From 0b34a2ec8dd032859d328295dc464dedf7f8fa66 Mon Sep 17 00:00:00 2001 From: James Cape Date: Tue, 3 Aug 2021 16:13:48 -0700 Subject: [PATCH 01/11] Fix nightly, update rand_core, curve25519-dalek --- Cargo.toml | 11 +++-- src/lib.rs | 134 +++++++++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 138 insertions(+), 7 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 16aa97c..32e6de8 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -5,9 +5,9 @@ edition = "2018" # - update version in README.md # - update html_root_url # - update CHANGELOG -version = "1.1.1" +version = "1.1.2-pre.0" authors = [ - "Isis Lovecruft ", + "Isis Lovecruft ", "DebugSteven ", "Henry de Valence ", ] @@ -33,7 +33,7 @@ travis-ci = { repository = "dalek-cryptography/x25519-dalek", branch = "master"} features = ["nightly"] [dependencies] -curve25519-dalek = { version = "3", default-features = false } +curve25519-dalek = { version = "4.0.0-pre.1", default-features = false } rand_core = { version = "0.5", default-features = false } # `serde` is renamed to `our_serde` in order to avoid a name collision between # importing the serde dependency and enabling the curve25519-dalek/serde feature @@ -55,3 +55,8 @@ std = ["curve25519-dalek/std"] nightly = ["curve25519-dalek/nightly"] u64_backend = ["curve25519-dalek/u64_backend"] u32_backend = ["curve25519-dalek/u32_backend"] + +[patch.crates-io] +# Fixes for nightly-2021-07-21 +curve25519-dalek = { git = "https://github.com/jcape/curve25519-dalek.git", rev = "46d07765b228d43fe910eb6a1769143f8fc366bb" } + diff --git a/src/lib.rs b/src/lib.rs index de5ef19..e5f7bfe 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -16,14 +16,140 @@ #![no_std] #![cfg_attr(feature = "bench", feature(test))] -#![cfg_attr(feature = "nightly", feature(external_doc))] #![cfg_attr(feature = "nightly", deny(missing_docs))] -#![cfg_attr(feature = "nightly", doc(include = "../README.md"))] #![doc(html_logo_url = "https://doc.dalek.rs/assets/dalek-logo-clear.png")] #![doc(html_root_url = "https://docs.rs/x25519-dalek/1.1.1")] -//! Note that docs will only build on nightly Rust until -//! `feature(external_doc)` is stabilized. +//! # x25519-dalek [![](https://img.shields.io/crates/v/x25519-dalek.svg)](https://crates.io/crates/x25519-dalek) [![](https://docs.rs/x25519-dalek/badge.svg)](https://docs.rs/x25519-dalek) [![](https://travis-ci.org/dalek-cryptography/x25519-dalek.svg?branch=master)](https://travis-ci.org/dalek-cryptography/x25519-dalek) +//! +//! A pure-Rust implementation of x25519 elliptic curve Diffie-Hellman key exchange, +//! with curve operations provided by +//! [curve25519-dalek](https://github.com/dalek-cryptography/curve25519-dalek). +//! +//! This crate provides two levels of API: a bare byte-oriented `x25519` +//! function which matches the function specified in [RFC7748][rfc7748], as +//! well as a higher-level Rust API for static and ephemeral Diffie-Hellman. +//! +//! ## Examples +//! +//! +//! +//! +//! +//! Alice and Bob are two adorable kittens who have lost their mittens, and they +//! wish to be able to send secret messages to each other to coordinate finding +//! them, otherwise—if their caretaker cat finds out—they will surely be called +//! naughty kittens and be given no pie! +//! +//! But the two kittens are quite clever. Even though their paws are still too big +//! and the rest of them is 90% fuzziness, these clever kittens have been studying +//! up on modern public key cryptography and have learned a nifty trick called +//! *elliptic curve Diffie-Hellman key exchange*. With the right incantations, the +//! kittens will be able to secretly organise to find their mittens, and then spend +//! the rest of the afternoon nomming some yummy pie! +//! +//! First, Alice uses `EphemeralSecret::new()` and then +//! `PublicKey::from()` to produce her