gitea-mirror/rosenpass
1
0
Fork 0
mirror of https://github.com/rosenpass/rosenpass.git synced 2025-12-12 07:40:30 -08:00
Code Issues Packages Projects Releases Wiki Activity

foo

Browse Source
This commit is contained in:
Karolin Varner
2025-11-01 20:35:10 +01:00
parent 9580961dd9
commit 8f276f70a6
24 changed files with 203 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
Cargo.lock generated
View File

@@ -1965,7 +1965,7 @@ checksum = "3779b94aeb87e8bd4e834cee3650289ee9e0d5677f976ecdb6d219e5f4f6cd94"
dependencies = [
"rand_chacha 0.9.0",
"rand_core 0.9.3",
"zerocopy 0.8.24",
"zerocopy 0.8.27",
]
[[package]]
@@ -2115,7 +2115,7 @@ dependencies = [
"thiserror 1.0.69",
"toml",
"uds",
"zerocopy 0.7.35",
"zerocopy 0.8.27",
"zeroize",
]
@@ -2273,7 +2273,7 @@ dependencies = [
"tokio",
"typenum",
"uds",
"zerocopy 0.7.35",
"zerocopy 0.8.27",
"zeroize",
]
@@ -2298,7 +2298,7 @@ dependencies = [
"thiserror 1.0.69",
"tokio",
"wireguard-uapi",
"zerocopy 0.7.35",
"zerocopy 0.8.27",
]
[[package]]
@@ -3315,11 +3315,11 @@ dependencies = [
[[package]]
name = "zerocopy"
version = "0.8.24"
version = "0.8.27"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2586fea28e186957ef732a5f8b3be2da217d65c5969d4b1e17f973ebbe876879"
checksum = "0894878a5fa3edfd6da3f88c4805f4c8558e2b996227a3d864f47fe11e38282c"
dependencies = [
"zerocopy-derive 0.8.24",
"zerocopy-derive 0.8.27",
]
[[package]]
@@ -3335,9 +3335,9 @@ dependencies = [
[[package]]
name = "zerocopy-derive"
version = "0.8.24"
version = "0.8.27"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a996a8f63c5c4448cd959ac1bab0aaa3306ccfd060472f85943ee0750f0169be"
checksum = "88d2b8d9c68ad2b9e4340d7832716a4d21a22a1154777ad56ea55c51a9cf3831"
dependencies = [
"proc-macro2",
"quote",

2
Cargo.toml
View File

@@ -66,7 +66,7 @@ chacha20poly1305 = { version = "0.10.1", default-features = false, features = [
"std",
"heapless",
] }
zerocopy = { version = "0.7.35", features = ["derive"] }
zerocopy = { version = "0.8.27", features = ["derive"] }
home = "=0.5.9" # 5.11 requires rustc 1.81
derive_builder = "0.20.1"
tokio = { version = "1.46", features = ["macros", "rt-multi-thread"] }

1
rosenpass/Cargo.toml
View File

@@ -97,6 +97,7 @@ rustix = { workspace = true }
serde_json = { workspace = true }
[features]
default = ["experiment_api"]
experiment_cookie_dos_mitigation = []
experiment_memfd_secret = ["rosenpass-wireguard-broker/experiment_memfd_secret"]
experiment_libcrux_all = ["rosenpass-ciphers/experiment_libcrux_all"]

2
rosenpass/src/api/api_handler.rs
View File

@@ -316,7 +316,7 @@ where
use crate::app_server::BrokerStorePtr;
//
use rosenpass_secret_memory::Public;
use zerocopy::AsBytes;
use zerocopy::IntoBytes;
(self.app_server().brokers.store.len() - 1)
.apply(|x| x as u64)
.apply(|x| Public::from_slice(x.as_bytes()))

6
rosenpass/src/api/boilerplate/byte_slice_ext.rs
View File

@@ -1,4 +1,4 @@
use zerocopy::{ByteSlice, Ref};
use zerocopy::{ByteSlice, Ref, SplitByteSlice};
use rosenpass_util::zerocopy::{RefMaker, ZerocopySliceExt};
@@ -7,7 +7,7 @@ use super::{
ResponseMsgType, ResponseRef, SupplyKeypairRequest, SupplyKeypairResponse,
};
pub trait ByteSliceRefExt: ByteSlice {
pub trait ByteSliceRefExt: SplitByteSlice {
/// Shorthand for the typed use of [ZerocopySliceExt::zk_ref_maker].
fn msg_type_maker(self) -> RefMaker<Self, RawMsgType> {
self.zk_ref_maker()
@@ -259,4 +259,4 @@ pub trait ByteSliceRefExt: ByteSlice {
}
}
impl<B: ByteSlice> ByteSliceRefExt for B {}
impl<B: SplitByteSlice> ByteSliceRefExt for B {}

