From bdaeed22c4afd195c854d1baa6446a0c48080a89 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Sun, 17 Dec 2023 18:57:51 -0500 Subject: [PATCH 01/40] wip: `ares_crypto` initial commit --- rust/ares_crypto/Cargo.lock | 498 ++++++++++++++++++++++++++++++++ rust/ares_crypto/Cargo.toml | 20 ++ rust/ares_crypto/src/aes_siv.rs | 54 ++++ rust/ares_crypto/src/ed25519.rs | 32 ++ rust/ares_crypto/src/lib.rs | 5 + 5 files changed, 609 insertions(+) create mode 100644 rust/ares_crypto/Cargo.lock create mode 100644 rust/ares_crypto/Cargo.toml create mode 100644 rust/ares_crypto/src/aes_siv.rs create mode 100644 rust/ares_crypto/src/ed25519.rs create mode 100644 rust/ares_crypto/src/lib.rs diff --git a/rust/ares_crypto/Cargo.lock b/rust/ares_crypto/Cargo.lock new file mode 100644 index 0000000..ca5155f --- /dev/null +++ b/rust/ares_crypto/Cargo.lock @@ -0,0 +1,498 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "aead" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d122413f284cf2d62fb1b7db97e02edb8cda96d769b16e443a4f6195e35662b0" +dependencies = [ + "crypto-common", + "generic-array", + "heapless", +] + +[[package]] +name = "aes" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac1f845298e95f983ff1944b728ae08b8cebab80d684f0a832ed0fc74dfa27e2" +dependencies = [ + "cfg-if", + "cipher", + "cpufeatures", +] + +[[package]] +name = "aes-siv" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7e08d0cdb774acd1e4dac11478b1a0c0d203134b2aab0ba25eb430de9b18f8b9" +dependencies = [ + "aead", + "aes", + "cipher", + "cmac", + "ctr", + "dbl", + "digest", + "zeroize", +] + +[[package]] +name = "ares-crypto" +version = "0.1.0" +dependencies = [ + "aes-siv", + "assert_no_alloc", + "ed25519", + "ed25519-dalek", + "rand", +] + +[[package]] +name = "assert_no_alloc" +version = "1.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "55ca83137a482d61d916ceb1eba52a684f98004f18e0cafea230fe5579c178a3" + +[[package]] +name = "atomic-polyfill" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8cf2bce30dfe09ef0bfaef228b9d414faaf7e563035494d7fe092dba54b300f4" +dependencies = [ + "critical-section", +] + +[[package]] +name = "autocfg" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" + +[[package]] +name = "base64ct" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" + +[[package]] +name = "block-buffer" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" +dependencies = [ + "generic-array", +] + +[[package]] +name = "byteorder" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "cipher" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad" +dependencies = [ + "crypto-common", + "inout", +] + +[[package]] +name = "cmac" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8543454e3c3f5126effff9cd44d562af4e31fb8ce1cc0d3dcd8f084515dbc1aa" +dependencies = [ + "cipher", + "dbl", + "digest", +] + +[[package]] +name = "const-oid" +version = "0.9.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" + +[[package]] +name = "cpufeatures" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce420fe07aecd3e67c5f910618fe65e94158f6dcc0adf44e00d69ce2bdfe0fd0" +dependencies = [ + "libc", +] + +[[package]] +name = "critical-section" +version = "1.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7059fff8937831a9ae6f0fe4d658ffabf58f2ca96aa9dec1c889f936f705f216" + +[[package]] +name = "crypto-common" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +dependencies = [ + "generic-array", + "rand_core", + "typenum", +] + +[[package]] +name = "ctr" +version = "0.9.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0369ee1ad671834580515889b80f2ea915f23b8be8d0daa4bbaf2ac5c7590835" +dependencies = [ + "cipher", +] + +[[package]] +name = "curve25519-dalek" +version = "4.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e89b8c6a2e4b1f45971ad09761aafb85514a84744b67a95e32c3cc1352d1f65c" +dependencies = [ + "cfg-if", + "cpufeatures", + "curve25519-dalek-derive", + "digest", + "fiat-crypto", + "platforms", + "rustc_version", + "subtle", +] + +[[package]] +name = "curve25519-dalek-derive" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "dbl" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd2735a791158376708f9347fe8faba9667589d82427ef3aed6794a8981de3d9" +dependencies = [ + "generic-array", +] + +[[package]] +name = "der" +version = "0.7.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fffa369a668c8af7dbf8b5e56c9f744fbd399949ed171606040001947de40b1c" +dependencies = [ + "const-oid", + "zeroize", +] + +[[package]] +name = "digest" +version = "0.10.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" +dependencies = [ + "block-buffer", + "crypto-common", + "subtle", +] + +[[package]] +name = "ed25519" +version = "2.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "115531babc129696a58c64a4fef0a8bf9e9698629fb97e9e40767d235cfbcd53" +dependencies = [ + "pkcs8", + "signature", +] + +[[package]] +name = "ed25519-dalek" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f628eaec48bfd21b865dc2950cfa014450c01d2fa2b69a86c2fd5844ec523c0" +dependencies = [ + "curve25519-dalek", + "ed25519", + "rand_core", + "sha2", + "subtle", +] + +[[package]] +name = "fiat-crypto" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "27573eac26f4dd11e2b1916c3fe1baa56407c83c71a773a8ba17ec0bca03b6b7" + +[[package]] +name = "generic-array" +version = "0.14.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" +dependencies = [ + "typenum", + "version_check", +] + +[[package]] +name = "getrandom" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fe9006bed769170c11f845cf00c7c1e9092aeb3f268e007c3e760ac68008070f" +dependencies = [ + "cfg-if", + "libc", + "wasi", +] + +[[package]] +name = "hash32" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0c35f58762feb77d74ebe43bdbc3210f09be9fe6742234d573bacc26ed92b67" +dependencies = [ + "byteorder", +] + +[[package]] +name = "heapless" +version = "0.7.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cdc6457c0eb62c71aac4bc17216026d8410337c4126773b9c5daba343f17964f" +dependencies = [ + "atomic-polyfill", + "hash32", + "rustc_version", + "spin", + "stable_deref_trait", +] + +[[package]] +name = "inout" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" +dependencies = [ + "generic-array", +] + +[[package]] +name = "libc" +version = "0.2.151" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "302d7ab3130588088d277783b1e2d2e10c9e9e4a16dd9050e6ec93fb3e7048f4" + +[[package]] +name = "lock_api" +version = "0.4.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c168f8615b12bc01f9c17e2eb0cc07dcae1940121185446edc3744920e8ef45" +dependencies = [ + "autocfg", + "scopeguard", +] + +[[package]] +name = "pkcs8" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" +dependencies = [ + "der", + "spki", +] + +[[package]] +name = "platforms" +version = "3.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14e6ab3f592e6fb464fc9712d8d6e6912de6473954635fd76a589d832cffcbb0" + +[[package]] +name = "ppv-lite86" +version = "0.2.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" + +[[package]] +name = "proc-macro2" +version = "1.0.70" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "39278fbbf5fb4f646ce651690877f89d1c5811a3d4acb27700c1cb3cdb78fd3b" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "quote" +version = "1.0.33" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "rand_chacha", + "rand_core", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom", +] + +[[package]] +name = "rustc_version" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" +dependencies = [ + "semver", +] + +[[package]] +name = "scopeguard" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" + +[[package]] +name = "semver" +version = "1.0.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "836fa6a3e1e547f9a2c4040802ec865b5d85f4014efe00555d7090a3dcaa1090" + +[[package]] +name = "sha2" +version = "0.10.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest", +] + +[[package]] +name = "signature" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" +dependencies = [ + "rand_core", +] + +[[package]] +name = "spin" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" +dependencies = [ + "lock_api", +] + +[[package]] +name = "spki" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" +dependencies = [ + "base64ct", + "der", +] + +[[package]] +name = "stable_deref_trait" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" + +[[package]] +name = "subtle" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc" + +[[package]] +name = "syn" +version = "2.0.41" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44c8b28c477cc3bf0e7966561e3460130e1255f7a1cf71931075f1c5e7a7e269" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "typenum" +version = "1.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825" + +[[package]] +name = "unicode-ident" +version = "1.0.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" + +[[package]] +name = "version_check" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + +[[package]] +name = "zeroize" +version = "1.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "525b4ec142c6b68a2d10f01f7bbf6755599ca3f81ea53b8431b7dd348f5fdb2d" diff --git a/rust/ares_crypto/Cargo.toml b/rust/ares_crypto/Cargo.toml new file mode 100644 index 0000000..be7997d --- /dev/null +++ b/rust/ares_crypto/Cargo.toml @@ -0,0 +1,20 @@ +[package] +name = "ares-crypto" +version = "0.1.0" +edition = "2021" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dependencies] +assert_no_alloc = "1.1.2" +# use this when debugging requires allocation (e.g. eprintln) +# assert_no_alloc = {version="1.1.2", features=["warn_debug"]} +aes-siv = { version = "0.7.0", features = ["heapless"], default-features = false } +ed25519-dalek = { version = "2.1.0", features = ["pkcs8", "rand_core"], default-features = false } +ed25519 = { version = "2.2.3" } +rand = { version = "0.8.5", features = ["getrandom", "std_rng"], default-features = false } + +[features] +default = ["aes_siv", "ed25519"] +aes_siv = [] +ed25519 = [] diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs new file mode 100644 index 0000000..5aa0639 --- /dev/null +++ b/rust/ares_crypto/src/aes_siv.rs @@ -0,0 +1,54 @@ +use aes_siv::{ + aead::{heapless::Vec, AeadInPlace, Error, KeyInit}, + Aes256SivAead, + Nonce, // Or `Aes128SivAead` +}; + +pub fn _ac_aes_siv_en() -> Result<(), Error> { + todo!(); + // let key = Aes256SivAead::generate_key(&mut OsRng); + // let cipher = Aes256SivAead::new(&key); + // let nonce = Nonce::from_slice(b"any unique nonce"); // 128-bits; unique per message + + // let mut buffer: Vec = Vec::new(); // Note: buffer needs 16-bytes overhead for auth tag tag + // buffer.extend_from_slice(b"plaintext message"); + + // // Encrypt `buffer` in-place, replacing the plaintext contents with ciphertext + // cipher.encrypt_in_place(nonce, b"", &mut buffer)?; + + // // `buffer` now contains the message ciphertext + // assert_ne!(&buffer, b"plaintext message"); + + // // Decrypt `buffer` in-place, replacing its ciphertext context with the original plaintext + // cipher.decrypt_in_place(nonce, b"", &mut buffer)?; + // assert_eq!(&buffer, b"plaintext message"); + // Ok(()) +} + +pub fn _ac_aes_siv_de() -> Result<(), Error> { + todo!(); +} + +pub fn ac_aes_siva_en() -> Result<(), Error> { + todo!(); +} + +pub fn ac_aes_siva_de() -> Result<(), Error> { + todo!(); +} + +pub fn ac_aes_sivb_en() -> Result<(), Error> { + todo!(); +} + +pub fn ac_aes_sivb_de() -> Result<(), Error> { + todo!(); +} + +pub fn ac_aes_sivc_en() -> Result<(), Error> { + todo!(); +} + +pub fn ac_aes_sivc_de() -> Result<(), Error> { + todo!(); +} diff --git a/rust/ares_crypto/src/ed25519.rs b/rust/ares_crypto/src/ed25519.rs new file mode 100644 index 0000000..aa4f940 --- /dev/null +++ b/rust/ares_crypto/src/ed25519.rs @@ -0,0 +1,32 @@ +use std::ptr::copy_nonoverlapping; + +use ed25519_dalek::{SignatureError, SigningKey}; +use rand::{rngs::StdRng, SeedableRng}; + +/// Generate a public key from the given seed and write it to the given 32-byte output buffer, +pub fn ac_ed_puck(seed: &mut [u8; 32], out: *mut u8) -> Result<(), SignatureError> { + let mut csprng = StdRng::from_seed(*seed); + let signing_key = SigningKey::generate(&mut csprng); + let verifying_key = signing_key.verifying_key(); + unsafe { + copy_nonoverlapping(verifying_key.as_bytes().as_ptr(), out, 32); + } + Ok(()) +} + +/// Perform a key exchange between the given public key and the keypair generated from the given seed, +/// writing the resulting shared key to the given 32-byte output buffer. +pub fn ac_ed_shar(public: &[u8; 32], seed: &[u8; 32], out: *mut u8) -> Result<(), SignatureError> { + // Generate a keypair from the given seed. + let mut csprng = StdRng::from_seed(*seed); + let self_key = SigningKey::generate(&mut csprng); + + let mut keypair_bytes = [0u8; 64]; + keypair_bytes[..32].copy_from_slice(&self_key.to_bytes()); + keypair_bytes[32..].copy_from_slice(public); + let shared_key = SigningKey::from_keypair_bytes(&keypair_bytes)?; + unsafe { + copy_nonoverlapping(shared_key.to_bytes().as_ptr(), out, 32); + } + Ok(()) +} diff --git a/rust/ares_crypto/src/lib.rs b/rust/ares_crypto/src/lib.rs new file mode 100644 index 0000000..7a5d496 --- /dev/null +++ b/rust/ares_crypto/src/lib.rs @@ -0,0 +1,5 @@ +#[cfg(feature = "aes_siv")] +pub mod aes_siv; + +#[cfg(feature = "ed25519")] +pub mod ed25519; From 087b90db90109f5e359444df2a2e3ba7dc203f60 Mon Sep 17 00:00:00 2001 From: Edward Amsden Date: Sun, 17 Dec 2023 21:46:04 -0600 Subject: [PATCH 02/40] ares_crypto: add scaffolding for tests vs urcrypt --- rust/ares_crypto/Cargo.toml | 2 ++ rust/ares_crypto/src/ed25519.rs | 6 ++++++ 2 files changed, 8 insertions(+) diff --git a/rust/ares_crypto/Cargo.toml b/rust/ares_crypto/Cargo.toml index be7997d..502e595 100644 --- a/rust/ares_crypto/Cargo.toml +++ b/rust/ares_crypto/Cargo.toml @@ -13,8 +13,10 @@ aes-siv = { version = "0.7.0", features = ["heapless"], default-features = false ed25519-dalek = { version = "2.1.0", features = ["pkcs8", "rand_core"], default-features = false } ed25519 = { version = "2.2.3" } rand = { version = "0.8.5", features = ["getrandom", "std_rng"], default-features = false } +urcrypt-sys = { version = "0.1.1", optional = true } [features] default = ["aes_siv", "ed25519"] aes_siv = [] ed25519 = [] +test_vs_urcrypt = ["urcrypt-sys"] diff --git a/rust/ares_crypto/src/ed25519.rs b/rust/ares_crypto/src/ed25519.rs index aa4f940..e7b43e2 100644 --- a/rust/ares_crypto/src/ed25519.rs +++ b/rust/ares_crypto/src/ed25519.rs @@ -30,3 +30,9 @@ pub fn ac_ed_shar(public: &[u8; 32], seed: &[u8; 32], out: *mut u8) -> Result<() } Ok(()) } + +#[cfg(test)] +#[cfg(feature = "test_vs_urcrypt")] +mod ucrypt_test { + // tests comparing urcrypt and ares_crypto output for ed25519 functions go here +} From 64367a9037fa29f53d07da96dc76b211e54e4615 Mon Sep 17 00:00:00 2001 From: Edward Amsden Date: Sun, 17 Dec 2023 21:46:26 -0600 Subject: [PATCH 03/40] ares_crypto: cargo lock --- rust/ares_crypto/Cargo.lock | 338 ++++++++++++++++++++++++++++++++++++ 1 file changed, 338 insertions(+) diff --git a/rust/ares_crypto/Cargo.lock b/rust/ares_crypto/Cargo.lock index ca5155f..a1bc465 100644 --- a/rust/ares_crypto/Cargo.lock +++ b/rust/ares_crypto/Cargo.lock @@ -40,6 +40,15 @@ dependencies = [ "zeroize", ] +[[package]] +name = "aho-corasick" +version = "1.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b2969dcb958b36655471fc61f7e416fa76033bdd4bfed0678d8fee1e2d07a1f0" +dependencies = [ + "memchr", +] + [[package]] name = "ares-crypto" version = "0.1.0" @@ -49,6 +58,7 @@ dependencies = [ "ed25519", "ed25519-dalek", "rand", + "urcrypt-sys", ] [[package]] @@ -78,6 +88,35 @@ version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" +[[package]] +name = "bindgen" +version = "0.68.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "726e4313eb6ec35d2730258ad4e15b547ee75d6afaa1361a922e78e59b7d8078" +dependencies = [ + "bitflags", + "cexpr", + "clang-sys", + "lazy_static", + "lazycell", + "log", + "peeking_take_while", + "prettyplease", + "proc-macro2", + "quote", + "regex", + "rustc-hash", + "shlex", + "syn", + "which", +] + +[[package]] +name = "bitflags" +version = "2.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "327762f6e5a765692301e5bb513e0d9fef63be86bbc14528052b1cd3e6f03e07" + [[package]] name = "block-buffer" version = "0.10.4" @@ -93,6 +132,15 @@ version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" +[[package]] +name = "cexpr" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6fac387a98bb7c37292057cffc56d62ecb629900026402633ae9160df93a8766" +dependencies = [ + "nom", +] + [[package]] name = "cfg-if" version = "1.0.0" @@ -109,6 +157,17 @@ dependencies = [ "inout", ] +[[package]] +name = "clang-sys" +version = "1.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c688fc74432808e3eb684cae8830a86be1d66a2bd58e1f248ed0960a590baf6f" +dependencies = [ + "glob", + "libc", + "libloading", +] + [[package]] name = "cmac" version = "0.7.2" @@ -241,6 +300,22 @@ dependencies = [ "subtle", ] +[[package]] +name = "either" +version = "1.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a26ae43d7bcc3b814de94796a5e736d4029efb0ee900c12e2d54c993ad1a1e07" + +[[package]] +name = "errno" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a258e46cdc063eb8519c00b9fc845fc47bcfca4130e2f08e88665ceda8474245" +dependencies = [ + "libc", + "windows-sys", +] + [[package]] name = "fiat-crypto" version = "0.2.5" @@ -268,6 +343,12 @@ dependencies = [ "wasi", ] +[[package]] +name = "glob" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" + [[package]] name = "hash32" version = "0.2.1" @@ -290,6 +371,15 @@ dependencies = [ "stable_deref_trait", ] +[[package]] +name = "home" +version = "0.5.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3d1354bf6b7235cb4a0576c2619fd4ed18183f689b12b006a0ee7329eeff9a5" +dependencies = [ + "windows-sys", +] + [[package]] name = "inout" version = "0.1.3" @@ -299,12 +389,40 @@ dependencies = [ "generic-array", ] +[[package]] +name = "lazy_static" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" + +[[package]] +name = "lazycell" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55" + [[package]] name = "libc" version = "0.2.151" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "302d7ab3130588088d277783b1e2d2e10c9e9e4a16dd9050e6ec93fb3e7048f4" +[[package]] +name = "libloading" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b67380fd3b2fbe7527a606e18729d21c6f3951633d0500574c4dc22d2d638b9f" +dependencies = [ + "cfg-if", + "winapi", +] + +[[package]] +name = "linux-raw-sys" +version = "0.4.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c4cd1a83af159aa67994778be9070f0ae1bd732942279cabb14f86f986a21456" + [[package]] name = "lock_api" version = "0.4.11" @@ -315,6 +433,46 @@ dependencies = [ "scopeguard", ] +[[package]] +name = "log" +version = "0.4.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f" + +[[package]] +name = "memchr" +version = "2.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f665ee40bc4a3c5590afb1e9677db74a508659dfd71e126420da8274909a0167" + +[[package]] +name = "minimal-lexical" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" + +[[package]] +name = "nom" +version = "7.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a" +dependencies = [ + "memchr", + "minimal-lexical", +] + +[[package]] +name = "once_cell" +version = "1.19.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" + +[[package]] +name = "peeking_take_while" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" + [[package]] name = "pkcs8" version = "0.10.2" @@ -325,6 +483,12 @@ dependencies = [ "spki", ] +[[package]] +name = "pkg-config" +version = "0.3.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" + [[package]] name = "platforms" version = "3.2.0" @@ -337,6 +501,16 @@ version = "0.2.17" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" +[[package]] +name = "prettyplease" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae005bd773ab59b4725093fd7df83fd7892f7d8eafb48dbd7de6e024e4215f9d" +dependencies = [ + "proc-macro2", + "syn", +] + [[package]] name = "proc-macro2" version = "1.0.70" @@ -384,6 +558,41 @@ dependencies = [ "getrandom", ] +[[package]] +name = "regex" +version = "1.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "380b951a9c5e80ddfd6136919eef32310721aa4aacd4889a8d39124b026ab343" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata", + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f804c7828047e88b2d32e2d7fe5a105da8ee3264f01902f796c8e067dc2483f" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f" + +[[package]] +name = "rustc-hash" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" + [[package]] name = "rustc_version" version = "0.4.0" @@ -393,6 +602,19 @@ dependencies = [ "semver", ] +[[package]] +name = "rustix" +version = "0.38.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72e572a5e8ca657d7366229cdde4bd14c4eb5499a9573d4d366fe1b599daa316" +dependencies = [ + "bitflags", + "errno", + "libc", + "linux-raw-sys", + "windows-sys", +] + [[package]] name = "scopeguard" version = "1.2.0" @@ -416,6 +638,12 @@ dependencies = [ "digest", ] +[[package]] +name = "shlex" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a7cee0529a6d40f580e7a5e6c495c8fbfe21b7b52795ed4bb5e62cdf92bc6380" + [[package]] name = "signature" version = "2.2.0" @@ -479,6 +707,16 @@ version = "1.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" +[[package]] +name = "urcrypt-sys" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ced751f95a527a3458eb67c75e4ae7093d41585edaa7565f5769101502473019" +dependencies = [ + "bindgen", + "pkg-config", +] + [[package]] name = "version_check" version = "0.9.4" @@ -491,6 +729,106 @@ version = "0.11.0+wasi-snapshot-preview1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" +[[package]] +name = "which" +version = "4.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87ba24419a2078cd2b0f2ede2691b6c66d8e47836da3b6db8265ebad47afbfc7" +dependencies = [ + "either", + "home", + "once_cell", + "rustix", +] + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "windows-sys" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" +dependencies = [ + "windows-targets", +] + +[[package]] +name = "windows-targets" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a18201040b24831fbb9e4eb208f8892e1f50a37feb53cc7ff887feb8f50e7cd" +dependencies = [ + "windows_aarch64_gnullvm", + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_gnullvm", + "windows_x86_64_msvc", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb7764e35d4db8a7921e09562a0304bf2f93e0a51bfccee0bd0bb0b666b015ea" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbaa0368d4f1d2aaefc55b6fcfee13f41544ddf36801e793edbbfd7d7df075ef" + +[[package]] +name = "windows_i686_gnu" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a28637cb1fa3560a16915793afb20081aba2c92ee8af57b4d5f28e4b3e7df313" + +[[package]] +name = "windows_i686_msvc" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffe5e8e31046ce6230cc7215707b816e339ff4d4d67c65dffa206fd0f7aa7b9a" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a657e1e9d3f514745a572a6846d3c7aa7dbe1658c056ed9c3344c4109a6949e" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" + [[package]] name = "zeroize" version = "1.7.0" From eb77dad57f8d02551d7dfb62bf50c1c9006bb68b Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Mon, 18 Dec 2023 11:39:09 -0500 Subject: [PATCH 04/40] `ed`: `puck` --- rust/ares_crypto/Cargo.lock | 77 ++++++++++++++++++++++++++ rust/ares_crypto/Cargo.toml | 8 ++- rust/ares_crypto/src/aes_siv.rs | 6 +- rust/ares_crypto/src/ed25519.rs | 98 ++++++++++++++++++++++++--------- 4 files changed, 156 insertions(+), 33 deletions(-) diff --git a/rust/ares_crypto/Cargo.lock b/rust/ares_crypto/Cargo.lock index a1bc465..775b05a 100644 --- a/rust/ares_crypto/Cargo.lock +++ b/rust/ares_crypto/Cargo.lock @@ -57,8 +57,11 @@ dependencies = [ "assert_no_alloc", "ed25519", "ed25519-dalek", + "ibig", "rand", + "sha2", "urcrypt-sys", + "x25519-dalek", ] [[package]] @@ -234,6 +237,7 @@ dependencies = [ "platforms", "rustc_version", "subtle", + "zeroize", ] [[package]] @@ -380,6 +384,18 @@ dependencies = [ "windows-sys", ] +[[package]] +name = "ibig" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d1fcc7f316b2c079dde77564a1360639c1a956a23fa96122732e416cb10717bb" +dependencies = [ + "cfg-if", + "num-traits", + "rand", + "static_assertions", +] + [[package]] name = "inout" version = "0.1.3" @@ -461,6 +477,15 @@ dependencies = [ "minimal-lexical", ] +[[package]] +name = "num-traits" +version = "0.2.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "39e3200413f237f41ab11ad6d161bc7239c84dcb631773ccd7de3dfe4b5c267c" +dependencies = [ + "autocfg", +] + [[package]] name = "once_cell" version = "1.19.0" @@ -627,6 +652,26 @@ version = "1.0.20" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "836fa6a3e1e547f9a2c4040802ec865b5d85f4014efe00555d7090a3dcaa1090" +[[package]] +name = "serde" +version = "1.0.193" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "25dd9975e68d0cb5aa1120c288333fc98731bd1dd12f561e468ea4728c042b89" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_derive" +version = "1.0.193" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43576ca501357b9b071ac53cdc7da8ef0cbd9493d8df094cd821777ea6e894d3" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "sha2" version = "0.10.8" @@ -678,6 +723,12 @@ version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" +[[package]] +name = "static_assertions" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" + [[package]] name = "subtle" version = "2.5.0" @@ -829,8 +880,34 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" +[[package]] +name = "x25519-dalek" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fb66477291e7e8d2b0ff1bcb900bf29489a9692816d79874bea351e7a8b6de96" +dependencies = [ + "curve25519-dalek", + "rand_core", + "serde", + "zeroize", +] + [[package]] name = "zeroize" version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "525b4ec142c6b68a2d10f01f7bbf6755599ca3f81ea53b8431b7dd348f5fdb2d" +dependencies = [ + "zeroize_derive", +] + +[[package]] +name = "zeroize_derive" +version = "1.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] diff --git a/rust/ares_crypto/Cargo.toml b/rust/ares_crypto/Cargo.toml index 502e595..a722c3f 100644 --- a/rust/ares_crypto/Cargo.toml +++ b/rust/ares_crypto/Cargo.toml @@ -12,11 +12,15 @@ assert_no_alloc = "1.1.2" aes-siv = { version = "0.7.0", features = ["heapless"], default-features = false } ed25519-dalek = { version = "2.1.0", features = ["pkcs8", "rand_core"], default-features = false } ed25519 = { version = "2.2.3" } -rand = { version = "0.8.5", features = ["getrandom", "std_rng"], default-features = false } +rand = { version = "0.8.5", features = ["std_rng"], default-features = false } urcrypt-sys = { version = "0.1.1", optional = true } +sha2 = "0.10.8" +ibig = "0.3.6" +x25519-dalek = "2.0.0" [features] -default = ["aes_siv", "ed25519"] +# XX turn off test_vs_urcrypt after development +default = ["aes_siv", "ed25519", "test_vs_urcrypt"] aes_siv = [] ed25519 = [] test_vs_urcrypt = ["urcrypt-sys"] diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index 5aa0639..a2b310c 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -1,8 +1,4 @@ -use aes_siv::{ - aead::{heapless::Vec, AeadInPlace, Error, KeyInit}, - Aes256SivAead, - Nonce, // Or `Aes128SivAead` -}; +use aes_siv::aead::Error; pub fn _ac_aes_siv_en() -> Result<(), Error> { todo!(); diff --git a/rust/ares_crypto/src/ed25519.rs b/rust/ares_crypto/src/ed25519.rs index e7b43e2..eee8f1c 100644 --- a/rust/ares_crypto/src/ed25519.rs +++ b/rust/ares_crypto/src/ed25519.rs @@ -1,38 +1,84 @@ -use std::ptr::copy_nonoverlapping; - -use ed25519_dalek::{SignatureError, SigningKey}; use rand::{rngs::StdRng, SeedableRng}; +use ed25519_dalek::{SigningKey, VerifyingKey}; +use x25519_dalek::{EphemeralSecret, PublicKey, SharedSecret}; -/// Generate a public key from the given seed and write it to the given 32-byte output buffer, -pub fn ac_ed_puck(seed: &mut [u8; 32], out: *mut u8) -> Result<(), SignatureError> { - let mut csprng = StdRng::from_seed(*seed); - let signing_key = SigningKey::generate(&mut csprng); +/// Generate a public key from the given seed and write it to the given output slice. +pub fn ac_ed_puck(seed: &mut [u8; 32], out: &mut [u8; 32]) { + let signing_key = SigningKey::from_bytes(seed); let verifying_key = signing_key.verifying_key(); - unsafe { - copy_nonoverlapping(verifying_key.as_bytes().as_ptr(), out, 32); - } - Ok(()) + *out = verifying_key.to_bytes(); } -/// Perform a key exchange between the given public key and the keypair generated from the given seed, -/// writing the resulting shared key to the given 32-byte output buffer. -pub fn ac_ed_shar(public: &[u8; 32], seed: &[u8; 32], out: *mut u8) -> Result<(), SignatureError> { - // Generate a keypair from the given seed. - let mut csprng = StdRng::from_seed(*seed); - let self_key = SigningKey::generate(&mut csprng); +/// Perform a key exchange between the given public key and the private key of +/// the keypair generate from the given seed, writing the resulting shared key +/// to the given output slice. +pub fn ac_ed_shar(public: &[u8; 32], seed: &[u8; 32], out: &mut [u8; 32]) { + // let self_key = SigningKey::from_bytes(seed); - let mut keypair_bytes = [0u8; 64]; - keypair_bytes[..32].copy_from_slice(&self_key.to_bytes()); - keypair_bytes[32..].copy_from_slice(public); - let shared_key = SigningKey::from_keypair_bytes(&keypair_bytes)?; - unsafe { - copy_nonoverlapping(shared_key.to_bytes().as_ptr(), out, 32); + // let other_key = PublicKey::from(*public); + // let shared_secret = self_key.diffie_hellman(&other_key); + // *out = shared_secret.to_bytes(); +} + +#[cfg(test)] +mod tests { + use super::ac_ed_puck; + + #[test] + fn test_ed_puck() { + let mut seed: [u8; 32] = [0; 32]; + let mut public_key: [u8; 32] = [0; 32]; + ac_ed_puck(&mut seed, &mut public_key); + assert_eq!