From 54d193caa9e449fe04bc26cca41519a18e1c50bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C4=99drzej=20Stuczy=C5=84ski?= Date: Mon, 23 Feb 2026 10:45:17 +0000 Subject: [PATCH] removing dead code --- common/crypto/Cargo.toml | 4 +- common/crypto/src/asymmetric/x25519/mod.rs | 58 ++++--- common/nym-kkt/src/initiator.rs | 2 +- common/nym-lp-packet/src/message.rs | 13 +- common/nym-lp-transport/src/traits.rs | 2 +- common/nym-lp/src/codec.rs | 63 +++----- common/nym-lp/src/psq/initiator.rs | 2 - common/nym-lp/src/psq/mod.rs | 3 +- common/nym-lp/src/session.rs | 8 +- common/nym-lp/src/state_machine.rs | 6 +- .../src/lp_client/client.rs | 152 ------------------ .../lp_client/nested_session/connection.rs | 2 + .../src/lp_client/state_machine_helpers.rs | 19 --- nym-wallet/Cargo.lock | 105 ------------ 14 files changed, 78 insertions(+), 361 deletions(-) diff --git a/common/crypto/Cargo.toml b/common/crypto/Cargo.toml index 03a7d828bf..fca95f0d50 100644 --- a/common/crypto/Cargo.toml +++ b/common/crypto/Cargo.toml @@ -22,7 +22,7 @@ hkdf = { workspace = true, optional = true } hmac = { workspace = true, optional = true } jwt-simple = { workspace = true, optional = true } libcrux-psq = { workspace = true, optional = true } -libcrux-curve25519 = { workspace = true } +libcrux-curve25519 = { workspace = true, optional = true } cipher = { workspace = true, optional = true } x25519-dalek = { workspace = true, features = ["static_secrets"], optional = true } ed25519-dalek = { workspace = true, features = ["rand_core"], optional = true } @@ -50,7 +50,7 @@ nym-test-utils = { workspace = true } default = [] aead = ["dep:aead", "aead/std", "aes-gcm-siv", "generic-array"] naive_jwt = ["asymmetric", "jwt-simple"] -libcrux_x25519 = ["libcrux-psq"] +libcrux_x25519 = ["libcrux-psq", "libcrux-curve25519"] serde = ["dep:serde", "serde_bytes", "ed25519-dalek/serde", "x25519-dalek/serde"] asymmetric = ["x25519-dalek", "ed25519-dalek", "curve25519-dalek", "sha2", "zeroize"] hashing = ["blake3", "digest", "hkdf", "hmac", "generic-array", "sha2", "zeroize"] diff --git a/common/crypto/src/asymmetric/x25519/mod.rs b/common/crypto/src/asymmetric/x25519/mod.rs index 0891284c67..719cc5182e 100644 --- a/common/crypto/src/asymmetric/x25519/mod.rs +++ b/common/crypto/src/asymmetric/x25519/mod.rs @@ -7,7 +7,7 @@ use std::fmt::{self, Debug, Display, Formatter}; use std::ops::Deref; use std::str::FromStr; use thiserror::Error; -use zeroize::{Zeroize, ZeroizeOnDrop, Zeroizing}; +use zeroize::{Zeroize, ZeroizeOnDrop}; #[cfg(feature = "rand")] use rand::{CryptoRng, RngCore}; @@ -45,6 +45,9 @@ pub enum KeyRecoveryError { #[source] source: bs58::decode::Error, }, + + #[error("the x25519 private key could not be converted to its PSQ representation")] + IncompatiblePSQPrivateKey, } #[derive(Zeroize, ZeroizeOnDrop)] @@ -415,37 +418,46 @@ impl AsRef<[u8]> for PrivateKey { // libcrux-psq conversion #[cfg(feature = "libcrux_x25519")] -impl From for libcrux_psq::handshake::types::DHPrivateKey { - fn from(key: PrivateKey) -> libcrux_psq::handshake::types::DHPrivateKey { - Self::from(&key) +impl TryFrom for libcrux_psq::handshake::types::DHPrivateKey { + type Error = KeyRecoveryError; + + fn try_from( + key: PrivateKey, + ) -> Result { + Self::try_from(&key) } } #[cfg(feature = "libcrux_x25519")] impl From for PrivateKey { fn from(key: libcrux_psq::handshake::types::DHPrivateKey) -> PrivateKey { - // SAFETY: we're