e5afd54ce0
* Basic storage stub * New models for new node status api * Route handling * Mounting new routes * Missing selective commit * Moved network monitor related files to separate package * Starting to see some sqlx action * Schema updates * Log statement upon finished migration * Removed old diesel related imports * Converted mixnode cache initialisation into a fairing * Moved cache related functionalities to separate package Also defined staging there * Created run method for validator cache + removed unwrap * Removed old node-status-api types and left bunch of todo placeholders in their place * Fixed managing validatorcache * Status reports are starting to get constructed * Submitting some dummy results to the database * Removing duplicate code for generating reports * Removed statuses older than 48h * Initial attempt at trying to obtain reports for all active nodes * Removed duplicates from the full report * Grabbing uptime history * Updating historical uptimes of active nodes * Updated sqlx-data.json * Removed all placeholder foomp owner values * Changed Layer serde behaviour for easier usage * Extended validator api config * Initial (seems working !) integration with network monitor * Added database path configuration to config * Using ValidatorCache in NetworkMonitor * Flag indicating whether validator cache has been initialised * Introduced a locla-only route for reward script to perform daily chores * Flag to save config to a file * Moved spawning of receiving future to run method rather than new * Removed arguments that dont make sense to be configured via CLI * Removed dead code from config file * More dead code removal * Added validator API to CI * Corrected manifest-path arguments * Constructing network monitor by passing config * Combined validator API CI with the main CI file * Using query_as for NodeStatus * Checking if historical uptimes were already calculated on particular day * Making id field NOT NULL * More query_as! action * Updated sqlx-data.json * Removed unused chrono feature * Renamed the migration file * Changed default validator endpoint to point to local validator * Removing unnecessary clone * More appropriate naming * Removed dead code * Lock file updates * Updated network monitor address in contract code * Don't stage node status api if network monitor is disabled * cargo fmt * Updated all license notices to SPDX
58 lines
2.2 KiB
Rust
58 lines
2.2 KiB
Rust
// Copyright 2021 - Nym Technologies SA <contact@nymtech.net>
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
use crate::asymmetric::encryption;
|
|
use crate::hkdf;
|
|
use cipher::stream::{Key, NewStreamCipher, SyncStreamCipher};
|
|
use digest::{BlockInput, FixedOutput, Reset, Update};
|
|
use generic_array::{typenum::Unsigned, ArrayLength};
|
|
use rand::{CryptoRng, RngCore};
|
|
|
|
/// Generate an ephemeral encryption keypair and perform diffie-hellman to establish
|
|
/// shared key with the remote.
|
|
pub fn new_ephemeral_shared_key<C, D, R>(
|
|
rng: &mut R,
|
|
remote_key: &encryption::PublicKey,
|
|
) -> (encryption::KeyPair, Key<C>)
|
|
where
|
|
C: SyncStreamCipher + NewStreamCipher,
|
|
D: Update + BlockInput + FixedOutput + Reset + Default + Clone,
|
|
D::BlockSize: ArrayLength<u8>,
|
|
D::OutputSize: ArrayLength<u8>,
|
|
R: RngCore + CryptoRng,
|
|
{
|
|
let ephemeral_keypair = encryption::KeyPair::new(rng);
|
|
|
|
// after performing diffie-hellman we don't care about the private component anymore
|
|
let dh_result = ephemeral_keypair.private_key().diffie_hellman(remote_key);
|
|
|
|
// there is no reason for this to fail as our okm is expected to be only C::KeySize bytes
|
|
let okm = hkdf::extract_then_expand::<D>(None, &dh_result, None, C::KeySize::to_usize())
|
|
.expect("somehow too long okm was provided");
|
|
|
|
let derived_shared_key =
|
|
Key::<C>::from_exact_iter(okm).expect("okm was expanded to incorrect length!");
|
|
|
|
(ephemeral_keypair, derived_shared_key)
|
|
}
|
|
|
|
/// Recompute shared key using remote public key and local private key.
|
|
pub fn recompute_shared_key<C, D>(
|
|
remote_key: &encryption::PublicKey,
|
|
local_key: &encryption::PrivateKey,
|
|
) -> Key<C>
|
|
where
|
|
C: SyncStreamCipher + NewStreamCipher,
|
|
D: Update + BlockInput + FixedOutput + Reset + Default + Clone,
|
|
D::BlockSize: ArrayLength<u8>,
|
|
D::OutputSize: ArrayLength<u8>,
|
|
{
|
|
let dh_result = local_key.diffie_hellman(remote_key);
|
|
|
|
// there is no reason for this to fail as our okm is expected to be only C::KeySize bytes
|
|
let okm = hkdf::extract_then_expand::<D>(None, &dh_result, None, C::KeySize::to_usize())
|
|
.expect("somehow too long okm was provided");
|
|
|
|
Key::<C>::from_exact_iter(okm).expect("okm was expanded to incorrect length!")
|
|
}
|