From eda436f2642e927d58b691badf4197d2223a6416 Mon Sep 17 00:00:00 2001 From: Brandon Vandegrift <798832-bmv437@users.noreply.gitlab.com> Date: Fri, 13 Jun 2025 19:42:53 -0400 Subject: [PATCH] Fix compile for the NONE CryptoSystem --- Cargo.lock | 1 + veilid-core/Cargo.toml | 19 ++++++++------- veilid-core/src/crypto/none/mod.rs | 24 ++++++++++--------- .../network_manager/tests/test_bootstrap.rs | 13 ++++++++-- .../tests/test_serialize_routing_table.rs | 10 ++++---- veilid-core/src/tests/common/test_dht.rs | 22 +++++++++-------- 6 files changed, 53 insertions(+), 36 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 83d81d3e..42b8509d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -6463,6 +6463,7 @@ dependencies = [ "console_error_panic_hook", "curve25519-dalek", "data-encoding", + "digest 0.10.7", "directories", "ed25519-dalek", "enumset", diff --git a/veilid-core/Cargo.toml b/veilid-core/Cargo.toml index 37fe64dc..662be95f 100644 --- a/veilid-core/Cargo.toml +++ b/veilid-core/Cargo.toml @@ -45,8 +45,8 @@ rt-tokio = [ ] # Crypto support features -enable-crypto-vld0 = [] -enable-crypto-none = [] +enable-crypto-vld0 = [ "ed25519-dalek", "x25519-dalek", "curve25519-dalek", "blake3", "chacha20poly1305", "chacha20", "argon2" ] +enable-crypto-none = [ "ed25519-dalek", "curve25519-dalek", "blake3", "argon2", "digest" ] # Debugging and testing features verbose-tracing = [] @@ -113,27 +113,28 @@ lock_api = "0.4.12" stop-token = { version = "0.7.0", default-features = false } # Crypto -ed25519-dalek = { version = "2.1.1", default-features = false, features = [ +ed25519-dalek = { version = "2.1.1", optional = true, default-features = false, features = [ "alloc", "rand_core", "digest", "zeroize", ] } -x25519-dalek = { version = "2.0.1", default-features = false, features = [ +x25519-dalek = { version = "2.0.1", optional = true, default-features = false, features = [ "alloc", "static_secrets", "zeroize", "precomputed-tables", ] } -curve25519-dalek = { version = "4.1.3", default-features = false, features = [ +curve25519-dalek = { version = "4.1.3", optional = true, default-features = false, features = [ "alloc", "zeroize", "precomputed-tables", ] } -blake3 = { version = "1.8.2" } -chacha20poly1305 = "0.10.1" -chacha20 = "0.9.1" -argon2 = "0.5.3" +blake3 = { version = "1.8.2", optional = true } +chacha20poly1305 = { version = "0.10.1", optional = true } +chacha20 = { version = "0.9.1", optional = true } +argon2 = { version = "0.5.3", optional = true } +digest = { version = "0.10.7", optional = true, features = [ "rand_core" ]} # Network async-std-resolver = { version = "0.24.4", optional = true } diff --git a/veilid-core/src/crypto/none/mod.rs b/veilid-core/src/crypto/none/mod.rs index 80e1cd06..2690f81a 100644 --- a/veilid-core/src/crypto/none/mod.rs +++ b/veilid-core/src/crypto/none/mod.rs @@ -1,8 +1,8 @@ use super::*; use argon2::password_hash::Salt; use data_encoding::BASE64URL_NOPAD; +use digest::rand_core::RngCore; use