From 766872ac2674214683dbdbc6268a89511caaca73 Mon Sep 17 00:00:00 2001 From: John Smith Date: Sun, 29 Jan 2023 13:13:50 -0500 Subject: [PATCH] checkpoint --- Cargo.lock | 390 ++++++++++-------- veilid-core/Cargo.toml | 2 +- veilid-core/src/crypto/envelope.rs | 71 ++-- veilid-core/src/crypto/key.rs | 165 +------- veilid-core/src/crypto/mod.rs | 163 ++------ veilid-core/src/crypto/receipt.rs | 44 +- veilid-core/src/crypto/tests/mod.rs | 16 + veilid-core/src/crypto/tests/test_crypto.rs | 124 +++--- veilid-core/src/crypto/tests/test_dht_key.rs | 173 +++++--- .../src/crypto/tests/test_envelope_receipt.rs | 45 +- veilid-tools/src/tools.rs | 8 + 11 files changed, 535 insertions(+), 666 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 8e5e591a..4e8f6c9d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -51,9 +51,9 @@ dependencies = [ [[package]] name = "ahash" -version = "0.8.2" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf6ccdb167abbf410dcb915cabd428929d7f6a04980b54a11f26a39f1c7f7107" +checksum = "2c99f64d1e06488f620f932677e24bc6e2897582980441ae90a671415bd7ec2f" dependencies = [ "cfg-if 1.0.0", "getrandom 0.2.8", @@ -72,9 +72,9 @@ dependencies = [ [[package]] name = "allo-isolate" -version = "0.1.13" +version = "0.1.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ccb993621e6bf1b67591005b0adad126159a0ab31af379743906158aed5330d0" +checksum = "8ed55848be9f41d44c79df6045b680a74a78bc579e0813f7f196cd7928e22fb1" dependencies = [ "atomic", ] @@ -388,9 +388,9 @@ dependencies = [ [[package]] name = "async-trait" -version = "0.1.60" +version = "0.1.63" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "677d1d8ab452a3936018a687b20e6f7cf5363d713b732b8884001317b0e48aa3" +checksum = "eff18d764974428cf3a9328e23fc5c986f5fbed46e6cd4cdf42544df5d297ec1" dependencies = [ "proc-macro2", "quote", @@ -438,7 +438,7 @@ dependencies = [ "futures-util", "pin-project 1.0.12", "rustc_version 0.4.0", - "tokio 1.23.0", + "tokio 1.24.2", "wasm-bindgen-futures", ] @@ -464,9 +464,9 @@ dependencies = [ [[package]] name = "atomic-waker" -version = "1.0.0" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "065374052e7df7ee4047b1160cca5e1467a12351a40b3da123c870ba0b8eda2a" +checksum = "debc29dde2e69f9e47506b525f639ed42300fc014a3e007832592448fa8e4599" [[package]] name = "attohttpc" @@ -499,9 +499,9 @@ checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" [[package]] name = "axum" -version = "0.6.1" +version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08b108ad2665fa3f6e6a517c3d80ec3e77d224c47d605167aefaa5d7ef97fa48" +checksum = "e5694b64066a2459918d8074c2ce0d5a88f409431994c2356617c8ae0c4721fc" dependencies = [ "async-trait", "axum-core", @@ -528,9 +528,9 @@ dependencies = [ [[package]] name = "axum-core" -version = "0.3.0" +version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "79b8558f5a0581152dc94dcd289132a1d377494bdeafcd41869b3258e3e2ad92" +checksum = "1cae3e661676ffbacb30f1a824089a8c9150e71017f7e1e38f2aa32009188d34" dependencies = [ "async-trait", "bytes 1.3.0", @@ -647,6 +647,7 @@ dependencies = [ "cc", "cfg-if 1.0.0", "constant_time_eq", + "digest 0.10.6", ] [[package]] @@ -731,9 +732,9 @@ checksum = "cc12a55e9bd3840279c248c96ecf541d5ba98d6654e08869fe167121384a582c" [[package]] name = "bumpalo" -version = "3.11.1" +version = "3.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "572f695136211188308f16ad2ca5c851a712c464060ae6974944458eb83880ba" +checksum = "0d261e256854913907f67ed06efbc3338dfe6179796deefc1ff763fc1aee5535" [[package]] name = "byte-slice-cast" @@ -782,15 +783,15 @@ checksum = "dfb24e866b15a1af2a1b663f10c6b6b8f397a84aadb828f12e5b289ec23a3a3c" [[package]] name = "capnp" -version = "0.15.2" +version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "afaa14ddcf4553e700608c1c0ee3ca1f4cf673470462b99ff6dd6bedcdb6c6ce" +checksum = "35400c6acb55f1a91e6843beca189aba6bccd3c11fae5a7c0288fe5a1c3da822" [[package]] name = "capnp-futures" -version = "0.15.1" +version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "addd5d5f64da51c84060b760cc1a39b5de0de8b67f254c38e3e4889d9dcf9137" +checksum = "6cbe2479d667c6d44219a07d3da971379e4321ea7343b319994695be7da97a17" dependencies = [ "capnp", "futures", @@ -798,9 +799,9 @@ dependencies = [ [[package]] name = "capnp-rpc" -version = "0.15.0" +version = "0.16.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "96b9b0311f48c3fba1cca45dcddb6f922ca544c9d9d5151f1096afd8a9d7bc31" +checksum = "62097700b1da1dd567d77e91ddd7da0fd22c790599ce56c4eea346d60dff0acd" dependencies = [ "capnp", "capnp-futures", @@ -809,9 +810,9 @@ dependencies = [ [[package]] name = "capnpc" -version = "0.15.2" +version = "0.16.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "476b328e8298e5454f9d72b53a15da8d8725e572bc3d43e4e4cdb77a49093ee9" +checksum = "74147d35b0920efb5d676f49c7b4c6f643eb231a3597a1ca82af3b94cc29841c" dependencies = [ "capnp", ] @@ -824,9 +825,9 @@ checksum = "37b2a672a2cb129a2e41c10b1224bb368f9f37a2b16b612598138befd7b37eb5" [[package]] name = "cc" -version = "1.0.78" +version = "1.0.79" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a20104e2335ce8a659d6dd92a51a767a0c062599c73b343fd152cb401e828c3d" +checksum = "50d30906286121d95be3d479533b458f87493b30a4b5f79a607db8f5d11aa91f" [[package]] name = "cesu8" @@ -849,7 +850,7 @@ version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6fac387a98bb7c37292057cffc56d62ecb629900026402633ae9160df93a8766" dependencies = [ - "nom 7.1.2", + "nom 7.1.3", ] [[package]] @@ -1055,9 +1056,9 @@ dependencies = [ [[package]] name = "concurrent-queue" -version = "2.0.0" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bd7bef69dc86e3c610e4e7aed41035e2a7ed12e72dd7530f61327a6579a4390b" +checksum = "c278839b831783b70278b14df4d45e1beb1aad306c07bb796637de9a0e323e8e" dependencies = [ "crossbeam-utils", ] @@ -1071,7 +1072,7 @@ dependencies = [ "async-trait", "json5", "lazy_static", - "nom 7.1.2", + "nom 7.1.3", "pathdiff", "ron", "rust-ini", @@ -1109,7 +1110,7 @@ dependencies = [ "serde", "serde_json", "thread_local", - "tokio 1.23.0", + "tokio 1.24.2", "tokio-stream", "tonic", "tracing", @@ -1345,7 +1346,7 @@ version = "3.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1631ca6e3c59112501a9d87fd86f21591ff77acd31331e8a73f8d80a65bbdd71" dependencies = [ - "nix 0.26.1", + "nix 0.26.2", "windows-sys 0.42.0", ] @@ -1359,7 +1360,7 @@ checksum = "b365fabc795046672053e29c954733ec3b05e4be654ab130fe8f1f94d7051f35" name = "cursive" version = "0.20.0" dependencies = [ - "ahash 0.8.2", + "ahash 0.8.3", "async-std", "cfg-if 1.0.0", "crossbeam-channel", @@ -1369,7 +1370,7 @@ dependencies = [ "libc", "log", "signal-hook", - "tokio 1.23.0", + "tokio 1.24.2", "unicode-segmentation", "unicode-width", ] @@ -1404,7 +1405,7 @@ dependencies = [ name = "cursive_core" version = "0.3.5" dependencies = [ - "ahash 0.8.2", + "ahash 0.8.3", "ansi-parser", "async-std", "crossbeam-channel", @@ -1415,7 +1416,7 @@ dependencies = [ "num", "owning_ref", "time 0.3.17", - "tokio 1.23.0", + "tokio 1.24.2", "toml", "unicode-segmentation", "unicode-width", @@ -1459,9 +1460,9 @@ dependencies = [ [[package]] name = "cxx" -version = "1.0.85" +version = "1.0.88" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5add3fc1717409d029b20c5b6903fc0c0b02fa6741d820054f4a2efa5e5816fd" +checksum = "322296e2f2e5af4270b54df9e85a02ff037e271af20ba3e7fe1575515dc840b8" dependencies = [ "cc", "cxxbridge-flags", @@ -1471,9 +1472,9 @@ dependencies = [ [[package]] name = "cxx-build" -version = "1.0.85" +version = "1.0.88" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4c87959ba14bc6fbc61df77c3fcfe180fc32b93538c4f1031dd802ccb5f2ff0" +checksum = "017a1385b05d631e7875b1f151c9f012d37b53491e2a87f65bff5c262b2111d8" dependencies = [ "cc", "codespan-reporting", @@ -1486,15 +1487,15 @@ dependencies = [ [[package]] name = "cxxbridge-flags" -version = "1.0.85" +version = "1.0.88" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69a3e162fde4e594ed2b07d0f83c6c67b745e7f28ce58c6df5e6b6bef99dfb59" +checksum = "c26bbb078acf09bc1ecda02d4223f03bdd28bd4874edcb0379138efc499ce971" [[package]] name = "cxxbridge-macro" -version = "1.0.85" +version = "1.0.88" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e7e2adeb6a0d4a282e581096b06e1791532b7d576dcde5ccd9382acf55db8e6" +checksum = "357f40d1f06a24b60ae1fe122542c1fb05d28d32acb2aed064e84bc2ad1e252e" dependencies = [ "proc-macro2", "quote", @@ -1590,7 +1591,7 @@ dependencies = [ "hashbrown", "lock_api", "once_cell", - "parking_lot_core 0.9.5", + "parking_lot_core 0.9.6", ] [[package]] @@ -1627,6 +1628,7 @@ checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f" dependencies = [ "block-buffer 0.10.3", "crypto-common", + "subtle", ] [[package]] @@ -1663,9 +1665,9 @@ checksum = "0688c2a7f92e427f44895cd63841bff7b29f8d7a1648b9e7e07a4a365b2e1257" [[package]] name = "ed25519" -version = "1.5.2" +version = "1.5.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e9c280362032ea4203659fc489832d0204ef09f247a0506f170dafcac08c369" +checksum = "91cff35c70bba8a626e3185d8cd48cc11b5437e1a5bcd15b9b5fa3c64b6dfee7" dependencies = [ "signature", ] @@ -1679,15 +1681,15 @@ dependencies = [ "curve25519-dalek", "ed25519", "rand 0.7.3", - "sha2", + "sha2 0.9.9", "zeroize", ] [[package]] name = "either" -version = "1.8.0" +version = "1.