Commit Graph

8 Commits

Author SHA1 Message Date
Jon Häggblad c6e41ca3f3 Update to rust edition 2021 everywhere (#1086)
* chore: update to rust edition 2021 everywhere

* validator-api: simplify into_iter call in rust 2021
2022-02-01 13:28:02 +01:00
Drazen Urch 28e55c6de6 Hang coconut issuance off the validator-api (#679)
* Hand coconut issuance off the validator-api

* git to cargo

* Move to own module

* Integrate tauri-client, extract common interface

* cargo fmt

* Ergonomics

* Facelift

* Wrap up tauri client

* Set up publish

* Fix fmt

* Install CI dependencies

* Inline deps

* Remove mac deps

* Add dist dir

* Fix beta clippy nag

* Commit some gateway work

* Thread coconut creds through gateway handshake

* Push in progress patch

* Move State from tauri client to coconut interface

* Move get_aggregated_signature from tauri client to coconut interface

* Move prove_credential from tauri client to coconut interface

* Update sphinx version

* Mount coconut routes and manage config file in rocket

* Split default validator endpoint into host and port

* Add init for simple credential initialization

* Fix common gateway client

* Add coconut cred to webassembly client

* Add coconut cred to socks5 client

* Add coconut cred to native client

* Remove direct coconut-rs dependency

* Use only coconut interface in validator api

* Leave validator-api out of workspace and update Cargo.lock

* Fix clippy warnings and update Cargo.lock after rebase

* Switch from attohttpc to reqwest for async gets

This is not only needed for using async requests, but also because attohttpc
causes OpenSSL issues when cross compiling the webassembly client.

* Replace attohttpc with reqwest for puts too

* Make tauri client commands async

* Fix borrow error

* Guard gateway server code from compiling for wasm (client)

* Fix clippy wasm client

* Fix tests

* Fix clippy in tauri client

* Remove commented code

* Update comment of init message

* Remove unnecessary hex dependency

* Replace config argument with key_pair

* Use `trim()` for whitespace removal

* Move verification key query higher up the function calls

* Put KeyPair instead of Config into rocket's managed items

* Re-enable tauri client verify button

* Move verification key up the function calls for prove_credential

* Use consts for verification_key and blind_sign routes of validator-api

* Replace `match` with `map_err`

* Fix typo

* Remove now unnecessary `Clone` derives

... as config is no longer managed by rocket

* Replace `match` with `map_err`

* Make `InternalSignRequest` really internal to validator-api

* Make `with_keypair` live up to its name

* Update Cargo.lock after rebase

* Replace String error with HandshakeError

* Add CoconutInterfaceError to coconut-interface

* Format the new error in tauri client

* Remove  from default, as wasm client doesn't build

* Put public key as init argument...

... for the public attributes of the credential

* Use the hash_to_scalar function to make public key into attribute

Use the function from cli-demo-rs from https://github.com/nymtech/coconut
to make the identity public key into a public attribute.

* Replace vector with array for InitMessage

As we know beforehand the size of the keys, we can use fixed size array
instead of vectors. This eliminates the need for a prefixed length in
the serialized form of the InitMessage structure and enables a easy
deserialization of the remote identity before the actual bincode
deserialization that we do in the handshake process.

Before this, the `extract_remote_identity_from_register_init` function
attempted to deserialize into a public key the length-prefixed public key
received from the client, thus failing sporadically with a `Cannot decompress
Edwards point` error.

* Pass public and private attributes to state `init` instead of PublicKey

* Make tauri call with dummy attributes

* Make clients call with their keypairs

* Revert "Make clients call with their keypairs"

This reverts commit b348f47f7a.

* Put dummy, bandwidth private attribute

Co-authored-by: Bogdan-Ștefan Neacșu <bogdan@nymtech.net>
2021-08-13 14:27:40 +03:00
Jędrzej Stuczyński aaa4378b33 Updated used sphinx dependency to the most recent revision (#722) 2021-08-05 12:01:37 +01:00
Jędrzej Stuczyński e5afd54ce0 Feature/node status api (#680)
* Basic storage stub

* New models for new node status api

* Route handling

* Mounting new routes

* Missing selective commit

* Moved network monitor related files to separate package

* Starting to see some sqlx action

* Schema updates

* Log statement upon finished migration

* Removed old diesel related imports

* Converted mixnode cache initialisation into a fairing

* Moved cache related functionalities to separate package

Also defined staging there

* Created run method for validator cache + removed unwrap

* Removed old node-status-api types and left bunch of todo placeholders in their place

