fe9cb8a4e6d04fbdb1816e47ea4ee554792cf8bc
8 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
c6e41ca3f3 |
Update to rust edition 2021 everywhere (#1086)
* chore: update to rust edition 2021 everywhere * validator-api: simplify into_iter call in rust 2021 |
||
|
|
28e55c6de6 |
Hang coconut issuance off the validator-api (#679)
* Hand coconut issuance off the validator-api
* git to cargo
* Move to own module
* Integrate tauri-client, extract common interface
* cargo fmt
* Ergonomics
* Facelift
* Wrap up tauri client
* Set up publish
* Fix fmt
* Install CI dependencies
* Inline deps
* Remove mac deps
* Add dist dir
* Fix beta clippy nag
* Commit some gateway work
* Thread coconut creds through gateway handshake
* Push in progress patch
* Move State from tauri client to coconut interface
* Move get_aggregated_signature from tauri client to coconut interface
* Move prove_credential from tauri client to coconut interface
* Update sphinx version
* Mount coconut routes and manage config file in rocket
* Split default validator endpoint into host and port
* Add init for simple credential initialization
* Fix common gateway client
* Add coconut cred to webassembly client
* Add coconut cred to socks5 client
* Add coconut cred to native client
* Remove direct coconut-rs dependency
* Use only coconut interface in validator api
* Leave validator-api out of workspace and update Cargo.lock
* Fix clippy warnings and update Cargo.lock after rebase
* Switch from attohttpc to reqwest for async gets
This is not only needed for using async requests, but also because attohttpc
causes OpenSSL issues when cross compiling the webassembly client.
* Replace attohttpc with reqwest for puts too
* Make tauri client commands async
* Fix borrow error
* Guard gateway server code from compiling for wasm (client)
* Fix clippy wasm client
* Fix tests
* Fix clippy in tauri client
* Remove commented code
* Update comment of init message
* Remove unnecessary hex dependency
* Replace config argument with key_pair
* Use `trim()` for whitespace removal
* Move verification key query higher up the function calls
* Put KeyPair instead of Config into rocket's managed items
* Re-enable tauri client verify button
* Move verification key up the function calls for prove_credential
* Use consts for verification_key and blind_sign routes of validator-api
* Replace `match` with `map_err`
* Fix typo
* Remove now unnecessary `Clone` derives
... as config is no longer managed by rocket
* Replace `match` with `map_err`
* Make `InternalSignRequest` really internal to validator-api
* Make `with_keypair` live up to its name
* Update Cargo.lock after rebase
* Replace String error with HandshakeError
* Add CoconutInterfaceError to coconut-interface
* Format the new error in tauri client
* Remove from default, as wasm client doesn't build
* Put public key as init argument...
... for the public attributes of the credential
* Use the hash_to_scalar function to make public key into attribute
Use the function from cli-demo-rs from https://github.com/nymtech/coconut
to make the identity public key into a public attribute.
* Replace vector with array for InitMessage
As we know beforehand the size of the keys, we can use fixed size array
instead of vectors. This eliminates the need for a prefixed length in
the serialized form of the InitMessage structure and enables a easy
deserialization of the remote identity before the actual bincode
deserialization that we do in the handshake process.
Before this, the `extract_remote_identity_from_register_init` function
attempted to deserialize into a public key the length-prefixed public key
received from the client, thus failing sporadically with a `Cannot decompress
Edwards point` error.