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90e5c1c8368803113bf0c9584fc495a58b86dc8a29edbf8fe877d21d9507e797" +checksum = "7fcaabb2fef8c910e7f4c7ce9f67a1283a1715879a7c230ca9d6d1ae31f16d91" [[package]] name = "enum-as-inner" @@ -2181,21 +2183,21 @@ dependencies = [ [[package]] name = "gimli" -version = "0.27.0" +version = "0.27.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dec7af912d60cdbd3677c1af9352ebae6fb8394d165568a2234df0fa00f87793" +checksum = "221996f774192f0f718773def8201c4ae31f02616a54ccfc2d358bb0e5cefdec" [[package]] name = "glob" -version = "0.3.0" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" +checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" [[package]] name = "gloo-timers" -version = "0.2.5" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "98c4a8d6391675c6b2ee1a6c8d06e8e2d03605c44cec1270675985a4c2a5500b" +checksum = "9b995a66bb87bebce9a0f4a95aed01daca4872c050bfcb21653361c03bc35e5c" dependencies = [ "futures-channel", "futures-core", @@ -2260,7 +2262,7 @@ dependencies = [ "http", "indexmap", "slab", - "tokio 1.23.0", + "tokio 1.24.2", "tokio-util", "tracing", ] @@ -2315,7 +2317,7 @@ dependencies = [ "base64 0.13.1", "byteorder", "flate2", - "nom 7.1.2", + "nom 7.1.3", "num-traits", ] @@ -2456,7 +2458,7 @@ dependencies = [ "itoa", "pin-project-lite 0.2.9", "socket2", - "tokio 1.23.0", + "tokio 1.24.2", "tower-service", "tracing", "want", @@ -2470,7 +2472,7 @@ checksum = "bbb958482e8c7be4bc3cf272a766a2b0bf1a6755e7a6ae777f017a31d11b13b1" dependencies = [ "hyper", "pin-project-lite 0.2.9", - "tokio 1.23.0", + "tokio 1.24.2", "tokio-io-timeout", ] @@ -2549,7 +2551,7 @@ dependencies = [ "simplelog 0.9.0", "tokio 0.2.25", "tokio 0.3.7", - "tokio 1.23.0", + "tokio 1.24.2", "url", "xmltree", ] @@ -2661,9 +2663,9 @@ dependencies = [ [[package]] name = "ipnet" -version = "2.7.0" +version = "2.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "11b0d96e660696543b251e58030cf9787df56da39dab19ad60eae7353040917e" +checksum = "30e22bd8629359895450b59ea7a776c850561b96a3b1d31321c1949d9e6c9146" [[package]] name = "itertools" @@ -2796,7 +2798,7 @@ dependencies = [ "keyvaluedb", "keyvaluedb-shared-tests", "parking_lot 0.12.1", - "tokio 1.23.0", + "tokio 1.24.2", "wasm-bindgen-futures", "wasm-bindgen-test", ] @@ -2827,7 +2829,7 @@ dependencies = [ "rusqlite", "sysinfo", "tempfile", - "tokio 1.23.0", + "tokio 1.24.2", ] [[package]] @@ -2977,9 +2979,9 @@ dependencies = [ [[package]] name = "matches" -version = "0.1.9" +version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a3e378b66a060d48947b590737b30a1be76706c8dd7b8ba0f2fe3989c68a853f" +checksum = "2532096657941c2fea9c289d370a250971c689d4f143798ff67113ec042024a5" [[package]] name = "matchit" @@ -3183,7 +3185,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0df7ac00c4672f9d5aece54ee3347520b7e20f158656c7db2e6de01902eb7a6c" dependencies = [ "darling 0.13.4", - "proc-macro-crate 1.2.1", + "proc-macro-crate 1.3.0", "proc-macro2", "quote", "syn", @@ -3259,7 +3261,7 @@ dependencies = [ "log", "netlink-packet-core", "netlink-sys", - "tokio 1.23.0", + "tokio 1.24.2", ] [[package]] @@ -3271,7 +3273,7 @@ dependencies = [ "futures", "libc", "log", - "tokio 1.23.0", + "tokio 1.24.2", ] [[package]] @@ -3289,9 +3291,9 @@ dependencies = [ [[package]] name = "nix" -version = "0.26.1" +version = "0.26.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46a58d1d356c6597d08cde02c2f09d785b09e28711837b1ed667dc652c08a694" +checksum = "bfdda3d196821d6af13126e40375cdf7da646a96114af134d5f417a9a1dc8e1a" dependencies = [ "bitflags", "cfg-if 1.0.0", @@ -3323,14 +3325,23 @@ dependencies = [ [[package]] name = "nom" -version = "7.1.2" +version = "7.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e5507769c4919c998e69e49c839d9dc6e693ede4cc4290d6ad8b41d4f09c548c" +checksum = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a" dependencies = [ "memchr", "minimal-lexical", ] +[[package]] +name = "nom8" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae01545c9c7fc4486ab7debaf2aad7003ac19431791868fb2e8066df97fad2f8" +dependencies = [ + "memchr", +] + [[package]] name = "ntapi" version = "0.3.7" @@ -3386,9 +3397,9 @@ dependencies = [ [[package]] name = "num-complex" -version = "0.4.2" +version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ae39348c8bc5fbd7f40c727a9925f03517afd2ab27d46702108b6a7e5414c19" +checksum = "02e0d21255c828d6f128a1e41534206671e8c3ea0c62f32291e808dc82cff17d" dependencies = [ "num-traits", ] @@ -3447,20 +3458,20 @@ dependencies = [ [[package]] name = "num_enum" -version = "0.5.7" +version = "0.5.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf5395665662ef45796a4ff5486c5d41d29e0c09640af4c5f17fd94ee2c119c9" +checksum = "8d829733185c1ca374f17e52b762f24f535ec625d2cc1f070e34c8a9068f341b" dependencies = [ "num_enum_derive", ] [[package]] name = "num_enum_derive" -version = "0.5.7" +version = "0.5.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b0498641e53dd6ac1a4f22547548caa6864cc4933784319cd1775271c5a46ce" +checksum = "2be1598bf1c313dcdd12092e3f1920f463462525a21b7b4e11b4168353d0123e" dependencies = [ - "proc-macro-crate 1.2.1", + "proc-macro-crate 1.3.0", "proc-macro2", "quote", "syn", @@ -3477,9 +3488,9 @@ dependencies = [ [[package]] name = "object" -version = "0.30.0" +version = "0.30.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "239da7f290cfa979f43f85a8efeee9a8a76d0827c356d37f9d3d7254d6b537fb" +checksum = "ea86265d3d3dcb6a27fc51bd29a4bf387fae9d2986b823079d4986af253eb439" dependencies = [ "memchr", ] @@ -3528,7 +3539,7 @@ dependencies = [ "prost", "protobuf", "thiserror", - "tokio 1.23.0", + "tokio 1.24.2", "tonic", ] @@ -3592,7 +3603,7 @@ dependencies = [ "percent-encoding", "rand 0.8.5", "thiserror", - "tokio 1.23.0", + "tokio 1.24.2", "tokio-stream", ] @@ -3660,9 +3671,9 @@ dependencies = [ [[package]] name = "parity-scale-codec" -version = "3.2.1" +version = "3.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "366e44391a8af4cfd6002ef6ba072bae071a96aafca98d7d448a34c5dca38b6a" +checksum = "c3840933452adf7b3b9145e27086a5a3376c619dca1a21b1e5a5af0d54979bed" dependencies = [ "arrayvec", "bitvec", @@ -3674,11 +3685,11 @@ dependencies = [ [[package]] name = "parity-scale-codec-derive" -version = "3.1.3" +version = "3.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9299338969a3d2f491d65f140b00ddec470858402f888af98e8642fb5e8965cd" +checksum = "86b26a931f824dd4eca30b3e43bb4f31cd5f0d3a403c5f5ff27106b805bfde7b" dependencies = [ - "proc-macro-crate 1.2.1", + "proc-macro-crate 1.3.0", "proc-macro2", "quote", "syn", @@ -3708,7 +3719,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" dependencies = [ "lock_api", - "parking_lot_core 0.9.5", + "parking_lot_core 0.9.6", ] [[package]] @@ -3727,9 +3738,9 @@ dependencies = [ [[package]] name = "parking_lot_core" -version = "0.9.5" +version = "0.9.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ff9f3fef3968a3ec5945535ed654cb38ff72d7495a25619e2247fb15a2ed9ba" +checksum = "ba1ef8814b5c993410bb3adfad7a5ed269563e4a2f90c41f5d85be7fb47133bf" dependencies = [ "cfg-if 1.0.0", "libc", @@ -3764,9 +3775,9 @@ checksum = "478c572c3d73181ff3c2539045f6eb99e5491218eae919370993b890cdbdd98e" [[package]] name = "pest" -version = "2.5.2" +version = "2.5.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0f6e86fb9e7026527a0d46bc308b841d73170ef8f443e1807f6ef88526a816d4" +checksum = "4ab62d2fa33726dbe6321cc97ef96d8cde531e3eeaf858a058de53a8a6d40d8f" dependencies = [ "thiserror", "ucd-trie", @@ -3774,9 +3785,9 @@ dependencies = [ [[package]] name = "pest_derive" -version = "2.5.2" +version = "2.5.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "96504449aa860c8dcde14f9fba5c58dc6658688ca1fe363589d6327b8662c603" +checksum = "8bf026e2d0581559db66d837fe5242320f525d85c76283c61f4d51a1238d65ea" dependencies = [ "pest", "pest_generator", @@ -3784,9 +3795,9 @@ dependencies = [ [[package]] name = "pest_generator" -version = "2.5.2" +version = "2.5.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "798e0220d1111ae63d66cb66a5dcb3fc2d986d520b98e49e1852bfdb11d7c5e7" +checksum = "2b27bd18aa01d91c8ed2b61ea23406a676b42d82609c6e2581fba42f0c15f17f" dependencies = [ "pest", "pest_meta", @@ -3797,13 +3808,13 @@ dependencies = [ [[package]] name = "pest_meta" -version = "2.5.2" +version = "2.5.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "984298b75898e30a843e278a9f2452c31e349a073a0ce6fd950a12a74464e065" +checksum = "9f02b677c1859756359fc9983c2e56a0237f18624a3789528804406b7e915e5d" dependencies = [ "once_cell", "pest", - "sha1 0.10.5", + "sha2 0.10.6", ] [[package]] @@ -3951,9 +3962,9 @@ checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" [[package]] name = "prettyplease" -version = "0.1.22" +version = "0.1.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2c8992a85d8e93a28bdf76137db888d3874e3b230dee5ed8bebac4c9f7617773" +checksum = "e97e3215779627f01ee256d2fad52f3d95e8e1c11e9fc6fd08f7cd455d5d5c78" dependencies = [ "proc-macro2", "syn", @@ -3983,13 +3994,12 @@ dependencies = [ [[package]] name = "proc-macro-crate" -version = "1.2.1" +version = "1.