diff options
author | Stuart Stock <stuart@int08h.com> | 2017-07-03 17:18:08 -0500 |
---|---|---|
committer | Stuart Stock <stuart@int08h.com> | 2017-07-03 17:18:35 -0500 |
commit | 3a2e9ecc0b3a91457f654e2dbf0b13097f18bfcf (patch) | |
tree | 6dd4ac5daa404cc7cb04c903e562ccd075fb736e | |
parent | 0e955f89eca384ad71721b2842412235e0aac472 (diff) | |
download | roughenough-3a2e9ecc0b3a91457f654e2dbf0b13097f18bfcf.zip |
add docstrings and cleanup whitespace
-rw-r--r-- | Cargo.toml | 1 | ||||
-rw-r--r-- | src/bin/server.rs | 18 | ||||
-rw-r--r-- | src/sign.rs | 7 | ||||
-rw-r--r-- | src/tag.rs | 6 |
4 files changed, 21 insertions, 11 deletions
@@ -10,3 +10,4 @@ byteorder = "1" ring = "0.11.0" untrusted = "0.5.0" time = "0.1" + diff --git a/src/bin/server.rs b/src/bin/server.rs index fdab120..50cd166 100644 --- a/src/bin/server.rs +++ b/src/bin/server.rs @@ -10,12 +10,11 @@ extern crate time; extern crate untrusted; use std::io; - use std::net::UdpSocket; use std::time::Duration; use roughenough::{RtMessage, Tag, Error}; -use roughenough::{CERTIFICATE_CONTEXT, SIGNED_RESPONSE_CONTEXT, TREE_LEAF_TWEAK}; +use roughenough::{CERTIFICATE_CONTEXT, MIN_REQUEST_LENGTH, SIGNED_RESPONSE_CONTEXT, TREE_LEAF_TWEAK}; use roughenough::hex::*; use roughenough::sign::Signer; @@ -24,6 +23,8 @@ use ring::rand::SecureRandom; use byteorder::{LittleEndian, WriteBytesExt}; +const SERVER_VERSION: &'static str = "0.1"; + fn get_long_term_key() -> Signer { // TODO: read from config let seed = [b'x'; 32]; @@ -43,8 +44,7 @@ fn make_dele_bytes(ephemeral_key: &Signer) -> Result<Vec<u8>, Error> { let max = [0xff; 8]; let mut dele_msg = RtMessage::new(3); - dele_msg - .add_field(Tag::PUBK, ephemeral_key.public_key_bytes())?; + dele_msg.add_field(Tag::PUBK, ephemeral_key.public_key_bytes())?; dele_msg.add_field(Tag::MINT, &zeros)?; dele_msg.add_field(Tag::MAXT, &max)?; @@ -131,7 +131,7 @@ fn make_response(ephemeral_key: &mut Signer, cert_bytes: &[u8], nonce: &[u8]) -> } fn nonce_from_request(buf: &[u8], num_bytes: usize) -> Result<&[u8], Error> { - if num_bytes < 1024 { + if num_bytes < MIN_REQUEST_LENGTH as usize { return Err(Error::RequestTooShort); } @@ -151,13 +151,13 @@ fn nonce_from_request(buf: &[u8], num_bytes: usize) -> Result<&[u8], Error> { } fn main() { + println!("Roughenough server v{} starting", SERVER_VERSION); + let mut lt_key = get_long_term_key(); let mut ephemeral_key = make_ephemeral_key(); - println!("Long-term public key: {}", - lt_key.public_key_bytes().to_hex()); - println!("Ephemeral public key: {}", - ephemeral_key.public_key_bytes().to_hex()); + println!("Long-term public key: {}", lt_key.public_key_bytes().to_hex()); + println!("Ephemeral public key: {}", ephemeral_key.public_key_bytes().to_hex()); let cert_msg = make_cert(&mut lt_key, &ephemeral_key); let cert_bytes = cert_msg.encode().unwrap(); diff --git a/src/sign.rs b/src/sign.rs index f865f2a..326ebbb 100644 --- a/src/sign.rs +++ b/src/sign.rs @@ -1,6 +1,9 @@ //! //! Ed25519 signing and verification //! +//! `Ring` does not provide a multi-step (init-update-finish) interface +//! for Ed25519 signatures. `Verifier` and `Signer` attempt to provide this +//! missing multi-step api. extern crate ring; extern crate untrusted; @@ -10,6 +13,8 @@ use self::ring::signature::Ed25519KeyPair; use self::untrusted::Input; +/// A multi-step (init-update-finish) interface for verifying an +/// Ed25519 signature #[derive(Debug)] pub struct Verifier<'a> { pubkey: Input<'a>, @@ -40,6 +45,8 @@ impl<'a> Verifier<'a> { } } +/// A multi-step (init-update-finish) interface for creating an +/// Ed25519 signature pub struct Signer { key_pair: Ed25519KeyPair, buf: Vec<u8>, @@ -1,10 +1,12 @@ /// An unsigned 32-bit value (key) that maps to a byte-string (value). -#[derive(Debug, Eq, PartialEq, Ord, PartialOrd)] +#[derive(Debug, PartialEq, PartialOrd)] pub enum Tag { // Enforcement of the "tags in strictly increasing order" rule is done using the // little-endian encoding of the ASCII tag value; e.g. 'SIG\x00' is 0x00474953 and - // 'NONC' is 0x434e4f4e. + // 'NONC' is 0x434e4f4e. + // + // Tags are written here in ascending order SIG, NONC, DELE, |