* Fixed managing validatorcache

* Status reports are starting to get constructed

* Submitting some dummy results to the database

* Removing duplicate code for generating reports

* Removed statuses older than 48h

* Initial attempt at trying to obtain reports for all active nodes

* Removed duplicates from the full report

* Grabbing uptime history

* Updating historical uptimes of active nodes

* Updated sqlx-data.json

* Removed all placeholder foomp owner values

* Changed Layer serde behaviour for easier usage

* Extended validator api config

* Initial (seems working !) integration with network monitor

* Added database path configuration to config

* Using ValidatorCache in NetworkMonitor

* Flag indicating whether validator cache has been initialised

* Introduced a locla-only route for reward script to perform daily chores

* Flag to save config to a file

* Moved spawning of receiving future to run method rather than new

* Removed arguments that dont make sense to be configured via CLI

* Removed dead code from config file

* More dead code removal

* Added validator API to CI

* Corrected manifest-path arguments

* Constructing network monitor by passing config

* Combined validator API CI with the main CI file

* Using query_as for NodeStatus

* Checking if historical uptimes were already calculated on particular day

* Making id field NOT NULL

* More query_as! action

* Updated sqlx-data.json

* Removed unused chrono feature

* Renamed the migration file

* Changed default validator endpoint to point to local validator

* Removing unnecessary clone

* More appropriate naming

* Removed dead code

* Lock file updates

* Updated network monitor address in contract code

* Don't stage node status api if network monitor is disabled

* cargo fmt

* Updated all license notices to SPDX
2021-07-19 14:02:47 +01:00
Jędrzej Stuczyński 4f6b2aea19 Feature/instant sending (#359)
* Ability to set client in vpn mode

* Connection handler for mixnode

* Initial vpn mode for mixes

* Updated SphinxCodec to contain more metadata

* Renaming

* Removed handle from mixnet client and introduced forwarder

* Mixnode using new forwarder

* Mixnode common module containing shared packet processing

* ibid. incorporated inside mixnode

* New processing for gateway

* Type cleanup

* Wasm fix

* Fixed client config

* Fixed mixnode runtime issues

* Formatting

* Client re-using secret on 'normal' packets

* Using the same key for acks

* WIP

* vpn key manager cleanup

* wasm fix

* VPN_KEY_REUSE_LIMIT moved to config

* Moved AckDelayQueue to separate common crate

* Key cache invalidator

* Updated dashmap used in gateway

* Old typo

* Additional comment

* Cargo fmt

* Fixed tests

* Sphinx update

* cache ttl as config option

* Cargo fmt
2020-09-30 17:30:17 +01:00
Jędrzej Stuczyński d9d549fd0f Feature/reply surbs (#299)
* Changed identity keypair to use ed25519

* Encryption key is now x25519 based + compatibiltiy with sphinx

* Pathing and import fixes

* Moved all asymmetric keys to sub-module in crypto

* Extracted aes to separate module

* kdf module in crypto

* Ability to perform diffie hellman on encryption keys

* ecdsa on identity keys

* Extremely rough and incomplete registration handshake

* Authentication primitives

* Creating new random authenticationIV

* Wrapper type for the derived shared key

* Removed AuthToken in favour of using SharedKey for authentication

* Gateway identity keys

* Registration handshake without error mapping

* Gateway address in client config

* Added extra key for gateway presence

* Updated pemstore to work on borrows instead

* Gateway client trying to perform the handshake

* Gateway changes to allow for handshake and shared key

* Debug trait on sharedkey

* native client using updated gateway client

* Slightly updated gateway API

* Minor cleanup

* Fixed pemstore to correctly save multiple keypairs

* Gateway actually deriving shared key during handshake

* Gateway sending correct mid-handshake message

* Missing quotation mark in client config template

* Fixed template for correct shared key serialization

* Fixed gateway authentication

* Fixed tests

* Using correct gateway key when converting to sphinx node

* "get_all_clients" takes them from gateways as opposed to providers now

* cargo fmt

* Renamed pemstore methods

* Unused import

* Encryption of forward requests between client and gateway

* Updated sphinx dependency to use public revision

* Sending 'error' on handshake processing error

* Removed some dead code

* Dead code I forgot to remove before

* Extracted AckAes128Key into a struct

* Slight pemstore revamp allowing for symmetric key store

* ibid.

* PemStorableKey for SharedKey

* Introduced single location responsible for key management for client

* WIP

* Sphinx version update

* Stop using NodeAddressBytes for two distinct and confusing purposes

* Abstracting away SocketAddr from sphinx forwarding

* Passing the bool for reply surbs

* Attack plan for replies + encryption

* Comment + removed variable binding

* ReplySURB usage

* Topology import in nymsphinx

* Sphinx version update

* Changed 'Recipient' to contain client's encryption key

* Message preparation taking shape!

* reply surb also containing the encryption key

* Very initial message receiver

* Sphinx version update

* A possibly working way of receiving surbs

* Fixed incorrect field name in client config template

* camel casing all request arguments

* Renamed and moved `MessageMode` to more appropriate file

* Restored reconstruction tests

* Removed dead code from chunking

* Made rust examples compilable

* reply SURB key storage

* Replies as an InputMessage

* Forgotten commented code

* No retransmission processing for cover or replies

* Received reply processing

* Renamed client pathfinder to something more appropriate

* Made HasherOutputSize public

* Added key store path to config

* Reply surb attaching key digest when used

* Changes due to previous renaming

* Removed comment

* Fixed insert_encryption_key

* Assigning initial value of key store path

* Computing key digest with correct algorithm

* Initial and presumably temporary request serialization

* hacky way of introducing 'FragmentIdentifier' for replies

* Moved responsibility of reply encryption, padding, etc, to message preparer

* Optional recipient in try_get_valid_topology_ref

* Handling new reply surbs with acks and padding

* Updated go and python examples to include replies in text and binary cases

* Updated rust examples + binaryserverresponse

* Helpers in rust examples

* And updated JS example

* Moved shared key generation function to crypto crate

* Cover traffic encryption!

