Ability to send onion messages when given a path.

author: joe <joe@jerkface.net> 2017-10-01 05:26:36 -0400
committer: joe <joe@jerkface.net> 2017-10-01 05:26:36 -0400
commit: d408e6c3148106c6dbc8afe24a1488619adf34e1 (patch)
tree: ca2d7a66b07dba82b6bf236fb234cac75bf87da6 /src/Network/Tox/Onion/Transport.hs
parent: f6f70dcfa25ddf10e3cf16745bdd082cc26b2fd6 (diff)
1 files changed, 105 insertions, 46 deletions
diff --git a/src/Network/Tox/Onion/Transport.hs b/src/Network/Tox/Onion/Transport.hs
index 0e6e4954..a3c1950f 100644
--- a/src/Network/Tox/Onion/Transport.hs
+++ b/src/Network/Tox/Onion/Transport.hs
@@ -33,6 +33,8 @@ module Network.Tox.Onion.Transport
    , encrypt
    , decrypt
    , peelSymmetric
+    , OnionRoute(..)
+    , N3
    ) where
 import Network.Address (fromSockAddr,toSockAddr,setPort,either4or6,sockAddrPort)
@@ -86,13 +88,14 @@ deriving instance ( Show (f (AnnounceRequest, Nonce8))
                  , Show (f DataToRoute)
                  ) => Show (OnionMessage f)
-data OnionDestination = OnionToOwner NodeInfo (ReturnPath N3) -- ^ Somebody else's path to us.
+data OnionDestination r
-                      | OnionDestination NodeInfo             -- ^ Our own onion-path.
+    = OnionToOwner     NodeInfo (ReturnPath N3) -- ^ Somebody else's path to us.
+    | OnionDestination NodeInfo (Maybe r)       -- ^ Our own onion-path.
    deriving Show
-onionKey :: OnionDestination -> Maybe PublicKey
+onionKey :: OnionDestination r -> Maybe PublicKey
-onionKey (OnionToOwner ni _) = Just $ id2key (nodeId ni)
+onionKey (OnionToOwner     ni _) = Just $ id2key (nodeId ni)
-onionKey _                   = Nothing
+onionKey (OnionDestination ni _) = Just $ id2key (nodeId ni)
 instance Sized (OnionMessage Encrypted) where
    size = VarSize $ \case
@@ -111,15 +114,14 @@ instance Serialize (OnionMessage Encrypted) where
        case typ :: Word8 of
            0x83 -> OnionAnnounce <$> getAliasedAssym
            0x85 -> OnionToRoute <$> getPublicKey <*> getAliasedAssym
-            0x84 -> getOnionReply typ
+            t    -> fail ("Unknown onion payload: " ++ show t)
-            0x86 -> getOnionReply typ
+                    `fromMaybe` getOnionReply t
-            t    -> fail $ "Unknown onion payload: " ++ show t
    put (OnionAnnounce a)                = putWord8 0x83 >> putAliasedAssym a
    put (OnionToRoute k a)               = putWord8 0x85 >> putPublicKey k >> putAliasedAssym a
    put (OnionAnnounceResponse n8 n24 x) = putWord8 0x84 >> put n8 >> put n24 >> put x
    put (OnionToRouteResponse a)         = putWord8 0x86 >> putAliasedAssym a
-onionToOwner :: Assym a -> ReturnPath N3 -> SockAddr -> Either String OnionDestination
+onionToOwner :: Assym a -> ReturnPath N3 -> SockAddr -> Either String (OnionDestination r)
 onionToOwner assym ret3 saddr = do
    ni <- nodeInfo (key2id $ senderKey assym) saddr
    return $ OnionToOwner ni ret3
@@ -130,36 +132,37 @@ onion :: Sized msg =>
               ByteString
               -> SockAddr
               -> Get (Assym (Encrypted msg) -> t)
-               -> Either String (t, OnionDestination)
+               -> Either String (t, OnionDestination r)
 onion bs saddr getf = do (f,(assym,ret3)) <- runGet ((,) <$> getf <*> getOnionRequest) bs
                         oaddr <- onionToOwner assym ret3 saddr
                         return (f assym, oaddr)
+parseOnionAddr :: (SockAddr -> Nonce8 -> IO (Maybe (NodeInfo,r)))
-parseOnionAddr :: (ByteString, SockAddr) -> Either (OnionMessage Encrypted,OnionDestination) (ByteString,SockAddr)
+                  -> (ByteString, SockAddr)
-parseOnionAddr (msg,saddr)
+                  -> IO (Either (OnionMessage Encrypted,OnionDestination r)
+                                (ByteString,SockAddr))
+parseOnionAddr lookupSender (msg,saddr)
    | Just (typ,bs) <- B.uncons msg
    , let right = Right (msg,saddr)
-          query = either (const right) Left
+          query = return . either (const right) Left
-          response = either (const right) (Left . \msg -> ( msg , replyAlias saddr msg ))
    = case typ of
    0x83 -> query $ onion bs saddr (pure OnionAnnounce)            -- Announce Request
    0x85 -> query $ onion bs saddr (OnionToRoute <$> getPublicKey) -- Onion Data Request
-    0x84 -> response $ runGet (getOnionReply 0x84) bs              -- Announce Response
+    _ -> case flip runGet bs <$> getOnionReply typ of
-    0x86 -> response $ runGet (getOnionReply 0x86) bs              -- Onion Data Response
+            Just (Right msg@(OnionAnnounceResponse n8 _ _)) -> do
-    _ -> right
+                maddr <- lookupSender saddr n8
+                maybe (return right) -- Response unsolicited or too late.