6
rosenpass/src/api/boilerplate/message_trait.rs
View File

@@ -1,4 +1,4 @@
use zerocopy::{ByteSliceMut, Ref};
use zerocopy::{Ref, SplitByteSliceMut};
use rosenpass_util::zerocopy::RefMaker;
@@ -35,7 +35,7 @@ pub trait Message {
/// # Examples
///
/// See [crate::api::PingRequest::setup]
fn setup<B: ByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>>;
fn setup<B: SplitByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>>;
}
/// Additional convenience functions for working with [rosenpass_util::zerocopy::RefMaker]
@@ -45,7 +45,7 @@ pub trait ZerocopyResponseMakerSetupMessageExt<B, T> {
impl<B, T> ZerocopyResponseMakerSetupMessageExt<B, T> for RefMaker<B, T>
where
B: ByteSliceMut,
B: SplitByteSliceMut,
T: Message,
{
/// Initialize the message using [Message::setup].

8
rosenpass/src/api/boilerplate/message_type.rs
View File

@@ -1,6 +1,6 @@
use hex_literal::hex;
use rosenpass_util::zerocopy::RefMaker;
use zerocopy::ByteSlice;
use zerocopy::{SplitByteSlice};
use crate::RosenpassError::{self, InvalidApiMessageType};
@@ -169,12 +169,12 @@ pub trait RefMakerRawMsgTypeExt {
fn parse_response_msg_type(self) -> anyhow::Result<ResponseMsgType>;
}
impl<B: ByteSlice> RefMakerRawMsgTypeExt for RefMaker<B, RawMsgType> {
impl<B: SplitByteSlice> RefMakerRawMsgTypeExt for RefMaker<B, RawMsgType> {
fn parse_request_msg_type(self) -> anyhow::Result<RequestMsgType> {
Ok(self.parse()?.read().try_into()?)
Ok(zerocopy::Ref::read(&self.parse()?).try_into()?)
}
fn parse_response_msg_type(self) -> anyhow::Result<ResponseMsgType> {
Ok(self.parse()?.read().try_into()?)
Ok(zerocopy::Ref::<B, u128>::read(&self.parse()?).try_into()?)
}
}