( + public_key, + [ + 59, 106, 39, 188, 206, 182, 164, 45, 98, 163, 168, 208, 42, 111, 13, 115, 101, 50, + 21, 119, 29, 226, 67, 166, 58, 192, 72, 161, 139, 89, 218, 41 + ] + ); } - Ok(()) } #[cfg(test)] #[cfg(feature = "test_vs_urcrypt")] -mod ucrypt_test { - // tests comparing urcrypt and ares_crypto output for ed25519 functions go here +mod ucrypt_tests { + use super::{ac_ed_puck, ac_ed_shar}; + use ibig::ubig; + use urcrypt_sys::{urcrypt_ed_puck, urcrypt_ed_shar}; + + #[test] + fn test_ed_puck() { + let mut seed: [u8; 32] = [0; 32]; + + let mut uc_out: [u8; 32] = [0; 32]; + unsafe { urcrypt_ed_puck(seed.as_ptr(), uc_out.as_mut_ptr()) }; + + let mut ac_out: [u8; 32] = [0; 32]; + ac_ed_puck(&mut seed, &mut ac_out); + + assert_eq!(ac_out, uc_out); + } + + #[test] + fn test_ed_shar() { + let seed_src = + &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb) + .to_le_bytes(); + let mut seed: [u8; 32] = [0; 32]; + seed.copy_from_slice(seed_src); + + let public_key_src = + &ubig!(_0xd75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a) + .to_le_bytes(); + let mut public_key: [u8; 32] = [0; 32]; + public_key.copy_from_slice(public_key_src); + + let mut uc_out: [u8; 32] = [0; 32]; + unsafe { urcrypt_ed_shar(public_key.as_ptr(), seed.as_ptr(), uc_out.as_mut_ptr()) }; + + let mut ac_out: [u8; 32] = [0; 32]; + ac_ed_shar(&public_key, &seed, &mut ac_out); + + assert_eq!(ac_out, uc_out); + } } From 561701aaf1882849a5c27bf9f546d0ce11a8166d Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Mon, 18 Dec 2023 12:55:13 -0500 Subject: [PATCH 05/40] wip: `shar` --- rust/ares_crypto/Cargo.lock | 37 +-------------------------------- rust/ares_crypto/Cargo.toml | 3 ++- rust/ares_crypto/src/ed25519.rs | 29 +++++++++++++++----------- 3 files changed, 20 insertions(+), 49 deletions(-) diff --git a/rust/ares_crypto/Cargo.lock b/rust/ares_crypto/Cargo.lock index 775b05a..66e03b4 100644 --- a/rust/ares_crypto/Cargo.lock +++ b/rust/ares_crypto/Cargo.lock @@ -55,6 +55,7 @@ version = "0.1.0" dependencies = [ "aes-siv", "assert_no_alloc", + "curve25519-dalek", "ed25519", "ed25519-dalek", "ibig", @@ -652,26 +653,6 @@ version = "1.0.20" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "836fa6a3e1e547f9a2c4040802ec865b5d85f4014efe00555d7090a3dcaa1090" -[[package]] -name = "serde" -version = "1.0.193" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25dd9975e68d0cb5aa1120c288333fc98731bd1dd12f561e468ea4728c042b89" -dependencies = [ - "serde_derive", -] - -[[package]] -name = "serde_derive" -version = "1.0.193" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "43576ca501357b9b071ac53cdc7da8ef0cbd9493d8df094cd821777ea6e894d3" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - [[package]] name = "sha2" version = "0.10.8" @@ -888,8 +869,6 @@ checksum = "fb66477291e7e8d2b0ff1bcb900bf29489a9692816d79874bea351e7a8b6de96" dependencies = [ "curve25519-dalek", "rand_core", - "serde", - "zeroize", ] [[package]] @@ -897,17 +876,3 @@ name = "zeroize" version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "525b4ec142c6b68a2d10f01f7bbf6755599ca3f81ea53b8431b7dd348f5fdb2d" -dependencies = [ - "zeroize_derive", -] - -[[package]] -name = "zeroize_derive" -version = "1.4.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] diff --git a/rust/ares_crypto/Cargo.toml b/rust/ares_crypto/Cargo.toml index a722c3f..e4516b4 100644 --- a/rust/ares_crypto/Cargo.toml +++ b/rust/ares_crypto/Cargo.toml @@ -16,7 +16,8 @@ rand = { version = "0.8.5", features = ["std_rng"], default-features = false } urcrypt-sys = { version = "0.1.1", optional = true } sha2 = "0.10.8" ibig = "0.3.6" -x25519-dalek = "2.0.0" +x25519-dalek = { version = "2.0.0", features = ["static_secrets"], default-features = false } +curve25519-dalek = "4.1.1" [features] # XX turn off test_vs_urcrypt after development diff --git a/rust/ares_crypto/src/ed25519.rs b/rust/ares_crypto/src/ed25519.rs index eee8f1c..7485290 100644 --- a/rust/ares_crypto/src/ed25519.rs +++ b/rust/ares_crypto/src/ed25519.rs @@ -1,6 +1,6 @@ -use rand::{rngs::StdRng, SeedableRng}; +use curve25519_dalek::{edwards::CompressedEdwardsY, EdwardsPoint, MontgomeryPoint}; use ed25519_dalek::{SigningKey, VerifyingKey}; -use x25519_dalek::{EphemeralSecret, PublicKey, SharedSecret}; +use x25519_dalek::{PublicKey, StaticSecret}; /// Generate a public key from the given seed and write it to the given output slice. pub fn ac_ed_puck(seed: &mut [u8; 32], out: &mut [u8; 32]) { @@ -13,11 +13,16 @@ pub fn ac_ed_puck(seed: &mut [u8; 32], out: &mut [u8; 32]) { /// the keypair generate from the given seed, writing the resulting shared key /// to the given output slice. pub fn ac_ed_shar(public: &[u8; 32], seed: &[u8; 32], out: &mut [u8; 32]) { - // let self_key = SigningKey::from_bytes(seed); + let self_key = SigningKey::from_bytes(seed); + let self_secret = StaticSecret::from(self_key.to_bytes()); - // let other_key = PublicKey::from(*public); - // let shared_secret = self_key.diffie_hellman(&other_key); - // *out = shared_secret.to_bytes(); + if let Ok(compressed_ed_pt) = CompressedEdwardsY::from_slice(public) { + if let Some(ed_pt) = compressed_ed_pt.decompress() { + let public_key = PublicKey::from(ed_pt.to_montgomery().to_bytes()); + let shared_secret = self_secret.diffie_hellman(&public_key); + *out = shared_secret.to_bytes(); + } + } } #[cfg(test)] @@ -61,18 +66,18 @@ mod ucrypt_tests { #[test] fn test_ed_shar() { - let seed_src = - &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb) - .to_le_bytes(); - let mut seed: [u8; 32] = [0; 32]; - seed.copy_from_slice(seed_src); - let public_key_src = &ubig!(_0xd75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a) .to_le_bytes(); let mut public_key: [u8; 32] = [0; 32]; public_key.copy_from_slice(public_key_src); + let seed_src = + &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb) + .to_le_bytes(); + let mut seed: [u8; 32] = [0; 32]; + seed.copy_from_slice(seed_src); + let mut uc_out: [u8; 32] = [0; 32]; unsafe { urcrypt_ed_shar(public_key.as_ptr(), seed.as_ptr(), uc_out.as_mut_ptr()) }; From 228ab7f5b7b395e0bc92e4f9f43669665af30302 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Mon, 18 Dec 2023 14:08:59 -0500 Subject: [PATCH 06/40] `ed`: `sign` --- rust/ares_crypto/Cargo.lock | 2 ++ rust/ares_crypto/Cargo.toml | 14 ++++++------ rust/ares_crypto/src/ed25519.rs | 38 +++++++++++++++++++++++++++------ 3 files changed, 40 insertions(+), 14 deletions(-) diff --git a/rust/ares_crypto/Cargo.lock b/rust/ares_crypto/Cargo.lock index 66e03b4..83214e3 100644 --- a/rust/ares_crypto/Cargo.lock +++ b/rust/ares_crypto/Cargo.lock @@ -302,6 +302,7 @@ dependencies = [ "ed25519", "rand_core", "sha2", + "signature", "subtle", ] @@ -676,6 +677,7 @@ version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" dependencies = [ + "digest", "rand_core", ] diff --git a/rust/ares_crypto/Cargo.toml b/rust/ares_crypto/Cargo.toml index e4516b4..069d973 100644 --- a/rust/ares_crypto/Cargo.toml +++ b/rust/ares_crypto/Cargo.toml @@ -10,14 +10,14 @@ assert_no_alloc = "1.1.2" # use this when debugging requires allocation (e.g. eprintln) # assert_no_alloc = {version="1.1.2", features=["warn_debug"]} aes-siv = { version = "0.7.0", features = ["heapless"], default-features = false } -ed25519-dalek = { version = "2.1.0", features = ["pkcs8", "rand_core"], default-features = false } -ed25519 = { version = "2.2.3" } -rand = { version = "0.8.5", features = ["std_rng"], default-features = false } -urcrypt-sys = { version = "0.1.1", optional = true } -sha2 = "0.10.8" -ibig = "0.3.6" -x25519-dalek = { version = "2.0.0", features = ["static_secrets"], default-features = false } curve25519-dalek = "4.1.1" +ed25519-dalek = { version = "2.1.0", features = ["digest", "pkcs8", "rand_core"], default-features = false } +ed25519 = { version = "2.2.3" } +ibig = "0.3.6" +rand = { version = "0.8.5", features = ["std_rng"], default-features = false } +sha2 = "0.10.8" +urcrypt-sys = { version = "0.1.1", optional = true } +x25519-dalek = { version = "2.0.0", features = ["static_secrets"], default-features = false } [features] # XX turn off test_vs_urcrypt after development diff --git a/rust/ares_crypto/src/ed25519.rs b/rust/ares_crypto/src/ed25519.rs index 7485290..65fb988 100644 --- a/rust/ares_crypto/src/ed25519.rs +++ b/rust/ares_crypto/src/ed25519.rs @@ -1,5 +1,7 @@ -use curve25519_dalek::{edwards::CompressedEdwardsY, EdwardsPoint, MontgomeryPoint}; -use ed25519_dalek::{SigningKey, VerifyingKey}; +use sha2::{Digest, Sha512}; + +use curve25519_dalek::edwards::CompressedEdwardsY; +use ed25519_dalek::{SigningKey, VerifyingKey, Signer}; use x25519_dalek::{PublicKey, StaticSecret}; /// Generate a public key from the given seed and write it to the given output slice. @@ -25,6 +27,12 @@ pub fn ac_ed_shar(public: &[u8; 32], seed: &[u8; 32], out: &mut [u8; 32]) { } } +pub fn ac_ed_sign(msg: &[u8], seed: &[u8; 32], out: &mut [u8; 64]) { + let signing_key = SigningKey::from_bytes(seed); + let signature = signing_key.sign(msg); + *out = signature.to_bytes(); +} + #[cfg(test)] mod tests { use super::ac_ed_puck; @@ -47,9 +55,9 @@ mod tests { #[cfg(test)] #[cfg(feature = "test_vs_urcrypt")] mod ucrypt_tests { - use super::{ac_ed_puck, ac_ed_shar}; + use super::{ac_ed_puck, ac_ed_shar, ac_ed_sign}; use ibig::ubig; - use urcrypt_sys::{urcrypt_ed_puck, urcrypt_ed_shar}; + use urcrypt_sys::{urcrypt_ed_puck, urcrypt_ed_shar, urcrypt_ed_sign}; #[test] fn test_ed_puck() { @@ -72,9 +80,8 @@ mod ucrypt_tests { let mut public_key: [u8; 32] = [0; 32]; public_key.copy_from_slice(public_key_src); - let seed_src = - &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb) - .to_le_bytes(); + let seed_src = &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb) + .to_le_bytes(); let mut seed: [u8; 32] = [0; 32]; seed.copy_from_slice(seed_src); @@ -86,4 +93,21 @@ mod ucrypt_tests { assert_eq!(ac_out, uc_out); } + + #[test] + fn test_ed_sign() { + let msg = b"test"; + let seed_src = &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb) + .to_le_bytes(); + let mut seed: [u8; 32] = [0; 32]; + seed.copy_from_slice(seed_src); + + let mut uc_out: [u8; 64] = [0; 64]; + unsafe { urcrypt_ed_sign(msg.as_ptr(), msg.len(), seed.as_ptr(), uc_out.as_mut_ptr()) }; + + let mut ac_out: [u8; 64] = [0; 64]; + ac_ed_sign(msg, &seed, &mut ac_out); + + assert_eq!(ac_out, uc_out); + } } From 7878b775ab0288fc3ec91ee160c36e940a9f1f5e Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Mon, 18 Dec 2023 15:03:44 -0500 Subject: [PATCH 07/40] `ed`: `veri` --- rust/ares_crypto/src/ed25519.rs | 102 +++++++++++++++++++++++++++++--- 1 file changed, 94 insertions(+), 8 deletions(-) diff --git a/rust/ares_crypto/src/ed25519.rs b/rust/ares_crypto/src/ed25519.rs index 65fb988..726a72c 100644 --- a/rust/ares_crypto/src/ed25519.rs +++ b/rust/ares_crypto/src/ed25519.rs @@ -1,7 +1,5 @@ -use sha2::{Digest, Sha512}; - use curve25519_dalek::edwards::CompressedEdwardsY; -use ed25519_dalek::{SigningKey, VerifyingKey, Signer}; +use ed25519_dalek::{Signature, Signer, SigningKey, Verifier, VerifyingKey}; use x25519_dalek::{PublicKey, StaticSecret}; /// Generate a public key from the given seed and write it to the given output slice. @@ -33,9 +31,21 @@ pub fn ac_ed_sign(msg: &[u8], seed: &[u8; 32], out: &mut [u8; 64]) { *out = signature.to_bytes(); } +pub fn ac_ed_veri(msg: &[u8], public: &[u8; 32], signature: &[u8; 64]) -> bool { + if let Ok(verifying_key) = VerifyingKey::from_bytes(public) { + verifying_key + .verify(msg, &Signature::from_bytes(signature)) + .is_ok() + } else { + false + } +} + #[cfg(test)] mod tests { - use super::ac_ed_puck; + use ibig::ubig; + + use super::{ac_ed_puck, ac_ed_shar, ac_ed_sign, ac_ed_veri}; #[test] fn test_ed_puck() { @@ -50,18 +60,61 @@ mod tests { ] ); } + + // #[test] + // fn test_ed_shar() { + // } + + #[test] + fn test_ed_sign() { + let msg = b"Ares has long exerted a pull on the human imagination."; + + let seed_src = &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb) + .to_le_bytes(); + let mut seed: [u8; 32] = [0; 32]; + seed.copy_from_slice(seed_src); + + let mut signature: [u8; 64] = [0; 64]; + ac_ed_sign(msg, &seed, &mut signature); + + // from urcrypt_ed_sign() + let constant_signature = [ + 112, 132, 235, 218, 21, 180, 5, 48, 145, 211, 212, 153, 255, 229, 198, 165, 64, 140, + 246, 27, 0, 97, 185, 143, 180, 10, 38, 68, 200, 71, 231, 108, 141, 26, 97, 207, 199, + 204, 0, 123, 250, 161, 182, 92, 48, 116, 144, 42, 204, 6, 199, 162, 10, 66, 173, 185, + 155, 96, 240, 56, 224, 187, 160, 1, + ]; + + assert_eq!(signature, constant_signature); + } + + #[test] + fn test_ed_veri() { + let msg = b"The erratically moving red star in the sky was seen as sinister or violent by the ancients."; + + let mut seed = [42; 32]; + let mut public_key: [u8; 32] = [0; 32]; + ac_ed_puck(&mut seed, &mut public_key); + + let mut signature: [u8; 64] = [0; 64]; + ac_ed_sign(msg, &seed, &mut signature); + + let valid = ac_ed_veri(msg, &public_key, &signature); + + assert!(valid); + } } #[cfg(test)] #[cfg(feature = "test_vs_urcrypt")] mod ucrypt_tests { - use super::{ac_ed_puck, ac_ed_shar, ac_ed_sign}; + use super::{ac_ed_puck, ac_ed_shar, ac_ed_sign, ac_ed_veri}; use ibig::ubig; - use urcrypt_sys::{urcrypt_ed_puck, urcrypt_ed_shar, urcrypt_ed_sign}; + use urcrypt_sys::{urcrypt_ed_puck, urcrypt_ed_shar, urcrypt_ed_sign, urcrypt_ed_veri}; #[test] fn test_ed_puck() { - let mut seed: [u8; 32] = [0; 32]; + let mut seed: [u8; 32] = [42; 32]; let mut uc_out: [u8; 32] = [0; 32]; unsafe { urcrypt_ed_puck(seed.as_ptr(), uc_out.as_mut_ptr()) }; @@ -96,7 +149,9 @@ mod ucrypt_tests { #[test] fn test_ed_sign() { - let msg = b"test"; + // let msg = b"The Greeks identified it with Ares, the god of war."; + let msg = b"Ares has long exerted a pull on the human imagination."; + let seed_src = &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb) .to_le_bytes(); let mut seed: [u8; 32] = [0; 32]; @@ -105,9 +160,40 @@ mod ucrypt_tests { let mut uc_out: [u8; 64] = [0; 64]; unsafe { urcrypt_ed_sign(msg.as_ptr(), msg.len(), seed.as_ptr(), uc_out.as_mut_ptr()) }; + eprintln!("uc_out: {:x?}", uc_out); + let mut ac_out: [u8; 64] = [0; 64]; ac_ed_sign(msg, &seed, &mut ac_out); assert_eq!(ac_out, uc_out); } + + #[test] + fn test_ed_veri() { + let msg = b"The Babylonians named it after Nergal, god of the underworld."; + + let seed_src = &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb) + .to_le_bytes(); + let mut seed: [u8; 32] = [0; 32]; + seed.copy_from_slice(seed_src); + + let mut public_key: [u8; 32] = [0; 32]; + ac_ed_puck(&mut seed, &mut public_key); + + let mut signature: [u8; 64] = [0; 64]; + ac_ed_sign(msg, &seed, &mut signature); + + let uc_out = unsafe { + urcrypt_ed_veri( + msg.as_ptr(), + msg.len(), + public_key.as_ptr(), + signature.as_ptr(), + ) + }; + + let ac_out = ac_ed_veri(msg, &public_key, &signature); + + assert_eq!(ac_out, uc_out); + } } From 3767f89272356fe6c89fbd783bf30fef680aaa51 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Mon, 18 Dec 2023 16:08:22 -0500 Subject: [PATCH 08/40] wip: all but `shar` work for `ed` --- rust/ares_crypto/Cargo.lock | 2 +- rust/ares_crypto/Cargo.toml | 2 +- rust/ares_crypto/src/ed25519.rs | 23 +++++++++++++++-------- 3 files changed, 17 insertions(+), 10 deletions(-) diff --git a/rust/ares_crypto/Cargo.lock b/rust/ares_crypto/Cargo.lock index 83214e3..05d79af 100644 --- a/rust/ares_crypto/Cargo.lock +++ b/rust/ares_crypto/Cargo.lock @@ -50,7 +50,7 @@ dependencies = [ ] [[package]] -name = "ares-crypto" +name = "ares_crypto" version = "0.1.0" dependencies = [ "aes-siv", diff --git a/rust/ares_crypto/Cargo.toml b/rust/ares_crypto/Cargo.toml index 069d973..de0ed49 100644 --- a/rust/ares_crypto/Cargo.toml +++ b/rust/ares_crypto/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "ares-crypto" +name = "ares_crypto" version = "0.1.0" edition = "2021" diff --git a/rust/ares_crypto/src/ed25519.rs b/rust/ares_crypto/src/ed25519.rs index 726a72c..04b4b38 100644 --- a/rust/ares_crypto/src/ed25519.rs +++ b/rust/ares_crypto/src/ed25519.rs @@ -67,17 +67,27 @@ mod tests { #[test] fn test_ed_sign() { - let msg = b"Ares has long exerted a pull on the human imagination."; + // from https://datatracker.ietf.org/doc/html/rfc8032#section-7.1 + // let msg: [u8; 0] = []; + // let seed_src = &ubig!(_0x9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60) + // .to_le_bytes(); + // let mut seed: [u8; 32] = [0; 32]; + // seed.copy_from_slice(seed_src); + // let mut signature: [u8; 64] = [0; 64]; + // ac_ed_sign(&msg, &seed, &mut signature); + // let signature_src = &ubig!(_0xe5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b).to_le_bytes(); + // let mut test_signature: [u8; 64] = [0; 64]; + // test_signature.copy_from_slice(signature_src); + // assert_eq!(signature, test_signature); + // + let msg = b"Ares has long exerted a pull on the human imagination."; let seed_src = &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb) .to_le_bytes(); let mut seed: [u8; 32] = [0; 32]; seed.copy_from_slice(seed_src); - let mut signature: [u8; 64] = [0; 64]; ac_ed_sign(msg, &seed, &mut signature); - - // from urcrypt_ed_sign() let constant_signature = [ 112, 132, 235, 218, 21, 180, 5, 48, 145, 211, 212, 153, 255, 229, 198, 165, 64, 140, 246, 27, 0, 97, 185, 143, 180, 10, 38, 68, 200, 71, 231, 108, 141, 26, 97, 207, 199, @@ -149,8 +159,7 @@ mod ucrypt_tests { #[test] fn test_ed_sign() { - // let msg = b"The Greeks identified it with Ares, the god of war."; - let msg = b"Ares has long exerted a pull on the human imagination."; + let msg = b"The Greeks identified it with Ares, the god of war."; let seed_src = &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb) .to_le_bytes(); @@ -160,8 +169,6 @@ mod ucrypt_tests { let mut uc_out: [u8; 64] = [0; 64]; unsafe { urcrypt_ed_sign(msg.as_ptr(), msg.len(), seed.as_ptr(), uc_out.as_mut_ptr()) }; - eprintln!("uc_out: {:x?}", uc_out); - let mut ac_out: [u8; 64] = [0; 64]; ac_ed_sign(msg, &seed, &mut ac_out); From f8c5620752dd994b933baf88d8e075466e7f050f Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Mon, 18 Dec 2023 16:14:29 -0500 Subject: [PATCH 09/40] `ed`: add comments --- rust/ares_crypto/src/aes_siv.rs | 17 ----------------- rust/ares_crypto/src/ed25519.rs | 3 +++ 2 files changed, 3 insertions(+), 17 deletions(-) diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index a2b310c..ae0559c 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -2,23 +2,6 @@ use aes_siv::aead::Error; pub fn _ac_aes_siv_en() -> Result<(), Error> { todo!(); - // let key = Aes256SivAead::generate_key(&mut OsRng); - // let cipher = Aes256SivAead::new(&key); - // let nonce = Nonce::from_slice(b"any unique nonce"); // 128-bits; unique per message - - // let mut buffer: Vec = Vec::new(); // Note: buffer needs 16-bytes overhead for auth tag tag - // buffer.extend_from_slice(b"plaintext message"); - - // // Encrypt `buffer` in-place, replacing the plaintext contents with ciphertext - // cipher.encrypt_in_place(nonce, b"", &mut buffer)?; - - // // `buffer` now contains the message ciphertext - // assert_ne!(&buffer, b"plaintext message"); - - // // Decrypt `buffer` in-place, replacing its ciphertext context with the original plaintext - // cipher.decrypt_in_place(nonce, b"", &mut buffer)?; - // assert_eq!(&buffer, b"plaintext message"); - // Ok(()) } pub fn _ac_aes_siv_de() -> Result<(), Error> { diff --git a/rust/ares_crypto/src/ed25519.rs b/rust/ares_crypto/src/ed25519.rs index 04b4b38..3db824c 100644 --- a/rust/ares_crypto/src/ed25519.rs +++ b/rust/ares_crypto/src/ed25519.rs @@ -25,12 +25,15 @@ pub fn ac_ed_shar(public: &[u8; 32], seed: &[u8; 32], out: &mut [u8; 32]) { } } +/// Sign a message with the given seed and write the resulting signature to the +/// given output slice. pub fn ac_ed_sign(msg: &[u8], seed: &[u8; 32], out: &mut [u8; 64]) { let signing_key = SigningKey::from_bytes(seed); let signature = signing_key.sign(msg); *out = signature.to_bytes(); } +/// Verify a signature of the given message with the given public key. pub fn ac_ed_veri(msg: &[u8], public: &[u8; 32], signature: &[u8; 64]) -> bool { if let Ok(verifying_key) = VerifyingKey::from_bytes(public) { verifying_key From d12656e7c380f4e5208cafc59053a33213282868 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Mon, 18 Dec 2023 21:22:06 -0500 Subject: [PATCH 10/40] wip: `aes` mess --- rust/ares_crypto/src/aes_siv.rs | 161 ++++++++++++++++++++++++++++---- 1 file changed, 145 insertions(+), 16 deletions(-) diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index ae0559c..1d3afa9 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -1,33 +1,162 @@ -use aes_siv::aead::Error; +use aes_siv::{ + aead::{generic_array::GenericArray, heapless::Vec, AeadInPlace, Buffer, KeyInit}, + Aes256SivAead, + Error, // Or `Aes256SivAead` + Nonce, siv::KeySize, +}; -pub fn _ac_aes_siv_en() -> Result<(), Error> { +pub fn _ac_aes_siv_en( + key: &mut [u8], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &[u8; 16], + out: &mut [u8], +) -> Result<(), Error> { + eprintln!("START 0"); + let cipher = Aes256SivAead::new_from_slice(key).unwrap(); + eprintln!("START 1"); + let nonce = Nonce::from_slice(b""); + eprintln!("START 2"); + let mut buffer = Vec::::new(); + eprintln!("START 3"); + buffer.extend_from_slice(message).unwrap(); + eprintln!("START 4"); + let mut ad: Vec = Vec::new(); + eprintln!("START 5"); + for i in 0..data.len() { + for j in 0..data[i].len() { + ad.push(data[i][j]).unwrap(); + } + } + eprintln!("ad: {:?}", ad); + let ad_bytes = ad.as_slice(); + cipher.encrypt_in_place(nonce, ad_bytes, &mut buffer)?; + out.copy_from_slice(&buffer); + Ok(()) +} + +pub fn _ac_aes_siv_de( + key: &mut [u8], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &[u8; 16], + out: &mut [u8], +) { todo!(); } -pub fn _ac_aes_siv_de() -> Result<(), Error> { +pub fn ac_aes_siva_en( + key: &mut [u8; 32], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &[u8; 16], + out: &mut [u8], +) { + _ac_aes_siv_en(key, message, data, iv, out); +} + +pub fn ac_aes_siva_de( + key: &mut [u8; 32], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &[u8; 16], + out: &mut [u8], +) { todo!(); } -pub fn ac_aes_siva_en() -> Result<(), Error> { +pub fn ac_aes_sivb_en( + key: &mut [u8; 48], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &[u8; 16], + out: &mut [u8], +) { + _ac_aes_siv_en(key, message, data, iv, out); +} + +pub fn ac_aes_sivb_de( + key: &mut [u8; 48], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &[u8; 16], + out: &mut [u8], +) { todo!(); } -pub fn ac_aes_siva_de() -> Result<(), Error> { - todo!(); +pub fn ac_aes_sivc_en( + key: &mut [u8; 64], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &[u8; 16], + out: &mut [u8], +) { + _ac_aes_siv_en(key, message, data, iv, out); } -pub fn ac_aes_sivb_en() -> Result<(), Error> { - todo!(); +pub fn ac_aes_sivc_de( + key: &mut [u8; 64], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &[u8; 16], + out: &mut [u8], +) { } -pub fn ac_aes_sivb_de() -> Result<(), Error> { - todo!(); -} +#[cfg(test)] +#[cfg(feature = "test_vs_urcrypt")] +mod urcrypt_tests { + use super::{ + ac_aes_siva_de, ac_aes_siva_en, ac_aes_sivb_de, ac_aes_sivb_en, ac_aes_sivc_de, + ac_aes_sivc_en, + }; + use urcrypt_sys::{ + urcrypt_aes_siv_data, urcrypt_aes_siva_de, urcrypt_aes_siva_en, urcrypt_aes_sivb_de, + urcrypt_aes_sivb_en, urcrypt_aes_sivc_de, urcrypt_aes_sivc_en, + }; -pub fn ac_aes_sivc_en() -> Result<(), Error> { - todo!(); -} + #[test] + fn test_aes_siva_en() { + let mut key: [u8; 32] = [42; 32]; + let mut message: [u8; 32] = [42; 32]; + let mut iv: [u8; 16] = [42; 16]; + let mut uc_out: [u8; 32] = [0; 32]; -pub fn ac_aes_sivc_de() -> Result<(), Error> { - todo!(); + let mut uc_bytes = [42; 32]; + let mut uc_bytes_two = [43; 32]; + let mut uc_data: [urcrypt_aes_siv_data; 2] = [ + urcrypt_aes_siv_data { + bytes: uc_bytes.as_mut_ptr(), + length: uc_bytes.len(), + }, + urcrypt_aes_siv_data { + bytes: uc_bytes_two.as_mut_ptr(), + length: uc_bytes_two.len(), + }, + ]; + + unsafe { + urcrypt_aes_siva_en( + message.as_mut_ptr(), + message.len(), + uc_data.as_mut_ptr(), + uc_data.len(), + key.as_mut_ptr(), + iv.as_mut_ptr(), + uc_out.as_mut_ptr(), + ) + }; + eprintln!("uc_out: {:?}", uc_out); + + let mut key: [u8; 32] = [42; 32]; + let mut message: [u8; 32] = [42; 32]; + let mut ac_data: [&mut [u8]; 2] = [&mut [42; 32], &mut [43; 32]]; + let iv: [u8; 16] = [42; 16]; + let mut ac_out: [u8; 32] = [0; 32]; + ac_aes_siva_en(&mut key, &mut message, &mut ac_data, &iv, &mut ac_out); + eprintln!("ac_out: {:?}", ac_out); + + assert_eq!(ac_out, uc_out); + } } From 017b488b74b1f457b1ee9b0acfde4a46bdf1c005 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Tue, 19 Dec 2023 11:22:46 -0500 Subject: [PATCH 11/40] wip: `siv_en` encrypts but is incorrect --- rust/ares_crypto/src/aes_siv.rs | 22 +++++----------------- 1 file changed, 5 insertions(+), 17 deletions(-) diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index 1d3afa9..3d8e2fc 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -1,6 +1,6 @@ use aes_siv::{ aead::{generic_array::GenericArray, heapless::Vec, AeadInPlace, Buffer, KeyInit}, - Aes256SivAead, + Aes256SivAead, Aes128SivAead, Error, // Or `Aes256SivAead` Nonce, siv::KeySize, }; @@ -12,25 +12,18 @@ pub fn _ac_aes_siv_en( iv: &[u8; 16], out: &mut [u8], ) -> Result<(), Error> { - eprintln!("START 0"); - let cipher = Aes256SivAead::new_from_slice(key).unwrap(); - eprintln!("START 1"); - let nonce = Nonce::from_slice(b""); - eprintln!("START 2"); + let cipher = Aes128SivAead::new_from_slice(key).unwrap(); + let nonce = Nonce::from_slice(b"any unique nonce"); let mut buffer = Vec::::new(); - eprintln!("START 3"); buffer.extend_from_slice(message).unwrap(); - eprintln!("START 4"); let mut ad: Vec = Vec::new(); - eprintln!("START 5"); for i in 0..data.len() { for j in 0..data[i].len() { ad.push(data[i][j]).unwrap(); } } - eprintln!("ad: {:?}", ad); let ad_bytes = ad.as_slice(); - cipher.encrypt_in_place(nonce, ad_bytes, &mut buffer)?; + cipher.encrypt_in_place_detached(nonce, ad_bytes, &mut buffer)?; out.copy_from_slice(&buffer); Ok(()) } @@ -121,10 +114,10 @@ mod urcrypt_tests { let mut key: [u8; 32] = [42; 32]; let mut message: [u8; 32] = [42; 32]; let mut iv: [u8; 16] = [42; 16]; - let mut uc_out: [u8; 32] = [0; 32]; let mut uc_bytes = [42; 32]; let mut uc_bytes_two = [43; 32]; + let mut uc_out: [u8; 32] = [0; 32]; let mut uc_data: [urcrypt_aes_siv_data; 2] = [ urcrypt_aes_siv_data { bytes: uc_bytes.as_mut_ptr(), @@ -147,15 +140,10 @@ mod urcrypt_tests { uc_out.as_mut_ptr(), ) }; - eprintln!("uc_out: {:?}", uc_out); - let mut key: [u8; 32] = [42; 32]; - let mut message: [u8; 32] = [42; 32]; let mut ac_data: [&mut [u8]; 2] = [&mut [42; 32], &mut [43; 32]]; - let iv: [u8; 16] = [42; 16]; let mut ac_out: [u8; 32] = [0; 32]; ac_aes_siva_en(&mut key, &mut message, &mut ac_data, &iv, &mut ac_out); - eprintln!("ac_out: {:?}", ac_out); assert_eq!(ac_out, uc_out); } From 93644c12d0b6f95f37ce32426f141b7171afb98c Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Tue, 19 Dec 2023 14:13:16 -0500 Subject: [PATCH 12/40] wip: `aes_siv` crate does not support RFC 5297.4 --- rust/ares_crypto/src/aes_siv.rs | 142 ++++++++++++++++---------------- rust/ares_crypto/src/ed25519.rs | 2 +- 2 files changed, 73 insertions(+), 71 deletions(-) diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index 3d8e2fc..880f066 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -1,21 +1,17 @@ use aes_siv::{ - aead::{generic_array::GenericArray, heapless::Vec, AeadInPlace, Buffer, KeyInit}, - Aes256SivAead, Aes128SivAead, - Error, // Or `Aes256SivAead` - Nonce, siv::KeySize, + aead::{heapless::Vec, AeadInPlace, KeyInit}, + Aes128SivAead, Error, Nonce }; pub fn _ac_aes_siv_en( key: &mut [u8], message: &mut [u8], data: &mut [&mut [u8]], - iv: &[u8; 16], + iv: &mut [u8; 16], out: &mut [u8], ) -> Result<(), Error> { let cipher = Aes128SivAead::new_from_slice(key).unwrap(); - let nonce = Nonce::from_slice(b"any unique nonce"); - let mut buffer = Vec::::new(); - buffer.extend_from_slice(message).unwrap(); + let nonce = Nonce::default(); let mut ad: Vec = Vec::new(); for i in 0..data.len() { for j in 0..data[i].len() { @@ -23,90 +19,96 @@ pub fn _ac_aes_siv_en( } } let ad_bytes = ad.as_slice(); - cipher.encrypt_in_place_detached(nonce, ad_bytes, &mut buffer)?; - out.copy_from_slice(&buffer); + let iv_array = cipher.encrypt_in_place_detached(&nonce, ad_bytes, message)?; + iv.copy_from_slice(iv_array.as_slice()); + out.copy_from_slice(message); Ok(()) } -pub fn _ac_aes_siv_de( - key: &mut [u8], - message: &mut [u8], - data: &mut [&mut [u8]], - iv: &[u8; 16], - out: &mut [u8], -) { - todo!(); -} +// pub fn _ac_aes_siv_de( +// key: &mut [u8], +// message: &mut [u8], +// data: &mut [&mut [u8]], +// iv: &[u8; 16], +// out: &mut [u8], +// ) { +// todo!(); +// } pub fn ac_aes_siva_en( key: &mut [u8; 32], message: &mut [u8], data: &mut [&mut [u8]], - iv: &[u8; 16], + iv: &mut [u8; 16], out: &mut [u8], ) { - _ac_aes_siv_en(key, message, data, iv, out); + _ac_aes_siv_en(key, message, data, iv, out).unwrap(); } -pub fn ac_aes_siva_de( - key: &mut [u8; 32], - message: &mut [u8], - data: &mut [&mut [u8]], - iv: &[u8; 16], - out: &mut [u8], -) { - todo!(); -} +// pub fn ac_aes_siva_de( +// key: &mut [u8; 32], +// message: &mut [u8], +// data: &mut [&mut [u8]], +// iv: &[u8; 16], +// out: &mut [u8], +// ) { +// todo!