using valid x25519 private key - // #[allow(clippy::unwrap_used)] + // SAFETY: the DHPrivateKey is guaranteed to be 32 bytes in length + #[allow(clippy::unwrap_used)] PrivateKey::from_bytes(key.as_ref()).unwrap() } } #[cfg(feature = "libcrux_x25519")] -impl From<&PrivateKey> for libcrux_psq::handshake::types::DHPrivateKey { - fn from(key: &PrivateKey) -> libcrux_psq::handshake::types::DHPrivateKey { - // SAFETY: we're using valid x25519 private key - // #[allow(clippy::unwrap_used)] - let mut private_key_bytes = Zeroizing::new(key.to_bytes()); +impl TryFrom<&PrivateKey> for libcrux_psq::handshake::types::DHPrivateKey { + type Error = KeyRecoveryError; + + fn try_from( + key: &PrivateKey, + ) -> Result { + let mut private_key_bytes = zeroize::Zeroizing::new(key.to_bytes()); libcrux_curve25519::clamp(&mut private_key_bytes); - libcrux_psq::handshake::types::DHPrivateKey::from_bytes(&private_key_bytes).unwrap() + match libcrux_psq::handshake::types::DHPrivateKey::from_bytes(&private_key_bytes) { + Ok(key) => Ok(key), + Err(_) => Err(KeyRecoveryError::IncompatiblePSQPrivateKey), + } } } #[cfg(feature = "libcrux_x25519")] impl From<&libcrux_psq::handshake::types::DHPrivateKey> for PrivateKey { fn from(key: &libcrux_psq::handshake::types::DHPrivateKey) -> PrivateKey { - // SAFETY: we're using valid x25519 private key - // #[allow(clippy::unwrap_used)] + // SAFETY: the DHPrivateKey is guaranteed to be 32 bytes in length + #[allow(clippy::unwrap_used)] PrivateKey::from_bytes(key.as_ref()).unwrap() } } @@ -460,18 +472,22 @@ impl From for libcrux_psq::handshake::types::DHPublicKey { #[cfg(feature = "libcrux_x25519")] impl From for PublicKey { fn from(key: libcrux_psq::handshake::types::DHPublicKey) -> PublicKey { - // SAFETY: we're using correct 32 bytes representation - // #[allow(clippy::unwrap_used)] + // SAFETY: the DHPublicKey is guaranteed to be 32 bytes in length + #[allow(clippy::unwrap_used)] PublicKey::from_bytes(key.as_ref()).unwrap() } } #[cfg(feature = "libcrux_x25519")] -impl From for libcrux_psq::handshake::types::DHKeyPair { - fn from(key: KeyPair) -> libcrux_psq::handshake::types::DHKeyPair { - libcrux_psq::handshake::types::DHKeyPair::from( - libcrux_psq::handshake::types::DHPrivateKey::from(&key.private_key), - ) +impl TryFrom for libcrux_psq::handshake::types::DHKeyPair { + type Error = KeyRecoveryError; + + fn try_from( + key: KeyPair, + ) -> Result { + Ok(libcrux_psq::handshake::types::DHKeyPair::from( + libcrux_psq::handshake::types::DHPrivateKey::try_from(&key.private_key)?, + )) } } diff --git a/common/nym-kkt/src/initiator.rs b/common/nym-kkt/src/initiator.rs index 3e497a5e5c..d5d98a20ea 100644 --- a/common/nym-kkt/src/initiator.rs +++ b/common/nym-kkt/src/initiator.rs @@ -106,7 +106,7 @@ impl<'a> KKTInitiator<'a> { ) -> Result { let decrypted_response_bytes = self.carrier.decrypt(&response.encrypted_frame)?; let response_frame = KKTFrame::from_bytes(&decrypted_response_bytes)?; - initiator_ingest_response(&mut self.context, &response_frame, self.expected_hash) + initiator_ingest_response(&self.context, &response_frame, self.expected_hash) } } diff --git a/common/nym-lp-packet/src/message.rs b/common/nym-lp-packet/src/message.rs index 3255b508d7..4c28d66e26 100644 --- a/common/nym-lp-packet/src/message.rs +++ b/common/nym-lp-packet/src/message.rs @@ -4,7 +4,6 @@ use crate::error::MalformedLpPacketError; use bytes::{BufMut, BytesMut}; use