* Don't ever use the words "parameter" or "param".
These doesn't appear in the spec anywhere.
* Use `h` as the variable name for the unclamped blinding factor,
and `blinding_factor` in function names.
Unhelpfully, the spec uses the variable name `h` and the phrase
"blinding factor" for both the unclamped and clamped value. The
clamped value is internal to the algorithm.
In our code:
* Don't ever use the word "parameter" or variable name `param`.
This doesn't appear in the spec anywhere.
* Use `h` for the unclamped blinding factor, and `blinding_factor` for the
clamped blinding factor.
* Rename `blinding_factor` function to `clamp_blinding_factor`, since
in the spec's terminology it takes an (unclamped) "blinding factor"
and returns a (clamped) "blinding factor".
* State explicitly what thing in the spec the `h` parameters are.
There are too many things called "index" here. `idx` could be read to
mean the table index `RouterStatusIdx`, the hsdir hash `HsDirIndex`,
or an entry in some other one of these tables.
Here's, it's just the sequence number of the index in the test netdir.
Use `pos` for that. (`seq` would have been another possibility.)
The hidden services directory hashring is a ring of hsdir relays,
sorted by a hash that the spec calls the "index". That's `HsDirIndex`.
This was a bad idea because the word "index" is seriously overused,
but in Arti we must use the same terminology.
At least, qualify it everywhere. Now one of these hsdir sort position
hashes is always, in our code, an `hsdir_index`.
I think this is necessary even inside modules called `hsdir_*`,
because those can deal with other kind of "index" too.
This is an `IndexVec` key type. Some places used `idx`, some `rsi`,
some `rs_idx`.
Use `rsidx` for it everywhere, including in locals, function names,
and fields. `rsidx` is a compromise. `rsi` might be a bit opaque,
but we want a one-"word" name since it appears inside other names.
Hidden services use blinded singing keys derived from the identity key
to sign descriptor signing keys.
Before this patch, the hidden descriptor builder represented its blinded
signing keys (`blinded_id`) as plain `ed25519::Keypair`s. This was not
ideal, as there was nothing preventing the caller from accidentally
initializing `blinded_id` with an unblinded keypair.
This introduces a new `HsBlindKeypair` type to represent blinded
keypairs.
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
`NetdocText` is a wrapper around a `String` and a type marker. The type
annotation proved of limited use, and made the netdoc builder API
somewhat awkward to use.
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
Unlike `hsdesc::IntroPointDesc`, `hsdesc::build::IntroPointDesc`
represents link specifiers as `LinkSpec`s rather than
`UnparsedLinkSpec`s.
Since this is a general-purpose representation of an introduction point
and not merely an intermediate representation for decoding/encoding, it
will probably need to be factored out of `tor-netdoc` at some point.
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
This introduces the `NetdocBuilder` trait described in
`netdoc-builder.md` and a new `tor-netdoc::doc::hsdesc::build` module,
which exports the `HsDescBuilder`. Hidden services will use
`HsDescBuilder` to build and encode hidden service descriptors.
There are several TODOs in the code that I'm planning to address
separately.
Partially addresses #745.
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
These are used in multiple places (and will also be used by the HS
descriptor encoder later on), so let's make them named constants.
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
This makes some code a bit more concise, as it allows us to make
`Strings` into `ItemArgument`s without calling `.as_str()`.
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
We're going to want to reuse this.
Also: rename StreamPrefs::isolation and update the docs, to better
reflect its rather limited functionality. The new
TorClient::isolation is the only call site.