moving lp packets in lp-data crate (#6810)
* moving lp packets in lp-data crate * one more bit * fmt * crate description
This commit is contained in:
Generated
+522
-295
File diff suppressed because it is too large
Load Diff
@@ -78,6 +78,7 @@ members = [
|
||||
"common/nym-kkt-ciphersuite",
|
||||
"common/nym-kkt-context",
|
||||
"common/nym-lp",
|
||||
"common/nym-lp-data",
|
||||
"common/nym-metrics",
|
||||
"common/nym_offline_compact_ecash",
|
||||
"common/nymnoise",
|
||||
@@ -459,6 +460,7 @@ nym-id = { version = "1.21.0", path = "common/nym-id" }
|
||||
nym-ip-packet-client = { version = "1.21.0", path = "nym-ip-packet-client" }
|
||||
nym-ip-packet-requests = { version = "1.21.0", path = "common/ip-packet-requests" }
|
||||
nym-lp = { version = "1.21.0", path = "common/nym-lp" }
|
||||
nym-lp-data = { version = "1.21.0", path = "common/nym-lp-data" }
|
||||
nym-kkt = { version = "1.21.0", path = "common/nym-kkt" }
|
||||
nym-kkt-ciphersuite = { version = "1.21.0", path = "common/nym-kkt-ciphersuite" }
|
||||
nym-kkt-context = { version = "1.21.0", path = "common/nym-kkt-context" }
|
||||
|
||||
@@ -0,0 +1,25 @@
|
||||
[package]
|
||||
name = "nym-lp-data"
|
||||
description = "Lewes Protocol data structure for the Nym network"
|
||||
version.workspace = true
|
||||
authors.workspace = true
|
||||
edition.workspace = true
|
||||
rust-version.workspace = true
|
||||
license.workspace = true
|
||||
repository.workspace = true
|
||||
homepage.workspace = true
|
||||
documentation.workspace = true
|
||||
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
[dependencies]
|
||||
bytes.workspace = true
|
||||
num_enum.workspace = true
|
||||
tracing.workspace = true
|
||||
thiserror.workspace = true
|
||||
|
||||
nym-common.workspace = true
|
||||
|
||||
|
||||
[lints]
|
||||
workspace = true
|
||||
@@ -0,0 +1,4 @@
|
||||
// Copyright 2026 - Nym Technologies SA <contact@nymtech.net>
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
pub mod packet;
|
||||
@@ -110,7 +110,9 @@ impl LpFrame {
|
||||
}
|
||||
}
|
||||
|
||||
pub(crate) fn len(&self) -> usize {
|
||||
// is_empty in the sense len == 0 doesn't make sense in that case
|
||||
#[allow(clippy::len_without_is_empty)]
|
||||
pub fn len(&self) -> usize {
|
||||
LpFrameHeader::SIZE + self.content.len()
|
||||
}
|
||||
}
|
||||
@@ -165,6 +167,8 @@ impl SphinxStreamFrameAttributes {
|
||||
}
|
||||
|
||||
pub fn parse(attrs: &LpFrameAttributes) -> Result<Self, MalformedLpPacketError> {
|
||||
// SAFETY : 8 bytes slice into 8 bytes array
|
||||
#[allow(clippy::unwrap_used)]
|
||||
let stream_id = u64::from_be_bytes(attrs[0..8].try_into().unwrap());
|
||||
let msg_type = match attrs[8] {
|
||||
0 => SphinxStreamMsgType::Open,
|
||||
@@ -175,6 +179,8 @@ impl SphinxStreamFrameAttributes {
|
||||
)));
|
||||
}
|
||||
};
|
||||
// SAFETY : 4 bytes slice into 4 bytes array
|
||||
#[allow(clippy::unwrap_used)]
|
||||
let sequence_num = u32::from_be_bytes(attrs[9..13].try_into().unwrap());
|
||||
Ok(Self {
|
||||
stream_id,
|
||||
@@ -1,11 +1,13 @@
|
||||
// Copyright 2026 - Nym Technologies SA <contact@nymtech.net>
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
use crate::packet::error::MalformedLpPacketError;
|
||||
use crate::packet::version;
|
||||
use crate::{packet::error::MalformedLpPacketError, peer_config::LpReceiverIndex};
|
||||
use bytes::{BufMut, BytesMut};
|
||||
use tracing::warn;
|
||||
|
||||
pub type LpReceiverIndex = u32;
|
||||
|
||||
/// Outer header (12 bytes) - always cleartext, used for routing.
|
||||
///
|
||||
/// This is the first 12 bytes of every LP packet, containing only the fields
|
||||
@@ -13,7 +13,6 @@ pub use header::{InnerHeader, LpHeader, OuterHeader};
|
||||
pub mod error;
|
||||
pub mod frame;
|
||||
pub mod header;
|
||||
pub mod replay;
|
||||
|
||||
pub mod version {
|
||||
/// The current version of the Lewes Protocol that is put into each new constructed header.
