From 4deee59e9046b0962f3822e22c0dfe3079ece76d Mon Sep 17 00:00:00 2001 From: Karolin Varner Date: Wed, 25 Jun 2025 19:11:15 +0200 Subject: [PATCH] chore: Restructure imports in various places --- rosenpass/benches/handshake.rs | 11 +-- rosenpass/benches/trace_handshake.rs | 11 ++- rosenpass/src/app_server.rs | 67 ++++++------------- rosenpass/src/config.rs | 18 +++-- rosenpass/src/protocol/build_crypto_server.rs | 24 ++++--- rosenpass/src/protocol/mod.rs | 3 + rosenpass/src/protocol/protocol.rs | 18 +++-- rosenpass/src/protocol/test.rs | 6 +- rosenpass/tests/app_server_example.rs | 19 ++---- rosenpass/tests/poll_example.rs | 10 ++- rp/src/exchange.rs | 16 ++--- 11 files changed, 84 insertions(+), 119 deletions(-) diff --git a/rosenpass/benches/handshake.rs b/rosenpass/benches/handshake.rs index a47e9a6..e04c71c 100644 --- a/rosenpass/benches/handshake.rs +++ b/rosenpass/benches/handshake.rs @@ -1,14 +1,15 @@ -use anyhow::Result; -use rosenpass::protocol::basic_types::{MsgBuf, SPk, SSk, SymKey}; -use rosenpass::protocol::{CryptoServer, HandleMsgResult, PeerPtr, ProtocolVersion}; use std::ops::DerefMut; +use anyhow::Result; +use criterion::{black_box, criterion_group, criterion_main, Criterion}; + use rosenpass_cipher_traits::primitives::Kem; use rosenpass_ciphers::StaticKem; - -use criterion::{black_box, criterion_group, criterion_main, Criterion}; use rosenpass_secret_memory::secret_policy_try_use_memfd_secrets; +use rosenpass::protocol::basic_types::{MsgBuf, SPk, SSk, SymKey}; +use rosenpass::protocol::{CryptoServer, HandleMsgResult, PeerPtr, ProtocolVersion}; + fn handle( tx: &mut CryptoServer, msgb: &mut MsgBuf, diff --git a/rosenpass/benches/trace_handshake.rs b/rosenpass/benches/trace_handshake.rs index b83c135..37ad1a6 100644 --- a/rosenpass/benches/trace_handshake.rs +++ b/rosenpass/benches/trace_handshake.rs @@ -1,12 +1,9 @@ -use std::{ - collections::HashMap, - hint::black_box, - io::{self, Write}, - ops::DerefMut, - time::{Duration, Instant}, -}; +use std::io::{self, Write}; +use std::time::{Duration, Instant}; +use std::{collections::HashMap, hint::black_box, ops::DerefMut}; use anyhow::Result; + use libcrux_test_utils::tracing::{EventType, Trace as _}; use rosenpass_cipher_traits::primitives::Kem; diff --git a/rosenpass/src/app_server.rs b/rosenpass/src/app_server.rs index 8d3fd0a..02d4a5b 100644 --- a/rosenpass/src/app_server.rs +++ b/rosenpass/src/app_server.rs @@ -1,57 +1,32 @@ /// This contains the bulk of the rosenpass server IO handling code whereas /// the actual cryptographic code lives in the [crate::protocol] module -use anyhow::bail; +use std::collections::{HashMap, VecDeque}; +use std::io::{stdout, ErrorKind, Write}; +use std::net::{Ipv4Addr, Ipv6Addr, SocketAddr, SocketAddrV4, SocketAddrV6, ToSocketAddrs}; +use std::time::{Duration, Instant}; +use std::{cell::Cell, fmt::Debug, io, path::PathBuf, slice}; -use anyhow::Context; -use anyhow::Result; +use anyhow::{bail, Context, Result}; use derive_builder::Builder; use log::{error, info, warn}; -use mio::Interest; -use mio::Token; -use rosenpass_secret_memory::Public; -use rosenpass_secret_memory::Secret; -use rosenpass_util::build::ConstructionSite; -use rosenpass_util::file::StoreValueB64; -use rosenpass_util::functional::run; -use rosenpass_util::functional::ApplyExt; -use rosenpass_util::io::IoResultKindHintExt; -use rosenpass_util::io::SubstituteForIoErrorKindExt; -use rosenpass_util::option::SomeExt; -use rosenpass_util::result::OkExt; -use