* Pass public and private attributes to state `init` instead of PublicKey
* Make tauri call with dummy attributes
* Make clients call with their keypairs
* Revert "Make clients call with their keypairs"
This reverts commit
|
||
|
|
aaa4378b33 | Updated used sphinx dependency to the most recent revision (#722) | ||
|
|
e5afd54ce0 |
Feature/node status api (#680)
* Basic storage stub * New models for new node status api * Route handling * Mounting new routes * Missing selective commit * Moved network monitor related files to separate package * Starting to see some sqlx action * Schema updates * Log statement upon finished migration * Removed old diesel related imports * Converted mixnode cache initialisation into a fairing * Moved cache related functionalities to separate package Also defined staging there * Created run method for validator cache + removed unwrap * Removed old node-status-api types and left bunch of todo placeholders in their place * Fixed managing validatorcache * Status reports are starting to get constructed * Submitting some dummy results to the database * Removing duplicate code for generating reports * Removed statuses older than 48h * Initial attempt at trying to obtain reports for all active nodes * Removed duplicates from the full report * Grabbing uptime history * Updating historical uptimes of active nodes * Updated sqlx-data.json * Removed all placeholder foomp owner values * Changed Layer serde behaviour for easier usage * Extended validator api config * Initial (seems working !) integration with network monitor * Added database path configuration to config * Using ValidatorCache in NetworkMonitor * Flag indicating whether validator cache has been initialised * Introduced a locla-only route for reward script to perform daily chores * Flag to save config to a file * Moved spawning of receiving future to run method rather than new * Removed arguments that dont make sense to be configured via CLI * Removed dead code from config file * More dead code removal * Added validator API to CI * Corrected manifest-path arguments * Constructing network monitor by passing config * Combined validator API CI with the main CI file * Using query_as for NodeStatus * Checking if historical uptimes were already calculated on particular day * Making id field NOT NULL * More query_as! action * Updated sqlx-data.json * Removed unused chrono feature * Renamed the migration file * Changed default validator endpoint to point to local validator * Removing unnecessary clone * More appropriate naming * Removed dead code * Lock file updates * Updated network monitor address in contract code * Don't stage node status api if network monitor is disabled * cargo fmt * Updated all license notices to SPDX |
||
|
|
4f6b2aea19 |
Feature/instant sending (#359)
* Ability to set client in vpn mode * Connection handler for mixnode * Initial vpn mode for mixes * Updated SphinxCodec to contain more metadata * Renaming * Removed handle from mixnet client and introduced forwarder * Mixnode using new forwarder * Mixnode common module containing shared packet processing * ibid. incorporated inside mixnode * New processing for gateway * Type cleanup * Wasm fix * Fixed client config * Fixed mixnode runtime issues * Formatting * Client re-using secret on 'normal' packets * Using the same key for acks * WIP * vpn key manager cleanup * wasm fix * VPN_KEY_REUSE_LIMIT moved to config * Moved AckDelayQueue to separate common crate * Key cache invalidator * Updated dashmap used in gateway * Old typo * Additional comment * Cargo fmt * Fixed tests * Sphinx update * cache ttl as config option * Cargo fmt |
||
|
|
d9d549fd0f |
Feature/reply surbs (#299)
* Changed identity keypair to use ed25519 * Encryption key is now x25519 based + compatibiltiy with sphinx * Pathing and import fixes * Moved all asymmetric keys to sub-module in crypto * Extracted aes to separate module * kdf module in crypto * Ability to perform diffie hellman on encryption keys * ecdsa on identity keys * Extremely rough and incomplete registration handshake * Authentication primitives * Creating new random authenticationIV * Wrapper type for the derived shared key * Removed AuthToken in favour of using SharedKey for authentication * Gateway identity keys * Registration handshake without error mapping * Gateway address in client config * Added extra key for gateway presence * Updated pemstore to work on borrows instead * Gateway client trying to perform the handshake * Gateway changes to allow for handshake and shared key * Debug trait on sharedkey * native client using updated gateway client * Slightly updated gateway API * Minor cleanup * Fixed pemstore to correctly save multiple keypairs * Gateway actually deriving shared key during handshake * Gateway sending correct mid-handshake message * Missing quotation mark in client config template * Fixed template for correct shared key serialization * Fixed gateway authentication * Fixed tests * Using correct gateway key when converting to sphinx node * "get_all_clients" takes them from gateways as opposed to providers now * cargo fmt * Renamed pemstore methods * Unused import * Encryption of forward requests between client and gateway * Updated sphinx dependency to use public revision * Sending 'error' on handshake processing error * Removed some dead code * Dead code I forgot to remove before * Extracted AckAes128Key into a struct * Slight pemstore revamp allowing for symmetric key store * ibid. * PemStorableKey for SharedKey * Introduced single location responsible for key management for client * WIP * Sphinx version update * Stop using NodeAddressBytes for two distinct and confusing purposes * Abstracting away SocketAddr from sphinx forwarding * Passing the bool for reply surbs * Attack plan for replies + encryption * Comment + removed variable binding * ReplySURB usage * Topology import in nymsphinx * Sphinx version update * Changed 'Recipient' to contain client's encryption key * Message preparation taking shape! * reply surb also containing the encryption key * Very