|
||||
@@ -25,10 +25,10 @@ nym-crypto = { workspace = true, features = ["hashing"] }
|
||||
nym-common.workspace = true
|
||||
nym-kkt = { workspace = true }
|
||||
nym-kkt-ciphersuite = { workspace = true }
|
||||
nym-lp-data.workspace = true
|
||||
|
||||
# libcrux dependencies for PSQ (Post-Quantum PSK derivation)
|
||||
libcrux-psq = { workspace = true, features = ["test-utils"] }
|
||||
num_enum = { workspace = true }
|
||||
zeroize = { workspace = true, features = ["zeroize_derive"] }
|
||||
|
||||
|
||||
@@ -48,3 +48,6 @@ mock = ["nym-test-utils"]
|
||||
[[bench]]
|
||||
name = "replay_protection"
|
||||
harness = false
|
||||
|
||||
[lints]
|
||||
workspace = true
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
#![allow(clippy::unwrap_used)]
|
||||
|
||||
use criterion::{BenchmarkId, Criterion, Throughput, black_box, criterion_group, criterion_main};
|
||||
use nym_lp::replay::ReceivingKeyCounterValidator;
|
||||
use nym_test_utils::helpers::deterministic_rng_09;
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
use crate::LpError;
|
||||
use crate::packet::{EncryptedLpPacket, InnerHeader, LpFrame, LpHeader, LpPacket};
|
||||
use bytes::BytesMut;
|
||||
use libcrux_psq::Channel;
|
||||
use nym_lp_data::packet::{EncryptedLpPacket, InnerHeader, LpFrame, LpHeader, LpPacket};
|
||||
|
||||
// needs to be equal or above to the actual overhead
|
||||
pub(crate) const SANE_ENC_OVERHEAD: usize = 32;
|
||||
@@ -82,12 +82,12 @@ pub(crate) fn decrypt_lp_packet(
|
||||
mod tests {
|
||||
use crate::LpError;
|
||||
use crate::codec::{decrypt_data, decrypt_lp_packet, encrypt_data, encrypt_lp_packet};
|
||||
use crate::packet::{EncryptedLpPacket, LpFrame, LpHeader, LpPacket};
|
||||
use crate::peer::mock_peers;
|
||||
use crate::psq::initiator::{build_psq_ciphersuite, build_psq_principal};
|
||||
use crate::psq::{PSQ_MSG2_SIZE, psq_msg1_size, responder};
|
||||
use libcrux_psq::{Channel, IntoSession};
|
||||
use nym_kkt_ciphersuite::KEM;
|
||||
use nym_lp_data::packet::{EncryptedLpPacket, LpFrame, LpHeader, LpPacket};
|
||||
use nym_test_utils::helpers::u64_seeded_rng_09;
|
||||
|
||||
fn mock_transport() -> (
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
// Copyright 2025 - Nym Technologies SA <contact@nymtech.net>
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
use crate::packet::MalformedLpPacketError;
|
||||
use crate::peer_config::LpReceiverIndex;
|
||||
use crate::replay::ReplayError;
|
||||
use crate::transport::LpTransportError;
|
||||
use libcrux_psq::handshake::HandshakeError;
|
||||
use libcrux_psq::handshake::builders::BuilderError;
|
||||
use libcrux_psq::session::SessionError;
|
||||
use nym_lp_data::packet::MalformedLpPacketError;
|
||||
use nym_lp_data::packet::header::LpReceiverIndex;
|
||||
// use nym_crypto::asymmetric::ed25519::Ed25519RecoveryError;
|
||||
use nym_kkt::error::KKTError;
|
||||
use nym_kkt_ciphersuite::{HashFunction, KEM};
|
||||
|
||||
@@ -3,7 +3,6 @@
|
||||
|
||||
pub mod codec;
|
||||
pub mod error;
|
||||
pub mod packet;
|
||||
pub mod peer;
|
||||
pub mod peer_config;
|
||||
pub mod psq;
|
||||
@@ -43,9 +42,13 @@ pub struct SessionsMock {
|
||||
|
||||
#[cfg(any(feature = "mock", test))]
|
||||
impl SessionsMock {
|
||||
// Unwrap in test is fine
|
||||
#![allow(clippy::unwrap_used)]
|
||||
#![allow(clippy::panic)]
|
||||
|
||||
pub fn mock_seeded_post_handshake(seed: u64, kem: KEM) -> SessionsMock {
|
||||
use crate::peer::mock_peers;
|
||||
use crate::peer_config::LpReceiverIndex;
|
||||
use nym_lp_data::packet::header::LpReceiverIndex;
|
||||
use rand09::Rng;
|
||||
|
||||
let (init, resp) = mock_peers();
|
||||
|
||||
@@ -1,33 +0,0 @@
|
||||
use crate::{LpError, packet::LpPacket, replay::ReceivingKeyCounterValidator};
|
||||
|
||||
pub trait LpPacketReplayExt {
|
||||
/// Validate packet counter against a replay protection validator
|
||||
///
|
||||
/// This performs a quick check to see if the packet counter is valid before
|
||||
/// any expensive processing is done.
|
||||
fn validate_counter(&self, validator: &ReceivingKeyCounterValidator) -> Result<(), LpError>;
|
||||
|
||||
/// Mark packet as received in the replay protection validator
|
||||
///
|
||||
/// This should be called after a packet has been successfully processed.