38
rosenpass/src/api/boilerplate/payload.rs
View File

@@ -1,5 +1,5 @@
use rosenpass_util::zerocopy::ZerocopyMutSliceExt;
use zerocopy::{AsBytes, ByteSliceMut, FromBytes, FromZeroes, Ref};
use zerocopy::{SplitByteSliceMut, FromBytes, Immutable, IntoBytes, KnownLayout, Ref};
use super::{Message, RawMsgType, RequestMsgType, ResponseMsgType};
@@ -12,8 +12,8 @@ pub const MAX_REQUEST_FDS: usize = 2;
/// Message envelope for API messages
#[repr(packed)]
#[derive(Debug, Copy, Clone, Hash, AsBytes, FromBytes, FromZeroes, PartialEq, Eq)]
pub struct Envelope<M: AsBytes + FromBytes> {
#[derive(Debug, Copy, Clone, Hash, IntoBytes, FromBytes, PartialEq, Eq, Immutable, KnownLayout)]
pub struct Envelope<M: IntoBytes + FromBytes + Immutable + KnownLayout> {
/// Which message this is
pub msg_type: RawMsgType,
/// The actual Paylod
@@ -27,7 +27,7 @@ pub type ResponseEnvelope<M> = Envelope<M>;
#[allow(missing_docs)]
#[repr(packed)]
#[derive(Debug, Copy, Clone, Hash, AsBytes, FromBytes, FromZeroes, PartialEq, Eq)]
#[derive(Debug, Copy, Clone, Hash, IntoBytes, FromBytes, PartialEq, Eq, Immutable, KnownLayout)]
pub struct PingRequestPayload {
/// Randomly generated connection id
pub echo: [u8; 256],
@@ -55,7 +55,7 @@ impl Message for PingRequest {
}
}
fn setup<B: ByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
fn setup<B: SplitByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
let mut r: Ref<B, Self> = buf.zk_zeroized()?;
r.init();
Ok(r)
@@ -68,7 +68,7 @@ impl Message for PingRequest {
#[allow(missing_docs)]
#[repr(packed)]
#[derive(Debug, Copy, Clone, Hash, AsBytes, FromBytes, FromZeroes, PartialEq, Eq)]
#[derive(Debug, Copy, Clone, Hash, IntoBytes, FromBytes, PartialEq, Eq, Immutable, KnownLayout)]
pub struct PingResponsePayload {
/// Randomly generated connection id
pub echo: [u8; 256],
@@ -96,7 +96,7 @@ impl Message for PingResponse {
}
}
fn setup<B: ByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
fn setup<B: SplitByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
let mut r: Ref<B, Self> = buf.zk_zeroized()?;
r.init();
Ok(r)
@@ -109,7 +109,7 @@ impl Message for PingResponse {
#[allow(missing_docs)]
#[repr(packed)]
#[derive(Debug, Copy, Clone, Hash, AsBytes, FromBytes, FromZeroes, PartialEq, Eq)]
#[derive(Debug, Copy, Clone, Hash, IntoBytes, FromBytes, PartialEq, Eq, Immutable, KnownLayout)]
pub struct SupplyKeypairRequestPayload {}
#[allow(missing_docs)]
@@ -140,7 +140,7 @@ impl Message for SupplyKeypairRequest {
}
}
fn setup<B: ByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
fn setup<B: SplitByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
let mut r: Ref<B, Self> = buf.zk_zeroized()?;
r.init();
Ok(r)
@@ -169,7 +169,7 @@ pub mod supply_keypair_response_status {
#[allow(missing_docs)]
#[repr(packed)]
#[derive(Debug, Copy, Clone, Hash, AsBytes, FromBytes, FromZeroes, PartialEq, Eq)]
#[derive(Debug, Copy, Clone, Hash, IntoBytes, FromBytes, PartialEq, Eq, Immutable, KnownLayout)]
pub struct SupplyKeypairResponsePayload {
#[allow(missing_docs)]
pub status: u128,
@@ -197,7 +197,7 @@ impl Message for SupplyKeypairResponse {
}
}
fn setup<B: ByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
fn setup<B: SplitByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
let mut r: Ref<B, Self> = buf.zk_zeroized()?;
r.init();
Ok(r)
@@ -210,7 +210,7 @@ impl Message for SupplyKeypairResponse {
#[allow(missing_docs)]
#[repr(packed)]
#[derive(Debug, Copy, Clone, Hash, AsBytes, FromBytes, FromZeroes, PartialEq, Eq)]
#[derive(Debug, Copy, Clone, Hash, IntoBytes, FromBytes, PartialEq, Eq, Immutable, KnownLayout)]
pub struct AddListenSocketRequestPayload {}
#[allow(missing_docs)]
@@ -241,7 +241,7 @@ impl Message for AddListenSocketRequest {
}
}
fn setup<B: ByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
fn setup<B: SplitByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
let mut r: Ref<B, Self> = buf.zk_zeroized()?;
r.init();
Ok(r)
@@ -264,7 +264,7 @@ pub mod add_listen_socket_response_status {
#[allow(missing_docs)]
#[repr(packed)]
#[derive(Debug, Copy, Clone, Hash, AsBytes, FromBytes, FromZeroes, PartialEq, Eq)]
#[derive(Debug, Copy, Clone, Hash, IntoBytes, FromBytes, PartialEq, Eq, Immutable, KnownLayout)]
pub struct AddListenSocketResponsePayload {
pub status: u128,
}
@@ -291,7 +291,7 @@ impl Message for AddListenSocketResponse {
}
}
fn setup<B: ByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
fn setup<B: SplitByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
let mut r: Ref<B, Self> = buf.zk_zeroized()?;
r.init();
Ok(r)
@@ -304,7 +304,7 @@ impl Message for AddListenSocketResponse {
#[allow(missing_docs)]
#[repr(packed)]
#[derive(Debug, Copy, Clone, Hash, AsBytes, FromBytes, FromZeroes, PartialEq, Eq)]
#[derive(Debug, Copy, Clone, Hash, IntoBytes, FromBytes, PartialEq, Eq, Immutable, KnownLayout)]
pub struct AddPskBrokerRequestPayload {}
#[allow(missing_docs)]
@@ -336,7 +336,7 @@ impl Message for AddPskBrokerRequest {
}
}
fn setup<B: ByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
fn setup<B: SplitByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
let mut r: Ref<B, Self> = buf.zk_zeroized()?;
r.init();
Ok(r)
@@ -359,7 +359,7 @@ pub mod add_psk_broker_response_status {
#[allow(missing_docs)]
#[repr(packed)]
#[derive(Debug, Copy, Clone, Hash, AsBytes, FromBytes, FromZeroes, PartialEq, Eq)]
#[derive(Debug, Copy, Clone, Hash, IntoBytes, FromBytes, PartialEq, Eq, Immutable, KnownLayout)]
pub struct AddPskBrokerResponsePayload {
pub status: u128,
}
@@ -386,7 +386,7 @@ impl Message for AddPskBrokerResponse {
}
}
fn setup<B: ByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
fn setup<B: SplitByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self>> {
let mut r: Ref<B, Self> = buf.zk_zeroized()?;
r.init();
Ok(r)

