Skip to content

Commit

Permalink
bump ed25519-dalek to 2.1.1
Browse files Browse the repository at this point in the history
  • Loading branch information
peeech committed Apr 25, 2024
1 parent 42586e7 commit a36f862
Show file tree
Hide file tree
Showing 11 changed files with 243 additions and 210 deletions.
236 changes: 128 additions & 108 deletions Cargo.lock

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ members = [
]

[workspace.dependencies]
ed25519-dalek = "1.0.1"
ed25519-dalek = "2.1.1"
anyhow = "1.0"
serde_json = "1.0.64"
tokio = "1.12.0"
Expand Down
2 changes: 1 addition & 1 deletion core/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ repository = "https://github.com/Holo-Host/hpos-config"
arrayref = "0.3.5"
base64 = { workspace = true }
blake2b_simd = {version = "1.0.0"}
ed25519-dalek = { workspace = true, features = ["serde"] }
ed25519-dalek = { workspace = true, features = ["serde", "digest"] }
failure = { workspace = true }
lazy_static = "1.2"
rand = "0.6.5"
Expand Down
53 changes: 25 additions & 28 deletions core/src/config.rs
Original file line number Diff line number Diff line change
@@ -1,20 +1,23 @@
use arrayref::array_ref;
use ed25519_dalek::*;
use ed25519_dalek::{Digest, Sha512, SigningKey, VerifyingKey};
use failure::Error;
use rand::{rngs::OsRng, Rng};
use serde::*;
pub const SEED_SIZE: usize = 32;

fn public_key_from_base64<'de, D>(deserializer: D) -> Result<PublicKey, D::Error>
fn public_key_from_base64<'de, D>(deserializer: D) -> Result<VerifyingKey, D::Error>
where
D: Deserializer<'de>,
{
String::deserialize(deserializer)
.and_then(|s| {
base64::decode_config(&s, base64::STANDARD_NO_PAD)
base64::decode_config(s, base64::STANDARD_NO_PAD)
.map_err(|err| de::Error::custom(err.to_string()))
})
.map(|bytes| PublicKey::from_bytes(&bytes))
.map(|bytes| match bytes[0..32].try_into() {
Ok(b) => VerifyingKey::from_bytes(&b).map_err(|e| e.to_string()),
Err(_) => Err("Public key is not 32 bytes long".to_string()),
})
.and_then(|maybe_key| maybe_key.map_err(|err| de::Error::custom(err.to_string())))
}

Expand All @@ -23,8 +26,8 @@ where
D: Deserializer<'de>,
{
String::deserialize(deserializer)
.and_then(|s| base64::decode(&s).map_err(|err| de::Error::custom(err.to_string())))
.map(|bytes| array_ref!(bytes, 0, SEED_SIZE).clone())
.and_then(|s| base64::decode(s).map_err(|err| de::Error::custom(err.to_string())))
.map(|bytes| *array_ref!(bytes, 0, SEED_SIZE))
}

fn to_base64<T, S>(x: &T, serializer: S) -> Result<S::Ok, S::Error>
Expand All @@ -46,7 +49,7 @@ pub struct Admin {
deserialize_with = "public_key_from_base64",
serialize_with = "to_base64"
)]
pub public_key: PublicKey,
pub public_key: VerifyingKey,
}

#[derive(Debug, Deserialize, Serialize)]
Expand Down Expand Up @@ -80,12 +83,12 @@ impl Config {
email: String,
password: String,
maybe_seed: Option<Seed>,
) -> Result<(Self, PublicKey), Error> {
) -> Result<(Self, VerifyingKey), Error> {
let (seed, admin_keypair, holochain_public_key) =
generate_keypair(email.clone(), password, maybe_seed)?;
let admin = Admin {
email: email,
public_key: admin_keypair.public,
email,
public_key: admin_keypair.verifying_key(),
};

