- Get rid of CryptoManager.
- Get rid of Crypto.
- Move all the Crypto instance methods to llarp::crypto functions.
(None of them needed to be methods at all, so this is simple).
- Move sodium/ntru initialization into static initialization.
- Add llarp::csrng, which is an available llarp::CSRNG instance which is
a bit easier than needing to construct a `CSRNG rng{};` in various
places.
- Various related small simplifications/cleanups.
* Add ignored [dns]no-resolvconf option for deb backwards compat
The debs hack a `#no-resolvconf=1` into the config file in 0.7 to allow
a user to disable resolvconf setup during startup by uncommenting it.
That doesn't work anymore since 0.8 errors on invalid config options, so
add it as an ignored option so that 0.7 deb config files can still be
compatible.
* Fix `[dns]upstream` comment not being produced in generated conf file
* fix test
Co-authored-by: Jeff <jeff@i2p.rocks>
* initial relay side lns
* fix typo
* add reserved names and refactor test for dns
* lns name decryption
* all wired up (allegedly)
* refact to use service::EncryptedName for LNS responses to include nonce with ciphertext
* fully rwemove tag_lookup_job
* replace lns cache with DecayingHashTable
* check for lns name validity against the following rules:
* not localhost.loki, loki.loki, or snode.loki
* if it contains no dash then max 32 characters long, not including the .loki tld (and also assuming a leading subdomain has been stripped)
* These are from general DNS requirements, and also enforced in
registrations:
* Must be all [A-Za-z0-9-]. (A-Z will be lower-cased by the RPC call).
* cannot start or end with a -
* max 63 characters long if it does contain a dash
* cannot contain -- in the third and fourth characters unless it starts with xn--
* handle timeout in name lookup job by calling the right handler with std::nullopt
This makes PrivateKey store both the key followed by the hash. For
PrivateKeys based on SecretKeys this just means the second half of the
SHA-512 of the seed, and makes a PrivateKey constructed from a SecretKey
give an identical signature to signing directly with sodium.
For derived keys we use a ShortHash of the root key's signing hash
concatenated with the publicly known hash value, so that our derived key
signing hash will be different from the root signing hash and also
different for different derivation parameters.
This also changed one of the asserts in crypto_noop, but upon closer
inspection the copying of the secret key into the signature seems really
wrong, so just changed them to fill with 0s.
The reason things weren't working here is because libsodium does
something completely unintuitive and called the seed the "secret key"
when it isn't, it's the seed.
This adds a new PrivateKey class (alongside the existing SecretKey and
PubKey) that holds just a private key value but no seed -- which we need
to do because there is no way we can get a seed after calculating a
derived keypair.
With these changes, we now generate exactly the same keys and subkeys as
Tor (and a new test case uses values generated in Tor to verify this).
This is incomplete -- the subkey signing code is still not implemented;
it has to be adapted to create a signature from a PrivateKey rather than
a SecretKey which will probably requiring working around/reimplementing
some of what libsodium does for creating a signature since it expects
"secret keys" i.e. the seed.