(); +// } -pub fn ac_aes_sivb_en( - key: &mut [u8; 48], - message: &mut [u8], - data: &mut [&mut [u8]], - iv: &[u8; 16], - out: &mut [u8], -) { - _ac_aes_siv_en(key, message, data, iv, out); -} +// pub fn ac_aes_sivb_en( +// key: &mut [u8; 48], +// message: &mut [u8], +// data: &mut [&mut [u8]], +// iv: &[u8; 16], +// out: &mut [u8], +// ) { +// _ac_aes_siv_en(key, message, data, iv, out); +// } -pub fn ac_aes_sivb_de( - key: &mut [u8; 48], - message: &mut [u8], - data: &mut [&mut [u8]], - iv: &[u8; 16], - out: &mut [u8], -) { - todo!(); -} +// pub fn ac_aes_sivb_de( +// key: &mut [u8; 48], +// message: &mut [u8], +// data: &mut [&mut [u8]], +// iv: &[u8; 16], +// out: &mut [u8], +// ) { +// todo!(); +// } -pub fn ac_aes_sivc_en( - key: &mut [u8; 64], - message: &mut [u8], - data: &mut [&mut [u8]], - iv: &[u8; 16], - out: &mut [u8], -) { - _ac_aes_siv_en(key, message, data, iv, out); -} +// pub fn ac_aes_sivc_en( +// key: &mut [u8; 64], +// message: &mut [u8], +// data: &mut [&mut [u8]], +// iv: &[u8; 16], +// out: &mut [u8], +// ) { +// _ac_aes_siv_en(key, message, data, iv, out); +// } -pub fn ac_aes_sivc_de( - key: &mut [u8; 64], - message: &mut [u8], - data: &mut [&mut [u8]], - iv: &[u8; 16], - out: &mut [u8], -) { -} +// pub fn ac_aes_sivc_de( +// key: &mut [u8; 64], +// message: &mut [u8], +// data: &mut [&mut [u8]], +// iv: &[u8; 16], +// out: &mut [u8], +// ) { +// todo!(); +// } #[cfg(test)] #[cfg(feature = "test_vs_urcrypt")] mod urcrypt_tests { use super::{ - ac_aes_siva_de, ac_aes_siva_en, ac_aes_sivb_de, ac_aes_sivb_en, ac_aes_sivc_de, - ac_aes_sivc_en, + ac_aes_siva_en, + // ac_aes_siva_de, ac_aes_siva_en, ac_aes_sivb_de, ac_aes_sivb_en, ac_aes_sivc_de, + // ac_aes_sivc_en, }; use urcrypt_sys::{ - urcrypt_aes_siv_data, urcrypt_aes_siva_de, urcrypt_aes_siva_en, urcrypt_aes_sivb_de, - urcrypt_aes_sivb_en, urcrypt_aes_sivc_de, urcrypt_aes_sivc_en, + urcrypt_aes_siv_data, + // urcrypt_aes_siva_de, + urcrypt_aes_siva_en, + // urcrypt_aes_sivb_de, + // urcrypt_aes_sivb_en, urcrypt_aes_sivc_de, urcrypt_aes_sivc_en, }; #[test] @@ -143,7 +145,7 @@ mod urcrypt_tests { let mut ac_data: [&mut [u8]; 2] = [&mut [42; 32], &mut [43; 32]]; let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_siva_en(&mut key, &mut message, &mut ac_data, &iv, &mut ac_out); + ac_aes_siva_en(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out); assert_eq!(ac_out, uc_out); } diff --git a/rust/ares_crypto/src/ed25519.rs b/rust/ares_crypto/src/ed25519.rs index 3db824c..ba9d983 100644 --- a/rust/ares_crypto/src/ed25519.rs +++ b/rust/ares_crypto/src/ed25519.rs @@ -48,7 +48,7 @@ pub fn ac_ed_veri(msg: &[u8], public: &[u8; 32], signature: &[u8; 64]) -> bool { mod tests { use ibig::ubig; - use super::{ac_ed_puck, ac_ed_shar, ac_ed_sign, ac_ed_veri}; + use super::{ac_ed_puck, ac_ed_sign, ac_ed_veri}; #[test] fn test_ed_puck() { From 1251583052f949bfe1553ff6a36f0196001522da Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Tue, 19 Dec 2023 14:18:02 -0500 Subject: [PATCH 13/40] `ed`: fix typo --- rust/ares_crypto/src/ed25519.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rust/ares_crypto/src/ed25519.rs b/rust/ares_crypto/src/ed25519.rs index ba9d983..1feb345 100644 --- a/rust/ares_crypto/src/ed25519.rs +++ b/rust/ares_crypto/src/ed25519.rs @@ -120,7 +120,7 @@ mod tests { #[cfg(test)] #[cfg(feature = "test_vs_urcrypt")] -mod ucrypt_tests { +mod urcrypt_tests { use super::{ac_ed_puck, ac_ed_shar, ac_ed_sign, ac_ed_veri}; use ibig::ubig; use urcrypt_sys::{urcrypt_ed_puck, urcrypt_ed_shar, urcrypt_ed_sign, urcrypt_ed_veri}; From f53534b366465a3d5598871f38d0e0af02656b7d Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Tue, 19 Dec 2023 14:45:50 -0500 Subject: [PATCH 14/40] `aes`: `siv_en` works --- rust/ares_crypto/src/aes_siv.rs | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index 880f066..5931f3f 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -1,6 +1,7 @@ use aes_siv::{ - aead::{heapless::Vec, AeadInPlace, KeyInit}, - Aes128SivAead, Error, Nonce + aead::KeyInit, + siv::Aes128Siv, + Error }; pub fn _ac_aes_siv_en( @@ -10,17 +11,12 @@ pub fn _ac_aes_siv_en( iv: &mut [u8; 16], out: &mut [u8], ) -> Result<(), Error> { - let cipher = Aes128SivAead::new_from_slice(key).unwrap(); - let nonce = Nonce::default(); - let mut ad: Vec = Vec::new(); - for i in 0..data.len() { - for j in 0..data[i].len() { - ad.push(data[i][j]).unwrap(); - } - } - let ad_bytes = ad.as_slice(); - let iv_array = cipher.encrypt_in_place_detached(&nonce, ad_bytes, message)?; - iv.copy_from_slice(iv_array.as_slice()); + let mut cipher = Aes128Siv::new_from_slice(&key).unwrap(); + let iv_tag = cipher.encrypt_in_place_detached(data, message)?; + let mut iv_slice = iv_tag.as_slice().to_owned(); + iv_slice.reverse(); + iv.copy_from_slice(&iv_slice); + message.reverse(); out.copy_from_slice(message); Ok(()) } From b903e5784d5d065211ba2519c98c274f8e14ae65 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Tue, 19 Dec 2023 15:39:39 -0500 Subject: [PATCH 15/40] `aes_siv`: complete `siv{a,b,c}_{en,de}` with tests --- rust/ares_crypto/Cargo.lock | 1 + rust/ares_crypto/Cargo.toml | 1 + rust/ares_crypto/src/aes_siv.rs | 385 ++++++++++++++++++++++++++------ 3 files changed, 314 insertions(+), 73 deletions(-) diff --git a/rust/ares_crypto/Cargo.lock b/rust/ares_crypto/Cargo.lock index 05d79af..e854f9e 100644 --- a/rust/ares_crypto/Cargo.lock +++ b/rust/ares_crypto/Cargo.lock @@ -53,6 +53,7 @@ dependencies = [ name = "ares_crypto" version = "0.1.0" dependencies = [ + "aes", "aes-siv", "assert_no_alloc", "curve25519-dalek", diff --git a/rust/ares_crypto/Cargo.toml b/rust/ares_crypto/Cargo.toml index de0ed49..07ea9c1 100644 --- a/rust/ares_crypto/Cargo.toml +++ b/rust/ares_crypto/Cargo.toml @@ -18,6 +18,7 @@ rand = { version = "0.8.5", features = ["std_rng"], default-features = false } sha2 = "0.10.8" urcrypt-sys = { version = "0.1.1", optional = true } x25519-dalek = { version = "2.0.0", features = ["static_secrets"], default-features = false } +aes = "0.8.3" [features] # XX turn off test_vs_urcrypt after development diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index 5931f3f..512bc0d 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -1,8 +1,10 @@ -use aes_siv::{ - aead::KeyInit, - siv::Aes128Siv, - Error -}; +use core::panic; + +use aes::Aes192; +use aes_siv::aead::{generic_array::GenericArray, KeyInit}; +use aes_siv::siv::{Aes128Siv, Aes256Siv, CmacSiv}; + +type Aes192Siv = CmacSiv; pub fn _ac_aes_siv_en( key: &mut [u8], @@ -10,26 +12,57 @@ pub fn _ac_aes_siv_en( data: &mut [&mut [u8]], iv: &mut [u8; 16], out: &mut [u8], -) -> Result<(), Error> { - let mut cipher = Aes128Siv::new_from_slice(&key).unwrap(); - let iv_tag = cipher.encrypt_in_place_detached(data, message)?; +) { + let iv_tag; + if key.len() == 32 { + let mut cipher = Aes128Siv::new_from_slice(&key).unwrap(); + iv_tag = cipher.encrypt_in_place_detached(data, message).unwrap(); + out.copy_from_slice(message); + } else if key.len() == 48 { + let mut cipher = Aes192Siv::new_from_slice(&key).unwrap(); + iv_tag = cipher.encrypt_in_place_detached(data, message).unwrap(); + } else if key.len() == 64 { + let mut cipher = Aes256Siv::new_from_slice(&key).unwrap(); + iv_tag = cipher.encrypt_in_place_detached(data, message).unwrap(); + } else { + panic!("Invalid key length"); + } let mut iv_slice = iv_tag.as_slice().to_owned(); iv_slice.reverse(); iv.copy_from_slice(&iv_slice); message.reverse(); out.copy_from_slice(message); - Ok(()) } -// pub fn _ac_aes_siv_de( -// key: &mut [u8], -// message: &mut [u8], -// data: &mut [&mut [u8]], -// iv: &[u8; 16], -// out: &mut [u8], -// ) { -// todo!(); -// } +pub fn _ac_aes_siv_de( + key: &mut [u8], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &mut [u8; 16], + out: &mut [u8], +) { + let iv_array = GenericArray::from_slice(iv); + if key.len() == 32 { + let mut cipher = Aes128Siv::new_from_slice(&key).unwrap(); + cipher + .decrypt_in_place_detached(data, message, iv_array) + .unwrap(); + out.copy_from_slice(message); + } else if key.len() == 48 { + let mut cipher = Aes192Siv::new_from_slice(&key).unwrap(); + cipher + .decrypt_in_place_detached(data, message, iv_array) + .unwrap(); + } else if key.len() == 64 { + let mut cipher = Aes256Siv::new_from_slice(&key).unwrap(); + cipher + .decrypt_in_place_detached(data, message, iv_array) + .unwrap(); + } else { + panic!("Invalid key length"); + } + out.copy_from_slice(message); +} pub fn ac_aes_siva_en( key: &mut [u8; 32], @@ -38,75 +71,115 @@ pub fn ac_aes_siva_en( iv: &mut [u8; 16], out: &mut [u8], ) { - _ac_aes_siv_en(key, message, data, iv, out).unwrap(); + _ac_aes_siv_en(key, message, data, iv, out); } -// pub fn ac_aes_siva_de( -// key: &mut [u8; 32], -// message: &mut [u8], -// data: &mut [&mut [u8]], -// iv: &[u8; 16], -// out: &mut [u8], -// ) { -// todo!(); -// } +pub fn ac_aes_siva_de( + key: &mut [u8; 32], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &mut [u8; 16], + out: &mut [u8], +) { + _ac_aes_siv_de(key, message, data, iv, out); +} -// pub fn ac_aes_sivb_en( -// key: &mut [u8; 48], -// message: &mut [u8], -// data: &mut [&mut [u8]], -// iv: &[u8; 16], -// out: &mut [u8], -// ) { -// _ac_aes_siv_en(key, message, data, iv, out); -// } +pub fn ac_aes_sivb_en( + key: &mut [u8; 48], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &mut [u8; 16], + out: &mut [u8], +) { + _ac_aes_siv_en(key, message, data, iv, out); +} -// pub fn ac_aes_sivb_de( -// key: &mut [u8; 48], -// message: &mut [u8], -// data: &mut [&mut [u8]], -// iv: &[u8; 16], -// out: &mut [u8], -// ) { -// todo!(); -// } +pub fn ac_aes_sivb_de( + key: &mut [u8; 48], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &mut [u8; 16], + out: &mut [u8], +) { + _ac_aes_siv_de(key, message, data, iv, out); +} -// pub fn ac_aes_sivc_en( -// key: &mut [u8; 64], -// message: &mut [u8], -// data: &mut [&mut [u8]], -// iv: &[u8; 16], -// out: &mut [u8], -// ) { -// _ac_aes_siv_en(key, message, data, iv, out); -// } +pub fn ac_aes_sivc_en( + key: &mut [u8; 64], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &mut [u8; 16], + out: &mut [u8], +) { + _ac_aes_siv_en(key, message, data, iv, out); +} -// pub fn ac_aes_sivc_de( -// key: &mut [u8; 64], -// message: &mut [u8], -// data: &mut [&mut [u8]], -// iv: &[u8; 16], -// out: &mut [u8], -// ) { -// todo!(); -// } +pub fn ac_aes_sivc_de( + key: &mut [u8; 64], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &mut [u8; 16], + out: &mut [u8], +) { + _ac_aes_siv_de(key, message, data, iv, out); +} #[cfg(test)] #[cfg(feature = "test_vs_urcrypt")] mod urcrypt_tests { use super::{ - ac_aes_siva_en, - // ac_aes_siva_de, ac_aes_siva_en, ac_aes_sivb_de, ac_aes_sivb_en, ac_aes_sivc_de, - // ac_aes_sivc_en, + ac_aes_siva_de, ac_aes_siva_en, ac_aes_sivb_de, ac_aes_sivb_en, ac_aes_sivc_de, + ac_aes_sivc_en, }; use urcrypt_sys::{ - urcrypt_aes_siv_data, - // urcrypt_aes_siva_de, - urcrypt_aes_siva_en, - // urcrypt_aes_sivb_de, - // urcrypt_aes_sivb_en, urcrypt_aes_sivc_de, urcrypt_aes_sivc_en, + urcrypt_aes_siv_data, urcrypt_aes_siva_de, urcrypt_aes_siva_en, urcrypt_aes_sivb_de, + urcrypt_aes_sivb_en, urcrypt_aes_sivc_de, urcrypt_aes_sivc_en, }; + #[test] + fn test_aes_siva_de() { + let mut key: [u8; 32] = [42; 32]; + let mut message: [u8; 32] = [ + 61, 88, 88, 36, 83, 232, 120, 45, 27, 159, 15, 145, 140, 231, 114, 229, 61, 243, 54, + 183, 156, 53, 217, 103, 88, 36, 53, 37, 165, 240, 92, 133, + ]; + let mut iv: [u8; 16] = [ + 16, 90, 129, 170, 175, 145, 229, 78, 107, 253, 192, 138, 136, 52, 159, 219, + ]; + + let mut uc_bytes = [42; 32]; + let mut uc_bytes_two = [43; 32]; + let mut uc_out: [u8; 32] = [0; 32]; + let mut uc_data: [urcrypt_aes_siv_data; 2] = [ + urcrypt_aes_siv_data { + bytes: uc_bytes.as_mut_ptr(), + length: uc_bytes.len(), + }, + urcrypt_aes_siv_data { + bytes: uc_bytes_two.as_mut_ptr(), + length: uc_bytes_two.len(), + }, + ]; + + unsafe { + urcrypt_aes_siva_de( + message.as_mut_ptr(), + message.len(), + uc_data.as_mut_ptr(), + uc_data.len(), + key.as_mut_ptr(), + iv.as_mut_ptr(), + uc_out.as_mut_ptr(), + ) + }; + + let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; + let mut ac_out: [u8; 32] = [0; 32]; + ac_aes_siva_de(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out); + + assert_eq!(ac_out, uc_out); + } + #[test] fn test_aes_siva_en() { let mut key: [u8; 32] = [42; 32]; @@ -139,10 +212,176 @@ mod urcrypt_tests { ) }; - let mut ac_data: [&mut [u8]; 2] = [&mut [42; 32], &mut [43; 32]]; + let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; let mut ac_out: [u8; 32] = [0; 32]; ac_aes_siva_en(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out); assert_eq!(ac_out, uc_out); } + + #[test] + fn test_aes_sivb_en() { + let mut key: [u8; 48] = [42; 48]; + let mut message: [u8; 32] = [42; 32]; + let mut iv: [u8; 16] = [42; 16]; + + let mut uc_bytes = [42; 32]; + let mut uc_bytes_two = [43; 32]; + let mut uc_out: [u8; 32] = [0; 32]; + let mut uc_data: [urcrypt_aes_siv_data; 2] = [ + urcrypt_aes_siv_data { + bytes: uc_bytes.as_mut_ptr(), + length: uc_bytes.len(), + }, + urcrypt_aes_siv_data { + bytes: uc_bytes_two.as_mut_ptr(), + length: uc_bytes_two.len(), + }, + ]; + + unsafe { + urcrypt_aes_sivb_en( + message.as_mut_ptr(), + message.len(), + uc_data.as_mut_ptr(), + uc_data.len(), + key.as_mut_ptr(), + iv.as_mut_ptr(), + uc_out.as_mut_ptr(), + ) + }; + + let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; + let mut ac_out: [u8; 32] = [0; 32]; + ac_aes_sivb_en(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out); + + assert_eq!(ac_out, uc_out); + } + + #[test] + fn test_aes_sivb_de() { + let mut key: [u8; 48] = [42; 48]; + let mut message: [u8; 32] = [ + 20, 249, 192, 238, 22, 92, 186, 62, 26, 194, 51, 61, 88, 148, 89, 208, 114, 24, 67, 99, + 35, 241, 247, 133, 64, 18, 144, 54, 126, 121, 100, 145, + ]; + let mut iv: [u8; 16] = [ + 9, 146, 75, 192, 45, 169, 211, 188, 36, 212, 236, 80, 49, 197, 78, 141, + ]; + + let mut uc_bytes = [42; 32]; + let mut uc_bytes_two = [43; 32]; + let mut uc_out: [u8; 32] = [0; 32]; + let mut uc_data: [urcrypt_aes_siv_data; 2] = [ + urcrypt_aes_siv_data { + bytes: uc_bytes.as_mut_ptr(), + length: uc_bytes.len(), + }, + urcrypt_aes_siv_data { + bytes: uc_bytes_two.as_mut_ptr(), + length: uc_bytes_two.len(), + }, + ]; + + unsafe { + urcrypt_aes_sivb_de( + message.as_mut_ptr(), + message.len(), + uc_data.as_mut_ptr(), + uc_data.len(), + key.as_mut_ptr(), + iv.as_mut_ptr(), + uc_out.as_mut_ptr(), + ) + }; + + let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; + let mut ac_out: [u8; 32] = [0; 32]; + ac_aes_sivb_de(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out); + + assert_eq!(ac_out, uc_out); + } + + #[test] + fn test_aes_sivc_en() { + let mut key: [u8; 64] = [42; 64]; + let mut message: [u8; 32] = [42; 32]; + let mut iv: [u8; 16] = [42; 16]; + + let mut uc_bytes = [42; 32]; + let mut uc_bytes_two = [43; 32]; + let mut uc_out: [u8; 32] = [0; 32]; + let mut uc_data: [urcrypt_aes_siv_data; 2] = [ + urcrypt_aes_siv_data { + bytes: uc_bytes.as_mut_ptr(), + length: uc_bytes.len(), + }, + urcrypt_aes_siv_data { + bytes: uc_bytes_two.as_mut_ptr(), + length: uc_bytes_two.len(), + }, + ]; + + unsafe { + urcrypt_aes_sivc_en( + message.as_mut_ptr(), + message.len(), + uc_data.as_mut_ptr(), + uc_data.len(), + key.as_mut_ptr(), + iv.as_mut_ptr(), + uc_out.as_mut_ptr(), + ) + }; + + let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; + let mut ac_out: [u8; 32] = [0; 32]; + ac_aes_sivc_en(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out); + + assert_eq!(ac_out, uc_out); + } + + #[test] + fn test_aes_sivc_de() { + let mut key: [u8; 64] = [42; 64]; + let mut message: [u8; 32] = [ + 213, 96, 61, 200, 217, 8, 33, 147, 58, 213, 99, 8, 221, 23, 89, 206, 164, 237, 59, 231, + 235, 50, 93, 122, 50, 202, 78, 248, 218, 41, 170, 175, + ]; + let mut iv: [u8; 16] = [ + 105, 123, 123, 122, 45, 244, 179, 136, 167, 164, 134, 30, 97, 14, 241, 223, + ]; + + let mut uc_bytes = [42; 32]; + let mut uc_bytes_two = [43; 32]; + let mut uc_out: [u8; 32] = [0; 32]; + let mut uc_data: [urcrypt_aes_siv_data; 2] = [ + urcrypt_aes_siv_data { + bytes: uc_bytes.as_mut_ptr(), + length: uc_bytes.len(), + }, + urcrypt_aes_siv_data { + bytes: uc_bytes_two.as_mut_ptr(), + length: uc_bytes_two.len(), + }, + ]; + + unsafe { + urcrypt_aes_sivc_de( + message.as_mut_ptr(), + message.len(), + uc_data.as_mut_ptr(), + uc_data.len(), + key.as_mut_ptr(), + iv.as_mut_ptr(), + uc_out.as_mut_ptr(), + ) + }; + + let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; + let mut ac_out: [u8; 32] = [0; 32]; + ac_aes_sivc_de(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out); + + assert_eq!(ac_out, uc_out); + } } From 78068c2820701202ad9060b62f76732461493b92 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Tue, 19 Dec 2023 16:40:38 -0500 Subject: [PATCH 16/40] `aes_siv`: improved error handling --- rust/ares_crypto/src/aes_siv.rs | 124 ++++++++++++++++++++------------ 1 file changed, 80 insertions(+), 44 deletions(-) diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index 512bc0d..12d2378 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -1,37 +1,61 @@ -use core::panic; - use aes::Aes192; use aes_siv::aead::{generic_array::GenericArray, KeyInit}; use aes_siv::siv::{Aes128Siv, Aes256Siv, CmacSiv}; type Aes192Siv = CmacSiv; +#[derive(Debug)] +pub enum Error { + InvalidKeyLength, + InvalidOutputLength, + InvalidHeadersLength, + UnauthenticCipher, +} + pub fn _ac_aes_siv_en( key: &mut [u8], message: &mut [u8], data: &mut [&mut [u8]], iv: &mut [u8; 16], out: &mut [u8], -) { +) -> Result<(), Error> { let iv_tag; if key.len() == 32 { - let mut cipher = Aes128Siv::new_from_slice(&key).unwrap(); - iv_tag = cipher.encrypt_in_place_detached(data, message).unwrap(); - out.copy_from_slice(message); + if let Ok(mut cipher) = Aes128Siv::new_from_slice(&key) { + match cipher.encrypt_in_place_detached(data, message) { + Ok(tag) => iv_tag = tag, + Err(_) => return Err(Error::InvalidOutputLength), + } + } else { + return Err(Error::InvalidKeyLength); + } } else if key.len() == 48 { - let mut cipher = Aes192Siv::new_from_slice(&key).unwrap(); - iv_tag = cipher.encrypt_in_place_detached(data, message).unwrap(); + if let Ok(mut cipher) = Aes192Siv::new_from_slice(&key) { + match cipher.encrypt_in_place_detached(data, message) { + Ok(tag) => iv_tag = tag, + Err(_) => return Err(Error::InvalidOutputLength), + } + } else { + return Err(Error::InvalidKeyLength); + } } else if key.len() == 64 { - let mut cipher = Aes256Siv::new_from_slice(&key).unwrap(); - iv_tag = cipher.encrypt_in_place_detached(data, message).unwrap(); + if let Ok(mut cipher) = Aes256Siv::new_from_slice(&key) { + match cipher.encrypt_in_place_detached(data, message) { + Ok(tag) => iv_tag = tag, + Err(_) => return Err(Error::InvalidOutputLength), + } + } else { + return Err(Error::InvalidKeyLength); + } } else { - panic!("Invalid key length"); + return Err(Error::InvalidKeyLength); } let mut iv_slice = iv_tag.as_slice().to_owned(); iv_slice.reverse(); iv.copy_from_slice(&iv_slice); message.reverse(); out.copy_from_slice(message); + Ok(()) } pub fn _ac_aes_siv_de( @@ -40,28 +64,40 @@ pub fn _ac_aes_siv_de( data: &mut [&mut [u8]], iv: &mut [u8; 16], out: &mut [u8], -) { +) -> Result<(), Error> { let iv_array = GenericArray::from_slice(iv); if key.len() == 32 { - let mut cipher = Aes128Siv::new_from_slice(&key).unwrap(); - cipher - .decrypt_in_place_detached(data, message, iv_array) - .unwrap(); - out.copy_from_slice(message); + if let Ok(mut cipher) = Aes128Siv::new_from_slice(&key) { + match cipher.decrypt_in_place_detached(data, message, iv_array) { + Ok(_) => (), + Err(_) => return Err(Error::UnauthenticCipher), + } + } else { + return Err(Error::InvalidKeyLength); + } } else if key.len() == 48 { - let mut cipher = Aes192Siv::new_from_slice(&key).unwrap(); - cipher - .decrypt_in_place_detached(data, message, iv_array) - .unwrap(); + if let Ok(mut cipher) = Aes192Siv::new_from_slice(&key) { + match cipher.decrypt_in_place_detached(data, message, iv_array) { + Ok(_) => (), + Err(_) => return Err(Error::UnauthenticCipher), + } + } else { + return Err(Error::InvalidKeyLength); + } } else if key.len() == 64 { - let mut cipher = Aes256Siv::new_from_slice(&key).unwrap(); - cipher - .decrypt_in_place_detached(data, message, iv_array) - .unwrap(); + if let Ok(mut cipher) = Aes256Siv::new_from_slice(&key) { + match cipher.decrypt_in_place_detached(data, message, iv_array) { + Ok(_) => (), + Err(_) => return Err(Error::UnauthenticCipher), + } + } else { + return Err(Error::InvalidKeyLength); + } } else { - panic!("Invalid key length"); + return Err(Error::InvalidKeyLength); } out.copy_from_slice(message); + Ok(()) } pub fn ac_aes_siva_en( @@ -70,8 +106,8 @@ pub fn ac_aes_siva_en( data: &mut [&mut [u8]], iv: &mut [u8; 16], out: &mut [u8], -) { - _ac_aes_siv_en(key, message, data, iv, out); +) -> Result<(), Error> { + _ac_aes_siv_en(key, message, data, iv, out) } pub fn ac_aes_siva_de( @@ -80,8 +116,8 @@ pub fn ac_aes_siva_de( data: &mut [&mut [u8]], iv: &mut [u8; 16], out: &mut [u8], -) { - _ac_aes_siv_de(key, message, data, iv, out); +) -> Result<(), Error> { + _ac_aes_siv_de(key, message, data, iv, out) } pub fn ac_aes_sivb_en( @@ -90,8 +126,8 @@ pub fn ac_aes_sivb_en( data: &mut [&mut [u8]], iv: &mut [u8; 16], out: &mut [u8], -) { - _ac_aes_siv_en(key, message, data, iv, out); +) -> Result<(), Error> { + _ac_aes_siv_en(key, message, data, iv, out) } pub fn ac_aes_sivb_de( @@ -100,8 +136,8 @@ pub fn ac_aes_sivb_de( data: &mut [&mut [u8]], iv: &mut [u8; 16], out: &mut [u8], -) { - _ac_aes_siv_de(key, message, data, iv, out); +) -> Result<(), Error> { + _ac_aes_siv_de(key, message, data, iv, out) } pub fn ac_aes_sivc_en( @@ -110,8 +146,8 @@ pub fn ac_aes_sivc_en( data: &mut [&mut [u8]], iv: &mut [u8; 16], out: &mut [u8], -) { - _ac_aes_siv_en(key, message, data, iv, out); +) -> Result<(), Error> { + _ac_aes_siv_en(key, message, data, iv, out) } pub fn ac_aes_sivc_de( @@ -120,8 +156,8 @@ pub fn ac_aes_sivc_de( data: &mut [&mut [u8]], iv: &mut [u8; 16], out: &mut [u8], -) { - _ac_aes_siv_de(key, message, data, iv, out); +) -> Result<(), Error> { + _ac_aes_siv_de(key, message, data, iv, out) } #[cfg(test)] @@ -175,7 +211,7 @@ mod urcrypt_tests { let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_siva_de(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out); + ac_aes_siva_de(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out).unwrap(); assert_eq!(ac_out, uc_out); } @@ -214,7 +250,7 @@ mod urcrypt_tests { let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_siva_en(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out); + ac_aes_siva_en(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out).unwrap(); assert_eq!(ac_out, uc_out); } @@ -253,7 +289,7 @@ mod urcrypt_tests { let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_sivb_en(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out); + ac_aes_sivb_en(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out).unwrap(); assert_eq!(ac_out, uc_out); } @@ -297,7 +333,7 @@ mod urcrypt_tests { let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_sivb_de(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out); + ac_aes_sivb_de(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out).unwrap(); assert_eq!(ac_out, uc_out); } @@ -336,7 +372,7 @@ mod urcrypt_tests { let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_sivc_en(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out); + ac_aes_sivc_en(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out).unwrap(); assert_eq!(ac_out, uc_out); } @@ -380,7 +416,7 @@ mod urcrypt_tests { let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_sivc_de(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out); + ac_aes_sivc_de(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out).unwrap(); assert_eq!(ac_out, uc_out); } From ab27d667a0e31584c54437603f154af333c06c06 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Wed, 20 Dec 2023 09:50:07 -0500 Subject: [PATCH 17/40] `ed`: `shar` --- rust/ares_crypto/src/aes_siv.rs | 8 ++++---- rust/ares_crypto/src/ed25519.rs | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index 12d2378..fc1a4aa 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -9,7 +9,7 @@ pub enum Error { InvalidKeyLength, InvalidOutputLength, InvalidHeadersLength, - UnauthenticCipher, + CipherNotAuthentic, } pub fn _ac_aes_siv_en( @@ -70,7 +70,7 @@ pub fn _ac_aes_siv_de( if let Ok(mut cipher) = Aes128Siv::new_from_slice(&key) { match cipher.decrypt_in_place_detached(data, message, iv_array) { Ok(_) => (), - Err(_) => return Err(Error::UnauthenticCipher), + Err(_) => return Err(Error::CipherNotAuthentic), } } else { return Err(Error::InvalidKeyLength); @@ -79,7 +79,7 @@ pub fn _ac_aes_siv_de( if let Ok(mut cipher) = Aes192Siv::new_from_slice(&key) { match cipher.decrypt_in_place_detached(data, message, iv_array) { Ok(_) => (), - Err(_) => return Err(Error::UnauthenticCipher), + Err(_) => return Err(Error::CipherNotAuthentic), } } else { return Err(Error::InvalidKeyLength); @@ -88,7 +88,7 @@ pub fn _ac_aes_siv_de( if let Ok(mut cipher) = Aes256Siv::new_from_slice(&key) { match cipher.decrypt_in_place_detached(data, message, iv_array) { Ok(_) => (), - Err(_) => return Err(Error::UnauthenticCipher), + Err(_) => return Err(Error::CipherNotAuthentic), } } else { return Err(Error::InvalidKeyLength); diff --git a/rust/ares_crypto/src/ed25519.rs b/rust/ares_crypto/src/ed25519.rs index 1feb345..173b385 100644 --- a/rust/ares_crypto/src/ed25519.rs +++ b/rust/ares_crypto/src/ed25519.rs @@ -14,7 +14,7 @@ pub fn ac_ed_puck(seed: &mut [u8; 32], out: &mut [u8; 32]) { /// to the given output slice. pub fn ac_ed_shar(public: &[u8; 32], seed: &[u8; 32], out: &mut [u8; 32]) { let self_key = SigningKey::from_bytes(seed); - let self_secret = StaticSecret::from(self_key.to_bytes()); + let self_secret = StaticSecret::from(self_key.to_scalar_bytes()); if let Ok(compressed_ed_pt) = CompressedEdwardsY::from_slice(public) { if let Some(ed_pt) = compressed_ed_pt.decompress() { From 0fb271c53a6e807219d29999c2e4bcbfc2674d79 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Wed, 20 Dec 2023 10:24:34 -0500 Subject: [PATCH 18/40] `ares_crypto`: cleanup cargo files --- rust/ares_crypto/Cargo.lock | 60 ++++++++----------------------------- rust/ares_crypto/Cargo.toml | 27 ++++++++++------- rust/ares_crypto/src/sha.rs | 32 ++++++++++++++++++++ 3 files changed, 60 insertions(+), 59 deletions(-) create mode 100644 rust/ares_crypto/src/sha.rs diff --git a/rust/ares_crypto/Cargo.lock b/rust/ares_crypto/Cargo.lock index e854f9e..28f014b 100644 --- a/rust/ares_crypto/Cargo.lock +++ b/rust/ares_crypto/Cargo.lock @@ -57,10 +57,9 @@ dependencies = [ "aes-siv", "assert_no_alloc", "curve25519-dalek", - "ed25519", "ed25519-dalek", "ibig", - "rand", + "sha1", "sha2", "urcrypt-sys", "x25519-dalek", @@ -87,12 +86,6 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" -[[package]] -name = "base64ct" -version = "1.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" - [[package]] name = "bindgen" version = "0.68.1" @@ -269,7 +262,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fffa369a668c8af7dbf8b5e56c9f744fbd399949ed171606040001947de40b1c" dependencies = [ "const-oid", - "zeroize", ] [[package]] @@ -339,17 +331,6 @@ dependencies = [ "version_check", ] -[[package]] -name = "getrandom" -version = "0.2.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe9006bed769170c11f845cf00c7c1e9092aeb3f268e007c3e760ac68008070f" -dependencies = [ - "cfg-if", - "libc", - "wasi", -] - [[package]] name = "glob" version = "0.3.1" @@ -523,12 +504,6 @@ version = "3.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "14e6ab3f592e6fb464fc9712d8d6e6912de6473954635fd76a589d832cffcbb0" -[[package]] -name = "ppv-lite86" -version = "0.2.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" - [[package]] name = "prettyplease" version = "0.2.15" @@ -563,17 +538,6 @@ version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" dependencies = [ - "rand_chacha", - "rand_core", -] - -[[package]] -name = "rand_chacha" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" -dependencies = [ - "ppv-lite86", "rand_core", ] @@ -582,9 +546,6 @@ name = "rand_core" version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" -dependencies = [ - "getrandom", -] [[package]] name = "regex" @@ -655,6 +616,17 @@ version = "1.0.20" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "836fa6a3e1e547f9a2c4040802ec865b5d85f4014efe00555d7090a3dcaa1090" +[[package]] +name = "sha1" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest", +] + [[package]] name = "sha2" version = "0.10.8" @@ -679,7 +651,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" dependencies = [ "digest", - "rand_core", ] [[package]] @@ -697,7 +668,6 @@ version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" dependencies = [ - "base64ct", "der", ] @@ -758,12 +728,6 @@ version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" -[[package]] -name = "wasi" -version = "0.11.0+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" - [[package]] name = "which" version = "4.4.2" diff --git a/rust/ares_crypto/Cargo.toml b/rust/ares_crypto/Cargo.toml index 07ea9c1..384df7b 100644 --- a/rust/ares_crypto/Cargo.toml +++ b/rust/ares_crypto/Cargo.toml @@ -9,20 +9,25 @@ edition = "2021" assert_no_alloc = "1.1.2" # use this when debugging requires allocation (e.g. eprintln) # assert_no_alloc = {version="1.1.2", features=["warn_debug"]} -aes-siv = { version = "0.7.0", features = ["heapless"], default-features = false } -curve25519-dalek = "4.1.1" -ed25519-dalek = { version = "2.1.0", features = ["digest", "pkcs8", "rand_core"], default-features = false } -ed25519 = { version = "2.2.3" } ibig = "0.3.6" -rand = { version = "0.8.5", features = ["std_rng"], default-features = false } -sha2 = "0.10.8" + +# optional features +curve25519-dalek = {version = "4.1.1", optional = true } +ed25519-dalek = { version = "2.1.0", features = ["digest", "pkcs8", "rand_core"], default-features = false, optional = true } +x25519-dalek = { version = "2.0.0", features = ["static_secrets"], default-features = false, optional = true} + +aes = { version = "0.8.3", optional = true } +aes-siv = { version = "0.7.0", features = ["heapless"], default-features = false, optional = true } + +sha1 = { version = "0.10.6", optional = true } +sha2 = { version = "0.10.8", optional = true } + urcrypt-sys = { version = "0.1.1", optional = true } -x25519-dalek = { version = "2.0.0", features = ["static_secrets"], default-features = false } -aes = "0.8.3" [features] # XX turn off test_vs_urcrypt after development -default = ["aes_siv", "ed25519", "test_vs_urcrypt"] -aes_siv = [] -ed25519 = [] +default = ["aes_siv", "ed25519", "sha", "test_vs_urcrypt"] +aes_siv = ["aes", "aes-siv"] +ed25519 = ["curve25519-dalek", "ed25519-dalek", "x25519-dalek"] +sha = ["sha1", "sha2"] test_vs_urcrypt = ["urcrypt-sys"] diff --git a/rust/ares_crypto/src/sha.rs b/rust/ares_crypto/src/sha.rs new file mode 100644 index 0000000..463cea7 --- /dev/null +++ b/rust/ares_crypto/src/sha.rs @@ -0,0 +1,32 @@ +use sha::sha1::Sha1; +use sha::sha2::{Sha256, Sha512}; +use sha::utils::{Digest, DigestExt}; + + +pub fn ac_sha1(message: &mut [u8], out: &mut [u8]) { + message.reverse(); + let result = Sha1::default().digest(message); + println!