blob: f62e4c2e58a0c65319f74fa95b4d708412040d74 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
//!
//! Roughtime server
//!
extern crate core;
extern crate ring;
extern crate untrusted;
extern crate roughenough;
use core::ptr;
use untrusted::Input;
use roughenough::{RtMessage, Tag, Error};
use roughenough::hex::*;
use ring::{digest, rand};
use ring::rand::SecureRandom;
use ring::signature::Ed25519KeyPair;
/// Zero all bytes in dst
#[inline]
pub fn zero(dst: &mut [u8]) {
unsafe {
ptr::write_bytes(dst.as_mut_ptr(), 0u8, dst.len());
}
}
fn main() {
// Read long-term key
let long_term_key = {
let mut seed = [b'x'; 32];
let lt_key = Ed25519KeyPair::from_seed_unchecked(Input::from(&seed)).unwrap();
println!("Long-term public key: {}", lt_key.public_key_bytes().to_hex());
lt_key
};
// Create DELE
let ephemeral_key = {
let rng = rand::SystemRandom::new();
let mut seed = [0u8; 32];
rng.fill(&mut seed).unwrap();
let eph_key = Ed25519KeyPair::from_seed_unchecked(Input::from(&seed)).unwrap();
println!("Ephemeral public key: {}", eph_key.public_key_bytes().to_hex());
eph_key
};
let zeros = [0u8; 8];
let max = [0xff; 8];
let mut dele_msg = RtMessage::new(3);
dele_msg.add_field(Tag::PUBK, &ephemeral_key.public_key_bytes()).unwrap();
dele_msg.add_field(Tag::MINT, &zeros).unwrap();
dele_msg.add_field(Tag::MAXT, &max).unwrap();
let dele_bytes = dele_msg.encode().unwrap();
println!("{}", dele_bytes.to_hex());
// Sign it with long-term key
// Create CERT
// Wipe long-term key
// loop:
// read request
// validate request or goto loop
// create SREP
// sign SREP
// create response:
// - SIG
// - PATH (always 0)
// - SREP
// - CERT (pre-created)
// - INDX (always 0)
// send response
}
|