-getOnionReply :: Word8 -> Get (OnionMessage Encrypted)
+                      (return . Left . \(ni,r) -> (msg,OnionDestination ni (Just r)))
-getOnionReply 0x84 = OnionAnnounceResponse <$> get <*> get <*> get
+                      maddr
-getOnionReply 0x86 = OnionToRouteResponse <$> getOnionAssym
+            Just (Right msg@(OnionToRouteResponse asym)) -> do
+                let ni = asymNodeInfo saddr asym
-replyAlias :: SockAddr -> OnionMessage Encrypted -> OnionDestination
+                return $ Left (msg, OnionDestination ni Nothing)
-replyAlias saddr (OnionAnnounceResponse  _ _ _)
+            _ -> return right
-    = OnionDestination
-    $ either (error "replyAlias: bad protocol") id
+getOnionReply :: Word8 -> Maybe (Get (OnionMessage Encrypted))
-    $ nodeInfo zeroID saddr -- TODO OnionAnnounceResponse has no sender key
+getOnionReply 0x84 = Just $ OnionAnnounceResponse <$> get <*> get <*> get
-replyAlias saddr (OnionToRouteResponse asym)
+getOnionReply 0x86 = Just $ OnionToRouteResponse <$> getOnionAssym
-    = OnionDestination $ asymNodeInfo saddr asym
+getOnionReply _    = Nothing
 putOnionMsg :: OnionMessage Encrypted -> Put
 putOnionMsg (OnionAnnounce                a) = putOnionAssym 0x83 (return ()) a
@@ -167,10 +170,18 @@ putOnionMsg (OnionToRoute pubkey          a) = putOnionAssym 0x85 (putPublicKey
 putOnionMsg (OnionAnnounceResponse n8 n24 x) = put (0x84 :: Word8) >> put n8 >> put n24 >> put x
 putOnionMsg (OnionToRouteResponse         a) = putOnionAssym 0x86 (return ()) a
-encodeOnionAddr :: (OnionMessage Encrypted,OnionDestination) -> (ByteString, SockAddr)
+encodeOnionAddr :: (NodeInfo -> r -> IO (Maybe OnionRoute))
-encodeOnionAddr (msg,OnionToOwner ni p) = ( runPut $ putResponse (OnionResponse p msg)
+                   -> (OnionMessage Encrypted,OnionDestination r)
-                                          , nodeAddr ni )
+                   -> IO (Maybe (ByteString, SockAddr))
-encodeOnionAddr (msg,OnionDestination a) = ( runPut (putOnionMsg msg), nodeAddr a) -- TODO: Construct (OnionRequest N0)?
