lokinet/llarp/service/intro_set.hpp

#ifndef LLARP_SERVICE_INTRO_SET_HPP
#define LLARP_SERVICE_INTRO_SET_HPP

#include <crypto/types.hpp>
#include <pow.hpp>
#include <service/info.hpp>
#include <service/intro.hpp>
#include <service/tag.hpp>
#include <util/bencode.hpp>
#include <util/time.hpp>
#include <util/status.hpp>
#include <dns/srv_data.hpp>

#include <optional>
#include <algorithm>
#include <functional>
#include <iostream>
#include <vector>

namespace llarp
{
  namespace service
  {
    constexpr std::size_t MAX_INTROSET_SIZE = 4096;
    // 10 seconds clock skew permitted for introset expiration
    constexpr llarp_time_t MAX_INTROSET_TIME_DELTA = 10s;

    struct IntroSet
    {
      ServiceInfo A;
      std::vector<Introduction> I;
      PQPubKey K;
      Tag topic;
      std::vector<llarp::dns::SRVTuple> SRVs;
      llarp_time_t T = 0s;
      std::optional<PoW> W;
      Signature Z;
      uint64_t version = LLARP_PROTO_VERSION;

      bool
      OtherIsNewer(const IntroSet& other) const
      {
        return T < other.T;
      }

      std::ostream&
      print(std::ostream& stream, int level, int spaces) const;

      llarp_time_t
      GetNewestIntroExpiration() const;

      bool
      GetNewestIntro(Introduction& intro) const;

      bool
      HasExpiredIntros(llarp_time_t now) const;

      bool
      IsExpired(llarp_time_t now) const;

      std::vector<llarp::dns::SRVData>
      GetMatchingSRVRecords(std::string_view service_proto) const;

      bool
      BEncode(llarp_buffer_t* buf) const;

      bool
      BDecode(llarp_buffer_t* buf)
      {
        return bencode_decode_dict(*this, buf);
      }

      bool
      DecodeKey(const llarp_buffer_t& key, llarp_buffer_t* buf);

      bool
      Verify(llarp_time_t now) const;

      util::StatusObject
      ExtractStatus() const;
    };

    inline bool
    operator<(const IntroSet& lhs, const IntroSet& rhs)
    {
      return lhs.A < rhs.A;
    }

    inline bool
    operator==(const IntroSet& lhs, const IntroSet& rhs)
    {
      return std::tie(lhs.A, lhs.I, lhs.K, lhs.T, lhs.version, lhs.topic, lhs.W, lhs.Z)
          == std::tie(rhs.A, rhs.I, rhs.K, rhs.T, rhs.version, rhs.topic, rhs.W, rhs.Z);
    }

    inline bool
    operator!=(const IntroSet& lhs, const IntroSet& rhs)
    {
      return !(lhs == rhs);
    }

    inline std::ostream&
    operator<<(std::ostream& out, const IntroSet& i)
    {
      return i.print(out, -1, -1);
    }

    /// public version of the introset that is encrypted
    struct EncryptedIntroSet
    {
      using Payload_t = std::vector<byte_t>;

      PubKey derivedSigningKey;
      llarp_time_t signedAt = 0s;
      Payload_t introsetPayload;
      TunnelNonce nounce;
      std::optional<Tag> topic;
      Signature sig;

      bool
      Sign(const PrivateKey& k);

      bool
      IsExpired(llarp_time_t now) const;

      bool
      BEncode(llarp_buffer_t* buf) const;

      bool
      BDecode(llarp_buffer_t* buf)
      {
        return bencode_decode_dict(*this, buf);
      }

      bool
      DecodeKey(const llarp_buffer_t& key, llarp_buffer_t* buf);

      bool
      OtherIsNewer(const EncryptedIntroSet& other) const;

