[tor-commits] [tor/master] Merge branch 'feature_15055_v2'
nickm at torproject.org
nickm at torproject.org
Thu Nov 3 13:18:59 UTC 2016
commit d9ca4e20bd51915317c7bda38ef56c67499f6f5e
Merge: 25f5395 f156156
Author: Nick Mathewson <nickm at torproject.org>
Date: Thu Nov 3 08:44:46 2016 -0400
Merge branch 'feature_15055_v2'
changes/bug17779 | 6 +
changes/bug20027 | 3 +
changes/feature13752 | 4 +
changes/feature15055 | 6 +
src/common/tortls.c | 67 +++-
src/common/tortls.h | 10 +-
src/or/channel.c | 5 +-
src/or/channel.h | 3 +-
src/or/channeltls.c | 363 ++++++++++++++++------
src/or/channeltls.h | 3 +-
src/or/circuitbuild.c | 5 +-
src/or/connection_or.c | 405 ++++++++++++++++++------
src/or/connection_or.h | 22 +-
src/or/dirserv.c | 8 +-
src/or/or.h | 68 +++-
src/or/routerkeys.c | 95 +++++-
src/or/routerkeys.h | 5 +
src/or/routerparse.c | 12 +-
src/or/torcert.c | 352 ++++++++++++++++++++-
src/or/torcert.h | 27 +-
src/test/include.am | 2 +
src/test/test.h | 2 +
src/test/test_channeltls.c | 9 +-
src/test/test_link_handshake.c | 689 ++++++++++++++++++++++++++++++++++++-----
src/test/test_routerkeys.c | 62 ++++
src/test/test_tortls.c | 26 +-
src/test/testing_common.c | 69 +----
src/test/testing_rsakeys.c | 545 ++++++++++++++++++++++++++++++++
28 files changed, 2462 insertions(+), 411 deletions(-)
diff --cc src/or/torcert.c
index 37a201e,69f50aa..4259363
--- a/src/or/torcert.c
+++ b/src/or/torcert.c
@@@ -6,25 -6,10 +6,27 @@@
*
* \brief Implementation for ed25519-signed certificates as used in the Tor
* protocol.
+ *
+ * This certificate format is designed to be simple and compact; it's
+ * documented in tor-spec.txt in the torspec.git repository. All of the
+ * certificates in this format are signed with an Ed25519 key; the
+ * contents themselves may be another Ed25519 key, a digest of a
+ * RSA key, or some other material.
+ *
+ * In this module there is also support for a crooss-certification of
+ * Ed25519 identities using (older) RSA1024 identities.
+ *
+ * Tor uses other types of certificate too, beyond those described in this
+ * module. Notably, our use of TLS requires us to touch X.509 certificates,
+ * even though sensible people would stay away from those. Our X.509
+ * certificates are represented with tor_x509_cert_t, and implemented in
+ * tortls.c. We also have a separate certificate type that authorities
+ * use to authenticate their RSA signing keys with their RSA identity keys:
+ * that one is authority_cert_t, and it's mostly handled in routerlist.c.
*/
+ #include "or.h"
+ #include "config.h"
#include "crypto.h"
#include "torcert.h"
#include "ed25519_cert.h"
More information about the tor-commits
mailing list