+encodeOnionAddr _ (msg,OnionToOwner ni p) =
+    return $ Just ( runPut $ putResponse (OnionResponse p msg)
+                  , nodeAddr ni )
+encodeOnionAddr _        (msg,OnionDestination _  Nothing   ) = return Nothing
+encodeOnionAddr getRoute (msg,OnionDestination ni (Just rid)) = do
+    let go route = do
+            return (runPut $ putRequest $ wrapForRoute msg ni route, nodeAddr ni)
+    getRoute ni rid >>= mapM go
 forwardOnions :: TransportCrypto -> UDPTransport -> UDPTransport
 forwardOnions crypto udp = udp { awaitMessage = forwardAwait crypto udp }
@@ -253,7 +264,8 @@ data OnionResponse n = OnionResponse
 deriving instance KnownNat (PeanoNat n) => Show (OnionResponse n)
 instance ( Serialize (ReturnPath n) ) => Serialize (OnionResponse n) where
-    get = OnionResponse <$> get <*> (get >>= getOnionReply)
+    get = OnionResponse <$> get <*> (get >>= fromMaybe (fail "illegal onion forwarding")
+                                             . getOnionReply)
    put (OnionResponse p m) = put p >> putOnionMsg m
@@ -525,7 +537,7 @@ instance Sized OnionData where
                             -- should be treated as variable sized.
            VarSize f   -> f dhtpk
-encrypt :: TransportCrypto -> OnionMessage Identity -> OnionDestination -> (OnionMessage Encrypted, OnionDestination)
+encrypt :: TransportCrypto -> OnionMessage Identity -> OnionDestination r -> (OnionMessage Encrypted, OnionDestination r)
 encrypt crypto msg rpath = ( transcode ( (. (runIdentity . either id assymData))
                                         . encryptMessage skey okey)
                                       msg
@@ -545,31 +557,78 @@ encryptMessage skey destKey n a = ToxCrypto.encrypt secret plain
    secret = computeSharedSecret skey destKey n
    plain  = encodePlain a
-decrypt :: TransportCrypto -> OnionMessage Encrypted -> OnionDestination -> Either String (OnionMessage Identity, OnionDestination)
+decrypt :: TransportCrypto -> OnionMessage Encrypted -> OnionDestination r -> Either String (OnionMessage Identity, OnionDestination r)
-decrypt crypto msg addr = (, addr) <$> (sequenceMessage $ transcode (decryptMessage crypto) msg)
+decrypt crypto msg addr = do
+    msg <- sequenceMessage $ transcode (\n -> decryptMessage crypto n . left (senderkey addr)) msg
+    Right (msg, addr)
+senderkey :: OnionDestination r -> t -> (Maybe PublicKey, t)
+senderkey addr e = (onionKey addr, e)
 decryptMessage :: Serialize x =>
                  TransportCrypto
                  -> Nonce24
-                  -> Either (Encrypted x) (Assym (Encrypted x))
+                  -> Either (Maybe PublicKey, Encrypted x)
+                            (Assym (Encrypted x))
                  -> (Either String ∘ Identity) x
-decryptMessage crypto n (Right assymE) = plain $ ToxCrypto.decrypt secret e
+decryptMessage crypto n arg
+    | Just secret <- msecret = plain $ ToxCrypto.decrypt secret e
+    | otherwise              = Composed $ Left "decryptMessage: Unknown sender"
 where
-    secret = computeSharedSecret (transportSecret crypto) (senderKey assymE) n
+    msecret  = do sender <- mkey
-    e      = assymData assymE
+                  Just $ computeSharedSecret (transportSecret crypto) sender n
-    plain  = Composed . fmap Identity . (>>= decodePlain)
+    (mkey,e) = either id (Just . senderKey &&& assymData) arg
-decryptMessage crypto n (Left e) = _todo -- OnionAnnounceResponse has no sender key
+    plain    = Composed . fmap Identity . (>>= decodePlain)
 sequenceMessage :: Applicative m => OnionMessage (m ∘ f) -> m (OnionMessage f)
-sequenceMessage (OnionAnnounce a)        = fmap OnionAnnounce        $ sequenceA $ fmap uncomposed a
+sequenceMessage (OnionAnnounce a)        = fmap OnionAnnounce $ sequenceA $ fmap uncomposed a