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eda0fc3b0fb7c975631757e14d9049da17374063edb6ebbcbc54d880d4fe94e9" +checksum = "66618389e4ec1c7afe67d51a9bf34ff9236480f8d51e7489b7d5ab0303c13f34" dependencies = [ "once_cell", - "thiserror", - "toml", + "toml_edit", ] [[package]] @@ -4024,18 +4034,18 @@ checksum = "dc375e1527247fe1a97d8b7156678dfe7c1af2fc075c9a4db3690ecd2a148068" [[package]] name = "proc-macro2" -version = "1.0.49" +version = "1.0.50" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57a8eca9f9c4ffde41714334dee777596264c7825420f521abc92b5b5deb63a5" +checksum = "6ef7d57beacfaf2d8aee5937dab7b7f28de3cb8b1828479bb5de2a7106f2bae2" dependencies = [ "unicode-ident", ] [[package]] name = "prost" -version = "0.11.5" +version = "0.11.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c01db6702aa05baa3f57dec92b8eeeeb4cb19e894e73996b32a4093289e54592" +checksum = "21dc42e00223fc37204bd4aa177e69420c604ca4a183209a8f9de30c6d934698" dependencies = [ "bytes 1.3.0", "prost-derive", @@ -4043,9 +4053,9 @@ dependencies = [ [[package]] name = "prost-build" -version = "0.11.5" +version = "0.11.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb5320c680de74ba083512704acb90fe00f28f79207286a848e730c45dd73ed6" +checksum = "a3f8ad728fb08fe212df3c05169e940fbb6d9d16a877ddde14644a983ba2012e" dependencies = [ "bytes 1.3.0", "heck", @@ -4065,9 +4075,9 @@ dependencies = [ [[package]] name = "prost-derive" -version = "0.11.5" +version = "0.11.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8842bad1a5419bca14eac663ba798f6bc19c413c2fdceb5f3ba3b0932d96720" +checksum = "8bda8c0881ea9f722eb9629376db3d0b903b462477c1aafcb0566610ac28ac5d" dependencies = [ "anyhow", "itertools", @@ -4078,9 +4088,9 @@ dependencies = [ [[package]] name = "prost-types" -version = "0.11.5" +version = "0.11.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "017f79637768cde62820bc2d4fe0e45daaa027755c323ad077767c6c5f173091" +checksum = "a5e0526209433e96d83d750dd81a99118edbc55739e7e61a46764fd2ad537788" dependencies = [ "bytes 1.3.0", "prost", @@ -4225,9 +4235,9 @@ dependencies = [ [[package]] name = "rayon-core" -version = "1.10.1" +version = "1.10.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cac410af5d00ab6884528b4ab69d1e8e146e8d471201800fa1b4524126de6ad3" +checksum = "356a0625f1954f730c0201cdab48611198dc6ce21f4acff55089b5a78e6e835b" dependencies = [ "crossbeam-channel", "crossbeam-deque", @@ -4257,9 +4267,9 @@ dependencies = [ [[package]] name = "regex" -version = "1.7.0" +version = "1.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e076559ef8e241f2ae3479e36f97bd5741c0330689e217ad51ce2c76808b868a" +checksum = "48aaa5748ba571fb95cd2c85c09f629215d3a6ece942baa100950af03a34f733" dependencies = [ "aho-corasick", "memchr", @@ -4391,7 +4401,7 @@ dependencies = [ "netlink-proto", "nix 0.22.3", "thiserror", - "tokio 1.23.0", + "tokio 1.24.2", ] [[package]] @@ -4572,7 +4582,7 @@ dependencies = [ "num", "rand 0.8.5", "serde", - "sha2", + "sha2 0.9.9", "zbus", "zbus_macros", "zvariant", @@ -4581,9 +4591,9 @@ dependencies = [ [[package]] name = "security-framework" -version = "2.7.0" +version = "2.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2bc1bb97804af6631813c55739f771071e0f2ed33ee20b68c86ec505d906356c" +checksum = "a332be01508d814fed64bf28f798a146d73792121129962fdf335bb3c49a4254" dependencies = [ "bitflags", "core-foundation 0.9.3", @@ -4594,9 +4604,9 @@ dependencies = [ [[package]] name = "security-framework-sys" -version = "2.6.1" +version = "2.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0160a13a177a45bfb43ce71c01580998474f556ad854dcbca936dd2841a5c556" +checksum = "31c9bb296072e961fcbd8853511dd39c2d8be2deb1e17c6860b1d30732b323b4" dependencies = [ "core-foundation-sys 0.8.3", "libc", @@ -4707,9 +4717,9 @@ dependencies = [ [[package]] name = "serde_yaml" -version = "0.9.16" +version = "0.9.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "92b5b431e8907b50339b51223b97d102db8d987ced36f6e4d03621db9316c834" +checksum = "8fb06d4b6cdaef0e0c51fa881acb721bed3c924cfaa71d9c94a3b771dfdf6567" dependencies = [ "indexmap", "itoa", @@ -4795,6 +4805,17 @@ dependencies = [ "opaque-debug", ] +[[package]] +name = "sha2" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" +dependencies = [ + "cfg-if 1.0.0", + "cpufeatures", + "digest 0.10.6", +] + [[package]] name = "sharded-slab" version = "0.1.4" @@ -5073,9 +5094,9 @@ dependencies = [ [[package]] name = "sysinfo" -version = "0.27.2" +version = "0.27.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "17351d0e9eb8841897b14e9669378f3c69fb57779cc04f8ca9a9d512edfb2563" +checksum = "975fe381e0ecba475d4acff52466906d95b153a40324956552e027b2a9eaa89e" dependencies = [ "cfg-if 1.0.0", "core-foundation-sys 0.8.3", @@ -5301,9 +5322,9 @@ dependencies = [ [[package]] name = "tokio" -version = "1.23.0" +version = "1.24.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eab6d665857cc6ca78d6e80303a02cea7a7851e85dfbd77cbdc09bd129f1ef46" +checksum = "597a12a59981d9e3c38d216785b0c37399f6e415e8d0712047620f189371b0bb" dependencies = [ "autocfg", "bytes 1.3.0", @@ -5327,7 +5348,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "30b74022ada614a1b4834de765f9bb43877f910cc8ce4be40e89042c9223a8bf" dependencies = [ "pin-project-lite 0.2.9", - "tokio 1.23.0", + "tokio 1.24.2", ] [[package]] @@ -5349,7 +5370,7 @@ checksum = "d660770404473ccd7bc9f8b28494a811bc18542b915c0855c51e8f419d5223ce" dependencies = [ "futures-core", "pin-project-lite 0.2.9", - "tokio 1.23.0", + "tokio 1.24.2", ] [[package]] @@ -5363,19 +5384,36 @@ dependencies = [ "futures-io", "futures-sink", "pin-project-lite 0.2.9", - "tokio 1.23.0", + "tokio 1.24.2", "tracing", ] [[package]] name = "toml" -version = "0.5.10" +version = "0.5.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1333c76748e868a4d9d1017b5ab53171dfd095f70c712fdb4653a406547f598f" +checksum = "f4f7f0dd8d50a853a531c426359045b1998f04219d88799810762cd4ad314234" dependencies = [ "serde", ] +[[package]] +name = "toml_datetime" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4553f467ac8e3d374bc9a177a26801e5d0f9b211aa1673fb137a403afd1c9cf5" + +[[package]] +name = "toml_edit" +version = "0.18.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56c59d8dd7d0dcbc6428bf7aa2f0e823e26e43b3c9aca15bbc9475d23e5fa12b" +dependencies = [ + "indexmap", + "nom8", + "toml_datetime", +] + [[package]] name = "tonic" version = "0.8.3" @@ -5398,7 +5436,7 @@ dependencies = [ "pin-project 1.0.12", "prost", "prost-derive", - "tokio 1.23.0", + "tokio 1.24.2", "tokio-stream", "tokio-util", "tower", @@ -5434,7 +5472,7 @@ dependencies = [ "pin-project-lite 0.2.9", "rand 0.8.5", "slab", - "tokio 1.23.0", + "tokio 1.24.2", "tokio-util", "tower-layer", "tower-service", @@ -5638,7 +5676,7 @@ dependencies = [ "smallvec", "thiserror", "tinyvec", - "tokio 1.23.0", + "tokio 1.24.2", "tracing", "url", ] @@ -5658,16 +5696,16 @@ dependencies = [ "resolv-conf", "smallvec", "thiserror", - "tokio 1.23.0", + "tokio 1.24.2", "tracing", "trust-dns-proto", ] [[package]] name = "try-lock" -version = "0.2.3" +version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "59547bce71d9c38b83d9c0e92b6066c4253371f15005def0c30d9657f50c7642" +checksum = "3528ecfd12c466c6f163363caf2d02a71161dd5e1cc6ae7b34207ea2d42d81ed" [[package]] name = "tungstenite" @@ -5733,9 +5771,9 @@ dependencies = [ [[package]] name = "unicode-bidi" -version = "0.3.8" +version = "0.3.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "099b7128301d285f79ddd55b9a83d5e6b9e97c92e0ea0daebee7263e932de992" +checksum = "d54675592c1dbefd78cbd98db9bacd89886e1ca50692a0692baefffdeb92dd58" [[package]] name = "unicode-ident" @@ -5872,7 +5910,7 @@ dependencies = [ "serde_derive", "serial_test", "thiserror", - "tokio 1.23.0", + "tokio 1.24.2", "tokio-util", "veilid-core", ] @@ -5928,7 +5966,7 @@ dependencies = [ "maplit", "ndk", "ndk-glue", - "nix 0.26.1", + "nix 0.26.2", "once_cell", "owning_ref", "owo-colors", @@ -5951,7 +5989,7 @@ dependencies = [ "static_assertions", "stop-token", "thiserror", - "tokio 1.23.0", + "tokio 1.24.2", "tokio-stream", "tokio-util", "tracing", @@ -5996,7 +6034,7 @@ dependencies = [ "parking_lot 0.12.1", "serde", "serde_json", - "tokio 1.23.0", + "tokio 1.24.2", "tokio-stream", "tokio-util", "tracing", @@ -6030,7 +6068,7 @@ dependencies = [ "hostname", "json", "lazy_static", - "nix 0.26.1", + "nix 0.26.2", "opentelemetry", "opentelemetry-otlp", "opentelemetry-semantic-conventions", @@ -6043,7 +6081,7 @@ dependencies = [ "signal-hook", "signal-hook-async-std", "stop-token", - "tokio 1.23.0", + "tokio 1.24.2", "tokio-stream", "tokio-util", "tracing", @@ -6078,7 +6116,7 @@ dependencies = [ "maplit", "ndk", "ndk-glue", - "nix 0.26.1", + "nix 0.26.2", "once_cell", "oslog", "owo-colors", @@ -6092,7 +6130,7 @@ dependencies = [ "static_assertions", "stop-token", "thiserror", - "tokio 1.23.0", + "tokio 1.24.2", "tokio-util", "tracing", "tracing-oslog", @@ -6360,9 +6398,9 @@ dependencies = [ [[package]] name = "which" -version = "4.3.0" +version = "4.