From ca972e8b70c62ff7c07f495fcbd05c2f44ac2a81 Mon Sep 17 00:00:00 2001 From: Karolin Varner Date: Sat, 20 Jan 2024 13:43:34 +0100 Subject: [PATCH] feat: Remove libsodium --- Cargo.lock | 357 +--------------------- Cargo.toml | 3 - ciphers/Cargo.toml | 1 - constant-time/Cargo.toml | 1 + constant-time/src/lib.rs | 57 ++++ fuzz/Cargo.toml | 1 - fuzz/fuzz_targets/aead_enc_into.rs | 3 - fuzz/fuzz_targets/blake2b.rs | 4 +- fuzz/fuzz_targets/handle_msg.rs | 3 - rosenpass/Cargo.toml | 2 - rosenpass/benches/handshake.rs | 1 - rosenpass/src/main.rs | 10 +- rosenpass/src/protocol.rs | 29 +- secret-memory/Cargo.toml | 2 - sodium/Cargo.toml | 18 -- sodium/readme.md | 5 - sodium/src/aead/chacha20poly1305_ietf.rs | 63 ---- sodium/src/aead/mod.rs | 2 - sodium/src/aead/xchacha20poly1305_ietf.rs | 63 ---- sodium/src/hash/blake2b.rs | 31 -- sodium/src/hash/mod.rs | 1 - sodium/src/helpers.rs | 28 -- sodium/src/lib.rs | 20 -- 23 files changed, 76 insertions(+), 629 deletions(-) delete mode 100644 sodium/Cargo.toml delete mode 100644 sodium/readme.md delete mode 100644 sodium/src/aead/chacha20poly1305_ietf.rs delete mode 100644 sodium/src/aead/mod.rs delete mode 100644 sodium/src/aead/xchacha20poly1305_ietf.rs delete mode 100644 sodium/src/hash/blake2b.rs delete mode 100644 sodium/src/hash/mod.rs delete mode 100644 sodium/src/helpers.rs delete mode 100644 sodium/src/lib.rs diff --git a/Cargo.lock b/Cargo.lock index 48b8cd9..f53b0c2 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -17,12 +17,6 @@ version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" -[[package]] -name = "adler32" -version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aae1277d39aeec15cb388266ecc24b11c80469deae6067e17a1a7aa9e5c1f234" - [[package]] name = "aead" version = "0.5.2" @@ -34,18 +28,6 @@ dependencies = [ "heapless", ] -[[package]] -name = "ahash" -version = "0.8.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "91429305e9f0a25f6205c5b8e0d2db09e0708a7a6df0f42212bb56c32c8ac97a" -dependencies = [ - "cfg-if", - "once_cell", - "version_check", - "zerocopy", -] - [[package]] name = "aho-corasick" version = "1.1.2" @@ -443,15 +425,6 @@ version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7" -[[package]] -name = "core2" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b49ba7ef1ad6107f8824dbe97de947cbaac53c44e7f9756a1fba0d37c1eec505" -dependencies = [ - "memchr", -] - [[package]] name = "cpufeatures" version = "0.2.12" @@ -461,15 +434,6 @@ dependencies = [ "libc", ] -[[package]] -name = "crc32fast" -version = "1.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b540bd8bc810d3885c6ea91e2018302f68baba2129ab3e88f32389ee9370880d" -dependencies = [ - "cfg-if", -] - [[package]] name = "criterion" version = "0.4.0" @@ -555,12 +519,6 @@ dependencies = [ "typenum", ] -[[package]] -name = "dary_heap" -version = "0.3.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7762d17f1241643615821a8455a0b2c3e803784b058693d990b11f2dce25a0ca" - [[package]] name = "derive_arbitrary" version = "1.3.2" @@ -624,37 +582,6 @@ dependencies = [ "windows-sys 0.52.0", ] -[[package]] -name = "filetime" -version = "0.2.22" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4029edd3e734da6fe05b6cd7bd2960760a616bd2ddd0d59a0124746d6272af0" -dependencies = [ - "cfg-if", - "libc", - "redox_syscall", - "windows-sys 0.48.0", -] - -[[package]] -name = "flate2" -version = "1.0.28" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46303f565772937ffe1d394a4fac6f411c6013172fadde9dcdb1e147a086940e" -dependencies = [ - "crc32fast", - "miniz_oxide", -] - -[[package]] -name = "form_urlencoded" -version = "1.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e13624c2627564efccf4934284bdd98cbaa14e79b0b5a141218e507b3a823456" -dependencies = [ - "percent-encoding", -] - [[package]] name = "generic-array" version = "0.14.7" @@ -709,15 +636,6 @@ version = "0.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" -[[package]] -name = "hashbrown" -version = "0.13.