hs_ident.c (3609B)
1 /* Copyright (c) 2017-2021, The Tor Project, Inc. */ 2 /* See LICENSE for licensing information */ 3 4 /** 5 * \file hs_ident.c 6 * \brief Contains circuit and connection identifier code for the whole HS 7 * subsystem. 8 **/ 9 10 #include "lib/crypt_ops/crypto_util.h" 11 #include "feature/hs/hs_ident.h" 12 13 /** Return a newly allocated circuit identifier. The given public key is copied 14 * identity_pk into the identifier. */ 15 hs_ident_circuit_t * 16 hs_ident_circuit_new(const ed25519_public_key_t *identity_pk) 17 { 18 hs_ident_circuit_t *ident = tor_malloc_zero(sizeof(*ident)); 19 ed25519_pubkey_copy(&ident->identity_pk, identity_pk); 20 return ident; 21 } 22 23 /** Free the given circuit identifier. */ 24 void 25 hs_ident_circuit_free_(hs_ident_circuit_t *ident) 26 { 27 if (ident == NULL) { 28 return; 29 } 30 memwipe(ident, 0, sizeof(hs_ident_circuit_t)); 31 tor_free(ident); 32 } 33 34 /** For a given circuit identifier src, return a newly allocated copy of it. 35 * This can't fail. */ 36 hs_ident_circuit_t * 37 hs_ident_circuit_dup(const hs_ident_circuit_t *src) 38 { 39 hs_ident_circuit_t *ident = tor_malloc_zero(sizeof(*ident)); 40 memcpy(ident, src, sizeof(*ident)); 41 return ident; 42 } 43 44 /** For a given directory connection identifier src, return a newly allocated 45 * copy of it. This can't fail. */ 46 hs_ident_dir_conn_t * 47 hs_ident_dir_conn_dup(const hs_ident_dir_conn_t *src) 48 { 49 hs_ident_dir_conn_t *ident = tor_malloc_zero(sizeof(*ident)); 50 memcpy(ident, src, sizeof(*ident)); 51 return ident; 52 } 53 54 /** Free the given directory connection identifier. */ 55 void 56 hs_ident_dir_conn_free_(hs_ident_dir_conn_t *ident) 57 { 58 if (ident == NULL) { 59 return; 60 } 61 memwipe(ident, 0, sizeof(hs_ident_dir_conn_t)); 62 tor_free(ident); 63 } 64 65 /** Return a newly allocated HS directory connection identifier that is meant 66 * for the server side (HSDir). Only the blinded key is known by the HSDir. */ 67 hs_ident_dir_conn_t * 68 hs_ident_server_dir_conn_new(const ed25519_public_key_t *blinded_pk) 69 { 70 hs_ident_dir_conn_t *ident = tor_malloc_zero(sizeof(*ident)); 71 ed25519_pubkey_copy(&ident->blinded_pk, blinded_pk); 72 return ident; 73 } 74 75 /** Initialized the allocated ident object with identity_pk and blinded_pk. 76 * None of them can be NULL since a valid directory connection identifier must 77 * have all fields set. */ 78 void 79 hs_ident_dir_conn_init(const ed25519_public_key_t *identity_pk, 80 const ed25519_public_key_t *blinded_pk, 81 hs_ident_dir_conn_t *ident) 82 { 83 tor_assert(identity_pk); 84 tor_assert(blinded_pk); 85 tor_assert(ident); 86 87 ed25519_pubkey_copy(&ident->identity_pk, identity_pk); 88 ed25519_pubkey_copy(&ident->blinded_pk, blinded_pk); 89 } 90 91 /** Return a newly allocated edge connection identifier. The given public key 92 * identity_pk is copied into the identifier. */ 93 hs_ident_edge_conn_t * 94 hs_ident_edge_conn_new(const ed25519_public_key_t *identity_pk) 95 { 96 hs_ident_edge_conn_t *ident = tor_malloc_zero(sizeof(*ident)); 97 ed25519_pubkey_copy(&ident->identity_pk, identity_pk); 98 return ident; 99 } 100 101 /** Free the given edge connection identifier. */ 102 void 103 hs_ident_edge_conn_free_(hs_ident_edge_conn_t *ident) 104 { 105 if (ident == NULL) { 106 return; 107 } 108 memwipe(ident, 0, sizeof(hs_ident_edge_conn_t)); 109 tor_free(ident); 110 } 111 112 /** Return true if the given ident is valid for an introduction circuit. */ 113 int 114 hs_ident_intro_circ_is_valid(const hs_ident_circuit_t *ident) 115 { 116 if (ident == NULL) { 117 goto invalid; 118 } 119 120 if (ed25519_public_key_is_zero(&ident->identity_pk)) { 121 goto invalid; 122 } 123 124 if (ed25519_public_key_is_zero(&ident->intro_auth_pk)) { 125 goto invalid; 126 } 127 128 /* Valid. */ 129 return 1; 130 invalid: 131 return 0; 132 }