gitea-mirror/rosenpass
1
0
Fork 0
mirror of https://github.com/rosenpass/rosenpass.git synced 2026-02-28 06:23:08 -08:00
Code Issues Packages Projects Releases Wiki Activity

style: apply rustfmt

Browse Source
This commit is contained in:
Aaron Kaiser
2024-02-06 15:51:18 +01:00
committed by Karolin Varner
parent a996b08279
commit fd8f2e4424
3 changed files with 30 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
rosenpass/src/lib.rs
View File

@@ -14,4 +14,3 @@ pub enum RosenpassError {
#[error("invalid message type")]
InvalidMessageType(u8),
}

17
rosenpass/src/msgs.rs
View File

@@ -9,15 +9,14 @@
//! To achieve this we utilize the zerocopy library.
use super::RosenpassError;
use std::mem::size_of;
use rosenpass_cipher_traits::Kem;
use rosenpass_ciphers::kem::{EphemeralKem, StaticKem};
use rosenpass_ciphers::{aead, xaead, KEY_LEN};
use std::mem::size_of;
use zerocopy::{AsBytes, FromBytes, FromZeroes};
// Macro magic ////////////////////////////////////////////////////////////////
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes)]
pub struct Envelope<M: AsBytes + FromBytes> {
@@ -30,8 +29,8 @@ pub struct Envelope<M: AsBytes + FromBytes> {
/// Message Authentication Code (mac) over all bytes until (exclusive)
/// `mac` itself
pub mac: [u8; 16],
/// Currently unused, TODO: do something with this
pub cookie: [u8; 16]
/// Currently unused, TODO: do something with this
pub cookie: [u8; 16],
}
#[repr(packed)]
@@ -76,7 +75,7 @@ pub struct InitConf {
/// Responders handshake state in encrypted form
pub biscuit: [u8; BISCUIT_CT_LEN],
/// Empty encrypted message (just an auth tag)
pub auth: [u8; aead::TAG_LEN]
pub auth: [u8; aead::TAG_LEN],
}
#[repr(packed)]
@@ -87,7 +86,7 @@ pub struct EmptyData {
/// Nonce
pub ctr: [u8; 8],
/// Empty encrypted message (just an auth tag)
pub auth: [u8; aead::TAG_LEN]
pub auth: [u8; aead::TAG_LEN],
}
#[repr(packed)]
@@ -98,19 +97,19 @@ pub struct Biscuit {
/// The biscuit number (replay protection)
pub biscuit_no: [u8; 12],
/// Chaining key
pub ck: [u8; KEY_LEN]
pub ck: [u8; KEY_LEN],
}
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes)]
pub struct DataMsg {
pub dummy: [u8; 4]
pub dummy: [u8; 4],
}
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes)]
pub struct CookieReply {
pub dummy: [u8; 4]
pub dummy: [u8; 4],
}
// Traits /////////////////////////////////////////////////////////////////////