("result: {:?}", result); +} + +#[cfg(test)] +#[cfg(feature = "test_vs_urcrypt")] +mod urcrypt_tests { + use super::{ac_sha1}; + use ibig::ubig; + use urcrypt_sys::{urcrypt_sha1}; + + #[test] + fn test_sha1() { + let mut message: [u8; 32] = [42; 32]; + + let mut uc_out: [u8; 32] = [0; 32]; + unsafe { urcrypt_sha1(message.as_ptr(), uc_out.as_mut_ptr()) }; + + let mut ac_out: [u8; 32] = [0; 32]; + ac_sha1(&mut message, &mut ac_out); + + assert_eq!(ac_out, uc_out); + } +} + From 0f683464a570a294bc4ccb8591fb7ed281ca0713 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Wed, 20 Dec 2023 11:13:28 -0500 Subject: [PATCH 19/40] `sha`: `sha1`, `shal`, `shay`, `shas` --- rust/ares_crypto/Cargo.lock | 116 ------------------------------------ rust/ares_crypto/Cargo.toml | 16 ++--- rust/ares_crypto/src/lib.rs | 3 + rust/ares_crypto/src/sha.rs | 112 +++++++++++++++++++++++++++++----- 4 files changed, 110 insertions(+), 137 deletions(-) diff --git a/rust/ares_crypto/Cargo.lock b/rust/ares_crypto/Cargo.lock index 28f014b..46b1cc0 100644 --- a/rust/ares_crypto/Cargo.lock +++ b/rust/ares_crypto/Cargo.lock @@ -10,7 +10,6 @@ checksum = "d122413f284cf2d62fb1b7db97e02edb8cda96d769b16e443a4f6195e35662b0" dependencies = [ "crypto-common", "generic-array", - "heapless", ] [[package]] @@ -71,15 +70,6 @@ version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "55ca83137a482d61d916ceb1eba52a684f98004f18e0cafea230fe5579c178a3" -[[package]] -name = "atomic-polyfill" -version = "1.0.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8cf2bce30dfe09ef0bfaef228b9d414faaf7e563035494d7fe092dba54b300f4" -dependencies = [ - "critical-section", -] - [[package]] name = "autocfg" version = "1.1.0" @@ -124,12 +114,6 @@ dependencies = [ "generic-array", ] -[[package]] -name = "byteorder" -version = "1.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" - [[package]] name = "cexpr" version = "0.6.0" @@ -177,12 +161,6 @@ dependencies = [ "digest", ] -[[package]] -name = "const-oid" -version = "0.9.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" - [[package]] name = "cpufeatures" version = "0.2.11" @@ -192,12 +170,6 @@ dependencies = [ "libc", ] -[[package]] -name = "critical-section" -version = "1.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7059fff8937831a9ae6f0fe4d658ffabf58f2ca96aa9dec1c889f936f705f216" - [[package]] name = "crypto-common" version = "0.1.6" @@ -232,7 +204,6 @@ dependencies = [ "platforms", "rustc_version", "subtle", - "zeroize", ] [[package]] @@ -255,15 +226,6 @@ dependencies = [ "generic-array", ] -[[package]] -name = "der" -version = "0.7.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fffa369a668c8af7dbf8b5e56c9f744fbd399949ed171606040001947de40b1c" -dependencies = [ - "const-oid", -] - [[package]] name = "digest" version = "0.10.7" @@ -281,7 +243,6 @@ version = "2.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "115531babc129696a58c64a4fef0a8bf9e9698629fb97e9e40767d235cfbcd53" dependencies = [ - "pkcs8", "signature", ] @@ -293,9 +254,7 @@ checksum = "1f628eaec48bfd21b865dc2950cfa014450c01d2fa2b69a86c2fd5844ec523c0" dependencies = [ "curve25519-dalek", "ed25519", - "rand_core", "sha2", - "signature", "subtle", ] @@ -337,28 +296,6 @@ version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" -[[package]] -name = "hash32" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b0c35f58762feb77d74ebe43bdbc3210f09be9fe6742234d573bacc26ed92b67" -dependencies = [ - "byteorder", -] - -[[package]] -name = "heapless" -version = "0.7.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cdc6457c0eb62c71aac4bc17216026d8410337c4126773b9c5daba343f17964f" -dependencies = [ - "atomic-polyfill", - "hash32", - "rustc_version", - "spin", - "stable_deref_trait", -] - [[package]] name = "home" version = "0.5.9" @@ -423,16 +360,6 @@ version = "0.4.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c4cd1a83af159aa67994778be9070f0ae1bd732942279cabb14f86f986a21456" -[[package]] -name = "lock_api" -version = "0.4.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c168f8615b12bc01f9c17e2eb0cc07dcae1940121185446edc3744920e8ef45" -dependencies = [ - "autocfg", - "scopeguard", -] - [[package]] name = "log" version = "0.4.20" @@ -482,16 +409,6 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" -[[package]] -name = "pkcs8" -version = "0.10.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" -dependencies = [ - "der", - "spki", -] - [[package]] name = "pkg-config" version = "0.3.27" @@ -604,12 +521,6 @@ dependencies = [ "windows-sys", ] -[[package]] -name = "scopeguard" -version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" - [[package]] name = "semver" version = "1.0.20" @@ -649,33 +560,6 @@ name = "signature" version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" -dependencies = [ - "digest", -] - -[[package]] -name = "spin" -version = "0.9.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" -dependencies = [ - "lock_api", -] - -[[package]] -name = "spki" -version = "0.7.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" -dependencies = [ - "der", -] - -[[package]] -name = "stable_deref_trait" -version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" [[package]] name = "static_assertions" diff --git a/rust/ares_crypto/Cargo.toml b/rust/ares_crypto/Cargo.toml index 384df7b..4687d85 100644 --- a/rust/ares_crypto/Cargo.toml +++ b/rust/ares_crypto/Cargo.toml @@ -11,16 +11,18 @@ assert_no_alloc = "1.1.2" # assert_no_alloc = {version="1.1.2", features=["warn_debug"]} ibig = "0.3.6" -# optional features -curve25519-dalek = {version = "4.1.1", optional = true } -ed25519-dalek = { version = "2.1.0", features = ["digest", "pkcs8", "rand_core"], default-features = false, optional = true } +# ed25519 +curve25519-dalek = {version = "4.1.1", default-features = false, optional = true } +ed25519-dalek = { version = "2.1.0", default-features = false, optional = true } x25519-dalek = { version = "2.0.0", features = ["static_secrets"], default-features = false, optional = true} -aes = { version = "0.8.3", optional = true } -aes-siv = { version = "0.7.0", features = ["heapless"], default-features = false, optional = true } +# aes_siv +aes = { version = "0.8.3", default-features = false, optional = true } +aes-siv = { version = "0.7.0", default-features = false, optional = true } -sha1 = { version = "0.10.6", optional = true } -sha2 = { version = "0.10.8", optional = true } +# sha +sha1 = { version = "0.10.6", default-features = false, optional = true } +sha2 = { version = "0.10.8", default-features = false, optional = true } urcrypt-sys = { version = "0.1.1", optional = true } diff --git a/rust/ares_crypto/src/lib.rs b/rust/ares_crypto/src/lib.rs index 7a5d496..0942dba 100644 --- a/rust/ares_crypto/src/lib.rs +++ b/rust/ares_crypto/src/lib.rs @@ -3,3 +3,6 @@ pub mod aes_siv; #[cfg(feature = "ed25519")] pub mod ed25519; + +#[cfg(feature = "sha")] +pub mod sha; diff --git a/rust/ares_crypto/src/sha.rs b/rust/ares_crypto/src/sha.rs index 463cea7..9c8a9a9 100644 --- a/rust/ares_crypto/src/sha.rs +++ b/rust/ares_crypto/src/sha.rs @@ -1,32 +1,116 @@ -use sha::sha1::Sha1; -use sha::sha2::{Sha256, Sha512}; -use sha::utils::{Digest, DigestExt}; +use sha1::{Digest, Sha1}; +use sha2::{Sha256, Sha512}; - -pub fn ac_sha1(message: &mut [u8], out: &mut [u8]) { +/// Hashes a message using SHA-1. +pub fn ac_sha1(message: &mut [u8], out: &mut [u8; 20]) { message.reverse(); - let result = Sha1::default().digest(message); - println!("result: {:?}", result); + let mut hasher = Sha1::new(); + hasher.update(message); + let mut result = hasher.finalize(); + result.reverse(); + out.copy_from_slice(&result); +} + +/// Hashes a message using SHA-256. +pub fn ac_shay(message: &mut [u8], out: &mut [u8; 32]) { + let mut hasher = Sha256::new(); + hasher.update(message); + let result = hasher.finalize(); + out.copy_from_slice(&result); +} + +/// Hashes a message using SHA-512. +pub fn ac_shal(message: &mut [u8], out: &mut [u8; 64]) { + let mut hasher = Sha512::new(); + hasher.update(message); + let result = hasher.finalize(); + out.copy_from_slice(&result); +} + +/// Hashes a message and salt using SHA-256. +pub fn ac_shas(message: &mut [u8], salt: &mut [u8], out: &mut [u8; 32]) { + let mut mid: [u8; 32] = [0; 32]; + ac_shay(message, &mut mid); + + if salt.len() > 32 { + for i in 0..32 { + salt[i] ^= mid[i]; + } + ac_shay(salt, out); + } + else { + for i in 0..salt.len() { + mid[i] ^= salt[i]; + } + ac_shay(&mut mid, out); + } } #[cfg(test)] #[cfg(feature = "test_vs_urcrypt")] mod urcrypt_tests { - use super::{ac_sha1}; - use ibig::ubig; - use urcrypt_sys::{urcrypt_sha1}; + use super::{ac_sha1, ac_shal, ac_shas, ac_shay}; + use urcrypt_sys::{urcrypt_sha1, urcrypt_shal, urcrypt_shas, urcrypt_shay}; #[test] fn test_sha1() { let mut message: [u8; 32] = [42; 32]; - let mut uc_out: [u8; 32] = [0; 32]; - unsafe { urcrypt_sha1(message.as_ptr(), uc_out.as_mut_ptr()) }; + let mut uc_out: [u8; 20] = [0; 20]; + unsafe { urcrypt_sha1(message.as_mut_ptr(), message.len(), uc_out.as_mut_ptr()) }; - let mut ac_out: [u8; 32] = [0; 32]; + let mut ac_out: [u8; 20] = [0; 20]; ac_sha1(&mut message, &mut ac_out); assert_eq!(ac_out, uc_out); } -} + #[test] + fn test_shay() { + let mut message: [u8; 32] = [42; 32]; + + let mut uc_out: [u8; 32] = [0; 32]; + unsafe { urcrypt_shay(message.as_mut_ptr(), message.len(), uc_out.as_mut_ptr()) }; + + let mut ac_out: [u8; 32] = [0; 32]; + ac_shay(&mut message, &mut ac_out); + + assert_eq!(ac_out, uc_out); + } + + #[test] + fn test_shal() { + let mut message: [u8; 32] = [42; 32]; + + let mut uc_out: [u8; 64] = [0; 64]; + unsafe { urcrypt_shal(message.as_mut_ptr(), message.len(), uc_out.as_mut_ptr()) }; + + let mut ac_out: [u8; 64] = [0; 64]; + ac_shal(&mut message, &mut ac_out); + + assert_eq!(ac_out, uc_out); + } + + #[test] + fn test_shas() { + let mut message: [u8; 32] = [42; 32]; + + let mut uc_salt: [u8; 32] = [43; 32]; + let mut uc_out: [u8; 32] = [0; 32]; + unsafe { + urcrypt_shas( + uc_salt.as_mut_ptr(), + uc_salt.len(), + message.as_ptr(), + message.len(), + uc_out.as_mut_ptr(), + ) + }; + + let mut ac_salt: [u8; 32] = [43; 32]; + let mut ac_out: [u8; 32] = [0; 32]; + ac_shas(&mut message, &mut ac_salt, &mut ac_out); + + assert_eq!(ac_out, uc_out); + } +} From 8437982ea3e3266f2d55d07a34d67c3790ee36f0 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Wed, 20 Dec 2023 12:01:58 -0500 Subject: [PATCH 20/40] jets: replace `urcrypt` with `ares_crypto` in `sha` jets --- .vscode/settings.json | 6 + rust/ares/Cargo.lock | 357 ++++++++++++++++++++++++++++++--- rust/ares/Cargo.toml | 1 + rust/ares/src/jets/lock/sha.rs | 50 ++--- rust/ares/src/noun.rs | 17 ++ rust/ares_crypto/src/sha.rs | 8 +- 6 files changed, 382 insertions(+), 57 deletions(-) create mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..481d591 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,6 @@ +{ + "rust-analyzer.linkedProjects": [ + "./rust/ares/Cargo.toml", + "./rust/ares_crypto/Cargo.toml" + ], +} diff --git a/rust/ares/Cargo.lock b/rust/ares/Cargo.lock index 7bee7f8..882e98e 100644 --- a/rust/ares/Cargo.lock +++ b/rust/ares/Cargo.lock @@ -2,6 +2,43 @@ # It is not intended for manual editing. version = 3 +[[package]] +name = "aead" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d122413f284cf2d62fb1b7db97e02edb8cda96d769b16e443a4f6195e35662b0" +dependencies = [ + "crypto-common", + "generic-array", +] + +[[package]] +name = "aes" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac1f845298e95f983ff1944b728ae08b8cebab80d684f0a832ed0fc74dfa27e2" +dependencies = [ + "cfg-if", + "cipher", + "cpufeatures", +] + +[[package]] +name = "aes-siv" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7e08d0cdb774acd1e4dac11478b1a0c0d203134b2aab0ba25eb430de9b18f8b9" +dependencies = [ + "aead", + "aes", + "cipher", + "cmac", + "ctr", + "dbl", + "digest", + "zeroize", +] + [[package]] name = "aho-corasick" version = "1.1.2" @@ -21,6 +58,7 @@ checksum = "4b46cbb362ab8752921c97e041f5e366ee6297bd428a31275b9fcf1e380f7299" name = "ares" version = "0.1.0" dependencies = [ + "ares_crypto", "ares_macros", "assert_no_alloc", "autotools", @@ -28,7 +66,7 @@ dependencies = [ "cc", "criterion", "either", - "ibig", + "ibig 0.3.6", "intmap", "json", "lazy_static", @@ -42,6 +80,22 @@ dependencies = [ "urcrypt-sys", ] +[[package]] +name = "ares_crypto" +version = "0.1.0" +dependencies = [ + "aes", + "aes-siv", + "assert_no_alloc", + "curve25519-dalek", + "ed25519-dalek", + "ibig 0.3.6 (registry+https://github.com/rust-lang/crates.io-index)", + "sha1", + "sha2", + "urcrypt-sys", + "x25519-dalek", +] + [[package]] name = "ares_macros" version = "0.1.0" @@ -129,6 +183,15 @@ dependencies = [ "wyz", ] +[[package]] +name = "block-buffer" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" +dependencies = [ + "generic-array", +] + [[package]] name = "bumpalo" version = "3.14.0" @@ -192,6 +255,16 @@ dependencies = [ "half", ] +[[package]] +name = "cipher" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad" +dependencies = [ + "crypto-common", + "inout", +] + [[package]] name = "clang-sys" version = "1.6.1" @@ -224,6 +297,26 @@ dependencies = [ "os_str_bytes", ] +[[package]] +name = "cmac" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8543454e3c3f5126effff9cd44d562af4e31fb8ce1cc0d3dcd8f084515dbc1aa" +dependencies = [ + "cipher", + "dbl", + "digest", +] + +[[package]] +name = "cpufeatures" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce420fe07aecd3e67c5f910618fe65e94158f6dcc0adf44e00d69ce2bdfe0fd0" +dependencies = [ + "libc", +] + [[package]] name = "criterion" version = "0.4.0" @@ -293,6 +386,94 @@ dependencies = [ "cfg-if", ] +[[package]] +name = "crypto-common" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +dependencies = [ + "generic-array", + "rand_core", + "typenum", +] + +[[package]] +name = "ctr" +version = "0.9.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0369ee1ad671834580515889b80f2ea915f23b8be8d0daa4bbaf2ac5c7590835" +dependencies = [ + "cipher", +] + +[[package]] +name = "curve25519-dalek" +version = "4.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e89b8c6a2e4b1f45971ad09761aafb85514a84744b67a95e32c3cc1352d1f65c" +dependencies = [ + "cfg-if", + "cpufeatures", + "curve25519-dalek-derive", + "digest", + "fiat-crypto", + "platforms", + "rustc_version", + "subtle", +] + +[[package]] +name = "curve25519-dalek-derive" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.39", +] + +[[package]] +name = "dbl" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd2735a791158376708f9347fe8faba9667589d82427ef3aed6794a8981de3d9" +dependencies = [ + "generic-array", +] + +[[package]] +name = "digest" +version = "0.10.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" +dependencies = [ + "block-buffer", + "crypto-common", + "subtle", +] + +[[package]] +name = "ed25519" +version = "2.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "115531babc129696a58c64a4fef0a8bf9e9698629fb97e9e40767d235cfbcd53" +dependencies = [ + "signature", +] + +[[package]] +name = "ed25519-dalek" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f628eaec48bfd21b865dc2950cfa014450c01d2fa2b69a86c2fd5844ec523c0" +dependencies = [ + "curve25519-dalek", + "ed25519", + "sha2", + "subtle", +] + [[package]] name = "either" version = "1.9.0" @@ -301,20 +482,36 @@ checksum = "a26ae43d7bcc3b814de94796a5e736d4029efb0ee900c12e2d54c993ad1a1e07" [[package]] name = "errno" -version = "0.3.6" +version = "0.3.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7c18ee0ed65a5f1f81cac6b1d213b69c35fa47d4252ad41f1486dbd8226fe36e" +checksum = "a258e46cdc063eb8519c00b9fc845fc47bcfca4130e2f08e88665ceda8474245" dependencies = [ "libc", "windows-sys", ] +[[package]] +name = "fiat-crypto" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "27573eac26f4dd11e2b1916c3fe1baa56407c83c71a773a8ba17ec0bca03b6b7" + [[package]] name = "funty" version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e6d5a32815ae3f33302d95fdcb2ce17862f8c65363dcfd29360480ba1001fc9c" +[[package]] +name = "generic-array" +version = "0.14.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" +dependencies = [ + "typenum", + "version_check", +] + [[package]] name = "glob" version = "0.3.1" @@ -344,9 +541,9 @@ dependencies = [ [[package]] name = "home" -version = "0.5.5" +version = "0.5.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5444c27eef6923071f7ebcc33e3444508466a76f7a2b93da00ed6e19f30c1ddb" +checksum = "e3d1354bf6b7235cb4a0576c2619fd4ed18183f689b12b006a0ee7329eeff9a5" dependencies = [ "windows-sys", ] @@ -361,6 +558,18 @@ dependencies = [ "static_assertions", ] +[[package]] +name = "ibig" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d1fcc7f316b2c079dde77564a1360639c1a956a23fa96122732e416cb10717bb" +dependencies = [ + "cfg-if", + "num-traits", + "rand", + "static_assertions", +] + [[package]] name = "indexmap" version = "1.9.3" @@ -371,6 +580,15 @@ dependencies = [ "hashbrown", ] +[[package]] +name = "inout" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" +dependencies = [ + "generic-array", +] + [[package]] name = "intmap" version = "1.1.0" @@ -437,9 +655,9 @@ dependencies = [ [[package]] name = "linux-raw-sys" -version = "0.4.11" +version = "0.4.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "969488b55f8ac402214f3f5fd243ebb7206cf82de60d3172994707a4bcc2b829" +checksum = "c4cd1a83af159aa67994778be9070f0ae1bd732942279cabb14f86f986a21456" [[package]] name = "log" @@ -543,6 +761,12 @@ version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" +[[package]] +name = "platforms" +version = "3.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14e6ab3f592e6fb464fc9712d8d6e6912de6473954635fd76a589d832cffcbb0" + [[package]] name = "plotters" version = "0.3.5" @@ -676,10 +900,19 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" [[package]] -name = "rustix" -version = "0.38.21" +name = "rustc_version" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b426b0506e5d50a7d8dafcf2e81471400deb602392c7dd110815afb4eaf02a3" +checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" +dependencies = [ + "semver", +] + +[[package]] +name = "rustix" +version = "0.38.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72e572a5e8ca657d7366229cdde4bd14c4eb5499a9573d4d366fe1b599daa316" dependencies = [ "bitflags 2.4.1", "errno", @@ -709,6 +942,12 @@ version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" +[[package]] +name = "semver" +version = "1.0.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "836fa6a3e1e547f9a2c4040802ec865b5d85f4014efe00555d7090a3dcaa1090" + [[package]] name = "serde" version = "1.0.192" @@ -740,6 +979,28 @@ dependencies = [ "serde", ] +[[package]] +name = "sha1" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest", +] + +[[package]] +name = "sha2" +version = "0.10.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest", +] + [[package]] name = "shlex" version = "1.2.0" @@ -765,12 +1026,24 @@ dependencies = [ "libc", ] +[[package]] +name = "signature" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" + [[package]] name = "static_assertions" version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" +[[package]] +name = "subtle" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc" + [[package]] name = "syn" version = "1.0.109" @@ -815,6 +1088,12 @@ dependencies = [ "serde_json", ] +[[package]] +name = "typenum" +version = "1.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825" + [[package]] name = "unicode-ident" version = "1.0.12" @@ -831,6 +1110,12 @@ dependencies = [ "pkg-config", ] +[[package]] +name = "version_check" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" + [[package]] name = "walkdir" version = "2.4.0" @@ -950,18 +1235,18 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "windows-sys" -version = "0.48.0" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" +checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ "windows-targets", ] [[package]] name = "windows-targets" -version = "0.48.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" +checksum = "8a18201040b24831fbb9e4eb208f8892e1f50a37feb53cc7ff887feb8f50e7cd" dependencies = [ "windows_aarch64_gnullvm", "windows_aarch64_msvc", @@ -974,45 +1259,45 @@ dependencies = [ [[package]] name = "windows_aarch64_gnullvm" -version = "0.48.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" +checksum = "cb7764e35d4db8a7921e09562a0304bf2f93e0a51bfccee0bd0bb0b666b015ea" [[package]] name = "windows_aarch64_msvc" -version = "0.48.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" +checksum = "bbaa0368d4f1d2aaefc55b6fcfee13f41544ddf36801e793edbbfd7d7df075ef" [[package]] name = "windows_i686_gnu" -version = "0.48.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" +checksum = "a28637cb1fa3560a16915793afb20081aba2c92ee8af57b4d5f28e4b3e7df313" [[package]] name = "windows_i686_msvc" -version = "0.48.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" +checksum = "ffe5e8e31046ce6230cc7215707b816e339ff4d4d67c65dffa206fd0f7aa7b9a" [[package]] name = "windows_x86_64_gnu" -version = "0.48.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" +checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd" [[package]] name = "windows_x86_64_gnullvm" -version = "0.48.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" +checksum = "1a657e1e9d3f514745a572a6846d3c7aa7dbe1658c056ed9c3344c4109a6949e" [[package]] name = "windows_x86_64_msvc" -version = "0.48.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" +checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" [[package]] name = "wyz" @@ -1022,3 +1307,19 @@ checksum = "05f360fc0b24296329c78fda852a1e9ae82de9cf7b27dae4b7f62f118f77b9ed" dependencies = [ "tap", ] + +[[package]] +name = "x25519-dalek" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fb66477291e7e8d2b0ff1bcb900bf29489a9692816d79874bea351e7a8b6de96" +dependencies = [ + "curve25519-dalek", + "rand_core", +] + +[[package]] +name = "zeroize" +version = "1.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "525b4ec142c6b68a2d10f01f7bbf6755599ca3f81ea53b8431b7dd348f5fdb2d" diff --git a/rust/ares/Cargo.toml b/rust/ares/Cargo.toml index 9b56af0..f23e8e1 100644 --- a/rust/ares/Cargo.toml +++ b/rust/ares/Cargo.toml @@ -11,6 +11,7 @@ edition = "2018" # Please keep these alphabetized [dependencies] +ares_crypto = { path = "../ares_crypto" } ares_macros = { path = "../ares_macros" } # assert_no_alloc = "1.1.2" # use this when debugging requires allocation (e.g. eprintln) diff --git a/rust/ares/src/jets/lock/sha.rs b/rust/ares/src/jets/lock/sha.rs index a2d87f3..b769d86 100644 --- a/rust/ares/src/jets/lock/sha.rs +++ b/rust/ares/src/jets/lock/sha.rs @@ -4,6 +4,7 @@ use crate::jets::util::slot; use crate::jets::{JetErr, Result}; use crate::noun::{IndirectAtom, Noun, D}; use urcrypt_sys::*; +use ares_crypto::sha::{ac_sha1, ac_shal, ac_shas, ac_shay}; crate::gdb!(); @@ -11,22 +12,21 @@ pub fn jet_shas(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; let sam = slot(subject, 6)?; let sal = slot(sam, 2)?.as_atom()?; - let ruz = slot(sam, 3)?.as_atom()?; + let mut ruz = slot(sam, 3)?.as_atom()?; let sal_bytes = &(sal.as_bytes())[0..met(3, sal)]; // drop trailing zeros - let (mut _salt_ida, salt) = unsafe { IndirectAtom::new_raw_mut_bytes(stack, sal_bytes.len()) }; + let (mut _salt_ida, mut salt) = unsafe { IndirectAtom::new_raw_mut_bytes(stack, sal_bytes.len()) }; salt.copy_from_slice(sal_bytes); - let message = &(ruz.as_bytes())[0..met(3, ruz)]; // drop trailing zeros + let msg_len = met(3, ruz); + let mut message = &mut (ruz.as_mut_bytes())[0..msg_len]; // drop trailing zeros unsafe { - let (mut out_ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 32); - urcrypt_shas( - salt.as_mut_ptr(), - salt.len(), - message.as_ptr(), - message.len(), - out.as_mut_ptr(), + let (mut out_ida, mut out) = IndirectAtom::new_raw_mut_bytes(stack, 32); + ac_shas( + &mut message, + &mut salt, + &mut out, ); Ok(out_ida.normalize_as_atom().as_noun()) } @@ -35,12 +35,12 @@ pub fn jet_shas(context: &mut Context, subject: Noun) -> Result { pub fn jet_shax(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; let sam = slot(subject, 6)?; - let msg = sam.as_atom()?; + let mut msg = sam.as_atom()?; let len = met(3, msg); unsafe { - let (mut ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 32); - urcrypt_shay(msg.as_bytes().as_ptr(), len, out.as_mut_ptr()); + let (mut ida, mut out) = IndirectAtom::new_raw_mut_bytes(stack, 32); + ac_shay(&mut (msg.as_mut_bytes())[0..len], &mut out); Ok(ida.normalize_as_atom().as_noun()) } } @@ -49,18 +49,18 @@ pub fn jet_shay(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; let sam = slot(subject, 6)?; let wid = slot(sam, 2)?.as_atom()?; - let dat = slot(sam, 3)?.as_atom()?; + let mut dat = slot(sam, 3)?.as_atom()?; let width = match wid.as_direct() { Ok(direct) => direct.data() as usize, Err(_) => return Err(JetErr::Fail(Error::NonDeterministic(D(0)))), }; - let message = dat.as_bytes(); + let message = &mut (dat.as_mut_bytes())[0..width]; unsafe { - let (mut out_ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 32); - urcrypt_shay(message.as_ptr(), width, out.as_mut_ptr()); + let (mut out_ida, mut out) = IndirectAtom::new_raw_mut_bytes(stack, 32); + ac_shay(message, &mut out); Ok(out_ida.normalize_as_atom().as_noun()) } } @@ -69,18 +69,18 @@ pub fn jet_shal(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; let sam = slot(subject, 6)?; let wid = slot(sam, 2)?.as_atom()?; - let dat = slot(sam, 3)?.as_atom()?; + let mut dat = slot(sam, 3)?.as_atom()?; let width = match wid.as_direct() { Ok(direct) => direct.data() as usize, Err(_) => return Err(JetErr::Fail(Error::NonDeterministic(D(0)))), }; - let message = &(dat.as_bytes())[0..met(3, dat)]; // drop trailing zeros + let message = &mut (dat.as_mut_bytes())[0..width]; // drop trailing zeros unsafe { - let (mut ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 64); - urcrypt_shal(message.as_ptr(), width, out.as_mut_ptr()); + let (mut ida, mut out) = IndirectAtom::new_raw_mut_bytes(stack, 64); + ac_shal(message, &mut out); Ok(ida.normalize_as_atom().as_noun()) } } @@ -97,12 +97,12 @@ pub fn jet_sha1(context: &mut Context, subject: Noun) -> Result { }; unsafe { - let msg_bytes = dat.as_bytes(); - let (mut _msg_ida, msg) = IndirectAtom::new_raw_mut_bytes(stack, msg_bytes.len()); + let msg_bytes = &(dat.as_bytes())[0..width]; + let (mut _msg_ida, mut msg) = IndirectAtom::new_raw_mut_bytes(stack, msg_bytes.len()); msg.copy_from_slice(msg_bytes); - let (mut out_ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 20); - urcrypt_sha1(msg.as_mut_ptr(), width, out.as_mut_ptr()); + let (mut out_ida, mut out) = IndirectAtom::new_raw_mut_bytes(stack, 20); + ac_sha1(&mut msg, &mut out); Ok(out_ida.normalize_as_atom().as_noun()) } } diff --git a/rust/ares/src/noun.rs b/rust/ares/src/noun.rs index 4e81db9..72272fd 100644 --- a/rust/ares/src/noun.rs +++ b/rust/ares/src/noun.rs @@ -249,6 +249,11 @@ impl DirectAtom { let bytes: &[u8; 8] = unsafe { std::mem::transmute(&self.0) }; &bytes[..] } + + pub fn as_mut_bytes(&mut self) -> &mut [u8] { + let bytes: &mut [u8; 8] = unsafe { std::mem::transmute(&mut self.0) }; + &mut bytes[..] + } } impl fmt::Display for DirectAtom { @@ -469,6 +474,10 @@ impl IndirectAtom { unsafe { from_raw_parts(self.data_pointer() as *const u8, self.size() << 3) } } + pub fn as_mut_bytes(&mut self) -> &mut [u8] { + unsafe { from_raw_parts_mut(self.data_pointer_mut() as *mut u8, self.size() << 3) } + } + /** BitSlice view on an indirect atom, with lifetime tied to reference to indirect atom. */ pub fn as_bitslice(&self) -> &BitSlice { BitSlice::from_slice(self.as_slice()) @@ -801,6 +810,14 @@ impl Atom { } } + pub fn as_mut_bytes(&mut self) -> &mut [u8] { + if self.is_direct() { + unsafe { self.direct.as_mut_bytes() } + } else { + unsafe { self.indirect.as_mut_bytes() } + } + } + pub fn as_u64(self) -> Result { if self.is_direct() { Ok(unsafe { self.direct.data() }) diff --git a/rust/ares_crypto/src/sha.rs b/rust/ares_crypto/src/sha.rs index 9c8a9a9..724ee54 100644 --- a/rust/ares_crypto/src/sha.rs +++ b/rust/ares_crypto/src/sha.rs @@ -2,7 +2,7 @@ use sha1::{Digest, Sha1}; use sha2::{Sha256, Sha512}; /// Hashes a message using SHA-1. -pub fn ac_sha1(message: &mut [u8], out: &mut [u8; 20]) { +pub fn ac_sha1(message: &mut [u8], out: &mut [u8]) { message.reverse(); let mut hasher = Sha1::new(); hasher.update(message); @@ -12,7 +12,7 @@ pub fn ac_sha1(message: &mut [u8], out: &mut [u8; 20]) { } /// Hashes a message using SHA-256. -pub fn ac_shay(message: &mut [u8], out: &mut [u8; 32]) { +pub fn ac_shay(message: &mut [u8], out: &mut [u8]) { let mut hasher = Sha256::new(); hasher.update(message); let result = hasher.finalize(); @@ -20,7 +20,7 @@ pub fn ac_shay(message: &mut [u8], out: &mut [u8; 32]) { } /// Hashes a message using SHA-512. -pub fn ac_shal(message: &mut [u8], out: &mut [u8; 64]) { +pub fn ac_shal(message: &mut [u8], out: &mut [u8]) { let mut hasher = Sha512::new(); hasher.update(message); let result = hasher.finalize(); @@ -28,7 +28,7 @@ pub fn ac_shal(message: &mut [u8], out: &mut [u8; 64]) { } /// Hashes a message and salt using SHA-256. -pub fn ac_shas(message: &mut [u8], salt: &mut [u8], out: &mut [u8; 32]) { +pub fn ac_shas(message: &mut [u8], salt: &mut [u8], out: &mut [u8]) { let mut mid: [u8; 32] = [0; 32]; ac_shay(message, &mut mid); From 70a3744218f592f0319dc04201e46966169d004c Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Wed, 20 Dec 2023 13:52:50 -0500 Subject: [PATCH 21/40] jets: replace `urcrypt` with `ares_crypto` functions in `ed` jets --- rust/ares/src/jets/lock/ed.rs | 89 +++++++++++++++------------------- rust/ares/src/jets/lock/sha.rs | 10 ++-- 2 files changed, 41 insertions(+), 58 deletions(-) diff --git a/rust/ares/src/jets/lock/ed.rs b/rust/ares/src/jets/lock/ed.rs index 96511ac..5d1abbe 100644 --- a/rust/ares/src/jets/lock/ed.rs +++ b/rust/ares/src/jets/lock/ed.rs @@ -3,7 +3,7 @@ use crate::jets::bits::util::met; use crate::jets::util::slot; use crate::jets::{JetErr, Result}; use crate::noun::{IndirectAtom, Noun, D, NO, YES}; -use urcrypt_sys::*; +use ares_crypto::ed25519::{ac_ed_puck, ac_ed_shar, ac_ed_sign, ac_ed_veri}; crate::gdb!