Fixing up API
This commit is contained in:
parent
e36d4e2c0a
commit
e105d30ac3
18
README.md
18
README.md
|
@ -1,17 +1,15 @@
|
|||
# Tapir-rs: Tiny Anonymous Peer (in Rust)
|
||||
|
||||
A prototype for the inevitable transition of Cwtch and other Open Privacy projects from Golang to Rust!
|
||||
Very WIP. Currently supports authentication over Tor v3 onion services aligned with https://cwtch.im
|
||||
|
||||
Very WIP:
|
||||
## Examples
|
||||
|
||||
## Primitives
|
||||
Run an ephemeral server:
|
||||
|
||||
* Identity - Done!
|
||||
* Transcript - Done!
|
||||
cargo run --example simple_server
|
||||
|
||||
## Applications
|
||||
* TranscriptApp
|
||||
* AuthenticationApp
|
||||
Update `examples/simple_client.rs` to connect to the address generated by `simple_server` and then run:
|
||||
|
||||
## Networks
|
||||
* Base Onion Service
|
||||
cargo run --example simple_client
|
||||
|
||||
Both the server and client should authenticate each other.
|
|
@ -1,9 +1,9 @@
|
|||
use tapir::acns::tor::authentication::HashedPassword;
|
||||
use ed25519_dalek::SecretKey;
|
||||
use tapir::primitives::identity::Identity;
|
||||
use tapir::connections::{OutboundConnection, Connection, InboundConnection, ConnectionInterface};
|
||||
use tapir::connections::{OutboundConnection, Connection, ConnectionInterface};
|
||||
use tapir::primitives::transcript::Transcript;
|
||||
use tapir::applications::authentication_app::{AuthenicationApp, AuthenticationCapability};
|
||||
use tapir::applications::authentication_app::{AuthenicationApp, AUTHENTICATION_CAPABILITY};
|
||||
use tapir::connections::service::Service;
|
||||
use rand::rngs::OsRng;
|
||||
use tapir::acns::tor::TorProcess;
|
||||
|
@ -26,19 +26,19 @@ fn main() {
|
|||
|
||||
let identity = identity.clone();
|
||||
let outbound_identity = identity.clone();
|
||||
let outbound_service = |mut conn: Connection<OutboundConnection>| {
|
||||
let outbound_service = |conn: Connection<OutboundConnection>| {
|
||||
let mut transcript = Transcript::new_transcript("tapir-transcript");
|
||||
let mut auth_app = AuthenicationApp::new(outbound_identity);
|
||||
match auth_app.run_outbound(conn, &mut transcript) {
|
||||
Ok(conn) => {
|
||||
println!("Authenticated {} {}", conn.hostname(), conn.has_capability(&AuthenticationCapability));
|
||||
println!("Authenticated {} {}", conn.hostname(), conn.has_capability(&AUTHENTICATION_CAPABILITY));
|
||||
}
|
||||
Err(err) => {
|
||||
println!("Error: {:?}", err);
|
||||
}
|
||||
}
|
||||
};
|
||||
match service.connect("lzry2bfjkdzlx64aksxw5jpz6qdnvjoekpkzjqclpd4wz25dbv2pasid", outbound_service.clone()) {
|
||||
match service.connect("5x6q5vwn5lgwy5u5c7pr3nl2ktfovomkmemlatnnycgm4dpt4kxvokyd", outbound_service.clone()) {
|
||||
_ => {}
|
||||
}
|
||||
loop {}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
use tapir::acns::tor::authentication::HashedPassword;
|
||||
use ed25519_dalek::SecretKey;
|
||||
use tapir::primitives::identity::Identity;
|
||||
use tapir::connections::{OutboundConnection, Connection, InboundConnection, ConnectionInterface};
|
||||
use tapir::connections::{Connection, InboundConnection, ConnectionInterface};
|
||||
use tapir::primitives::transcript::Transcript;
|
||||
use tapir::applications::authentication_app::AuthenicationApp;
|
||||
use tapir::connections::service::Service;
|
||||
|
@ -25,7 +25,7 @@ fn main() {
|
|||
let service = Service::init(identity.clone());
|
||||
|
||||
let identity = identity.clone();
|
||||
let inbound_service = |mut conn: Connection<InboundConnection>| {
|
||||
let inbound_service = |conn: Connection<InboundConnection>| {
|
||||
let mut transcript = Transcript::new_transcript("tapir-transcript");
|
||||
let mut auth_app = AuthenicationApp::new(identity);
|
||||
match auth_app.run_inbound(conn, &mut transcript) {
|
||||
|
@ -38,7 +38,7 @@ fn main() {
|
|||
}
|
||||
};
|
||||
|
||||
let mut service = service.listen(10029, inbound_service.clone()).unwrap_or_else(|_| panic!());
|
||||
let mut _service = service.listen(10029, inbound_service.clone()).unwrap_or_else(|_| panic!());
|
||||
|
||||
loop {}
|
||||
}
|
||||
|
|
|
@ -78,11 +78,17 @@ impl<Direction> AuthenticationSession<Direction> where Direction:Clone {
|
|||
ephemeral_public_key: base64::encode(self.ephemeral_identity.public_key().to_bytes()),
|
||||
};
|
||||
self.local_auth_message_json = serde_json::to_string(&auth_message).unwrap();
|
||||
self.conn.send(&self.local_auth_message_json);
|
||||
self.remote_auth_message_json = String::from_utf8(self.conn.expect().unwrap()).unwrap();
|
||||
let remote_auth_message: AuthMessage = serde_json::from_str(self.remote_auth_message_json.as_str()).unwrap();
|
||||
self.remote_long_term_identity = PublicKey::from_bytes(base64::decode(&remote_auth_message.longterm_public_key).unwrap().as_slice()).unwrap();
|
||||
self.remote_ephemeral_identity = PublicKey::from_bytes(base64::decode(&remote_auth_message.ephemeral_public_key).unwrap().as_slice()).unwrap();
|
||||
match self.conn.send(&self.local_auth_message_json) {
|
||||
Ok(()) => {
|
||||
self.remote_auth_message_json = String::from_utf8(self.conn.expect().unwrap()).unwrap();
|
||||
let remote_auth_message: AuthMessage = serde_json::from_str(self.remote_auth_message_json.as_str()).unwrap();
|
||||
self.remote_long_term_identity = PublicKey::from_bytes(base64::decode(&remote_auth_message.longterm_public_key).unwrap().as_slice()).unwrap();
|
||||
self.remote_ephemeral_identity = PublicKey::from_bytes(base64::decode(&remote_auth_message.ephemeral_public_key).unwrap().as_slice()).unwrap();
|
||||
}
|
||||
_ => {
|
||||
// we fall out of the exchange..if the network fails then the protocol will also fail, as nothing will be instantiated...
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
/// generate the message for the local challenge based a new transcript hash.
|
||||
|
@ -106,7 +112,7 @@ impl<Direction> AuthenticationSession<Direction> where Direction:Clone {
|
|||
cmp_challenge.extend_from_slice(public_key_to_hostname(&self.remote_long_term_identity).as_bytes());
|
||||
if remote_challenge.ct_eq(cmp_challenge.as_slice()).unwrap_u8() == 1 {
|
||||
self.conn.set_hostname(&public_key_to_hostname(&self.remote_long_term_identity));
|
||||
self.conn.set_capability(&AuthenticationCapability);
|
||||
self.conn.set_capability(&AUTHENTICATION_CAPABILITY);
|
||||
return Ok(self.conn.try_clone());
|
||||
}
|
||||
self.conn.shutdown();
|
||||
|
|
Loading…
Reference in New Issue