      /// verify signature and timestamp
      bool
      Verify(llarp_time_t now) const;

      std::ostream&
      print(std::ostream& stream, int level, int spaces) const;

      util::StatusObject
      ExtractStatus() const;

      std::optional<IntroSet>
      MaybeDecrypt(const PubKey& rootKey) const;
    };

    inline std::ostream&
    operator<<(std::ostream& out, const EncryptedIntroSet& i)
    {
      return i.print(out, -1, -1);
    }

    inline bool
    operator<(const EncryptedIntroSet& lhs, const EncryptedIntroSet& rhs)
    {
      return lhs.derivedSigningKey < rhs.derivedSigningKey;
    }

    inline bool
    operator==(const EncryptedIntroSet& lhs, const EncryptedIntroSet& rhs)
    {
      return std::tie(lhs.signedAt, lhs.derivedSigningKey, lhs.nounce, lhs.sig)
          == std::tie(rhs.signedAt, rhs.derivedSigningKey, rhs.nounce, rhs.sig);
    }

    inline bool
    operator!=(const EncryptedIntroSet& lhs, const EncryptedIntroSet& rhs)
    {
      return !(lhs == rhs);
    }

    using EncryptedIntroSetLookupHandler =
        std::function<void(const std::vector<EncryptedIntroSet>&)>;
    using IntroSetLookupHandler = std::function<void(const std::vector<IntroSet>&)>;