(); @@ -16,16 +16,13 @@ pub fn jet_puck(context: &mut Context, subject: Noun) -> Result { } unsafe { - // allocate 32 byte buffer on - let sed_buffer = &mut [0u8; 32] as *mut u8; - let sed_bytes = sed.as_bytes(); - - // we need to copy because the atom might be less than 32 bytes and urcrypt expects a - // 32-byte buffer - std::ptr::copy_nonoverlapping(sed_bytes.as_ptr(), sed_buffer, sed_bytes.len()); + let mut sed_bytes = &mut [0u8; 32]; + sed_bytes.copy_from_slice(&(sed.as_bytes())[0..32]); let (mut pub_ida, pub_key) = IndirectAtom::new_raw_mut_bytes(stack, 32); - urcrypt_ed_puck(sed_buffer as *const u8, pub_key.as_mut_ptr()); + let tmp = &mut [0u8; 32]; + ac_ed_puck(&mut sed_bytes, tmp); + pub_key.copy_from_slice(tmp); Ok(pub_ida.normalize_as_atom().as_noun()) } @@ -47,17 +44,19 @@ pub fn jet_shar(context: &mut Context, subject: Noun) -> Result { } unsafe { - let (_, public) = IndirectAtom::new_raw_mut_bytes(stack, 32); - let (_, secret) = IndirectAtom::new_raw_mut_bytes(stack, 32); + let public = &mut [0u8; 32]; + let secret = &mut [0u8; 32]; let pub_bytes = pub_key.as_bytes(); let sec_bytes = sec_key.as_bytes(); public[0..pub_bytes.len()].copy_from_slice(pub_bytes); - secret[0..sec_bytes.len()].copy_from_slice(sec_bytes); + secret[0..pub_bytes.len()].copy_from_slice(sec_bytes); let (mut shar_ida, shar) = IndirectAtom::new_raw_mut_bytes(stack, 32); - urcrypt_ed_shar(public.as_ptr(), secret.as_ptr(), shar.as_mut_ptr()); + let tmp = &mut [0u8; 32]; + ac_ed_shar(public, secret, tmp); + shar.copy_from_slice(tmp); Ok(shar_ida.normalize_as_atom().as_noun()) } @@ -65,7 +64,7 @@ pub fn jet_shar(context: &mut Context, subject: Noun) -> Result { pub fn jet_sign(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; - let msg = slot(subject, 12)?.as_atom()?; + let mut msg = slot(subject, 12)?.as_atom()?; let sed = slot(subject, 13)?.as_atom()?; unsafe { @@ -73,59 +72,47 @@ pub fn jet_sign(context: &mut Context, subject: Noun) -> Result { if sed_bytes.len() > 32 { return Err(JetErr::Fail(Error::Deterministic(D(0)))); }; + let seed = &mut [0u8; 32]; + seed[0..sed_bytes.len()].copy_from_slice(sed_bytes); - let msg_bytes = &(msg.as_bytes())[0..met(3, msg)]; // drop trailing zeros - - let (mut _seed_ida, seed) = IndirectAtom::new_raw_mut_bytes(stack, 32); - seed.copy_from_slice(sed_bytes); + let msg_len = met(3, msg); + let message = &mut (msg.as_mut_bytes())[0..msg_len]; // drop trailing zeros let (mut sig_ida, sig) = IndirectAtom::new_raw_mut_bytes(stack, 64); - urcrypt_ed_sign( - msg_bytes.as_ptr(), - msg_bytes.len(), - seed.as_ptr(), - sig.as_mut_ptr(), - ); - sig.reverse(); // LSB first + let tmp = &mut [0u8; 64]; + ac_ed_sign(message, seed, tmp); + tmp.reverse(); + sig.copy_from_slice(tmp); Ok(sig_ida.normalize_as_atom().as_noun()) } } -pub fn jet_veri(context: &mut Context, subject: Noun) -> Result { - let stack = &mut context.stack; +pub fn jet_veri(_context: &mut Context, subject: Noun) -> Result { let sig = slot(subject, 12)?.as_atom()?; let msg = slot(subject, 26)?.as_atom()?; let puk = slot(subject, 27)?.as_atom()?; - unsafe { - // Both are size checked by Hoon, but without crashing - let sig_bytes = sig.as_bytes(); - if sig_bytes.len() > 64 { - return Ok(NO); - }; + // Both are size checked by Hoon, but without crashing + let sig_bytes = sig.as_bytes(); + if sig_bytes.len() > 64 { + return Ok(NO); + }; + let signature = &mut [0u8; 64]; + signature[0..sig_bytes.len()].copy_from_slice(sig_bytes); - let pub_bytes = puk.as_bytes(); - if pub_bytes.len() > 32 { - return Ok(NO); - }; + let pub_bytes = puk.as_bytes(); + if pub_bytes.len() > 32 { + return Ok(NO); + }; + let public_key = &mut [0u8; 32]; + public_key[0..pub_bytes.len()].copy_from_slice(pub_bytes); - let (mut _sig_ida, signature) = IndirectAtom::new_raw_mut_bytes(stack, 64); - signature.copy_from_slice(sig_bytes); - let (mut _pub_ida, public_key) = IndirectAtom::new_raw_mut_bytes(stack, 32); - public_key.copy_from_slice(pub_bytes); + let message = &(msg.as_bytes())[0..met(3, msg)]; // drop trailing zeros - let message = &(msg.as_bytes())[0..met(3, msg)]; // drop trailing zeros + let valid = ac_ed_veri(message, public_key, signature); - let valid = urcrypt_ed_veri( - message.as_ptr(), - message.len(), - public_key.as_ptr(), - signature.as_ptr(), - ); - - Ok(if valid { YES } else { NO }) - } + Ok(if valid { YES } else { NO }) } #[cfg(test)] diff --git a/rust/ares/src/jets/lock/sha.rs b/rust/ares/src/jets/lock/sha.rs index b769d86..1cbc5b1 100644 --- a/rust/ares/src/jets/lock/sha.rs +++ b/rust/ares/src/jets/lock/sha.rs @@ -3,7 +3,6 @@ use crate::jets::bits::util::met; use crate::jets::util::slot; use crate::jets::{JetErr, Result}; use crate::noun::{IndirectAtom, Noun, D}; -use urcrypt_sys::*; use ares_crypto::sha::{ac_sha1, ac_shal, ac_shas, ac_shay}; crate::gdb!(); @@ -15,7 +14,8 @@ pub fn jet_shas(context: &mut Context, subject: Noun) -> Result { let mut ruz = slot(sam, 3)?.as_atom()?; let sal_bytes = &(sal.as_bytes())[0..met(3, sal)]; // drop trailing zeros - let (mut _salt_ida, mut salt) = unsafe { IndirectAtom::new_raw_mut_bytes(stack, sal_bytes.len()) }; + let (mut _salt_ida, mut salt) = + unsafe { IndirectAtom::new_raw_mut_bytes(stack, sal_bytes.len()) }; salt.copy_from_slice(sal_bytes); let msg_len = met(3, ruz); @@ -23,11 +23,7 @@ pub fn jet_shas(context: &mut Context, subject: Noun) -> Result { unsafe { let (mut out_ida, mut out) = IndirectAtom::new_raw_mut_bytes(stack, 32); - ac_shas( - &mut message, - &mut salt, - &mut out, - ); + ac_shas(&mut message, &mut salt, &mut out); Ok(out_ida.normalize_as_atom().as_noun()) } } From 38f9bd4e2608f6626755219718fe953e7b6f9d8a Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Wed, 20 Dec 2023 16:09:59 -0500 Subject: [PATCH 22/40] wip: replace `urcrypt` in `aes` --- rust/ares/src/jets/lock/aes.rs | 207 ++++++++++++++------------------ rust/ares_crypto/src/aes_siv.rs | 44 ++++--- 2 files changed, 122 insertions(+), 129 deletions(-) diff --git a/rust/ares/src/jets/lock/aes.rs b/rust/ares/src/jets/lock/aes.rs index 32ea4a5..1708635 100644 --- a/rust/ares/src/jets/lock/aes.rs +++ b/rust/ares/src/jets/lock/aes.rs @@ -2,13 +2,15 @@ use crate::interpreter::Context; use crate::jets::bits::util::met; use crate::jets::util::slot; use crate::jets::{JetErr, Result}; -use crate::noun::{IndirectAtom, Noun}; -use urcrypt_sys::*; +use crate::noun::Noun; +use ares_crypto::aes_siv::{ + ac_aes_siva_de, ac_aes_siva_en, ac_aes_sivb_de, ac_aes_sivb_en, ac_aes_sivc_de, ac_aes_sivc_en, +}; crate::gdb!(); // Note: The Hoon code for these functions doesn't explicitly check key -// sizes. However, the implementations of these functions in urcrypt +// sizes. However, the implementations of these functions in ares_crypto // have fixed maximum key sizes, therefore we must punt if the key is // too large. @@ -16,17 +18,15 @@ pub fn jet_siva_en(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; let txt = slot(subject, 6)?.as_atom()?; let key = slot(subject, 60)?.as_atom()?; - let atoms = slot(subject, 61)?; + let ads = slot(subject, 61)?; if met(3, key) > 32 { Err(JetErr::Punt) } else { - unsafe { - let (mut _key_ida, key_bytes) = IndirectAtom::new_raw_mut_bytes(stack, 32); - key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); + let key_bytes = &mut [0u8; 32]; + key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); - util::_siv_en(stack, key_bytes, atoms, txt, urcrypt_aes_siva_en) - } + util::_siv_en(stack, key_bytes, ads, txt, ac_aes_siva_en) } } @@ -41,12 +41,10 @@ pub fn jet_siva_de(context: &mut Context, subject: Noun) -> Result { if met(3, key) > 32 { Err(JetErr::Punt) } else { - unsafe { - let (mut _key_ida, key_bytes) = IndirectAtom::new_raw_mut_bytes(stack, 32); - key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); + let key_bytes = &mut [0u8; 32]; + key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); - util::_siv_de(stack, key_bytes, ads, iv, len, txt, urcrypt_aes_siva_de) - } + util::_siv_de(stack, key_bytes, ads, iv, len, txt, ac_aes_siva_de) } } @@ -54,17 +52,15 @@ pub fn jet_sivb_en(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; let txt = slot(subject, 6)?.as_atom()?; let key = slot(subject, 60)?.as_atom()?; - let atoms = slot(subject, 61)?; + let ads = slot(subject, 61)?; if met(3, key) > 48 { Err(JetErr::Punt) } else { - unsafe { - let (mut _key_ida, key_bytes) = IndirectAtom::new_raw_mut_bytes(stack, 48); - key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); + let key_bytes = &mut [0u8; 48]; + key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); - util::_siv_en(stack, key_bytes, atoms, txt, urcrypt_aes_sivb_en) - } + util::_siv_en(stack, key_bytes, ads, txt, ac_aes_sivb_en) } } @@ -79,12 +75,10 @@ pub fn jet_sivb_de(context: &mut Context, subject: Noun) -> Result { if met(3, key) > 48 { Err(JetErr::Punt) } else { - unsafe { - let (mut _key_ida, key_bytes) = IndirectAtom::new_raw_mut_bytes(stack, 48); - key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); + let key_bytes = &mut [0u8; 48]; + key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); - util::_siv_de(stack, key_bytes, ads, iv, len, txt, urcrypt_aes_sivb_de) - } + util::_siv_de(stack, key_bytes, ads, iv, len, txt, ac_aes_sivb_de) } } @@ -92,17 +86,15 @@ pub fn jet_sivc_en(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; let txt = slot(subject, 6)?.as_atom()?; let key = slot(subject, 60)?.as_atom()?; - let atoms = slot(subject, 61)?; + let ads = slot(subject, 61)?; if met(3, key) > 64 { Err(JetErr::Punt) } else { - unsafe { - let (mut _key_ida, key_bytes) = IndirectAtom::new_raw_mut_bytes(stack, 64); - key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); + let key_bytes = &mut [0u8; 64]; + key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); - util::_siv_en(stack, key_bytes, atoms, txt, urcrypt_aes_sivc_en) - } + util::_siv_en(stack, key_bytes, ads, txt, ac_aes_sivc_en) } } @@ -117,12 +109,10 @@ pub fn jet_sivc_de(context: &mut Context, subject: Noun) -> Result { if met(3, key) > 64 { Err(JetErr::Punt) } else { - unsafe { - let (mut _key_ida, key_bytes) = IndirectAtom::new_raw_mut_bytes(stack, 64); - key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); + let key_bytes = &mut [0u8; 64]; + key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); - util::_siv_de(stack, key_bytes, ads, iv, len, txt, urcrypt_aes_sivc_de) - } + util::_siv_de(stack, key_bytes, ads, iv, len, txt, ac_aes_sivc_de) } } @@ -133,48 +123,43 @@ mod util { use crate::jets::{JetErr, Result}; use crate::mem::NockStack; use crate::noun::{Atom, IndirectAtom, Noun, D, T}; - use std::ptr::null_mut; use std::result; - use urcrypt_sys::urcrypt_aes_siv_data; + use ares_crypto::aes_siv; - type UrcryptSiv = unsafe extern "C" fn( - *mut u8, - usize, - *mut urcrypt_aes_siv_data, - usize, - *mut u8, - *mut u8, - *mut u8, - ) -> i32; + /// Associated data for AES-SIV functions. + struct AcAesSivData { + bytes: *mut u8, + length: usize, + } - /// Encodes the list of atoms. - /// - /// # Arguments - /// - /// * `stack` - the active NockStack - /// * `atoms` - the list of atoms to allocate - /// - fn _allocate_atoms( + type AcAesSiv = fn( + key: &mut [u8], + message: &mut [u8], + data: &mut [&mut [u8]], + iv: &mut [u8], + out: &mut [u8], + ) -> result::Result<(), aes_siv::Error>; + + /// Allocates a noun list as an array of AesSivData structs on the NockStack + /// for use as associated data in AES-SIV functions. + fn _allocate_ads( stack: &mut NockStack, - mut atoms: Noun, - ) -> result::Result<&'static mut [urcrypt_aes_siv_data], JetErr> { - if unsafe { atoms.raw_equals(D(0)) } { + mut ads: Noun, + ) -> result::Result<&'static mut [AcAesSivData], JetErr> { + if unsafe { ads.raw_equals(D(0)) } { return Ok(&mut []); } - // measure - let length = list::util::lent(atoms)?; + let length = list::util::lent(ads)?; - // allocate - let siv_data: &mut [urcrypt_aes_siv_data] = unsafe { - let ptr = stack.struct_alloc::(length); + let siv_data: &mut [AcAesSivData] = unsafe { + let ptr = stack.struct_alloc::(length); std::slice::from_raw_parts_mut(ptr, length) }; - // encode unsafe { for item in siv_data.iter_mut().take(length) { - let cell = atoms.as_cell()?; + let cell = ads.as_cell()?; let head = cell.head().as_atom()?; let bytes = head.as_bytes(); let len = met(3, head); @@ -182,10 +167,10 @@ mod util { let (mut atom, buffer) = IndirectAtom::new_raw_mut_bytes(stack, bytes.len()); buffer[0..len].copy_from_slice(&(bytes[0..len])); - item.length = bytes.len(); item.bytes = atom.data_pointer_mut() as *mut u8; + item.length = len; - atoms = cell.tail(); + ads = cell.tail(); } } @@ -196,48 +181,42 @@ mod util { stack: &mut NockStack, key: &mut [u8], ads: Noun, - txt: Atom, - fun: UrcryptSiv, + mut txt: Atom, + fun: AcAesSiv, ) -> Result { unsafe { - let siv_data = _allocate_atoms(stack, ads)?; + let ac_siv_data = _allocate_ads(stack, ads)?; + let siv_data: &mut [&mut [u8]] = std::slice::from_raw_parts_mut( + ac_siv_data.as_mut_ptr() as *mut &mut [u8], + ac_siv_data.len(), + ); + eprintln!("siv_data: {:?}", siv_data); let txt_len = met(3, txt); - let txt_ptr = match txt_len { - 0 => null_mut::(), - _ => { - let (_, txt_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); - txt_bytes[0..txt_len].copy_from_slice(&(txt.as_bytes()[0..txt_len])); - txt_bytes.as_mut_ptr() - } - }; + let txt_bytes = &mut (txt.as_mut_bytes()[0..txt_len]); let (mut iv, iv_bytes) = IndirectAtom::new_raw_mut_bytes(stack, 16); match txt_len { 0 => { fun( - txt_ptr, - txt_len, - siv_data.as_mut_ptr(), - siv_data.len(), - key.as_mut_ptr(), - iv_bytes.as_mut_ptr(), - null_mut::(), - ); + key, + txt_bytes, + siv_data, + iv_bytes, + &mut [0u8; 0], + ).unwrap(); Ok(T(stack, &[iv.normalize_as_atom().as_noun(), D(0), D(0)])) } _ => { let (mut out_atom, out_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); fun( - txt_ptr, - txt_len, - siv_data.as_mut_ptr(), - siv_data.len(), - key.as_mut_ptr(), - iv_bytes.as_mut_ptr(), - out_bytes.as_mut_ptr(), - ); + key, + txt_bytes, + siv_data, + iv_bytes, + out_bytes + ).unwrap(); Ok(T( stack, &[ @@ -255,38 +234,38 @@ mod util { stack: &mut NockStack, key: &mut [u8], ads: Noun, - iv: Atom, + mut iv: Atom, len: Atom, - txt: Atom, - fun: UrcryptSiv, + mut txt: Atom, + fun: AcAesSiv ) -> Result { unsafe { let txt_len = match len.as_direct() { Ok(direct) => direct.data() as usize, Err(_) => return Err(JetErr::Fail(Error::NonDeterministic(D(0)))), }; - let (_, txt_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); - txt_bytes[0..txt_len].copy_from_slice(&(txt.as_bytes()[0..txt_len])); + // let (_, txt_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); + // txt_bytes[0..txt_len].copy_from_slice(&(txt.as_bytes()[0..txt_len])); + let txt_bytes = &mut (txt.as_mut_bytes()[0..txt_len]); - let (_iv_ida, iv_bytes) = IndirectAtom::new_raw_mut_bytes(stack, 16); - iv_bytes[0..16].copy_from_slice(&(iv.as_bytes()[0..16])); + // let (_iv_ida, iv_bytes) = IndirectAtom::new_raw_mut_bytes(stack, 16); + // iv_bytes[0..16].copy_from_slice(&(iv.as_bytes()[0..16])); + let iv_bytes = &mut (iv.as_mut_bytes()[0..16]); - let siv_data = _allocate_atoms(stack, ads)?; + let ac_siv_data = _allocate_ads(stack, ads)?; + let siv_data: &mut [&mut [u8]] = std::slice::from_raw_parts_mut( + ac_siv_data.as_mut_ptr() as *mut &mut [u8], + ac_siv_data.len(), + ); let (mut out_atom, out_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); fun( - if txt_len == 0 { - null_mut::() - } else { - txt_bytes.as_mut_ptr() - }, - txt_len, - siv_data.as_mut_ptr(), - siv_data.len(), - key.as_mut_ptr(), - iv_bytes.as_mut_ptr(), - out_bytes.as_mut_ptr(), - ); + key, + txt_bytes, + siv_data, + iv_bytes, + out_bytes + ).unwrap(); Ok(T(stack, &[D(0), out_atom.normalize_as_atom().as_noun()])) } } diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index fc1a4aa..93e929a 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -1,7 +1,7 @@ -use aes::Aes192; use aes_siv::aead::{generic_array::GenericArray, KeyInit}; use aes_siv::siv::{Aes128Siv, Aes256Siv, CmacSiv}; +use aes::Aes192; type Aes192Siv = CmacSiv; #[derive(Debug)] @@ -16,7 +16,8 @@ pub fn _ac_aes_siv_en( key: &mut [u8], message: &mut [u8], data: &mut [&mut [u8]], - iv: &mut [u8; 16], + // iv: &mut [u8; 16], + iv: &mut [u8], out: &mut [u8], ) -> Result<(), Error> { let iv_tag; @@ -62,7 +63,8 @@ pub fn _ac_aes_siv_de( key: &mut [u8], message: &mut [u8], data: &mut [&mut [u8]], - iv: &mut [u8; 16], + // iv: &mut [u8; 16], + iv: &mut [u8], out: &mut [u8], ) -> Result<(), Error> { let iv_array = GenericArray::from_slice(iv); @@ -101,60 +103,72 @@ pub fn _ac_aes_siv_de( } pub fn ac_aes_siva_en( - key: &mut [u8; 32], + // key: &mut [u8; 32], + key: &mut [u8], message: &mut [u8], data: &mut [&mut [u8]], - iv: &mut [u8; 16], + // iv: &mut [u8; 16], + iv: &mut [u8], out: &mut [u8], ) -> Result<(), Error> { _ac_aes_siv_en(key, message, data, iv, out) } pub fn ac_aes_siva_de( - key: &mut [u8; 32], + // key: &mut [u8; 32], + key: &mut [u8], message: &mut [u8], data: &mut [&mut [u8]], - iv: &mut [u8; 16], + // iv: &mut [u8; 16], + iv: &mut [u8], out: &mut [u8], ) -> Result<(), Error> { _ac_aes_siv_de(key, message, data, iv, out) } pub fn ac_aes_sivb_en( - key: &mut [u8; 48], + // key: &mut [u8; 48], + key: &mut [u8], message: &mut [u8], data: &mut [&mut [u8]], - iv: &mut [u8; 16], + // iv: &mut [u8; 16], + iv: &mut [u8], out: &mut [u8], ) -> Result<(), Error> { _ac_aes_siv_en(key, message, data, iv, out) } pub fn ac_aes_sivb_de( - key: &mut [u8; 48], + // key: &mut [u8; 48], + key: &mut [u8], message: &mut [u8], data: &mut [&mut [u8]], - iv: &mut [u8; 16], + // iv: &mut [u8; 16], + iv: &mut [u8], out: &mut [u8], ) -> Result<(), Error> { _ac_aes_siv_de(key, message, data, iv, out) } pub fn ac_aes_sivc_en( - key: &mut [u8; 64], + // key: &mut [u8; 64], + key: &mut [u8], message: &mut [u8], data: &mut [&mut [u8]], - iv: &mut [u8; 16], + // iv: &mut [u8; 16], + iv: &mut [u8], out: &mut [u8], ) -> Result<(), Error> { _ac_aes_siv_en(key, message, data, iv, out) } pub fn ac_aes_sivc_de( - key: &mut [u8; 64], + // key: &mut [u8; 64], + key: &mut [u8], message: &mut [u8], data: &mut [&mut [u8]], - iv: &mut [u8; 16], + // iv: &mut [u8; 16], + iv: &mut [u8], out: &mut [u8], ) -> Result<(), Error> { _ac_aes_siv_de(key, message, data, iv, out) From afbb5ea245109ea97e0368fcee9749ce5e0091c1 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Wed, 20 Dec 2023 21:14:00 -0500 Subject: [PATCH 23/40] jets: boots without `urcrypt` --- rust/ares/Cargo.lock | 1 - rust/ares/Cargo.toml | 1 - rust/ares/src/jets/lock/aes.rs | 7 +- rust/ares/src/jets/lock/sha.rs | 3 +- rust/ares_crypto/src/aes_siv.rs | 171 +++++++------------------------- 5 files changed, 37 insertions(+), 146 deletions(-) diff --git a/rust/ares/Cargo.lock b/rust/ares/Cargo.lock index 882e98e..77636ad 100644 --- a/rust/ares/Cargo.lock +++ b/rust/ares/Cargo.lock @@ -77,7 +77,6 @@ dependencies = [ "num-traits", "signal-hook", "static_assertions", - "urcrypt-sys", ] [[package]] diff --git a/rust/ares/Cargo.toml b/rust/ares/Cargo.toml index f23e8e1..ef58fed 100644 --- a/rust/ares/Cargo.toml +++ b/rust/ares/Cargo.toml @@ -30,7 +30,6 @@ num-derive = "0.3" num-traits = "0.2" signal-hook = "0.3" static_assertions = "1.1.0" -urcrypt-sys = "0.1.1" [build-dependencies] autotools = "0.2.6" diff --git a/rust/ares/src/jets/lock/aes.rs b/rust/ares/src/jets/lock/aes.rs index 1708635..a7bdf85 100644 --- a/rust/ares/src/jets/lock/aes.rs +++ b/rust/ares/src/jets/lock/aes.rs @@ -167,8 +167,8 @@ mod util { let (mut atom, buffer) = IndirectAtom::new_raw_mut_bytes(stack, bytes.len()); buffer[0..len].copy_from_slice(&(bytes[0..len])); + item.length = bytes.len(); item.bytes = atom.data_pointer_mut() as *mut u8; - item.length = len; ads = cell.tail(); } @@ -190,7 +190,6 @@ mod util { ac_siv_data.as_mut_ptr() as *mut &mut [u8], ac_siv_data.len(), ); - eprintln!("siv_data: {:?}", siv_data); let txt_len = met(3, txt); let txt_bytes = &mut (txt.as_mut_bytes()[0..txt_len]); @@ -244,12 +243,8 @@ mod util { Ok(direct) => direct.data() as usize, Err(_) => return Err(JetErr::Fail(Error::NonDeterministic(D(0)))), }; - // let (_, txt_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); - // txt_bytes[0..txt_len].copy_from_slice(&(txt.as_bytes()[0..txt_len])); let txt_bytes = &mut (txt.as_mut_bytes()[0..txt_len]); - // let (_iv_ida, iv_bytes) = IndirectAtom::new_raw_mut_bytes(stack, 16); - // iv_bytes[0..16].copy_from_slice(&(iv.as_bytes()[0..16])); let iv_bytes = &mut (iv.as_mut_bytes()[0..16]); let ac_siv_data = _allocate_ads(stack, ads)?; diff --git a/rust/ares/src/jets/lock/sha.rs b/rust/ares/src/jets/lock/sha.rs index 1cbc5b1..ce73706 100644 --- a/rust/ares/src/jets/lock/sha.rs +++ b/rust/ares/src/jets/lock/sha.rs @@ -72,7 +72,8 @@ pub fn jet_shal(context: &mut Context, subject: Noun) -> Result { Err(_) => return Err(JetErr::Fail(Error::NonDeterministic(D(0)))), }; - let message = &mut (dat.as_mut_bytes())[0..width]; // drop trailing zeros + let msg_len = met(3, dat); + let message = &mut (dat.as_mut_bytes())[0..msg_len]; // drop trailing zeros unsafe { let (mut ida, mut out) = IndirectAtom::new_raw_mut_bytes(stack, 64); diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index 93e929a..7ec2c5f 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -20,6 +20,12 @@ pub fn _ac_aes_siv_en( iv: &mut [u8], out: &mut [u8], ) -> Result<(), Error> { + key.reverse(); + message.reverse(); + for i in 0..data.len() { + data[i].reverse(); + } + let iv_tag; if key.len() == 32 { if let Ok(mut cipher) = Aes128Siv::new_from_slice(&key) { @@ -55,7 +61,7 @@ pub fn _ac_aes_siv_en( iv_slice.reverse(); iv.copy_from_slice(&iv_slice); message.reverse(); - out.copy_from_slice(message); + out[0..message.len()].copy_from_slice(message); Ok(()) } @@ -67,6 +73,13 @@ pub fn _ac_aes_siv_de( iv: &mut [u8], out: &mut [u8], ) -> Result<(), Error> { + key.reverse(); + message.reverse(); + iv.reverse(); + for i in 0..data.len() { + data[i].reverse(); + } + let iv_array = GenericArray::from_slice(iv); if key.len() == 32 { if let Ok(mut cipher) = Aes128Siv::new_from_slice(&key) { @@ -98,6 +111,7 @@ pub fn _ac_aes_siv_de( } else { return Err(Error::InvalidKeyLength); } + message.reverse(); out.copy_from_slice(message); Ok(()) } @@ -188,83 +202,44 @@ mod urcrypt_tests { #[test] fn test_aes_siva_de() { - let mut key: [u8; 32] = [42; 32]; - let mut message: [u8; 32] = [ - 61, 88, 88, 36, 83, 232, 120, 45, 27, 159, 15, 145, 140, 231, 114, 229, 61, 243, 54, - 183, 156, 53, 217, 103, 88, 36, 53, 37, 165, 240, 92, 133, - ]; - let mut iv: [u8; 16] = [ - 16, 90, 129, 170, 175, 145, 229, 78, 107, 253, 192, 138, 136, 52, 159, 219, - ]; - - let mut uc_bytes = [42; 32]; - let mut uc_bytes_two = [43; 32]; - let mut uc_out: [u8; 32] = [0; 32]; - let mut uc_data: [urcrypt_aes_siv_data; 2] = [ - urcrypt_aes_siv_data { - bytes: uc_bytes.as_mut_ptr(), - length: uc_bytes.len(), - }, - urcrypt_aes_siv_data { - bytes: uc_bytes_two.as_mut_ptr(), - length: uc_bytes_two.len(), - }, - ]; - - unsafe { - urcrypt_aes_siva_de( - message.as_mut_ptr(), - message.len(), - uc_data.as_mut_ptr(), - uc_data.len(), - key.as_mut_ptr(), - iv.as_mut_ptr(), - uc_out.as_mut_ptr(), - ) - }; - - let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; - let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_siva_de(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out).unwrap(); - - assert_eq!(ac_out, uc_out); + todo!(); } #[test] fn test_aes_siva_en() { - let mut key: [u8; 32] = [42; 32]; - let mut message: [u8; 32] = [42; 32]; - let mut iv: [u8; 16] = [42; 16]; + // https://datatracker.ietf.org/doc/html/rfc5297#section-4 + let mut uc_key: [u8; 32] = [255, 254, 253, 252, 251, 250, 249, 248, 247, 246, 245, 244, 243, 242, 241, 240, 240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255]; + let mut uc_message: [u8; 14] = [238, 221, 204, 187, 170, 153, 136, 119, 102, 85, 68, 51, 34, 17]; + let mut uc_iv = [0u8; 16]; - let mut uc_bytes = [42; 32]; - let mut uc_bytes_two = [43; 32]; + let mut uc_bytes = [39, 38, 37, 36, 35, 34, 33, 32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17, 16]; let mut uc_out: [u8; 32] = [0; 32]; - let mut uc_data: [urcrypt_aes_siv_data; 2] = [ + let mut uc_data: [urcrypt_aes_siv_data; 1] = [ urcrypt_aes_siv_data { bytes: uc_bytes.as_mut_ptr(), length: uc_bytes.len(), }, - urcrypt_aes_siv_data { - bytes: uc_bytes_two.as_mut_ptr(), - length: uc_bytes_two.len(), - }, ]; unsafe { urcrypt_aes_siva_en( - message.as_mut_ptr(), - message.len(), + uc_message.as_mut_ptr(), + uc_message.len(), uc_data.as_mut_ptr(), uc_data.len(), - key.as_mut_ptr(), - iv.as_mut_ptr(), + uc_key.as_mut_ptr(), + uc_iv.as_mut_ptr(), uc_out.as_mut_ptr(), ) }; - let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; + let mut ac_key: [u8; 32] = [255, 254, 253, 252, 251, 250, 249, 248, 247, 246, 245, 244, 243, 242, 241, 240, 240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255]; + let mut ac_message: [u8; 14] = [238, 221, 204, 187, 170, 153, 136, 119, 102, 85, 68, 51, 34, 17]; + let mut ac_iv = [0u8; 16]; + + let ac_data: &mut[&mut [u8]] = &mut[&mut [39, 38, 37, 36, 35, 34, 33, 32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17, 16]]; let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_siva_en(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out).unwrap(); + ac_aes_siva_en(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); assert_eq!(ac_out, uc_out); } @@ -310,46 +285,7 @@ mod urcrypt_tests { #[test] fn test_aes_sivb_de() { - let mut key: [u8; 48] = [42; 48]; - let mut message: [u8; 32] = [ - 20, 249, 192, 238, 22, 92, 186, 62, 26, 194, 51, 61, 88, 148, 89, 208, 114, 24, 67, 99, - 35, 241, 247, 133, 64, 18, 144, 54, 126, 121, 100, 145, - ]; - let mut iv: [u8; 16] = [ - 9, 146, 75, 192, 45, 169, 211, 188, 36, 212, 236, 80, 49, 197, 78, 141, - ]; - - let mut uc_bytes = [42; 32]; - let mut uc_bytes_two = [43; 32]; - let mut uc_out: [u8; 32] = [0; 32]; - let mut uc_data: [urcrypt_aes_siv_data; 2] = [ - urcrypt_aes_siv_data { - bytes: uc_bytes.as_mut_ptr(), - length: uc_bytes.len(), - }, - urcrypt_aes_siv_data { - bytes: uc_bytes_two.as_mut_ptr(), - length: uc_bytes_two.len(), - }, - ]; - - unsafe { - urcrypt_aes_sivb_de( - message.as_mut_ptr(), - message.len(), - uc_data.as_mut_ptr(), - uc_data.len(), - key.as_mut_ptr(), - iv.as_mut_ptr(), - uc_out.as_mut_ptr(), - ) - }; - - let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; - let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_sivb_de(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out).unwrap(); - - assert_eq!(ac_out, uc_out); + todo!(); } #[test] @@ -393,45 +329,6 @@ mod urcrypt_tests { #[test] fn test_aes_sivc_de() { - let mut key: [u8; 64] = [42; 64]; - let mut message: [u8; 32] = [ - 213, 96, 61, 200, 217, 8, 33, 147, 58, 213, 99, 8, 221, 23, 89, 206, 164, 237, 59, 231, - 235, 50, 93, 122, 50, 202, 78, 248, 218, 41, 170, 175, - ]; - let mut iv: [u8; 16] = [ - 105, 123, 123, 122, 45, 244, 179, 136, 167, 164, 134, 30, 97, 14, 241, 223, - ]; - - let mut uc_bytes = [42; 32]; - let mut uc_bytes_two = [43; 32]; - let mut uc_out: [u8; 32] = [0; 32]; - let mut uc_data: [urcrypt_aes_siv_data; 2] = [ - urcrypt_aes_siv_data { - bytes: uc_bytes.as_mut_ptr(), - length: uc_bytes.len(), - }, - urcrypt_aes_siv_data { - bytes: uc_bytes_two.as_mut_ptr(), - length: uc_bytes_two.len(), - }, - ]; - - unsafe { - urcrypt_aes_sivc_de( - message.as_mut_ptr(), - message.len(), - uc_data.as_mut_ptr(), - uc_data.len(), - key.as_mut_ptr(), - iv.as_mut_ptr(), - uc_out.as_mut_ptr(), - ) - }; - - let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; - let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_sivc_de(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out).unwrap(); - - assert_eq!(ac_out, uc_out); + todo!