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "43a3c133739dddd0d2990f9a4bdf8eb4b21ef50e4851ca85ab661199821d510e" -dependencies = [ - "ahash", -] - [[package]] name = "hashbrown" version = "0.14.3" @@ -773,16 +691,6 @@ version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" -[[package]] -name = "idna" -version = "0.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "634d9b1461af396cad843f47fdba5597a4f9e6ddd4bfb6ff5d85028c25cb12f6" -dependencies = [ - "unicode-bidi", - "unicode-normalization", -] - [[package]] name = "indexmap" version = "1.9.3" @@ -874,30 +782,6 @@ version = "0.2.150" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "89d92a4743f9a61002fae18374ed11e7973f530cb3a3255fb354818118b2203c" -[[package]] -name = "libflate" -version = "2.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f7d5654ae1795afc7ff76f4365c2c8791b0feb18e8996a96adad8ffd7c3b2bf" -dependencies = [ - "adler32", - "core2", - "crc32fast", - "dary_heap", - "libflate_lz77", -] - -[[package]] -name = "libflate_lz77" -version = "2.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "be5f52fb8c451576ec6b79d3f4deb327398bc05bbdbd99021a6e77a4c855d524" -dependencies = [ - "core2", - "hashbrown 0.13.2", - "rle-decode-fast", -] - [[package]] name = "libfuzzer-sys" version = "0.4.7" @@ -919,23 +803,6 @@ dependencies = [ "winapi", ] -[[package]] -name = "libsodium-sys-stable" -version = "1.20.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d1d164bc6f9139c5f95efb4f0be931b2bd5a9edf7e4e3c945d26b95ab8fa669b" -dependencies = [ - "cc", - "libc", - "libflate", - "minisign-verify", - "pkg-config", - "tar", - "ureq", - "vcpkg", - "zip", -] - [[package]] name = "linux-raw-sys" version = "0.4.12" @@ -990,12 +857,6 @@ version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" -[[package]] -name = "minisign-verify" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "933dca44d65cdd53b355d0b73d380a2ff5da71f87f036053188bf1eab6a19881" - [[package]] name = "miniz_oxide" version = "0.7.1" @@ -1093,18 +954,6 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" -[[package]] -name = "percent-encoding" -version = "2.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" - -[[package]] -name = "pkg-config" -version = "0.3.27" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" - [[package]] name = "plotters" version = "0.3.5" @@ -1237,15 +1086,6 @@ dependencies = [ "crossbeam-utils", ] -[[package]] -name = "redox_syscall" -version = "0.3.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "567664f262709473930a4bf9e51bf2ebf3348f2e748ccc50dea20646858f8f29" -dependencies = [ - "bitflags 1.3.2", -] - [[package]] name = "regex" version = "1.10.2" @@ -1275,26 +1115,6 @@ version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f" -[[package]] -name = "ring" -version = "0.17.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "684d5e6e18f669ccebf64a92236bb7db9a34f07be010e3627368182027180866" -dependencies = [ - "cc", - "getrandom", - "libc", - "spin", - "untrusted", - "windows-sys 0.48.0", -] - -[[package]] -name = "rle-decode-fast" -version = "1.0.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3582f63211428f83597b51b2ddb88e2a91a9d52d12831f9d08f5e624e8977422" - [[package]] name = "rosenpass" version = "0.2.1" @@ -1303,7 +1123,6 @@ dependencies = [ "clap 4.4.10", "criterion", "env_logger", - "libsodium-sys-stable", "log", "memoffset", "mio", @@ -1314,7 +1133,6 @@ dependencies = [ "rosenpass-constant-time", "rosenpass-lenses", "rosenpass-secret-memory", - "rosenpass-sodium", "rosenpass-to", "rosenpass-util", "serde", @@ -1339,7 +1157,6 @@ dependencies = [ "rosenpass-constant-time", "rosenpass-oqs", "rosenpass-secret-memory", - "rosenpass-sodium", "rosenpass-to", "rosenpass-util", "static_assertions", @@ -1350,6 +1167,7 @@ dependencies = [ name = "rosenpass-constant-time" version = "0.1.0" dependencies = [ + "memsec", "rosenpass-to", ] @@ -1363,7 +1181,6 @@ dependencies = [ "rosenpass-cipher-traits", "rosenpass-ciphers", "rosenpass-secret-memory", - "rosenpass-sodium", "rosenpass-to", "stacker", ] @@ -1393,28 +1210,14 @@ dependencies = [ "allocator-api2", "allocator-api2-tests", "anyhow", - "libsodium-sys-stable", "log", "memsec", "rand", - "rosenpass-sodium", "rosenpass-to", "rosenpass-util", "zeroize", ] -[[package]] -name = "rosenpass-sodium" -version = "0.1.0" -dependencies = [ - "allocator-api2", - "anyhow", - "libsodium-sys-stable", - "log", - "rosenpass-to", - "rosenpass-util", -] - [[package]] name = "rosenpass-to" version = "0.1.0" @@ -1466,28 +1269,6 @@ dependencies = [ "windows-sys 0.52.0", ] -[[package]] -name = "rustls" -version = "0.21.