689c4fc66cdb3691a2cd2e4bd96abc394251b7c3
7 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
a0484ce082 |
Feature/ack messing (#313)
* Added Display for FragmentIdentifier * AckDelayQueue as wrapper for DelayQueue * First pass on ack controller * Controller very initially incorporated into the client * Cleanup * Using socks5 build.rs * Extra (temporary) log statements * Decreased logging levels |
||
|
|
b27c5906d7 | Removes unused Cargo dependencies so we stay slim and trim. (#305) | ||
|
|
1546088904 |
Feature/socks5 (#302)
* Adding the beginnings of a socks5 crate * Removing unused import * Adding built.rs * Figured out test failure, stuck a note in detailing under what conditions it fails. * Added lib * wip on the way to compile * First compile with much of the client in place * Comment reflow to 80 lines * Changed Socks5 client help message * Latest changes to from develop applied to socks5 client * Minor cleanup on unused code * Adding snafu dependency * Adding socks library * Getting socks into the module structure * Tokio conversion for socks code nearly completed. * Starting traffic controllers again * Bitcoin SP starting to breathe with Socks5 proxy. Responses not yet being sent. * Adding in some hugely verbose print action so we can see things happening * WIP refactor of socks code. * Renamed structs to be more rubyish * Refactored the run command a bit. * handle_client doesn't need to be public * Starting to split the handle method up into smaller, refactorable chunks * Renamed a test * Finished initial refactor * Minor cleanup * Made a few notes for my future self * Being a bit more explicit in authtentication test * Ensuring that user/password authentication attempts fail if that auth mode is off * Documentation * Refactord types into a types module * Sending the request ID across and reading the response when it comes back. * Added the request_id to the response header * Adding exception handling to websocket send * Semi-working... * Removing non-functional examples. * Minor output clarification * Adding a Socks5 service provider * Websocket connection is now being made. * Added some simple and ungraceful websocket connection error handling * Renamed socks5_proxy back to proxy * ibid * Nicer websocket start method * Receiving messages via websocket * Socks requests work in the simple case, SSL requests don't (yet). * Minor cleanup, renaming variables and moving private functions around * Comments on try_read_request * Moved some code around * Removed commented code and printlns * Comments sp request * Commented response data read * Changing Request to Connection * ibid * Added a controller and split connection / request parsing * Built out error handling on requests a bit * Initial router action * Request deserialization tests back in action * Request constructors * Constructor for controller * Renamed message_router to controller * Starting to build out the responses * Returning proxied connection data * Moving towards new Socks5 request crate * Sending Socks5 multi-part requests through mixnet * Removed the detritus of exploratory coding. * Breaking the socks client read loop when empty bytes are read * Documenting the message format for serialized socks requests * Returning a response from the socks proxy * Removing unused import * Removing more detritus * Restarting loop if no response is received * The off-by-one change that fixed it all * Removing unused response.rs module * Removed unused import * Comment cleanup * More detritus * Cleaning... * Docs for socks5-requests * Using the simple-socks5-requests crate Response in the socks5 client * Removing unused error types * Split request/response into their own files and wrote more tests * Removing temporary README notes * Renamed all instances of request_id to connection_id * Docs on Connection struct * Caving in to connecting inside the constructor for the moment * Fixing up comments on socks5 service provider start * Simplified errors in the Socks5 requests crate * Flattened service provider module hierarchy a bit. * Removed println * Comment to explain return on timeout * Logging controller connect errors * Renamed websocket reads and writes to make them a bit more understandable * Renamed TodoError to ConnectionError * Logging errors instead of panicking on connection read/write failures * Fixed error handling in controller * Removing dead comments * Cargo fmt applied * Removing print statements * Removed more comments, prints, etc Co-authored-by: jstuczyn <jedrzej.stuczynski@gmail.com> |
||
|
|
d9d549fd0f |
Feature/reply surbs (#299)
* Changed identity keypair to use ed25519 * Encryption key is now x25519 based + compatibiltiy with sphinx * Pathing and import fixes * Moved all asymmetric keys to sub-module in crypto * Extracted aes to separate module * kdf module in crypto * Ability to perform diffie hellman on encryption keys * ecdsa on identity keys * Extremely rough and incomplete registration handshake * Authentication primitives * Creating new random authenticationIV * Wrapper type for the derived shared key * Removed AuthToken in favour of using SharedKey for authentication * Gateway identity keys * Registration handshake without error mapping * Gateway address in client config * Added extra key for gateway presence * Updated pemstore to work on borrows instead * Gateway client trying to perform the handshake * Gateway changes to allow for handshake and shared key * Debug trait on sharedkey * native client using updated gateway client * Slightly updated gateway API * Minor cleanup * Fixed pemstore to correctly save multiple keypairs * Gateway actually deriving shared key during handshake * Gateway sending correct mid-handshake message * Missing quotation mark in client config template * Fixed template for correct shared key serialization * Fixed gateway authentication * Fixed tests * Using correct gateway key when converting to sphinx node * "get_all_clients" takes them from gateways as opposed