fn get_rendezvous_key_material(
xy: &SharedSecret,
xb: &SharedSecret,
auth_key: &PublicKey,
B: &PublicKey,
X: &PublicKey,
Y: &PublicKey,
) -> Result<(HsNtorHkdfKeyGenerator, CtByteArray<HS_MAC_LEN>)>Expand description
Helper function: Compute the last part of the HS ntor handshake which derives key material necessary to create and handle RENDEZVOUS1 cells. Function used by both client and service. The actual calculations is as follows:
rend_secret_hs_input = EXP(X,y) | EXP(X,b) | AUTH_KEY | B | X | Y | PROTOID NTOR_KEY_SEED = MAC(rend_secret_hs_input, t_hsenc) verify = MAC(rend_secret_hs_input, t_hsverify) auth_input = verify | AUTH_KEY | B | Y | X | PROTOID | “Server” AUTH_INPUT_MAC = MAC(auth_input, t_hsmac)
Return (keygen, AUTH_INPUT_MAC), where keygen is a key generator based on NTOR_KEY_SEED.