 sequenceMessage (OnionAnnounceResponse n8 n24 dta) = OnionAnnounceResponse n8 n24 <$> uncomposed dta
 sequenceMessage (OnionToRoute pub a)     = pure $ OnionToRoute pub a
 sequenceMessage (OnionToRouteResponse a) = pure $ OnionToRouteResponse a
 transcode :: forall f g. (forall a. Serialize a => Nonce24 -> Either (f a) (Assym (f a)) -> g a) -> OnionMessage f -> OnionMessage g
-transcode f (OnionAnnounce a)        = OnionAnnounce        $ a { assymData = f (assymNonce a) (Right a) }
+transcode f (OnionAnnounce a)        = OnionAnnounce $ a { assymData = f (assymNonce a) (Right a) }
 transcode f (OnionAnnounceResponse n8 n24 dta) = OnionAnnounceResponse n8 n24 $ f n24 $ Left dta
 transcode f (OnionToRoute pub a)     = OnionToRoute pub     a
 transcode f (OnionToRouteResponse a) = OnionToRouteResponse a
+data OnionRoute = OnionRoute
+    { routeNonce  :: Nonce24
+    , routeAliasA :: SecretKey
+    , routeAliasB :: SecretKey
+    , routeAliasC :: SecretKey
+    , routeNodeA  :: NodeInfo
+    , routeNodeB  :: NodeInfo
+    , routeNodeC  :: NodeInfo
+    }
+wrapForRoute :: OnionMessage Encrypted -> NodeInfo -> OnionRoute -> OnionRequest N0
+wrapForRoute msg ni r = OnionRequest
+    { onionNonce = routeNonce r
+    , onionForward = wrapOnion (routeAliasA r)
+                               (routeNonce r)
+                               (id2key . nodeId $ routeNodeA r)
+                               (nodeAddr $ routeNodeB r)
+                   $ wrapOnion (routeAliasB r)
+                               (routeNonce r)
+                               (id2key . nodeId $ routeNodeB r)
+                               (nodeAddr $ routeNodeC r)
+                   $ wrapOnion (routeAliasC r)
+                               (routeNonce r)
+                               (id2key . nodeId $ routeNodeC r)
+                               (nodeAddr ni)
+                   $ NotForwarded msg
+    , pathFromOwner = NoReturnPath
+    }
+wrapOnion :: Serialize (Forwarding n msg) =>
+           SecretKey
+           -> Nonce24
+           -> PublicKey
+           -> SockAddr
+           -> Forwarding n msg
+           -> Forwarding (S n) msg
+wrapOnion skey nonce destkey saddr fwd =
+    Forwarding (toPublic skey) $ encryptMessage skey destkey nonce (Addressed saddr fwd)
author	joe <joe@jerkface.net>	2017-10-01 05:26:36 -0400
committer	joe <joe@jerkface.net>	2017-10-01 05:26:36 -0400
commit	d408e6c3148106c6dbc8afe24a1488619adf34e1 (patch)
tree	ca2d7a66b07dba82b6bf236fb234cac75bf87da6 /src/Network/Tox/Onion/Transport.hs
parent	f6f70dcfa25ddf10e3cf16745bdd082cc26b2fd6 (diff)

diff --git a/src/Network/Tox/Onion/Transport.hs b/src/Network/Tox/Onion/Transport.hs index 0e6e4954..a3c1950f 100644 --- a/src/Network/Tox/Onion/Transport.hs +++ b/src/Network/Tox/Onion/Transport.hs
@@ -33,6 +33,8 @@ module Network.Tox.Onion.Transport
33	, encrypt	33	, encrypt
34	, decrypt	34	, decrypt
35	, peelSymmetric	35	, peelSymmetric
		36	, OnionRoute(..)
		37	, N3
36	) where	38	) where
37		39
38	import Network.Address (fromSockAddr,toSockAddr,setPort,either4or6,sockAddrPort)	40	import Network.Address (fromSockAddr,toSockAddr,setPort,either4or6,sockAddrPort)
@@ -86,13 +88,14 @@ deriving instance ( Show (f (AnnounceRequest, Nonce8))
86	, Show (f DataToRoute)	88	, Show (f DataToRoute)
87	) => Show (OnionMessage f)	89	) => Show (OnionMessage f)
88		90
89	data OnionDestination = OnionToOwner NodeInfo (ReturnPath N3) -- ^ Somebody else's path to us.	91	data OnionDestination r
90	\| OnionDestination NodeInfo -- ^ Our own onion-path.	92	= OnionToOwner NodeInfo (ReturnPath N3) -- ^ Somebody else's path to us.
		93	\| OnionDestination NodeInfo (Maybe r) -- ^ Our own onion-path.