|
||||
fn mark_received(&self, validator: &mut ReceivingKeyCounterValidator) -> Result<(), LpError>;
|
||||
}
|
||||
|
||||
impl LpPacketReplayExt for LpPacket {
|
||||
/// Validate packet counter against a replay protection validator
|
||||
///
|
||||
/// This performs a quick check to see if the packet counter is valid before
|
||||
/// any expensive processing is done.
|
||||
fn validate_counter(&self, validator: &ReceivingKeyCounterValidator) -> Result<(), LpError> {
|
||||
validator.will_accept_branchless(self.header().outer.counter)?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Mark packet as received in the replay protection validator
|
||||
///
|
||||
/// This should be called after a packet has been successfully processed.
|
||||
fn mark_received(&self, validator: &mut ReceivingKeyCounterValidator) -> Result<(), LpError> {
|
||||
validator.mark_did_receive_branchless(self.header().outer.counter)?;
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
@@ -6,12 +6,11 @@ use libcrux_psq::handshake::types::Authenticator;
|
||||
|
||||
use nym_crypto::hkdf::blake3::derive_key_blake3_multi_input;
|
||||
use nym_kkt::keys::EncapsulationKey;
|
||||
use nym_lp_data::packet::header::LpReceiverIndex;
|
||||
use rand09::{self, CryptoRng, Rng};
|
||||
use tls_codec::Serialize;
|
||||
use zeroize::Zeroize;
|
||||
|
||||
pub type LpReceiverIndex = u32;
|
||||
|
||||
pub const MAX_HOPS: u8 = 16;
|
||||
pub const LP_PEER_CONFIG_SIZE: usize = 20;
|
||||
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
// Copyright 2026 - Nym Technologies SA <contact@nymtech.net>
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
use crate::packet::version;
|
||||
use crate::peer::{LpLocalPeer, LpRemotePeer};
|
||||
use crate::transport::traits::LpHandshakeChannel;
|
||||
use nym_kkt_ciphersuite::{HashFunction, IntoEnumIterator, KEM, KEMKeyDigests, SignatureScheme};
|
||||
use nym_lp_data::packet::version;
|
||||
use std::collections::BTreeMap;
|
||||
|
||||
pub(crate) mod handshake_message;
|
||||
|
||||
@@ -7,9 +7,44 @@
|
||||
//! replay attacks and ensure packet ordering. It uses a bitmap-based
|
||||
//! approach to track received packets and validate their sequence.
|
||||
|
||||
use crate::LpError;
|
||||
use nym_lp_data::packet::LpPacket;
|
||||
|
||||
pub mod error;
|
||||
pub mod simd;
|
||||
pub mod validator;
|
||||
|
||||
pub use error::ReplayError;
|
||||
pub use validator::ReceivingKeyCounterValidator;
|
||||
|
||||
pub trait LpPacketReplayExt {
|
||||
/// Validate packet counter against a replay protection validator
|
||||
///
|
||||
/// This performs a quick check to see if the packet counter is valid before
|
||||
/// any expensive processing is done.
|
||||
fn validate_counter(&self, validator: &ReceivingKeyCounterValidator) -> Result<(), LpError>;
|
||||
|
||||
/// Mark packet as received in the replay protection validator
|
||||
///
|
||||
/// This should be called after a packet has been successfully processed.
|
||||
fn mark_received(&self, validator: &mut ReceivingKeyCounterValidator) -> Result<(), LpError>;
|
||||
}
|
||||
|
||||
impl LpPacketReplayExt for LpPacket {
|
||||
/// Validate packet counter against a replay protection validator
|
||||
///
|
||||
/// This performs a quick check to see if the packet counter is valid before
|
||||
/// any expensive processing is done.
|
||||
fn validate_counter(&self, validator: &ReceivingKeyCounterValidator) -> Result<(), LpError> {
|
||||
validator.will_accept_branchless(self.header().outer.counter)?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Mark packet as received in the replay protection validator
|
||||
///
|
||||
/// This should be called after a packet has been successfully processed.
