pub struct Responder { /* private fields */ }
Implementations§
source§impl Responder
impl Responder
pub fn new(a: Keypair, cert_validity: u32) -> Box<Self>
sourcepub fn step_1(
&mut self,
elligatorswift_theirs_ephemeral_serialized: [u8; 64]
) -> Result<([u8; 234], NoiseCodec), Error>
pub fn step_1( &mut self, elligatorswift_theirs_ephemeral_serialized: [u8; 64] ) -> Result<([u8; 234], NoiseCodec), Error>
§4.5.1.2 Responder
- receives ephemeral public key message with ElligatorSwift encoding (64 bytes plaintext)
- parses these 64 byte as PubKey and interprets is as
re.public_key
- calls
MixHash(re.public_key)
- calls
DecryptAndHash()
on remaining bytes (i.e. on empty data with empty k, thus effectively only callsMixHash()
on empty data)
§4.5.2.1 Responder
- initializes empty output buffer
- generates ephemeral keypair
e
, appends the 64 bytes ElligatorSwift encoding ofe.public_key
to the buffer - calls
MixHash(e.public_key)
- calls
MixKey(ECDH(e.private_key, re.public_key))
- appends
EncryptAndHash(s.public_key)
(80 bytes: 64 bytes encrypted elliswift public key, 16 bytes MAC) - calls
MixKey(ECDH(s.private_key, re.public_key))
- appends
EncryptAndHash(SIGNATURE_NOISE_MESSAGE)
(74 + 16 bytes) to the buffer - submits the buffer for sending to the initiator
- return pair of CipherState objects, the first for encrypting transport messages from initiator to responder, and the second for messages in the other direction:
- sets
temp_k1, temp_k2 = HKDF(ck, zerolen, 2)
- creates two new CipherState objects
c1
andc2
- calls
c1.InitializeKey(temp_k1)
andc2.InitializeKey(temp_k2)
- returns the pair
(c1, c2)
- sets
§Message format of NX-handshake part 2
Field name | Description |
---|---|
PUBKEY | Responder’s plaintext ephemeral public key |
PUBKEY | Responder’s encrypted static public key |
MAC | Message authentication code for responder’s static public key |
SIGNATURE_NOISE_MESSAGE | Signed message containing Responder’s static key. Signature is issued by authority that is generally known to operate the server acting as the noise responder |
MAC | Message authentication code for SIGNATURE_NOISE_MESSAGE |
Message length: 234 bytes
Trait Implementations§
Auto Trait Implementations§
impl RefUnwindSafe for Responder
impl Send for Responder
impl Sync for Responder
impl Unpin for Responder
impl UnwindSafe for Responder
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more