Ok((
Expand All @@ -103,25 +106,25 @@ impl Config {
registration_code: String,
derivation_path: String,
device_bundle: String,
device_pub_key: PublicKey,
) -> Result<(Self, PublicKey), Error> {
device_pub_key: VerifyingKey,
) -> Result<(Self, VerifyingKey), Error> {
let admin_keypair = admin_keypair_from(device_pub_key, &email, &password)?;
let admin = Admin {
email: email,
public_key: admin_keypair.public,
email,
public_key: admin_keypair.verifying_key(),
};
Ok((
Config::V2 {
device_bundle,
derivation_path,
registration_code,
settings: Settings { admin: admin },
settings: Settings { admin },
},
device_pub_key,
))
}

pub fn admin_public_key(&self) -> PublicKey {
pub fn admin_public_key(&self) -> VerifyingKey {
match self {
Config::V1 { settings, .. } | Config::V2 { settings, .. } => settings.admin.public_key,
}
Expand All @@ -132,23 +135,23 @@ fn generate_keypair(
email: String,
password: String,
maybe_seed: Option<Seed>,
) -> Result<(Seed, Keypair, PublicKey), Error> {
) -> Result<(Seed, SigningKey, VerifyingKey), Error> {
let master_seed = match maybe_seed {
None => OsRng::new()?.gen::<Seed>(),
Some(s) => s,
};
let master_secret_key = SecretKey::from_bytes(&master_seed)?;
let master_public_key = PublicKey::from(&master_secret_key);
let master_secret_key = SigningKey::from_bytes(&master_seed);
let master_public_key = VerifyingKey::from(&master_secret_key);

let admin_keypair = admin_keypair_from(master_public_key, &email, &password)?;
Ok((master_seed, admin_keypair, master_public_key))
}

pub fn admin_keypair_from(
holochain_public_key: PublicKey,
holochain_public_key: VerifyingKey,
email: &str,
password: &str,
) -> Result<Keypair, Error> {
) -> Result<SigningKey, Error> {
// This allows to use email addresses shorter than 8 bytes.
let salt = Sha512::digest(email.as_bytes());
let mut hash = [0; SEED_SIZE];
Expand All @@ -161,11 +164,5 @@ pub fn admin_keypair_from(
ARGON2_ADDITIONAL_DATA,
);

let secret_key = SecretKey::from_bytes(&hash)?;
let public_key = PublicKey::from(&secret_key);

Ok(Keypair {
public: public_key,
secret: secret_key,
})
Ok(SigningKey::from_bytes(&hash))
}
12 changes: 6 additions & 6 deletions core/src/public_key.rs
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
use ed25519_dalek::PublicKey;
use ed25519_dalek::VerifyingKey;
use failure::*;
use url::Url;

pub fn to_base36_id(public_key: &PublicKey) -> String {
pub fn to_base36_id(public_key: &VerifyingKey) -> String {
base36::encode(&public_key.to_bytes())
}

pub fn to_url(public_key: &PublicKey) -> Fallible<Url> {
let url = format!("https://{}.holohost.net", to_base36_id(&public_key));
pub fn to_url(public_key: &VerifyingKey) -> Fallible<Url> {
let url = format!("https://{}.holohost.net", to_base36_id(public_key));
Ok(Url::parse(&url)?)
}

Expand Down Expand Up @@ -36,12 +36,12 @@ pub fn holo_dht_location_bytes(data: &[u8]) -> Vec<u8> {
pub(crate) const AGENT_PREFIX: &[u8] = &[0x84, 0x20, 0x24]; // uhCAk [132, 32, 36]

/// convert public key to holochain compatible format
pub fn to_holochain_encoded_agent_key(public_key: &PublicKey) -> String {
pub fn to_holochain_encoded_agent_key(public_key: &VerifyingKey) -> String {
let x: [u8; 32] = public_key.to_bytes();
format!(
"u{}",
base64::encode_config(
&[AGENT_PREFIX, &x, &holo_dht_location_bytes(x.as_ref())].concat(),
[AGENT_PREFIX, &x, &holo_dht_location_bytes(x.as_ref())].concat(),
base64::URL_SAFE_NO_PAD
)
)
Expand Down
8 changes: 4 additions & 4 deletions gen-cli/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ use serde::*;
use sha2::{Digest, Sha512Trunc256};
use std::{env, fs::File, io, path::PathBuf};

