, 0, NULL, NULL }, END_OF_TESTCASES }; - diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c index eb4b36f08..e342c933b 100644 --- a/src/test/test_crypto.c +++ b/src/test/test_crypto.c @@ -14,6 +14,7 @@ #include "lib/crypt_ops/crypto_curve25519.h" #include "lib/crypt_ops/crypto_dh.h" #include "lib/crypt_ops/crypto_ed25519.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_hkdf.h" #include "lib/crypt_ops/crypto_rand.h" #include "ed25519_vectors.inc" diff --git a/src/test/test_crypto_slow.c b/src/test/test_crypto_slow.c index 9878a0d02..7c1dfa0a9 100644 --- a/src/test/test_crypto_slow.c +++ b/src/test/test_crypto_slow.c @@ -7,6 +7,8 @@ #define CRYPTO_S2K_PRIVATE #include "or/or.h" #include "test/test.h" +#include "lib/crypt_ops/crypto_curve25519.h" +#include "lib/crypt_ops/crypto_ed25519.h" #include "lib/crypt_ops/crypto_s2k.h" #include "lib/crypt_ops/crypto_pwbox.h" #include "lib/crypt_ops/crypto_rand.h" @@ -615,4 +617,3 @@ struct testcase_t slow_crypto_tests[] = { ED25519_TEST(fuzz_donna, TT_FORK), END_OF_TESTCASES }; - diff --git a/src/test/test_dir.c b/src/test/test_dir.c index 5891f1c9e..0cdef0645 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -23,6 +23,7 @@ #include "or/config.h" #include "or/control.h" #include "lib/crypt_ops/crypto_ed25519.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_rand.h" #include "or/directory.h" #include "or/dirserv.h" diff --git a/src/test/test_hs_cache.c b/src/test/test_hs_cache.c index ccad3062b..c22cc4638 100644 --- a/src/test/test_hs_cache.c +++ b/src/test/test_hs_cache.c @@ -17,6 +17,7 @@ #include "or/networkstatus.h" #include "or/connection.h" #include "or/proto_http.h" +#include "lib/crypt_ops/crypto_format.h" #include "or/dir_connection_st.h" #include "or/networkstatus_st.h" @@ -561,4 +562,3 @@ struct testcase_t hs_cache[] = { END_OF_TESTCASES }; - diff --git a/src/test/test_hs_common.c b/src/test/test_hs_common.c index 934b26450..cf221ca60 100644 --- a/src/test/test_hs_common.c +++ b/src/test/test_hs_common.c @@ -17,6 +17,7 @@ #include "test/hs_test_helpers.h" #include "or/connection_edge.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_rand.h" #include "or/hs_common.h" #include "or/hs_client.h" @@ -1832,4 +1833,3 @@ struct testcase_t hs_common_tests[] = { END_OF_TESTCASES }; - diff --git a/src/test/test_hs_control.c b/src/test/test_hs_control.c index f5beced45..6e5e78337 100644 --- a/src/test/test_hs_control.c +++ b/src/test/test_hs_control.c @@ -18,6 +18,7 @@ #include "or/node_st.h" #include "or/routerstatus_st.h" +#include "lib/crypt_ops/crypto_format.h" #include "test/test_helpers.h" @@ -191,4 +192,3 @@ struct testcase_t hs_control_tests[] = { END_OF_TESTCASES }; - diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index 43d495590..a017facd2 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -9,6 +9,7 @@ #define HS_DESCRIPTOR_PRIVATE #include "lib/crypt_ops/crypto_ed25519.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_digest.h" #include "lib/crypt_ops/crypto_rand.h" #include "trunnel/ed25519_cert.h" @@ -896,4 +897,3 @@ struct testcase_t hs_descriptor[] = { END_OF_TESTCASES }; - diff --git a/src/test/test_hs_ntor.c b/src/test/test_hs_ntor.c index 51373af64..c52440900 100644 --- a/src/test/test_hs_ntor.c +++ b/src/test/test_hs_ntor.c @@ -9,6 +9,8 @@ #include "test/test.h" #include "test/test_helpers.h" #include "test/log_test_helpers.h" +#include "lib/crypt_ops/crypto_curve25519.h" +#include "lib/crypt_ops/crypto_ed25519.h" #include "or/hs_ntor.h" @@ -111,4 +113,3 @@ struct testcase_t hs_ntor_tests[] = { END_OF_TESTCASES }; - diff --git a/src/test/test_hs_ntor_cl.c b/src/test/test_hs_ntor_cl.c index 5475f3b38..6bf11560b 100644 --- a/src/test/test_hs_ntor_cl.c +++ b/src/test/test_hs_ntor_cl.c @@ -17,6 +17,8 @@ #include "common/util.h" #include "lib/crypt_ops/crypto.h" #include "lib/crypt_ops/crypto_curve25519.h" +#include "lib/crypt_ops/crypto_ed25519.h" +#include "lib/crypt_ops/crypto_format.h" #include "or/hs_ntor.h" #include "or/onion_ntor.h" @@ -251,4 +253,3 @@ main(int argc, char **argv) return 1; } } - diff --git a/src/test/test_routerkeys.c b/src/test/test_routerkeys.c index 948cf0d60..3fc381cd2 100644 --- a/src/test/test_routerkeys.c +++ b/src/test/test_routerkeys.c @@ -11,6 +11,7 @@ #include "or/routerkeys.h" #include "common/util.h" #include "lib/crypt_ops/crypto.h" +#include "lib/crypt_ops/crypto_format.h" #include "or/torcert.h" #include "test/test.h" @@ -695,4 +696,3 @@ struct testcase_t routerkeys_tests[] = { TEST(rsa_ed_crosscert, 0), END_OF_TESTCASES }; - diff --git a/src/test/test_util.c b/src/test/test_util.c index 6d0162e6e..ab0573e56 100644 --- a/src/test/test_util.c +++ b/src/test/test_util.c @@ -17,6 +17,7 @@ #include "or/config.h" #include "or/control.h" #include "or/transports.h" +#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_rand.h" #include "test/test.h" #include "lib/memarea/memarea.h" diff --git a/src/test/testing_common.c b/src/test/testing_common.c index 879382ce2..0b7a3287a 100644 --- a/src/test/testing_common.c +++ b/src/test/testing_common.c @@ -14,6 +14,7 @@ #include "or/control.h" #include "or/config.h" #include "lib/crypt_ops/crypto_dh.h" +#include "lib/crypt_ops/crypto_ed25519.h" #include "lib/crypt_ops/crypto_rand.h" #include "or/rephist.h" #include "lib/err/backtrace.h"