* hmac computation in crypto

* Updated aes imports due to new dependencies

* hkdf made more generic

* crypto cleanup + algorithms in params

* Clippy cleanup pass

* Generating encryption+mac shared keys between client and gateway

* MACs attached to forward requests to gateway

* Gateway messages encrypted and mac'd

* Lowered logging level

* compiler warning cleanup

* Some minor cleanup

* Generic stream cipher

* Generic shared key derivation + algorithm definitions

* Project-wide AES clean-up

* Comment fix

* Removed commented imports

* Updated comments

* Fixed topology test fixture
2020-08-07 18:16:54 +01:00
Jędrzej Stuczyński e849e45b12 Feature/gateway shared key generation (#272)
* Changed identity keypair to use ed25519

* Encryption key is now x25519 based + compatibiltiy with sphinx

* Pathing and import fixes

* Moved all asymmetric keys to sub-module in crypto

* Extracted aes to separate module

* kdf module in crypto

* Ability to perform diffie hellman on encryption keys

* ecdsa on identity keys

* Extremely rough and incomplete registration handshake

* Authentication primitives

* Creating new random authenticationIV

* Wrapper type for the derived shared key

* Removed AuthToken in favour of using SharedKey for authentication

* Gateway identity keys

* Registration handshake without error mapping

* Gateway address in client config

* Added extra key for gateway presence

* Updated pemstore to work on borrows instead

* Gateway client trying to perform the handshake

* Gateway changes to allow for handshake and shared key

* Debug trait on sharedkey

* native client using updated gateway client

* Slightly updated gateway API

* Minor cleanup

* Fixed pemstore to correctly save multiple keypairs

* Gateway actually deriving shared key during handshake

* Gateway sending correct mid-handshake message

* Missing quotation mark in client config template

* Fixed template for correct shared key serialization

* Fixed gateway authentication

* Fixed tests

* Using correct gateway key when converting to sphinx node

* "get_all_clients" takes them from gateways as opposed to providers now

* cargo fmt

* Renamed pemstore methods

* Unused import

* Encryption of forward requests between client and gateway

* Updated sphinx dependency to use public revision

* Sending 'error' on handshake processing error

* Removed some dead code
2020-06-30 12:01:45 +01:00
Jędrzej Stuczyński b57a548350 Feature/packet retransmission (#263)
* Ability to send sphinx packets of different sizes + more efficient decoding

* Closing connection on connection corruption

* Missing semicolons

* Missing license notices

* Default for packetsize

* Split nymsphinx

* Replaced Mutex with RwLock for TopologyAccessor + impl Deref

* Sphinx update + import cleanup

* Moved packet_sizes file

* Updated NymTopology API

* sphinx version bump

* Missing license notice

* nymsphinx-params crate

* Changes due to ibid.

* Chunking rework to allow variable size fragments

* Initial ack crate

* Version bump to new dev build

* Cargo lock changes

* random_route_to_gateway by node address

* exposing getting read permit

* Very initial draft on ack control

* Correctly dereferencing out of topology read permit

* All pending changes + compilation todo!s

* Restricted scope of deref on TopologyAccessorInner

* Type path alias for generate_key

* Derived traits for MessageChunker

* Ack control starting to take shape!

* Awaiting callbacks

* Most of work done on acks. Now to wire it all together

* Import cleanup

* rng generalization

* Connected real traffic together; only acks from gateway left

* Removed redundant things from nymsphinx::utils

* nymsphinx-cover crate

* Ack-related fields in client config

* Decreased packet store log level

* Restored forward sphinx request

* Slight adjustements to surb acks

* Changed TopologyReadPermit from type alias into a struct

* Changes due to ibid.

* Sphinx version upgrade

* Gateway being able to understand and handle acks

* Special Cover FragmentIdentifier + removal of dead code

* Initial packet router for gateway client

* Kill client if it fails to send to gateway too many times

* Cover messages with acks

* Moved out gateway client errors

* Ignoring cover traffic acks

* Changes in ack control

* Another sphinx version upgrade

* websocket handler delegating message chunking

* Using config defined ack wait additions

* Other minor changes I should have been more dilligent with splitting

* Import path fix

* sphinx_receiver => mixnet_receiver

* Missing renamed variable instance

* Updated aes-ctr to 0.4.0

* Removed concept of 'unfragmented' single fragment

* Replay fragments detection

* Long method split

* typo

* Cleaner client init

* Fixed race condition

* Fixed similar issue for retransmission

* Cargo fmt

* Minor clenaup
2020-06-16 11:22:02 +01:00