|
||||
fn mark_received(&self, validator: &mut ReceivingKeyCounterValidator) -> Result<(), LpError> {
|
||||
validator.mark_did_receive_branchless(self.header().outer.counter)?;
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
@@ -6,9 +6,7 @@
|
||||
//! This module implements session management functionality, including replay protection
|
||||
|
||||
use crate::codec::{decrypt_lp_packet, encrypt_lp_packet};
|
||||
use crate::packet::{EncryptedLpPacket, LpFrame, LpHeader, LpPacket};
|
||||
use crate::peer::{LpLocalPeer, LpRemotePeer};
|
||||
use crate::peer_config::LpReceiverIndex;
|
||||
use crate::psq::initiator::HandshakeMode;
|
||||
use crate::psq::{
|
||||
InitiatorData, PSQHandshakeState, PSQHandshakeStateInitiator, PSQHandshakeStateResponder,
|
||||
@@ -21,6 +19,8 @@ use libcrux_psq::handshake::types::{Authenticator, DHPublicKey};
|
||||
use libcrux_psq::session::{Session, SessionBinding};
|
||||
use nym_kkt::keys::EncapsulationKey;
|
||||
use nym_kkt_ciphersuite::{KEM, KEMKeyDigests};
|
||||
use nym_lp_data::packet::header::LpReceiverIndex;
|
||||
use nym_lp_data::packet::{EncryptedLpPacket, LpFrame, LpHeader, LpPacket};
|
||||
use std::collections::BTreeMap;
|
||||
use std::fmt::{Debug, Formatter};
|
||||
|
||||
@@ -355,7 +355,7 @@ impl LpTransportSession {
|
||||
self.receiving_counter_mark(ctr)?;
|
||||
|
||||
// 4. deliver the message
|
||||
Ok(LpAction::DeliverFrame(packet.frame))
|
||||
Ok(LpAction::DeliverFrame(packet.into_frame()))
|
||||
}
|
||||
LpInput::SendFrame(data) => {
|
||||
// Encrypt and send application data
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use crate::packet::{EncryptedLpPacket, LpFrame};
|
||||
use crate::session::{LpAction, LpInput};
|
||||
use crate::{LpError, SessionManager, SessionsMock};
|
||||
use nym_kkt_ciphersuite::{IntoEnumIterator, KEM};
|
||||
use nym_lp_data::packet::{EncryptedLpPacket, LpFrame};
|
||||
|
||||
// helpers to make tests smaller
|
||||
trait ActionExtract {
|
||||
|
||||
@@ -6,9 +6,9 @@
|
||||
//! This module implements session lifecycle management functionality, handling
|
||||
//! creation, retrieval, and storage of sessions.
|
||||
|
||||
use crate::packet::{EncryptedLpPacket, LpFrame};
|
||||
use crate::peer_config::LpReceiverIndex;
|
||||
use crate::{LpError, LpTransportSession};
|
||||
use nym_lp_data::packet::header::LpReceiverIndex;
|
||||
use nym_lp_data::packet::{EncryptedLpPacket, LpFrame};
|
||||
use std::collections::HashMap;
|
||||
|
||||
pub use crate::replay::validator::PacketCount;
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
// Copyright 2026 - Nym Technologies SA <contact@nymtech.net>
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
use crate::packet::{EncryptedLpPacket, OuterHeader};
|
||||
use crate::transport::error::LpTransportError;
|
||||
use nym_kkt::context::KKTMode;
|
||||
use nym_kkt_ciphersuite::KEM;
|
||||
use nym_lp_data::packet::{EncryptedLpPacket, OuterHeader};
|
||||
use std::net::SocketAddr;
|
||||
use tokio::io::{AsyncRead, AsyncReadExt, AsyncWrite, AsyncWriteExt};
|
||||
use tokio::net::TcpStream;
|
||||
|
||||
+1
-1
@@ -80,7 +80,7 @@ nym-id = { workspace = true }
|
||||
nym-service-provider-requests-common = { workspace = true }
|
||||
nym-registration-common = { path = "../common/registration" }
|
||||
|
||||
nym-lp = { path = "../common/nym-lp" }
|
||||
nym-lp-data.workspace = true
|
||||
|
||||
defguard_wireguard_rs = { workspace = true }
|
||||
|
||||
|
||||
@@ -7,7 +7,7 @@ use crate::node::wireguard::new_peer_registration::pending::{
|
||||
use crate::node::wireguard::{GatewayWireguardError, PeerRegistrator};
|
||||
use defguard_wireguard_rs::host::Peer;
|
||||
use defguard_wireguard_rs::key::Key;
|
||||
use nym_lp::peer_config::LpReceiverIndex;
|
||||
use nym_lp_data::packet::header::LpReceiverIndex;
|
||||
use nym_registration_common::{LpRegistrationResponse, WireguardRegistrationData};
|
||||
use nym_wireguard::ip_pool::{allocated_ip_pair, IpPair};
|
||||
use nym_wireguard_types::PeerPublicKey;
|
||||
|
||||
@@ -31,7 +31,7 @@ use nym_credentials_interface::{BandwidthCredential, CredentialSpendingData};
|
||||
use nym_crypto::asymmetric::x25519;
|
||||
use nym_gateway_requests::models::CredentialSpendingRequest;
|
||||