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "629648aced5775d558af50b2b4c7b02983a04b312126d45eeead26e7caa498b9" -dependencies = [ - "log", - "ring", - "rustls-webpki", - "sct", -] - -[[package]] -name = "rustls-webpki" -version = "0.101.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b6275d1ee7a1cd780b64aca7726599a1dbc893b1e64144529e55c3c2f745765" -dependencies = [ - "ring", - "untrusted", -] - [[package]] name = "ryu" version = "1.0.15" @@ -1509,16 +1290,6 @@ version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" -[[package]] -name = "sct" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da046153aa2352493d6cb7da4b6e5c0c057d8a1d0a9aa8560baffdd945acd414" -dependencies = [ - "ring", - "untrusted", -] - [[package]] name = "semver" version = "1.0.21" @@ -1628,17 +1399,6 @@ dependencies = [ "unicode-ident", ] -[[package]] -name = "tar" -version = "0.4.40" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b16afcea1f22891c49a00c751c7b63b2233284064f11a200fc624137c51e2ddb" -dependencies = [ - "filetime", - "libc", - "xattr", -] - [[package]] name = "termcolor" version = "1.4.0" @@ -1690,21 +1450,6 @@ dependencies = [ "serde_json", ] -[[package]] -name = "tinyvec" -version = "1.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87cc5ceb3875bb20c2890005a4e226a4651264a5c75edb2421b52861a0a0cb50" -dependencies = [ - "tinyvec_macros", -] - -[[package]] -name = "tinyvec_macros" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" - [[package]] name = "toml" version = "0.7.8" @@ -1745,27 +1490,12 @@ version = "1.17.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825" -[[package]] -name = "unicode-bidi" -version = "0.3.13" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "92888ba5573ff080736b3648696b70cafad7d250551175acbaa4e0385b3e1460" - [[package]] name = "unicode-ident" version = "1.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" -[[package]] -name = "unicode-normalization" -version = "0.1.22" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c5713f0fc4b5db668a2ac63cdb7bb4469d8c9fed047b1d0292cc7b0ce2ba921" -dependencies = [ - "tinyvec", -] - [[package]] name = "universal-hash" version = "0.5.1" @@ -1776,50 +1506,12 @@ dependencies = [ "subtle", ] -[[package]] -name = "untrusted" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" - -[[package]] -name = "ureq" -version = "2.9.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8cdd25c339e200129fe4de81451814e5228c9b771d57378817d6117cc2b3f97" -dependencies = [ - "base64", - "log", - "once_cell", - "rustls", - "rustls-webpki", - "url", - "webpki-roots", -] - -[[package]] -name = "url" -version = "2.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "31e6302e3bb753d46e83516cae55ae196fc0c309407cf11ab35cc51a4c2a4633" -dependencies = [ - "form_urlencoded", - "idna", - "percent-encoding", -] - [[package]] name = "utf8parse" version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a" -[[package]] -name = "vcpkg" -version = "0.2.15" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" - [[package]] name = "version_check" version = "0.9.4" @@ -1906,12 +1598,6 @@ dependencies = [ "wasm-bindgen", ] -[[package]] -name = "webpki-roots" -version = "0.25.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1778a42e8b3b90bff8d0f5032bf22250792889a5cdc752aa0020c84abe3aaf10" - [[package]] name = "which" version = "4.4.2" @@ -2162,49 +1848,8 @@ dependencies = [ "memchr", ] -[[package]] -name = "xattr" -version = "1.