(); } } From cf6a347929f91ee3840c50e6e8bd6db8fe6c2740 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Wed, 20 Dec 2023 21:16:19 -0500 Subject: [PATCH 24/40] files: remove `.vscode` --- .vscode/settings.json | 6 ------ 1 file changed, 6 deletions(-) delete mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index 481d591..0000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "rust-analyzer.linkedProjects": [ - "./rust/ares/Cargo.toml", - "./rust/ares_crypto/Cargo.toml" - ], -} From 0f6c8b4659f3402fa5787fa88cd648a74bfbc89f Mon Sep 17 00:00:00 2001 From: Edward Amsden Date: Thu, 21 Dec 2023 07:51:44 -0600 Subject: [PATCH 25/40] noun: add IndirectAtom::new_raw_mut_bytearray to allocate indirect atoms with mutable memory returned as a reference to a fixed-sized byte array. --- rust/ares/src/noun.rs | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/rust/ares/src/noun.rs b/rust/ares/src/noun.rs index 0c5008b..6702b35 100644 --- a/rust/ares/src/noun.rs +++ b/rust/ares/src/noun.rs @@ -441,6 +441,15 @@ impl IndirectAtom { (noun, from_raw_parts_mut(ptr as *mut u8, size)) } + /// Create an indirect atom backed by a fixed-size array + pub unsafe fn new_raw_mut_bytearray<'a, const N: usize, A: NounAllocator>( + allocator: &mut A, + ) -> (Self, &'a mut [u8; N]) { + let word_size = (std::mem::size_of::<[u8; N]>() + 7) << 3; + let (noun, ptr) = Self::new_raw_mut_zeroed(allocator, word_size); + (noun, &mut *(ptr as *mut [u8; N])) + } + /** Size of an indirect atom in 64-bit words */ pub fn size(&self) -> usize { unsafe { *(self.to_raw_pointer().add(1)) as usize } From 7155e9909ae37629b7dd818dd9305b64e1843d59 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Thu, 21 Dec 2023 10:25:28 -0500 Subject: [PATCH 26/40] jets: use explicitly sized byte arrays in `ed` jets --- rust/ares/src/jets/lock/ed.rs | 21 ++++++++------------- 1 file changed, 8 insertions(+), 13 deletions(-) diff --git a/rust/ares/src/jets/lock/ed.rs b/rust/ares/src/jets/lock/ed.rs index 5d1abbe..6466cd4 100644 --- a/rust/ares/src/jets/lock/ed.rs +++ b/rust/ares/src/jets/lock/ed.rs @@ -2,6 +2,7 @@ use crate::interpreter::{Context, Error}; use crate::jets::bits::util::met; use crate::jets::util::slot; use crate::jets::{JetErr, Result}; +use crate::mem::NockStack; use crate::noun::{IndirectAtom, Noun, D, NO, YES}; use ares_crypto::ed25519::{ac_ed_puck, ac_ed_shar, ac_ed_sign, ac_ed_veri}; @@ -19,10 +20,8 @@ pub fn jet_puck(context: &mut Context, subject: Noun) -> Result { let mut sed_bytes = &mut [0u8; 32]; sed_bytes.copy_from_slice(&(sed.as_bytes())[0..32]); - let (mut pub_ida, pub_key) = IndirectAtom::new_raw_mut_bytes(stack, 32); - let tmp = &mut [0u8; 32]; - ac_ed_puck(&mut sed_bytes, tmp); - pub_key.copy_from_slice(tmp); + let (mut pub_ida, pub_key) = IndirectAtom::new_raw_mut_bytearray::<32, NockStack>(stack); + ac_ed_puck(&mut sed_bytes, pub_key); Ok(pub_ida.normalize_as_atom().as_noun()) } @@ -53,10 +52,8 @@ pub fn jet_shar(context: &mut Context, subject: Noun) -> Result { public[0..pub_bytes.len()].copy_from_slice(pub_bytes); secret[0..pub_bytes.len()].copy_from_slice(sec_bytes); - let (mut shar_ida, shar) = IndirectAtom::new_raw_mut_bytes(stack, 32); - let tmp = &mut [0u8; 32]; - ac_ed_shar(public, secret, tmp); - shar.copy_from_slice(tmp); + let (mut shar_ida, shar) = IndirectAtom::new_raw_mut_bytearray::<32, NockStack>(stack); + ac_ed_shar(public, secret, shar); Ok(shar_ida.normalize_as_atom().as_noun()) } @@ -78,11 +75,9 @@ pub fn jet_sign(context: &mut Context, subject: Noun) -> Result { let msg_len = met(3, msg); let message = &mut (msg.as_mut_bytes())[0..msg_len]; // drop trailing zeros - let (mut sig_ida, sig) = IndirectAtom::new_raw_mut_bytes(stack, 64); - let tmp = &mut [0u8; 64]; - ac_ed_sign(message, seed, tmp); - tmp.reverse(); - sig.copy_from_slice(tmp); + let (mut sig_ida, sig) = IndirectAtom::new_raw_mut_bytearray::<64, NockStack>(stack); + ac_ed_sign(message, seed, sig); + sig.reverse(); Ok(sig_ida.normalize_as_atom().as_noun()) } From 769dfca33f30584ed2c9441d55fee8964f533ee6 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Thu, 21 Dec 2023 14:32:38 -0500 Subject: [PATCH 27/40] jets: simplify `aes_siv` greatly and use random inputs for tests --- rust/ares/Cargo.lock | 21 ++ rust/ares/src/jets/lock/aes.rs | 64 ++--- rust/ares/src/jets/lock/sha.rs | 2 +- rust/ares_crypto/Cargo.lock | 21 ++ rust/ares_crypto/Cargo.toml | 4 +- rust/ares_crypto/src/aes_siv.rs | 453 +++++++++++++++++++++----------- 6 files changed, 358 insertions(+), 207 deletions(-) diff --git a/rust/ares/Cargo.lock b/rust/ares/Cargo.lock index 23a871e..ed8bdea 100644 --- a/rust/ares/Cargo.lock +++ b/rust/ares/Cargo.lock @@ -90,6 +90,7 @@ dependencies = [ "curve25519-dalek", "ed25519-dalek", "ibig 0.3.6 (registry+https://github.com/rust-lang/crates.io-index)", + "rand", "sha1", "sha2", "urcrypt-sys", @@ -543,6 +544,17 @@ dependencies = [ "version_check", ] +[[package]] +name = "getrandom" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fe9006bed769170c11f845cf00c7c1e9092aeb3f268e007c3e760ac68008070f" +dependencies = [ + "cfg-if", + "libc", + "wasi", +] + [[package]] name = "glob" version = "0.3.1" @@ -874,6 +886,9 @@ name = "rand_core" version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom", +] [[package]] name = "rayon" @@ -1157,6 +1172,12 @@ dependencies = [ "winapi-util", ] +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + [[package]] name = "wasm-bindgen" version = "0.2.88" diff --git a/rust/ares/src/jets/lock/aes.rs b/rust/ares/src/jets/lock/aes.rs index a7bdf85..e491ffb 100644 --- a/rust/ares/src/jets/lock/aes.rs +++ b/rust/ares/src/jets/lock/aes.rs @@ -3,9 +3,6 @@ use crate::jets::bits::util::met; use crate::jets::util::slot; use crate::jets::{JetErr, Result}; use crate::noun::Noun; -use ares_crypto::aes_siv::{ - ac_aes_siva_de, ac_aes_siva_en, ac_aes_sivb_de, ac_aes_sivb_en, ac_aes_sivc_de, ac_aes_sivc_en, -}; crate::gdb!(); @@ -26,7 +23,7 @@ pub fn jet_siva_en(context: &mut Context, subject: Noun) -> Result { let key_bytes = &mut [0u8; 32]; key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); - util::_siv_en(stack, key_bytes, ads, txt, ac_aes_siva_en) + util::_siv_en::<32>(stack, key_bytes, ads, txt) } } @@ -44,7 +41,7 @@ pub fn jet_siva_de(context: &mut Context, subject: Noun) -> Result { let key_bytes = &mut [0u8; 32]; key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); - util::_siv_de(stack, key_bytes, ads, iv, len, txt, ac_aes_siva_de) + util::_siv_de::<32>(stack, key_bytes, ads, iv, len, txt) } } @@ -60,7 +57,7 @@ pub fn jet_sivb_en(context: &mut Context, subject: Noun) -> Result { let key_bytes = &mut [0u8; 48]; key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); - util::_siv_en(stack, key_bytes, ads, txt, ac_aes_sivb_en) + util::_siv_en::<48>(stack, key_bytes, ads, txt) } } @@ -78,7 +75,7 @@ pub fn jet_sivb_de(context: &mut Context, subject: Noun) -> Result { let key_bytes = &mut [0u8; 48]; key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); - util::_siv_de(stack, key_bytes, ads, iv, len, txt, ac_aes_sivb_de) + util::_siv_de::<48>(stack, key_bytes, ads, iv, len, txt) } } @@ -94,7 +91,7 @@ pub fn jet_sivc_en(context: &mut Context, subject: Noun) -> Result { let key_bytes = &mut [0u8; 64]; key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); - util::_siv_en(stack, key_bytes, ads, txt, ac_aes_sivc_en) + util::_siv_en::<64>(stack, key_bytes, ads, txt) } } @@ -112,7 +109,7 @@ pub fn jet_sivc_de(context: &mut Context, subject: Noun) -> Result { let key_bytes = &mut [0u8; 64]; key_bytes[0..key.as_bytes().len()].copy_from_slice(key.as_bytes()); - util::_siv_de(stack, key_bytes, ads, iv, len, txt, ac_aes_sivc_de) + util::_siv_de::<64>(stack, key_bytes, ads, iv, len, txt) } } @@ -123,8 +120,8 @@ mod util { use crate::jets::{JetErr, Result}; use crate::mem::NockStack; use crate::noun::{Atom, IndirectAtom, Noun, D, T}; + use ares_crypto::aes_siv::{ac_aes_siv_de, ac_aes_siv_en}; use std::result; - use ares_crypto::aes_siv; /// Associated data for AES-SIV functions. struct AcAesSivData { @@ -132,14 +129,6 @@ mod util { length: usize, } - type AcAesSiv = fn( - key: &mut [u8], - message: &mut [u8], - data: &mut [&mut [u8]], - iv: &mut [u8], - out: &mut [u8], - ) -> result::Result<(), aes_siv::Error>; - /// Allocates a noun list as an array of AesSivData structs on the NockStack /// for use as associated data in AES-SIV functions. fn _allocate_ads( @@ -177,12 +166,11 @@ mod util { Ok(siv_data) } - pub fn _siv_en( + pub fn _siv_en( stack: &mut NockStack, - key: &mut [u8], + key: &mut [u8; N], ads: Noun, mut txt: Atom, - fun: AcAesSiv, ) -> Result { unsafe { let ac_siv_data = _allocate_ads(stack, ads)?; @@ -194,28 +182,16 @@ mod util { let txt_len = met(3, txt); let txt_bytes = &mut (txt.as_mut_bytes()[0..txt_len]); - let (mut iv, iv_bytes) = IndirectAtom::new_raw_mut_bytes(stack, 16); + let (mut iv, iv_bytes) = IndirectAtom::new_raw_mut_bytearray::<16, NockStack>(stack); match txt_len { 0 => { - fun( - key, - txt_bytes, - siv_data, - iv_bytes, - &mut [0u8; 0], - ).unwrap(); + ac_aes_siv_en::(key, txt_bytes, siv_data, iv_bytes, &mut [0u8; 0]).unwrap(); Ok(T(stack, &[iv.normalize_as_atom().as_noun(), D(0), D(0)])) } _ => { let (mut out_atom, out_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); - fun( - key, - txt_bytes, - siv_data, - iv_bytes, - out_bytes - ).unwrap(); + ac_aes_siv_en::(key, txt_bytes, siv_data, iv_bytes, out_bytes).unwrap(); Ok(T( stack, &[ @@ -229,14 +205,13 @@ mod util { } } - pub fn _siv_de( + pub fn _siv_de( stack: &mut NockStack, - key: &mut [u8], + key: &mut [u8; N], ads: Noun, mut iv: Atom, len: Atom, mut txt: Atom, - fun: AcAesSiv ) -> Result { unsafe { let txt_len = match len.as_direct() { @@ -245,7 +220,8 @@ mod util { }; let txt_bytes = &mut (txt.as_mut_bytes()[0..txt_len]); - let iv_bytes = &mut (iv.as_mut_bytes()[0..16]); + let iv_bytes = &mut [0u8; 16]; + iv_bytes.copy_from_slice(&iv.as_mut_bytes()[0..16]); let ac_siv_data = _allocate_ads(stack, ads)?; let siv_data: &mut [&mut [u8]] = std::slice::from_raw_parts_mut( @@ -254,13 +230,7 @@ mod util { ); let (mut out_atom, out_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); - fun( - key, - txt_bytes, - siv_data, - iv_bytes, - out_bytes - ).unwrap(); + ac_aes_siv_de::(key, txt_bytes, siv_data, iv_bytes, out_bytes).unwrap(); Ok(T(stack, &[D(0), out_atom.normalize_as_atom().as_noun()])) } } diff --git a/rust/ares/src/jets/lock/sha.rs b/rust/ares/src/jets/lock/sha.rs index ce73706..757c928 100644 --- a/rust/ares/src/jets/lock/sha.rs +++ b/rust/ares/src/jets/lock/sha.rs @@ -67,7 +67,7 @@ pub fn jet_shal(context: &mut Context, subject: Noun) -> Result { let wid = slot(sam, 2)?.as_atom()?; let mut dat = slot(sam, 3)?.as_atom()?; - let width = match wid.as_direct() { + let _width = match wid.as_direct() { Ok(direct) => direct.data() as usize, Err(_) => return Err(JetErr::Fail(Error::NonDeterministic(D(0)))), }; diff --git a/rust/ares_crypto/Cargo.lock b/rust/ares_crypto/Cargo.lock index 46b1cc0..ce4fb77 100644 --- a/rust/ares_crypto/Cargo.lock +++ b/rust/ares_crypto/Cargo.lock @@ -58,6 +58,7 @@ dependencies = [ "curve25519-dalek", "ed25519-dalek", "ibig", + "rand", "sha1", "sha2", "urcrypt-sys", @@ -290,6 +291,17 @@ dependencies = [ "version_check", ] +[[package]] +name = "getrandom" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fe9006bed769170c11f845cf00c7c1e9092aeb3f268e007c3e760ac68008070f" +dependencies = [ + "cfg-if", + "libc", + "wasi", +] + [[package]] name = "glob" version = "0.3.1" @@ -463,6 +475,9 @@ name = "rand_core" version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom", +] [[package]] name = "regex" @@ -612,6 +627,12 @@ version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + [[package]] name = "which" version = "4.4.2" diff --git a/rust/ares_crypto/Cargo.toml b/rust/ares_crypto/Cargo.toml index 4687d85..892197a 100644 --- a/rust/ares_crypto/Cargo.toml +++ b/rust/ares_crypto/Cargo.toml @@ -24,6 +24,8 @@ aes-siv = { version = "0.7.0", default-features = false, optional = true } sha1 = { version = "0.10.6", default-features = false, optional = true } sha2 = { version = "0.10.8", default-features = false, optional = true } +# test_vs_urcrypt +rand = { version = "0.8.4", default-features = false, features = ["getrandom"], optional = true } urcrypt-sys = { version = "0.1.1", optional = true } [features] @@ -32,4 +34,4 @@ default = ["aes_siv", "ed25519", "sha", "test_vs_urcrypt"] aes_siv = ["aes", "aes-siv"] ed25519 = ["curve25519-dalek", "ed25519-dalek", "x25519-dalek"] sha = ["sha1", "sha2"] -test_vs_urcrypt = ["urcrypt-sys"] +test_vs_urcrypt = ["urcrypt-sys", "rand"] diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index 7ec2c5f..68bd684 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -12,12 +12,12 @@ pub enum Error { CipherNotAuthentic, } -pub fn _ac_aes_siv_en( - key: &mut [u8], +/// AES-SIV encryption function. +pub fn ac_aes_siv_en ( + key: &mut [u8; N], message: &mut [u8], data: &mut [&mut [u8]], - // iv: &mut [u8; 16], - iv: &mut [u8], + iv: &mut [u8; 16], out: &mut [u8], ) -> Result<(), Error> { key.reverse(); @@ -27,8 +27,8 @@ pub fn _ac_aes_siv_en( } let iv_tag; - if key.len() == 32 { - if let Ok(mut cipher) = Aes128Siv::new_from_slice(&key) { + if N == 32 { + if let Ok(mut cipher) = Aes128Siv::new_from_slice(key) { match cipher.encrypt_in_place_detached(data, message) { Ok(tag) => iv_tag = tag, Err(_) => return Err(Error::InvalidOutputLength), @@ -36,8 +36,8 @@ pub fn _ac_aes_siv_en( } else { return Err(Error::InvalidKeyLength); } - } else if key.len() == 48 { - if let Ok(mut cipher) = Aes192Siv::new_from_slice(&key) { + } else if N == 48 { + if let Ok(mut cipher) = Aes192Siv::new_from_slice(key) { match cipher.encrypt_in_place_detached(data, message) { Ok(tag) => iv_tag = tag, Err(_) => return Err(Error::InvalidOutputLength), @@ -45,8 +45,8 @@ pub fn _ac_aes_siv_en( } else { return Err(Error::InvalidKeyLength); } - } else if key.len() == 64 { - if let Ok(mut cipher) = Aes256Siv::new_from_slice(&key) { + } else if N == 64 { + if let Ok(mut cipher) = Aes256Siv::new_from_slice(key) { match cipher.encrypt_in_place_detached(data, message) { Ok(tag) => iv_tag = tag, Err(_) => return Err(Error::InvalidOutputLength), @@ -60,17 +60,18 @@ pub fn _ac_aes_siv_en( let mut iv_slice = iv_tag.as_slice().to_owned(); iv_slice.reverse(); iv.copy_from_slice(&iv_slice); + key.reverse(); message.reverse(); out[0..message.len()].copy_from_slice(message); Ok(()) } -pub fn _ac_aes_siv_de( - key: &mut [u8], +/// AES-SIV decryption function. +pub fn ac_aes_siv_de ( + key: &mut [u8; N], message: &mut [u8], data: &mut [&mut [u8]], - // iv: &mut [u8; 16], - iv: &mut [u8], + iv: &mut [u8; 16], out: &mut [u8], ) -> Result<(), Error> { key.reverse(); @@ -81,8 +82,8 @@ pub fn _ac_aes_siv_de( } let iv_array = GenericArray::from_slice(iv); - if key.len() == 32 { - if let Ok(mut cipher) = Aes128Siv::new_from_slice(&key) { + if N == 32 { + if let Ok(mut cipher) = Aes128Siv::new_from_slice(key) { match cipher.decrypt_in_place_detached(data, message, iv_array) { Ok(_) => (), Err(_) => return Err(Error::CipherNotAuthentic), @@ -90,8 +91,8 @@ pub fn _ac_aes_siv_de( } else { return Err(Error::InvalidKeyLength); } - } else if key.len() == 48 { - if let Ok(mut cipher) = Aes192Siv::new_from_slice(&key) { + } else if N == 48 { + if let Ok(mut cipher) = Aes192Siv::new_from_slice(key) { match cipher.decrypt_in_place_detached(data, message, iv_array) { Ok(_) => (), Err(_) => return Err(Error::CipherNotAuthentic), @@ -99,8 +100,8 @@ pub fn _ac_aes_siv_de( } else { return Err(Error::InvalidKeyLength); } - } else if key.len() == 64 { - if let Ok(mut cipher) = Aes256Siv::new_from_slice(&key) { + } else if N == 64 { + if let Ok(mut cipher) = Aes256Siv::new_from_slice(key) { match cipher.decrypt_in_place_detached(data, message, iv_array) { Ok(_) => (), Err(_) => return Err(Error::CipherNotAuthentic), @@ -111,115 +112,82 @@ pub fn _ac_aes_siv_de( } else { return Err(Error::InvalidKeyLength); } + key.reverse(); message.reverse(); out.copy_from_slice(message); Ok(()) } -pub fn ac_aes_siva_en( - // key: &mut [u8; 32], - key: &mut [u8], - message: &mut [u8], - data: &mut [&mut [u8]], - // iv: &mut [u8; 16], - iv: &mut [u8], - out: &mut [u8], -) -> Result<(), Error> { - _ac_aes_siv_en(key, message, data, iv, out) -} - -pub fn ac_aes_siva_de( - // key: &mut [u8; 32], - key: &mut [u8], - message: &mut [u8], - data: &mut [&mut [u8]], - // iv: &mut [u8; 16], - iv: &mut [u8], - out: &mut [u8], -) -> Result<(), Error> { - _ac_aes_siv_de(key, message, data, iv, out) -} - -pub fn ac_aes_sivb_en( - // key: &mut [u8; 48], - key: &mut [u8], - message: &mut [u8], - data: &mut [&mut [u8]], - // iv: &mut [u8; 16], - iv: &mut [u8], - out: &mut [u8], -) -> Result<(), Error> { - _ac_aes_siv_en(key, message, data, iv, out) -} - -pub fn ac_aes_sivb_de( - // key: &mut [u8; 48], - key: &mut [u8], - message: &mut [u8], - data: &mut [&mut [u8]], - // iv: &mut [u8; 16], - iv: &mut [u8], - out: &mut [u8], -) -> Result<(), Error> { - _ac_aes_siv_de(key, message, data, iv, out) -} - -pub fn ac_aes_sivc_en( - // key: &mut [u8; 64], - key: &mut [u8], - message: &mut [u8], - data: &mut [&mut [u8]], - // iv: &mut [u8; 16], - iv: &mut [u8], - out: &mut [u8], -) -> Result<(), Error> { - _ac_aes_siv_en(key, message, data, iv, out) -} - -pub fn ac_aes_sivc_de( - // key: &mut [u8; 64], - key: &mut [u8], - message: &mut [u8], - data: &mut [&mut [u8]], - // iv: &mut [u8; 16], - iv: &mut [u8], - out: &mut [u8], -) -> Result<(), Error> { - _ac_aes_siv_de(key, message, data, iv, out) -} - #[cfg(test)] #[cfg(feature = "test_vs_urcrypt")] mod urcrypt_tests { - use super::{ - ac_aes_siva_de, ac_aes_siva_en, ac_aes_sivb_de, ac_aes_sivb_en, ac_aes_sivc_de, - ac_aes_sivc_en, - }; + use aes_siv::{siv::Aes128Siv, KeyInit, aead::rand_core::CryptoRngCore}; + use rand::{rngs::OsRng, Rng}; + use super::{ac_aes_siv_de, ac_aes_siv_en}; use urcrypt_sys::{ urcrypt_aes_siv_data, urcrypt_aes_siva_de, urcrypt_aes_siva_en, urcrypt_aes_sivb_de, urcrypt_aes_sivb_en, urcrypt_aes_sivc_de, urcrypt_aes_sivc_en, }; - #[test] - fn test_aes_siva_de() { - todo!(); + /// Helper function that generates a random key, message, and associated data, + /// encrypts the message, then writes the key, resulting ciphertext, data and + /// iv to the provided buffers. + fn _encrypt( + key: &mut [u8], + cipher: &mut [u8], + iv: &mut [u8], + data: &mut [&mut [u8]], + ) { + let mut osrng = OsRng; + let csprng = osrng.as_rngcore(); + + let ac_key = &mut [0u8; N]; + let ac_message = &mut [0u8; 1024]; + let ac_iv = &mut [0u8; 16]; + let ac_bytes = &mut [0u8; 32]; + + csprng.fill_bytes(ac_key); + csprng.fill_bytes(ac_message); + csprng.fill_bytes(ac_bytes); + + let ac_data: &mut [&mut [u8]] = &mut [ac_bytes]; + let ac_out = &mut [0u8; 1024]; + + ac_aes_siv_en::(ac_key, ac_message, ac_data, ac_iv, ac_out).unwrap(); + + key.copy_from_slice(ac_key); + cipher.copy_from_slice(ac_out); + iv.copy_from_slice(ac_iv); + for i in 0..data.len() { + data[i].copy_from_slice(ac_data[i]); + } } #[test] - fn test_aes_siva_en() { - // https://datatracker.ietf.org/doc/html/rfc5297#section-4 - let mut uc_key: [u8; 32] = [255, 254, 253, 252, 251, 250, 249, 248, 247, 246, 245, 244, 243, 242, 241, 240, 240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255]; - let mut uc_message: [u8; 14] = [238, 221, 204, 187, 170, 153, 136, 119, 102, 85, 68, 51, 34, 17]; + fn test_aes_siva_de() { + let mut uc_key = [0u8; 32]; + let mut uc_message = [0u8; 56]; let mut uc_iv = [0u8; 16]; - - let mut uc_bytes = [39, 38, 37, 36, 35, 34, 33, 32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17, 16]; - let mut uc_out: [u8; 32] = [0; 32]; + let mut uc_bytes = [0u8; 32]; + let mut osrng = OsRng; + let csprng = osrng.as_rngcore(); + csprng.fill_bytes(&mut uc_key); + csprng.fill_bytes(&mut uc_message); + csprng.fill_bytes(&mut uc_bytes); let mut uc_data: [urcrypt_aes_siv_data; 1] = [ urcrypt_aes_siv_data { bytes: uc_bytes.as_mut_ptr(), length: uc_bytes.len(), }, ]; + let mut uc_out = [0u8; 56]; + + let mut ac_key = uc_key.clone(); + let mut ac_message = uc_message.clone(); + let mut ac_iv = [0u8; 16]; + let mut ac_bytes = uc_bytes.clone(); + let ac_data: &mut [&mut [u8]] = &mut [&mut ac_bytes]; + let mut ac_out = [0u8; 56]; unsafe { urcrypt_aes_siva_en( @@ -233,102 +201,271 @@ mod urcrypt_tests { ) }; - let mut ac_key: [u8; 32] = [255, 254, 253, 252, 251, 250, 249, 248, 247, 246, 245, 244, 243, 242, 241, 240, 240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255]; - let mut ac_message: [u8; 14] = [238, 221, 204, 187, 170, 153, 136, 119, 102, 85, 68, 51, 34, 17]; - let mut ac_iv = [0u8; 16]; + ac_aes_siv_en::<32>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); - let ac_data: &mut[&mut [u8]] = &mut[&mut [39, 38, 37, 36, 35, 34, 33, 32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17, 16]]; - let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_siva_en(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); + let mut uc_dec_out = [0u8; 56]; + unsafe { + urcrypt_aes_siva_de( + uc_message.as_mut_ptr(), + uc_message.len(), + uc_data.as_mut_ptr(), + uc_data.len(), + uc_key.as_mut_ptr(), + uc_iv.as_mut_ptr(), + uc_dec_out.as_mut_ptr(), + ) + }; + + let mut ac_dec_out = [0u8; 56]; + ac_aes_siv_de::<32>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_dec_out).unwrap(); + + assert_eq!(ac_dec_out, uc_dec_out); + } + + #[test] + fn test_aes_siva_en() { + let mut uc_key = [0u8; 32]; + let mut uc_message = [0u8; 56]; + let mut uc_iv = [0u8; 16]; + let mut uc_bytes = [0u8; 32]; + let mut osrng = OsRng; + let csprng = osrng.as_rngcore(); + csprng.fill_bytes(&mut uc_key); + csprng.fill_bytes(&mut uc_message); + csprng.fill_bytes(&mut uc_bytes); + let mut uc_data: [urcrypt_aes_siv_data; 1] = [ + urcrypt_aes_siv_data { + bytes: uc_bytes.as_mut_ptr(), + length: uc_bytes.len(), + }, + ]; + let mut uc_out = [0u8; 56]; + + let mut ac_key = uc_key.clone(); + let mut ac_message = uc_message.clone(); + let mut ac_iv = [0u8; 16]; + let mut ac_bytes = uc_bytes.clone(); + let ac_data: &mut [&mut [u8]] = &mut [&mut ac_bytes]; + let mut ac_out = [0u8; 56]; + + unsafe { + urcrypt_aes_siva_en( + uc_message.as_mut_ptr(), + uc_message.len(), + uc_data.as_mut_ptr(), + uc_data.len(), + uc_key.as_mut_ptr(), + uc_iv.as_mut_ptr(), + uc_out.as_mut_ptr(), + ) + }; + + ac_aes_siv_en::<32>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); assert_eq!(ac_out, uc_out); } #[test] fn test_aes_sivb_en() { - let mut key: [u8; 48] = [42; 48]; - let mut message: [u8; 32] = [42; 32]; - let mut iv: [u8; 16] = [42; 16]; - - let mut uc_bytes = [42; 32]; - let mut uc_bytes_two = [43; 32]; - let mut uc_out: [u8; 32] = [0; 32]; - let mut uc_data: [urcrypt_aes_siv_data; 2] = [ + let mut uc_key = [0u8; 48]; + let mut uc_message = [0u8; 56]; + let mut uc_iv = [0u8; 16]; + let mut uc_bytes = [0u8; 32]; + let mut osrng = OsRng; + let csprng = osrng.as_rngcore(); + csprng.fill_bytes(&mut uc_key); + csprng.fill_bytes(&mut uc_message); + csprng.fill_bytes(&mut uc_bytes); + let mut uc_data: [urcrypt_aes_siv_data; 1] = [ urcrypt_aes_siv_data { bytes: uc_bytes.as_mut_ptr(), length: uc_bytes.len(), }, - urcrypt_aes_siv_data { - bytes: uc_bytes_two.as_mut_ptr(), - length: uc_bytes_two.len(), - }, ]; + let mut uc_out = [0u8; 56]; + + let mut ac_key = uc_key.clone(); + let mut ac_message = uc_message.clone(); + let mut ac_iv = [0u8; 16]; + let mut ac_bytes = uc_bytes.clone(); + let ac_data: &mut [&mut [u8]] = &mut [&mut ac_bytes]; + let mut ac_out = [0u8; 56]; unsafe { - urcrypt_aes_sivb_en( - message.as_mut_ptr(), - message.len(), + urcrypt_aes_siva_en( + uc_message.as_mut_ptr(), + uc_message.len(), uc_data.as_mut_ptr(), uc_data.len(), - key.as_mut_ptr(), - iv.as_mut_ptr(), + uc_key.as_mut_ptr(), + uc_iv.as_mut_ptr(), uc_out.as_mut_ptr(), ) }; - let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; - let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_sivb_en(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out).unwrap(); + ac_aes_siv_en::<48>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); assert_eq!(ac_out, uc_out); } #[test] fn test_aes_sivb_de() { - todo!(); - } - - #[test] - fn test_aes_sivc_en() { - let mut key: [u8; 64] = [42; 64]; - let mut message: [u8; 32] = [42; 32]; - let mut iv: [u8; 16] = [42; 16]; - - let mut uc_bytes = [42; 32]; - let mut uc_bytes_two = [43; 32]; - let mut uc_out: [u8; 32] = [0; 32]; - let mut uc_data: [urcrypt_aes_siv_data; 2] = [ + let mut uc_key = [0u8; 48]; + let mut uc_message = [0u8; 56]; + let mut uc_iv = [0u8; 16]; + let mut uc_bytes = [0u8; 32]; + let mut osrng = OsRng; + let csprng = osrng.as_rngcore(); + csprng.fill_bytes(&mut uc_key); + csprng.fill_bytes(&mut uc_message); + csprng.fill_bytes(&mut uc_bytes); + let mut uc_data: [urcrypt_aes_siv_data; 1] = [ urcrypt_aes_siv_data { bytes: uc_bytes.as_mut_ptr(), length: uc_bytes.len(), }, - urcrypt_aes_siv_data { - bytes: uc_bytes_two.as_mut_ptr(), - length: uc_bytes_two.len(), - }, ]; + let mut uc_out = [0u8; 56]; + + let mut ac_key = uc_key.clone(); + let mut ac_message = uc_message.clone(); + let mut ac_iv = [0u8; 16]; + let mut ac_bytes = uc_bytes.clone(); + let ac_data: &mut [&mut [u8]] = &mut [&mut ac_bytes]; + let mut ac_out = [0u8; 56]; unsafe { - urcrypt_aes_sivc_en( - message.as_mut_ptr(), - message.len(), + urcrypt_aes_sivb_en( + uc_message.as_mut_ptr(), + uc_message.len(), uc_data.as_mut_ptr(), uc_data.len(), - key.as_mut_ptr(), - iv.as_mut_ptr(), + uc_key.as_mut_ptr(), + uc_iv.as_mut_ptr(), uc_out.as_mut_ptr(), ) }; - let mut ac_data: [&mut [u8]; 2] = [&mut uc_bytes, &mut uc_bytes_two]; - let mut ac_out: [u8; 32] = [0; 32]; - ac_aes_sivc_en(&mut key, &mut message, &mut ac_data, &mut iv, &mut ac_out).unwrap(); + ac_aes_siv_en::<48>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); + + let mut uc_dec_out = [0u8; 56]; + unsafe { + urcrypt_aes_sivb_de( + uc_message.as_mut_ptr(), + uc_message.len(), + uc_data.as_mut_ptr(), + uc_data.len(), + uc_key.as_mut_ptr(), + uc_iv.as_mut_ptr(), + uc_dec_out.as_mut_ptr(), + ) + }; + + let mut ac_dec_out = [0u8; 56]; + ac_aes_siv_de::<48>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_dec_out).unwrap(); + + assert_eq!(ac_dec_out, uc_dec_out); + } + + #[test] + fn test_aes_sivc_en() { + let mut uc_key = [0u8; 64]; + let mut uc_message = [0u8; 56]; + let mut uc_iv = [0u8; 16]; + let mut uc_bytes = [0u8; 32]; + let mut osrng = OsRng; + let csprng = osrng.as_rngcore(); + csprng.fill_bytes(&mut uc_key); + csprng.fill_bytes(&mut uc_message); + csprng.fill_bytes(&mut uc_bytes); + let mut uc_data: [urcrypt_aes_siv_data; 1] = [ + urcrypt_aes_siv_data { + bytes: uc_bytes.as_mut_ptr(), + length: uc_bytes.len(), + }, + ]; + let mut uc_out = [0u8; 56]; + + let mut ac_key = uc_key.clone(); + let mut ac_message = uc_message.clone(); + let mut ac_iv = [0u8; 16]; + let mut ac_bytes = uc_bytes.clone(); + let ac_data: &mut [&mut [u8]] = &mut [&mut ac_bytes]; + let mut ac_out = [0u8; 56]; + + unsafe { + urcrypt_aes_siva_en( + uc_message.as_mut_ptr(), + uc_message.len(), + uc_data.as_mut_ptr(), + uc_data.len(), + uc_key.as_mut_ptr(), + uc_iv.as_mut_ptr(), + uc_out.as_mut_ptr(), + ) + }; + + ac_aes_siv_en::<64>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); assert_eq!(ac_out, uc_out); } #[test] fn test_aes_sivc_de() { - todo!(); + let mut uc_key = [0u8; 64]; + let mut uc_message = [0u8; 56]; + let mut uc_iv = [0u8; 16]; + let mut uc_bytes = [0u8; 32]; + let mut osrng = OsRng; + let csprng = osrng.as_rngcore(); + csprng.fill_bytes(&mut uc_key); + csprng.fill_bytes(&mut uc_message); + csprng.fill_bytes(&mut uc_bytes); + let mut uc_data: [urcrypt_aes_siv_data; 1] = [ + urcrypt_aes_siv_data { + bytes: uc_bytes.as_mut_ptr(), + length: uc_bytes.len(), + }, + ]; + let mut uc_out = [0u8; 56]; + + let mut ac_key = uc_key.clone(); + let mut ac_message = uc_message.clone(); + let mut ac_iv = [0u8; 16]; + let mut ac_bytes = uc_bytes.clone(); + let ac_data: &mut [&mut [u8]] = &mut [&mut ac_bytes]; + let mut ac_out = [0u8; 56]; + + unsafe { + urcrypt_aes_sivc_en( + uc_message.as_mut_ptr(), + uc_message.len(), + uc_data.as_mut_ptr(), + uc_data.len(), + uc_key.as_mut_ptr(), + uc_iv.as_mut_ptr(), + uc_out.as_mut_ptr(), + ) + }; + + ac_aes_siv_en::<64>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); + + let mut uc_dec_out = [0u8; 56]; + unsafe { + urcrypt_aes_sivc_de( + uc_message.as_mut_ptr(), + uc_message.len(), + uc_data.as_mut_ptr(), + uc_data.len(), + uc_key.as_mut_ptr(), + uc_iv.as_mut_ptr(), + uc_dec_out.as_mut_ptr(), + ) + }; + + let mut ac_dec_out = [0u8; 56]; + ac_aes_siv_de::<64>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_dec_out).unwrap(); + + assert_eq!(ac_dec_out, uc_dec_out); } } From 93a5c871787e511133ad80c0b32598dca52db0b6 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Thu, 21 Dec 2023 14:35:45 -0500 Subject: [PATCH 28/40] `ares_crypto`: remove unused imports --- rust/ares_crypto/src/aes_siv.