const USAGE: &'static str = "
const USAGE: &str = "
Usage: hpos-config-gen-cli --email EMAIL --password STRING --registration-code STRING --derivation-path STRING --device-bundle STRING [--seed-from PATH]
hpos-config-gen-cli --help
Expand All @@ -35,7 +35,7 @@ struct Args {

fn main() -> Result<(), Error> {
let args: Args = Docopt::new(USAGE)
.and_then(|d| d.argv(env::args().into_iter()).deserialize())
.and_then(|d| d.argv(env::args()).deserialize())
.unwrap_or_else(|e| e.exit());

let seed = match args.flag_seed_from {
Expand All @@ -50,15 +50,15 @@ fn main() -> Result<(), Error> {
}
};

let secret_key = SecretKey::from_bytes(&seed)?;
let secret_key = SigningKey::from_bytes(&seed);

let (config, public_key) = Config::new_v2(
args.flag_email,
args.flag_password,
args.flag_registration_code,
args.flag_derivation_path,
args.flag_device_bundle,
PublicKey::from(&secret_key),
VerifyingKey::from(&secret_key),
)?;
eprintln!("{}", public_key::to_url(&public_key)?);
println!("{}", serde_json::to_string_pretty(&config)?);
Expand Down
14 changes: 10 additions & 4 deletions gen-web/src/lib.rs
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use ed25519_dalek::PublicKey;
use failure::Error;
use ed25519_dalek::VerifyingKey;
use failure::{format_err, Error};
use hpos_config_core::{public_key, Config};
use serde::*;
use wasm_bindgen::prelude::*;
Expand All @@ -20,8 +20,14 @@ fn config_raw(
device_bundle: String,
device_pub_key: String,
) -> Result<JsValue, Error> {
let device_pub_key: PublicKey = base64::decode_config(&device_pub_key, base64::URL_SAFE_NO_PAD)
.map(|bytes| PublicKey::from_bytes(&bytes))??;
let bytes: [u8; 32] =
match (base64::decode_config(device_pub_key, base64::URL_SAFE_NO_PAD)?)[0..32].try_into() {
Ok(b) => b,
Err(_) => return Err(format_err!("Device pub key is not 32 bytes in size")),
};

let device_pub_key: VerifyingKey = VerifyingKey::from_bytes(&bytes)?;

let (config, public_key) = Config::new_v2(
email,
password,
Expand Down
26 changes: 13 additions & 13 deletions into-base36-id/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@ use anyhow::{Context, Result};
use ed25519_dalek::*;
use hpos_config_core::*;
use hpos_config_seed_bundle_explorer::unlock;
use std::fs::File;
use std::path::PathBuf;
use structopt::StructOpt;
use std::fs::File;

#[tokio::main]
async fn main() -> Result<()> {
Expand All @@ -24,24 +24,24 @@ async fn main() -> Result<()> {
..
} = Cli::from_args();

let config_file =
File::open(&config_path).context(format!("failed to open file {}", &config_path.to_string_lossy()))?;
let config_file = File::open(&config_path).context(format!(
"failed to open file {}",
&config_path.to_string_lossy()
))?;
match serde_json::from_reader(config_file)? {
Config::V1 { seed, .. } => {
let secret_key = SecretKey::from_bytes(&seed)?;
let public_key = PublicKey::from(&secret_key);
let public_key = VerifyingKey::from_bytes(&seed)?;
println!("{}", public_key::to_base36_id(&public_key));
}
Config::V2 { device_bundle, .. } => {
// take in password
let Keypair { public, .. } =
unlock(&device_bundle, Some(password))
.await
.context(format!(
"unable to unlock the device bundle from {}",
&config_path.to_string_lossy()
))?;
println!("{}", public_key::to_base36_id(&public));
let secret = unlock(&device_bundle, Some(password))
.await
.context(format!(
"unable to unlock the device bundle from {}",
&config_path.to_string_lossy()
))?;
println!("{}", public_key::to_base36_id(&secret.verifying_key()));
}
}

Expand Down
Loading

0 comments on commit a36f862

Please sign in to comment.