sarah
/
tapir-rs
1
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

onionv3 feature

This commit is contained in:
Sarah Jamie Lewis 2021-01-12 22:00:00 -08:00
parent 430aff82c5
commit 2baa274de4
4 changed files with 44 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Cargo.toml
View File

@ -1,6 +1,6 @@
[package] [package]
name = "tapir-cwtch" name = "tapir-cwtch"
version = "0.1.2" version = "0.1.3"
authors = ["Sarah Jamie Lewis <sarah@openprivacy.ca>"] authors = ["Sarah Jamie Lewis <sarah@openprivacy.ca>"]
edition = "2018" edition = "2018"
license = "MIT" license = "MIT"
@ -8,6 +8,9 @@ description = "Tapir is a small library for building p2p applications over anony
repository = "https://git.openprivacy.ca/sarah/tapir-rs" repository = "https://git.openprivacy.ca/sarah/tapir-rs"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[features]
onionv3 = []
[[test]] [[test]]
name = "simple_setup" name = "simple_setup"

55
examples/simple_client.rs
View File

@ -1,48 +1,31 @@
use ed25519_dalek::SecretKey;
use rand::rngs::OsRng;
use tapir_cwtch::acns::tor::authentication::HashedPassword;
use tapir_cwtch::acns::tor::TorProcess;
use tapir_cwtch::applications::authentication_app::{AuthenicationApp, AUTHENTICATION_CAPABILITY}; use tapir_cwtch::applications::authentication_app::{AuthenicationApp, AUTHENTICATION_CAPABILITY};
use tapir_cwtch::connections::service::Service; use tapir_cwtch::connections::service::Service;
use tapir_cwtch::connections::{Connection, ConnectionInterface, OutboundConnection}; use tapir_cwtch::connections::{Connection, ConnectionInterface, OutboundConnection};
use tapir_cwtch::primitives::identity::Identity; use tapir_cwtch::primitives::identity::Identity;
use tapir_cwtch::primitives::transcript::Transcript; use tapir_cwtch::primitives::transcript::Transcript;
use std::sync::Arc;
fn main() { fn main() {
let mut auth_control_port = TorProcess::connect(9051) let identity = Arc::new(Identity::initialize_ephemeral_identity());
.unwrap() println!("Setup: {}", identity.hostname());
.authenticate(Box::new(HashedPassword::new(String::from("examplehashedpassword"))))
.unwrap();
let mut csprng = OsRng {};
let keypair = ed25519_dalek::Keypair::generate(&mut csprng);
match auth_control_port.add_onion_v3(SecretKey::from_bytes(&keypair.secret.to_bytes()).unwrap(), 9878, 10029) {
Ok(service_id) => {
// we authenticated!
let identity = Identity::initialize(keypair);
println!("Service Id: {}", service_id);
println!("Setup: {}", identity.hostname());
let mut service = Service::init(identity.clone()); let mut service = Service::init(identity.clone());
let identity = identity.clone();
let identity = identity.clone(); let outbound_identity = identity.clone();
let outbound_identity = identity.clone(); let outbound_service = |conn: Connection<OutboundConnection>| {
let outbound_service = |conn: Connection<OutboundConnection>| { let mut transcript = Transcript::new_transcript("tapir-transcript");
let mut transcript = Transcript::new_transcript("tapir-transcript"); let mut auth_app = AuthenicationApp::new(outbound_identity);
let mut auth_app = AuthenicationApp::new(outbound_identity); match auth_app.run_outbound(conn, &mut transcript) {
match auth_app.run_outbound(conn, &mut transcript) { Ok(conn) => {
Ok(conn) => { println!("Authenticated {} {}", conn.hostname(), conn.has_capability(&AUTHENTICATION_CAPABILITY));
println!("Authenticated {} {}", conn.hostname(), conn.has_capability(&AUTHENTICATION_CAPABILITY)); }
} Err(err) => {
Err(err) => { println!("Error: {:?}", err);
println!("Error: {:?}", err);
}
}
};
match service.connect("hvdl5hckss4od2bn7zm2ho6ybak3heopfvxkbx6li3yl7avzc52aluid", outbound_service.clone()) {
_ => {}
} }
loop {}
} }
Err(err) => println!("{:?}", err), };
match service.connect("kaouzo6mkagk5vin663iqq4d2jctkkoh62avglamheohgdz5y7gu7eyd", outbound_service.clone()) {
_ => {}
} }
loop {}
} }