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index 68bd684..eba0298 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -121,8 +121,8 @@ pub fn ac_aes_siv_de ( #[cfg(test)] #[cfg(feature = "test_vs_urcrypt")] mod urcrypt_tests { - use aes_siv::{siv::Aes128Siv, KeyInit, aead::rand_core::CryptoRngCore}; - use rand::{rngs::OsRng, Rng}; + use aes_siv::aead::rand_core::CryptoRngCore; + use rand::rngs::OsRng; use super::{ac_aes_siv_de, ac_aes_siv_en}; use urcrypt_sys::{ urcrypt_aes_siv_data, urcrypt_aes_siva_de, urcrypt_aes_siva_en, urcrypt_aes_sivb_de, From 82d5ebdc5214c3af7d359da19185a24d6d810b46 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Thu, 21 Dec 2023 14:51:15 -0500 Subject: [PATCH 29/40] `ares_crypto`: remove decryption tests in `aes_siv`; add comments --- rust/ares_crypto/src/aes_siv.rs | 284 +++++--------------------------- rust/ares_crypto/src/ed25519.rs | 3 + rust/ares_crypto/src/sha.rs | 6 +- 3 files changed, 52 insertions(+), 241 deletions(-) diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index eba0298..995046e 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -13,7 +13,7 @@ pub enum Error { } /// AES-SIV encryption function. -pub fn ac_aes_siv_en ( +pub fn ac_aes_siv_en( key: &mut [u8; N], message: &mut [u8], data: &mut [&mut [u8]], @@ -67,7 +67,7 @@ pub fn ac_aes_siv_en ( } /// AES-SIV decryption function. -pub fn ac_aes_siv_de ( +pub fn ac_aes_siv_de( key: &mut [u8; N], message: &mut [u8], data: &mut [&mut [u8]], @@ -120,108 +120,17 @@ pub fn ac_aes_siv_de ( #[cfg(test)] #[cfg(feature = "test_vs_urcrypt")] +/// Compare the results of the ares_crypto functions with the corresponding +/// urcrypt functions. To run, use `cargo test --features test_vs_urcrypt` +/// from the `ares/rust/ares_crypto` directory. mod urcrypt_tests { + use super::ac_aes_siv_en; use aes_siv::aead::rand_core::CryptoRngCore; use rand::rngs::OsRng; - use super::{ac_aes_siv_de, ac_aes_siv_en}; use urcrypt_sys::{ - urcrypt_aes_siv_data, urcrypt_aes_siva_de, urcrypt_aes_siva_en, urcrypt_aes_sivb_de, - urcrypt_aes_sivb_en, urcrypt_aes_sivc_de, urcrypt_aes_sivc_en, + urcrypt_aes_siv_data, urcrypt_aes_siva_en, urcrypt_aes_sivb_en, urcrypt_aes_sivc_en, }; - /// Helper function that generates a random key, message, and associated data, - /// encrypts the message, then writes the key, resulting ciphertext, data and - /// iv to the provided buffers. - fn _encrypt( - key: &mut [u8], - cipher: &mut [u8], - iv: &mut [u8], - data: &mut [&mut [u8]], - ) { - let mut osrng = OsRng; - let csprng = osrng.as_rngcore(); - - let ac_key = &mut [0u8; N]; - let ac_message = &mut [0u8; 1024]; - let ac_iv = &mut [0u8; 16]; - let ac_bytes = &mut [0u8; 32]; - - csprng.fill_bytes(ac_key); - csprng.fill_bytes(ac_message); - csprng.fill_bytes(ac_bytes); - - let ac_data: &mut [&mut [u8]] = &mut [ac_bytes]; - let ac_out = &mut [0u8; 1024]; - - ac_aes_siv_en::(ac_key, ac_message, ac_data, ac_iv, ac_out).unwrap(); - - key.copy_from_slice(ac_key); - cipher.copy_from_slice(ac_out); - iv.copy_from_slice(ac_iv); - for i in 0..data.len() { - data[i].copy_from_slice(ac_data[i]); - } - } - - #[test] - fn test_aes_siva_de() { - let mut uc_key = [0u8; 32]; - let mut uc_message = [0u8; 56]; - let mut uc_iv = [0u8; 16]; - let mut uc_bytes = [0u8; 32]; - let mut osrng = OsRng; - let csprng = osrng.as_rngcore(); - csprng.fill_bytes(&mut uc_key); - csprng.fill_bytes(&mut uc_message); - csprng.fill_bytes(&mut uc_bytes); - let mut uc_data: [urcrypt_aes_siv_data; 1] = [ - urcrypt_aes_siv_data { - bytes: uc_bytes.as_mut_ptr(), - length: uc_bytes.len(), - }, - ]; - let mut uc_out = [0u8; 56]; - - let mut ac_key = uc_key.clone(); - let mut ac_message = uc_message.clone(); - let mut ac_iv = [0u8; 16]; - let mut ac_bytes = uc_bytes.clone(); - let ac_data: &mut [&mut [u8]] = &mut [&mut ac_bytes]; - let mut ac_out = [0u8; 56]; - - unsafe { - urcrypt_aes_siva_en( - uc_message.as_mut_ptr(), - uc_message.len(), - uc_data.as_mut_ptr(), - uc_data.len(), - uc_key.as_mut_ptr(), - uc_iv.as_mut_ptr(), - uc_out.as_mut_ptr(), - ) - }; - - ac_aes_siv_en::<32>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); - - let mut uc_dec_out = [0u8; 56]; - unsafe { - urcrypt_aes_siva_de( - uc_message.as_mut_ptr(), - uc_message.len(), - uc_data.as_mut_ptr(), - uc_data.len(), - uc_key.as_mut_ptr(), - uc_iv.as_mut_ptr(), - uc_dec_out.as_mut_ptr(), - ) - }; - - let mut ac_dec_out = [0u8; 56]; - ac_aes_siv_de::<32>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_dec_out).unwrap(); - - assert_eq!(ac_dec_out, uc_dec_out); - } - #[test] fn test_aes_siva_en() { let mut uc_key = [0u8; 32]; @@ -233,12 +142,10 @@ mod urcrypt_tests { csprng.fill_bytes(&mut uc_key); csprng.fill_bytes(&mut uc_message); csprng.fill_bytes(&mut uc_bytes); - let mut uc_data: [urcrypt_aes_siv_data; 1] = [ - urcrypt_aes_siv_data { - bytes: uc_bytes.as_mut_ptr(), - length: uc_bytes.len(), - }, - ]; + let mut uc_data: [urcrypt_aes_siv_data; 1] = [urcrypt_aes_siv_data { + bytes: uc_bytes.as_mut_ptr(), + length: uc_bytes.len(), + }]; let mut uc_out = [0u8; 56]; let mut ac_key = uc_key.clone(); @@ -260,7 +167,14 @@ mod urcrypt_tests { ) }; - ac_aes_siv_en::<32>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); + ac_aes_siv_en::<32>( + &mut ac_key, + &mut ac_message, + ac_data, + &mut ac_iv, + &mut ac_out, + ) + .unwrap(); assert_eq!(ac_out, uc_out); } @@ -276,55 +190,10 @@ mod urcrypt_tests { csprng.fill_bytes(&mut uc_key); csprng.fill_bytes(&mut uc_message); csprng.fill_bytes(&mut uc_bytes); - let mut uc_data: [urcrypt_aes_siv_data; 1] = [ - urcrypt_aes_siv_data { - bytes: uc_bytes.as_mut_ptr(), - length: uc_bytes.len(), - }, - ]; - let mut uc_out = [0u8; 56]; - - let mut ac_key = uc_key.clone(); - let mut ac_message = uc_message.clone(); - let mut ac_iv = [0u8; 16]; - let mut ac_bytes = uc_bytes.clone(); - let ac_data: &mut [&mut [u8]] = &mut [&mut ac_bytes]; - let mut ac_out = [0u8; 56]; - - unsafe { - urcrypt_aes_siva_en( - uc_message.as_mut_ptr(), - uc_message.len(), - uc_data.as_mut_ptr(), - uc_data.len(), - uc_key.as_mut_ptr(), - uc_iv.as_mut_ptr(), - uc_out.as_mut_ptr(), - ) - }; - - ac_aes_siv_en::<48>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); - - assert_eq!(ac_out, uc_out); - } - - #[test] - fn test_aes_sivb_de() { - let mut uc_key = [0u8; 48]; - let mut uc_message = [0u8; 56]; - let mut uc_iv = [0u8; 16]; - let mut uc_bytes = [0u8; 32]; - let mut osrng = OsRng; - let csprng = osrng.as_rngcore(); - csprng.fill_bytes(&mut uc_key); - csprng.fill_bytes(&mut uc_message); - csprng.fill_bytes(&mut uc_bytes); - let mut uc_data: [urcrypt_aes_siv_data; 1] = [ - urcrypt_aes_siv_data { - bytes: uc_bytes.as_mut_ptr(), - length: uc_bytes.len(), - }, - ]; + let mut uc_data: [urcrypt_aes_siv_data; 1] = [urcrypt_aes_siv_data { + bytes: uc_bytes.as_mut_ptr(), + length: uc_bytes.len(), + }]; let mut uc_out = [0u8; 56]; let mut ac_key = uc_key.clone(); @@ -346,25 +215,16 @@ mod urcrypt_tests { ) }; - ac_aes_siv_en::<48>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); + ac_aes_siv_en::<48>( + &mut ac_key, + &mut ac_message, + ac_data, + &mut ac_iv, + &mut ac_out, + ) + .unwrap(); - let mut uc_dec_out = [0u8; 56]; - unsafe { - urcrypt_aes_sivb_de( - uc_message.as_mut_ptr(), - uc_message.len(), - uc_data.as_mut_ptr(), - uc_data.len(), - uc_key.as_mut_ptr(), - uc_iv.as_mut_ptr(), - uc_dec_out.as_mut_ptr(), - ) - }; - - let mut ac_dec_out = [0u8; 56]; - ac_aes_siv_de::<48>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_dec_out).unwrap(); - - assert_eq!(ac_dec_out, uc_dec_out); + assert_eq!(ac_out, uc_out); } #[test] @@ -378,55 +238,10 @@ mod urcrypt_tests { csprng.fill_bytes(&mut uc_key); csprng.fill_bytes(&mut uc_message); csprng.fill_bytes(&mut uc_bytes); - let mut uc_data: [urcrypt_aes_siv_data; 1] = [ - urcrypt_aes_siv_data { - bytes: uc_bytes.as_mut_ptr(), - length: uc_bytes.len(), - }, - ]; - let mut uc_out = [0u8; 56]; - - let mut ac_key = uc_key.clone(); - let mut ac_message = uc_message.clone(); - let mut ac_iv = [0u8; 16]; - let mut ac_bytes = uc_bytes.clone(); - let ac_data: &mut [&mut [u8]] = &mut [&mut ac_bytes]; - let mut ac_out = [0u8; 56]; - - unsafe { - urcrypt_aes_siva_en( - uc_message.as_mut_ptr(), - uc_message.len(), - uc_data.as_mut_ptr(), - uc_data.len(), - uc_key.as_mut_ptr(), - uc_iv.as_mut_ptr(), - uc_out.as_mut_ptr(), - ) - }; - - ac_aes_siv_en::<64>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); - - assert_eq!(ac_out, uc_out); - } - - #[test] - fn test_aes_sivc_de() { - let mut uc_key = [0u8; 64]; - let mut uc_message = [0u8; 56]; - let mut uc_iv = [0u8; 16]; - let mut uc_bytes = [0u8; 32]; - let mut osrng = OsRng; - let csprng = osrng.as_rngcore(); - csprng.fill_bytes(&mut uc_key); - csprng.fill_bytes(&mut uc_message); - csprng.fill_bytes(&mut uc_bytes); - let mut uc_data: [urcrypt_aes_siv_data; 1] = [ - urcrypt_aes_siv_data { - bytes: uc_bytes.as_mut_ptr(), - length: uc_bytes.len(), - }, - ]; + let mut uc_data: [urcrypt_aes_siv_data; 1] = [urcrypt_aes_siv_data { + bytes: uc_bytes.as_mut_ptr(), + length: uc_bytes.len(), + }]; let mut uc_out = [0u8; 56]; let mut ac_key = uc_key.clone(); @@ -448,24 +263,15 @@ mod urcrypt_tests { ) }; - ac_aes_siv_en::<64>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_out).unwrap(); + ac_aes_siv_en::<64>( + &mut ac_key, + &mut ac_message, + ac_data, + &mut ac_iv, + &mut ac_out, + ) + .unwrap(); - let mut uc_dec_out = [0u8; 56]; - unsafe { - urcrypt_aes_sivc_de( - uc_message.as_mut_ptr(), - uc_message.len(), - uc_data.as_mut_ptr(), - uc_data.len(), - uc_key.as_mut_ptr(), - uc_iv.as_mut_ptr(), - uc_dec_out.as_mut_ptr(), - ) - }; - - let mut ac_dec_out = [0u8; 56]; - ac_aes_siv_de::<64>(&mut ac_key, &mut ac_message, ac_data, &mut ac_iv, &mut ac_dec_out).unwrap(); - - assert_eq!(ac_dec_out, uc_dec_out); + assert_eq!(ac_out, uc_out); } } diff --git a/rust/ares_crypto/src/ed25519.rs b/rust/ares_crypto/src/ed25519.rs index 173b385..635c19e 100644 --- a/rust/ares_crypto/src/ed25519.rs +++ b/rust/ares_crypto/src/ed25519.rs @@ -120,6 +120,9 @@ mod tests { #[cfg(test)] #[cfg(feature = "test_vs_urcrypt")] +/// Compare the results of the ares_crypto functions with the corresponding +/// urcrypt functions. To run, use `cargo test --features test_vs_urcrypt` +/// from the `ares/rust/ares_crypto` directory. mod urcrypt_tests { use super::{ac_ed_puck, ac_ed_shar, ac_ed_sign, ac_ed_veri}; use ibig::ubig; diff --git a/rust/ares_crypto/src/sha.rs b/rust/ares_crypto/src/sha.rs index 724ee54..51eedde 100644 --- a/rust/ares_crypto/src/sha.rs +++ b/rust/ares_crypto/src/sha.rs @@ -37,8 +37,7 @@ pub fn ac_shas(message: &mut [u8], salt: &mut [u8], out: &mut [u8]) { salt[i] ^= mid[i]; } ac_shay(salt, out); - } - else { + } else { for i in 0..salt.len() { mid[i] ^= salt[i]; } @@ -48,6 +47,9 @@ pub fn ac_shas(message: &mut [u8], salt: &mut [u8], out: &mut [u8]) { #[cfg(test)] #[cfg(feature = "test_vs_urcrypt")] +/// Compare the results of the ares_crypto functions with the corresponding +/// urcrypt functions. To run, use `cargo test --features test_vs_urcrypt` +/// from the `ares/rust/ares_crypto` directory. mod urcrypt_tests { use super::{ac_sha1, ac_shal, ac_shas, ac_shay}; use urcrypt_sys::{urcrypt_sha1, urcrypt_shal, urcrypt_shas, urcrypt_shay}; From 7f87000711622369dd51fcad18c9a4c564a9268f Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Thu, 21 Dec 2023 14:57:38 -0500 Subject: [PATCH 30/40] cargo: appease clippy --- rust/ares/src/jets/lock/ed.rs | 4 ++-- rust/ares/src/jets/lock/sha.rs | 26 +++++++++++++------------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/rust/ares/src/jets/lock/ed.rs b/rust/ares/src/jets/lock/ed.rs index 6466cd4..6b1dbd4 100644 --- a/rust/ares/src/jets/lock/ed.rs +++ b/rust/ares/src/jets/lock/ed.rs @@ -17,11 +17,11 @@ pub fn jet_puck(context: &mut Context, subject: Noun) -> Result { } unsafe { - let mut sed_bytes = &mut [0u8; 32]; + let sed_bytes = &mut [0u8; 32]; sed_bytes.copy_from_slice(&(sed.as_bytes())[0..32]); let (mut pub_ida, pub_key) = IndirectAtom::new_raw_mut_bytearray::<32, NockStack>(stack); - ac_ed_puck(&mut sed_bytes, pub_key); + ac_ed_puck(sed_bytes, pub_key); Ok(pub_ida.normalize_as_atom().as_noun()) } diff --git a/rust/ares/src/jets/lock/sha.rs b/rust/ares/src/jets/lock/sha.rs index 757c928..d6424a2 100644 --- a/rust/ares/src/jets/lock/sha.rs +++ b/rust/ares/src/jets/lock/sha.rs @@ -14,16 +14,16 @@ pub fn jet_shas(context: &mut Context, subject: Noun) -> Result { let mut ruz = slot(sam, 3)?.as_atom()?; let sal_bytes = &(sal.as_bytes())[0..met(3, sal)]; // drop trailing zeros - let (mut _salt_ida, mut salt) = + let (mut _salt_ida, salt) = unsafe { IndirectAtom::new_raw_mut_bytes(stack, sal_bytes.len()) }; salt.copy_from_slice(sal_bytes); let msg_len = met(3, ruz); - let mut message = &mut (ruz.as_mut_bytes())[0..msg_len]; // drop trailing zeros + let message = &mut (ruz.as_mut_bytes())[0..msg_len]; // drop trailing zeros unsafe { - let (mut out_ida, mut out) = IndirectAtom::new_raw_mut_bytes(stack, 32); - ac_shas(&mut message, &mut salt, &mut out); + let (mut out_ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 32); + ac_shas(message, salt, out); Ok(out_ida.normalize_as_atom().as_noun()) } } @@ -35,8 +35,8 @@ pub fn jet_shax(context: &mut Context, subject: Noun) -> Result { let len = met(3, msg); unsafe { - let (mut ida, mut out) = IndirectAtom::new_raw_mut_bytes(stack, 32); - ac_shay(&mut (msg.as_mut_bytes())[0..len], &mut out); + let (mut ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 32); + ac_shay(&mut (msg.as_mut_bytes())[0..len], out); Ok(ida.normalize_as_atom().as_noun()) } } @@ -55,8 +55,8 @@ pub fn jet_shay(context: &mut Context, subject: Noun) -> Result { let message = &mut (dat.as_mut_bytes())[0..width]; unsafe { - let (mut out_ida, mut out) = IndirectAtom::new_raw_mut_bytes(stack, 32); - ac_shay(message, &mut out); + let (mut out_ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 32); + ac_shay(message, out); Ok(out_ida.normalize_as_atom().as_noun()) } } @@ -76,8 +76,8 @@ pub fn jet_shal(context: &mut Context, subject: Noun) -> Result { let message = &mut (dat.as_mut_bytes())[0..msg_len]; // drop trailing zeros unsafe { - let (mut ida, mut out) = IndirectAtom::new_raw_mut_bytes(stack, 64); - ac_shal(message, &mut out); + let (mut ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 64); + ac_shal(message, out); Ok(ida.normalize_as_atom().as_noun()) } } @@ -95,11 +95,11 @@ pub fn jet_sha1(context: &mut Context, subject: Noun) -> Result { unsafe { let msg_bytes = &(dat.as_bytes())[0..width]; - let (mut _msg_ida, mut msg) = IndirectAtom::new_raw_mut_bytes(stack, msg_bytes.len()); + let (mut _msg_ida, msg) = IndirectAtom::new_raw_mut_bytes(stack, msg_bytes.len()); msg.copy_from_slice(msg_bytes); - let (mut out_ida, mut out) = IndirectAtom::new_raw_mut_bytes(stack, 20); - ac_sha1(&mut msg, &mut out); + let (mut out_ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 20); + ac_sha1(msg, out); Ok(out_ida.normalize_as_atom().as_noun()) } } From 315f78824f73152242ab08bd05cb95ce79a57657 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Thu, 21 Dec 2023 15:00:06 -0500 Subject: [PATCH 31/40] cargo: appease clippy --- rust/ares_crypto/src/aes_siv.rs | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/rust/ares_crypto/src/aes_siv.rs b/rust/ares_crypto/src/aes_siv.rs index 995046e..c540938 100644 --- a/rust/ares_crypto/src/aes_siv.rs +++ b/rust/ares_crypto/src/aes_siv.rs @@ -22,8 +22,8 @@ pub fn ac_aes_siv_en( ) -> Result<(), Error> { key.reverse(); message.reverse(); - for i in 0..data.len() { - data[i].reverse(); + for item in data.iter_mut() { + item.reverse(); } let iv_tag; @@ -77,8 +77,8 @@ pub fn ac_aes_siv_de( key.reverse(); message.reverse(); iv.reverse(); - for i in 0..data.len() { - data[i].reverse(); + for item in data.iter_mut() { + item.reverse(); } let iv_array = GenericArray::from_slice(iv); @@ -148,10 +148,10 @@ mod urcrypt_tests { }]; let mut uc_out = [0u8; 56]; - let mut ac_key = uc_key.clone(); - let mut ac_message = uc_message.clone(); + let mut ac_key = uc_key; + let mut ac_message = uc_message; let mut ac_iv = [0u8; 16]; - let mut ac_bytes = uc_bytes.clone(); + let mut ac_bytes = uc_bytes; let ac_data: &mut [&mut [u8]] = &mut [&mut ac_bytes]; let mut ac_out = [0u8; 56]; @@ -196,10 +196,10 @@ mod urcrypt_tests { }]; let mut uc_out = [0u8; 56]; - let mut ac_key = uc_key.clone(); - let mut ac_message = uc_message.clone(); + let mut ac_key = uc_key; + let mut ac_message = uc_message; let mut ac_iv = [0u8; 16]; - let mut ac_bytes = uc_bytes.clone(); + let mut ac_bytes = uc_bytes; let ac_data: &mut [&mut [u8]] = &mut [&mut ac_bytes]; let mut ac_out = [0u8; 56]; @@ -244,10 +244,10 @@ mod urcrypt_tests { }]; let mut uc_out = [0u8; 56]; - let mut ac_key = uc_key.clone(); - let mut ac_message = uc_message.clone(); + let mut ac_key = uc_key; + let mut ac_message = uc_message; let mut ac_iv = [0u8; 16]; - let mut ac_bytes = uc_bytes.clone(); + let mut ac_bytes = uc_bytes; let ac_data: &mut [&mut [u8]] = &mut [&mut ac_bytes]; let mut ac_out = [0u8; 56]; From 95f36e00dde766f648410874f19175ad935fd73d Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Thu, 21 Dec 2023 15:19:44 -0500 Subject: [PATCH 32/40] cargo: format --- rust/ares/src/jets/lock/sha.rs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/rust/ares/src/jets/lock/sha.rs b/rust/ares/src/jets/lock/sha.rs index d6424a2..35aa837 100644 --- a/rust/ares/src/jets/lock/sha.rs +++ b/rust/ares/src/jets/lock/sha.rs @@ -14,8 +14,7 @@ pub fn jet_shas(context: &mut Context, subject: Noun) -> Result { let mut ruz = slot(sam, 3)?.as_atom()?; let sal_bytes = &(sal.as_bytes())[0..met(3, sal)]; // drop trailing zeros - let (mut _salt_ida, salt) = - unsafe { IndirectAtom::new_raw_mut_bytes(stack, sal_bytes.len()) }; + let (mut _salt_ida, salt) = unsafe { IndirectAtom::new_raw_mut_bytes(stack, sal_bytes.len()) }; salt.copy_from_slice(sal_bytes); let msg_len = met(3, ruz); From 0f9175ada6cf33c05b4f19969fc39a3fc43b1731 Mon Sep 17 00:00:00 2001 From: Edward Amsden Date: Wed, 27 Dec 2023 08:03:42 -0600 Subject: [PATCH 33/40] devex: add static glibc to flake.nix --- rust/flake.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/rust/flake.nix b/rust/flake.nix index f311b0c..aefd21a 100644 --- a/rust/flake.nix +++ b/rust/flake.nix @@ -35,6 +35,7 @@ pkgs.llvmPackages.clang pkgs.pkg-config pkgs.urcrypt + pkgs.glibc.static ] ++ (nixpkgs.lib.lists.optional (parsedSystem.kernel.name != "darwin") pkgs.gdb); # nixpkgs won't build gdb for darwin }; From 5b0b389775691014b9283da3f77b79586b40280e Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Mon, 8 Jan 2024 17:01:37 -0500 Subject: [PATCH 34/40] jets: rip out `as_mut_bytes` --- rust/ares/src/jets/lock/aes.rs | 16 ++++++++------- rust/ares/src/jets/lock/ed.rs | 5 +++-- rust/ares/src/jets/lock/sha.rs | 36 +++++++++++++++++++++++----------- rust/ares/src/noun.rs | 13 ------------ 4 files changed, 37 insertions(+), 33 deletions(-) diff --git a/rust/ares/src/jets/lock/aes.rs b/rust/ares/src/jets/lock/aes.rs index e491ffb..aef4299 100644 --- a/rust/ares/src/jets/lock/aes.rs +++ b/rust/ares/src/jets/lock/aes.rs @@ -170,7 +170,7 @@ mod util { stack: &mut NockStack, key: &mut [u8; N], ads: Noun, - mut txt: Atom, + txt: Atom, ) -> Result { unsafe { let ac_siv_data = _allocate_ads(stack, ads)?; @@ -180,16 +180,17 @@ mod util { ); let txt_len = met(3, txt); - let txt_bytes = &mut (txt.as_mut_bytes()[0..txt_len]); let (mut iv, iv_bytes) = IndirectAtom::new_raw_mut_bytearray::<16, NockStack>(stack); match txt_len { 0 => { - ac_aes_siv_en::(key, txt_bytes, siv_data, iv_bytes, &mut [0u8; 0]).unwrap(); + ac_aes_siv_en::(key, &mut [], siv_data, iv_bytes, &mut [0u8; 0]).unwrap(); Ok(T(stack, &[iv.normalize_as_atom().as_noun(), D(0), D(0)])) } _ => { + let (_txt_ida, txt_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); + txt_bytes.copy_from_slice(&txt.as_bytes()[0..txt_len]); let (mut out_atom, out_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); ac_aes_siv_en::(key, txt_bytes, siv_data, iv_bytes, out_bytes).unwrap(); Ok(T( @@ -209,19 +210,20 @@ mod util { stack: &mut NockStack, key: &mut [u8; N], ads: Noun, - mut iv: Atom, + iv: Atom, len: Atom, - mut txt: Atom, + txt: Atom, ) -> Result { unsafe { let txt_len = match len.as_direct() { Ok(direct) => direct.data() as usize, Err(_) => return Err(JetErr::Fail(Error::NonDeterministic(D(0)))), }; - let txt_bytes = &mut (txt.as_mut_bytes()[0..txt_len]); + let (_txt_ida, txt_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); + txt_bytes.copy_from_slice(&txt.as_bytes()[0..txt_len]); let iv_bytes = &mut [0u8; 16]; - iv_bytes.copy_from_slice(&iv.as_mut_bytes()[0..16]); + iv_bytes.copy_from_slice(&iv.as_bytes()[0..16]); let ac_siv_data = _allocate_ads(stack, ads)?; let siv_data: &mut [&mut [u8]] = std::slice::from_raw_parts_mut( diff --git a/rust/ares/src/jets/lock/ed.rs b/rust/ares/src/jets/lock/ed.rs index 6b1dbd4..f2ed6fa 100644 --- a/rust/ares/src/jets/lock/ed.rs +++ b/rust/ares/src/jets/lock/ed.rs @@ -61,7 +61,7 @@ pub fn jet_shar(context: &mut Context, subject: Noun) -> Result { pub fn jet_sign(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; - let mut msg = slot(subject, 12)?.as_atom()?; + let msg = slot(subject, 12)?.as_atom()?; let sed = slot(subject, 13)?.as_atom()?; unsafe { @@ -73,7 +73,8 @@ pub fn jet_sign(context: &mut Context, subject: Noun) -> Result { seed[0..sed_bytes.len()].copy_from_slice(sed_bytes); let msg_len = met(3, msg); - let message = &mut (msg.as_mut_bytes())[0..msg_len]; // drop trailing zeros + let (_msg_ida, message) = IndirectAtom::new_raw_mut_bytes(stack, msg_len); + message.copy_from_slice(&msg.as_bytes()[0..msg_len]); let (mut sig_ida, sig) = IndirectAtom::new_raw_mut_bytearray::<64, NockStack>(stack); ac_ed_sign(message, seed, sig); diff --git a/rust/ares/src/jets/lock/sha.rs b/rust/ares/src/jets/lock/sha.rs index 35aa837..fab9e8a 100644 --- a/rust/ares/src/jets/lock/sha.rs +++ b/rust/ares/src/jets/lock/sha.rs @@ -11,14 +11,15 @@ pub fn jet_shas(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; let sam = slot(subject, 6)?; let sal = slot(sam, 2)?.as_atom()?; - let mut ruz = slot(sam, 3)?.as_atom()?; + let ruz = slot(sam, 3)?.as_atom()?; let sal_bytes = &(sal.as_bytes())[0..met(3, sal)]; // drop trailing zeros let (mut _salt_ida, salt) = unsafe { IndirectAtom::new_raw_mut_bytes(stack, sal_bytes.len()) }; salt.copy_from_slice(sal_bytes); let msg_len = met(3, ruz); - let message = &mut (ruz.as_mut_bytes())[0..msg_len]; // drop trailing zeros + let (mut _msg_ida, message) = unsafe { IndirectAtom::new_raw_mut_bytes(stack, msg_len) }; + message.copy_from_slice(&ruz.as_bytes()[0..msg_len]); unsafe { let (mut out_ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 32); @@ -30,12 +31,14 @@ pub fn jet_shas(context: &mut Context, subject: Noun) -> Result { pub fn jet_shax(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; let sam = slot(subject, 6)?; - let mut msg = sam.as_atom()?; + let msg = sam.as_atom()?; let len = met(3, msg); unsafe { + let (mut _msg_ida, msg_copy) = IndirectAtom::new_raw_mut_bytes(stack, len); + msg_copy.copy_from_slice(&msg.as_bytes()[0..len]); let (mut ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 32); - ac_shay(&mut (msg.as_mut_bytes())[0..len], out); + ac_shay(&mut (msg_copy)[0..len], out); Ok(ida.normalize_as_atom().as_noun()) } } @@ -44,18 +47,23 @@ pub fn jet_shay(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; let sam = slot(subject, 6)?; let wid = slot(sam, 2)?.as_atom()?; - let mut dat = slot(sam, 3)?.as_atom()?; + let dat = slot(sam, 3)?.as_atom()?; let width = match wid.as_direct() { Ok(direct) => direct.data() as usize, Err(_) => return Err(JetErr::Fail(Error::NonDeterministic(D(0)))), }; - let message = &mut (dat.as_mut_bytes())[0..width]; - unsafe { let (mut out_ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 32); - ac_shay(message, out); + if width > 0 { + let (mut _msg_ida, msg) = IndirectAtom::new_raw_mut_bytes(stack, width); + msg.copy_from_slice(&dat.as_bytes()[0..width]); + ac_shay(msg, out); + } + else { + ac_shay(&mut [], out); + } Ok(out_ida.normalize_as_atom().as_noun()) } } @@ -64,7 +72,7 @@ pub fn jet_shal(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; let sam = slot(subject, 6)?; let wid = slot(sam, 2)?.as_atom()?; - let mut dat = slot(sam, 3)?.as_atom()?; + let dat = slot(sam, 3)?.as_atom()?; let _width = match wid.as_direct() { Ok(direct) => direct.data() as usize, @@ -72,11 +80,17 @@ pub fn jet_shal(context: &mut Context, subject: Noun) -> Result { }; let msg_len = met(3, dat); - let message = &mut (dat.as_mut_bytes())[0..msg_len]; // drop trailing zeros unsafe { let (mut ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 64); - ac_shal(message, out); + if msg_len > 0 { + let (mut _msg_ida, msg) = IndirectAtom::new_raw_mut_bytes(stack, msg_len); + msg.copy_from_slice(&dat.as_bytes()[0..msg_len]); + ac_shal(msg, out); + } + else { + ac_shal(&mut [], out); + } Ok(ida.normalize_as_atom().as_noun()) } } diff --git a/rust/ares/src/noun.rs b/rust/ares/src/noun.rs index 6702b35..fd0d95e 100644 --- a/rust/ares/src/noun.rs +++ b/rust/ares/src/noun.rs @@ -249,11 +249,6 @@ impl DirectAtom { let bytes: &[u8; 8] = unsafe { std::mem::transmute(&self.0) }; &bytes[..] } - - pub fn as_mut_bytes(&mut self) -> &mut [u8] { - let bytes: &mut [u8; 8] = unsafe { std::mem::transmute(&mut self.0) }; - &mut bytes[..] - } } impl fmt::Display for DirectAtom { @@ -824,14 +819,6 @@ impl Atom { } } - pub fn as_mut_bytes(&mut self) -> &mut [u8] { - if self.is_direct() { - unsafe { self.direct.as_mut_bytes() } - } else { - unsafe { self.indirect.as_mut_bytes() } - } - } - pub fn as_u64(self) -> Result { if self.is_direct() { Ok(unsafe { self.direct.data() }) From 528270bbd4b991aedf5daa2268ae1cf058f5f12c Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Mon, 8 Jan 2024 17:23:25 -0500 Subject: [PATCH 35/40] jets: handle zero-length messages in `sha` --- rust/ares/src/jets/lock/sha.rs | 60 +++++++++++++++++++++++++++++----- 1 file changed, 52 insertions(+), 8 deletions(-) diff --git a/rust/ares/src/jets/lock/sha.rs b/rust/ares/src/jets/lock/sha.rs index fab9e8a..444a208 100644 --- a/rust/ares/src/jets/lock/sha.rs +++ b/rust/ares/src/jets/lock/sha.rs @@ -17,15 +17,22 @@ pub fn jet_shas(context: &mut Context, subject: Noun) -> Result { let (mut _salt_ida, salt) = unsafe { IndirectAtom::new_raw_mut_bytes(stack, sal_bytes.len()) }; salt.copy_from_slice(sal_bytes); - let msg_len = met(3, ruz); - let (mut _msg_ida, message) = unsafe { IndirectAtom::new_raw_mut_bytes(stack, msg_len) }; - message.copy_from_slice(&ruz.as_bytes()[0..msg_len]); - unsafe { let (mut out_ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 32); - ac_shas(message, salt, out); + + let msg_len = met(3, ruz); + if msg_len > 0 { + let (_msg_ida, message) = IndirectAtom::new_raw_mut_bytes(stack, msg_len); + message.copy_from_slice(&ruz.as_bytes()[0..msg_len]); + ac_shas(message, salt, out); + } + else { + ac_shas(&mut [], salt, out); + } + Ok(out_ida.normalize_as_atom().as_noun()) } + } pub fn jet_shax(context: &mut Context, subject: Noun) -> Result { @@ -35,10 +42,17 @@ pub fn jet_shax(context: &mut Context, subject: Noun) -> Result { let len = met(3, msg); unsafe { - let (mut _msg_ida, msg_copy) = IndirectAtom::new_raw_mut_bytes(stack, len); - msg_copy.copy_from_slice(&msg.as_bytes()[0..len]); let (mut ida, out) = IndirectAtom::new_raw_mut_bytes(stack, 32); - ac_shay(&mut (msg_copy)[0..len], out); + + if len > 0 { + let (mut _msg_ida, msg_copy) = IndirectAtom::new_raw_mut_bytes(stack, len); + msg_copy.copy_from_slice(&msg.as_bytes()[0..len]); + ac_shay(&mut (msg_copy)[0..len], out); + } + else { + ac_shay(&mut [], out); + } + Ok(ida.normalize_as_atom().as_noun()) } } @@ -129,6 +143,14 @@ mod tests { fn test_shas() { let c = &mut init_context(); + let sam = T(&mut c.stack, &[D(1), D(0)]); + assert_jet_ubig( + c, + jet_shas, + sam, + ubig!(_0x4abac214e1e95fe0c60df79d09cbd05454a4cb958683e02318aa147f2a5e6d60), + ); + let sam = T(&mut c.stack, &[D(1), D(1)]); assert_jet_ubig( c, @@ -166,6 +188,13 @@ mod tests { fn test_shax() { let c = &mut init_context(); + assert_jet_ubig( + c, + jet_shax, + D(0), // '' + ubig!(_0x55b852781b9995a44c939b64e441ae2724b96f99c8f4fb9a141cfc9842c4b0e3), + ); + assert_jet_ubig( c, jet_shax, @@ -207,6 +236,13 @@ mod tests { fn test_shay() { let c = &mut init_context(); + let sam = T(&mut c.stack, &[D(0), D(0)]); + let ret = A( + &mut c.stack, + &ubig!(_0x55b852781b9995a44c939b64e441ae2724b96f99c8f4fb9a141cfc9842c4b0e3), + ); + assert_jet(c, jet_shay, sam, ret); + let sam = T(&mut c.stack, &[D(1), D(0)]); let ret = A( &mut c.stack, @@ -264,6 +300,14 @@ mod tests { fn test_shal() { let c = &mut init_context(); + let sam = T(&mut c.stack, &[D(0), D(0)]); + assert_jet_ubig( + c, + jet_shal, + sam, + ubig!(_0x3eda27f97a3238a5817a4147bd31b9632fec7e87d21883ffb0f2855d3cd1d047cee96cd321a9f483dc15570b05e420d607806dd6502854f1bdb8ef7e35e183cf) + ); + let sam = T(&mut c.stack, &[D(1), D(1)]); assert_jet_ubig( c, From 723372a0eaab38cbcad7b6c861850d770a08c0aa Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Mon, 8 Jan 2024 17:39:11 -0500 Subject: [PATCH 36/40] jets: handle zero-length messages in `aes_siv` --- rust/ares/src/jets/lock/aes.rs | 47 +++++++++++++++++++++++++++++++--- 1 file changed, 44 insertions(+), 3 deletions(-) diff --git a/rust/ares/src/jets/lock/aes.rs b/rust/ares/src/jets/lock/aes.rs index aef4299..f5ffff0 100644 --- a/rust/ares/src/jets/lock/aes.rs +++ b/rust/ares/src/jets/lock/aes.rs @@ -219,8 +219,6 @@ mod util { Ok(direct) => direct.data() as usize, Err(_) => return Err(JetErr::Fail(Error::NonDeterministic(D(0)))), }; - let (_txt_ida, txt_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); - txt_bytes.copy_from_slice(&txt.as_bytes()[0..txt_len]); let iv_bytes = &mut [0u8; 16]; iv_bytes.copy_from_slice(&iv.as_bytes()[0..16]); @@ -232,7 +230,18 @@ mod util { ); let (mut out_atom, out_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); - ac_aes_siv_de::(key, txt_bytes, siv_data, iv_bytes, out_bytes).unwrap(); + + match txt_len { + 0 => { + ac_aes_siv_de::(key, &mut [], siv_data, iv_bytes, &mut [0u8; 0]).unwrap(); + } + _ => { + let (_txt_ida, txt_bytes) = IndirectAtom::new_raw_mut_bytes(stack, txt_len); + txt_bytes.copy_from_slice(&txt.as_bytes()[0..txt_len]); + ac_aes_siv_de::(key, txt_bytes, siv_data, iv_bytes, out_bytes).unwrap(); + } + } + Ok(T(stack, &[D(0), out_atom.normalize_as_atom().as_noun()])) } } @@ -323,6 +332,22 @@ mod tests { pub fn test_sivb_en() { let c = &mut init_context(); + /* + > (~(en sivb:aes:crypto [key=0x0 vec=~]) txt=0x0) + [p=0x8fb.4085.a9b9.3662.ab44.f911.e47e.9ccd q=0 r=0x0] + */ + fn sample(_s: &mut NockStack) -> Noun { + D(0) + } + fn context(s: &mut NockStack) -> Noun { + let sample = T(s, &[D(0), D(0)]); + T(s, &[D(0), sample, D(0)]) + } + + let siv = A(&mut c.stack, &ubig!