num_enum::{IntoPrimitive, TryFromPrimitive}; -use nym_crypto::asymmetric::ed25519; use std::fmt; use std::fmt::Display; use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr}; @@ -226,16 +225,20 @@ impl ForwardPacketData { b.len() ))); } + // Ipv6Addr::from_octets is not available until 1.91 so we have to use + // the slightly less obvious u128 conversion // SAFETY: we ensured we have sufficient data, and the length is correct for casting #[allow(clippy::unwrap_used)] - let ipv6 = IpAddr::V6(Ipv6Addr::from_octets(b[1..17].try_into().unwrap())); + let ipv6 = IpAddr::V6(Ipv6Addr::from_bits(u128::from_be_bytes( + b[1..17].try_into().unwrap(), + ))); let port = u16::from_le_bytes([b[17], b[18]]); (SocketAddr::new(ipv6, port), 19) } else { // IPv4. Length check done at the start - // SAFETY: we ensured we have sufficient data, and the length is correct for casting - #[allow(clippy::unwrap_used)] - let ipv4 = IpAddr::V4(Ipv4Addr::from_octets(b[1..5].try_into().unwrap())); + + // Ipv4Addr::from_octets is not available until 1.91 + let ipv4 = IpAddr::V4(Ipv4Addr::new(b[1], b[2], b[3], b[4])); let port = u16::from_le_bytes([b[5], b[6]]); (SocketAddr::new(ipv4, port), 7) }; diff --git a/common/nym-lp-transport/src/traits.rs b/common/nym-lp-transport/src/traits.rs index d6432be2ba..0fda371fb9 100644 --- a/common/nym-lp-transport/src/traits.rs +++ b/common/nym-lp-transport/src/traits.rs @@ -42,7 +42,7 @@ pub trait LpHandshakeChannel: Sized { expected_size: usize, ) -> Result { let bytes = self.read_n_bytes(expected_size).await?; - M::try_from_bytes(bytes).map_err(Into::into) + M::try_from_bytes(bytes) } } diff --git a/common/nym-lp/src/codec.rs b/common/nym-lp/src/codec.rs index e0397395f1..1403a1467e 100644 --- a/common/nym-lp/src/codec.rs +++ b/common/nym-lp/src/codec.rs @@ -5,10 +5,11 @@ use crate::{LpError, LpMessage}; use bytes::BytesMut; use libcrux_psq::Channel; use nym_lp_packet::{EncryptedLpPacket, InnerHeader, LpHeader, LpPacket, OuterHeader}; -use nym_lp_transport::traits::LpTransportChannel; use tracing::error; -pub(crate) const CIPHERTEXT_OVERHEAD: usize = 25; +// wtf, why are those different?! +pub(crate) const ENC_OVERHEAD: usize = 26; +pub(crate) const DEC_OVERHEAD: usize = 25; /// Parse only the outer header from raw packet bytes. /// @@ -24,45 +25,20 @@ pub fn parse_lp_header_only(src: &[u8]) -> Result { Ok(OuterHeader::parse(src)?) } -// /// Parses a complete Lewes Protocol packet from a byte slice (e.g., a UDP datagram payload). -// /// -// /// # Arguments -// /// * `outer_header` - The parsed OuterHeader from the underlying stream -// /// * `plaintext` - the decrypted plaintext of the remainer of the packet -// /// -// /// # Errors -// /// * `LpError::InsufficientBufferSize` - Packet too small -// pub fn parse_lp_packet(outer_header: OuterHeader, plaintext: &[u8]) -> Result { -// todo!() -// // if plaintext.len() < InnerHeader::SIZE { -// // return Err(LpError::InsufficientBufferSize); -// // } -// // -// // let inner_header = InnerHeader::parse(plaintext)?; -// // let payload = &plaintext[InnerHeader::SIZE..]; -// // let message = LpMessage::decode_content(payload, inner_header.message_type)?; -// // -// // Ok(LpPacket { -// // header: LpHeader { -// // outer: outer_header, -// // inner: inner_header, -// // }, -// // message, -// // }) -// } - pub(crate) fn encrypt_data( plaintext: &[u8], transport: &mut libcrux_psq::session::Transport, ) -> Result, LpError> { - let mut ciphertext = vec![0u8; plaintext.len() + CIPHERTEXT_OVERHEAD + 64]; - let n = transport.write_message(&*plaintext, &mut ciphertext)?; + let mut ciphertext = vec![0u8; plaintext.len() + ENC_OVERHEAD]; + let n = transport.write_message(plaintext, &mut ciphertext)?; - if plaintext.len() + CIPHERTEXT_OVERHEAD != n { - // TODO: check consistency - error!