  }  // namespace service
}  // namespace llarp

#endif
Tidy up more parts of the service/ directory 2019-04-22 18:35:19 +00:00			`#ifndef LLARP_SERVICE_INTRO_SET_HPP`
			`#define LLARP_SERVICE_INTRO_SET_HPP`
Move remaining include/llarp headers to llarp/ 2018-12-12 02:52:51 +00:00
Split crypto.hpp into 3 different files 2019-01-13 16:30:07 +00:00			`#include <crypto/types.hpp>`
Move remaining include/llarp headers to llarp/ 2018-12-12 02:52:51 +00:00			`#include <pow.hpp>`
Tidy up more parts of the service/ directory 2019-04-22 18:35:19 +00:00			`#include <service/info.hpp>`
			`#include <service/intro.hpp>`
Move service* to llarp/ 2018-12-12 02:15:08 +00:00			`#include <service/tag.hpp>`
Move lokinet unspecific components to a util/ library 2019-01-10 19:41:51 +00:00			`#include <util/bencode.hpp>`
			`#include <util/time.hpp>`
add introspection rpc endpoint 2019-02-08 19:43:25 +00:00			`#include <util/status.hpp>`
SRV Record handling for introsets (#1331) * update loki-mq submodule for tuple support * srv record reply implementation still need to encode srv records into intro sets / router contacts as well as decode from them and match against queried service.proto * inverted condition fix in config code * SRV record struct (de-)serialization for intro sets * parsing and using srv records from config (for/in introsets) * adopt str utils from core and use for srv parsing * changes to repeat requests no longer drop repeat requests on the floor, but do not make an actual request for them if one is in progress. do not call reply hook for each reply for a request, as each userland request is actually made into several lokinet requests and this would result in duplicate replies. * fetch SRVs from introsets for .loki * make format * dns and srv fixes, srv appears to be working 2020-08-31 20:07:17 +00:00			`#include <dns/srv_data.hpp>`
broken 2018-07-09 17:32:11 +00:00
C++17 Compiles with C++17, replaces ghc::filesystem with std::filesystem, nonstd::optional with std::optional, and llarp::string_view with std::string_view. 2020-05-01 19:51:15 +00:00			`#include <optional>`
if we didn't specify a path to save our config in, only create .lokinet on the assumption that $HOME or $APPDATA (on NT) already exist add win32 tun glue, fix llarp timebase (In fact, _both_ of these are guaranteed to exist on their respective platforms.) also, tuntap is now wired up to the windows port 2018-09-29 08:16:54 +00:00			`#include <algorithm>`
Split classes out of dht::Context 2019-01-22 01:14:02 +00:00			`#include <functional>`
Move service* to llarp/ 2018-12-12 02:15:08 +00:00			`#include <iostream>`
			`#include <vector>`
broken 2018-07-09 17:32:11 +00:00
			`namespace llarp`
			`{`
			`namespace service`
			`{`
use NTRU for introset end to end encryption 2018-08-13 23:22:31 +00:00			`constexpr std::size_t MAX_INTROSET_SIZE = 4096;`
permit 10 seconds clock skew for introsets 2018-09-21 15:24:00 +00:00			`// 10 seconds clock skew permitted for introset expiration`
llarp_time_t is now using std::chrono 2020-02-24 19:40:45 +00:00			`constexpr llarp_time_t MAX_INTROSET_TIME_DELTA = 10s;`
initial dht key blinding 2020-01-27 21:30:41 +00:00
Remove all use of IBEncodeMessage 2019-05-24 02:01:36 +00:00			`struct IntroSet`
broken 2018-07-09 17:32:11 +00:00			`{`
			`ServiceInfo A;`
The Great Wall of Blame This commit reflects changes to clang-format rules. Unfortunately, these rule changes create a massive change to the codebase, which causes an apparent rewrite of git history. Git blame's --ignore-rev flag can be used to ignore this commit when attempting to `git blame` some code. 2020-04-07 18:38:56 +00:00			`std::vector<Introduction> I;`
use NTRU for introset end to end encryption 2018-08-13 23:22:31 +00:00			`PQPubKey K;`
hidden service tags 2018-07-17 07:30:03 +00:00			`Tag topic;`
SRV Record handling for introsets (#1331) * update loki-mq submodule for tuple support * srv record reply implementation still need to encode srv records into intro sets / router contacts as well as decode from them and match against queried service.proto * inverted condition fix in config code * SRV record struct (de-)serialization for intro sets * parsing and using srv records from config (for/in introsets) * adopt str utils from core and use for srv parsing * changes to repeat requests no longer drop repeat requests on the floor, but do not make an actual request for them if one is in progress. do not call reply hook for each reply for a request, as each userland request is actually made into several lokinet requests and this would result in duplicate replies. * fetch SRVs from introsets for .loki * make format * dns and srv fixes, srv appears to be working 2020-08-31 20:07:17 +00:00			`std::vector<llarp::dns::SRVTuple> SRVs;`
llarp_time_t is now using std::chrono 2020-02-24 19:40:45 +00:00			`llarp_time_t T = 0s;`
C++17 Compiles with C++17, replaces ghc::filesystem with std::filesystem, nonstd::optional with std::optional, and llarp::string_view with std::string_view. 2020-05-01 19:51:15 +00:00			`std::optional<PoW> W;`
Make introset PoW be a unique_ptr 2019-04-22 17:55:04 +00:00			`Signature Z;`
Remove all use of IBEncodeMessage 2019-05-24 02:01:36 +00:00			`uint64_t version = LLARP_PROTO_VERSION;`
broken 2018-07-09 17:32:11 +00:00
fix up more stuff 2018-09-10 17:37:28 +00:00			`bool`
			`OtherIsNewer(const IntroSet& other) const`
			`{`
breaking change: add timestamp to introset i don't know why this wasn't here. i could've sworn it was. 2018-09-23 13:57:21 +00:00			`return T < other.T;`
fix up more stuff 2018-09-10 17:37:28 +00:00			`}`

Convert most of llarp to use Printer 2019-02-24 23:46:37 +00:00			`std::ostream&`
			`print(std::ostream& stream, int level, int spaces) const;`
broken 2018-07-09 17:32:11 +00:00
expire introsets correctly and allow multiple tun if 2018-09-10 16:36:36 +00:00			`llarp_time_t`
move function into source file out of header and add operator overloading for == and != on introset 2018-10-11 11:41:10 +00:00			`GetNewestIntroExpiration() const;`
hidden services sorta work 2018-08-10 21:34:11 +00:00
add urgent build that builds over an existing path for an endpoint 2019-05-07 12:31:34 +00:00			`bool`
			`GetNewestIntro(Introduction& intro) const;`

make it work 2018-07-17 06:17:13 +00:00			`bool`
dht fixups 2018-07-18 22:50:05 +00:00			`HasExpiredIntros(llarp_time_t now) const;`
make it work 2018-07-17 06:17:13 +00:00
introset expiration 2018-07-18 00:25:24 +00:00			`bool`
			`IsExpired(llarp_time_t now) const;`