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4686009f71ff3e5c4dbcf1a282d0a44db3f021ba69350cd42086b3e5f1c6985" -dependencies = [ - "libc", -] - -[[package]] -name = "zerocopy" -version = "0.7.25" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8cd369a67c0edfef15010f980c3cbe45d7f651deac2cd67ce097cd801de16557" -dependencies = [ - "zerocopy-derive", -] - -[[package]] -name = "zerocopy-derive" -version = "0.7.25" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2f140bda219a26ccc0cdb03dba58af72590c53b22642577d88a927bc5c87d6b" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - [[package]] name = "zeroize" version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "525b4ec142c6b68a2d10f01f7bbf6755599ca3f81ea53b8431b7dd348f5fdb2d" - -[[package]] -name = "zip" -version = "0.6.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "760394e246e4c28189f19d488c058bf16f564016aefac5d32bb1f3b51d5e9261" -dependencies = [ - "byteorder", - "crc32fast", - "crossbeam-utils", - "flate2", -] diff --git a/Cargo.toml b/Cargo.toml index 7bb09ed..35d7386 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -7,7 +7,6 @@ members = [ "ciphers", "util", "constant-time", - "sodium", "oqs", "to", "fuzz", @@ -27,7 +26,6 @@ tag-prefix = "" rosenpass = { path = "rosenpass" } rosenpass-util = { path = "util" } rosenpass-constant-time = { path = "constant-time" } -rosenpass-sodium = { path = "sodium" } rosenpass-cipher-traits = { path = "cipher-traits" } rosenpass-ciphers = { path = "ciphers" } rosenpass-to = { path = "to" } @@ -58,7 +56,6 @@ serde = { version = "1.0.193", features = ["derive"] } arbitrary = { version = "1.3.2", features = ["derive"] } anyhow = { version = "1.0.75", features = ["backtrace", "std"] } mio = { version = "0.8.9", features = ["net", "os-poll"] } -libsodium-sys-stable= { version = "1.20.4", features = ["use-pkg-config"] } oqs-sys = { version = "0.8", default-features = false, features = ['classic_mceliece', 'kyber'] } blake2 = "0.10.6" chacha20poly1305 = { version = "0.10.1", default-features = false, features = [ "std", "heapless" ] } diff --git a/ciphers/Cargo.toml b/ciphers/Cargo.toml index f7abd52..5475042 100644 --- a/ciphers/Cargo.toml +++ b/ciphers/Cargo.toml @@ -11,7 +11,6 @@ readme = "readme.md" [dependencies] anyhow = { workspace = true } -rosenpass-sodium = { workspace = true } rosenpass-to = { workspace = true } rosenpass-constant-time = { workspace = true } rosenpass-secret-memory = { workspace = true } diff --git a/constant-time/Cargo.toml b/constant-time/Cargo.toml index 46de621..497f0f4 100644 --- a/constant-time/Cargo.toml +++ b/constant-time/Cargo.toml @@ -13,3 +13,4 @@ readme = "readme.md" [dependencies] rosenpass-to = { workspace = true } +memsec = { workspace = true } diff --git a/constant-time/src/lib.rs b/constant-time/src/lib.rs index 20b08da..319c91b 100644 --- a/constant-time/src/lib.rs +++ b/constant-time/src/lib.rs @@ -26,3 +26,60 @@ pub fn xor(src: &[u8]) -> impl To<[u8], ()> + '_ { } }) } + +#[inline] +pub fn memcmp(a: &[u8], b: &[u8]) -> bool { + a.len() == b.len() + && unsafe { + memsec::memeq( + a.as_ptr() as *const u8, + b.as_ptr() as *const u8, + a.len(), + ) + } +} + +#[inline] +pub fn compare(a: &[u8], b: &[u8]) -> i32 { + assert!(a.len() == b.len()); + unsafe { memsec::memcmp(a.as_ptr(), b.as_ptr(), a.len()) } +} + +/// Interpret the given slice as a little-endian unsigned integer +/// and increment that integer. +/// +/// # Examples +/// +/// ``` +/// use rosenpass_constant_time::increment as inc; +/// use rosenpass_to::To; +/// +/// fn testcase(v: &[u8], correct: &[u8]) { +/// let mut v = v.to_owned(); +/// inc(&mut v); +/// assert_eq!