use nym_gateway_storage::models::PersistedBandwidth;
|
||||
use nym_lp::peer_config::LpReceiverIndex;
|
||||
use nym_lp_data::packet::header::LpReceiverIndex;
|
||||
use nym_node_metrics::prometheus_wrapper::{PrometheusMetric, PROMETHEUS_METRICS};
|
||||
use nym_registration_common::dvpn::{
|
||||
LpDvpnRegistrationFinalisation, LpDvpnRegistrationInitialRequest,
|
||||
|
||||
@@ -8,7 +8,7 @@ use crate::node::wireguard::GatewayWireguardError;
|
||||
use defguard_wireguard_rs::key::Key;
|
||||
use nym_authenticator_requests::AuthenticatorVersion;
|
||||
use nym_crypto::asymmetric::x25519;
|
||||
use nym_lp::peer_config::LpReceiverIndex;
|
||||
use nym_lp_data::packet::header::LpReceiverIndex;
|
||||
use nym_registration_common::{LpRegistrationResponse, WireguardRegistrationData};
|
||||
use nym_sdk::mixnet::Recipient;
|
||||
use nym_wireguard::ip_pool::IpPair;
|
||||
|
||||
@@ -60,6 +60,7 @@ nym-ip-packet-client = { workspace = true }
|
||||
nym-ip-packet-requests = { workspace = true }
|
||||
nym-kkt-ciphersuite = { workspace = true }
|
||||
nym-lp = { path = "../common/nym-lp" }
|
||||
nym-lp-data.workspace = true
|
||||
nym-network-defaults = { path = "../common/network-defaults" }
|
||||
nym-node-requests = { path = "../nym-node/nym-node-requests" }
|
||||
nym-registration-client = { path = "../nym-registration-client" }
|
||||
|
||||
@@ -12,8 +12,8 @@ use nym_bin_common::build_information::BinaryBuildInformationOwned;
|
||||
use nym_http_api_client::UserAgent;
|
||||
use nym_kkt_ciphersuite::Ciphersuite;
|
||||
use nym_kkt_ciphersuite::{KEM, KEMKeyDigests};
|
||||
use nym_lp::packet::version;
|
||||
use nym_lp::peer::{DHPublicKey, LpRemotePeer};
|
||||
use nym_lp_data::packet::version;
|
||||
use nym_network_defaults::DEFAULT_NYM_NODE_HTTP_PORT;
|
||||
use nym_node_requests::api::client::NymNodeApiClientExt;
|
||||
use nym_node_requests::api::v1::node::models::AuxiliaryDetails as NodeAuxiliaryDetails;
|
||||
|
||||
@@ -26,4 +26,4 @@ tracing.workspace = true
|
||||
|
||||
nym-sdk = { workspace = true }
|
||||
nym-ip-packet-requests = { workspace = true }
|
||||
nym-lp = { workspace = true }
|
||||
nym-lp-data = { workspace = true }
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
use bytes::BytesMut;
|
||||
use nym_ip_packet_requests::SPHINX_STREAM_VERSION_THRESHOLD;
|
||||
use nym_lp::packet::frame::{
|
||||
use nym_lp_data::packet::frame::{
|
||||
LpFrame, LpFrameHeader, LpFrameKind, SphinxStreamFrameAttributes, SphinxStreamMsgType,
|
||||
};
|
||||
use nym_sdk::mixnet::ReconstructedMessage;
|
||||
@@ -65,7 +65,7 @@ pub fn encode_stream_frame(stream_id: u64, sequence_num: u32, payload: Vec<u8>)
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::*;
|
||||
use nym_lp::packet::frame::SphinxStreamFrameAttributes;
|
||||
use nym_lp_data::packet::frame::SphinxStreamFrameAttributes;
|
||||
|
||||
#[test]
|
||||
fn stream_frame_roundtrip_unwraps_payload() {
|
||||
|
||||
@@ -117,6 +117,7 @@ nym-ip-packet-router = { path = "../service-providers/ip-packet-router" }
|
||||
|
||||
# LP dependencies
|
||||
nym-lp = { workspace = true }
|
||||
nym-lp-data.workspace = true
|
||||
nym-registration-common = { path = "../common/registration" }
|
||||
bincode = { workspace = true }
|
||||
|
||||
|
||||
@@ -9,8 +9,8 @@ mod tests {
|
||||
use crate::node::lp::directory::LpNodeDetails;
|
||||
use crate::node::lp::state::SharedLpNodeControlState;
|
||||
use anyhow::Context;
|
||||
use nym_lp::packet::version;
|
||||
use nym_lp::peer::{LpLocalPeer, LpRemotePeer, mock_peers};
|
||||
use nym_lp_data::packet::version;
|
||||
use nym_test_utils::helpers::seeded_rng;
|
||||
use nym_test_utils::mocks::async_read_write::MockIOStream;
|
||||
use nym_test_utils::traits::TimeboxedSpawnable;
|
||||
|
||||
@@ -6,13 +6,15 @@ use crate::node::lp::control::{LP_DURATION_BUCKETS, LpConnectionStats};
|
||||
use crate::node::lp::error::LpHandlerError;
|
||||
use crate::node::lp::state::SharedLpClientControlState;
|
||||
use dashmap::mapref::one::RefMut;
|
||||
use nym_lp::packet::frame::LpFrameKind;
|
||||
use nym_lp::packet::{EncryptedLpPacket, ForwardPacketData, LpFrame};
|
||||
use nym_lp::peer_config::LpReceiverIndex;
|
||||
use nym_lp::LpTransportSession;
|
||||
use nym_lp::session::{LpAction, LpInput};
|
||||