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c831fbbee9e129a8cf93e7747a82da9d95ba8e16621cae60ec2cdc849bacb7b" +checksum = "2441c784c52b289a054b7201fc93253e288f094e2f4be9058343127c4226a269" dependencies = [ "either", "libc", @@ -6485,19 +6523,19 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5a3e1820f08b8513f676f7ab6c1f99ff312fb97b553d30ff4dd86f9f15728aa7" dependencies = [ "windows_aarch64_gnullvm", - "windows_aarch64_msvc 0.42.0", - "windows_i686_gnu 0.42.0", - "windows_i686_msvc 0.42.0", - "windows_x86_64_gnu 0.42.0", + "windows_aarch64_msvc 0.42.1", + "windows_i686_gnu 0.42.1", + "windows_i686_msvc 0.42.1", + "windows_x86_64_gnu 0.42.1", "windows_x86_64_gnullvm", - "windows_x86_64_msvc 0.42.0", + "windows_x86_64_msvc 0.42.1", ] [[package]] name = "windows_aarch64_gnullvm" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41d2aa71f6f0cbe00ae5167d90ef3cfe66527d6f613ca78ac8024c3ccab9a19e" +checksum = "8c9864e83243fdec7fc9c5444389dcbbfd258f745e7853198f365e3c4968a608" [[package]] name = "windows_aarch64_msvc" @@ -6513,9 +6551,9 @@ checksum = "b12add87e2fb192fff3f4f7e4342b3694785d79f3a64e2c20d5ceb5ccbcfc3cd" [[package]] name = "windows_aarch64_msvc" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd0f252f5a35cac83d6311b2e795981f5ee6e67eb1f9a7f64eb4500fbc4dcdb4" +checksum = "4c8b1b673ffc16c47a9ff48570a9d85e25d265735c503681332589af6253c6c7" [[package]] name = "windows_i686_gnu" @@ -6531,9 +6569,9 @@ checksum = "4c98f2db372c23965c5e0f43896a8f0316dc0fbe48d1aa65bea9bdd295d43c15" [[package]] name = "windows_i686_gnu" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fbeae19f6716841636c28d695375df17562ca208b2b7d0dc47635a50ae6c5de7" +checksum = "de3887528ad530ba7bdbb1faa8275ec7a1155a45ffa57c37993960277145d640" [[package]] name = "windows_i686_msvc" @@ -6549,9 +6587,9 @@ checksum = "cdf0569be0f2863ab6a12a6ba841fcfa7d107cbc7545a3ebd57685330db0a3ff" [[package]] name = "windows_i686_msvc" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "84c12f65daa39dd2babe6e442988fc329d6243fdce47d7d2d155b8d874862246" +checksum = "bf4d1122317eddd6ff351aa852118a2418ad4214e6613a50e0191f7004372605" [[package]] name = "windows_x86_64_gnu" @@ -6567,15 +6605,15 @@ checksum = "905858262c8380a36f32cb8c1990d7e7c3b7a8170e58ed9a98ca6d940b7ea9f1" [[package]] name = "windows_x86_64_gnu" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf7b1b21b5362cbc318f686150e5bcea75ecedc74dd157d874d754a2ca44b0ed" +checksum = "c1040f221285e17ebccbc2591ffdc2d44ee1f9186324dd3e84e99ac68d699c45" [[package]] name = "windows_x86_64_gnullvm" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09d525d2ba30eeb3297665bd434a54297e4170c7f1a44cad4ef58095b4cd2028" +checksum = "628bfdf232daa22b0d64fdb62b09fcc36bb01f05a3939e20ab73aaf9470d0463" [[package]] name = "windows_x86_64_msvc" @@ -6591,9 +6629,9 @@ checksum = "890c3c6341d441ffb38f705f47196e3665dc6dd79f6d72fa185d937326730561" [[package]] name = "windows_x86_64_msvc" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f40009d85759725a34da6d89a94e63d7bdc50a862acf0dbc7c8e488f1edcb6f5" +checksum = "447660ad36a13288b1db4d4248e857b510e8c3a225c822ba4fb748c0aafecffd" [[package]] name = "winreg" @@ -6759,7 +6797,7 @@ version = "2.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e4ca5e22593eb4212382d60d26350065bf2a02c34b85bc850474a74b589a3de9" dependencies = [ - "proc-macro-crate 1.2.1", + "proc-macro-crate 1.3.0", "proc-macro2", "quote", "syn", diff --git a/veilid-core/Cargo.toml b/veilid-core/Cargo.toml index 78fccd45..ddb2d3f4 100644 --- a/veilid-core/Cargo.toml +++ b/veilid-core/Cargo.toml @@ -55,8 +55,8 @@ curve25519-dalek = { package = "curve25519-dalek-ng", version = "^4", default_fe # ed25519-dalek needs rand 0.7 until it updates itself rand = "0.7" # curve25519-dalek-ng is stuck on digest 0.9.0 -blake3 = { version = "1.1.0", default_features = false } digest = "0.9.0" +blake3 = { version = "1.1.0" } rtnetlink = { version = "^0", default-features = false, optional = true } async-std-resolver = { version = "^0", optional = true } trust-dns-resolver = { version = "^0", optional = true } diff --git a/veilid-core/src/crypto/envelope.rs b/veilid-core/src/crypto/envelope.rs index 7d0b6734..0c467d50 100644 --- a/veilid-core/src/crypto/envelope.rs +++ b/veilid-core/src/crypto/envelope.rs @@ -5,34 +5,38 @@ use crate::routing_table::VersionRange; use crate::*; use core::convert::TryInto; -// #[repr(C, packed)] -// struct EnvelopeHeader { -// // Size is at least 8 bytes. Depending on the version specified, the size may vary and should be case to the appropriate struct -// magic: [u8; 4], // 0x00: 0x56 0x4C 0x49 0x44 ("VLID") -// version: u8, // 0x04: 0 = EnvelopeV0 -// min_version: u8, // 0x05: 0 = EnvelopeV0 -// max_version: u8, // 0x06: 0 = EnvelopeV0 -// reserved: u8, // 0x07: Reserved for future use -// } - -// #[repr(C, packed)] -// struct EnvelopeV0 { -// // Size is 106 bytes. -// magic: [u8; 4], // 0x00: 0x56 0x4C 0x49 0x44 ("VLID") -// version: u8, // 0x04: 0 = EnvelopeV0 -// min_version: u8, // 0x05: 0 = EnvelopeV0 -// max_version: u8, // 0x06: 0 = EnvelopeV0 -// reserved: u8, // 0x07: Reserved for future use -// size: u16, // 0x08: Total size of the envelope including the encrypted operations message. Maximum size is 65,507 bytes, which is the data size limit for a single UDP message on IPv4. -// timestamp: u64, // 0x0A: Duration since UNIX_EPOCH in microseconds when this message is sent. Messages older than 10 seconds are dropped. -// nonce: [u8; 24], // 0x12: Random nonce for replay protection and for x25519 -// sender_id: [u8; 32], // 0x2A: Node ID of the message source, which is the Ed25519 public key of the sender (must be verified with find_node if this is a new node_id/address combination) -// recipient_id: [u8; 32], // 0x4A: Node ID of the intended recipient, which is the Ed25519 public key of the recipient (must be the receiving node, or a relay lease holder) -// // 0x6A: message is appended (operations) -// // encrypted by XChaCha20Poly1305(nonce,x25519(recipient_id, sender_secret_key)) -// signature: [u8; 64], // 0x?? (end-0x40): Ed25519 signature of the entire envelope including header is appended to the packet -// // entire header needs to be included in message digest, relays are not allowed to modify the envelope without invalidating the signature. -// } +/// Envelopes are versioned along with crypto versions +/// +/// These are the formats for the on-the-wire serialization performed by this module +/// +/// #[repr(C, packed)] +/// struct EnvelopeHeader { +/// // Size is at least 8 bytes. Depending on the version specified, the size may vary and should be case to the appropriate struct +/// magic: [u8; 4], // 0x00: 0x56 0x4C 0x49 0x44 ("VLID") +/// version: u8, // 0x04: 0 = EnvelopeV0 +/// min_version: u8, // 0x05: 0 = EnvelopeV0 +/// max_version: u8, // 0x06: 0 = EnvelopeV0 +/// reserved: u8, // 0x07: Reserved for future use +/// } +/// +/// #[repr(C, packed)] +/// struct EnvelopeV0 { +/// // Size is 106 bytes. +/// magic: [u8; 4], // 0x00: 0x56 0x4C 0x49 0x44 ("VLID") +/// version: u8, // 0x04: 0 = EnvelopeV0 +/// min_version: u8, // 0x05: 0 = EnvelopeV0 +/// max_version: u8, // 0x06: 0 = EnvelopeV0 +/// reserved: u8, // 0x07: Reserved for future use +/// size: u16, // 0x08: Total size of the envelope including the encrypted operations message. Maximum size is 65,507 bytes, which is the data size limit for a single UDP message on IPv4. +/// timestamp: u64, // 0x0A: Duration since UNIX_EPOCH in microseconds when this message is sent. Messages older than 10 seconds are dropped. +/// nonce: [u8; 24], // 0x12: Random nonce for replay protection and for x25519 +/// sender_id: [u8; 32], // 0x2A: Node ID of the message source, which is the Ed25519 public key of the sender (must be verified with find_node if this is a new node_id/address combination) +/// recipient_id: [u8; 32], // 0x4A: Node ID of the intended recipient, which is the Ed25519 public key of the recipient (must be the receiving node, or a relay lease holder) +/// // 0x6A: message is appended (operations) +/// // encrypted by XChaCha20Poly1305(nonce,x25519(recipient_id, sender_secret_key)) +/// signature: [u8; 64], // 0x?? (end-0x40): Ed25519 signature of the entire envelope including header is appended to the packet +/// // entire header needs to be included in message digest, relays are not allowed to modify the envelope without invalidating the signature. +/// } pub const MAX_ENVELOPE_SIZE: usize = 65507; pub const MIN_ENVELOPE_SIZE: usize = 0x6A + 0x40; // Header + Signature @@ -186,10 +190,12 @@ impl Envelope { node_id_secret: &DHTKeySecret, ) -> Result, VeilidAPIError> { // Get DH secret - let dh_secret = crypto.cached_dh(&self.sender_id, node_id_secret)?; + let vcrypto = crypto.get(self.version)?; + let dh_secret = vcrypto.cached_dh(&self.sender_id, node_id_secret)?; // Decrypt message without authentication - let body = Crypto::crypt_no_auth(&data[0x6A..data.len() - 64], &self.nonce, &dh_secret); + let body = + vcrypto.crypt_no_auth_aligned_8(&data[0x6A..data.len() - 64], &self.nonce, &dh_secret); Ok(body) } @@ -227,10 +233,11 @@ impl Envelope { data[0x4A..0x6A].copy_from_slice(&self.recipient_id.bytes); // Generate dh secret - let dh_secret = crypto.cached_dh(&self.recipient_id, node_id_secret)?; + let vcrypto = crypto.get(self.version)?; + let dh_secret = vcrypto.cached_dh(&self.recipient_id, node_id_secret)?; // Encrypt and authenticate message - let encrypted_body = Crypto::crypt_no_auth(body, &self.nonce, &dh_secret); + let encrypted_body = vcrypto.crypt_no_auth_aligned_8(body, &self.nonce, &dh_secret); // Write body if !encrypted_body.is_empty() { diff --git a/veilid-core/src/crypto/key.rs b/veilid-core/src/crypto/key.rs index 218ffcb8..3dae29bb 100644 --- a/veilid-core/src/crypto/key.rs +++ b/veilid-core/src/crypto/key.rs @@ -6,10 +6,7 @@ use core::fmt; use core::hash::Hash; use data_encoding::BASE64URL_NOPAD; -use digest::generic_array::typenum::U64; -use digest::{Digest, Output}; -use ed25519_dalek::{Keypair, PublicKey, Signature}; -use generic_array::GenericArray; + use rkyv::{Archive as RkyvArchive, Deserialize as RkyvDeserialize, Serialize as RkyvSerialize}; ////////////////////////////////////////////////////////////////////// @@ -225,165 +222,9 @@ macro_rules! byte_array_type { }; } +///////////////////////////////////////// + byte_array_type!