Module tor_proto::circuit::handshake::hs_ntor

Available on crate feature hs-common only.

Implements the HS ntor key exchange, as used in v3 onion services.

The Ntor protocol of this section is specified in section [NTOR-WITH-EXTRA-DATA] of rend-spec-v3.txt.

The main difference between this HS Ntor handshake and the regular Ntor handshake in ./ntor.rs is that this one allows each party to encrypt data (without forward secrecy) after it sends the first message. This opportunistic encryption property is used by clients in the onion service protocol to encrypt introduction data in the INTRODUCE1 cell, and by services to encrypt data in the RENDEZVOUS1 cell.

Status

This module is available only when the hs-common feature is enabled. The specific handshakes are enabled by hs-client and hs-service.

Structs

• HsNtorClientStatehs-client
  Client state for an ntor handshake.
• HsNtorHkdfKeyGenerator
  The key generator used by the HS ntor handshake. Implements the simple key expansion protocol specified in section “Key expansion” of rend-spec-v3.txt .
• HsNtorServiceInfohs-client
  Information about an onion service that is needed for a client to perform an hs_ntor handshake with it.

Functions

• server_receive_introhs-service
  Conduct the HS Ntor handshake as the service.