use nym_lp::transport::LpHandshakeChannel;
|
||||
use nym_lp::transport::traits::LpTransportChannel;
|
||||
use nym_lp::{LpTransportSession, packet::frame::ExpectedResponseSize};
|
||||
use nym_lp_data::packet::frame::LpFrameKind;
|
||||
use nym_lp_data::packet::header::LpReceiverIndex;
|
||||
use nym_lp_data::packet::{
|
||||
EncryptedLpPacket, ForwardPacketData, LpFrame, frame::ExpectedResponseSize,
|
||||
};
|
||||
use nym_metrics::{add_histogram_obs, inc};
|
||||
use nym_node_metrics::NymNodeMetrics;
|
||||
use nym_registration_common::{LpRegistrationRequest, RegistrationStatus};
|
||||
|
||||
@@ -17,7 +17,7 @@
|
||||
|
||||
use crate::node::lp::error::LpHandlerError;
|
||||
use crate::node::lp::state::SharedLpDataState;
|
||||
use nym_lp::packet::OuterHeader;
|
||||
use nym_lp_data::packet::OuterHeader;
|
||||
use nym_metrics::inc;
|
||||
use std::net::SocketAddr;
|
||||
use tracing::*;
|
||||
|
||||
@@ -1,11 +1,10 @@
|
||||
// Copyright 2026 - Nym Technologies SA <contact@nymtech.net>
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
use nym_lp::packet::frame::LpFrameKind;
|
||||
use nym_lp::peer_config::LpReceiverIndex;
|
||||
use nym_lp::LpError;
|
||||
use nym_lp::session::LpAction;
|
||||
use nym_lp::transport::LpTransportError;
|
||||
use nym_lp::{LpError, packet::MalformedLpPacketError};
|
||||
use nym_lp_data::packet::{MalformedLpPacketError, frame::LpFrameKind, header::LpReceiverIndex};
|
||||
use nym_topology::NodeId;
|
||||
use std::net::{IpAddr, SocketAddr};
|
||||
use thiserror::Error;
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
// SPDX-License-Identifier: GPL-3.0-only
|
||||
|
||||
use crate::node::lp::state::SharedLpClientControlState;
|
||||
use nym_lp::peer_config::LpReceiverIndex;
|
||||
use nym_lp_data::packet::header::LpReceiverIndex;
|
||||
use nym_metrics::{add_histogram_obs, inc};
|
||||
use nym_registration_common::dvpn::{
|
||||
LpDvpnRegistrationFinalisation, LpDvpnRegistrationInitialRequest,
|
||||
|
||||
@@ -10,7 +10,7 @@ use dashmap::mapref::one::RefMut;
|
||||
use nym_gateway::node::wireguard::PeerRegistrator;
|
||||
use nym_lp::LpTransportSession;
|
||||
use nym_lp::peer::LpLocalPeer;
|
||||
use nym_lp::peer_config::LpReceiverIndex;
|
||||
use nym_lp_data::packet::header::LpReceiverIndex;
|
||||
use nym_mixnet_client::forwarder::MixForwardingSender;
|
||||
use nym_node_metrics::NymNodeMetrics;
|
||||
use std::sync::Arc;
|
||||
|
||||
@@ -31,6 +31,7 @@ nym-credentials-interface = { workspace = true }
|
||||
nym-crypto = { workspace = true, features = ["asymmetric", "libcrux_x25519"] }
|
||||
nym-ip-packet-client = { workspace = true }
|
||||
nym-lp = { path = "../common/nym-lp" }
|
||||
nym-lp-data.workspace = true
|
||||
nym-registration-common = { workspace = true }
|
||||
nym-sdk = { workspace = true }
|
||||
nym-validator-client = { workspace = true }
|
||||
|
||||
@@ -13,13 +13,13 @@ use crate::lp_client::session_helpers::{extract_forwarded_response, prepare_send
|
||||
use nym_bandwidth_controller::{BandwidthTicketProvider, DEFAULT_TICKETS_TO_SPEND};
|
||||
use nym_credentials_interface::TicketType;
|
||||
use nym_crypto::asymmetric::{ed25519, x25519};
|
||||
use nym_lp::Ciphersuite;
|
||||
use nym_lp::LpTransportSession;
|
||||
use nym_lp::peer::{DHKeyPair, LpLocalPeer, LpRemotePeer};
|
||||
use nym_lp::peer_config::LpReceiverIndex;
|
||||
use nym_lp::psq::initiator::HandshakeMode;
|
||||
use nym_lp::transport::traits::LpTransportChannel;
|
||||
use nym_lp::transport::{LpHandshakeChannel, LpTransportError};
|
||||
use nym_lp::{Ciphersuite, packet::EncryptedLpPacket, packet::version};
|
||||
use nym_lp_data::packet::{EncryptedLpPacket, header::LpReceiverIndex, version};
|
||||
use nym_registration_common::dvpn::LpDvpnRegistrationResponseMessageContent;
|
||||
use nym_registration_common::{
|
||||
LpRegistrationRequest, LpRegistrationResponse, WireguardConfiguration,
|
||||
@@ -708,7 +708,7 @@ where
|
||||
mod tests {
|
||||
use super::*;
|
||||
use nym_kkt::key_utils::generate_lp_keypair_x25519;
|
||||
use nym_lp::packet::version;
|
||||
use nym_lp_data::packet::version;
|
||||
use nym_test_utils::helpers::deterministic_rng_09;
|
||||
|
||||
#[test]
|
||||
|
||||
@@ -4,10 +4,10 @@
|
||||
//! Error types for LP (Lewes Protocol) client operations.
