The Nest
Explore
59
Pure-Rust asynchronous SSH library, both client and server

#47 Generic Agents

Opened by fintohaps on August 16, 2021
fintohaps on August 16, 2021

As mentioned in https://nest.pijul.com/pijul/thrussh/discussions/46, the need for a generic key in radicle-keystore#17 is only needed for the client.

I explored this route by making PublicKey and KeyPair generic in the client.rs file. The goal was then to move that code away from thrussh-keys. To do this, I decided to create two separate crates thrussh-agent and thrussh-encoding. The latter is so that other packages that don’t want to rely on thrussh-keys can use the encoding helpers defined in the encoding.rs file.

thrussh-agent houses only the agent code, i.e. client.rs and server.rs. Any need for a key is handled by a set of traits defined in key.rs. These traits are:

pub trait Signature: Sized {
    type Error;

    fn read(buf: &CryptoVec) -> Result<Self, Self::Error>;
}

pub trait Public: Sized {
    type Error;

    fn write_blob(&self, buf: &mut CryptoVec);
    fn read(reader: &mut Position) -> Result<Option<Self>, Self::Error>;
    fn hash(&self) -> u32;
}

pub trait Private: Sized {
    type Error;

    fn read(reader: &mut Position) -> Result<Option<(Vec<u8>, Self)>, Self::Error>;
    fn write(&self, buf: &mut CryptoVec) -> Result<(), Self::Error>;
    fn write_signature<Bytes: AsRef<[u8]>>(
        &self,
        buf: &mut CryptoVec,
        to_sign: Bytes,
    ) -> Result<(), Self::Error>;
}

The thrussh-keys package depends on thrussh-agent to have implementations of those traits for KeyPair and PublicKey.

This was the most straightforward way to separate out the logic. We had discussed privately the option of thrussh-keys defining traits and having packages such as thrussh-libsodium and thrussh-openssl define keys and implement the traits. However, this ripped through all of thrussh-keys and thrussh and became slightly unmanageable for me to implement. I was lacking enough knowledge and confidence to make these changes without worrying about complete breakage.

I do think this separation could be a good stepping stone towards that implementing the above though. Where we could eventually move the traits to thrussh-keys, thrussh could then be made generic over the keys and would have dependencies on thrussh-agent and thrussh-keys. Then the end-user could pick their key crate du jour. That would fit the auditing vision better too, because then the key logic is audited in each package, while the protocol logic is done via thrussh-agent and thrussh.

I’ll submit the patches once I’ve cleaned up the messages :) I’ll also be submitted a draft patch to radicle-keystore showing the signing example working there.

fintohaps added a change on August 16, 2021
Create agent package, which generic over keys The main aim of this patch is to separate the agent code away from the specific key implementations. This required making the mention of keys in `agent/client.rs` and `agent/server.rs` generic. The logic that involved the keys is captured in a set of traits. All of this code now lives in `thrussh-agent`. A side-effect of this reorganisation was the carving out of `thrussh-encoding`. Since the the `encoding.rs` logic was standalone, it now lives in its own package, so that other dependencies can rely on it for implementing the agent's traits. The key types in `thrussh-keys` implement the agent's traits. The rest of the changes are fixing up the `thrussh-keys` and `thrussh` crates with the corresponding type changes, such as introducing `Error` enums and renaming of imports.
IVSHPDNR6PQRZGJXJLPG2AG5GOXQLAALKD6WWBE4XYUEGAB24EHAC
fintohaps on August 16, 2021

Here’s the corresponding intergation work https://github.com/radicle-dev/radicle-keystore/pull/18

fintohaps added a change on August 19, 2021
Create agent package, which generic over keys The main aim of this patch is to separate the agent code away from the specific key implementations. This required making the mention of keys in `agent/client.rs` and `agent/server.rs` generic. The logic that involved the keys is captured in a set of traits. All of this code now lives in `thrussh-agent`. A side-effect of this reorganisation was the carving out of `thrussh-encoding`. Since the the `encoding.rs` logic was standalone, it now lives in its own package, so that other dependencies can rely on it for implementing the agent's traits. The key types in `thrussh-keys` implement the agent's traits. The rest of the changes are fixing up the `thrussh-keys` and `thrussh` crates with the corresponding type changes, such as introducing `Error` enums and renaming of imports. created on August 16, 2021
VK5CSP727IVAYHHI7FZJLES6F4YCR3S5GDSZHVPAR5XSPINGZEVAC
fintohaps added a change on August 19, 2021
Make the agent agnostic to async runtimes This patch allows the server and client streams to be agnostic to the async runtime. It achieves this by abstracting out the common methods that invlove the specific runtime. For a client this means connecting to the particular stream and being able to read a response from it. For a server this means the run loop and spawning a thread for revoking a key with a lifetime constraint. In both cases, the functionality is captured in traits. These traits are then implemented by the specific runtimes, currently tokio and smol. Each of these modules is hidden behind a feature flag "tokio-agent" and "smol-agent". For convenience, "tokio-agent" is on by default.
GNTMCGTBA3QCXVBC3AFD72CVFWLDS3N52M36ABWFLCBDQDNEYD5AC
fintohaps on August 19, 2021

I’m also including a patch for being generic on the runtime :)

fintohaps on September 8, 2021

@pmeunier any chance you were able to look at these patches? Anything I could do to help the review?