From 7df5f4d4a90cd828719b5d3b8448ba3e7c481ab3 Mon Sep 17 00:00:00 2001 From: Gabriela Moldovan Date: Mon, 21 Aug 2023 15:57:11 +0100 Subject: [PATCH] tor-netdoc: Remove redundant `IntroPointDesc` struct. This commit replaces `tor_netdoc::hsdesc::inner::IntroPointDesc` with the (almost identical) `tor_netdoc::hsdesc::IntroPointDesc`. The only difference between the two structs is that `inner::IntroPointDesc` wraps a `Vec` instead of a `Vec`. Since `EncodedLinkSpec` can be derived from `LinkSpec` (and vice-versa), and since `hsdesc::inner::IntroPointDesc` never made it in our public API, this commit also removes `hsdesc::inner::IntroPointDesc` in favour of `hsdesc::IntroPointDesc`. --- crates/tor-netdoc/semver.md | 3 ++ crates/tor-netdoc/src/doc/hsdesc/build.rs | 14 ++++++-- .../tor-netdoc/src/doc/hsdesc/build/inner.rs | 32 ++----------------- 3 files changed, 16 insertions(+), 33 deletions(-) create mode 100644 crates/tor-netdoc/semver.md diff --git a/crates/tor-netdoc/semver.md b/crates/tor-netdoc/semver.md new file mode 100644 index 000000000..9b83cb6eb --- /dev/null +++ b/crates/tor-netdoc/semver.md @@ -0,0 +1,3 @@ +BREAKING: The argument of `HsDescBuilder::intro_points` is now +`tor_netdoc::hsdesc::IntroPointDesc` instead of the private +`tor_netdoc::hsdesc::builder::inner:IntroPointDesc` diff --git a/crates/tor-netdoc/src/doc/hsdesc/build.rs b/crates/tor-netdoc/src/doc/hsdesc/build.rs index ecb675f99..f328c754e 100644 --- a/crates/tor-netdoc/src/doc/hsdesc/build.rs +++ b/crates/tor-netdoc/src/doc/hsdesc/build.rs @@ -4,7 +4,7 @@ mod inner; mod middle; mod outer; -use crate::doc::hsdesc::IntroAuthType; +use crate::doc::hsdesc::{IntroAuthType, IntroPointDesc}; use crate::NetdocBuilder; use rand::{CryptoRng, RngCore}; use tor_bytes::EncodeError; @@ -21,7 +21,7 @@ use smallvec::SmallVec; use std::borrow::{Borrow, Cow}; use std::time::SystemTime; -use self::inner::{HsDescInner, IntroPointDesc}; +use self::inner::HsDescInner; use self::middle::HsDescMiddle; use self::outer::HsDescOuter; @@ -286,6 +286,12 @@ mod test { rng: &mut R, link_specifiers: Vec, ) -> IntroPointDesc { + let link_specifiers = link_specifiers + .iter() + .map(|link_spec| link_spec.encode()) + .collect::, _>>() + .unwrap(); + IntroPointDesc { link_specifiers, ipt_ntor_key: create_curve25519_pk(rng), @@ -354,7 +360,9 @@ mod test { let expiry = SystemTime::now() + Duration::from_secs(CERT_EXPIRY_SECS); let mut rng = Config::Deterministic.into_rng().rng_compat(); let intro_points = vec![IntroPointDesc { - link_specifiers: vec![LinkSpec::OrPort(Ipv4Addr::LOCALHOST.into(), 9999)], + link_specifiers: vec![LinkSpec::OrPort(Ipv4Addr::LOCALHOST.into(), 9999) + .encode() + .unwrap()], ipt_ntor_key: create_curve25519_pk(&mut rng), ipt_sid_key: ed25519::Keypair::generate(&mut rng).public.into(), svc_ntor_key: create_curve25519_pk(&mut rng).into(), diff --git a/crates/tor-netdoc/src/doc/hsdesc/build/inner.rs b/crates/tor-netdoc/src/doc/hsdesc/build/inner.rs index 8796f187e..990b66f2e 100644 --- a/crates/tor-netdoc/src/doc/hsdesc/build/inner.rs +++ b/crates/tor-netdoc/src/doc/hsdesc/build/inner.rs @@ -7,6 +7,7 @@ use crate::build::NetdocEncoder; use crate::doc::hsdesc::inner::HsInnerKwd; use crate::doc::hsdesc::IntroAuthType; +use crate::doc::hsdesc::IntroPointDesc; use crate::NetdocBuilder; use rand::CryptoRng; @@ -14,11 +15,8 @@ use rand::RngCore; use tor_bytes::{EncodeError, Writer}; use tor_cert::{CertType, CertifiedKey, Ed25519Cert}; use tor_error::{bad_api_usage, into_bad_api_usage}; -use tor_hscrypto::pk::HsIntroPtSessionIdKey; -use tor_hscrypto::pk::HsSvcNtorKey; -use tor_linkspec::LinkSpec; +use tor_llcrypto::pk::ed25519; use tor_llcrypto::pk::keymanip::convert_curve25519_to_ed25519_public; -use tor_llcrypto::pk::{curve25519, ed25519}; use base64ct::{Base64, Encoding}; @@ -48,32 +46,6 @@ pub(super) struct HsDescInner<'a> { pub(super) intro_enc_key_cert_expiry: SystemTime, } -/// Information in an onion service descriptor about a single introduction point. -/// -/// TODO HSS: Move out of tor-netdoc: this is a general-purpose representation of an introduction -/// point, not merely an intermediate representation for decoding/encoding. There may be other -/// types that need to be factored out tor-netdoc for the same reason. -#[derive(Debug, Clone)] -pub struct IntroPointDesc { - /// A list of link specifiers needed to extend a circuit to the introduction point. - /// - /// These can include public keys and network addresses. - pub(crate) link_specifiers: Vec, - /// The key used to extend a circuit _to the introduction point_, using the - /// ntor or ntor3 handshakes. (`KP_ntor`) - pub(crate) ipt_ntor_key: curve25519::PublicKey, - /// A key used to identify the onion service at this introduction point. - /// (`KP_hs_ipt_sid`) - pub(crate) ipt_sid_key: HsIntroPtSessionIdKey, - /// `KP_hss_ntor`, the key used to encrypt a handshake _to the onion - /// service_ when using this introduction point. - /// - /// The onion service uses a separate key of this type with each - /// introduction point as part of its strategy for preventing replay - /// attacks. - pub(crate) svc_ntor_key: HsSvcNtorKey, -} - impl<'a> NetdocBuilder for HsDescInner<'a> { fn build_sign(self, _: &mut R) -> Result { use HsInnerKwd::*;