tor-proto: Code to construct crypto layers for virtual hops.
This is fairly straightforward, thanks to our existing design work on this code.
This commit is contained in:
parent
ac0eb05a07
commit
b9a848a7ac
|
@ -410,6 +410,8 @@ impl ClientCirc {
|
|||
role: handshake::HandshakeRole,
|
||||
seed: impl handshake::KeyGenerator,
|
||||
) -> Result<()> {
|
||||
let (outbound, inbound) = protocol.construct_layers(role, seed)?;
|
||||
|
||||
todo!() // TODO hs implement
|
||||
}
|
||||
|
||||
|
|
|
@ -11,6 +11,11 @@
|
|||
// that can wait IMO until we have a second circuit creation mechanism for use
|
||||
// with ntor.
|
||||
|
||||
use crate::crypto::cell::{
|
||||
ClientLayer, CryptInit, InboundClientLayer, OutboundClientLayer, Tor1Hsv3RelayCrypto,
|
||||
};
|
||||
use crate::Result;
|
||||
|
||||
pub use crate::crypto::handshake::hs_ntor;
|
||||
pub use crate::crypto::handshake::KeyGenerator;
|
||||
|
||||
|
@ -27,7 +32,7 @@ pub enum RelayProtocol {
|
|||
}
|
||||
|
||||
/// What role we are playing in a handshake.
|
||||
#[derive(Copy, Clone, Debug)]
|
||||
#[derive(Copy, Clone, Debug, Eq, PartialEq)]
|
||||
#[non_exhaustive]
|
||||
pub enum HandshakeRole {
|
||||
/// We are the party initiating the handshake.
|
||||
|
@ -35,3 +40,30 @@ pub enum HandshakeRole {
|
|||
/// We are the party responding to the handshake.
|
||||
Responder,
|
||||
}
|
||||
|
||||
impl RelayProtocol {
|
||||
/// Construct the cell-crypto layers that are needed for a given set of
|
||||
/// circuit hop parameters.
|
||||
pub(crate) fn construct_layers(
|
||||
self,
|
||||
role: HandshakeRole,
|
||||
keygen: impl KeyGenerator,
|
||||
) -> Result<(
|
||||
Box<dyn OutboundClientLayer + Send>,
|
||||
Box<dyn InboundClientLayer + Send>,
|
||||
)> {
|
||||
match self {
|
||||
RelayProtocol::HsV3 => {
|
||||
let seed_needed = Tor1Hsv3RelayCrypto::seed_len();
|
||||
let seed = keygen.expand(seed_needed)?;
|
||||
let layer = Tor1Hsv3RelayCrypto::initialize(&seed)?;
|
||||
let (fwd, back) = layer.split();
|
||||
let (fwd, back) = match role {
|
||||
HandshakeRole::Initiator => (fwd, back),
|
||||
HandshakeRole::Responder => (back, fwd),
|
||||
};
|
||||
Ok((Box::new(fwd), Box::new(back)))
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -211,6 +211,13 @@ impl InboundClientCrypt {
|
|||
pub(crate) type Tor1RelayCrypto =
|
||||
tor1::CryptStatePair<tor_llcrypto::cipher::aes::Aes128Ctr, tor_llcrypto::d::Sha1>;
|
||||
|
||||
/// Standard Tor relay crypto, as instantiated for the HSv3 protocol.
|
||||
///
|
||||
/// (The use of SHA3 is ridiculously overkill.)
|
||||
#[cfg(feature = "hs-common")]
|
||||
pub(crate) type Tor1Hsv3RelayCrypto =
|
||||
tor1::CryptStatePair<tor_llcrypto::cipher::aes::Aes256Ctr, tor_llcrypto::d::Sha3_256>;
|
||||
|
||||
/// Incomplete untested implementation of Tor's current cell crypto.
|
||||
pub(crate) mod tor1 {
|
||||
use super::*;
|
||||
|
|
Loading…
Reference in New Issue