📅 Original date posted:2015-10-02
📝 Original message:
Hi all!
So, I've pushed some test onion routing code in an acceptable
format:
https://github.com/ElementsProject/lightning/blob/onion/test/test_onion.c
#define MESSAGE_SIZE 128
#define MAX_HOPS 20
/* Prepend 0x02 to get pubkey for libsecp256k1 */
struct pubkey {
unsigned char u8[32];
};
struct hop {
unsigned char msg[MESSAGE_SIZE];
struct pubkey pubkey;
struct sha256 hmac;
};
struct onion {
struct hop hop[MAX_HOPS];
};
That's a fixed 3840 bytes; each node decrypts and removed the tail
entry, then prepends padding. (Working backwards like that turns out to
be slightly more efficient for generating, see git commits).
There's nothing exotic in here: it's AES128 counter mode, HMAC using
SHA256, and Bitcoin's EC with ECDH. But crypto review particularly
welcome!
Cheers,
Rusty.
Rusty Russell [ARCHIVE] /
npub1zw…hkhpx
2023-06-09 12:44:42
in reply to nevent1q…7e4j
Author Public Key
npub1zw7cc8z78v6s3grujfvcv3ckpvg6kr0w7nz9yzvwyglyg0qu5sjsqhkhpxPublished at
2023-06-09 12:44:42Event JSON
{
"id": "640715c6cbcbcc28f487274c37fc1b59cbd68b3624c1b3a261d92659d107f74d",
"pubkey": "13bd8c1c5e3b3508a07c92598647160b11ab0deef4c452098e223e443c1ca425",
"created_at": 1686314682,
"kind": 1,
"tags": [
[
"e",
"8068f367a334368b30aff76cd525cce9c5bc6d9781f504af87639b9a503f0531",
"",
"reply"
],
[
"p",
"9456f7acb763eaab2e02bd8e60cf17df74f352c2ae579dce1f1dd25c95dd611c"
]
],
"content": "📅 Original date posted:2015-10-02\n📝 Original message:\nHi all!\n\n So, I've pushed some test onion routing code in an acceptable\nformat:\nhttps://github.com/ElementsProject/lightning/blob/onion/test/test_onion.c\n\n #define MESSAGE_SIZE 128\n #define MAX_HOPS 20\n\n /* Prepend 0x02 to get pubkey for libsecp256k1 */\n struct pubkey {\n \tunsigned char u8[32];\n };\n\n struct hop {\n \tunsigned char msg[MESSAGE_SIZE];\n \tstruct pubkey pubkey;\n \tstruct sha256 hmac;\n };\n\n struct onion {\n \tstruct hop hop[MAX_HOPS];\n };\n\nThat's a fixed 3840 bytes; each node decrypts and removed the tail\nentry, then prepends padding. (Working backwards like that turns out to\nbe slightly more efficient for generating, see git commits).\n\nThere's nothing exotic in here: it's AES128 counter mode, HMAC using\nSHA256, and Bitcoin's EC with ECDH. But crypto review particularly\nwelcome!\n\nCheers,\nRusty.",
"sig": "643bf1e87eb2e43a3ade44681da56f1a21b7e31db0ea12b95d520f3839dda0a8ced3dd17da4224efd50ffd70c904fb3e119c1c17459744f768dccb7effc98225"
}