digest::Digest; -use rand::RngCore; const AEAD_OVERHEAD: usize = PUBLIC_KEY_LENGTH; pub const CRYPTO_KIND_NONE: CryptoKind = CryptoKind(*b"NONE"); @@ -49,11 +49,12 @@ fn is_bytes_eq_32(a: &[u8], v: u8) -> bool { } /// None CryptoSystem -pub struct CryptoSystemNONE { +pub(crate) struct CryptoSystemNONE { registry: VeilidComponentRegistry, } impl CryptoSystemNONE { + #[must_use] pub(crate) fn new(registry: VeilidComponentRegistry) -> Self { Self { registry } } @@ -66,7 +67,7 @@ impl CryptoSystem for CryptoSystemNONE { } fn crypto(&self) -> VeilidComponentGuard<'_, Crypto> { - self.registry().lookup::().unwrap() + self.registry.lookup::().unwrap() } // Cached Operations @@ -115,12 +116,12 @@ impl CryptoSystem for CryptoSystemNONE { fn random_nonce(&self) -> Nonce { let mut nonce = [0u8; NONCE_LENGTH]; - random_bytes(&mut nonce).unwrap(); + random_bytes(&mut nonce); Nonce::new(nonce) } fn random_shared_secret(&self) -> SharedSecret { let mut s = [0u8; SHARED_SECRET_LENGTH]; - random_bytes(&mut s).unwrap(); + random_bytes(&mut s); SharedSecret::new(s) } fn compute_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult { @@ -130,8 +131,8 @@ impl CryptoSystem for CryptoSystemNONE { fn generate_keypair(&self) -> KeyPair { none_generate_keypair() } - fn generate_hash(&self, data: &[u8]) -> PublicKey { - PublicKey::new(*blake3::hash(data).as_bytes()) + fn generate_hash(&self, data: &[u8]) -> HashDigest { + HashDigest::new(*blake3::hash(data).as_bytes()) } fn generate_hash_reader(&self, reader: &mut dyn std::io::Read) -> VeilidAPIResult { let mut hasher = blake3::Hasher::new(); @@ -150,14 +151,14 @@ impl CryptoSystem for CryptoSystemNONE { }; v } - fn validate_hash(&self, data: &[u8], dht_key: &PublicKey) -> bool { + fn validate_hash(&self, data: &[u8], dht_key: &HashDigest) -> bool { let bytes = *blake3::hash(data).as_bytes(); bytes == dht_key.bytes } fn validate_hash_reader( &self, reader: &mut dyn std::io::Read, - dht_key: &PublicKey, + dht_key: &HashDigest, ) -> VeilidAPIResult { let mut hasher = blake3::Hasher::new(); std::io::copy(reader, &mut hasher).map_err(VeilidAPIError::generic)?; @@ -165,8 +166,8 @@ impl CryptoSystem for CryptoSystemNONE { Ok(bytes == dht_key.bytes) } // Distance Metric - fn distance(&self, key1: &PublicKey, key2: &PublicKey) -> HashDistance { - let mut bytes = [0u8; PUBLIC_KEY_LENGTH]; + fn distance(&self, key1: &HashDigest, key2: &HashDigest) -> HashDistance { + let mut bytes = [0u8; HASH_DIGEST_LENGTH]; for (n, byte) in bytes.iter_mut().enumerate() { *byte = key1.bytes[n] ^ key2.bytes[n]; @@ -197,6 +198,7 @@ impl CryptoSystem for CryptoSystemNONE { sig_bytes[0..32].copy_from_slice(&in_sig_bytes[0..32]); sig_bytes[32..64].copy_from_slice(&do_xor_32(&in_sig_bytes[32..64], &dht_key_secret.bytes)); let dht_sig = Signature::new(sig_bytes.into()); + println!("DEBUG dht_sig: {:?