91	deriving Show	94	deriving Show
92		95
93	onionKey :: OnionDestination -> Maybe PublicKey	96	onionKey :: OnionDestination r -> Maybe PublicKey
94	onionKey (OnionToOwner ni _) = Just $ id2key (nodeId ni)	97	onionKey (OnionToOwner ni _) = Just $ id2key (nodeId ni)
95	onionKey _ = Nothing	98	onionKey (OnionDestination ni _) = Just $ id2key (nodeId ni)
96		99
97	instance Sized (OnionMessage Encrypted) where	100	instance Sized (OnionMessage Encrypted) where
98	size = VarSize $ \case	101	size = VarSize $ \case
@@ -111,15 +114,14 @@ instance Serialize (OnionMessage Encrypted) where
111	case typ :: Word8 of	114	case typ :: Word8 of
112	0x83 -> OnionAnnounce <$> getAliasedAssym	115	0x83 -> OnionAnnounce <$> getAliasedAssym
113	0x85 -> OnionToRoute <$> getPublicKey <*> getAliasedAssym	116	0x85 -> OnionToRoute <$> getPublicKey <*> getAliasedAssym
114	0x84 -> getOnionReply typ	117	t -> fail ("Unknown onion payload: " ++ show t)
115	0x86 -> getOnionReply typ	118	`fromMaybe` getOnionReply t
116	t -> fail $ "Unknown onion payload: " ++ show t
117	put (OnionAnnounce a) = putWord8 0x83 >> putAliasedAssym a	119	put (OnionAnnounce a) = putWord8 0x83 >> putAliasedAssym a
118	put (OnionToRoute k a) = putWord8 0x85 >> putPublicKey k >> putAliasedAssym a	120	put (OnionToRoute k a) = putWord8 0x85 >> putPublicKey k >> putAliasedAssym a
119	put (OnionAnnounceResponse n8 n24 x) = putWord8 0x84 >> put n8 >> put n24 >> put x	121	put (OnionAnnounceResponse n8 n24 x) = putWord8 0x84 >> put n8 >> put n24 >> put x
120	put (OnionToRouteResponse a) = putWord8 0x86 >> putAliasedAssym a	122	put (OnionToRouteResponse a) = putWord8 0x86 >> putAliasedAssym a
121		123
122	onionToOwner :: Assym a -> ReturnPath N3 -> SockAddr -> Either String OnionDestination	124	onionToOwner :: Assym a -> ReturnPath N3 -> SockAddr -> Either String (OnionDestination r)
123	onionToOwner assym ret3 saddr = do	125	onionToOwner assym ret3 saddr = do
124	ni <- nodeInfo (key2id $ senderKey assym) saddr	126	ni <- nodeInfo (key2id $ senderKey assym) saddr
125	return $ OnionToOwner ni ret3	127	return $ OnionToOwner ni ret3
@@ -130,36 +132,37 @@ onion :: Sized msg =>
130	ByteString	132	ByteString
131	-> SockAddr	133	-> SockAddr
132	-> Get (Assym (Encrypted msg) -> t)	134	-> Get (Assym (Encrypted msg) -> t)
133	-> Either String (t, OnionDestination)	135	-> Either String (t, OnionDestination r)
134	onion bs saddr getf = do (f,(assym,ret3)) <- runGet ((,) <$> getf <*> getOnionRequest) bs	136	onion bs saddr getf = do (f,(assym,ret3)) <- runGet ((,) <$> getf <*> getOnionRequest) bs
135	oaddr <- onionToOwner assym ret3 saddr	137	oaddr <- onionToOwner assym ret3 saddr
136	return (f assym, oaddr)	138	return (f assym, oaddr)
137		139
138		140	parseOnionAddr :: (SockAddr -> Nonce8 -> IO (Maybe (NodeInfo,r)))
139	parseOnionAddr :: (ByteString, SockAddr) -> Either (OnionMessage Encrypted,OnionDestination) (ByteString,SockAddr)	141	-> (ByteString, SockAddr)
140	parseOnionAddr (msg,saddr)	142	-> IO (Either (OnionMessage Encrypted,OnionDestination r)
		143	(ByteString,SockAddr))
		144	parseOnionAddr lookupSender (msg,saddr)
141	\| Just (typ,bs) <- B.uncons msg	145	\| Just (typ,bs) <- B.uncons msg
142	, let right = Right (msg,saddr)	146	, let right = Right (msg,saddr)
143	query = either (const right) Left	147	query = return . either (const right) Left
144	response = either (const right) (Left . \msg -> ( msg , replyAlias saddr msg ))
145	= case typ of	148	= case typ of
146	0x83 -> query $ onion bs saddr (pure OnionAnnounce) -- Announce Request	149	0x83 -> query $ onion bs saddr (pure OnionAnnounce) -- Announce Request
147	0x85 -> query $ onion bs saddr (OnionToRoute <$> getPublicKey) -- Onion Data Request	150	0x85 -> query $ onion bs saddr (OnionToRoute <$> getPublicKey) -- Onion Data Request
148	0x84 -> response $ runGet (getOnionReply 0x84) bs -- Announce Response	151	_ -> case flip runGet bs <$> getOnionReply typ of
149	0x86 -> response $ runGet (getOnionReply 0x86) bs -- Onion Data Response	152	Just (Right msg@(OnionAnnounceResponse n8 _ _)) -> do
150	_ -> right	153	maddr <- lookupSender saddr n8
151		154	maybe (return right) -- Response unsolicited or too late.