|
||||
|
||||
use nym_lp::LpError;
|
||||
use nym_lp::packet::MalformedLpPacketError;
|
||||
use nym_lp::packet::frame::LpFrameKind;
|
||||
use nym_lp::session::LpAction;
|
||||
use nym_lp::transport::LpTransportError;
|
||||
use nym_lp_data::packet::MalformedLpPacketError;
|
||||
use nym_lp_data::packet::frame::LpFrameKind;
|
||||
use thiserror::Error;
|
||||
|
||||
/// Errors that can occur during LP client operations.
|
||||
|
||||
@@ -4,10 +4,10 @@
|
||||
#![allow(dead_code)]
|
||||
|
||||
use crate::LpClientError;
|
||||
use nym_lp::packet::frame::LpFrameKind;
|
||||
use nym_lp::packet::{ForwardPacketData, LpFrame};
|
||||
use nym_lp::peer::LpRemotePeer;
|
||||
use nym_lp::session::{LpAction, LpInput};
|
||||
use nym_lp_data::packet::frame::LpFrameKind;
|
||||
use nym_lp_data::packet::{ForwardPacketData, LpFrame};
|
||||
use nym_registration_common::{
|
||||
LpRegistrationRequest, LpRegistrationResponse, NymNodeLPInformation,
|
||||
};
|
||||
|
||||
@@ -5,10 +5,10 @@ use crate::lp_client::helpers::{convert_forward_data, try_convert_forward_respon
|
||||
use crate::{LpClientError, LpRegistrationClient};
|
||||
use bytes::{BufMut, BytesMut};
|
||||
use nym_lp::KEM;
|
||||
use nym_lp::packet::{EncryptedLpPacket, ForwardPacketData, frame::ExpectedResponseSize};
|
||||
use nym_lp::session::{LpAction, LpInput};
|
||||
use nym_lp::transport::traits::{HandshakeMessage, LpTransportChannel};
|
||||
use nym_lp::transport::{LpHandshakeChannel, LpTransportError};
|
||||
use nym_lp_data::packet::{EncryptedLpPacket, ForwardPacketData, frame::ExpectedResponseSize};
|
||||
use std::io;
|
||||
use std::net::SocketAddr;
|
||||
|
||||
|
||||
@@ -27,13 +27,13 @@ use crate::lp_client::session_helpers::{extract_forwarded_response, prepare_send
|
||||
use nym_bandwidth_controller::{BandwidthTicketProvider, DEFAULT_TICKETS_TO_SPEND};
|
||||
use nym_credentials_interface::TicketType;
|
||||
use nym_crypto::asymmetric::{ed25519, x25519};
|
||||
use nym_lp::packet::version;
|
||||
use nym_lp::packet::{EncryptedLpPacket, LpFrame};
|
||||
use nym_lp::peer::{DHKeyPair, LpLocalPeer, LpRemotePeer};
|
||||
use nym_lp::psq::initiator::HandshakeMode;
|
||||
use nym_lp::transport::LpHandshakeChannel;
|
||||
use nym_lp::transport::traits::LpTransportChannel;
|
||||
use nym_lp::{Ciphersuite, KEM, LpTransportSession};
|
||||
use nym_lp_data::packet::version;
|
||||
use nym_lp_data::packet::{EncryptedLpPacket, LpFrame};
|
||||
use nym_registration_common::dvpn::LpDvpnRegistrationResponseMessageContent;
|
||||
use nym_registration_common::{
|
||||
LpRegistrationRequest, LpRegistrationResponse, WireguardConfiguration,
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
use crate::LpClientError;
|
||||
use nym_lp::packet::LpFrame;
|
||||
use nym_lp::LpTransportSession;
|
||||
use nym_lp::session::{LpAction, LpInput};
|
||||
use nym_lp::{LpTransportSession, packet::EncryptedLpPacket};
|
||||
use nym_lp_data::packet::{EncryptedLpPacket, LpFrame};
|
||||
|
||||
/// Attempt to prepare the provided data for sending by wrapping it in appropriate `LpAction`,
|
||||
/// and attempting to extract `EncryptedLpPacket` from the provided state machine.