("FIXME: inconsistent ciphertext overhead") + if plaintext.len() + ENC_OVERHEAD != n { + error!( + "FIXME: inconsistent ciphertext overhead. expected: {ENC_OVERHEAD}, actual: {}", + n - plaintext.len() + ); + ciphertext.truncate(n); } - ciphertext.truncate(n); Ok(ciphertext) } @@ -71,17 +47,20 @@ pub(crate) fn decrypt_data( ciphertext: &[u8], transport: &mut libcrux_psq::session::Transport, ) -> Result, LpError> { - if ciphertext.len() < CIPHERTEXT_OVERHEAD { + if ciphertext.len() < DEC_OVERHEAD { return Err(LpError::InsufficientBufferSize); } - let mut plaintext = vec![0u8; ciphertext.len() - CIPHERTEXT_OVERHEAD]; + let mut plaintext = vec![0u8; ciphertext.len() - DEC_OVERHEAD]; - let (_, n) = transport.read_message(&ciphertext, &mut plaintext)?; - if n != ciphertext.len() - CIPHERTEXT_OVERHEAD { + let (_, n) = transport.read_message(ciphertext, &mut plaintext)?; + if n != ciphertext.len() - DEC_OVERHEAD { // TODO: check consistency - error!("FIXME: inconsistent ciphertext overhead") + error!( + "FIXME: inconsistent ciphertext overhead. expected: {DEC_OVERHEAD}, actual: {}", + ciphertext.len() - n + ); + plaintext.truncate(n); } - plaintext.truncate(n); Ok(plaintext) } @@ -102,7 +81,7 @@ pub fn decrypt_lp_packet( packet: EncryptedLpPacket, transport: &mut libcrux_psq::session::Transport, ) -> Result { - if packet.ciphertext().len() < InnerHeader::SIZE + CIPHERTEXT_OVERHEAD { + if packet.ciphertext().len() < InnerHeader::SIZE + ENC_OVERHEAD { return Err(LpError::InsufficientBufferSize); } diff --git a/common/nym-lp/src/psq/initiator.rs b/common/nym-lp/src/psq/initiator.rs index 222567c121..f4ad3eb0ae 100644 --- a/common/nym-lp/src/psq/initiator.rs +++ b/common/nym-lp/src/psq/initiator.rs @@ -19,7 +19,6 @@ use libcrux_psq::{Channel, IntoSession}; use nym_kkt::initiator::KKTInitiator; use nym_kkt::keys::EncapsulationKey; use nym_kkt::message::{KKTRequest, KKTResponse}; -use nym_kkt_ciphersuite::KEM; use nym_lp_transport::traits::LpHandshakeChannel; use rand09::SeedableRng; use tracing::debug; @@ -141,7 +140,6 @@ where // 4. generate and send PSQ request let protocol = self.initiator_data.protocol_version; - let kem = ciphersuite.kem(); let conn = self.inner_state.connection; // note: the clone is cheap due to internal Arcs diff --git a/common/nym-lp/src/psq/mod.rs b/common/nym-lp/src/psq/mod.rs index 025c990ebf..497e75485a 100644 --- a/common/nym-lp/src/psq/mod.rs +++ b/common/nym-lp/src/psq/mod.rs @@ -2,7 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 use crate::peer::{LpLocalPeer, LpRemotePeer}; -use nym_kkt_ciphersuite::{Ciphersuite, HashFunction, IntoEnumIterator, KEM, SignatureScheme}; +use nym_kkt_ciphersuite::{HashFunction, IntoEnumIterator, KEM, SignatureScheme}; use nym_lp_packet::version; use nym_lp_transport::traits::LpHandshakeChannel; @@ -116,7 +116,6 @@ mod tests { use libcrux_psq::session::{Session, SessionBinding}; use libcrux_psq::{Channel, IntoSession}; use nym_kkt::initiator::KKTInitiator; - use nym_kkt::message::KKTRequest; use nym_kkt::responder::KKTResponder; use nym_kkt_ciphersuite::{HashFunction, KEM, SignatureScheme}; use