Commit 50b0bc5b authored by George Kadianakis's avatar George Kadianakis Committed by Nick Mathewson
Browse files

prop224: Add module that performs the HS ntor handshake.

and also does the key expansion.
parent efa5bbab
Loading
Loading
Loading
Loading

src/or/hs_ntor.c

0 → 100644
+626 −0

File added.

Preview size limit exceeded, changes collapsed.

src/or/hs_ntor.h

0 → 100644
+77 −0
Original line number Diff line number Diff line
/* Copyright (c) 2017, The Tor Project, Inc. */
/* See LICENSE for licensing information */

#ifndef TOR_HS_NTOR_H
#define TOR_HS_NTOR_H

#include "or.h"

/* Key material needed to encode/decode INTRODUCE1 cells */
typedef struct {
  /* Key used for encryption of encrypted INTRODUCE1 blob */
  uint8_t enc_key[CIPHER256_KEY_LEN];
  /* MAC key used to protect encrypted INTRODUCE1 blob */
  uint8_t mac_key[DIGEST256_LEN];
} hs_ntor_intro_cell_keys_t;

/* Key material needed to encode/decode RENDEZVOUS1 cells */
typedef struct {
  /* This is the MAC of the HANDSHAKE_INFO field */
  uint8_t rend_cell_auth_mac[DIGEST256_LEN];
  /* This is the key seed used to derive further rendezvous crypto keys as
   * detailed in section 4.2.1 of rend-spec-ng.txt. */
  uint8_t ntor_key_seed[DIGEST256_LEN];
} hs_ntor_rend_cell_keys_t;

/* Key material resulting from key expansion as detailed in section "4.2.1. Key
 * expansion" of rend-spec-ng.txt. */
typedef struct {
  /* Per-circuit key material used in ESTABLISH_INTRO cell */
  uint8_t KH[DIGEST256_LEN];
  /* Authentication key for outgoing RELAY cells */
  uint8_t Df[DIGEST256_LEN];
  /* Authentication key for incoming RELAY cells */
  uint8_t Db[DIGEST256_LEN];
  /* Encryption key for outgoing RELAY cells */
  uint8_t Kf[CIPHER256_KEY_LEN];
  /* Decryption key for incoming RELAY cells */
  uint8_t Kb[CIPHER256_KEY_LEN];
} hs_ntor_rend_circuit_keys_t;

int hs_ntor_client_get_introduce1_keys(
                      const ed25519_public_key_t *intro_auth_pubkey,
                      const curve25519_public_key_t *intro_enc_pubkey,
                      const curve25519_keypair_t *client_ephemeral_enc_keypair,
                      const uint8_t *subcredential,
                      hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out);

int hs_ntor_client_get_rendezvous1_keys(
                  const ed25519_public_key_t *intro_auth_pubkey,
                  const curve25519_keypair_t *client_ephemeral_enc_keypair,
                  const curve25519_public_key_t *intro_enc_pubkey,
                  const curve25519_public_key_t *service_ephemeral_rend_pubkey,
                  hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out);

int hs_ntor_service_get_introduce1_keys(
                  const ed25519_public_key_t *intro_auth_pubkey,
                  const curve25519_keypair_t *intro_enc_keypair,
                  const curve25519_public_key_t *client_ephemeral_enc_pubkey,
                  const uint8_t *subcredential,
                  hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out);

int hs_ntor_service_get_rendezvous1_keys(
                  const ed25519_public_key_t *intro_auth_pubkey,
                  const curve25519_keypair_t *intro_enc_keypair,
                  const curve25519_keypair_t *service_ephemeral_rend_keypair,
                  const curve25519_public_key_t *client_ephemeral_enc_pubkey,
                  hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys_out);

hs_ntor_rend_circuit_keys_t *hs_ntor_circuit_key_expansion(
                       const hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys);

int hs_ntor_client_rendezvous2_mac_is_good(
                        const hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys,
                        const uint8_t *rcvd_mac);

#endif
+2 −0
Original line number Diff line number Diff line
@@ -48,6 +48,7 @@ LIBTOR_A_SOURCES = \
	src/or/geoip.c					\
	src/or/hs_intropoint.c          \
	src/or/hs_circuitmap.c          \
	src/or/hs_ntor.c                \
	src/or/hs_service.c             \
	src/or/entrynodes.c				\
	src/or/ext_orport.c				\
@@ -171,6 +172,7 @@ ORHEADERS = \
	src/or/hs_descriptor.h				\
	src/or/hs_intropoint.h          \
	src/or/hs_circuitmap.h          \
	src/or/hs_ntor.h                \
	src/or/hs_service.h             \
	src/or/keypin.h					\
	src/or/main.h					\