rosenpass_wireguard_broker::WireguardBrokerMio; -use rosenpass_wireguard_broker::{WireguardBrokerCfg, WG_KEY_LEN}; +use mio::{Interest, Token}; use zerocopy::AsBytes; -use std::cell::Cell; - -use std::collections::HashMap; -use std::collections::VecDeque; -use std::fmt::Debug; -use std::io; -use std::io::stdout; -use std::io::ErrorKind; -use std::io::Write; -use std::net::Ipv4Addr; -use std::net::Ipv6Addr; -use std::net::SocketAddr; -use std::net::SocketAddrV4; -use std::net::SocketAddrV6; -use std::net::ToSocketAddrs; -use std::path::PathBuf; -use std::slice; -use std::time::Duration; -use std::time::Instant; - -use crate::config::ProtocolVersion; -use crate::protocol::BuildCryptoServer; -use crate::protocol::HostIdentification; -use crate::{ - config::Verbosity, - protocol::basic_types::{MsgBuf, SPk, SSk, SymKey}, - protocol::{timing::Timing, CryptoServer, PeerPtr}, -}; use rosenpass_util::attempt; -use rosenpass_util::b64::B64Display; +use rosenpass_util::functional::{run, ApplyExt}; +use rosenpass_util::io::{IoResultKindHintExt, SubstituteForIoErrorKindExt}; +use rosenpass_util::{ + b64::B64Display, build::ConstructionSite, file::StoreValueB64, option::SomeExt, result::OkExt, +}; + +use rosenpass_secret_memory::{Public, Secret}; +use rosenpass_wireguard_broker::{WireguardBrokerCfg, WireguardBrokerMio, WG_KEY_LEN}; + +use crate::config::{ProtocolVersion, Verbosity}; + +use crate::protocol::basic_types::{MsgBuf, SPk, SSk, SymKey}; +use crate::protocol::timing::Timing; +use crate::protocol::{BuildCryptoServer, CryptoServer, HostIdentification, PeerPtr}; /// The maximum size of a base64 encoded symmetric key (estimate) pub const MAX_B64_KEY_SIZE: usize = 32 * 5 / 3; diff --git a/rosenpass/src/config.rs b/rosenpass/src/config.rs index 330ccea..9f79cce 100644 --- a/rosenpass/src/config.rs +++ b/rosenpass/src/config.rs @@ -7,20 +7,18 @@ //! - TODO: support `~` in //! - TODO: provide tooling to create config file from shell -use crate::protocol::basic_types::{SPk, SSk}; -use rosenpass_util::file::LoadValue; -use std::{ - collections::HashSet, - fs, - io::Write, - net::{Ipv4Addr, Ipv6Addr, SocketAddr, SocketAddrV4, SocketAddrV6, ToSocketAddrs}, - path::{Path, PathBuf}, -}; +use std::net::{Ipv4Addr, Ipv6Addr, SocketAddr, SocketAddrV4, SocketAddrV6, ToSocketAddrs}; +use std::path::{Path, PathBuf}; +use std::{collections::HashSet, fs, io::Write}; use anyhow::{bail, ensure}; -use rosenpass_util::file::{fopen_w, Visibility}; + use serde::{Deserialize, Serialize}; +use rosenpass_util::file::{fopen_w, LoadValue, Visibility}; + +use crate::protocol::basic_types::{SPk, SSk}; + use crate::app_server::AppServer; #[cfg(feature = "experiment_api")] diff --git a/rosenpass/src/protocol/build_crypto_server.rs b/rosenpass/src/protocol/build_crypto_server.rs index f3ded3d..73243b3 100644 --- a/rosenpass/src/protocol/build_crypto_server.rs +++ b/rosenpass/src/protocol/build_crypto_server.rs @@ -1,12 +1,12 @@ +use thiserror::Error; + +use rosenpass_util::mem::{DiscardResultExt, SwapWithDefaultExt}; +use rosenpass_util::{build::Build, result::ensure_or}; + +use crate::config::ProtocolVersion; + use super::basic_types::{SPk, SSk, SymKey}; use super::{CryptoServer, PeerPtr}; -use crate::config::ProtocolVersion; -use rosenpass_util::{ - build::Build, - mem::{DiscardResultExt, SwapWithDefaultExt}, - result::ensure_or, -}; -use thiserror::Error; #[derive(Debug, Clone)] /// A pair of matching public/secret keys used to launch the crypto server. @@ -386,16 +386,18 @@ impl