nym_test_utils::helpers::{ diff --git a/common/nym-lp/src/session.rs b/common/nym-lp/src/session.rs index 810d8aef86..34564e78a5 100644 --- a/common/nym-lp/src/session.rs +++ b/common/nym-lp/src/session.rs @@ -15,10 +15,9 @@ use crate::{LpError, LpMessage, LpPacket, ReceivingKeyCounterValidator}; use libcrux_psq::handshake::types::{Authenticator, DHPublicKey}; use libcrux_psq::session::{Session, SessionBinding}; use nym_kkt::keys::EncapsulationKey; -use nym_kkt_ciphersuite::{Ciphersuite, HashFunction, HashLength, KEM, SignatureScheme}; +use nym_kkt_ciphersuite::Ciphersuite; use nym_lp_packet::{ApplicationData, EncryptedLpPacket, LpHeader}; use nym_lp_transport::LpHandshakeChannel; -use nym_lp_transport::traits::LpTransportChannel; use std::fmt::{Debug, Formatter}; pub type SessionId = [u8; 32]; @@ -98,9 +97,6 @@ impl Debug for LpSession { impl LpSession { /// Creates a new session after completed KTT/PSQ exchange - /// - /// # Arguments - pub fn new( mut psq_session: Session, session_binding: PersistentSessionBinding, @@ -157,7 +153,7 @@ impl LpSession { &self.session_binding } - pub(crate) fn active_transport(&mut self) -> &mut libcrux_psq::session::Transport { + pub fn active_transport(&mut self) -> &mut libcrux_psq::session::Transport { &mut self.active_transport } diff --git a/common/nym-lp/src/state_machine.rs b/common/nym-lp/src/state_machine.rs index f18338d353..a2eccd16cb 100644 --- a/common/nym-lp/src/state_machine.rs +++ b/common/nym-lp/src/state_machine.rs @@ -213,7 +213,7 @@ impl LpStateMachine { mut state: LpTransportState, input: LpInput, ) -> (LpState, Option>) { - let mut session = &mut state.session; + let session = &mut state.session; match input { LpInput::ReceivePacket(packet) => { // Check if packet lp_id matches our session @@ -263,12 +263,12 @@ impl LpStateMachine { } LpInput::SendData(data) => { // Encrypt and send application data - let result_action = match self.prepare_data_packet(&mut session, data) { + let result_action = match self.prepare_data_packet(session, data) { Ok(packet) => Some(Ok(LpAction::SendPacket(packet))), Err(e) => { // If prepare fails, should we close? Let's report error and stay Transport for now. // Alternative: transition to Closed state. - Some(Err(e.into())) + Some(Err(e)) } }; // Remain in transport state diff --git a/nym-registration-client/src/lp_client/client.rs b/nym-registration-client/src/lp_client/client.rs index 1851750462..a6082c796e 100644 --- a/nym-registration-client/src/lp_client/client.rs +++ b/nym-registration-client/src/lp_client/client.rs @@ -709,158 +709,6 @@ where })) } - /// Sends a ForwardPacket message to the entry gateway for forwarding to the exit gateway. - /// - /// This method constructs a ForwardPacket containing the target gateway's identity, - /// address, and the inner LP packet bytes, encrypts it through the outer session - /// (client-entry), and receives the response from the exit gateway via the entry gateway. - /// - /// Uses the persistent TCP connection established during handshake. - /// Multiple forward packets can be sent on the same connection. - /// - /// # Arguments - /// * `forward_data` - encapsulated target gateway's ed25519 identity, socket address and serialised inner LP packet - /// - /// # Returns - /// * `Ok(Vec)` - Decrypted response bytes from the exit gateway - /// - /// # Errors - /// Returns an error if: - /// - Handshake has not been