SRV records fixes (#1332) * fix a log print log level * correctly match SRV record service and protocol... * tests for new dns question functions 2020-08-31 23:25:58 +00:00			`std::vector<llarp::dns::SRVData>`
			`GetMatchingSRVRecords(std::string_view service_proto) const;`

broken 2018-07-09 17:32:11 +00:00			`bool`
Remove all use of IBEncodeMessage 2019-05-24 02:01:36 +00:00			`BEncode(llarp_buffer_t* buf) const;`
broken 2018-07-09 17:32:11 +00:00
			`bool`
Remove all use of IBEncodeMessage 2019-05-24 02:01:36 +00:00			`BDecode(llarp_buffer_t* buf)`
			`{`
			`return bencode_decode_dict(*this, buf);`
			`}`

			`bool`
			`DecodeKey(const llarp_buffer_t& key, llarp_buffer_t* buf);`
broken 2018-07-09 17:32:11 +00:00
			`bool`
Port code to use CryptoManager over passing Crypto pointers 2019-05-28 19:45:08 +00:00			`Verify(llarp_time_t now) const;`
Make introset PoW be a unique_ptr 2019-04-22 17:55:04 +00:00
			`util::StatusObject`
			`ExtractStatus() const;`
broken 2018-07-09 17:32:11 +00:00			`};`
Split classes out of dht::Context 2019-01-22 01:14:02 +00:00
Fix introset tests 2019-04-23 09:25:03 +00:00			`inline bool`
			`operator<(const IntroSet& lhs, const IntroSet& rhs)`
			`{`
			`return lhs.A < rhs.A;`
			`}`

			`inline bool`
			`operator==(const IntroSet& lhs, const IntroSet& rhs)`
			`{`
The Great Wall of Blame This commit reflects changes to clang-format rules. Unfortunately, these rule changes create a massive change to the codebase, which causes an apparent rewrite of git history. Git blame's --ignore-rev flag can be used to ignore this commit when attempting to `git blame` some code. 2020-04-07 18:38:56 +00:00			`return std::tie(lhs.A, lhs.I, lhs.K, lhs.T, lhs.version, lhs.topic, lhs.W, lhs.Z)`
			`== std::tie(rhs.A, rhs.I, rhs.K, rhs.T, rhs.version, rhs.topic, rhs.W, rhs.Z);`
Fix introset tests 2019-04-23 09:25:03 +00:00			`}`

			`inline bool`
			`operator!=(const IntroSet& lhs, const IntroSet& rhs)`
			`{`
			`return !(lhs == rhs);`
			`}`

Convert most of llarp to use Printer 2019-02-24 23:46:37 +00:00			`inline std::ostream&`
			`operator<<(std::ostream& out, const IntroSet& i)`
			`{`
			`return i.print(out, -1, -1);`
			`}`

Fixed EncryptedIntroSet signing to use PrivateKey We can generate both root and derived signatures from a PrivateKey, but only root from a SecretKey, so just change it to use a PrivateKey. 2020-01-31 20:45:52 +00:00			`/// public version of the introset that is encrypted`
initial dht key blinding 2020-01-27 21:30:41 +00:00			`struct EncryptedIntroSet`
			`{`
The Great Wall of Blame This commit reflects changes to clang-format rules. Unfortunately, these rule changes create a massive change to the codebase, which causes an apparent rewrite of git history. Git blame's --ignore-rev flag can be used to ignore this commit when attempting to `git blame` some code. 2020-04-07 18:38:56 +00:00			`using Payload_t = std::vector<byte_t>;`
initial dht key blinding 2020-01-27 21:30:41 +00:00
			`PubKey derivedSigningKey;`
llarp_time_t is now using std::chrono 2020-02-24 19:40:45 +00:00			`llarp_time_t signedAt = 0s;`
initial dht key blinding 2020-01-27 21:30:41 +00:00			`Payload_t introsetPayload;`
			`TunnelNonce nounce;`
C++17 Compiles with C++17, replaces ghc::filesystem with std::filesystem, nonstd::optional with std::optional, and llarp::string_view with std::string_view. 2020-05-01 19:51:15 +00:00			`std::optional<Tag> topic;`
initial dht key blinding 2020-01-27 21:30:41 +00:00			`Signature sig;`

