gitea-mirror/rosenpass
1
0
Fork 0
mirror of https://github.com/rosenpass/rosenpass.git synced 2026-02-27 14:03:11 -08:00
Code Issues Packages Projects Releases Wiki Activity
914 Commits 62 Branches 19 Tags
c9aad280b20d22c502c5526e0e6ae6cd2737d6f4
Commit Graph

208 Commits

Author SHA1 Message Date
dependabot[bot]
0edfb625e8 build(deps): bump log from 0.4.20 to 0.4.21 
Bumps [log](https://github.com/rust-lang/log) from 0.4.20 to 0.4.21.
- [Release notes](https://github.com/rust-lang/log/releases)
- [Changelog](https://github.com/rust-lang/log/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/log/compare/0.4.20...0.4.21)

---
updated-dependencies:
- dependency-name: log
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-06 15:14:03 +02:00
dependabot[bot]
16c0080cdc build(deps): bump memoffset from 0.9.0 to 0.9.1 
Bumps [memoffset](https://github.com/Gilnaa/memoffset) from 0.9.0 to 0.9.1.
- [Changelog](https://github.com/Gilnaa/memoffset/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Gilnaa/memoffset/compare/v0.9.0...v0.9.1)

---
updated-dependencies:
- dependency-name: memoffset
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-06 15:13:35 +02:00
dependabot[bot]
b05c4bbe24 build(deps): bump serde from 1.0.193 to 1.0.197 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.193 to 1.0.197.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.193...v1.0.197)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-06 15:13:21 +02:00
dependabot[bot]
639c65ef93 build(deps): bump env_logger from 0.10.1 to 0.10.2 
Bumps [env_logger](https://github.com/rust-cli/env_logger) from 0.10.1 to 0.10.2.
- [Release notes](https://github.com/rust-cli/env_logger/releases)
- [Changelog](https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-cli/env_logger/compare/v0.10.1...v0.10.2)

---
updated-dependencies:
- dependency-name: env_logger
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-21 00:39:00 +01:00
dependabot[bot]
332c549305 build(deps): bump anyhow from 1.0.75 to 1.0.81 
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.75 to 1.0.81.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.75...1.0.81)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-21 00:38:44 +01:00
dependabot[bot]
ef973e9d7f build(deps): bump base64 from 0.21.5 to 0.21.7 
Bumps [base64](https://github.com/marshallpierce/rust-base64) from 0.21.5 to 0.21.7.
- [Changelog](https://github.com/marshallpierce/rust-base64/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/marshallpierce/rust-base64/compare/v0.21.5...v0.21.7)

---
updated-dependencies:
- dependency-name: base64
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-21 00:38:34 +01:00
Karolin Varner
3175b7b783 Merge branch 'main' into feat/cookie-mechanism 2024-03-12 22:08:04 -04:00
Dimitris Apostolou
13a853ff42 fix: Fix crate vulnerabilities 2024-03-10 18:11:43 +01:00
Paul Spooren
4f4e8e1018 config: drop deprecated std::env::home_dir() 
Instead use the `home` create.

Signed-off-by: Paul Spooren <mail@aparcar.org>
 2024-03-01 19:00:00 +01:00
Ilka Schulz
36c99c020e implement test to statistically check constant run time of memcmp (feature: constant_time_tests) 2024-02-28 17:07:40 +01:00
Aaron Kaiser
a996b08279 refactor: replace lenses library with the zerocopy crate 2024-02-21 14:04:39 +01:00
Prabhpreet Dua
0b4699e24a Poll based under load with intg test 2024-02-04 20:17:28 +05:30
Karolin Varner
ca972e8b70 feat: Remove libsodium 2024-01-27 21:38:13 +01:00
Karolin Varner
b6203683fc feat: Migrate away from sodium blake2b towards the rust crypto implementation 2024-01-27 21:38:13 +01:00
Karolin Varner
0789c60602 feat: Use chacha implementation from rust crypto instead of sodium 2024-01-27 21:38:13 +01:00
Karolin Varner
30cb0e9801 chore: Remove references to libsodium from secret-memory 2024-01-03 18:43:05 +01:00
Karolin Varner
9824db4f09 fix: Migrate away from lazy_static in favor of thread_local 
The new secret memory pool was causing CI failures in the fuzzing code,
due to the fuzzer compiling its binaries with memory sanitizer support.

https://doc.rust-lang.org/beta/unstable-book/compiler-flags/sanitizer.html

Using lazy_static was – intentionally – introducing a memory leak, but the
LeakSanitizer detected this and raised an error.

Now by using thread_local we are calling the destructors and so – while still being a
memory leak in practice – the LeakSanitizer no longer detects this behaviour as an error.

Alternatively we could have used a known-leaks list with the leak-sanitizer, but this would have increased the complexity of the build setup.

Finally, this was likely triggered with the migration to memsec, because libsodium circumvents the malloc/free calls,
relying on direct calls to MMAP.
 2024-01-03 18:43:05 +01:00
Karolin Varner
85c447052e feat: Migrate to memsec 2024-01-03 18:43:05 +01:00
Karolin Varner
d45e24e9b6 feat: Move lenses into library 2023-12-02 12:21:41 +01:00
Karolin Varner
972e82b35f chore: Move kems out of rosenpass crate 2023-12-02 10:42:13 +01:00
Karolin Varner
838f700a74 chore: Upgrade dependencies 2023-12-01 18:43:32 +01:00
Karolin Varner
5448cdc565 feat: Use the rand crate for random values instead of sodium 2023-12-01 18:37:33 +01:00
Karolin Varner
77cd8a9fd1 feat: Move prftree into ciphers crate 
- Use a new nomenclature for these functions based on the idea of a hash
  domain (as in domain separation); this makes much more sence
- Remove the ciphers::hash export; we did not even export a hash
  function in the purest sence of the word. This gets us around the
  difficulty of figuring out what we should call the underlying
  primitive
 2023-12-01 18:36:46 +01:00
Karolin Varner
70fa9bd6d7 feat: Wrap sodium_malloc as a custom allocator 
This lets us get rid of quite a few unsafe blocks.
 2023-12-01 18:29:53 +01:00
Karolin Varner
85a61808de feat: Use the zeroize crate for zeroization 2023-12-01 18:11:05 +01:00
Karolin Varner
cf132bca11 chore: Move rest of coloring.rs into secret-memory crate 
Also removes the StoreSecret trait from cli.rs as it was
redundant.
 2023-12-01 18:11:05 +01:00
Karolin Varner
7bda010a9b chore: Move Public and debug_crypto_array into secret-memory crate 2023-12-01 18:11:05 +01:00
Karolin Varner
09aa0e027e chore: Move hashing functions into sodium/ciphers crate 
This finishes the last step of removing sodium.rs from the rosenpass crate
itself and also removes the NOTHING and NONCE0 constants.

Hashing functions now use destination parameters;
rosenpass_constant_time::xor now does too.
 2023-11-29 11:36:28 +01:00
Karolin Varner
d539be3142 feat: Rosenpass-to for nicely handling destination parameters 2023-11-26 11:18:47 +01:00
Morgan Hill
a49254a021 feat(fuzzing): Add initial set of fuzzing targets 
These targets can be used with rust nightly and cargo-fuzz to fuzz
several bits of Rosenpass's API. Fuzzing is an automated way of
exploring code paths that may not be hit in unit tests or normal
operation. For example the `handle_msg` target exposed the DoS condition
fixed in 0.2.1.

The other targets focus on the FFI with libsodium and liboqs.

Co-authored-by: Karolin Varner <karo@cupdev.net>
 2023-11-26 11:05:19 +01:00
Karolin Varner
c64e721c2f chore: Move chacha20 implementation out of rosenpass::sodium 
Introduces a new crate for selected ciphers which references
a cipher implementation in the rosenpass-sodium crate.
 2023-11-26 10:38:24 +01:00
Karolin Varner
99634d9702 chore: Move sodium init integration into rosenpass-sodium crate 2023-11-26 10:38:24 +01:00
Karolin Varner
e50542193f chore: Move file utils into coloring or the util crate 2023-11-26 10:38:24 +01:00
Karolin Varner
a220c11e67 chore: Move xor_into, copying and base64 utils into own crates 2023-11-26 10:38:24 +01:00
wucke13
0b4b1279cf chore: Release rosenpass version 0.2.1 2023-11-18 23:16:22 +01:00
wucke13
44264a7bb6 chore: Release rosenpass version 0.2.1-rc.3 2023-11-18 22:58:57 +01:00
wucke13
9597e485bf chore: Release rosenpass version 0.2.1-rc.2 2023-11-18 22:48:35 +01:00
wucke13
3901e668cb chore: Release rosenpass version 0.2.1-rc.1 2023-11-18 22:30:46 +01:00
wucke13
1d9e62e56b update Cargo.lock 2023-11-12 13:29:06 +01:00
Emil Engler
b7a76849b7 test: Ensure 8MiB of stack size for key generation 
This commit ensures that the call to `StaticKEM::keygen` has a stack of
8MiB.

Especially on Darwin system, this commit is necessary in order to
prevent a stack overflow, as this system only provides stack sizes of
roughly 500KB which is way to small for a Classic McEliece key.

Fixes #118
 2023-09-22 16:30:00 +02:00
wucke13
b997238f42 chore: Release rosenpass version 0.2.0 2023-09-05 19:33:50 +02:00
wucke13
d915e63445 bump versions 2023-08-29 23:48:48 +02:00
Emil Engler
6025623aad cargo: Update outdated dependencies 2023-08-23 14:44:11 +02:00
wucke13
91d0592ad6 update oqs-sys from 0.7.2 to 0.8.0 2023-08-23 11:32:51 +02:00
Karolin Varner
097fd0332d chore: Upgrade crate dependencies 2023-05-23 11:24:39 +02:00
wucke13
b99d072879 major rewrite of application server & frontend 
- adds TOML based configuation files
  - with example configuratios in config-examples
- reimplments arcane CLI argument parser as automaton
- adds a new CLI focused arround configuration files
- moves all file utility stuff from `main.rs` to `util.rs`
- moves all AppServer stuff to dedicated `app_server.rs`
- add mio for multi-listen-socket support (should fix #27)
- consistency: rename private to secret
 2023-05-22 11:42:51 +02:00
Emil Engler
13cc7e05ed invoke man(1) when requesting help 
This commit invokes `man(1)` when requesting help and emits the built-in
manual, if the manual page is not found on the system.
 2023-04-25 14:54:30 +02:00
wucke13
94d57f2f87 chore: Release rosenpass version 0.1.2-rc.4 2023-04-13 19:52:09 +02:00
wucke13
97f5d75838 chore: Release rosenpass version 0.1.1 2023-02-25 23:34:40 +01:00
wucke13
aa15872f2b chore: Release rosenpass version 0.1.1-rc.7 2023-02-25 23:21:35 +01:00