secret and public keys: +//! +//! ```rust +//! use rand_core::OsRng; +//! use x25519_dalek::{EphemeralSecret, PublicKey}; +//! +//! let alice_secret = EphemeralSecret::new(OsRng); +//! let alice_public = PublicKey::from(&alice_secret); +//! ``` +//! +//! Bob does the same: +//! +//! ```rust +//! # use rand_core::OsRng; +//! # use x25519_dalek::{EphemeralSecret, PublicKey}; +//! let bob_secret = EphemeralSecret::new(OsRng); +//! let bob_public = PublicKey::from(&bob_secret); +//! ``` +//! +//! Alice meows across the room, telling `alice_public` to Bob, and Bob +//! loudly meows `bob_public` back to Alice. Alice now computes her +//! shared secret with Bob by doing: +//! +//! ```rust +//! # use rand_core::OsRng; +//! # use x25519_dalek::{EphemeralSecret, PublicKey}; +//! # let alice_secret = EphemeralSecret::new(OsRng); +//! # let alice_public = PublicKey::from(&alice_secret); +//! # let bob_secret = EphemeralSecret::new(OsRng); +//! # let bob_public = PublicKey::from(&bob_secret); +//! let alice_shared_secret = alice_secret.diffie_hellman(&bob_public); +//! ``` +//! +//! Similarly, Bob computes a shared secret by doing: +//! +//! ```rust +//! # use rand_core::OsRng; +//! # use x25519_dalek::{EphemeralSecret, PublicKey}; +//! # let alice_secret = EphemeralSecret::new(OsRng); +//! # let alice_public = PublicKey::from(&alice_secret); +//! # let bob_secret = EphemeralSecret::new(OsRng); +//! # let bob_public = PublicKey::from(&bob_secret); +//! let bob_shared_secret = bob_secret.diffie_hellman(&alice_public); +//! ``` +//! +//! These secrets are the same: +//! +//! ```rust +//! # use rand_core::OsRng; +//! # use x25519_dalek::{EphemeralSecret, PublicKey}; +//! # let alice_secret = EphemeralSecret::new(OsRng); +//! # let alice_public = PublicKey::from(&alice_secret); +//! # let bob_secret = EphemeralSecret::new(OsRng); +//! # let bob_public = PublicKey::from(&bob_secret); +//! # let alice_shared_secret = alice_secret.diffie_hellman(&bob_public); +//! # let bob_shared_secret = bob_secret.diffie_hellman(&alice_public); +//! assert_eq!(alice_shared_secret.as_bytes(), bob_shared_secret.as_bytes()); +//! ``` +//! +//! Voilà! Alice and Bob can now use their shared secret to encrypt their +//! meows, for example, by using it to generate a key and nonce for an +//! authenticated-encryption cipher. +//! +//! This example used the ephemeral DH API, which ensures that secret keys +//! cannot be reused; Alice and Bob could instead use the static DH API +//! and load a long-term secret key. +//! +//! # Installation +//! +//! To install, add the following to your project's `Cargo.toml`: +//! +//! ```toml +//! [dependencies] +//! x25519-dalek = "1.1" +//! ``` +//! +//! # Documentation +//! +//! Documentation is available [here](https://docs.rs/x25519-dalek). +//! +//! # Note +//! +//! This code matches the [RFC7748][rfc7748] test vectors. +//! The elliptic curve +//! operations are provided by `curve25519-dalek`, which makes a best-effort +//! attempt to prevent software side-channels. +//! +//! "Secret Messages" cover image and [zine](https://shop.bubblesort.io/products/secret-messages-zine) +//! copyright © Amy Wibowo ([@sailorhg](https://twitter.com/sailorhg)) +//! +//! [rfc7748]: https://tools.ietf.org/html/rfc7748 +//! +//! # See also +//! +//! - [crypto_box]: pure Rust public-key authenticated encryption compatible with +//! the NaCl family of encryption libraries (libsodium, TweetNaCl) which uses +//! `x25519-dalek` for key agreement +//! +//! [crypto_box]: https://github.com/RustCrypto/AEADs/tree/master/crypto_box extern crate curve25519_dalek; From f32a1e1e9d1fdd92af30bbc0541156e1237de432 Mon Sep 17 00:00:00 2001 From: James Cape Date: Tue, 3 Aug 2021 16:23:01 -0700 Subject: [PATCH 02/11] Set version to 2.0.0-pre.0 --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 32e6de8..0815c18 