152	getOnionReply :: Word8 -> Get (OnionMessage Encrypted)	155	(return . Left . \(ni,r) -> (msg,OnionDestination ni (Just r)))
153	getOnionReply 0x84 = OnionAnnounceResponse <$> get <> get <> get	156	maddr
154	getOnionReply 0x86 = OnionToRouteResponse <$> getOnionAssym	157	Just (Right msg@(OnionToRouteResponse asym)) -> do
155		158	let ni = asymNodeInfo saddr asym
156	replyAlias :: SockAddr -> OnionMessage Encrypted -> OnionDestination	159	return $ Left (msg, OnionDestination ni Nothing)
157	replyAlias saddr (OnionAnnounceResponse _ _ _)	160	_ -> return right
158	= OnionDestination	161
159	$ either (error "replyAlias: bad protocol") id	162	getOnionReply :: Word8 -> Maybe (Get (OnionMessage Encrypted))
160	$ nodeInfo zeroID saddr -- TODO OnionAnnounceResponse has no sender key	163	getOnionReply 0x84 = Just $ OnionAnnounceResponse <$> get <> get <> get
161	replyAlias saddr (OnionToRouteResponse asym)	164	getOnionReply 0x86 = Just $ OnionToRouteResponse <$> getOnionAssym
162	= OnionDestination $ asymNodeInfo saddr asym	165	getOnionReply _ = Nothing
163		166
164	putOnionMsg :: OnionMessage Encrypted -> Put	167	putOnionMsg :: OnionMessage Encrypted -> Put
165	putOnionMsg (OnionAnnounce a) = putOnionAssym 0x83 (return ()) a	168	putOnionMsg (OnionAnnounce a) = putOnionAssym 0x83 (return ()) a
@@ -167,10 +170,18 @@ putOnionMsg (OnionToRoute pubkey a) = putOnionAssym 0x85 (putPublicKey
167	putOnionMsg (OnionAnnounceResponse n8 n24 x) = put (0x84 :: Word8) >> put n8 >> put n24 >> put x	170	putOnionMsg (OnionAnnounceResponse n8 n24 x) = put (0x84 :: Word8) >> put n8 >> put n24 >> put x
168	putOnionMsg (OnionToRouteResponse a) = putOnionAssym 0x86 (return ()) a	171	putOnionMsg (OnionToRouteResponse a) = putOnionAssym 0x86 (return ()) a
169		172
170	encodeOnionAddr :: (OnionMessage Encrypted,OnionDestination) -> (ByteString, SockAddr)	173	encodeOnionAddr :: (NodeInfo -> r -> IO (Maybe OnionRoute))
171	encodeOnionAddr (msg,OnionToOwner ni p) = ( runPut $ putResponse (OnionResponse p msg)	174	-> (OnionMessage Encrypted,OnionDestination r)
172	, nodeAddr ni )	175	-> IO (Maybe (ByteString, SockAddr))
173	encodeOnionAddr (msg,OnionDestination a) = ( runPut (putOnionMsg msg), nodeAddr a) -- TODO: Construct (OnionRequest N0)?	176	encodeOnionAddr _ (msg,OnionToOwner ni p) =
		177	return $ Just ( runPut $ putResponse (OnionResponse p msg)
		178	, nodeAddr ni )
		179	encodeOnionAddr _ (msg,OnionDestination _ Nothing ) = return Nothing
		180	encodeOnionAddr getRoute (msg,OnionDestination ni (Just rid)) = do
		181	let go route = do
		182	return (runPut $ putRequest $ wrapForRoute msg ni route, nodeAddr ni)
		183	getRoute ni rid >>= mapM go
		184
174		185
175	forwardOnions :: TransportCrypto -> UDPTransport -> UDPTransport	186	forwardOnions :: TransportCrypto -> UDPTransport -> UDPTransport
176	forwardOnions crypto udp = udp { awaitMessage = forwardAwait crypto udp }	187	forwardOnions crypto udp = udp { awaitMessage = forwardAwait crypto udp }
@@ -253,7 +264,8 @@ data OnionResponse n = OnionResponse
253	deriving instance KnownNat (PeanoNat n) => Show (OnionResponse n)	264	deriving instance KnownNat (PeanoNat n) => Show (OnionResponse n)
