|
@@ -45,6 +45,20 @@ __license__ = '2-clause BSD license' |
|
|
# Notes: |
|
|
# Notes: |
|
|
# Using XK, so that the connecting party's identity is hidden and that the |
|
|
# Using XK, so that the connecting party's identity is hidden and that the |
|
|
# server's party's key is known. |
|
|
# server's party's key is known. |
|
|
|
|
|
# |
|
|
|
|
|
# Noise packets are 16 bytes + length of data |
|
|
|
|
|
# |
|
|
|
|
|
# Proposed method to hide message lengths: |
|
|
|
|
|
# Immediately after handshake completes, each side generates and sends |
|
|
|
|
|
# an n byte key that will be used for encrypting (algo tbd) their own |
|
|
|
|
|
# byte counts. The length field will be encrypted via |
|
|
|
|
|
# E(pktnum, key) XOR 2 byte length. |
|
|
|
|
|
# |
|
|
|
|
|
# Note that authenticating the message length is NOT needed. This is |
|
|
|
|
|
# because the noise message blocks themselves are authenticated. The |
|
|
|
|
|
# worse that could happen is that a larger read (64k) is done, and then |
|
|
|
|
|
# the connection aborts because of decryption failure. |
|
|
|
|
|
# |
|
|
|
|
|
|
|
|
def genkeypair(): |
|
|
def genkeypair(): |
|
|
'''Generates a keypair, and returns a tuple of (public, private). |
|
|
'''Generates a keypair, and returns a tuple of (public, private). |
|
|