initial message receiver * Sphinx version update * A possibly working way of receiving surbs * Fixed incorrect field name in client config template * camel casing all request arguments * Renamed and moved `MessageMode` to more appropriate file * Restored reconstruction tests * Removed dead code from chunking * Made rust examples compilable * reply SURB key storage * Replies as an InputMessage * Forgotten commented code * No retransmission processing for cover or replies * Received reply processing * Renamed client pathfinder to something more appropriate * Made HasherOutputSize public * Added key store path to config * Reply surb attaching key digest when used * Changes due to previous renaming * Removed comment * Fixed insert_encryption_key * Assigning initial value of key store path * Computing key digest with correct algorithm * Initial and presumably temporary request serialization * hacky way of introducing 'FragmentIdentifier' for replies * Moved responsibility of reply encryption, padding, etc, to message preparer * Optional recipient in try_get_valid_topology_ref * Handling new reply surbs with acks and padding * Updated go and python examples to include replies in text and binary cases * Updated rust examples + binaryserverresponse * Helpers in rust examples * And updated JS example * Moved shared key generation function to crypto crate * Cover traffic encryption! * hmac computation in crypto * Updated aes imports due to new dependencies * hkdf made more generic * crypto cleanup + algorithms in params * Clippy cleanup pass * Generating encryption+mac shared keys between client and gateway * MACs attached to forward requests to gateway * Gateway messages encrypted and mac'd * Lowered logging level * compiler warning cleanup * Some minor cleanup * Generic stream cipher * Generic shared key derivation + algorithm definitions * Project-wide AES clean-up * Comment fix * Removed commented imports * Updated comments * Fixed topology test fixture |
||
|
|
e849e45b12 |
Feature/gateway shared key generation (#272)
* Changed identity keypair to use ed25519 * Encryption key is now x25519 based + compatibiltiy with sphinx * Pathing and import fixes * Moved all asymmetric keys to sub-module in crypto * Extracted aes to separate module * kdf module in crypto * Ability to perform diffie hellman on encryption keys * ecdsa on identity keys * Extremely rough and incomplete registration handshake * Authentication primitives * Creating new random authenticationIV * Wrapper type for the derived shared key * Removed AuthToken in favour of using SharedKey for authentication * Gateway identity keys * Registration handshake without error mapping * Gateway address in client config * Added extra key for gateway presence * Updated pemstore to work on borrows instead * Gateway client trying to perform the handshake * Gateway changes to allow for handshake and shared key * Debug trait on sharedkey * native client using updated gateway client * Slightly updated gateway API * Minor cleanup * Fixed pemstore to correctly save multiple keypairs * Gateway actually deriving shared key during handshake * Gateway sending correct mid-handshake message * Missing quotation mark in client config template * Fixed template for correct shared key serialization * Fixed gateway authentication * Fixed tests * Using correct gateway key when converting to sphinx node * "get_all_clients" takes them from gateways as opposed to providers now * cargo fmt * Renamed pemstore methods * Unused import * Encryption of forward requests between client and gateway * Updated sphinx dependency to use public revision * Sending 'error' on handshake processing error * Removed some dead code |
||
|
|
b57a548350 |
Feature/packet retransmission (#263)
* Ability to send sphinx packets of different sizes + more efficient decoding * Closing connection on connection corruption * Missing semicolons * Missing license notices * Default for packetsize * Split nymsphinx * Replaced Mutex with RwLock for TopologyAccessor + impl Deref * Sphinx update + import cleanup * Moved packet_sizes file * Updated NymTopology API * sphinx version bump * Missing license notice * nymsphinx-params crate * Changes due to ibid. * Chunking rework to allow variable size fragments * Initial ack crate * Version bump to new dev build * Cargo lock changes * random_route_to_gateway by node address * exposing getting read permit * Very initial draft on ack control * Correctly dereferencing out of topology read permit * All pending changes + compilation todo!s * Restricted scope of deref on TopologyAccessorInner * Type path alias for generate_key * Derived traits for MessageChunker * Ack control starting to take shape! * Awaiting callbacks * Most of work done on acks. Now to wire it all together * Import cleanup * rng generalization * Connected real traffic together; only acks from gateway left * Removed redundant things from nymsphinx::utils * nymsphinx-cover crate * Ack-related fields in client config * Decreased packet store log level * Restored forward sphinx request * Slight adjustements to surb acks * Changed TopologyReadPermit from type alias into a struct * Changes due to ibid. * Sphinx version upgrade * Gateway being able to understand and handle acks * Special Cover FragmentIdentifier + removal of dead code * Initial packet router for gateway client * Kill client if it fails to send to gateway too many times * Cover messages with acks * Moved out gateway client errors * Ignoring cover traffic acks * Changes in ack control * Another sphinx version upgrade * websocket handler delegating message chunking * Using config defined ack wait additions * Other minor changes I should have been more dilligent with splitting * Import path fix * sphinx_receiver => mixnet_receiver * Missing renamed variable instance * Updated aes-ctr to 0.4.0 * Removed concept of 'unfragmented' single fragment * Replay fragments detection * Long method split * typo * Cleaner client init * Fixed race condition * Fixed similar issue for retransmission * Cargo fmt * Minor clenaup |