to providers now * cargo fmt * Renamed pemstore methods * Unused import * Encryption of forward requests between client and gateway * Updated sphinx dependency to use public revision * Sending 'error' on handshake processing error * Removed some dead code * Dead code I forgot to remove before * Extracted AckAes128Key into a struct * Slight pemstore revamp allowing for symmetric key store * ibid. * PemStorableKey for SharedKey * Introduced single location responsible for key management for client * WIP * Sphinx version update * Stop using NodeAddressBytes for two distinct and confusing purposes * Abstracting away SocketAddr from sphinx forwarding * Passing the bool for reply surbs * Attack plan for replies + encryption * Comment + removed variable binding * ReplySURB usage * Topology import in nymsphinx * Sphinx version update * Changed 'Recipient' to contain client's encryption key * Message preparation taking shape! * reply surb also containing the encryption key * Very initial message receiver * Sphinx version update * A possibly working way of receiving surbs * Fixed incorrect field name in client config template * camel casing all request arguments * Renamed and moved `MessageMode` to more appropriate file * Restored reconstruction tests * Removed dead code from chunking * Made rust examples compilable * reply SURB key storage * Replies as an InputMessage * Forgotten commented code * No retransmission processing for cover or replies * Received reply processing * Renamed client pathfinder to something more appropriate * Made HasherOutputSize public * Added key store path to config * Reply surb attaching key digest when used * Changes due to previous renaming * Removed comment * Fixed insert_encryption_key * Assigning initial value of key store path * Computing key digest with correct algorithm * Initial and presumably temporary request serialization * hacky way of introducing 'FragmentIdentifier' for replies * Moved responsibility of reply encryption, padding, etc, to message preparer * Optional recipient in try_get_valid_topology_ref * Handling new reply surbs with acks and padding * Updated go and python examples to include replies in text and binary cases * Updated rust examples + binaryserverresponse * Helpers in rust examples * And updated JS example * Moved shared key generation function to crypto crate * Cover traffic encryption! * hmac computation in crypto * Updated aes imports due to new dependencies * hkdf made more generic * crypto cleanup + algorithms in params * Clippy cleanup pass * Generating encryption+mac shared keys between client and gateway * MACs attached to forward requests to gateway * Gateway messages encrypted and mac'd * Lowered logging level * compiler warning cleanup * Some minor cleanup * Generic stream cipher * Generic shared key derivation + algorithm definitions * Project-wide AES clean-up * Comment fix * Removed commented imports * Updated comments * Fixed topology test fixture |
||
|
|
a53d0a4aac |
Feature/topology refactor (#274)
* VersionFilterable for HashMap * Removed NymTopology trait in favour of concrete type * Removed providers from NymTopology * Made gateway conversion use reference, similarly to mixes * Using more concrete types in topology rather than b58 strings * Allowing gateways to have DNS-resolvable mix listener address * Error propagation for gateway key conversion |
||
|
|
3c7a01e1e6 |
Feature/constant length packet payloads (#268)
* Reducing ACK packet size to exactly what we need * Made fragmentidentifier into an array * Padding all sent messages so they'd be split into constant length packets |
||
|
|
b57a548350 |
Feature/packet retransmission (#263)
* Ability to send sphinx packets of different sizes + more efficient decoding * Closing connection on connection corruption * Missing semicolons * Missing license notices * Default for packetsize * Split nymsphinx * Replaced Mutex with RwLock for TopologyAccessor + impl Deref * Sphinx update + import cleanup * Moved packet_sizes file * Updated NymTopology API * sphinx version bump * Missing license notice * nymsphinx-params crate * Changes due to ibid. * Chunking rework to allow variable size fragments * Initial ack crate * Version bump to new dev build * Cargo lock changes * random_route_to_gateway by node address * exposing getting read permit * Very initial draft on ack control * Correctly dereferencing out of topology read permit * All pending changes + compilation todo!s * Restricted scope of deref on TopologyAccessorInner * Type path alias for generate_key * Derived traits for MessageChunker * Ack control starting to take shape! * Awaiting callbacks * Most of work done on acks. Now to wire it all together * Import cleanup * rng generalization * Connected real traffic together; only acks from gateway left * Removed redundant things from nymsphinx::utils * nymsphinx-cover crate * Ack-related fields in client config * Decreased packet store log level * Restored forward sphinx request * Slight adjustements to surb acks * Changed TopologyReadPermit from type alias into a struct * Changes due to ibid. * Sphinx version upgrade * Gateway being able to understand and handle acks * Special Cover FragmentIdentifier + removal of dead code * Initial packet router for gateway client * Kill client if it fails to send to gateway too many times * Cover messages with acks * Moved out gateway client errors * Ignoring cover traffic acks * Changes in ack control * Another sphinx version upgrade * websocket handler delegating message chunking * Using config defined ack wait additions * Other minor changes I should have been more dilligent with splitting * Import path fix * sphinx_receiver => mixnet_receiver * Missing renamed variable instance * Updated aes-ctr to 0.4.0 * Removed concept of 'unfragmented' single fragment * Replay fragments detection * Long method split * typo * Cleaner client init * Fixed race condition * Fixed similar issue for retransmission * Cargo fmt * Minor clenaup |