completed - /// - Serialization fails - /// - Encryption or network transmission fails - /// - Response decryption fails - /// - /// # Example Flow - /// ```ignore - /// // Construct inner packet for exit gateway (ClientHello, handshake, etc.) - /// let inner_packet = LpPacket::new(...); - /// let inner_bytes = serialize_lp_packet(&inner_packet, &mut BytesMut::new())?; - /// - /// // Forward through entry gateway - /// let response_bytes = client.send_forward_packet( - /// exit_identity, - /// "2.2.2.2:41264".to_string(), - /// inner_bytes.to_vec(), - /// ).await?; - /// ``` - pub async fn send_forward_packet_with_response( - &mut self, - forward_data: ForwardPacketData, - ) -> Result> { - let target_address = forward_data.target_lp_address; - - tracing::debug!( - "Sending ForwardPacket to {target_address} ({} inner bytes)", - forward_data.inner_packet_bytes.len() - ); - - // 1. Serialize the ForwardPacketData - let input = convert_forward_data(forward_data)?; - - // 2. Encrypt and prepare packet via state machine - let state_machine = self.state_machine_mut()?; - - let action = state_machine - .process_input(input) - .ok_or(LpClientError::UnexpectedStateMachineHalt)??; - - let forward_packet = match action { - LpAction::SendPacket(packet) => packet, - action => return Err(LpClientError::UnexpectedStateMachineAction { action }), - }; - - // 3. Send and receive on persistent connection with timeout - // let response_packet = tokio::time::timeout(self.config.forward_timeout, async { - // todo!() - // // self.try_send_packet(&forward_packet).await?; - // // self.try_receive_packet().await - // }) - // .await - // .map_err(|_| { - // LpClientError::Transport(format!( - // "Forward packet timeout after {:?}", - // self.config.forward_timeout - // )) - // })??; - // tracing::trace!("Received response packet from entry gateway"); - - todo!() - // - // // 4. Decrypt via state machine (re-borrow) - // let state_machine = self - // .state_machine - // .as_mut() - // .ok_or_else(|| LpClientError::transport("State machine disappeared unexpectedly"))?; - // let action = state_machine - // .process_input(LpInput::ReceivePacket(response_packet)) - // .ok_or(LpClientError::UnexpectedStateMachineHalt)? - // .map_err(|e| { - // LpClientError::Transport(format!("Failed to decrypt forward response: {e}")) - // })?; - // - // // 5. Extract decrypted response data - // let response_data = try_convert_forward_response(action)?; - // - // tracing::debug!( - // "Successfully received forward response from {target_address} ({} bytes)", - // response_data.len() - // ); - // - // Ok(response_data) - } - - /// Wrap data in an LP packet for UDP transmission to the data plane (port 51264). - /// - /// This method encrypts the provided data using the established LP session - /// and returns serialized LP packet bytes ready to send over UDP. - /// - /// # Prerequisites - /// - Handshake must be completed (`perform_handshake()`) - /// - /// # Arguments - /// * `data` - Raw application data to wrap (e.g., Sphinx packet bytes) - /// - /// # Returns - /// * `Ok(Vec)` - Serialized LP packet bytes (outer header + encrypted payload) - /// - /// # Wire Format - /// The returned bytes are in LP wire format: - /// - Outer header (12B): receiver_idx(4) + counter(8) - always cleartext - /// - Encrypted payload: proto(1) + reserved(3) + msg_type(4) + content + tag(16) - /// - /// # Usage - /// After LP handshake, wrap