254		265
255	instance ( Serialize (ReturnPath n) ) => Serialize (OnionResponse n) where	266	instance ( Serialize (ReturnPath n) ) => Serialize (OnionResponse n) where
256	get = OnionResponse <$> get <*> (get >>= getOnionReply)	267	get = OnionResponse <$> get <*> (get >>= fromMaybe (fail "illegal onion forwarding")
		268	. getOnionReply)
257	put (OnionResponse p m) = put p >> putOnionMsg m	269	put (OnionResponse p m) = put p >> putOnionMsg m
258		270
259		271
@@ -525,7 +537,7 @@ instance Sized OnionData where
525	-- should be treated as variable sized.	537	-- should be treated as variable sized.
526	VarSize f -> f dhtpk	538	VarSize f -> f dhtpk
527		539
528	encrypt :: TransportCrypto -> OnionMessage Identity -> OnionDestination -> (OnionMessage Encrypted, OnionDestination)	540	encrypt :: TransportCrypto -> OnionMessage Identity -> OnionDestination r -> (OnionMessage Encrypted, OnionDestination r)
529	encrypt crypto msg rpath = ( transcode ( (. (runIdentity . either id assymData))	541	encrypt crypto msg rpath = ( transcode ( (. (runIdentity . either id assymData))
530	. encryptMessage skey okey)	542	. encryptMessage skey okey)
531	msg	543	msg
@@ -545,31 +557,78 @@ encryptMessage skey destKey n a = ToxCrypto.encrypt secret plain
545	secret = computeSharedSecret skey destKey n	557	secret = computeSharedSecret skey destKey n
546	plain = encodePlain a	558	plain = encodePlain a
547		559
548	decrypt :: TransportCrypto -> OnionMessage Encrypted -> OnionDestination -> Either String (OnionMessage Identity, OnionDestination)	560	decrypt :: TransportCrypto -> OnionMessage Encrypted -> OnionDestination r -> Either String (OnionMessage Identity, OnionDestination r)
549	decrypt crypto msg addr = (, addr) <$> (sequenceMessage $ transcode (decryptMessage crypto) msg)	561	decrypt crypto msg addr = do
		562	msg <- sequenceMessage $ transcode (\n -> decryptMessage crypto n . left (senderkey addr)) msg
		563	Right (msg, addr)
		564
		565	senderkey :: OnionDestination r -> t -> (Maybe PublicKey, t)
		566	senderkey addr e = (onionKey addr, e)
550		567
551	decryptMessage :: Serialize x =>	568	decryptMessage :: Serialize x =>
552	TransportCrypto	569	TransportCrypto
553	-> Nonce24	570	-> Nonce24
554	-> Either (Encrypted x) (Assym (Encrypted x))	571	-> Either (Maybe PublicKey, Encrypted x)
		572	(Assym (Encrypted x))
555	-> (Either String ∘ Identity) x	573	-> (Either String ∘ Identity) x
556	decryptMessage crypto n (Right assymE) = plain $ ToxCrypto.decrypt secret e	574	decryptMessage crypto n arg
		575	\| Just secret <- msecret = plain $ ToxCrypto.decrypt secret e
		576	\| otherwise = Composed $ Left "decryptMessage: Unknown sender"
557	where	577	where
558	secret = computeSharedSecret (transportSecret crypto) (senderKey assymE) n	578	msecret = do sender <- mkey
559	e = assymData assymE	579	Just $ computeSharedSecret (transportSecret crypto) sender n
560	plain = Composed . fmap Identity . (>>= decodePlain)	580	(mkey,e) = either id (Just . senderKey &&& assymData) arg
