gitea-mirror/rosenpass
1
0
Fork 0
mirror of https://github.com/rosenpass/rosenpass.git synced 2025-12-05 20:40:02 -08:00
Code Issues Packages Projects Releases Wiki Activity
1,187 Commits 60 Branches 19 Tags
main
Commit Graph

238 Commits

Author SHA1 Message Date
wucke13
55ab57a1d0 fix: remove TODO via update of assert_tv 
Before the fix from https://github.com/aminfa/assert_tv/issues/1,
`assert_tv` wouldn't pass through `#[cfg_attr(miri, ignore)]`. Now that
it is fixed, this works, thus we have one less miri test case failing.

Signed-off-by: wucke13 <wucke13+github@gmail.com>
 2025-09-05 16:22:02 +02:00
Karolin Varner
3c6a3a3735 fix: Upgrade stacker 
Potentially fixes issues with flaky tests using stacker.
 2025-09-05 16:12:11 +02:00
Amin Faez
223fbd551f feat: Derandomize the rosenpass protocol by adding testvectors 
- Introduced a new module `test_vector_sets.rs` containing test vector definitions for deterministic protocol testing.
- Added a new test file `test_vector_crypto_server.rs` to validate the protocol implementation using captured internal randomness.
- Added serialization and deserialization of `Secret`, `Public`, and `PublicBox` types in `serialization.rs`.
- Added necessary dependencies in `Cargo.toml` for test vectors: assert_tv, serde and base64
- Updated audit records in `audits.toml` and `imports.lock` for new dependencies.
 2025-08-28 11:41:58 +02:00
dependabot[bot]
5b8760cb46 chore(deps): bump libfuzzer-sys from 0.4.9 to 0.4.10 
Bumps [libfuzzer-sys](https://github.com/rust-fuzz/libfuzzer) from 0.4.9 to 0.4.10.
- [Changelog](https://github.com/rust-fuzz/libfuzzer/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-fuzz/libfuzzer/compare/0.4.9...0.4.10)

---
updated-dependencies:
- dependency-name: libfuzzer-sys
  dependency-version: 0.4.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-08 23:13:08 +00:00
dependabot[bot]
83ad7652bc chore(deps): bump anyhow from 1.0.96 to 1.0.98 
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.96 to 1.0.98.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.96...1.0.98)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-version: 1.0.98
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-07 23:44:29 +00:00
Karolin Varner
de72e4a2a1 Use serde for JSON-encoding benchmark data (#667) 2025-08-07 16:40:16 +02:00
dependabot[bot]
b905c0aa06 chore(deps): bump log from 0.4.26 to 0.4.27 
Bumps [log](https://github.com/rust-lang/log) from 0.4.26 to 0.4.27.
- [Release notes](https://github.com/rust-lang/log/releases)
- [Changelog](https://github.com/rust-lang/log/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/log/compare/0.4.26...0.4.27)

---
updated-dependencies:
- dependency-name: log
  dependency-version: 0.4.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-07 16:03:32 +02:00
Jan Winkelmann (keks)
7908359eab Use serde for JSON-encoding benchmark data 2025-08-06 17:58:38 +02:00
Karolin Varner
3c0e167347 fix(rosenpass): Integrate signal handlers with mio 
With this commit, rosenpass uses a signal handler based on the signal-hook-mio crate.

Even though, in this commit, no rosenpass-rp code is touched, this also
fixes the signal handling in rosenpass-rp. The way rosenpass is
integrated in rp is a bit of a hack – it just directly embeds
rosenpass in the same process (though on a dedicated thread). For this
reason, rp now just inherits rosenpass' signal handlers. The
rosenpass event_loop() will terminate. The main loop of `rp` just spends
most of the time waiting for rosenpass itself to finish, and exits when
it finishes.

Unfortunately, this means we are not using signalfd(2)[^0]; the
signal-hook-mio crate appears to use a pipe-based mechanism to deliver
events to mio instead.

This may not be such a bad thing, as signalfd has some severe drawbacks
with respect to subprocesses and masked signals[^1].

Fixes: #358 (https://github.com/rosenpass/rosenpass/issues/385)
Fixes: #522 (https://github.com/rosenpass/rosenpass/issues/522)
Fixes: #678 (https://github.com/rosenpass/rosenpass/pull/678)

[^0]: https://unixism.net/2021/02/making-signals-less-painful-under-linux/
[^1]: https://ldpreload.com/blog/signalfd-is-useless?reposted-on-request
 2025-08-04 08:44:15 +02:00
Karolin Varner
6f6fdef542 chore(rp): Rename crate rp -> rosenpass-rp 2025-08-04 08:44:15 +02:00
Karolin Varner
c689f8e78a feat(rp): Enable logging 2025-08-04 08:44:15 +02:00
Karolin Varner
31a5dbe420 feat: Janitor, utilities for cleaning up with tokio 2025-08-04 08:44:15 +02:00
Karolin Varner
a85f9b8e63 chore: Better error handling in link_create_and_up in rp 2025-08-03 15:15:14 +02:00
dependabot[bot]
f31d635df8 chore(deps): bump tokio from 1.44.2 to 1.46.1 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.44.2 to 1.46.1.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.44.2...tokio-1.46.1)

---
updated-dependencies:
- dependency-name: tokio
  dependency-version: 1.46.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-30 23:44:49 +00:00
dependabot[bot]
e76e5b253f chore(deps): bump clap_mangen from 0.2.24 to 0.2.27 
Dependabot couldn't find the original pull request head commit, 518c533e040c5dd92156f84f8c20cffb9c7eacf6.
 2025-07-29 15:19:47 +00:00
Jan Winkelmann (keks)
91707cc430 Address feedback 2025-06-23 16:39:22 +02:00
Jan Winkelmann (keks)
5097d9fce1 Add benchmarking for cryptographic primitives and protocol performance 
This commit introduces two kinds of benchmarks:

1. Cryptographic Primitives. Measures the performance of all available
   implementations of cryptographic algorithms using traditional
   benchmarking. Uses criterion.
2. Protocol Runs. Measures the time each step in the protocol takes.
   Measured using a tracing-based approach.

The benchmarks are run on CI and an interactive visual overview is
written to the gh-pages branch. If a benchmark takes more than twice the
time than the reference commit (for PR: the main branch), the action
fails.
 2025-06-23 16:39:22 +02:00
Karolin Varner
b46cd636d2 fix: Security update – crossbeam-channel 2025-04-13 13:44:36 +02:00
Karolin Varner
d453002230 fix: Security update for tokio 2025-04-08 18:14:45 +02:00
Jan Winkelmann (keks)
d023108d3b attempt to work around the importCargoLock bugs 2025-04-03 16:55:03 +02:00
Jan Winkelmann (keks)
417df7aa7f update the lock file 2025-04-03 16:55:03 +02:00
Jan Winkelmann (keks)
2dba9205e7 Address Feedback 2025-04-03 16:14:55 +02:00
Jan Winkelmann (keks)
576ad5f6d0 respect experiment_libcrux_blake2 feature flag 2025-04-03 16:14:47 +02:00
Jan Winkelmann (keks)
6494518460 add fine-grained features 2025-04-03 16:14:19 +02:00
Jan Winkelmann (keks)
185e92108e add blake2 from libcrux 2025-04-03 16:14:19 +02:00
Jan Winkelmann (keks)
253243a8c8 add kyber512 from libcrux 2025-04-03 16:14:19 +02:00
Jan Winkelmann (keks)
075d9ffff3 update libcrux chachapoly to use libcrux-chacha20poly1305 2025-04-03 16:14:19 +02:00
Jan Winkelmann (keks)
b84e0beae8 introduce traits for all the primitives and algorithms. A bit more cleanup. 2025-04-03 16:12:44 +02:00
Jan Winkelmann (keks)
d61b137761 update KEM trait 2025-04-03 16:12:44 +02:00
Jan Winkelmann (keks)
32ae8f7051 Rename hash selection enum to KeyedHash, restructure traits 2025-04-03 16:11:55 +02:00
David Niehues
5a2555a327 dev(ciphers): add implementation of shake256 2025-03-19 11:29:11 +01:00
David Niehues
ac3f21c4bd dev: add sha3 dependency 2025-03-19 11:29:11 +01:00
Karolin Varner
b40b7f4f2f chore: cargo update 
- Had to remove the test checking for manpages to be generated for
  the keygen command since clap-mangen disabled creating manpages
  for hidden commands.
  d96cc71626
- Had to pin home to the previous version because it now requires a
  new rust version without major version update
- Changed util/src/fd tests due to false positives in CI
  > note: panic did not contain expected string
  >      panic message: `"fd != -1"`,
  > expected substring: `"fd != u32::MAX as RawFd"`
 2025-02-22 17:45:34 +01:00
David Niehues
3effcb313e chore: update criterion to remediate security advisories. Fixes #596 2025-02-06 08:17:38 +01:00
Dimitris Apostolou
8e50d38b38 fix(deps): fix crate vulnerabilities 2025-02-04 17:20:40 +02:00
dependabot[bot]
d2539e445f build(deps): bump serde from 1.0.216 to 1.0.217 (#570) 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.216 to 1.0.217.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.216...v1.0.217)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-29 17:48:54 +01:00
dependabot[bot]
6dc58cc6c1 build(deps): bump anyhow from 1.0.94 to 1.0.95 (#569) 
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.94 to 1.0.95.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.94...1.0.95)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-25 10:47:12 +01:00
dependabot[bot]
d8fe3eba5f build(deps): bump clap_complete from 4.5.38 to 4.5.40 
Bumps [clap_complete](https://github.com/clap-rs/clap) from 4.5.38 to 4.5.40.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.38...clap_complete-v4.5.40)

---
updated-dependencies:
- dependency-name: clap_complete
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-18 10:29:44 +01:00
David Niehues
ae3fbde0a3 test(fix-doctest): fix doctests where a function is wrapped around a doctest but the function is never called 
In the doctests in kem.rs, the actual tests that are run to verify that the KyberKem and the DummyKem actually work
are wrapped inside a function to make use of the ?-operator. However, these functions were never called and thus
the tests weren't really helpful and didn't provide proper coverage.
 2024-12-16 17:05:41 +01:00
dependabot[bot]
c435b772d2 build(deps): bump serde from 1.0.215 to 1.0.216 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.215 to 1.0.216.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.215...v1.0.216)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 23:45:16 +00:00
dependabot[bot]
1c5e4ecf95 build(deps): bump rustix from 0.38.41 to 0.38.42 
Bumps [rustix](https://github.com/bytecodealliance/rustix) from 0.38.41 to 0.38.42.
- [Release notes](https://github.com/bytecodealliance/rustix/releases)
- [Changelog](https://github.com/bytecodealliance/rustix/blob/main/CHANGELOG.md)
- [Commits](https://github.com/bytecodealliance/rustix/compare/v0.38.41...v0.38.42)

---
updated-dependencies:
- dependency-name: rustix
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 18:12:41 +01:00
David Niehues
68f73e264d add oqs and secret-memory as dev-dependencies to cipher-trait for doc-tests 2024-12-11 21:11:51 +01:00
dependabot[bot]
85286c146f build(deps): bump libc from 0.2.167 to 0.2.168 
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.167 to 0.2.168.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Changelog](https://github.com/rust-lang/libc/blob/0.2.168/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.167...0.2.168)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-11 00:07:31 +01:00
Karolin Varner
737781c8bc chore(coverage): Fix missing coverage from API integration tests 
Three changes:
1. We neglected to forward stderr from Rosenpass subprocess two
   in the API setup integration test (driveby fix)
2. Added rudimentary signal handling for program termination
   to rosenpass, specifically for the coverage reporting
3. Apparently std::process::Child::kill() sends SIGKILL and not
   SIGTERM, so our nice new signal handler was never used.
   Switched to a rustix based child reaper.

(2) and (3) where necessary because llvm-cov does not produce coverage
when a subprocess terminates due to a default signal handler.
 2024-12-11 00:01:44 +01:00
Jacek Galowicz
cd7558594f rp: Add exchange-config command 
This is similar to `rosenpass exchange`/`rosenpass exchange-config`.
It's however slightly different to the configuration file models the `rp
exchange` command line.
 2024-12-09 15:35:34 +01:00
dependabot[bot]
5eda161cf2 build(deps): bump clap from 4.5.22 to 4.5.23 
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.22 to 4.5.23.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.22...clap_complete-v4.5.23)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-05 23:53:58 +00:00
dependabot[bot]
e2c46f1ff0 build(deps): bump clap from 4.5.21 to 4.5.22 
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.21 to 4.5.22.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.21...clap_complete-v4.5.22)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-04 11:40:25 +01:00
dependabot[bot]
e56798b04c build(deps): bump tokio from 1.41.1 to 1.42.0 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.41.1 to 1.42.0.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.41.1...tokio-1.42.0)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-04 11:40:04 +01:00
dependabot[bot]
a9792c3143 build(deps): bump anyhow from 1.0.93 to 1.0.94 
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.93 to 1.0.94.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.93...1.0.94)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-03 23:26:40 +00:00
dependabot[bot]
cc7f7a4b4d build(deps): bump mio from 1.0.2 to 1.0.3 
Bumps [mio](https://github.com/tokio-rs/mio) from 1.0.2 to 1.0.3.
- [Release notes](https://github.com/tokio-rs/mio/releases)
- [Changelog](https://github.com/tokio-rs/mio/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/mio/compare/v1.0.2...v1.0.3)

---
updated-dependencies:
- dependency-name: mio
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-30 14:34:20 +01:00