(&v, correct); +/// } +/// +/// testcase(b"", b""); +/// testcase(b"\x00", b"\x01"); +/// testcase(b"\x01", b"\x02"); +/// testcase(b"\xfe", b"\xff"); +/// testcase(b"\xff", b"\x00"); +/// testcase(b"\x00\x00", b"\x01\x00"); +/// testcase(b"\x01\x00", b"\x02\x00"); +/// testcase(b"\xfe\x00", b"\xff\x00"); +/// testcase(b"\xff\x00", b"\x00\x01"); +/// testcase(b"\x00\x00\x00\x00\x00\x00", b"\x01\x00\x00\x00\x00\x00"); +/// testcase(b"\x00\xa3\x00\x77\x00\x00", b"\x01\xa3\x00\x77\x00\x00"); +/// testcase(b"\xff\xa3\x00\x77\x00\x00", b"\x00\xa4\x00\x77\x00\x00"); +/// testcase(b"\xff\xff\xff\x77\x00\x00", b"\x00\x00\x00\x78\x00\x00"); +/// ``` +#[inline] +pub fn increment(v: &mut [u8]) { + let mut carry = 1u8; + for val in v.iter_mut() { + let (v, c) = black_box(*val).overflowing_add(black_box(carry)); + *black_box(val) = v; + *black_box(&mut carry) = black_box(black_box(c) as u8); + } +} diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml index 0e26f23..e00d010 100644 --- a/fuzz/Cargo.toml +++ b/fuzz/Cargo.toml @@ -12,7 +12,6 @@ arbitrary = { workspace = true } libfuzzer-sys = { workspace = true } stacker = { workspace = true } rosenpass-secret-memory = { workspace = true } -rosenpass-sodium = { workspace = true } rosenpass-ciphers = { workspace = true } rosenpass-cipher-traits = { workspace = true } rosenpass-to = { workspace = true } diff --git a/fuzz/fuzz_targets/aead_enc_into.rs b/fuzz/fuzz_targets/aead_enc_into.rs index d90d52b..19f0bc4 100644 --- a/fuzz/fuzz_targets/aead_enc_into.rs +++ b/fuzz/fuzz_targets/aead_enc_into.rs @@ -5,7 +5,6 @@ extern crate rosenpass; use libfuzzer_sys::fuzz_target; use rosenpass_ciphers::aead; -use rosenpass_sodium::init as sodium_init; #[derive(arbitrary::Arbitrary, Debug)] pub struct Input { @@ -16,8 +15,6 @@ pub struct Input { } fuzz_target!(|input: Input| { - sodium_init().unwrap(); - let mut ciphertext: Vec = Vec::with_capacity(input.plaintext.len() + 16); ciphertext.resize(input.plaintext.len() + 16, 0); diff --git a/fuzz/fuzz_targets/blake2b.rs b/fuzz/fuzz_targets/blake2b.rs index 807c1a6..f4349b0 100644 --- a/fuzz/fuzz_targets/blake2b.rs +++ b/fuzz/fuzz_targets/blake2b.rs @@ -4,7 +4,7 @@ extern crate rosenpass; use libfuzzer_sys::fuzz_target; -use rosenpass_sodium::{hash::blake2b, init as sodium_init}; +use rosenpass_ciphers::subtle::blake2b; use rosenpass_to::To; #[derive(arbitrary::Arbitrary, Debug)] @@ -14,8 +14,6 @@ pub struct Blake2b { } fuzz_target!(|input: Blake2b| { - sodium_init().unwrap(); - let mut out = [0u8; 32]; blake2b::hash(&input.key, &input.data).to(&mut out).unwrap(); diff --git a/fuzz/fuzz_targets/handle_msg.rs b/fuzz/fuzz_targets/handle_msg.rs index 83d3533..21473ac 100644 --- a/fuzz/fuzz_targets/handle_msg.rs +++ b/fuzz/fuzz_targets/handle_msg.rs @@ -5,11 +5,8 @@ use libfuzzer_sys::fuzz_target; use rosenpass::protocol::CryptoServer; use rosenpass_secret_memory::Secret; -use rosenpass_sodium::init as sodium_init; fuzz_target!(|rx_buf: &[u8]| { - sodium_init().unwrap(); - let sk = Secret::from_slice(&[0; 13568]); let pk = Secret::from_slice(&[0; 524160]); diff --git a/rosenpass/Cargo.toml b/rosenpass/Cargo.toml index 2cad94d..e906433 100644 --- a/rosenpass/Cargo.toml +++ b/rosenpass/Cargo.toml @@ -16,7 +16,6 @@ harness = false [dependencies] rosenpass-util = { workspace = true } rosenpass-constant-time = { workspace = true } -rosenpass-sodium = { workspace = true } rosenpass-ciphers = { workspace = true } rosenpass-cipher-traits = { workspace = true } rosenpass-to = { workspace = true } @@ -25,7 +24,6 @@ rosenpass-lenses = { workspace = true } anyhow = { workspace = true } static_assertions = { workspace = true } memoffset = { workspace = true } -libsodium-sys-stable = { workspace = true } thiserror = { workspace = true } paste = { workspace = true } log = { workspace = true } diff --git a/rosenpass/benches/handshake.rs b/rosenpass/benches/handshake.rs index e276a9d..cb01fea 100644 --- a/rosenpass/benches/handshake.rs +++ b/rosenpass/benches/handshake.rs @@ -56,7 +56,6 @@ fn make_server_pair() -> Result<(CryptoServer, CryptoServer)> { } fn criterion_benchmark(c: &mut Criterion) { - rosenpass_sodium::init().unwrap(); let (mut a, mut b) = make_server_pair().unwrap(); c.bench_function("cca_secret_alloc", |bench| { bench.iter(|| { diff --git a/rosenpass/src/main.rs b/rosenpass/src/main.rs index e4db49e..a077fc1 100644 --- a/rosenpass/src/main.rs +++ b/rosenpass/src/main.rs @@ -1,19 +1,13 @@ use log::error; -use rosenpass::cli::Cli; -use rosenpass_util::attempt; use std::process::exit; +use rosenpass::cli::Cli; /// Catches errors, prints them through the logger, then exits pub fn main() { // default to displaying warning and error log messages only env_logger::Builder::from_env(env_logger::Env::default().default_filter_or("warn")).init(); - let res = attempt!