}", dht_sig); Ok(dht_sig) } fn verify( diff --git a/veilid-core/src/network_manager/tests/test_bootstrap.rs b/veilid-core/src/network_manager/tests/test_bootstrap.rs index 8bb6bb5a..bc7a52ac 100644 --- a/veilid-core/src/network_manager/tests/test_bootstrap.rs +++ b/veilid-core/src/network_manager/tests/test_bootstrap.rs @@ -64,8 +64,17 @@ pub async fn test_bootstrap_v1() { let dial_info_converter = MockDialInfoConverter::default(); let bsrec = make_mock_bootstrap_record(true); - let signing_key_pairs = [TypedKeyPair::from_str("VLD0:W7ENB-SUWpPA7usY8ORVQf_si5QmFbD1Uqa89Jg2Uc0:hbdjau5sr3rBNwN68XeWLg3rfXnXLaLqfbbqhELqV1E").expect("should parse keypair"), - TypedKeyPair::from_str("VLD0:v6XPfyOoCP_ZP-CWFNrf_pF_dpxsq74p2LW_Q5Q4yPQ:n-DhHtOU7KWQkdp5to8cpBa_u0RFt2IDZzXPqMTq4O0").expect("should parse keypair")]; + let signing_key_pairs = [ + #[cfg(feature = "enable-crypto-vld0")] + TypedKeyPair::from_str("VLD0:W7ENB-SUWpPA7usY8ORVQf_si5QmFbD1Uqa89Jg2Uc0:hbdjau5sr3rBNwN68XeWLg3rfXnXLaLqfbbqhELqV1E").expect("should parse keypair"), + #[cfg(feature = "enable-crypto-vld0")] + TypedKeyPair::from_str("VLD0:v6XPfyOoCP_ZP-CWFNrf_pF_dpxsq74p2LW_Q5Q4yPQ:n-DhHtOU7KWQkdp5to8cpBa_u0RFt2IDZzXPqMTq4O0").expect("should parse keypair"), + #[cfg(feature = "enable-crypto-none")] + TypedKeyPair::from_str("NONE:xMzvYmY1C0B-pUrB9V1pnUf6A1hSqNTOju39UaFxQoU:OzMQnZnK9L-BWrU-CqKWYrgF_KetVysxcRICrl6OvXo").expect("should parse keypair"), + #[cfg(feature = "enable-crypto-none")] + TypedKeyPair::from_str("NONE:xuYisL8R7-qoUQiJtHVpvemzd1x3mH246cMJSkMp6BQ:ORndT0DuEBVXrvd2S4qWQhZMiKOIZ4JHFjz2tbzWF-s").expect("should parse keypair"), + ]; + println!("signing_key_pairs: {:?}", signing_key_pairs); let signing_keys = signing_key_pairs .iter() .map(|skp| TypedPublicKey::new(skp.kind, skp.value.key)) diff --git a/veilid-core/src/routing_table/tests/test_serialize_routing_table.rs b/veilid-core/src/routing_table/tests/test_serialize_routing_table.rs index cc881273..d493ca00 100644 --- a/veilid-core/src/routing_table/tests/test_serialize_routing_table.rs +++ b/veilid-core/src/routing_table/tests/test_serialize_routing_table.rs @@ -1,5 +1,5 @@ use super::*; -use crate::{routing_table::*, RegisteredComponents}; +use crate::{routing_table::*, RegisteredComponents, VALID_CRYPTO_KINDS}; fn make_mock_typed_node_id(kind: CryptoKind, idx: u8) -> TypedNodeId { TypedNodeId::new( @@ -11,10 +11,12 @@ fn make_mock_typed_node_id(kind: CryptoKind, idx: u8) -> TypedNodeId { ) } -fn make_mock_typed_node_id_group(vld0: bool, unknown: bool) -> TypedNodeIdGroup { +fn make_mock_typed_node_id_group(valid_kinds: bool, unknown: bool) -> TypedNodeIdGroup { let mut tks = TypedNodeIdGroup::new(); - if vld0 { - tks.add(make_mock_typed_node_id(CRYPTO_KIND_VLD0, 0)); + if valid_kinds { + VALID_CRYPTO_KINDS.iter().for_each(|k| { + tks.add(make_mock_typed_node_id(*k, 0)); + }); } if unknown { tks.add(make_mock_typed_node_id(CryptoKind([1, 2, 3, 4]), 0)); diff --git a/veilid-core/src/tests/common/test_dht.rs b/veilid-core/src/tests/common/test_dht.rs index 76983c0f..a3614bba 100644 --- a/veilid-core/src/tests/common/test_dht.rs +++ b/veilid-core/src/tests/common/test_dht.rs @@ -1,11 +1,13 @@ use super::test_veilid_config::*; use crate::*; +const TEST_CRYPTO_KIND: CryptoKind = VALID_CRYPTO_KINDS[0]; + use lazy_static::*; lazy_static! { static ref BOGUS_KEY: TypedRecordKey = TypedRecordKey::from(CryptoTyped::new( - CRYPTO_KIND_VLD0, + TEST_CRYPTO_KIND, RecordKey::new([0u8; 32]) )); } @@ -42,7 +44,7 @@ pub async fn test_create_delete_dht_record_simple(api: VeilidAPI) { let rc = api.routing_context().unwrap(); let rec = rc - .create_dht_record(DHTSchema::dflt(1).unwrap(), None, Some(CRYPTO_KIND_VLD0)) + .create_dht_record(DHTSchema::dflt(1).unwrap(), None, Some(TEST_CRYPTO_KIND)) .await .unwrap(); @@ -55,14 +57,14 @@ pub async fn test_create_dht_record_with_owner(api: VeilidAPI) { let rc = api.routing_context().unwrap(); let crypto = api.crypto().unwrap(); - let cs = crypto.get(CRYPTO_KIND_VLD0).unwrap(); + let cs = crypto.get(TEST_CRYPTO_KIND).unwrap(); let owner_keypair = cs.generate_keypair(); let rec = rc .create_dht_record( DHTSchema::dflt(1).unwrap(), Some(owner_keypair), - Some(CRYPTO_KIND_VLD0), + Some(TEST_CRYPTO_KIND), ) .await .unwrap(); @@ -78,19 +80,19 @@ pub async fn test_get_dht_record_key(api: VeilidAPI) { let rc = api.routing_context().unwrap(); let crypto = api.crypto().unwrap(); - let cs = crypto.get(CRYPTO_KIND_VLD0).unwrap(); + let cs = crypto.get(TEST_CRYPTO_KIND).unwrap(); let owner_keypair = cs.generate_keypair(); let schema = DHTSchema::dflt(1).unwrap(); // create the record normally let rec = rc - .create_dht_record(schema.clone(), Some(owner_keypair), Some(CRYPTO_KIND_VLD0)) + .create_dht_record(schema.clone(), Some(owner_keypair), Some(TEST_CRYPTO_KIND)) .await .unwrap(); // recreate the record key from the metadata alone let key = rc - .get_dht_record_key(schema.clone(), &owner_keypair.key, Some(CRYPTO_KIND_VLD0)) + .get_dht_record_key(schema.clone(), &owner_keypair.key, Some(TEST_CRYPTO_KIND)) .unwrap(); // keys should be the same @@ -105,7 +107,7 @@ pub async fn test_get_dht_value_nonexistent(api: VeilidAPI) { let rc = api.routing_context().unwrap(); let rec = rc - .create_dht_record(DHTSchema::dflt(1).unwrap(), None, Some(CRYPTO_KIND_VLD0)) + .create_dht_record(DHTSchema::dflt(1).unwrap(), None, Some(TEST_CRYPTO_KIND)) .await .unwrap(); let dht_key = *rec.key(); @@ -120,7 +122,7 @@ pub async fn test_set_get_dht_value(api: VeilidAPI) { let rc = api.routing_context().unwrap(); let rec = rc - .create_dht_record(DHTSchema::dflt(2).unwrap(), None, Some(CRYPTO_KIND_VLD0)) + .create_dht_record(DHTSchema::dflt(2).unwrap(), None, Some(TEST_CRYPTO_KIND)) .await .unwrap(); let dht_key = *rec.key(); @@ -168,7 +170,7 @@ pub async fn test_open_writer_dht_value(api: VeilidAPI) { let rc = api.routing_context().unwrap(); let rec = rc - .create_dht_record(DHTSchema::dflt(2).unwrap(), None, Some(CRYPTO_KIND_VLD0)) + .create_dht_record(DHTSchema::dflt(2).unwrap(), None, Some(TEST_CRYPTO_KIND)) .await .unwrap(); let key = *rec.key();