|
||||
|
||||
@@ -39,7 +39,7 @@ nym-credentials-interface = { workspace = true }
|
||||
nym-credential-storage = { workspace = true }
|
||||
nym-credential-utils = { workspace = true }
|
||||
nym-network-defaults = { workspace = true }
|
||||
nym-lp = { workspace = true }
|
||||
nym-lp-data = { workspace = true }
|
||||
nym-sphinx = { workspace = true }
|
||||
nym-statistics-common = { workspace = true }
|
||||
nym-task = { workspace = true }
|
||||
|
||||
@@ -19,7 +19,7 @@ use nym_sphinx::params::PacketType;
|
||||
use nym_task::connections::TransmissionLane;
|
||||
use tokio_util::sync::PollSender;
|
||||
|
||||
use nym_lp::packet::frame::SphinxStreamMsgType;
|
||||
use nym_lp_data::packet::frame::SphinxStreamMsgType;
|
||||
|
||||
use super::protocol::{encode_stream_message, StreamId};
|
||||
use super::StreamMap;
|
||||
|
||||
@@ -40,7 +40,7 @@ use nym_sphinx::addressing::clients::Recipient;
|
||||
use nym_sphinx::anonymous_replies::requests::AnonymousSenderTag;
|
||||
use nym_task::connections::TransmissionLane;
|
||||
|
||||
use nym_lp::packet::frame::SphinxStreamMsgType;
|
||||
use nym_lp_data::packet::frame::SphinxStreamMsgType;
|
||||
use protocol::{decode_stream_message, encode_stream_message};
|
||||
|
||||
use crate::mixnet::native_client::MixnetClient;
|
||||
|
||||
@@ -17,7 +17,7 @@
|
||||
use std::fmt;
|
||||
|
||||
use bytes::BytesMut;
|
||||
use nym_lp::packet::frame::{
|
||||
use nym_lp_data::packet::frame::{
|
||||
LpFrame, LpFrameHeader, LpFrameKind, SphinxStreamFrameAttributes, SphinxStreamMsgType,
|
||||
};
|
||||
|
||||
|
||||
@@ -26,7 +26,7 @@ nym-crypto = { workspace = true }
|
||||
nym-exit-policy = { workspace = true }
|
||||
nym-id = { workspace = true }
|
||||
nym-ip-packet-requests = { workspace = true }
|
||||
nym-lp = { workspace = true }
|
||||
nym-lp-data = { workspace = true }
|
||||
nym-network-defaults = { workspace = true }
|
||||
nym-network-requester = { path = "../network-requester" }
|
||||
nym-sdk = { workspace = true }
|
||||
|
||||
@@ -12,7 +12,7 @@ use nym_ip_packet_requests::{
|
||||
v8::response::IpPacketResponse as IpPacketResponseV8,
|
||||
v9,
|
||||
};
|
||||
use nym_lp::packet::frame::{
|
||||
use nym_lp_data::packet::frame::{
|
||||
LpFrame, LpFrameHeader, SphinxStreamFrameAttributes, SphinxStreamMsgType,
|
||||
};
|
||||
use nym_sdk::mixnet::{
|
||||
|
||||
@@ -24,7 +24,7 @@ use crate::{
|
||||
use futures::StreamExt;
|
||||
use nym_ip_packet_requests::codec::MultiIpPacketCodec;
|
||||
use nym_ip_packet_requests::{MAX_NON_STREAM_VERSION, SPHINX_STREAM_VERSION_THRESHOLD};
|
||||
use nym_lp::packet::frame::{LpFrameHeader, LpFrameKind, SphinxStreamFrameAttributes};
|
||||
use nym_lp_data::packet::frame::{LpFrameHeader, LpFrameKind, SphinxStreamFrameAttributes};
|
||||
use nym_sdk::mixnet::MixnetMessageSender;
|
||||
use nym_sphinx::receiver::ReconstructedMessage;
|
||||
use nym_task::ShutdownToken;
|
||||
@@ -704,7 +704,7 @@ mod tests {
|
||||
#[test]
|
||||
fn test_lp_stream_frame_detected() {
|
||||
use bytes::BytesMut;
|
||||
use nym_lp::packet::frame::{
|
||||
use nym_lp_data::packet::frame::{
|
||||
LpFrameHeader, LpFrameKind, SphinxStreamFrameAttributes, SphinxStreamMsgType,
|
||||
};
|
||||
|
||||
@@ -713,7 +713,7 @@ mod tests {
|
||||
msg_type: SphinxStreamMsgType::Data,
|
||||
sequence_num: 42,
|
||||
};
|
||||
let frame = nym_lp::packet::frame::LpFrame::new_stream(attrs, vec![8, 1, 0]); // fake IPR payload
|
||||
let frame = nym_lp_data::packet::frame::LpFrame::new_stream(attrs, vec![8, 1, 0]); // fake IPR payload
|
||||
let mut buf = BytesMut::new();
|
||||
frame.encode(&mut buf);
|
||||
|
||||
|
||||
@@ -33,6 +33,7 @@ nym-kkt-ciphersuite = { workspace = true }
|
||||
nym-http-api-client = { path = "../../common/http-api-client" }
|
||||
nym-kcp = { path = "../../common/nym-kcp" }
|
||||
nym-lp = { path = "../../common/nym-lp" }
|
||||
nym-lp-data.workspace = true
|
||||
nym-sphinx = { path = "../../common/nymsphinx" }
|
||||
nym-sphinx-framing = { path = "../../common/nymsphinx/framing", features = ["no-mix-acks"] }
|
||||
nym-sphinx-anonymous-replies = { path = "../../common/nymsphinx/anonymous-replies" }
|
||||
|
||||
@@ -33,8 +33,8 @@ use tracing::{debug, info, trace};
|
||||
|
||||
use crate::topology::{GatewayInfo, SpeedtestTopology};
|
||||
use nym_ip_packet_requests::v8::request::IpPacketRequest;
|
||||
use nym_lp::packet::version;
|
||||
use nym_lp::peer::{DHKeyPair, LpRemotePeer};
|
||||
use nym_lp_data::packet::version;
|
||||
use nym_sphinx::forwarding::packet::MixPacket;
|
||||
|
||||
/// Conv ID for KCP - hash of source and destination addresses
|
||||
|
||||
Reference in New Issue
Block a user