64
rosenpass/src/protocol.rs
View File

@@ -70,7 +70,7 @@ use std::collections::hash_map::{
HashMap,
};
use std::convert::Infallible;
use std::mem::{size_of,offset_of};
use std::mem::{offset_of, size_of};
use anyhow::{bail, ensure, Context, Result};
@@ -90,7 +90,7 @@ use crate::{hash_domains, msgs::*, RosenpassError};
/// Size required to fit any message in binary form
pub const RTX_BUFFER_SIZE: usize = max_usize(
size_of::<Envelope<InitHello>>(),
size_of::<Envelope<InitConf>>()
size_of::<Envelope<InitConf>>(),
);
/// A type for time, e.g. for backoff before re-tries
@@ -795,26 +795,22 @@ impl CryptoServer {
let peer = match rx_buf[0].try_into() {
Ok(MsgType::InitHello) => {
let msg_in: Ref<&[u8], Envelope<InitHello>> = Ref::new(rx_buf).ok_or(RosenpassError::BufferSizeMismatch)?;
let msg_in: Ref<&[u8], Envelope<InitHello>> =
Ref::new(rx_buf).ok_or(RosenpassError::BufferSizeMismatch)?;
ensure!(msg_in.check_seal(self)?, seal_broken);
let mut msg_out = truncating_cast_into::<Envelope<RespHello>>(tx_buf)?;
let peer = self.handle_init_hello(
&msg_in.payload,
&mut msg_out.payload,
)?;
let peer = self.handle_init_hello(&msg_in.payload, &mut msg_out.payload)?;
len = self.seal_and_commit_msg(peer, MsgType::RespHello, &mut msg_out)?;
peer
}
Ok(MsgType::RespHello) => {
let msg_in: Ref<&[u8], Envelope<RespHello>> = Ref::new(rx_buf).ok_or(RosenpassError::BufferSizeMismatch)?;
let msg_in: Ref<&[u8], Envelope<RespHello>> =
Ref::new(rx_buf).ok_or(RosenpassError::BufferSizeMismatch)?;
ensure!(msg_in.check_seal(self)?, seal_broken);
let mut msg_out = truncating_cast_into::<Envelope<InitConf>>(tx_buf)?;
let peer = self.handle_resp_hello(
&msg_in.payload,
&mut msg_out.payload,
)?;
let peer = self.handle_resp_hello(&msg_in.payload, &mut msg_out.payload)?;
len = self.seal_and_commit_msg(peer, MsgType::InitConf, &mut msg_out)?;
peer.hs()
.store_msg_for_retransmission(self, &msg_out.as_bytes()[..len])?;
@@ -822,20 +818,19 @@ impl CryptoServer {
peer
}
Ok(MsgType::InitConf) => {
let msg_in: Ref<&[u8], Envelope<InitConf>> = Ref::new(rx_buf).ok_or(RosenpassError::BufferSizeMismatch)?;
let msg_in: Ref<&[u8], Envelope<InitConf>> =
Ref::new(rx_buf).ok_or(RosenpassError::BufferSizeMismatch)?;
ensure!(msg_in.check_seal(self)?, seal_broken);
let mut msg_out = truncating_cast_into::<Envelope<EmptyData>>(tx_buf)?;
let peer = self.handle_init_conf(
&msg_in.payload,
&mut msg_out.payload,
)?;
let peer = self.handle_init_conf(&msg_in.payload, &mut msg_out.payload)?;
len = self.seal_and_commit_msg(peer, MsgType::EmptyData, &mut msg_out)?;
exchanged = true;
peer
}
Ok(MsgType::EmptyData) => {
let msg_in: Ref<&[u8], Envelope<EmptyData>> = Ref::new(rx_buf).ok_or(RosenpassError::BufferSizeMismatch)?;
let msg_in: Ref<&[u8], Envelope<EmptyData>> =
Ref::new(rx_buf).ok_or(RosenpassError::BufferSizeMismatch)?;
ensure!(msg_in.check_seal(self)?, seal_broken);
self.handle_resp_conf(&msg_in.payload)?
@@ -1181,8 +1176,7 @@ where
let mac = hash_domains::mac()?
.mix(peer.get(srv).spkt.secret())?
.mix(&self.as_bytes()[..offset_of!(Self, mac)])?;
self.mac
.copy_from_slice(mac.into_value()[..16].as_ref());
self.mac.copy_from_slice(mac.into_value()[..16].as_ref());
Ok(())
}
}
@@ -1284,7 +1278,8 @@ impl HandshakeState {
biscuit_ct: &mut [u8],
) -> Result<&mut Self> {
let mut biscuit = Secret::<BISCUIT_PT_LEN>::zero(); // pt buffer
let mut biscuit: Ref<&mut [u8], Biscuit> = Ref::new(biscuit.secret_mut().as_mut_slice()).unwrap();
let mut biscuit: Ref<&mut [u8], Biscuit> =
Ref::new(biscuit.secret_mut().as_mut_slice()).unwrap();
// calculate pt contents
biscuit
@@ -1339,7 +1334,8 @@ impl HandshakeState {
// Allocate and decrypt the biscuit data
let mut biscuit = Secret::<BISCUIT_PT_LEN>::zero(); // pt buf
let mut biscuit: Ref<&mut [u8], Biscuit> = Ref::new(biscuit.secret_mut().as_mut_slice()).unwrap();
let mut biscuit: Ref<&mut [u8], Biscuit> =
Ref::new(biscuit.secret_mut().as_mut_slice()).unwrap();
xaead::decrypt(
biscuit.as_bytes_mut(),
bk.get(srv).key.secret(),
@@ -1414,11 +1410,7 @@ impl CryptoServer {
impl CryptoServer {
/// Implementation of the cryptographic protocol using the already
/// established primitives
pub fn handle_initiation(
&mut self,
peer: PeerPtr,
ih: &mut InitHello,
) -> Result<PeerPtr> {
pub fn handle_initiation(&mut self, peer: PeerPtr, ih: &mut InitHello) -> Result<PeerPtr> {
let mut hs = InitiatorHandshake::zero_with_timestamp(self);
// IHI1
@@ -1460,11 +1452,7 @@ impl CryptoServer {
Ok(peer)
}
pub fn handle_init_hello(
&mut self,
ih: &InitHello,
rh: &mut RespHello,
) -> Result<PeerPtr> {
pub fn handle_init_hello(&mut self, ih: &InitHello, rh: &mut RespHello) -> Result<PeerPtr> {
let mut core = HandshakeState::zero();
core.sidi = SessionId::from_slice(&ih.sidi);
@@ -1523,11 +1511,7 @@ impl CryptoServer {
Ok(peer)
}
pub fn handle_resp_hello(
&mut self,
rh: &RespHello,
ic: &mut InitConf,
) -> Result<PeerPtr> {
pub fn handle_resp_hello(&mut self, rh: &RespHello, ic: &mut InitConf) -> Result<PeerPtr> {
// RHI2
let peer = self
.lookup_handshake(SessionId::from_slice(&rh.sidi))
@@ -1619,11 +1603,7 @@ impl CryptoServer {
Ok(peer)
}
pub fn handle_init_conf(
&mut self,
ic: &InitConf,
rc: &mut EmptyData,
) -> Result<PeerPtr> {
pub fn handle_init_conf(&mut self, ic: &InitConf, rc: &mut EmptyData) -> Result<PeerPtr> {
// (peer, bn) ← LoadBiscuit(InitConf.biscuit)
// ICR1
let (peer, biscuit_no, mut core) = HandshakeState::load_biscuit(