(DHTKey, DHT_KEY_LENGTH); byte_array_type!(DHTKeySecret, DHT_KEY_SECRET_LENGTH); byte_array_type!(DHTSignature, DHT_SIGNATURE_LENGTH); byte_array_type!(DHTKeyDistance, DHT_KEY_LENGTH); - -///////////////////////////////////////// - -struct Blake3Digest512 { - dig: blake3::Hasher, -} - -impl Digest for Blake3Digest512 { - type OutputSize = U64; - - fn new() -> Self { - Self { - dig: blake3::Hasher::new(), - } - } - - fn update(&mut self, data: impl AsRef<[u8]>) { - self.dig.update(data.as_ref()); - } - - fn chain(mut self, data: impl AsRef<[u8]>) -> Self - where - Self: Sized, - { - self.update(data); - self - } - - fn finalize(self) -> Output { - let mut b = [0u8; 64]; - self.dig.finalize_xof().fill(&mut b); - let mut out = GenericArray::::default(); - for n in 0..64 { - out[n] = b[n]; - } - out - } - - fn finalize_reset(&mut self) -> Output { - let mut b = [0u8; 64]; - self.dig.finalize_xof().fill(&mut b); - let mut out = GenericArray::::default(); - for n in 0..64 { - out[n] = b[n]; - } - self.reset(); - out - } - - fn reset(&mut self) { - self.dig.reset(); - } - - fn output_size() -> usize { - 64 - } - - fn digest(data: &[u8]) -> Output { - let mut dig = blake3::Hasher::new(); - dig.update(data); - let mut b = [0u8; 64]; - dig.finalize_xof().fill(&mut b); - let mut out = GenericArray::::default(); - for n in 0..64 { - out[n] = b[n]; - } - out - } -} - -///////////////////////////////////////// - -pub fn generate_secret() -> (DHTKey, DHTKeySecret) { - let mut csprng = VeilidRng {}; - let keypair = Keypair::generate(&mut csprng); - let dht_key = DHTKey::new(keypair.public.to_bytes()); - let dht_key_secret = DHTKeySecret::new(keypair.secret.to_bytes()); - - (dht_key, dht_key_secret) -} - -pub fn sign( - dht_key: &DHTKey, - dht_key_secret: &DHTKeySecret, - data: &[u8], -) -> Result { - let mut kpb: [u8; DHT_KEY_SECRET_LENGTH + DHT_KEY_LENGTH] = - [0u8; DHT_KEY_SECRET_LENGTH + DHT_KEY_LENGTH]; - - kpb[..DHT_KEY_SECRET_LENGTH].copy_from_slice(&dht_key_secret.bytes); - kpb[DHT_KEY_SECRET_LENGTH..].copy_from_slice(&dht_key.bytes); - let keypair = Keypair::from_bytes(&kpb) - .map_err(|e| VeilidAPIError::parse_error("Keypair is invalid", e))?; - - let mut dig = Blake3Digest512::new(); - dig.update(data); - - let sig = keypair - .sign_prehashed(dig, None) - .map_err(VeilidAPIError::internal)?; - - let dht_sig = DHTSignature::new(sig.to_bytes()); - Ok(dht_sig) -} - -pub fn verify( - dht_key: &DHTKey, - data: &[u8], - signature: &DHTSignature, -) -> Result<(), VeilidAPIError> { - let pk = PublicKey::from_bytes(&dht_key.bytes) - .map_err(|e| VeilidAPIError::parse_error("Public key is invalid", e))?; - let sig = Signature::from_bytes(&signature.bytes) - .map_err(|e| VeilidAPIError::parse_error("Signature is invalid", e))?; - - let mut dig = Blake3Digest512::new(); - dig.update(data); - - pk.verify_prehashed(dig, None, &sig) - .map_err(|e| VeilidAPIError::parse_error("Verification failed", e))?; - Ok(()) -} - -pub fn generate_hash(data: &[u8]) -> DHTKey { - DHTKey::new(*blake3::hash(data).as_bytes()) -} - -pub fn validate_hash(data: &[u8], dht_key: &DHTKey) -> bool { - let bytes = *blake3::hash(data).as_bytes(); - - bytes == dht_key.bytes -} - -pub fn validate_key(dht_key: &DHTKey, dht_key_secret: &DHTKeySecret) -> bool { - let data = vec![0u8; 512]; - let sig = match sign(dht_key, dht_key_secret, &data) { - Ok(s) => s, - Err(_) => { - return false; - } - }; - verify(dht_key, &data, &sig).is_ok() -} - -pub fn distance(key1: &DHTKey, key2: &DHTKey) -> DHTKeyDistance { - let mut bytes = [0u8; DHT_KEY_LENGTH]; - - for (n, byte) in bytes.iter_mut().enumerate() { - *byte = key1.bytes[n] ^ key2.bytes[n]; - } - - DHTKeyDistance::new(bytes) -} - -#[allow(dead_code)] -pub fn sort_closest_fn(key: DHTKey) -> impl FnMut(&DHTKey, &DHTKey) -> std::cmp::Ordering { - move |k1, k2| distance(k1, &key).cmp(&distance(k2, &key)) -} diff --git a/veilid-core/src/crypto/mod.rs b/veilid-core/src/crypto/mod.rs index 104dd600..2efa3c30 100644 --- a/veilid-core/src/crypto/mod.rs +++ b/veilid-core/src/crypto/mod.rs @@ -3,35 +3,32 @@ mod key; mod receipt; mod value; +pub mod crypto_system; pub mod tests; +pub mod v0; +pub use crypto_system::*; pub use envelope::*; pub use key::*; pub use receipt::*; pub use value::*; -pub const MIN_CRYPTO_VERSION: u8 = 0u8; -pub const MAX_CRYPTO_VERSION: u8 = 0u8; +pub type CryptoVersion = u8; +pub const MIN_CRYPTO_VERSION: CryptoVersion = 0u8; +pub const MAX_CRYPTO_VERSION: CryptoVersion = 0u8; use crate::*; -use chacha20::cipher::{KeyIvInit, StreamCipher}; -use chacha20::XChaCha20; -use chacha20poly1305 as ch; -use chacha20poly1305::aead::{AeadInPlace, NewAead}; use core::convert::TryInto; -use curve25519_dalek as cd; -use ed25519_dalek as ed; use hashlink::linked_hash_map::Entry; use hashlink::LruCache; use serde::{Deserialize, Serialize}; -use x25519_dalek as xd; - pub type SharedSecret = [u8; 32]; pub type Nonce = [u8; 24]; -const DH_CACHE_SIZE: usize = 1024; -pub const AEAD_OVERHEAD: usize = 16; +pub type CryptoSystemVersion = Arc; + +const DH_CACHE_SIZE: usize = 4096; #[derive(Serialize, Deserialize, PartialEq, Eq, Hash)] struct DHCacheKey { @@ -79,6 +76,7 @@ struct CryptoInner { node_id_secret: DHTKeySecret, dh_cache: DHCache, flush_future: Option>, + crypto_v0: Option>, } #[derive(Clone)] @@ -95,14 +93,19 @@ impl Crypto { node_id_secret: Default::default(), dh_cache: DHCache::new(DH_CACHE_SIZE), flush_future: None, + crypto_v0: None, } } pub fn new(config: VeilidConfig, table_store: TableStore) -> Self { - Self { + let out = Self { config, inner: Arc::new(Mutex::new(Self::new_inner(table_store))), - } + }; + + out.inner.lock().crypto_v0 = Some(Arc::new(v0::CryptoV0System::new(out.clone()))); + + out } pub async fn init(&self) -> EyreResult<()> { @@ -180,24 +183,24 @@ impl Crypto { }; } - fn ed25519_to_x25519_pk(key: &ed::PublicKey) -> Result { - let bytes = key.to_bytes(); - let compressed = cd::edwards::CompressedEdwardsY(bytes); - let point = compressed - .decompress() - .ok_or_else(|| VeilidAPIError::internal("ed25519_to_x25519_pk failed"))?; - let mp = point.to_montgomery(); - Ok(xd::PublicKey::from(mp.to_bytes())) - } - fn ed25519_to_x25519_sk(key: &ed::SecretKey) -> Result { - let exp = ed::ExpandedSecretKey::from(key); - let bytes: [u8; ed::EXPANDED_SECRET_KEY_LENGTH] = exp.to_bytes(); - let lowbytes: [u8; 32] = bytes[0..32].try_into().map_err(VeilidAPIError::internal)?; - Ok(xd::StaticSecret::from(lowbytes)) + // Factory + fn get(&self, version: CryptoVersion) -> Result { + let inner = self.inner.lock(); + match version { + 0u8 => Ok(inner.crypto_v0.clone().unwrap()), + _ => Err(VeilidAPIError::InvalidArgument { + context: "Unsupported crypto version".to_owned(), + argument: "version".to_owned(), + value: format!("{}", version), + }), + } } - pub fn cached_dh( + // Internal utilities + + fn cached_dh_internal( &self, + vcrypto: &T, key: &DHTKey, secret: &DHTKeySecret, ) -> Result { @@ -208,111 +211,11 @@ impl Crypto { }) { Entry::Occupied(e) => e.get().shared_secret, Entry::Vacant(e) => { - let shared_secret = Self::compute_dh(key, secret)?; + let shared_secret = vcrypto.compute_dh(key, secret)?; e.insert(DHCacheValue { shared_secret }); shared_secret } }, ) } - - /////////// - // These are safe to use regardless of initialization status - - pub fn compute_dh(key: &DHTKey, secret: &DHTKeySecret) -> Result { - let pk_ed = ed::PublicKey::from_bytes(&key.bytes).map_err(VeilidAPIError::internal)?; - let pk_xd = Self::ed25519_to_x25519_pk(&pk_ed)?; - let sk_ed = ed::SecretKey::from_bytes(&secret.bytes).map_err(VeilidAPIError::internal)?; - let sk_xd = Self::ed25519_to_x25519_sk(&sk_ed)?; - Ok(sk_xd.diffie_hellman(&pk_xd).to_bytes()) - } - - pub fn get_random_nonce() -> Nonce { - let mut nonce = [0u8; 24]; - random_bytes(&mut nonce).unwrap(); - nonce - } - - pub fn get_random_secret() -> SharedSecret { - let mut s = [0u8; 32]; - random_bytes(&mut s).unwrap(); - s - } - - pub fn decrypt_in_place_aead( - body: &mut Vec, - nonce: &Nonce, - shared_secret: &SharedSecret, - associated_data: Option<&[u8]>, - ) -> Result<(), VeilidAPIError> { - let key = ch::Key::from(*shared_secret); - let xnonce = ch::XNonce::from(*nonce); - let aead = ch::XChaCha20Poly1305::new(&key); - aead.decrypt_in_place(&xnonce, associated_data.unwrap_or(b""), body) - .map_err(map_to_string) - .map_err(VeilidAPIError::generic) - } - - pub fn decrypt_aead( - body: &[u8], - nonce: &Nonce, - shared_secret: &SharedSecret, - associated_data: Option<&[u8]>, - ) -> Result, VeilidAPIError> { - let mut out = body.to_vec(); - Self::decrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data) - .map_err(map_to_string) - .map_err(VeilidAPIError::generic)?; - Ok(out) - } - - pub fn encrypt_in_place_aead( - body: &mut Vec, - nonce: &Nonce, - shared_secret: &SharedSecret, - associated_data: Option<&[u8]>, - ) -> Result<(), VeilidAPIError> { - let key = ch::Key::from(*shared_secret); - let xnonce = ch::XNonce::from(*nonce); - let aead = ch::XChaCha20Poly1305::new(&key); - - aead.encrypt_in_place(&xnonce, associated_data.unwrap_or(b""), body) - .map_err(map_to_string) - .map_err(VeilidAPIError::generic) - } - - pub fn encrypt_aead( - body: &[u8], - nonce: &Nonce, - shared_secret: &SharedSecret, - associated_data: Option<&[u8]>, - ) -> Result, VeilidAPIError> { - let mut out = body.to_vec(); - Self::encrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data) - .map_err(map_to_string) - .map_err(VeilidAPIError::generic)?; - Ok(out) - } - - pub fn crypt_in_place_no_auth(body: &mut Vec, nonce: &Nonce, shared_secret: &SharedSecret) { - let mut cipher = XChaCha20::new(shared_secret.into(), nonce.into()); - cipher.apply_keystream(body); - } - - pub fn crypt_b2b_no_auth( - in_buf: &[u8], - nonce: &Nonce, - shared_secret: &SharedSecret, - ) -> Vec { - let mut cipher = XChaCha20::new(shared_secret.into(), nonce.into()); - // Allocate uninitialized memory, aligned to 8 byte boundary because capnp is faster this way - // and the Vec returned here will be used to hold decrypted rpc messages - let mut out_buf = unsafe { aligned_8_u8_vec_uninit(in_buf.len()) }; - cipher.apply_keystream_b2b(in_buf, &mut out_buf).unwrap(); - out_buf - } - - pub fn crypt_no_auth(body: &[u8], nonce: &Nonce, shared_secret: &SharedSecret) -> Vec { - Self::crypt_b2b_no_auth(body, nonce, shared_secret) - } } diff --git a/veilid-core/src/crypto/receipt.rs b/veilid-core/src/crypto/receipt.rs index d59e5f36..1ce9cb55 100644 --- a/veilid-core/src/crypto/receipt.rs +++ b/veilid-core/src/crypto/receipt.rs @@ -5,26 +5,30 @@ use crate::*; use core::convert::TryInto; use data_encoding::BASE64URL_NOPAD; -// #[repr(C, packed)] -// struct ReceiptHeader { -// // Size is at least 8 bytes. Depending on the version specified, the size may vary and should be case to the appropriate struct -// magic: [u8; 4], // 0x00: 0x52 0x43 0x50 0x54 ("RCPT") -// version: u8, // 0x04: 0 = ReceiptV0 -// reserved: u8, // 0x05: Reserved for future use -// } - -// #[repr(C, packed)] -// struct ReceiptV0 { -// // Size is 106 bytes. -// magic: [u8; 4], // 0x00: 0x52 0x43 0x50 0x54 ("RCPT") -// version: u8, // 0x04: 0 = ReceiptV0 -// reserved: u8, // 0x05: Reserved for future use -// size: u16, // 0x06: Total size of the receipt including the extra data and the signature. Maximum size is 1152 bytes. -// nonce: [u8; 24], // 0x08: Randomly chosen bytes that represent a unique receipt. Could be used to encrypt the extra data, but it's not required. -// sender_id: [u8; 32], // 0x20: Node ID of the message source, which is the Ed25519 public key of the sender -// extra_data: [u8; ??], // 0x40: Extra data is appended (arbitrary extra data, not encrypted by receipt itself, maximum size is 1024 bytes) -// signature: [u8; 64], // 0x?? (end-0x40): Ed25519 signature of the entire receipt including header and extra data is appended to the packet -// } +/// Out-of-band receipts are versioned along with crypto versions +/// +/// These are the formats for the on-the-wire serialization performed by this module +/// +/// #[repr(C, packed)] +/// struct ReceiptHeader { +/// // Size is at least 8 bytes. Depending on the version specified, the size may vary and should be case to the appropriate struct +/// magic: [u8; 4], // 0x00: 0x52 0x43 0x50 0x54 ("RCPT") +/// version: u8, // 0x04: 0 = ReceiptV0 +/// reserved: u8, // 0x05: Reserved for future use +/// } +/// +/// #[repr(C, packed)] +/// struct ReceiptV0 { +/// // Size is 106 bytes. +/// magic: [u8; 4], // 0x00: 0x52 0x43 0x50 0x54 ("RCPT") +/// version: u8, // 0x04: 0 = ReceiptV0 +/// reserved: u8, // 0x05: Reserved for future use +/// size: u16, // 0x06: Total size of the receipt including the extra data and the signature. Maximum size is 1152 bytes. +/// nonce: [u8; 24], // 0x08: Randomly chosen bytes that represent a unique receipt. Could be used to encrypt the extra data, but it's not required. +/// sender_id: [u8; 32], // 0x20: Node ID of the message source, which is the Ed25519 public key of the sender +/// extra_data: [u8; ??], // 0x40: Extra data is appended (arbitrary extra data, not encrypted by receipt itself, maximum size is 1024 bytes) +/// signature: [u8; 64], // 0x?? (end-0x40): Ed25519 signature of the entire receipt including header and extra data is appended to the packet +/// } pub const MAX_RECEIPT_SIZE: usize = 1152; pub const MAX_EXTRA_DATA_SIZE: usize = 1024; diff --git a/veilid-core/src/crypto/tests/mod.rs b/veilid-core/src/crypto/tests/mod.rs index 3bd8e60f..c7546b3b 100644 --- a/veilid-core/src/crypto/tests/mod.rs +++ b/veilid-core/src/crypto/tests/mod.rs @@ -3,3 +3,19 @@ pub mod test_dht_key; pub mod test_envelope_receipt; use super::*; +use crate::tests::common::test_veilid_config::*; + +async fn crypto_tests_startup() -> VeilidAPI { + trace!("crypto_tests: starting"); + let (update_callback, config_callback) = setup_veilid_core(); + let api = api_startup(update_callback, config_callback) + .await + .expect("startup failed"); + api +} + +async fn crypto_tests_shutdown(api: VeilidAPI) { + trace!("crypto_tests: shutting down"); + api.shutdown().await; + trace!("crypto_tests: finished"); +} diff --git a/veilid-core/src/crypto/tests/test_crypto.rs b/veilid-core/src/crypto/tests/test_crypto.rs index 5710c8d9..a66de56f 100644 --- a/veilid-core/src/crypto/tests/test_crypto.rs +++ b/veilid-core/src/crypto/tests/test_crypto.rs @@ -1,37 +1,21 @@ use super::*; -use crate::tests::common::test_veilid_config::*; static LOREM_IPSUM:&[u8] = b"Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. "; -async fn startup() -> VeilidAPI { - trace!("test_table_store: starting"); - let (update_callback, config_callback) = setup_veilid_core(); - let api = api_startup(update_callback, config_callback) - .await - .expect("startup failed"); - api -} - -async fn shutdown(api: VeilidAPI) { - trace!("test_table_store: shutting down"); - api.shutdown().await; - trace!("test_table_store: finished"); -} - -pub async fn test_aead() { +pub async fn test_aead(vcrypto: CryptoSystemVersion) { trace!("test_aead"); - let n1 = Crypto::get_random_nonce(); + let n1 = vcrypto.random_nonce(); let n2 = loop { - let n = Crypto::get_random_nonce(); + let n = vcrypto.random_nonce(); if n != n1 { break n; } }; - let ss1 = Crypto::get_random_secret(); + let ss1 = vcrypto.random_shared_secret(); let ss2 = loop { - let ss = Crypto::get_random_secret(); + let ss = vcrypto.random_shared_secret(); if ss != ss1 { break ss; } @@ -41,67 +25,77 @@ pub async fn test_aead() { let body2 = body.clone(); let size_before_encrypt = body.len(); assert!( - Crypto::encrypt_in_place_aead(&mut body, &n1, &ss1, None).is_ok(), + vcrypto + .encrypt_in_place_aead(&mut body, &n1, &ss1, None) + .is_ok(), "encrypt should succeed" ); let size_after_encrypt = body.len(); assert!( - size_after_encrypt - size_before_encrypt == AEAD_OVERHEAD, + size_after_encrypt - size_before_encrypt == vcrypto.aead_overhead(), "overhead should match" ); let mut body3 = body.clone(); let mut body4 = body.clone(); let mut body5 = body.clone(); assert!( - Crypto::decrypt_in_place_aead(&mut body, &n1, &ss1, None).is_ok(), + vcrypto + .decrypt_in_place_aead(&mut body, &n1, &ss1, None) + .is_ok(), "decrypt should succeed" ); assert_eq!(body, body2, "results should be the same"); assert!( - Crypto::decrypt_in_place_aead(&mut body3, &n2, &ss1, None).is_err(), + vcrypto + .decrypt_in_place_aead(&mut body3, &n2, &ss1, None) + .is_err(), "decrypt with wrong nonce should fail" ); assert_ne!(body3, body, "failure changes data"); assert!( - Crypto::decrypt_in_place_aead(&mut body4, &n1, &ss2, None).is_err(), + vcrypto + .decrypt_in_place_aead(&mut body4, &n1, &ss2, None) + .is_err(), "decrypt with wrong secret should fail" ); assert_ne!(body4, body, "failure changes data"); assert!( - Crypto::decrypt_in_place_aead(&mut body5, &n1, &ss2, Some(b"foobar")).is_err(), + vcrypto + .decrypt_in_place_aead(&mut body5, &n1, &ss2, Some(b"foobar")) + .is_err(), "decrypt with wrong associated data should fail" ); assert_ne!(body5, body, "failure changes data"); assert!( - Crypto::decrypt_aead(LOREM_IPSUM, &n1, &ss1, None).is_err(), + vcrypto.decrypt_aead(LOREM_IPSUM, &n1, &ss1, None).is_err(), "should fail authentication" ); - let body5 = Crypto::encrypt_aead(LOREM_IPSUM, &n1, &ss1, None).unwrap(); - let body6 = Crypto::decrypt_aead(&body5, &n1, &ss1, None).unwrap(); - let body7 = Crypto::encrypt_aead(LOREM_IPSUM, &n1, &ss1, None).unwrap(); + let body5 = vcrypto.encrypt_aead(LOREM_IPSUM, &n1, &ss1, None).unwrap(); + let body6 = vcrypto.decrypt_aead(&body5, &n1, &ss1, None).unwrap(); + let body7 = vcrypto.encrypt_aead(LOREM_IPSUM, &n1, &ss1, None).unwrap(); assert_eq!(body6, LOREM_IPSUM); assert_eq!(body5, body7); } -pub async fn test_no_auth() { +pub async fn test_no_auth(vcrypto: CryptoSystemVersion) { trace!("test_no_auth"); - let n1 = Crypto::get_random_nonce(); + let n1 = vcrypto.random_nonce(); let n2 = loop { - let n = Crypto::get_random_nonce(); + let n = vcrypto.random_nonce(); if n != n1 { break n; } }; - let ss1 = Crypto::get_random_secret(); + let ss1 = vcrypto.random_shared_secret(); let ss2 = loop { - let ss = Crypto::get_random_secret(); + let ss = vcrypto.random_shared_secret(); if ss != ss1 { break ss; } @@ -110,7 +104,7 @@ pub async fn test_no_auth() { let mut body = LOREM_IPSUM.to_vec(); let body2 = body.clone(); let size_before_encrypt = body.len(); - Crypto::crypt_in_place_no_auth(&mut body, &n1, &ss1); + vcrypto.crypt_in_place_no_auth(&mut body, &n1, &ss1); let size_after_encrypt = body.len(); assert_eq!( @@ -120,41 +114,47 @@ pub async fn test_no_auth() { let mut body3 = body.clone(); let mut body4 = body.clone(); - Crypto::crypt_in_place_no_auth(&mut body, &n1, &ss1); + vcrypto.crypt_in_place_no_auth(&mut body, &n1, &ss1); assert_eq!(body, body2, "result after decrypt should be the same"); - Crypto::crypt_in_place_no_auth(&mut body3, &n2, &ss1); + vcrypto.crypt_in_place_no_auth(&mut body3, &n2, &ss1); assert_ne!(body3, body, "decrypt should not be equal with wrong nonce"); - Crypto::crypt_in_place_no_auth(&mut body4, &n1, &ss2); + vcrypto.crypt_in_place_no_auth(&mut body4, &n1, &ss2); assert_ne!(body4, body, "decrypt should not be equal with wrong secret"); - let body5 = Crypto::crypt_no_auth(LOREM_IPSUM, &n1, &ss1); - let body6 = Crypto::crypt_no_auth(&body5, &n1, &ss1); - let body7 = Crypto::crypt_no_auth(LOREM_IPSUM, &n1, &ss1); + let body5 = vcrypto.crypt_no_auth_unaligned(LOREM_IPSUM, &n1, &ss1); + let body6 = vcrypto.crypt_no_auth_unaligned(&body5, &n1, &ss1); + let body7 = vcrypto.crypt_no_auth_unaligned(LOREM_IPSUM, &n1, &ss1); + assert_eq!(body6, LOREM_IPSUM); + assert_eq!(body5, body7); + + let body5 = vcrypto.crypt_no_auth_aligned_8(LOREM_IPSUM, &n1, &ss1); + let body6 = vcrypto.crypt_no_auth_aligned_8(&body5, &n1, &ss1); + let body7 = vcrypto.crypt_no_auth_aligned_8(LOREM_IPSUM, &n1, &ss1); assert_eq!(body6, LOREM_IPSUM); assert_eq!(body5, body7); } -pub async fn test_dh(crypto: Crypto) { +pub async fn test_dh(vcrypto: CryptoSystemVersion) { trace!("test_dh"); - let (dht_key, dht_key_secret) = key::generate_secret(); - let (dht_key2, dht_key_secret2) = key::generate_secret(); + let (dht_key, dht_key_secret) = vcrypto.generate_keypair(); + let (dht_key2, dht_key_secret2) = vcrypto.generate_keypair(); - let r1 = Crypto::compute_dh(&dht_key, &dht_key_secret2).unwrap(); - let r2 = Crypto::compute_dh(&dht_key2, &dht_key_secret).unwrap(); - let r3 = Crypto::compute_dh(&dht_key, &dht_key_secret2).unwrap(); - let r4 = Crypto::compute_dh(&dht_key2, &dht_key_secret).unwrap(); + let r1 = vcrypto.compute_dh(&dht_key, &dht_key_secret2).unwrap(); + let r2 = vcrypto.compute_dh(&dht_key2, &dht_key_secret).unwrap(); + let r3 = vcrypto.compute_dh(&dht_key, &dht_key_secret2).unwrap(); + let r4 = vcrypto.compute_dh(&dht_key2, &dht_key_secret).unwrap(); assert_eq!(r1, r2); assert_eq!(r3, r4); assert_eq!(r2, r3); trace!("dh: {:?}", r1); // test cache - let r5 = crypto.cached_dh(&dht_key, &dht_key_secret2).unwrap(); - let r6 = crypto.cached_dh(&dht_key2, &dht_key_secret).unwrap(); - let r7 = crypto.cached_dh(&dht_key, &dht_key_secret2).unwrap(); - let r8 = crypto.cached_dh(&dht_key2, &dht_key_secret).unwrap(); + let r5 = vcrypto.cached_dh(&dht_key, &dht_key_secret2).unwrap(); + let r6 = vcrypto.cached_dh(&dht_key2, &dht_key_secret).unwrap(); + let r7 = vcrypto.cached_dh(&dht_key, &dht_key_secret2).unwrap(); + let r8 = vcrypto.cached_dh(&dht_key2, &dht_key_secret).unwrap(); assert_eq!(r1, r5); assert_eq!(r2, r6); assert_eq!(r3, r7); @@ -163,11 +163,17 @@ pub async fn test_dh(crypto: Crypto) { } pub async fn test_all() { - let api = startup().await; + let api = crypto_tests_startup().await; let crypto = api.crypto().unwrap(); - test_aead().await; - test_no_auth().await; - test_dh(crypto).await; - shutdown(api.clone()).await; + + // Test versions + for v in MIN_CRYPTO_VERSION..=MAX_CRYPTO_VERSION { + let vcrypto = crypto.get(v).unwrap(); + test_aead(vcrypto.clone()).await; + test_no_auth(vcrypto.clone()).await; + test_dh(vcrypto).await; + } + + crypto_tests_shutdown(api.clone()).await; assert!(api.is_shutdown()); } diff --git a/veilid-core/src/crypto/tests/test_dht_key.rs b/veilid-core/src/crypto/tests/test_dht_key.rs index 26526d7b..fb9d1260 100644 --- a/veilid-core/src/crypto/tests/test_dht_key.rs +++ b/veilid-core/src/crypto/tests/test_dht_key.rs @@ -8,10 +8,10 @@ static CHEEZBURGER: &str = "I can has cheezburger"; static EMPTY_KEY: [u8; key::DHT_KEY_LENGTH] = [0u8; key::DHT_KEY_LENGTH]; static EMPTY_KEY_SECRET: [u8; key::DHT_KEY_SECRET_LENGTH] = [0u8; key::DHT_KEY_SECRET_LENGTH]; -pub async fn test_generate_secret() { +pub async fn test_generate_secret(vcrypto: CryptoSystemVersion) { // Verify keys generate - let (dht_key, dht_key_secret) = key::generate_secret(); - let (dht_key2, dht_key_secret2) = key::generate_secret(); + let (dht_key, dht_key_secret) = vcrypto.generate_keypair(); + let (dht_key2, dht_key_secret2) = vcrypto.generate_keypair(); // Verify byte patterns are different between public and secret assert_ne!(dht_key.bytes, dht_key_secret.bytes); @@ -22,29 +22,45 @@ pub async fn test_generate_secret() { assert_ne!(dht_key_secret, dht_key_secret2); } -pub async fn test_sign_and_verify() { +pub async fn test_sign_and_verify(vcrypto: CryptoSystemVersion) { // Make two keys - let (dht_key, dht_key_secret) = key::generate_secret(); - let (dht_key2, dht_key_secret2) = key::generate_secret(); + let (dht_key, dht_key_secret) = vcrypto.generate_keypair(); + let (dht_key2, dht_key_secret2) = vcrypto.generate_keypair(); // Sign the same message twice - let dht_sig = key::sign(&dht_key, &dht_key_secret, LOREM_IPSUM.as_bytes()).unwrap(); + let dht_sig = vcrypto + .sign(&dht_key, &dht_key_secret, LOREM_IPSUM.as_bytes()) + .unwrap(); trace!("dht_sig: {:?}", dht_sig); - let dht_sig_b = key::sign(&dht_key, &dht_key_secret, LOREM_IPSUM.as_bytes()).unwrap(); + let dht_sig_b = vcrypto + .sign(&dht_key, &dht_key_secret, LOREM_IPSUM.as_bytes()) + .unwrap(); // Sign a second message - let dht_sig_c = key::sign(&dht_key, &dht_key_secret, CHEEZBURGER.as_bytes()).unwrap(); + let dht_sig_c = vcrypto + .sign(&dht_key, &dht_key_secret, CHEEZBURGER.as_bytes()) + .unwrap(); trace!("dht_sig_c: {:?}", dht_sig_c); // Verify they are the same signature assert_eq!(dht_sig, dht_sig_b); // Sign the same message with a different key - let dht_sig2 = key::sign(&dht_key2, &dht_key_secret2, LOREM_IPSUM.as_bytes()).unwrap(); + let dht_sig2 = vcrypto + .sign(&dht_key2, &dht_key_secret2, LOREM_IPSUM.as_bytes()) + .unwrap(); // Verify a different key gives a different signature assert_ne!(dht_sig2, dht_sig_b); // Try using the wrong secret to sign - let a1 = key::sign(&dht_key, &dht_key_secret, LOREM_IPSUM.as_bytes()).unwrap(); - let a2 = key::sign(&dht_key2, &dht_key_secret2, LOREM_IPSUM.as_bytes()).unwrap(); - let b1 = key::sign(&dht_key, &dht_key_secret2, LOREM_IPSUM.as_bytes()).unwrap(); - let b2 = key::sign(&dht_key2, &dht_key_secret, LOREM_IPSUM.as_bytes()).unwrap(); + let a1 = vcrypto + .sign(&dht_key, &dht_key_secret, LOREM_IPSUM.as_bytes()) + .unwrap(); + let a2 = vcrypto + .sign(&dht_key2, &dht_key_secret2, LOREM_IPSUM.as_bytes()) + .unwrap(); + let b1 = vcrypto + .sign(&dht_key, &dht_key_secret2, LOREM_IPSUM.as_bytes()) + .unwrap(); + let b2 = vcrypto + .sign(&dht_key2, &dht_key_secret, LOREM_IPSUM.as_bytes()) + .unwrap(); assert_ne!(a1, b1); assert_ne!(a2, b2); assert_ne!(a1, b2); @@ -54,36 +70,54 @@ pub async fn test_sign_and_verify() { assert_ne!(a1, b2); assert_ne!(b1, a2); - assert_eq!(key::verify(&dht_key, LOREM_IPSUM.as_bytes(), &a1), Ok(())); - assert_eq!(key::verify(&dht_key2, LOREM_IPSUM.as_bytes(), &a2), Ok(())); - assert!(key::verify(&dht_key, LOREM_IPSUM.as_bytes(), &b1).is_err()); - assert!(key::verify(&dht_key2, LOREM_IPSUM.as_bytes(), &b2).is_err()); + assert_eq!( + vcrypto.verify(&dht_key, LOREM_IPSUM.as_bytes(), &a1), + Ok(()) + ); + assert_eq!( + vcrypto.verify(&dht_key2, LOREM_IPSUM.as_bytes(), &a2), + Ok(()) + ); + assert!(vcrypto + .verify(&dht_key, LOREM_IPSUM.as_bytes(), &b1) + .is_err()); + assert!(vcrypto + .verify(&dht_key2, LOREM_IPSUM.as_bytes(), &b2) + .is_err()); // Try verifications that should work assert_eq!( - key::verify(&dht_key, LOREM_IPSUM.as_bytes(), &dht_sig), + vcrypto.verify(&dht_key, LOREM_IPSUM.as_bytes(), &dht_sig), Ok(()) ); assert_eq!( - key::verify(&dht_key, LOREM_IPSUM.as_bytes(), &dht_sig_b), + vcrypto.verify(&dht_key, LOREM_IPSUM.as_bytes(), &dht_sig_b), Ok(()) ); assert_eq!( - key::verify(&dht_key2, LOREM_IPSUM.as_bytes(), &dht_sig2), + vcrypto.verify(&dht_key2, LOREM_IPSUM.as_bytes(), &dht_sig2), Ok(()) ); assert_eq!( - key::verify(&dht_key, CHEEZBURGER.as_bytes(), &dht_sig_c), + vcrypto.verify(&dht_key, CHEEZBURGER.as_bytes(), &dht_sig_c), Ok(()) ); // Try verifications that shouldn't work - assert!(key::verify(&dht_key2, LOREM_IPSUM.as_bytes(), &dht_sig).is_err()); - assert!(key::verify(&dht_key, LOREM_IPSUM.as_bytes(), &dht_sig2).is_err()); - assert!(key::verify(&dht_key2, CHEEZBURGER.as_bytes(), &dht_sig_c).is_err()); - assert!(key::verify(&dht_key, CHEEZBURGER.as_bytes(), &dht_sig).is_err()); + assert!(vcrypto + .verify(&dht_key2, LOREM_IPSUM.as_bytes(), &dht_sig) + .is_err()); + assert!(vcrypto + .verify(&dht_key, LOREM_IPSUM.as_bytes(), &dht_sig2) + .is_err()); + assert!(vcrypto + .verify(&dht_key2, CHEEZBURGER.as_bytes(), &dht_sig_c) + .is_err()); + assert!(vcrypto + .verify(&dht_key, CHEEZBURGER.as_bytes(), &dht_sig) + .is_err()); } -pub async fn test_key_conversions() { +pub async fn test_key_conversions(vcrypto: CryptoSystemVersion) { // Test default key let (dht_key, dht_key_secret) = (key::DHTKey::default(), key::DHTKeySecret::default()); assert_eq!(dht_key.bytes, EMPTY_KEY); @@ -99,10 +133,10 @@ pub async fn test_key_conversions() { assert_eq!(dht_key_secret_string, dht_key_string); // Make different keys - let (dht_key2, dht_key_secret2) = key::generate_secret(); + let (dht_key2, dht_key_secret2) = vcrypto.generate_keypair(); trace!("dht_key2: {:?}", dht_key2); trace!("dht_key_secret2: {:?}", dht_key_secret2); - let (dht_key3, _dht_key_secret3) = key::generate_secret(); + let (dht_key3, _dht_key_secret3) = vcrypto.generate_keypair(); trace!("dht_key3: {:?}", dht_key3); trace!("_dht_key_secret3: {:?}", _dht_key_secret3); @@ -154,7 +188,7 @@ pub async fn test_key_conversions() { .is_err()); } -pub async fn test_encode_decode() { +pub async fn test_encode_decode(vcrypto: CryptoSystemVersion) { let dht_key = key::DHTKey::try_decode("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA").unwrap(); let dht_key_secret = key::DHTKeySecret::try_decode("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA").unwrap(); @@ -163,7 +197,7 @@ pub async fn test_encode_decode() { assert_eq!(dht_key, dht_key_b); assert_eq!(dht_key_secret, dht_key_secret_b); - let (dht_key2, dht_key_secret2) = key::generate_secret(); + let (dht_key2, dht_key_secret2) = vcrypto.generate_keypair(); let e1 = dht_key.encode(); trace!("e1: {:?}", e1); @@ -198,15 +232,15 @@ pub async fn test_encode_decode() { assert!(f2.is_err()); } -async fn test_hash() { +async fn test_hash(vcrypto: CryptoSystemVersion) { let mut s = BTreeSet::::new(); - let k1 = key::generate_hash("abc".as_bytes()); - let k2 = key::generate_hash("abcd".as_bytes()); - let k3 = key::generate_hash("".as_bytes()); - let k4 = key::generate_hash(" ".as_bytes()); - let k5 = key::generate_hash(LOREM_IPSUM.as_bytes()); - let k6 = key::generate_hash(CHEEZBURGER.as_bytes()); + let k1 = vcrypto.generate_hash("abc".as_bytes()); + let k2 = vcrypto.generate_hash("abcd".as_bytes()); + let k3 = vcrypto.generate_hash("".as_bytes()); + let k4 = vcrypto.generate_hash(" ".as_bytes()); + let k5 = vcrypto.generate_hash(LOREM_IPSUM.as_bytes()); + let k6 = vcrypto.generate_hash(CHEEZBURGER.as_bytes()); s.insert(k1); s.insert(k2); @@ -216,12 +250,12 @@ async fn test_hash() { s.insert(k6); assert_eq!(s.len(), 6); - let v1 = key::generate_hash("abc".as_bytes()); - let v2 = key::generate_hash("abcd".as_bytes()); - let v3 = key::generate_hash("".as_bytes()); - let v4 = key::generate_hash(" ".as_bytes()); - let v5 = key::generate_hash(LOREM_IPSUM.as_bytes()); - let v6 = key::generate_hash(CHEEZBURGER.as_bytes()); + let v1 = vcrypto.generate_hash("abc".as_bytes()); + let v2 = vcrypto.generate_hash("abcd".as_bytes()); + let v3 = vcrypto.generate_hash("".as_bytes()); + let v4 = vcrypto.generate_hash(" ".as_bytes()); + let v5 = vcrypto.generate_hash(LOREM_IPSUM.as_bytes()); + let v6 = vcrypto.generate_hash(CHEEZBURGER.as_bytes()); assert_eq!(k1, v1); assert_eq!(k2, v2); @@ -230,24 +264,24 @@ async fn test_hash() { assert_eq!(k5, v5); assert_eq!(k6, v6); - key::validate_hash("abc".as_bytes(), &v1); - key::validate_hash("abcd".as_bytes(), &v2); - key::validate_hash("".as_bytes(), &v3); - key::validate_hash(" ".as_bytes(), &v4); - key::validate_hash(LOREM_IPSUM.as_bytes(), &v5); - key::validate_hash(CHEEZBURGER.as_bytes(), &v6); + vcrypto.validate_hash("abc".as_bytes(), &v1); + vcrypto.validate_hash("abcd".as_bytes(), &v2); + vcrypto.validate_hash("".as_bytes(), &v3); + vcrypto.validate_hash(" ".as_bytes(), &v4); + vcrypto.validate_hash(LOREM_IPSUM.as_bytes(), &v5); + vcrypto.validate_hash(CHEEZBURGER.as_bytes(), &v6); } -async fn test_operations() { - let k1 = key::generate_hash(LOREM_IPSUM.as_bytes()); - let k2 = key::generate_hash(CHEEZBURGER.as_bytes()); - let k3 = key::generate_hash("abc".as_bytes()); +async fn test_operations(vcrypto: CryptoSystemVersion) { + let k1 = vcrypto.generate_hash(LOREM_IPSUM.as_bytes()); + let k2 = vcrypto.generate_hash(CHEEZBURGER.as_bytes()); + let k3 = vcrypto.generate_hash("abc".as_bytes()); // Get distance - let d1 = key::distance(&k1, &k2); - let d2 = key::distance(&k2, &k1); - let d3 = key::distance(&k1, &k3); - let d4 = key::distance(&k2, &k3); + let d1 = vcrypto.distance(&k1, &k2); + let d2 = vcrypto.distance(&k2, &k1); + let d3 = vcrypto.distance(&k1, &k3); + let d4 = vcrypto.distance(&k2, &k3); trace!("d1={:?}", d1); trace!("d2={:?}", d2); @@ -295,10 +329,21 @@ async fn test_operations() { } pub async fn test_all() { - test_generate_secret().await; - test_sign_and_verify().await; - test_key_conversions().await; - test_encode_decode().await; - test_hash().await; - test_operations().await; + let api = crypto_tests_startup().await; + let crypto = api.crypto().unwrap(); + + // Test versions + for v in MIN_CRYPTO_VERSION..=MAX_CRYPTO_VERSION { + let vcrypto = crypto.get(v).unwrap(); + + test_generate_secret(vcrypto.clone()).await; + test_sign_and_verify(vcrypto.clone()).await; + test_key_conversions(vcrypto.clone()).await; + test_encode_decode(vcrypto.clone()).await; + test_hash(vcrypto.clone()).await; + test_operations(vcrypto).await; + } + + crypto_tests_shutdown(api.clone()).await; + assert!(api.is_shutdown()); } diff --git a/veilid-core/src/crypto/tests/test_envelope_receipt.rs b/veilid-core/src/crypto/tests/test_envelope_receipt.rs index a5b2e45e..89333554 100644 --- a/veilid-core/src/crypto/tests/test_envelope_receipt.rs +++ b/veilid-core/src/crypto/tests/test_envelope_receipt.rs @@ -1,29 +1,21 @@ use super::*; -use crate::tests::common::test_veilid_config::*; -pub async fn test_envelope_round_trip() { +pub async fn test_envelope_round_trip(vcrypto: CryptoSystemVersion) { info!("--- test envelope round trip ---"); - let (update_callback, config_callback) = setup_veilid_core(); - let api = api_startup(update_callback, config_callback) - .await - .expect("startup failed"); - - // Get crypto - let crypto = api.crypto().unwrap(); // Create envelope let ts = Timestamp::from(0x12345678ABCDEF69u64); - let nonce = Crypto::get_random_nonce(); - let (sender_id, sender_secret) = generate_secret(); - let (recipient_id, recipient_secret) = generate_secret(); - let envelope = Envelope::new(0, ts, nonce, sender_id, recipient_id); + let nonce = vcrypto.random_nonce(); + let (sender_id, sender_secret) = vcrypto.generate_keypair(); + let (recipient_id, recipient_secret) = vcrypto.generate_keypair(); + let envelope = Envelope::new(vcrypto.version(), ts, nonce, sender_id, recipient_id); // Create arbitrary body let body = b"This is an arbitrary body"; // Serialize to bytes let enc_data = envelope - .to_encrypted_data(crypto.clone(), body, &sender_secret) + .to_encrypted_data(vcrypto.crypto(), body, &sender_secret) .expect("failed to encrypt data"); // Deserialize from bytes @@ -31,7 +23,7 @@ pub async fn test_envelope_round_trip() { Envelope::from_signed_data(&enc_data).expect("failed to deserialize envelope from data"); let body2 = envelope2 - .decrypt_body(crypto.clone(), &enc_data, &recipient_secret) + .decrypt_body(vcrypto.crypto(), &enc_data, &recipient_secret) .expect("failed to decrypt envelope body"); // Compare envelope and body @@ -52,18 +44,16 @@ pub async fn test_envelope_round_trip() { Envelope::from_signed_data(&mod_enc_data2).is_err(), "should have failed to decode envelope with modified data" ); - - api.shutdown().await; } -pub async fn test_receipt_round_trip() { +pub async fn test_receipt_round_trip(vcrypto: CryptoSystemVersion) { info!("--- test receipt round trip ---"); // Create arbitrary body let body = b"This is an arbitrary body"; // Create receipt - let nonce = Crypto::get_random_nonce(); - let (sender_id, sender_secret) = generate_secret(); + let nonce = vcrypto.random_nonce(); + let (sender_id, sender_secret) = vcrypto.generate_keypair(); let receipt = Receipt::try_new(0, nonce, sender_id, body).expect("should not fail"); // Serialize to bytes @@ -85,6 +75,17 @@ pub async fn test_receipt_round_trip() { } pub async fn test_all() { - test_envelope_round_trip().await; - test_receipt_round_trip().await; + let api = crypto_tests_startup().await; + let crypto = api.crypto().unwrap(); + + // Test versions + for v in MIN_CRYPTO_VERSION..=MAX_CRYPTO_VERSION { + let vcrypto = crypto.get(v).unwrap(); + + test_envelope_round_trip(vcrypto.clone()).await; + test_receipt_round_trip(vcrypto).await; + } + + crypto_tests_shutdown(api.clone()).await; + assert!(api.is_shutdown()); } diff --git a/veilid-tools/src/tools.rs b/veilid-tools/src/tools.rs index 632336a1..ac3e6be4 100644 --- a/veilid-tools/src/tools.rs +++ b/veilid-tools/src/tools.rs @@ -299,6 +299,14 @@ pub unsafe fn aligned_8_u8_vec_uninit(n_bytes: usize) -> Vec { ) } +pub unsafe fn unaligned_u8_vec_uninit(n_bytes: usize) -> Vec { + let mut unaligned: Vec = Vec::with_capacity(n_bytes); + let ptr = unaligned.as_mut_ptr(); + mem::forget(unaligned); + + Vec::from_raw_parts(ptr as *mut u8, n_bytes, n_bytes) +} + pub fn debug_backtrace() -> String { let bt = backtrace::Backtrace::new(); format!("{:?}", bt)