			`bool`
Fixed EncryptedIntroSet signing to use PrivateKey We can generate both root and derived signatures from a PrivateKey, but only root from a SecretKey, so just change it to use a PrivateKey. 2020-01-31 20:45:52 +00:00			`Sign(const PrivateKey& k);`
initial dht key blinding 2020-01-27 21:30:41 +00:00
			`bool`
			`IsExpired(llarp_time_t now) const;`

			`bool`
			`BEncode(llarp_buffer_t* buf) const;`

			`bool`
			`BDecode(llarp_buffer_t* buf)`
			`{`
			`return bencode_decode_dict(*this, buf);`
			`}`

			`bool`
			`DecodeKey(const llarp_buffer_t& key, llarp_buffer_t* buf);`

			`bool`
			`OtherIsNewer(const EncryptedIntroSet& other) const;`

			`/// verify signature and timestamp`
			`bool`
			`Verify(llarp_time_t now) const;`

			`std::ostream&`
			`print(std::ostream& stream, int level, int spaces) const;`

			`util::StatusObject`
			`ExtractStatus() const;`

C++17 Compiles with C++17, replaces ghc::filesystem with std::filesystem, nonstd::optional with std::optional, and llarp::string_view with std::string_view. 2020-05-01 19:51:15 +00:00			`std::optional<IntroSet>`
initial dht key blinding 2020-01-27 21:30:41 +00:00			`MaybeDecrypt(const PubKey& rootKey) const;`
			`};`

			`inline std::ostream&`
			`operator<<(std::ostream& out, const EncryptedIntroSet& i)`
			`{`
			`return i.print(out, -1, -1);`
			`}`

			`inline bool`
			`operator<(const EncryptedIntroSet& lhs, const EncryptedIntroSet& rhs)`
			`{`
			`return lhs.derivedSigningKey < rhs.derivedSigningKey;`
			`}`

			`inline bool`
			`operator==(const EncryptedIntroSet& lhs, const EncryptedIntroSet& rhs)`
			`{`
			`return std::tie(lhs.signedAt, lhs.derivedSigningKey, lhs.nounce, lhs.sig)`
			`== std::tie(rhs.signedAt, rhs.derivedSigningKey, rhs.nounce, rhs.sig);`
			`}`

			`inline bool`
			`operator!=(const EncryptedIntroSet& lhs, const EncryptedIntroSet& rhs)`
			`{`
			`return !(lhs == rhs);`
			`}`

			`using EncryptedIntroSetLookupHandler =`
The Great Wall of Blame This commit reflects changes to clang-format rules. Unfortunately, these rule changes create a massive change to the codebase, which causes an apparent rewrite of git history. Git blame's --ignore-rev flag can be used to ignore this commit when attempting to `git blame` some code. 2020-04-07 18:38:56 +00:00			`std::function<void(const std::vector<EncryptedIntroSet>&)>;`
			`using IntroSetLookupHandler = std::function<void(const std::vector<IntroSet>&)>;`
Split classes out of dht::Context 2019-01-22 01:14:02 +00:00
broken 2018-07-09 17:32:11 +00:00			`} // namespace service`
			`} // namespace llarp`

don't overwrite our RC, hide parameter. 2018-09-09 11:23:21 +00:00			`#endif`