Sphinx packets before sending to gateway's LP data port: - /// ```ignore - /// client.perform_handshake().await?; - /// let sphinx_bytes = build_sphinx_packet(...); - /// let lp_bytes = client.wrap_data(&sphinx_bytes)?; - /// socket.send_to(&lp_bytes, gateway_lp_data_address).await?; // UDP:51264 - /// ``` - pub fn wrap_data(&mut self, data: &[u8]) -> Result> { - let state_machine = self.state_machine_mut()?; - - // Process data through state machine to create LP packet - let action = state_machine - .process_input(LpInput::SendData(LpData::new_opaque(data.to_vec()))) - .ok_or(LpClientError::UnexpectedStateMachineHalt)??; - - let packet = match action { - LpAction::SendPacket(packet) => packet, - action => return Err(LpClientError::UnexpectedStateMachineAction { action }), - }; - - // Get outer AEAD key for encryption - - // Serialize the packet with outer AEAD encryption - let mut buf = BytesMut::new(); - todo!() - // serialize_lp_packet(&packet, &mut buf, Some(outer_key)) - // .map_err(|e| LpClientError::Transport(format!("Failed to serialize LP packet: {e}")))?; - // - // Ok(buf.to_vec()) - } - /// Get the LP session ID (receiver_idx) for this client. /// /// This ID is included in the outer header of LP packets and is used by diff --git a/nym-registration-client/src/lp_client/nested_session/connection.rs b/nym-registration-client/src/lp_client/nested_session/connection.rs index 825f066b51..e0f9ecd2d2 100644 --- a/nym-registration-client/src/lp_client/nested_session/connection.rs +++ b/nym-registration-client/src/lp_client/nested_session/connection.rs @@ -127,11 +127,13 @@ impl<'a, S> LpHandshakeChannel for NestedConnection<'a, S> where S: LpTransportChannel + LpHandshakeChannel + Unpin, { + #[allow(clippy::unimplemented)] async fn write_all_and_flush(&mut self, _: &[u8]) -> Result<(), LpTransportError> { // this is not being called instead we implement `send_handshake_message` directly unimplemented!() } + #[allow(clippy::unimplemented)] async fn read_n_bytes(&mut self, _: usize) -> Result, LpTransportError> { // this is not being called instead we implement `receive_handshake_message` directly unimplemented!() diff --git a/nym-registration-client/src/lp_client/state_machine_helpers.rs b/nym-registration-client/src/lp_client/state_machine_helpers.rs index d8f5695b62..e551358691 100644 --- a/nym-registration-client/src/lp_client/state_machine_helpers.rs +++ b/nym-registration-client/src/lp_client/state_machine_helpers.rs @@ -5,25 +5,6 @@ use crate::LpClientError; use nym_lp::state_machine::{LpAction, LpData, LpInput}; use nym_lp::{EncryptedLpPacket, LpPacket, LpStateMachine}; -/// Serializes an LP packet to bytes. -/// -/// # Arguments -/// * `packet` - The LP packet to serialize -/// -/// # Returns -/// * `Ok(Vec)` - Serialized packet bytes -/// -/// # Errors -/// Returns an error if serialization fails -pub(crate) fn serialize_packet(packet: &LpPacket) -> Result, LpClientError> { - todo!() - // let mut buf = BytesMut::new(); - // // Use outer AEAD key when available (after PSK derivation) - // serialize_lp_packet(packet, &mut buf, outer_key) - // .map_err(|e| LpClientError::Transport(format!("Failed to serialize LP packet: {}", e)))?; - // Ok(buf.to_vec()) -} - /// Attempt to prepare the provided data for sending by wrapping it in appropriate `LpAction`, /// and attempting to extract `EncryptedLpPacket` from the provided state machine. pub(crate) fn prepare_send_packet( diff --git a/nym-wallet/Cargo.lock b/nym-wallet/Cargo.lock index e14a11e92d..a551f7d995 100644 --- a/nym-wallet/Cargo.lock +++ b/nym-wallet/Cargo.lock @@ -2871,43 +2871,6 @@ version = "0.15.