561	decryptMessage crypto n (Left e) = _todo -- OnionAnnounceResponse has no sender key	581	plain = Composed . fmap Identity . (>>= decodePlain)
562		582
563		583
564	sequenceMessage :: Applicative m => OnionMessage (m ∘ f) -> m (OnionMessage f)	584	sequenceMessage :: Applicative m => OnionMessage (m ∘ f) -> m (OnionMessage f)
565	sequenceMessage (OnionAnnounce a) = fmap OnionAnnounce $ sequenceA $ fmap uncomposed a	585	sequenceMessage (OnionAnnounce a) = fmap OnionAnnounce $ sequenceA $ fmap uncomposed a
566	sequenceMessage (OnionAnnounceResponse n8 n24 dta) = OnionAnnounceResponse n8 n24 <$> uncomposed dta	586	sequenceMessage (OnionAnnounceResponse n8 n24 dta) = OnionAnnounceResponse n8 n24 <$> uncomposed dta
567	sequenceMessage (OnionToRoute pub a) = pure $ OnionToRoute pub a	587	sequenceMessage (OnionToRoute pub a) = pure $ OnionToRoute pub a
568	sequenceMessage (OnionToRouteResponse a) = pure $ OnionToRouteResponse a	588	sequenceMessage (OnionToRouteResponse a) = pure $ OnionToRouteResponse a
569		589
570	transcode :: forall f g. (forall a. Serialize a => Nonce24 -> Either (f a) (Assym (f a)) -> g a) -> OnionMessage f -> OnionMessage g	590	transcode :: forall f g. (forall a. Serialize a => Nonce24 -> Either (f a) (Assym (f a)) -> g a) -> OnionMessage f -> OnionMessage g
571	transcode f (OnionAnnounce a) = OnionAnnounce $ a { assymData = f (assymNonce a) (Right a) }	591	transcode f (OnionAnnounce a) = OnionAnnounce $ a { assymData = f (assymNonce a) (Right a) }
572	transcode f (OnionAnnounceResponse n8 n24 dta) = OnionAnnounceResponse n8 n24 $ f n24 $ Left dta	592	transcode f (OnionAnnounceResponse n8 n24 dta) = OnionAnnounceResponse n8 n24 $ f n24 $ Left dta
573	transcode f (OnionToRoute pub a) = OnionToRoute pub a	593	transcode f (OnionToRoute pub a) = OnionToRoute pub a
574	transcode f (OnionToRouteResponse a) = OnionToRouteResponse a	594	transcode f (OnionToRouteResponse a) = OnionToRouteResponse a
575		595
		596
		597	data OnionRoute = OnionRoute
		598	{ routeNonce :: Nonce24
		599	, routeAliasA :: SecretKey
		600	, routeAliasB :: SecretKey
		601	, routeAliasC :: SecretKey
		602	, routeNodeA :: NodeInfo
		603	, routeNodeB :: NodeInfo
		604	, routeNodeC :: NodeInfo
		605	}
		606
		607	wrapForRoute :: OnionMessage Encrypted -> NodeInfo -> OnionRoute -> OnionRequest N0
		608	wrapForRoute msg ni r = OnionRequest
		609	{ onionNonce = routeNonce r
		610	, onionForward = wrapOnion (routeAliasA r)
		611	(routeNonce r)
		612	(id2key . nodeId $ routeNodeA r)
		613	(nodeAddr $ routeNodeB r)
		614	$ wrapOnion (routeAliasB r)
		615	(routeNonce r)
		616	(id2key . nodeId $ routeNodeB r)
		617	(nodeAddr $ routeNodeC r)
		618	$ wrapOnion (routeAliasC r)
		619	(routeNonce r)
		620	(id2key . nodeId $ routeNodeC r)
		621	(nodeAddr ni)
		622	$ NotForwarded msg
		623	, pathFromOwner = NoReturnPath
		624	}
		625
		626	wrapOnion :: Serialize (Forwarding n msg) =>
		627	SecretKey
		628	-> Nonce24
		629	-> PublicKey
		630	-> SockAddr
		631	-> Forwarding n msg
		632	-> Forwarding (S n) msg
		633	wrapOnion skey nonce destkey saddr fwd =
		634	Forwarding (toPublic skey) $ encryptMessage skey destkey nonce (Addressed saddr fwd)