(0x8fb4085a9b93662ab44f911e47e9ccd)); + let res = T(&mut c.stack, &[siv, D(0), D(0x0)]); + assert_jet_in_door(c, jet_sivb_en, &[sample], &[context], res); + /* RFC 5297 * https://datatracker.ietf.org/doc/html/rfc5297#appendix-A */ @@ -350,6 +375,22 @@ mod tests { pub fn test_sivc_en() { let c = &mut init_context(); + /* + > (~(en sivc:aes:crypto [key=0x0 vec=~]) txt=0x0) + [p=0x2c6a.abc5.bb25.1140.e221.d70b.fb31.c519 q=0 r=0x0] + */ + fn sample(_s: &mut NockStack) -> Noun { + D(0) + } + fn context(s: &mut NockStack) -> Noun { + let sample = T(s, &[D(0), D(0)]); + T(s, &[D(0), sample, D(0)]) + } + + let siv = A(&mut c.stack, &ubig!(0x2c6aabc5bb251140e221d70bfb31c519)); + let res = T(&mut c.stack, &[siv, D(0), D(0x0)]); + assert_jet_in_door(c, jet_sivc_en, &[sample], &[context], res); + /* RFC 5297 * https://datatracker.ietf.org/doc/html/rfc5297#appendix-A */ From 824e6cf7e9ac6b121f05a7ba6f17b42ff4880143 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Mon, 8 Jan 2024 18:11:25 -0500 Subject: [PATCH 37/40] jets: handle zero-length messages in `ed` --- rust/ares/src/jets/lock/ed.rs | 51 ++++++++++++++++++++++++++++------- 1 file changed, 41 insertions(+), 10 deletions(-) diff --git a/rust/ares/src/jets/lock/ed.rs b/rust/ares/src/jets/lock/ed.rs index f2ed6fa..5f3bc98 100644 --- a/rust/ares/src/jets/lock/ed.rs +++ b/rust/ares/src/jets/lock/ed.rs @@ -12,13 +12,14 @@ pub fn jet_puck(context: &mut Context, subject: Noun) -> Result { let stack = &mut context.stack; let sed = slot(subject, 6)?.as_atom()?; - if met(3, sed) > 32 { + let sed_len = met(3, sed); + if sed_len > 32 { return Err(JetErr::Fail(Error::Deterministic(D(0)))); } unsafe { let sed_bytes = &mut [0u8; 32]; - sed_bytes.copy_from_slice(&(sed.as_bytes())[0..32]); + sed_bytes[0..sed_len].copy_from_slice(&(sed.as_bytes())[0..sed_len]); let (mut pub_ida, pub_key) = IndirectAtom::new_raw_mut_bytearray::<32, NockStack>(stack); ac_ed_puck(sed_bytes, pub_key); @@ -66,20 +67,26 @@ pub fn jet_sign(context: &mut Context, subject: Noun) -> Result { unsafe { let sed_bytes = sed.as_bytes(); - if sed_bytes.len() > 32 { + let sed_len = sed_bytes.len(); + if sed_len > 32 { return Err(JetErr::Fail(Error::Deterministic(D(0)))); }; let seed = &mut [0u8; 32]; - seed[0..sed_bytes.len()].copy_from_slice(sed_bytes); - - let msg_len = met(3, msg); - let (_msg_ida, message) = IndirectAtom::new_raw_mut_bytes(stack, msg_len); - message.copy_from_slice(&msg.as_bytes()[0..msg_len]); + seed[0..sed_len].copy_from_slice(sed_bytes); let (mut sig_ida, sig) = IndirectAtom::new_raw_mut_bytearray::<64, NockStack>(stack); - ac_ed_sign(message, seed, sig); - sig.reverse(); + let msg_len = met(3, msg); + if msg_len > 0 { + let (_msg_ida, message) = IndirectAtom::new_raw_mut_bytes(stack, msg_len); + message.copy_from_slice(&msg.as_bytes()[0..msg_len]); + ac_ed_sign(message, seed, sig); + } + else { + ac_ed_sign(&[0u8; 0], seed, sig); + } + + sig.reverse(); Ok(sig_ida.normalize_as_atom().as_noun()) } } @@ -125,6 +132,16 @@ mod tests { fn test_puck() { let c = &mut init_context(); + let sam = A( + &mut c.stack, + &ubig!(_0x0), + ); + let ret = A( + &mut c.stack, + &ubig!(_0x29da598ba148c03aa643e21d77153265730d6f2ad0a8a3622da4b6cebc276a3b), + ); + assert_jet(c, jet_puck, sam, ret); + let sam = A( &mut c.stack, &ubig!(_0x607fae1c03ac3b701969327b69c54944c42cec92f44a84ba605afdef9db1619d), @@ -140,6 +157,13 @@ mod tests { fn test_shar() { let c = &mut init_context(); + let sam = T(&mut c.stack, &[D(0), D(0)]); + let ret = A( + &mut c.stack, + &ubig!(_0x0), + ); + assert_jet(c, jet_shar, sam, ret); + let sam = T(&mut c.stack, &[D(234), D(234)]); let ret = A( &mut c.stack, @@ -159,6 +183,10 @@ mod tests { let c = &mut init_context(); unsafe { + let sam = T(&mut c.stack, &[D(0), D(0)]); + let ret = A(&mut c.stack, &ubig!(_0x8f895b3cafe2c9506039d0e2a66382568004674fe8d237785092e40d6aaf483e4fc60168705f31f101596138ce21aa357c0d32a064f423dc3ee4aa3abf53f803)); + assert_jet(c, jet_sign, sam, ret); + let message = D(0x72); let sed_ubig = @@ -196,6 +224,9 @@ mod tests { let c = &mut init_context(); unsafe { + let sam = T(&mut c.stack, &[D(0), D(0), D(0)]); + assert_jet(c, jet_veri, sam, NO); + let sig_ubig = ubig!(_0x92a009a9f0d4cab8720e820b5f642540a2b27b5416503f8fb3762223ebdb69da085ac1e43e15996e458f3613d0f11d8c387b2eaeb4302aeeb00d291612bb0c00); let sig_bytes = sig_ubig.to_be_bytes(); let signature = From 1a323204e3d4bc1325fe9782139f7ad0fde3b5ab Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Mon, 8 Jan 2024 18:18:04 -0500 Subject: [PATCH 38/40] jets: add comment explaining length matching --- rust/ares/src/jets/lock/aes.rs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/rust/ares/src/jets/lock/aes.rs b/rust/ares/src/jets/lock/aes.rs index f5ffff0..8e67abb 100644 --- a/rust/ares/src/jets/lock/aes.rs +++ b/rust/ares/src/jets/lock/aes.rs @@ -183,6 +183,8 @@ mod util { let (mut iv, iv_bytes) = IndirectAtom::new_raw_mut_bytearray::<16, NockStack>(stack); + // We match on length here and elsewhere where a similar pattern is followed + // to avoid panicking when a zero length is passed to IndirectAtom::new_raw_mut_bytes. match txt_len { 0 => { ac_aes_siv_en::(key, &mut [], siv_data, iv_bytes, &mut [0u8; 0]).unwrap(); From 718842a49a1e0235c641eab4ada2f32207b3637b Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Wed, 10 Jan 2024 11:52:03 -0500 Subject: [PATCH 39/40] build: remove `test_vs_urcrypt` as default feature --- rust/ares/Cargo.lock | 296 +++++++++++++++++------------------- rust/ares_crypto/Cargo.lock | 154 ++++++++++++------- rust/ares_crypto/Cargo.toml | 2 +- 3 files changed, 239 insertions(+), 213 deletions(-) diff --git a/rust/ares/Cargo.lock b/rust/ares/Cargo.lock index ed8bdea..033313d 100644 --- a/rust/ares/Cargo.lock +++ b/rust/ares/Cargo.lock @@ -90,10 +90,8 @@ dependencies = [ "curve25519-dalek", "ed25519-dalek", "ibig 0.3.6 (registry+https://github.com/rust-lang/crates.io-index)", - "rand", "sha1", "sha2", - "urcrypt-sys", "x25519-dalek", ] @@ -109,7 +107,7 @@ dependencies = [ name = "ares_pma" version = "0.1.0" dependencies = [ - "bindgen 0.69.1", + "bindgen", "cc", ] @@ -145,29 +143,6 @@ dependencies = [ "cc", ] -[[package]] -name = "bindgen" -version = "0.68.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "726e4313eb6ec35d2730258ad4e15b547ee75d6afaa1361a922e78e59b7d8078" -dependencies = [ - "bitflags 2.4.1", - "cexpr", - "clang-sys", - "lazy_static", - "lazycell", - "log", - "peeking_take_while", - "prettyplease", - "proc-macro2", - "quote", - "regex", - "rustc-hash", - "shlex", - "syn 2.0.39", - "which", -] - [[package]] name = "bindgen" version = "0.69.1" @@ -187,7 +162,7 @@ dependencies = [ "regex", "rustc-hash", "shlex", - "syn 2.0.39", + "syn 2.0.48", "which", ] @@ -299,9 +274,9 @@ dependencies = [ [[package]] name = "clang-sys" -version = "1.6.1" +version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c688fc74432808e3eb684cae8830a86be1d66a2bd58e1f248ed0960a590baf6f" +checksum = "67523a3b4be3ce1989d607a828d036249522dd9c1c8de7f4dd2dae43a37369d1" dependencies = [ "glob", "libc", @@ -342,9 +317,9 @@ dependencies = [ [[package]] name = "cpufeatures" -version = "0.2.11" +version = "0.2.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ce420fe07aecd3e67c5f910618fe65e94158f6dcc0adf44e00d69ce2bdfe0fd0" +checksum = "53fe5e26ff1b7aef8bca9c6080520cfb8d9333c7568e1829cef191a9723e5504" dependencies = [ "libc", ] @@ -387,36 +362,28 @@ dependencies = [ [[package]] name = "crossbeam-deque" -version = "0.8.3" +version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ce6fd6f855243022dcecf8702fef0c297d4338e226845fe067f6341ad9fa0cef" +checksum = "613f8cc01fe9cf1a3eb3d7f488fd2fa8388403e97039e2f73692932e291a770d" dependencies = [ - "cfg-if", "crossbeam-epoch", "crossbeam-utils", ] [[package]] name = "crossbeam-epoch" -version = "0.9.15" +version = "0.9.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae211234986c545741a7dc064309f67ee1e5ad243d0e48335adc0484d960bcc7" +checksum = "5b82ac4a3c2ca9c3460964f020e1402edd5753411d7737aa39c3714ad1b5420e" dependencies = [ - "autocfg", - "cfg-if", "crossbeam-utils", - "memoffset", - "scopeguard", ] [[package]] name = "crossbeam-utils" -version = "0.8.16" +version = "0.8.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a22b2d63d4d1dc0b7f1b6b2747dd0088008a9be28b6ddf0b1e7d335e3037294" -dependencies = [ - "cfg-if", -] +checksum = "248e3bacc7dc6baa3b21e405ee045c3047101a49145e7e9eca583ab4c2ca5345" [[package]] name = "crypto-common" @@ -462,7 +429,7 @@ checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.39", + "syn 2.0.48", ] [[package]] @@ -519,7 +486,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a258e46cdc063eb8519c00b9fc845fc47bcfca4130e2f08e88665ceda8474245" dependencies = [ "libc", - "windows-sys", + "windows-sys 0.52.0", ] [[package]] @@ -544,17 +511,6 @@ dependencies = [ "version_check", ] -[[package]] -name = "getrandom" -version = "0.2.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe9006bed769170c11f845cf00c7c1e9092aeb3f268e007c3e760ac68008070f" -dependencies = [ - "cfg-if", - "libc", - "wasi", -] - [[package]] name = "glob" version = "0.3.1" @@ -588,7 +544,7 @@ version = "0.5.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e3d1354bf6b7235cb4a0576c2619fd4ed18183f689b12b006a0ee7329eeff9a5" dependencies = [ - "windows-sys", + "windows-sys 0.52.0", ] [[package]] @@ -649,15 +605,15 @@ dependencies = [ [[package]] name = "itoa" -version = "1.0.9" +version = "1.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af150ab688ff2122fcef229be89cb50dd66af9e01a4ff320cc137eecc9bacc38" +checksum = "b1a46d1a171d865aa5f83f92695765caa047a9b4cbae2cbf37dbd613a793fd4c" [[package]] name = "js-sys" -version = "0.3.65" +version = "0.3.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "54c0c35952f67de54bb584e9fd912b3023117cbafc0a77d8f3dee1fb5f572fe8" +checksum = "cee9c64da59eae3b50095c18d3e74f8b73c0b86d2792824ff01bbce68ba229ca" dependencies = [ "wasm-bindgen", ] @@ -682,18 +638,18 @@ checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55" [[package]] name = "libc" -version = "0.2.150" +version = "0.2.152" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89d92a4743f9a61002fae18374ed11e7973f530cb3a3255fb354818118b2203c" +checksum = "13e3bf6590cbc649f4d1a3eefc9d5d6eb746f5200ffb04e5e142700b8faa56e7" [[package]] name = "libloading" -version = "0.7.4" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b67380fd3b2fbe7527a606e18729d21c6f3951633d0500574c4dc22d2d638b9f" +checksum = "c571b676ddfc9a8c12f1f3d3085a7b163966a8fd8098a90640953ce5f6170161" dependencies = [ "cfg-if", - "winapi", + "windows-sys 0.48.0", ] [[package]] @@ -710,9 +666,9 @@ checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f" [[package]] name = "memchr" -version = "2.6.4" +version = "2.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f665ee40bc4a3c5590afb1e9677db74a508659dfd71e126420da8274909a0167" +checksum = "523dc4f511e55ab87b694dc30d0f820d60906ef06413f93d4d7a1385599cc149" [[package]] name = "memmap" @@ -724,15 +680,6 @@ dependencies = [ "winapi", ] -[[package]] -name = "memoffset" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a634b1c61a95585bd15607c6ab0c4e5b226e695ff2800ba0cdccddf208c406c" -dependencies = [ - "autocfg", -] - [[package]] name = "minimal-lexical" version = "0.2.1" @@ -776,9 +723,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.18.0" +version = "1.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" +checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" [[package]] name = "oorandom" @@ -798,17 +745,11 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" -[[package]] -name = "pkg-config" -version = "0.3.27" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" - [[package]] name = "platforms" -version = "3.2.0" +version = "3.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14e6ab3f592e6fb464fc9712d8d6e6912de6473954635fd76a589d832cffcbb0" +checksum = "626dec3cac7cc0e1577a2ec3fc496277ec2baa084bebad95bb6fdbfae235f84c" [[package]] name = "plotters" @@ -840,28 +781,28 @@ dependencies = [ [[package]] name = "prettyplease" -version = "0.2.15" +version = "0.2.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae005bd773ab59b4725093fd7df83fd7892f7d8eafb48dbd7de6e024e4215f9d" +checksum = "a41cf62165e97c7f814d2221421dbb9afcbcdb0a88068e5ea206e19951c2cbb5" dependencies = [ "proc-macro2", - "syn 2.0.39", + "syn 2.0.48", ] [[package]] name = "proc-macro2" -version = "1.0.69" +version = "1.0.76" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "134c189feb4956b20f6f547d2cf727d4c0fe06722b20a0eec87ed445a97f92da" +checksum = "95fc56cda0b5c3325f5fbbd7ff9fda9e02bb00bb3dac51252d2f1bfa1cb8cc8c" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.33" +version = "1.0.35" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" +checksum = "291ec9ab5efd934aaf503a6466c5d5251535d108ee747472c3977cc5acc868ef" dependencies = [ "proc-macro2", ] @@ -886,9 +827,6 @@ name = "rand_core" version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" -dependencies = [ - "getrandom", -] [[package]] name = "rayon" @@ -964,14 +902,14 @@ dependencies = [ "errno", "libc", "linux-raw-sys", - "windows-sys", + "windows-sys 0.52.0", ] [[package]] name = "ryu" -version = "1.0.15" +version = "1.0.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1ad4cc8da4ef723ed60bced201181d83791ad433213d8c24efffda1eec85d741" +checksum = "f98d2aa92eebf49b69786be48e4477826b256916e84a57ff2a4f21923b48eb4c" [[package]] name = "same-file" @@ -982,43 +920,37 @@ dependencies = [ "winapi-util", ] -[[package]] -name = "scopeguard" -version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" - [[package]] name = "semver" -version = "1.0.20" +version = "1.0.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "836fa6a3e1e547f9a2c4040802ec865b5d85f4014efe00555d7090a3dcaa1090" +checksum = "b97ed7a9823b74f99c7742f5336af7be5ecd3eeafcb1507d1fa93347b1d589b0" [[package]] name = "serde" -version = "1.0.192" +version = "1.0.195" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bca2a08484b285dcb282d0f67b26cadc0df8b19f8c12502c13d966bf9482f001" +checksum = "63261df402c67811e9ac6def069e4786148c4563f4b50fd4bf30aa370d626b02" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.192" +version = "1.0.195" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d6c7207fbec9faa48073f3e3074cbe553af6ea512d7c21ba46e434e70ea9fbc1" +checksum = "46fe8f8603d81ba86327b23a2e9cdf49e1255fb94a4c5f297f6ee0547178ea2c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.39", + "syn 2.0.48", ] [[package]] name = "serde_json" -version = "1.0.108" +version = "1.0.111" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d1c7e3eac408d115102c4c24ad393e0821bb3a5df4d506a80f85f7a742a526b" +checksum = "176e46fa42316f18edd598015a5166857fc835ec732f5215eac6b7bdbf0a84f4" dependencies = [ "itoa", "ryu", @@ -1103,9 +1035,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.39" +version = "2.0.48" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "23e78b90f2fcf45d3e842032ce32e3f2d1545ba6636271dcbf24fa306d87be7a" +checksum = "0f3531638e407dfc0814761abb7c00a5b54992b849452a0646b7f65c9f770f3f" dependencies = [ "proc-macro2", "quote", @@ -1146,16 +1078,6 @@ version = "1.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" -[[package]] -name = "urcrypt-sys" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ced751f95a527a3458eb67c75e4ae7093d41585edaa7565f5769101502473019" -dependencies = [ - "bindgen 0.68.1", - "pkg-config", -] - [[package]] name = "version_check" version = "0.9.4" @@ -1172,17 +1094,11 @@ dependencies = [ "winapi-util", ] -[[package]] -name = "wasi" -version = "0.11.0+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" - [[package]] name = "wasm-bindgen" -version = "0.2.88" +version = "0.2.89" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7daec296f25a1bae309c0cd5c29c4b260e510e6d813c286b19eaadf409d40fce" +checksum = "0ed0d4f68a3015cc185aff4db9506a015f4b96f95303897bfa23f846db54064e" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -1190,24 +1106,24 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.88" +version = "0.2.89" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e397f4664c0e4e428e8313a469aaa58310d302159845980fd23b0f22a847f217" +checksum = "1b56f625e64f3a1084ded111c4d5f477df9f8c92df113852fa5a374dbda78826" dependencies = [ "bumpalo", "log", "once_cell", "proc-macro2", "quote", - "syn 2.0.39", + "syn 2.0.48", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-macro" -version = "0.2.88" +version = "0.2.89" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5961017b3b08ad5f3fe39f1e79877f8ee7c23c5e5fd5eb80de95abc41f1f16b2" +checksum = "0162dbf37223cd2afce98f3d0785506dcb8d266223983e4b5b525859e6e182b2" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -1215,28 +1131,28 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.88" +version = "0.2.89" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c5353b8dab669f5e10f5bd76df26a9360c748f054f862ff5f3f8aae0c7fb3907" +checksum = "f0eb82fcb7930ae6219a7ecfd55b217f5f0893484b7a13022ebb2b2bf20b5283" dependencies = [ "proc-macro2", "quote", - "syn 2.0.39", + "syn 2.0.48", "wasm-bindgen-backend", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-shared" -version = "0.2.88" +version = "0.2.89" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d046c5d029ba91a1ed14da14dca44b68bf2f124cfbaf741c54151fdb3e0750b" +checksum = "7ab9b36309365056cd639da3134bf87fa8f3d86008abf99e612384a6eecd459f" [[package]] name = "web-sys" -version = "0.3.65" +version = "0.3.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5db499c5f66323272151db0e666cd34f78617522fb0c1604d31a27c50c206a85" +checksum = "50c24a44ec86bb68fbecd1b3efed7e85ea5621b39b35ef2766b66cd984f8010f" dependencies = [ "js-sys", "wasm-bindgen", @@ -1285,13 +1201,37 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" +[[package]] +name = "windows-sys" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" +dependencies = [ + "windows-targets 0.48.5", +] + [[package]] name = "windows-sys" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ - "windows-targets", + "windows-targets 0.52.0", +] + +[[package]] +name = "windows-targets" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" +dependencies = [ + "windows_aarch64_gnullvm 0.48.5", + "windows_aarch64_msvc 0.48.5", + "windows_i686_gnu 0.48.5", + "windows_i686_msvc 0.48.5", + "windows_x86_64_gnu 0.48.5", + "windows_x86_64_gnullvm 0.48.5", + "windows_x86_64_msvc 0.48.5", ] [[package]] @@ -1300,51 +1240,93 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8a18201040b24831fbb9e4eb208f8892e1f50a37feb53cc7ff887feb8f50e7cd" dependencies = [ - "windows_aarch64_gnullvm", - "windows_aarch64_msvc", - "windows_i686_gnu", - "windows_i686_msvc", - "windows_x86_64_gnu", - "windows_x86_64_gnullvm", - "windows_x86_64_msvc", + "windows_aarch64_gnullvm 0.52.0", + "windows_aarch64_msvc 0.52.0", + "windows_i686_gnu 0.52.0", + "windows_i686_msvc 0.52.0", + "windows_x86_64_gnu 0.52.0", + "windows_x86_64_gnullvm 0.52.0", + "windows_x86_64_msvc 0.52.0", ] +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" + [[package]] name = "windows_aarch64_gnullvm" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cb7764e35d4db8a7921e09562a0304bf2f93e0a51bfccee0bd0bb0b666b015ea" +[[package]] +name = "windows_aarch64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" + [[package]] name = "windows_aarch64_msvc" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bbaa0368d4f1d2aaefc55b6fcfee13f41544ddf36801e793edbbfd7d7df075ef" +[[package]] +name = "windows_i686_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" + [[package]] name = "windows_i686_gnu" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a28637cb1fa3560a16915793afb20081aba2c92ee8af57b4d5f28e4b3e7df313" +[[package]] +name = "windows_i686_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" + [[package]] name = "windows_i686_msvc" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ffe5e8e31046ce6230cc7215707b816e339ff4d4d67c65dffa206fd0f7aa7b9a" +[[package]] +name = "windows_x86_64_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" + [[package]] name = "windows_x86_64_gnu" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd" +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" + [[package]] name = "windows_x86_64_gnullvm" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a657e1e9d3f514745a572a6846d3c7aa7dbe1658c056ed9c3344c4109a6949e" +[[package]] +name = "windows_x86_64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" + [[package]] name = "windows_x86_64_msvc" version = "0.52.0" diff --git a/rust/ares_crypto/Cargo.lock b/rust/ares_crypto/Cargo.lock index ce4fb77..4610dce 100644 --- a/rust/ares_crypto/Cargo.lock +++ b/rust/ares_crypto/Cargo.lock @@ -142,9 +142,9 @@ dependencies = [ [[package]] name = "clang-sys" -version = "1.6.1" +version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c688fc74432808e3eb684cae8830a86be1d66a2bd58e1f248ed0960a590baf6f" +checksum = "67523a3b4be3ce1989d607a828d036249522dd9c1c8de7f4dd2dae43a37369d1" dependencies = [ "glob", "libc", @@ -164,9 +164,9 @@ dependencies = [ [[package]] name = "cpufeatures" -version = "0.2.11" +version = "0.2.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ce420fe07aecd3e67c5f910618fe65e94158f6dcc0adf44e00d69ce2bdfe0fd0" +checksum = "53fe5e26ff1b7aef8bca9c6080520cfb8d9333c7568e1829cef191a9723e5504" dependencies = [ "libc", ] @@ -272,7 +272,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a258e46cdc063eb8519c00b9fc845fc47bcfca4130e2f08e88665ceda8474245" dependencies = [ "libc", - "windows-sys", + "windows-sys 0.52.0", ] [[package]] @@ -293,9 +293,9 @@ dependencies = [ [[package]] name = "getrandom" -version = "0.2.11" +version = "0.2.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe9006bed769170c11f845cf00c7c1e9092aeb3f268e007c3e760ac68008070f" +checksum = "190092ea657667030ac6a35e305e62fc4dd69fd98ac98631e5d3a2b1575a12b5" dependencies = [ "cfg-if", "libc", @@ -314,7 +314,7 @@ version = "0.5.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e3d1354bf6b7235cb4a0576c2619fd4ed18183f689b12b006a0ee7329eeff9a5" dependencies = [ - "windows-sys", + "windows-sys 0.52.0", ] [[package]] @@ -352,18 +352,18 @@ checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55" [[package]] name = "libc" -version = "0.2.151" +version = "0.2.152" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "302d7ab3130588088d277783b1e2d2e10c9e9e4a16dd9050e6ec93fb3e7048f4" +checksum = "13e3bf6590cbc649f4d1a3eefc9d5d6eb746f5200ffb04e5e142700b8faa56e7" [[package]] name = "libloading" -version = "0.7.4" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b67380fd3b2fbe7527a606e18729d21c6f3951633d0500574c4dc22d2d638b9f" +checksum = "c571b676ddfc9a8c12f1f3d3085a7b163966a8fd8098a90640953ce5f6170161" dependencies = [ "cfg-if", - "winapi", + "windows-sys 0.48.0", ] [[package]] @@ -380,9 +380,9 @@ checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f" [[package]] name = "memchr" -version = "2.6.4" +version = "2.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f665ee40bc4a3c5590afb1e9677db74a508659dfd71e126420da8274909a0167" +checksum = "523dc4f511e55ab87b694dc30d0f820d60906ef06413f93d4d7a1385599cc149" [[package]] name = "minimal-lexical" @@ -423,21 +423,21 @@ checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" [[package]] name = "pkg-config" -version = "0.3.27" +version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" +checksum = "69d3587f8a9e599cc7ec2c00e331f71c4e69a5f9a4b8a6efd5b07466b9736f9a" [[package]] name = "platforms" -version = "3.2.0" +version = "3.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14e6ab3f592e6fb464fc9712d8d6e6912de6473954635fd76a589d832cffcbb0" +checksum = "626dec3cac7cc0e1577a2ec3fc496277ec2baa084bebad95bb6fdbfae235f84c" [[package]] name = "prettyplease" -version = "0.2.15" +version = "0.2.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae005bd773ab59b4725093fd7df83fd7892f7d8eafb48dbd7de6e024e4215f9d" +checksum = "a41cf62165e97c7f814d2221421dbb9afcbcdb0a88068e5ea206e19951c2cbb5" dependencies = [ "proc-macro2", "syn", @@ -445,18 +445,18 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.70" +version = "1.0.76" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39278fbbf5fb4f646ce651690877f89d1c5811a3d4acb27700c1cb3cdb78fd3b" +checksum = "95fc56cda0b5c3325f5fbbd7ff9fda9e02bb00bb3dac51252d2f1bfa1cb8cc8c" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.33" +version = "1.0.35" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" +checksum = "291ec9ab5efd934aaf503a6466c5d5251535d108ee747472c3977cc5acc868ef" dependencies = [ "proc-macro2", ] @@ -533,14 +533,14 @@ dependencies = [ "errno", "libc", "linux-raw-sys", - "windows-sys", + "windows-sys 0.52.0", ] [[package]] name = "semver" -version = "1.0.20" +version = "1.0.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "836fa6a3e1e547f9a2c4040802ec865b5d85f4014efe00555d7090a3dcaa1090" +checksum = "b97ed7a9823b74f99c7742f5336af7be5ecd3eeafcb1507d1fa93347b1d589b0" [[package]] name = "sha1" @@ -590,9 +590,9 @@ checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc" [[package]] name = "syn" -version = "2.0.41" +version = "2.0.48" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "44c8b28c477cc3bf0e7966561e3460130e1255f7a1cf71931075f1c5e7a7e269" +checksum = "0f3531638e407dfc0814761abb7c00a5b54992b849452a0646b7f65c9f770f3f" dependencies = [ "proc-macro2", "quote", @@ -646,34 +646,36 @@ dependencies = [ ] [[package]] -name = "winapi" -version = "0.3.9" +name = "windows-sys" +version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" dependencies = [ - "winapi-i686-pc-windows-gnu", - "winapi-x86_64-pc-windows-gnu", + "windows-targets 0.48.5", ] -[[package]] -name = "winapi-i686-pc-windows-gnu" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" - -[[package]] -name = "winapi-x86_64-pc-windows-gnu" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" - [[package]] name = "windows-sys" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ - "windows-targets", + "windows-targets 0.52.0", +] + +[[package]] +name = "windows-targets" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" +dependencies = [ + "windows_aarch64_gnullvm 0.48.5", + "windows_aarch64_msvc 0.48.5", + "windows_i686_gnu 0.48.5", + "windows_i686_msvc 0.48.5", + "windows_x86_64_gnu 0.48.5", + "windows_x86_64_gnullvm 0.48.5", + "windows_x86_64_msvc 0.48.5", ] [[package]] @@ -682,51 +684,93 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8a18201040b24831fbb9e4eb208f8892e1f50a37feb53cc7ff887feb8f50e7cd" dependencies = [ - "windows_aarch64_gnullvm", - "windows_aarch64_msvc", - "windows_i686_gnu", - "windows_i686_msvc", - "windows_x86_64_gnu", - "windows_x86_64_gnullvm", - "windows_x86_64_msvc", + "windows_aarch64_gnullvm 0.52.0", + "windows_aarch64_msvc 0.52.0", + "windows_i686_gnu 0.52.0", + "windows_i686_msvc 0.52.0", + "windows_x86_64_gnu 0.52.0", + "windows_x86_64_gnullvm 0.52.0", + "windows_x86_64_msvc 0.52.0", ] +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" + [[package]] name = "windows_aarch64_gnullvm" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cb7764e35d4db8a7921e09562a0304bf2f93e0a51bfccee0bd0bb0b666b015ea" +[[package]] +name = "windows_aarch64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" + [[package]] name = "windows_aarch64_msvc" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bbaa0368d4f1d2aaefc55b6fcfee13f41544ddf36801e793edbbfd7d7df075ef" +[[package]] +name = "windows_i686_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" + [[package]] name = "windows_i686_gnu" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a28637cb1fa3560a16915793afb20081aba2c92ee8af57b4d5f28e4b3e7df313" +[[package]] +name = "windows_i686_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" + [[package]] name = "windows_i686_msvc" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ffe5e8e31046ce6230cc7215707b816e339ff4d4d67c65dffa206fd0f7aa7b9a" +[[package]] +name = "windows_x86_64_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" + [[package]] name = "windows_x86_64_gnu" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd" +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" + [[package]] name = "windows_x86_64_gnullvm" version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a657e1e9d3f514745a572a6846d3c7aa7dbe1658c056ed9c3344c4109a6949e" +[[package]] +name = "windows_x86_64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" + [[package]] name = "windows_x86_64_msvc" version = "0.52.0" diff --git a/rust/ares_crypto/Cargo.toml b/rust/ares_crypto/Cargo.toml index 892197a..e2b895b 100644 --- a/rust/ares_crypto/Cargo.toml +++ b/rust/ares_crypto/Cargo.toml @@ -30,7 +30,7 @@ urcrypt-sys = { version = "0.1.1", optional = true } [features] # XX turn off test_vs_urcrypt after development -default = ["aes_siv", "ed25519", "sha", "test_vs_urcrypt"] +default = ["aes_siv", "ed25519", "sha"] aes_siv = ["aes", "aes-siv"] ed25519 = ["curve25519-dalek", "ed25519-dalek", "x25519-dalek"] sha = ["sha1", "sha2"] From c4c1388573feebd373a3e53c6116b0e9c9917306 Mon Sep 17 00:00:00 2001 From: Matthew LeVan Date: Wed, 17 Jan 2024 20:46:45 -0500 Subject: [PATCH 40/40] noun: remove `IndirectAtom::as_mut_bytes` --- rust/ares/src/noun.rs | 4 ---- 1 file changed, 4 deletions(-) diff --git a/rust/ares/src/noun.rs b/rust/ares/src/noun.rs index fd0d95e..68212a4 100644 --- a/rust/ares/src/noun.rs +++ b/rust/ares/src/noun.rs @@ -483,10 +483,6 @@ impl IndirectAtom { unsafe { from_raw_parts(self.data_pointer() as *const u8, self.size() << 3) } } - pub fn as_mut_bytes(&mut self) -> &mut [u8] { - unsafe { from_raw_parts_mut(self.data_pointer_mut() as *mut u8, self.size() << 3) } - } - /** BitSlice view on an indirect atom, with lifetime tied to reference to indirect atom. */ pub fn as_bitslice(&self) -> &BitSlice { BitSlice::from_slice(self.as_slice())