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bf151400ff0baff5465007dd2f3e717f3fe502074ca563069ce3a6629d07b289" -[[package]] -name = "hax-lib" -version = "0.3.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "543f93241d32b3f00569201bfce9d7a93c92c6421b23c77864ac929dc947b9fc" -dependencies = [ - "hax-lib-macros", - "num-bigint", - "num-traits", -] - -[[package]] -name = "hax-lib-macros" -version = "0.3.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8755751e760b11021765bb04cb4a6c4e24742688d9f3aa14c2079638f537b0f" -dependencies = [ - "hax-lib-macros-types", - "proc-macro-error2", - "proc-macro2", - "quote", - "syn 2.0.100", -] - -[[package]] -name = "hax-lib-macros-types" -version = "0.3.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f177c9ae8ea456e2f71ff3c1ea47bf4464f772a05133fcbba56cd5ba169035a2" -dependencies = [ - "proc-macro2", - "quote", - "serde", - "serde_json", - "uuid", -] - [[package]] name = "heck" version = "0.4.1" @@ -3841,51 +3804,6 @@ version = "0.2.175" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a82ae493e598baaea5209805c49bbf2ea7de956d50d7da0da1164f9c6d28543" -[[package]] -name = "libcrux-curve25519" -version = "0.0.6" -source = "git+https://github.com/cryspen/libcrux?rev=b17f8687b67cdcfc10b55aeecc998bbbca28f775#b17f8687b67cdcfc10b55aeecc998bbbca28f775" -dependencies = [ - "libcrux-hacl-rs", - "libcrux-macros", - "libcrux-secrets", - "libcrux-traits", -] - -[[package]] -name = "libcrux-hacl-rs" -version = "0.0.4" -source = "git+https://github.com/cryspen/libcrux?rev=b17f8687b67cdcfc10b55aeecc998bbbca28f775#b17f8687b67cdcfc10b55aeecc998bbbca28f775" -dependencies = [ - "libcrux-macros", -] - -[[package]] -name = "libcrux-macros" -version = "0.0.3" -source = "git+https://github.com/cryspen/libcrux?rev=b17f8687b67cdcfc10b55aeecc998bbbca28f775#b17f8687b67cdcfc10b55aeecc998bbbca28f775" -dependencies = [ - "quote", - "syn 2.0.100", -] - -[[package]] -name = "libcrux-secrets" -version = "0.0.5" -source = "git+https://github.com/cryspen/libcrux?rev=b17f8687b67cdcfc10b55aeecc998bbbca28f775#b17f8687b67cdcfc10b55aeecc998bbbca28f775" -dependencies = [ - "hax-lib", -] - -[[package]] -name = "libcrux-traits" -version = "0.0.6" -source = "git+https://github.com/cryspen/libcrux?rev=b17f8687b67cdcfc10b55aeecc998bbbca28f775#b17f8687b67cdcfc10b55aeecc998bbbca28f775" -dependencies = [ - "libcrux-secrets", - "rand 0.9.2", -] - [[package]] name = "libloading" version = "0.7.4" @@ -4438,7 +4356,6 @@ dependencies = [ "curve25519-dalek", "ed25519-dalek", "jwt-simple", - "libcrux-curve25519", "nym-pemstore", "rand 0.8.5", "rand 0.9.2", @@ -5795,28 +5712,6 @@ dependencies = [ "version_check", ] -[[package]] -name = "proc-macro-error-attr2" -version = "2.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "96de42df36bb9bba5542fe9f1a054b8cc87e172759a1868aa05c1f3acc89dfc5" -dependencies = [ - "proc-macro2", - "quote", -] - -[[package]] -name = "proc-macro-error2" -version = "2.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "11ec05c52be0a07b08061f7dd003e7d7092e0472bc731b4af7bb1ef876109802" -dependencies = [ - "proc-macro-error-attr2", - "proc-macro2", - "quote", - "syn 2.0.100", -] - [[package]] name = "proc-macro-hack" version = "0.5.20+deprecated"