Archives/lokinet
2
0
Fork 0
mirror of https://github.com/oxen-io/lokinet.git synced 2024-11-03 23:15:52 +00:00
Code Issues Projects Releases Wiki Activity
676ca7f511
lokinet/llarp/crypto/crypto_libsodium.hpp
Jeff 21930cf667
LNS (#1342) 
* initial relay side lns

* fix typo

* add reserved names and refactor test for dns

* lns name decryption

* all wired up (allegedly)

* refact to use service::EncryptedName for LNS responses to include nonce with ciphertext

* fully rwemove tag_lookup_job

* replace lns cache with DecayingHashTable

* check for lns name validity against the following rules:

* not localhost.loki, loki.loki, or snode.loki

* if it contains no dash then max 32 characters long, not including the .loki tld (and also assuming a leading subdomain has been stripped)

* These are from general DNS requirements, and also enforced in
registrations:

* Must be all [A-Za-z0-9-]. (A-Z will be lower-cased by the RPC call).

* cannot start or end with a -

* max 63 characters long if it does contain a dash

* cannot contain -- in the third and fourth characters unless it starts with xn--

* handle timeout in name lookup job by calling the right handler with std::nullopt
2020-09-17 15:18:08 -04:00

114 lines
3.5 KiB
C++
Raw Blame History

#ifndef LLARP_CRYPTO_LIBSODIUM_HPP
#define LLARP_CRYPTO_LIBSODIUM_HPP
#include <crypto/crypto.hpp>
namespace llarp
{
namespace sodium
{
struct CryptoLibSodium final : public Crypto
{
CryptoLibSodium();
~CryptoLibSodium() override = default;
/// decrypt cipherText given the key generated from name
std::optional<AlignedBuffer<32>>
maybe_decrypt_name(
std::string_view ciphertext, SymmNonce nounce, std::string_view name) override;
/// xchacha symmetric cipher
bool
xchacha20(const llarp_buffer_t&, const SharedSecret&, const TunnelNonce&) override;
/// xchacha symmetric cipher (multibuffer)
bool
xchacha20_alt(
const llarp_buffer_t&,
const llarp_buffer_t&,
const SharedSecret&,
const byte_t*) override;
/// path dh creator's side
bool
dh_client(SharedSecret&, const PubKey&, const SecretKey&, const TunnelNonce&) override;
/// path dh relay side
bool
dh_server(SharedSecret&, const PubKey&, const SecretKey&, const TunnelNonce&) override;
/// transport dh client side
bool
transport_dh_client(
SharedSecret&, const PubKey&, const SecretKey&, const TunnelNonce&) override;
/// transport dh server side
bool
transport_dh_server(
SharedSecret&, const PubKey&, const SecretKey&, const TunnelNonce&) override;
/// blake2b 256 bit
bool
shorthash(ShortHash&, const llarp_buffer_t&) override;
/// blake2s 256 bit hmac
bool
hmac(byte_t*, const llarp_buffer_t&, const SharedSecret&) override;
/// ed25519 sign
bool
sign(Signature&, const SecretKey&, const llarp_buffer_t&) override;
/// ed25519 sign (custom with derived keys)
bool
sign(Signature&, const PrivateKey&, const llarp_buffer_t&) override;
/// ed25519 verify
bool
verify(const PubKey&, const llarp_buffer_t&, const Signature&) override;
/// derive sub keys for public keys. hash is really only intended for
/// testing and overrides key_n if given.
bool
derive_subkey(
PubKey& derived,
const PubKey& root,
uint64_t key_n,
const AlignedBuffer<32>* hash = nullptr) override;
/// derive sub keys for private keys. hash is really only intended for
/// testing and overrides key_n if given.
bool
derive_subkey_private(
PrivateKey& derived,
const SecretKey& root,
uint64_t key_n,
const AlignedBuffer<32>* hash = nullptr) override;
/// seed to secretkey
bool
seed_to_secretkey(llarp::SecretKey&, const llarp::IdentitySecret&) override;
/// randomize buffer
void
randomize(const llarp_buffer_t&) override;
/// randomizer memory
void
randbytes(byte_t*, size_t) override;
/// generate signing keypair
void
identity_keygen(SecretKey&) override;
/// generate encryption keypair
void
encryption_keygen(SecretKey&) override;
/// generate post quantum encrytion key
void
pqe_keygen(PQKeyPair&) override;
/// post quantum decrypt (buffer, sharedkey_dst, sec)
bool
pqe_decrypt(const PQCipherBlock&, SharedSecret&, const byte_t*) override;
/// post quantum encrypt (buffer, sharedkey_dst, pub)
bool
pqe_encrypt(PQCipherBlock&, SharedSecret&, const PQPubKey&) override;
bool
check_identity_privkey(const SecretKey&) override;
};
} // namespace sodium
} // namespace llarp
#endif
Reference in New Issue View Git Blame Copy Permalink