BuildCryptoServer { /// Extracting the server configuration from a builder: /// /// ```rust - /// // We have to define the security policy before using Secrets. + /// use rosenpass_util::build::Build; + /// use rosenpass_secret_memory::secret_policy_use_only_malloc_secrets; + /// /// use rosenpass::config::ProtocolVersion; /// use rosenpass::hash_domains::protocol; - /// use rosenpass_secret_memory::secret_policy_use_only_malloc_secrets; - /// secret_policy_use_only_malloc_secrets(); /// - /// use rosenpass_util::build::Build; /// use rosenpass::protocol::basic_types::{SymKey, SPk}; /// use rosenpass::protocol::{BuildCryptoServer, Keypair}; /// + /// // We have to define the security policy before using Secrets. + /// secret_policy_use_only_malloc_secrets(); + /// /// let keypair = Keypair::random(); /// let peer_pk = SPk::random(); /// let mut builder = BuildCryptoServer::new(Some(keypair.clone()), vec![]); diff --git a/rosenpass/src/protocol/mod.rs b/rosenpass/src/protocol/mod.rs index cb14c3b..72bead0 100644 --- a/rosenpass/src/protocol/mod.rs +++ b/rosenpass/src/protocol/mod.rs @@ -24,11 +24,14 @@ //! //! ``` //! use std::ops::DerefMut; +//! //! use rosenpass_secret_memory::policy::*; //! use rosenpass_cipher_traits::primitives::Kem; //! use rosenpass_ciphers::StaticKem; +//! //! use rosenpass::protocol::basic_types::{SSk, SPk, MsgBuf, SymKey}; //! use rosenpass::protocol::{PeerPtr, CryptoServer}; +//! //! # fn main() -> anyhow::Result<()> { //! // Set security policy for storing secrets //! diff --git a/rosenpass/src/protocol/protocol.rs b/rosenpass/src/protocol/protocol.rs index 8300be6..a40f83d 100644 --- a/rosenpass/src/protocol/protocol.rs +++ b/rosenpass/src/protocol/protocol.rs @@ -35,23 +35,19 @@ use rosenpass_util::{ use crate::{hash_domains, msgs::*, RosenpassError}; +use super::basic_types::{ + BiscuitId, EPk, ESk, MsgBuf, PeerId, PeerNo, SPk, SSk, SessionId, SymKey, XAEADNonce, +}; use super::constants::{ BISCUIT_EPOCH, COOKIE_SECRET_EPOCH, COOKIE_SECRET_LEN, COOKIE_VALUE_LEN, PEER_COOKIE_VALUE_EPOCH, REJECT_AFTER_TIME, REKEY_AFTER_TIME_INITIATOR, REKEY_AFTER_TIME_RESPONDER, RETRANSMIT_DELAY_BEGIN, RETRANSMIT_DELAY_END, RETRANSMIT_DELAY_GROWTH, RETRANSMIT_DELAY_JITTER, }; +use super::cookies::{BiscuitKey, CookieSecret, CookieStore}; use super::index::{PeerIndex, PeerIndexKey}; use super::timing::{has_happened, Timing, BCE, UNENDING}; use super::zerocopy::{truncating_cast_into, truncating_cast_into_nomut}; -use super::{ - basic_types::{ - BiscuitId, EPk, ESk, MsgBuf, PeerId, PeerNo, SPk, SSk, SessionId, SymKey, XAEADNonce, - }, - cookies::BiscuitKey, -}; - -use super::cookies::{CookieSecret, CookieStore}; #[cfg(feature = "trace_bench")] use rosenpass_util::trace_bench::Trace as _; @@ -177,11 +173,13 @@ impl From for ProtocolVersion { /// /// ``` /// use std::ops::DerefMut; -/// use rosenpass::protocol::basic_types::{SSk, SPk, SymKey}; -/// use rosenpass::protocol::{Peer, ProtocolVersion}; +/// /// use rosenpass_ciphers::StaticKem; /// use rosenpass_cipher_traits::primitives::Kem; /// +/// use rosenpass::protocol::basic_types::{SSk, SPk, SymKey}; +/// use rosenpass::protocol::{Peer, ProtocolVersion}; +/// /// rosenpass_secret_memory::secret_policy_try_use_memfd_secrets(); /// /// let (mut sskt, mut spkt) = (SSk::zero(), SPk::zero()); diff --git a/rosenpass/src/protocol/test.rs b/rosenpass/src/protocol/test.rs index f62775b..c525c7e 100644 --- a/rosenpass/src/protocol/test.rs +++ b/rosenpass/src/protocol/test.rs @@ -11,10 +11,10 @@ use rosenpass_util::mem::DiscardResultExt; use crate::msgs::{EmptyData, Envelope, InitConf, InitHello, MsgType, RespHello, MAX_MESSAGE_LEN}; +use super::basic_types::{MsgBuf, SPk, SSk, SymKey}; +use super::constants::REKEY_AFTER_TIME_RESPONDER; +use super::zerocopy::{truncating_cast_into, truncating_cast_into_nomut}; use super::{ - basic_types::{MsgBuf, SPk, SSk, SymKey}, - constants::REKEY_AFTER_TIME_RESPONDER, - zerocopy::{truncating_cast_into, truncating_cast_into_nomut}, CryptoServer, HandleMsgResult, HostIdentification, KnownInitConfResponsePtr, PeerPtr, PollResult, ProtocolVersion, }; diff --git a/rosenpass/tests/app_server_example.rs b/rosenpass/tests/app_server_example.rs index d384b79..bd5a77e 100644 --- a/rosenpass/tests/app_server_example.rs +++ b/rosenpass/tests/app_server_example.rs @@ -1,21 +1,14 @@ -use std::{ - net::SocketAddr, - ops::DerefMut, - str::FromStr, - sync::mpsc, - thread::{self, sleep}, - time::Duration, -}; +use std::thread::{self, sleep}; +use std::{net::SocketAddr, ops::DerefMut, str::FromStr, sync::mpsc, time::Duration}; -use rosenpass::config::ProtocolVersion; -use rosenpass::{ - app_server::{AppServer, AppServerTest, MAX_B64_KEY_SIZE}, - protocol::basic_types::{SPk, SSk, SymKey}, -}; use rosenpass_cipher_traits::primitives::Kem; use rosenpass_ciphers::StaticKem; use rosenpass_util::{file::LoadValueB64, functional::run, mem::DiscardResultExt, result::OkExt}; +use rosenpass::app_server::{AppServer, AppServerTest, MAX_B64_KEY_SIZE}; +use rosenpass::config::ProtocolVersion; +use rosenpass::protocol::basic_types::{SPk, SSk, SymKey}; + #[test] fn key_exchange_with_app_server_v02() -> anyhow::Result<()> { key_exchange_with_app_server(ProtocolVersion::V02) diff --git a/rosenpass/tests/poll_example.rs b/rosenpass/tests/poll_example.rs index 43a4d86..62fe4f8 100644 --- a/rosenpass/tests/poll_example.rs +++ b/rosenpass/tests/poll_example.rs @@ -9,12 +9,10 @@ use rosenpass_cipher_traits::primitives::Kem; use rosenpass_ciphers::StaticKem; use rosenpass_util::result::OkExt; -use rosenpass::protocol::{ - basic_types::{MsgBuf, SPk, SSk, SymKey}, - testutils::time_travel_forward, - timing::{Timing, UNENDING}, - CryptoServer, HostIdentification, PeerPtr, PollResult, ProtocolVersion, -}; +use rosenpass::protocol::basic_types::{MsgBuf, SPk, SSk, SymKey}; +use rosenpass::protocol::testutils::time_travel_forward; +use rosenpass::protocol::timing::{Timing, UNENDING}; +use rosenpass::protocol::{CryptoServer, HostIdentification, PeerPtr, PollResult, ProtocolVersion}; // TODO: Most of the utility functions in here should probably be moved to // rosenpass::protocol::testutils; diff --git a/rp/src/exchange.rs b/rp/src/exchange.rs index e1e7544..e099b58 100644 --- a/rp/src/exchange.rs +++ b/rp/src/exchange.rs @@ -1,15 +1,15 @@ -use anyhow::Error; +use std::{ + future::Future, net::SocketAddr, ops::DerefMut, path::PathBuf, pin::Pin, process::Command, + sync::Arc, +}; + +use anyhow::{Error, Result}; use serde::Deserialize; -use std::future::Future; -use std::ops::DerefMut; -use std::pin::Pin; -use std::sync::Arc; -use std::{net::SocketAddr, path::PathBuf, process::Command}; + +use rosenpass::config::ProtocolVersion; #[cfg(any(target_os = "linux", target_os = "freebsd"))] use crate::key::WG_B64_LEN; -use anyhow::Result; -use rosenpass::config::ProtocolVersion; /// Used to define a peer for the rosenpass connection that consists of /// a directory for storing public keys and optionally an IP address and port of the endpoint,