From c0cf621ee09624642545c480bb25150be0a0ae19 Mon Sep 17 00:00:00 2001 From: Sarah Jamie Lewis Date: Wed, 13 Jan 2021 21:18:44 -0800 Subject: [PATCH] Validation and Refactoring --- Cargo.toml | 2 +- src/acns/mod.rs | 1 - src/acns/tor/mod.rs | 1 + src/{connections/utils.rs => acns/tor/validation.rs} | 11 ++++++++++- src/applications/authentication_app.rs | 2 +- src/connections/mod.rs | 1 - src/primitives/identity.rs | 2 +- 7 files changed, 14 insertions(+), 6 deletions(-) rename src/{connections/utils.rs => acns/tor/validation.rs} (52%) diff --git a/Cargo.toml b/Cargo.toml index 4e43289..b951e32 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tapir-cwtch" -version = "0.1.9" +version = "0.1.10" authors = ["Sarah Jamie Lewis "] edition = "2018" license = "MIT" diff --git a/src/acns/mod.rs b/src/acns/mod.rs index 60b2a81..68bd58c 100644 --- a/src/acns/mod.rs +++ b/src/acns/mod.rs @@ -1,4 +1,3 @@ -#[cfg(any(feature = "onionv3"))] pub mod tor; #[derive(Debug)] diff --git a/src/acns/tor/mod.rs b/src/acns/tor/mod.rs index ab5fb6c..9d49910 100644 --- a/src/acns/tor/mod.rs +++ b/src/acns/tor/mod.rs @@ -9,6 +9,7 @@ use std::net::TcpStream; pub mod authentication; pub mod run; pub mod torrc; +pub mod validation; #[derive(Debug)] pub struct TorDisconnected(()); diff --git a/src/connections/utils.rs b/src/acns/tor/validation.rs similarity index 52% rename from src/connections/utils.rs rename to src/acns/tor/validation.rs index ed8b9a5..30280d6 100644 --- a/src/connections/utils.rs +++ b/src/acns/tor/validation.rs @@ -1,6 +1,15 @@ -use ed25519_dalek::PublicKey; +/// check if the given hostname is a valid onion v3 address +pub fn validate_hostname(hostname: &str) -> bool { + match base32::decode(base32::Alphabet::RFC4648 { padding: false }, hostname) { + Some(hostname_bytes) => hostname == public_key_to_hostname(&PublicKey::from_bytes(hostname_bytes.split_at(PUBLIC_KEY_LENGTH).0).unwrap_or_default()), + _ => false, + } +} + +use ed25519_dalek::{PublicKey, PUBLIC_KEY_LENGTH}; use sha3::Digest; +/// convert the given public key to a tor onion v3 hostname pub fn public_key_to_hostname(public_key: &PublicKey) -> String { let mut buf = [0u8; 35]; public_key.to_bytes().iter().copied().enumerate().for_each(|(i, b)| { diff --git a/src/applications/authentication_app.rs b/src/applications/authentication_app.rs index 0b30009..106aeed 100644 --- a/src/applications/authentication_app.rs +++ b/src/applications/authentication_app.rs @@ -1,5 +1,5 @@ +use crate::acns::tor::validation::public_key_to_hostname; use crate::applications::authentication_app::AuthenticationAppError::NotAuthenticatedError; -use crate::connections::utils::public_key_to_hostname; use crate::connections::{Capability, Connection, ConnectionInterface, InboundConnection, OutboundConnection}; use crate::primitives::identity::Identity; use crate::primitives::transcript::Transcript; diff --git a/src/connections/mod.rs b/src/connections/mod.rs index e7753d8..3168c9f 100644 --- a/src/connections/mod.rs +++ b/src/connections/mod.rs @@ -9,7 +9,6 @@ use std::net::{Shutdown, TcpStream}; /// Connections provides an interface for manage sets of connections on top of a particular /// ACN. pub mod service; -pub mod utils; #[derive(Debug)] pub enum ServiceError { diff --git a/src/primitives/identity.rs b/src/primitives/identity.rs index fd49a04..63d1fe0 100644 --- a/src/primitives/identity.rs +++ b/src/primitives/identity.rs @@ -1,4 +1,3 @@ -use crate::connections::utils::public_key_to_hostname; use ed25519_dalek::{ExpandedSecretKey, Keypair, PublicKey, Signer}; use rand::rngs::OsRng; use serde::{Deserialize, Serialize}; @@ -7,6 +6,7 @@ use std::sync::Arc; use x25519_dalek::PublicKey as X25519PublicKey; use x25519_dalek::{SharedSecret, StaticSecret}; +use crate::acns::tor::validation::public_key_to_hostname; #[cfg(any(feature = "onionv3"))] use crate::acns::tor::{TorAuthenticated, TorProcess}; #[cfg(any(feature = "onionv3"))]