({ - rosenpass_sodium::init()?; - Cli::run() - }); - - match res { + match Cli::run() { Ok(_) => {} Err(e) => { error!("{e}"); diff --git a/rosenpass/src/protocol.rs b/rosenpass/src/protocol.rs index 9605d00..9b381f3 100644 --- a/rosenpass/src/protocol.rs +++ b/rosenpass/src/protocol.rs @@ -26,9 +26,6 @@ //! }; //! # fn main() -> anyhow::Result<()> { //! -//! // always initialize libsodium before anything -//! rosenpass_sodium::init()?; -//! //! // initialize secret and public key for peer a ... //! let (mut peer_a_sk, mut peer_a_pk) = (SSk::zero(), SPk::zero()); //! StaticKem::keygen(peer_a_sk.secret_mut(), peer_a_pk.secret_mut())?; @@ -68,8 +65,14 @@ //! # } //! ``` -use crate::{hash_domains, msgs::*}; +use std::collections::hash_map::{ + Entry::{Occupied, Vacant}, + HashMap, +}; +use std::convert::Infallible; + use anyhow::{bail, ensure, Context, Result}; + use rosenpass_cipher_traits::Kem; use rosenpass_ciphers::hash_domain::{SecretHashDomain, SecretHashDomainNamespace}; use rosenpass_ciphers::kem::{EphemeralKem, StaticKem}; @@ -77,11 +80,9 @@ use rosenpass_ciphers::{aead, xaead, KEY_LEN}; use rosenpass_lenses::LenseView; use rosenpass_secret_memory::{Public, Secret}; use rosenpass_util::{cat, mem::cpy_min, ord::max_usize, time::Timebase}; -use std::collections::hash_map::{ - Entry::{Occupied, Vacant}, - HashMap, -}; -use std::convert::Infallible; +use rosenpass_constant_time as constant_time; + +use crate::{hash_domains, msgs::*}; // CONSTANTS & SETTINGS ////////////////////////// @@ -1193,7 +1194,7 @@ where let expected = hash_domains::mac()? .mix(srv.spkm.secret())? .mix(self.until_mac())?; - Ok(rosenpass_sodium::helpers::memcmp( + Ok(constant_time::memcmp( self.mac(), &expected.into_value()[..16], )) @@ -1300,7 +1301,7 @@ impl HandshakeState { .into_value(); // consume biscuit no - rosenpass_sodium::helpers::increment(&mut *srv.biscuit_ctr); + constant_time::increment(&mut *srv.biscuit_ctr); // The first bit of the nonce indicates which biscuit key was used // TODO: This is premature optimization. Remove! @@ -1363,7 +1364,7 @@ impl HandshakeState { // indicates retransmission // TODO: Handle retransmissions without involving the crypto code ensure!( - rosenpass_sodium::helpers::compare(biscuit.biscuit_no(), &*peer.get(srv).biscuit_used) + constant_time::compare(biscuit.biscuit_no(), &*peer.get(srv).biscuit_used) >= 0, "Rejecting biscuit: Outdated biscuit number" ); @@ -1641,7 +1642,7 @@ impl CryptoServer { core.decrypt_and_mix(&mut [0u8; 0], ic.auth())?; // ICR5 - if rosenpass_sodium::helpers::compare(&*biscuit_no, &*peer.get(self).biscuit_used) > 0 { + if constant_time::compare(&*biscuit_no, &*peer.get(self).biscuit_used) > 0 { // ICR6 peer.get_mut(self).biscuit_used = biscuit_no; @@ -1757,8 +1758,6 @@ mod test { /// Through all this, the handshake should still successfully terminate; /// i.e. an exchanged key must be produced in both servers. fn handles_incorrect_size_messages() { - rosenpass_sodium::init().unwrap(); - stacker::grow(8 * 1024 * 1024, || { const OVERSIZED_MESSAGE: usize = ((MAX_MESSAGE_LEN as f32) * 1.2) as usize; type MsgBufPlus = Public; diff --git a/secret-memory/Cargo.toml b/secret-memory/Cargo.toml index 3f56f3d..a89f9d1 100644 --- a/secret-memory/Cargo.toml +++ b/secret-memory/Cargo.toml @@ -12,9 +12,7 @@ readme = "readme.md" [dependencies] anyhow = { workspace = true } rosenpass-to = { workspace = true } -rosenpass-sodium = { workspace = true } rosenpass-util = { workspace = true } -libsodium-sys-stable = { workspace = true } zeroize = { workspace = true } rand = { workspace = true } memsec = { workspace = true } diff --git a/sodium/Cargo.toml b/sodium/Cargo.toml deleted file mode 100644 index 1476132..0000000 --- a/sodium/Cargo.toml +++ /dev/null @@ -1,18 +0,0 @@ -[package] -name = "rosenpass-sodium" -authors = ["Karolin Varner ", "wucke13 "] -version = "0.1.0" -edition = "2021" -license = "MIT OR Apache-2.0" -description = "Rosenpass internal bindings to libsodium" -homepage = "https://rosenpass.eu/" -repository = "https://github.com/rosenpass/rosenpass" -readme = "readme.md" - -[dependencies] -rosenpass-util = { workspace = true } -rosenpass-to = { workspace = true } -anyhow = { workspace = true } -libsodium-sys-stable = { workspace = true } -log = { workspace = true } -allocator-api2 = { workspace = true } diff --git a/sodium/readme.md b/sodium/readme.md deleted file mode 100644 index 0ddad45..0000000 --- a/sodium/readme.md +++ /dev/null @@ -1,5 +0,0 @@ -# Rosenpass internal libsodium bindings - -Rosenpass internal library providing bindings to libsodium. - -This is an internal library; not guarantee is made about its API at this point in time. diff --git a/sodium/src/aead/chacha20poly1305_ietf.rs b/sodium/src/aead/chacha20poly1305_ietf.rs deleted file mode 100644 index 7f35f6c..0000000 --- a/sodium/src/aead/chacha20poly1305_ietf.rs +++ /dev/null @@ -1,63 +0,0 @@ -use libsodium_sys as libsodium; -use std::ffi::c_ulonglong; -use std::ptr::{null, null_mut}; - -pub const KEY_LEN: usize = libsodium::crypto_aead_chacha20poly1305_IETF_KEYBYTES as usize; -pub const TAG_LEN: usize = libsodium::crypto_aead_chacha20poly1305_IETF_ABYTES as usize; -pub const NONCE_LEN: usize = libsodium::crypto_aead_chacha20poly1305_IETF_NPUBBYTES as usize; - -#[inline] -pub fn encrypt( - ciphertext: &mut [u8], - key: &[u8], - nonce: &[u8], - ad: &[u8], - plaintext: &[u8], -) -> anyhow::Result<()> { - assert!(ciphertext.len() == plaintext.len() + TAG_LEN); - assert!(key.len() == KEY_LEN); - assert!(nonce.len() == NONCE_LEN); - let mut clen: u64 = 0; - sodium_call!( - crypto_aead_chacha20poly1305_ietf_encrypt, - ciphertext.as_mut_ptr(), - &mut clen, - plaintext.as_ptr(), - plaintext.len() as c_ulonglong, - ad.as_ptr(), - ad.len() as c_ulonglong, - null(), // nsec is not used - nonce.as_ptr(), - key.as_ptr() - )?; - assert!(clen as usize == ciphertext.len()); - Ok(()) -} - -#[inline] -pub fn decrypt( - plaintext: &mut [u8], - key: &[u8], - nonce: &[u8], - ad: &[u8], - ciphertext: &[u8], -) -> anyhow::Result<()> { - assert!(ciphertext.len() == plaintext.len() + TAG_LEN); - assert!(key.len() == KEY_LEN); - assert!(nonce.len() == NONCE_LEN); - let mut mlen: u64 = 0; - sodium_call!( - crypto_aead_chacha20poly1305_ietf_decrypt, - plaintext.as_mut_ptr(), - &mut mlen as *mut c_ulonglong, - null_mut(), // nsec is not used - ciphertext.as_ptr(), - ciphertext.len() as c_ulonglong, - ad.as_ptr(), - ad.len() as c_ulonglong, - nonce.as_ptr(), - key.as_ptr() - )?; - assert!(mlen as usize == plaintext.len()); - Ok(()) -} diff --git a/sodium/src/aead/mod.rs b/sodium/src/aead/mod.rs deleted file mode 100644 index 0f10c84..0000000 --- a/sodium/src/aead/mod.rs +++ /dev/null @@ -1,2 +0,0 @@ -pub mod chacha20poly1305_ietf; -pub mod xchacha20poly1305_ietf; diff --git a/sodium/src/aead/xchacha20poly1305_ietf.rs b/sodium/src/aead/xchacha20poly1305_ietf.rs deleted file mode 100644 index a5d86c2..0000000 --- a/sodium/src/aead/xchacha20poly1305_ietf.rs +++ /dev/null @@ -1,63 +0,0 @@ -use libsodium_sys as libsodium; -use std::ffi::c_ulonglong; -use std::ptr::{null, null_mut}; - -pub const KEY_LEN: usize = libsodium::crypto_aead_xchacha20poly1305_IETF_KEYBYTES as usize; -pub const TAG_LEN: usize = libsodium::crypto_aead_xchacha20poly1305_ietf_ABYTES as usize; -pub const NONCE_LEN: usize = libsodium::crypto_aead_xchacha20poly1305_IETF_NPUBBYTES as usize; - -#[inline] -pub fn encrypt( - ciphertext: &mut [u8], - key: &[u8], - nonce: &[u8], - ad: &[u8], - plaintext: &[u8], -) -> anyhow::Result<()> { - assert!(ciphertext.len() == plaintext.len() + NONCE_LEN + TAG_LEN); - assert!(key.len() == libsodium::crypto_aead_xchacha20poly1305_IETF_KEYBYTES as usize); - let (n, ct) = ciphertext.split_at_mut(NONCE_LEN); - n.copy_from_slice(nonce); - let mut clen: u64 = 0; - sodium_call!( - crypto_aead_xchacha20poly1305_ietf_encrypt, - ct.as_mut_ptr(), - &mut clen, - plaintext.as_ptr(), - plaintext.len() as c_ulonglong, - ad.as_ptr(), - ad.len() as c_ulonglong, - null(), // nsec is not used - nonce.as_ptr(), - key.as_ptr() - )?; - assert!(clen as usize == ct.len()); - Ok(()) -} - -#[inline] -pub fn decrypt( - plaintext: &mut [u8], - key: &[u8], - ad: &[u8], - ciphertext: &[u8], -) -> anyhow::Result<()> { - assert!(ciphertext.len() == plaintext.len() + NONCE_LEN + TAG_LEN); - assert!(key.len() == KEY_LEN); - let (n, ct) = ciphertext.split_at(NONCE_LEN); - let mut mlen: u64 = 0; - sodium_call!( - crypto_aead_xchacha20poly1305_ietf_decrypt, - plaintext.as_mut_ptr(), - &mut mlen as *mut c_ulonglong, - null_mut(), // nsec is not used - ct.as_ptr(), - ct.len() as c_ulonglong, - ad.as_ptr(), - ad.len() as c_ulonglong, - n.as_ptr(), - key.as_ptr() - )?; - assert!(mlen as usize == plaintext.len()); - Ok(()) -} diff --git a/sodium/src/hash/blake2b.rs b/sodium/src/hash/blake2b.rs deleted file mode 100644 index e2f2fe3..0000000 --- a/sodium/src/hash/blake2b.rs +++ /dev/null @@ -1,31 +0,0 @@ -use libsodium_sys as libsodium; -use rosenpass_to::{with_destination, To}; -use std::ffi::c_ulonglong; -use std::ptr::null; - -pub const KEY_MIN: usize = libsodium::crypto_generichash_blake2b_KEYBYTES_MIN as usize; -pub const KEY_MAX: usize = libsodium::crypto_generichash_blake2b_KEYBYTES_MAX as usize; -pub const OUT_MIN: usize = libsodium::crypto_generichash_blake2b_BYTES_MIN as usize; -pub const OUT_MAX: usize = libsodium::crypto_generichash_blake2b_BYTES_MAX as usize; - -#[inline] -pub fn hash<'a>(key: &'a [u8], data: &'a [u8]) -> impl To<[u8], anyhow::Result<()>> + 'a { - with_destination(|out: &mut [u8]| { - assert!(key.is_empty() || (KEY_MIN <= key.len() && key.len() <= KEY_MAX)); - assert!(OUT_MIN <= out.len() && out.len() <= OUT_MAX); - let kptr = match key.len() { - // NULL key - 0 => null(), - _ => key.as_ptr(), - }; - sodium_call!( - crypto_generichash_blake2b, - out.as_mut_ptr(), - out.len(), - data.as_ptr(), - data.len() as c_ulonglong, - kptr, - key.len() - ) - }) -} diff --git a/sodium/src/hash/mod.rs b/sodium/src/hash/mod.rs deleted file mode 100644 index 52d9d26..0000000 --- a/sodium/src/hash/mod.rs +++ /dev/null @@ -1 +0,0 @@ -pub mod blake2b; diff --git a/sodium/src/helpers.rs b/sodium/src/helpers.rs deleted file mode 100644 index a64f95b..0000000 --- a/sodium/src/helpers.rs +++ /dev/null @@ -1,28 +0,0 @@ -use libsodium_sys as libsodium; -use std::os::raw::c_void; - -#[inline] -pub fn memcmp(a: &[u8], b: &[u8]) -> bool { - a.len() == b.len() - && unsafe { - let r = libsodium::sodium_memcmp( - a.as_ptr() as *const c_void, - b.as_ptr() as *const c_void, - a.len(), - ); - r == 0 - } -} - -#[inline] -pub fn compare(a: &[u8], b: &[u8]) -> i32 { - assert!(a.len() == b.len()); - unsafe { libsodium::sodium_compare(a.as_ptr(), b.as_ptr(), a.len()) } -} - -#[inline] -pub fn increment(v: &mut [u8]) { - unsafe { - libsodium::sodium_increment(v.as_mut_ptr(), v.len()); - } -} diff --git a/sodium/src/lib.rs b/sodium/src/lib.rs deleted file mode 100644 index 606bbd0..0000000 --- a/sodium/src/lib.rs +++ /dev/null @@ -1,20 +0,0 @@ -use libsodium_sys as libsodium; - -macro_rules! sodium_call { - ($name:ident, $($args:expr),*) => { ::rosenpass_util::attempt!({ - anyhow::ensure!(unsafe{libsodium::$name($($args),*)} > -1, - "Error in libsodium's {}.", stringify!($name)); - Ok(()) - })}; - ($name:ident) => { sodium_call!($name, ) }; -} - -#[inline] -pub fn init() -> anyhow::Result<()> { - log::trace!("initializing libsodium"); - sodium_call!(sodium_init) -} - -pub mod aead; -pub mod hash; -pub mod helpers;