13
examples/simple_server.rs
View File

@ -1,5 +1,4 @@
use ed25519_dalek::SecretKey;
use rand::rngs::OsRng;
use tapir_cwtch::acns::tor::authentication::HashedPassword; use tapir_cwtch::acns::tor::authentication::HashedPassword;
use tapir_cwtch::acns::tor::TorProcess; use tapir_cwtch::acns::tor::TorProcess;
use tapir_cwtch::applications::authentication_app::AuthenicationApp; use tapir_cwtch::applications::authentication_app::AuthenicationApp;
@ -7,24 +6,24 @@ use tapir_cwtch::connections::service::Service;
use tapir_cwtch::connections::{Connection, ConnectionInterface, InboundConnection}; use tapir_cwtch::connections::{Connection, ConnectionInterface, InboundConnection};
use tapir_cwtch::primitives::identity::Identity; use tapir_cwtch::primitives::identity::Identity;
use tapir_cwtch::primitives::transcript::Transcript; use tapir_cwtch::primitives::transcript::Transcript;
use std::sync::Arc;
fn main() { fn main() {
let mut auth_control_port = TorProcess::connect(9051) let mut auth_control_port = TorProcess::connect(9051)
.unwrap() .unwrap()
.authenticate(Box::new(HashedPassword::new(String::from("examplehashedpassword")))) .authenticate(Box::new(HashedPassword::new(String::from("examplehashedpassword"))))
.unwrap(); .unwrap();
let mut csprng = OsRng {}; let identity = Arc::new(Identity::initialize_ephemeral_identity());
let keypair = ed25519_dalek::Keypair::generate(&mut csprng); match identity.host_onion_service(&mut auth_control_port, 9878, 10029) {
match auth_control_port.add_onion_v3(SecretKey::from_bytes(&keypair.secret.to_bytes()).unwrap(), 9878, 10029) {
Ok(service_id) => { Ok(service_id) => {
// we authenticated! // we authenticated!
let identity = Identity::initialize(keypair);
println!("Service Id: {}", service_id); println!("Service Id: {}", service_id);
println!("Setup: {}", identity.hostname()); println!("Setup: {}", identity.hostname());
let service = Service::init(identity.clone()); let service = Service::init(identity.clone());
let identity = identity.clone();
let inbound_service = |conn: Connection<InboundConnection>| { let inbound_service = |conn: Connection<InboundConnection>| {
let mut transcript = Transcript::new_transcript("tapir-transcript"); let mut transcript = Transcript::new_transcript("tapir-transcript");
let mut auth_app = AuthenicationApp::new(identity); let mut auth_app = AuthenicationApp::new(identity);

15
src/primitives/identity.rs
View File

@ -1,3 +1,4 @@
use crate::connections::utils::public_key_to_hostname; use crate::connections::utils::public_key_to_hostname;
use ed25519_dalek::{ExpandedSecretKey, Keypair, PublicKey}; use ed25519_dalek::{ExpandedSecretKey, Keypair, PublicKey};
use rand::rngs::OsRng; use rand::rngs::OsRng;
@ -7,6 +8,13 @@ use std::sync::Arc;
use x25519_dalek::PublicKey as X25519PublicKey; use x25519_dalek::PublicKey as X25519PublicKey;
use x25519_dalek::{SharedSecret, StaticSecret}; use x25519_dalek::{SharedSecret, StaticSecret};
#[cfg(any(feature = "onionv3"))]
use crate::acns::tor::{TorAuthenticated, TorProcess};
#[cfg(any(feature = "onionv3"))]
use crate::acns::ACNError;
#[cfg(any(feature = "onionv3"))]
use ed25519_dalek::{SecretKey};
#[derive(Serialize, Deserialize, Debug)] #[derive(Serialize, Deserialize, Debug)]
/// Identity - An ed25519 keypair, required for established a Tor v3 onion service and used to /// Identity - An ed25519 keypair, required for established a Tor v3 onion service and used to
/// maintain a consistent cryptographic identity for a peer. /// maintain a consistent cryptographic identity for a peer.
@ -14,6 +22,7 @@ pub struct Identity {
keypair: Keypair, keypair: Keypair,
} }
impl Identity { impl Identity {
/// Initialize a persistent identity /// Initialize a persistent identity
pub fn initialize(keypair: Keypair) -> Arc<Identity> { pub fn initialize(keypair: Keypair) -> Arc<Identity> {
@ -55,6 +64,12 @@ impl Identity {
let edwards = curve25519_dalek::edwards::CompressedEdwardsY::from_slice(edwards_pub_key.to_bytes().as_slice()); let edwards = curve25519_dalek::edwards::CompressedEdwardsY::from_slice(edwards_pub_key.to_bytes().as_slice());
X25519PublicKey::from(edwards.decompress().unwrap().to_montgomery().to_bytes()) X25519PublicKey::from(edwards.decompress().unwrap().to_montgomery().to_bytes())
} }
/// helper function to authenticated safely to a Tor control port to host an onion service for this identity
#[cfg(any(feature = "onionv3"))]
pub fn host_onion_service(&self, authenticated_control_port: &mut TorProcess<TorAuthenticated>, virtual_port: u16, target_port: u16) -> Result<String, ACNError> {
authenticated_control_port.add_onion_v3(SecretKey::from_bytes(&self.keypair.secret.to_bytes()).unwrap(), virtual_port, target_port)
}
} }
#[cfg(test)] #[cfg(test)]