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -5,7 +5,7 @@ edition = "2018" # - update version in README.md # - update html_root_url # - update CHANGELOG -version = "1.1.2-pre.0" +version = "2.0.0-pre.0" authors = [ "Isis Lovecruft ", "DebugSteven ", From c012698737563a490d1ac9516d29cd6e0bb7319e Mon Sep 17 00:00:00 2001 From: James Cape Date: Tue, 3 Aug 2021 16:25:33 -0700 Subject: [PATCH 03/11] Actually bump rand. --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 0815c18..0a1f979 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -34,7 +34,7 @@ features = ["nightly"] [dependencies] curve25519-dalek = { version = "4.0.0-pre.1", default-features = false } -rand_core = { version = "0.5", default-features = false } +rand_core = { version = "0.6", default-features = false } # `serde` is renamed to `our_serde` in order to avoid a name collision between # importing the serde dependency and enabling the curve25519-dalek/serde feature our_serde = { package = "serde", version = "1", default-features = false, optional = true, features = ["derive"] } From cb403025f22167b113462c4576bcebeb9eddc560 Mon Sep 17 00:00:00 2001 From: James Cape Date: Tue, 24 Aug 2021 16:29:27 -0700 Subject: [PATCH 04/11] Remove curve25519-dalek patch. --- Cargo.toml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 0a1f979..294e82a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -56,7 +56,3 @@ nightly = ["curve25519-dalek/nightly"] u64_backend = ["curve25519-dalek/u64_backend"] u32_backend = ["curve25519-dalek/u32_backend"] -[patch.crates-io] -# Fixes for nightly-2021-07-21 -curve25519-dalek = { git = "https://github.com/jcape/curve25519-dalek.git", rev = "46d07765b228d43fe910eb6a1769143f8fc366bb" } - From 371875f83de700926b770edf0aee229ffeee24bf Mon Sep 17 00:00:00 2001 From: James Cape Date: Thu, 2 Sep 2021 14:19:31 -0700 Subject: [PATCH 05/11] newline added by editor, not going to fight it. --- Cargo.toml | 1 - 1 file changed, 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 294e82a..940c7f9 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -55,4 +55,3 @@ std = ["curve25519-dalek/std"] nightly = ["curve25519-dalek/nightly"] u64_backend = ["curve25519-dalek/u64_backend"] u32_backend = ["curve25519-dalek/u32_backend"] - From 5d7c3385a8b56d71a3be8d8e98a9d27d59c1d2fa Mon Sep 17 00:00:00 2001 From: Remoun Metyas Date: Wed, 19 Jan 2022 23:09:01 +0000 Subject: [PATCH 06/11] Bump curve25519-dalek version. --- Cargo.toml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index bf51d21..1b270db 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -33,7 +33,7 @@ travis-ci = { repository = "dalek-cryptography/x25519-dalek", branch = "master"} features = ["nightly", "reusable_secrets", "serde"] [dependencies] -curve25519-dalek = { version = "4.0.0-pre.1", default-features = false } +curve25519-dalek = { version = "4.0.0-pre.2", default-features = false } rand_core = { version = "0.6", default-features = false } # `serde` is renamed to `our_serde` in order to avoid a name collision between # importing the serde dependency and enabling the curve25519-dalek/serde feature @@ -58,3 +58,6 @@ u64_backend = ["curve25519-dalek/u64_backend"] u32_backend = ["curve25519-dalek/u32_backend"] fiat_u64_backend = ["curve25519-dalek/fiat_u64_backend"] fiat_u32_backend = ["curve25519-dalek/fiat_u32_backend"] + +[patch.crates-io] +curve25519-dalek = { git = "https://github.com/remoun/curve25519-dalek.git", rev = "77391036a6e43f3c9a2d8b937e621dcfe9d95d8c" } From 660d9b5cc4a622466c37a51285c78e8cc55d680e Mon Sep 17 00:00:00 2001 From: Remoun Metyas Date: Mon, 31 Jan 2022 16:33:17 -0800 Subject: [PATCH 07/11] Update patched curve25519-dalek to point at MCF fork --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 1b270db..5668213 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -60,4 +60,4 @@ fiat_u64_backend = ["curve25519-dalek/fiat_u64_backend"] fiat_u32_backend = ["curve25519-dalek/fiat_u32_backend"] [patch.crates-io] -curve25519-dalek = { git = "https://github.com/remoun/curve25519-dalek.git", rev = "77391036a6e43f3c9a2d8b937e621dcfe9d95d8c" } +curve25519-dalek = { git = "https://github.com/mobilecoinfoundation/curve25519-dalek.git", rev = "8791722e0273762552c9a056eaccb7df6baf44d7" } From d95fc91afb333f95e914f31c1b0a57e8008b83d5 Mon Sep 17 00:00:00 2001 From: Remoun Metyas Date: Wed, 16 Feb 2022 12:23:40 -0800 Subject: [PATCH 08/11] Update a couple of stale version references. --- README.md | 2 +- src/lib.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ec32b15..cc9bfd2 100644 --- a/README.md +++ b/README.md @@ -102,7 +102,7 @@ To install, add the following to your project's `Cargo.toml`: ```toml [dependencies] -x25519-dalek = "2.0" +x25519-dalek = "2.0.0-pre.2" ``` # MSRV diff --git a/src/lib.rs b/src/lib.rs index 84a7b00..723c2a3 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -124,7 +124,7 @@ //! //! ```toml //! [dependencies] -//! x25519-dalek = "2.0" +//! x25519-dalek = "2.0.0-pre.2" //! ``` //! //! # MSRV From 39abb488d493f796a153ce63f3bf6470434329de Mon Sep 17 00:00:00 2001 From: Remoun Metyas Date: Thu, 24 Feb 2022 14:20:56 -0800 Subject: [PATCH 09/11] Bump MSRV to 1.51 --- CHANGELOG.md | 2 +- README.md | 2 +- src/lib.rs | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ef8f8d3..694364f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,7 +15,7 @@ Entries are listed in reverse chronological order. * Pin `zeroize` to version 1.3 to support a wider range of MSRVs. * Add CI via Github actions. * Fix breakage in the serde unittests. -* MSRV is now 1.41 for production and 1.48 for development. +* MSRV is now 1.51 for production and 1.51 for development. * Add an optional check to `SharedSecret` for contibutory behaviour. * Add implementation of `ReusableSecret` keys which are non-ephemeral, but which cannot be serialised to discourage long-term use. diff --git a/README.md b/README.md index cc9bfd2..c451141 100644 --- a/README.md +++ b/README.md @@ -107,7 +107,7 @@ x25519-dalek = "2.0.0-pre.2" # MSRV -Current MSRV is 1.41 for production builds, and 1.48 for running tests. +Current MSRV is 1.51 for production builds, and 1.51 for running tests. # Documentation diff --git a/src/lib.rs b/src/lib.rs index 723c2a3..c63d287 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -129,7 +129,7 @@ //! //! # MSRV //! -//! Current MSRV is 1.41 for production builds, and 1.48 for running tests. +//! Current MSRV is 1.51 for production builds, and 1.51 for running tests. //! //! # Documentation //! From f966b20895001a5217936e474a72a5482e336603 Mon Sep 17 00:00:00 2001 From: Remoun Metyas Date: Thu, 24 Feb 2022 14:24:07 -0800 Subject: [PATCH 10/11] Add mobilecoin to list of branches to run CI on --- .github/workflows/rust.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index 48f3b04..e473e8b 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -4,7 +4,7 @@ on: push: branches: [ '*' ] pull_request: - branches: [ main, develop, release ] + branches: [ main, develop, release, mobilecoin ] env: CARGO_TERM_COLOR: always From a205cd5e9aec72aa972809efeed9f7f6138b8279 Mon Sep 17 00:00:00 2001 From: Remoun Metyas Date: Thu, 24 Feb 2022 14:33:49 -0800 Subject: [PATCH 11/11] Actually bump MSRV in workflow --- .github/workflows/rust.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index e473e8b..c4a93f1 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -71,14 +71,14 @@ jobs: args: --features "serde" msrv: - name: Current MSRV is 1.41 + name: Current MSRV is 1.51 runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - uses: actions-rs/toolchain@v1 with: profile: minimal - toolchain: 1.41 + toolchain: 1.51 override: true - uses: actions-rs/cargo@v1 with: