diff --git a/veilid-core/src/crypto/tests/test_crypto.rs b/veilid-core/src/crypto/tests/test_crypto.rs index e7e0c73e..ac1b41e7 100644 --- a/veilid-core/src/crypto/tests/test_crypto.rs +++ b/veilid-core/src/crypto/tests/test_crypto.rs @@ -139,7 +139,9 @@ pub async fn test_no_auth(vcrypto: CryptoSystemVersion) { pub async fn test_dh(vcrypto: CryptoSystemVersion) { trace!("test_dh"); let (dht_key, dht_key_secret) = vcrypto.generate_keypair().into_split(); + assert!(vcrypto.validate_keypair(&dht_key, &dht_key_secret)); let (dht_key2, dht_key_secret2) = vcrypto.generate_keypair().into_split(); + assert!(vcrypto.validate_keypair(&dht_key2, &dht_key_secret2)); let r1 = vcrypto.compute_dh(&dht_key, &dht_key_secret2).unwrap(); let r2 = vcrypto.compute_dh(&dht_key2, &dht_key_secret).unwrap(); diff --git a/veilid-core/src/crypto/vld0/mod.rs b/veilid-core/src/crypto/vld0/mod.rs index acc36fa4..a763e7a1 100644 --- a/veilid-core/src/crypto/vld0/mod.rs +++ b/veilid-core/src/crypto/vld0/mod.rs @@ -9,7 +9,6 @@ use chacha20::XChaCha20; use chacha20poly1305 as ch; use chacha20poly1305::aead::AeadInPlace; use chacha20poly1305::KeyInit; -use core::convert::TryInto; use curve25519_dalek::digest::Digest; use ed25519_dalek as ed; use x25519_dalek as xd; @@ -17,27 +16,29 @@ use x25519_dalek as xd; const AEAD_OVERHEAD: usize = 16; pub const CRYPTO_KIND_VLD0: CryptoKind = FourCC(*b"VLD0"); -fn ed25519_to_x25519_pk(key: &ed::VerifyingKey) -> VeilidAPIResult { - let mp = key.to_montgomery(); - Ok(xd::PublicKey::from(mp.to_bytes())) +fn public_to_x25519_pk(public: &PublicKey) -> VeilidAPIResult { + let pk_ed = ed::VerifyingKey::from_bytes(&public.bytes).map_err(VeilidAPIError::internal)?; + Ok(xd::PublicKey::from(*pk_ed.to_montgomery().as_bytes())) } -fn ed25519_to_x25519_sk(key: &ed::SigningKey) -> VeilidAPIResult { - Ok(xd::StaticSecret::from(*key.to_scalar().as_bytes())) +fn secret_to_x25519_sk(secret: &SecretKey) -> VeilidAPIResult { + // NOTE: ed::SigningKey.to_scalar() does not produce an unreduced scalar, we want the raw bytes here + // See https://github.com/dalek-cryptography/curve25519-dalek/issues/565 + let hash: [u8; SIGNATURE_LENGTH] = ed::Sha512::default() + .chain_update(secret.bytes) + .finalize() + .into(); + let mut output = [0u8; 32]; + output.copy_from_slice(&hash[..32]); + + Ok(xd::StaticSecret::from(output)) } pub fn vld0_generate_keypair() -> KeyPair { let mut csprng = VeilidRng {}; - let keypair = ed::SigningKey::generate(&mut csprng); - let dht_key = PublicKey::new( - keypair.to_keypair_bytes()[ed::SECRET_KEY_LENGTH..] - .try_into() - .expect("should fit"), - ); - let dht_key_secret = SecretKey::new( - keypair.to_keypair_bytes()[0..ed::SECRET_KEY_LENGTH] - .try_into() - .expect("should fit"), - ); + let signing_key = ed::SigningKey::generate(&mut csprng); + let verifying_key = signing_key.verifying_key(); + let dht_key = PublicKey::new(verifying_key.to_bytes()); + let dht_key_secret = SecretKey::new(signing_key.to_bytes()); KeyPair::new(dht_key, dht_key_secret) } @@ -130,10 +131,9 @@ impl CryptoSystem for CryptoSystemVLD0 { SharedSecret::new(s) } fn compute_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult { - let pk_ed = ed::VerifyingKey::from_bytes(&key.bytes).map_err(VeilidAPIError::internal)?; - let pk_xd = ed25519_to_x25519_pk(&pk_ed)?; - let sk_ed = ed::SigningKey::from_bytes(&secret.bytes); - let sk_xd = ed25519_to_x25519_sk(&sk_ed)?; + let pk_xd = public_to_x25519_pk(&key)?; + let sk_xd = secret_to_x25519_sk(&secret)?; + Ok(SharedSecret::new(sk_xd.diffie_hellman(&pk_xd).to_bytes())) } fn generate_keypair(&self) -> KeyPair { diff --git a/veilid-core/src/tests/native/mod.rs b/veilid-core/src/tests/native/mod.rs index 382d10eb..4d29b557 100644 --- a/veilid-core/src/tests/native/mod.rs +++ b/veilid-core/src/tests/native/mod.rs @@ -97,20 +97,16 @@ cfg_if! { pub fn setup() { SETUP_ONCE.call_once(|| { - cfg_if! { - if #[cfg(feature = "tracing")] { - use tracing_subscriber::{filter, fmt, prelude::*}; - let mut filters = filter::Targets::new().with_default(filter::LevelFilter::TRACE); - for ig in DEFAULT_LOG_IGNORE_LIST { - filters = filters.with_target(ig, filter::LevelFilter::OFF); - } - let fmt_layer = fmt::layer(); - tracing_subscriber::registry() - .with(fmt_layer) - .with(filters) - .init(); - } + use tracing_subscriber::{filter, fmt, prelude::*}; + let mut filters = filter::Targets::new().with_default(filter::LevelFilter::TRACE); + for ig in DEFAULT_LOG_IGNORE_LIST { + filters = filters.with_target(ig, filter::LevelFilter::OFF); } + let fmt_layer = fmt::layer(); + tracing_subscriber::registry() + .with(fmt_layer) + .with(filters) + .init(); }); } diff --git a/veilid-core/src/veilid_api/serialize_helpers/compression.rs b/veilid-core/src/veilid_api/serialize_helpers/compression.rs index 0018da7c..cb45ed30 100644 --- a/veilid-core/src/veilid_api/serialize_helpers/compression.rs +++ b/veilid-core/src/veilid_api/serialize_helpers/compression.rs @@ -1,8 +1,6 @@ use super::*; use lz4_flex::block; -use crate::apibail_generic; - pub fn compress_prepend_size(input: &[u8]) -> Vec { block::compress_prepend_size(input) }