34
rosenpass/src/api/boilerplate/request_ref.rs
View File

@@ -1,6 +1,6 @@
use anyhow::ensure;
use anyhow::{anyhow, ensure};
use zerocopy::{ByteSlice, ByteSliceMut, Ref};
use zerocopy::{IntoBytes, Ref, SplitByteSlice, SplitByteSliceMut};
use super::{ByteSliceRefExt, MessageAttributes, PingRequest, RequestMsgType};
@@ -13,7 +13,7 @@ struct RequestRefMaker<B> {
msg_type: RequestMsgType,
}
impl<B: ByteSlice> RequestRef<B> {
impl<B: SplitByteSlice> RequestRef<B> {
/// Produce a [RequestRef] from a raw message buffer,
/// reading the type from the buffer
///
@@ -95,7 +95,7 @@ impl<B> From<Ref<B, super::AddPskBrokerRequest>> for RequestRef<B> {
}
}
impl<B: ByteSlice> RequestRefMaker<B> {
impl<B: SplitByteSlice> RequestRefMaker<B> {
fn new(buf: B) -> anyhow::Result<Self> {
let msg_type = buf.deref().request_msg_type_from_prefix()?;
Ok(Self { buf, msg_type })
@@ -125,7 +125,8 @@ impl<B: ByteSlice> RequestRefMaker<B> {
self.ensure_fit()?;
let point = self.target_size();
let Self { buf, msg_type } = self;
let (buf, _) = buf.split_at(point);
let (buf, _) = buf.split_at(point)
.map_err(|_| anyhow!("Failed to split buffer"))?;
Ok(Self { buf, msg_type })
}
@@ -134,7 +135,8 @@ impl<B: ByteSlice> RequestRefMaker<B> {
self.ensure_fit()?;
let point = self.buf.len() - self.target_size();
let Self { buf, msg_type } = self;
let (buf, _) = buf.split_at(point);
let (buf, _) = buf.split_at(point)
.map_err(|_| anyhow!("Failed to split buffer"))?;
Ok(Self { buf, msg_type })
}
@@ -159,7 +161,7 @@ pub enum RequestRef<B> {
impl<B> RequestRef<B>
where
B: ByteSlice,
B: SplitByteSlice,
{
/// Access the byte data of this reference
///
@@ -168,25 +170,25 @@ where
/// See [Self::parse].
pub fn bytes(&self) -> &[u8] {
match self {
Self::Ping(r) => r.bytes(),
Self::SupplyKeypair(r) => r.bytes(),
Self::AddListenSocket(r) => r.bytes(),
Self::AddPskBroker(r) => r.bytes(),
Self::Ping(r) => r.as_bytes(),
Self::SupplyKeypair(r) => r.as_bytes(),
Self::AddListenSocket(r) => r.as_bytes(),
Self::AddPskBroker(r) => r.as_bytes(),
}
}
}
impl<B> RequestRef<B>
where
B: ByteSliceMut,
B: SplitByteSliceMut,
{
/// Access the byte data of this reference; mutably
pub fn bytes_mut(&mut self) -> &[u8] {
match self {
Self::Ping(r) => r.bytes_mut(),
Self::SupplyKeypair(r) => r.bytes_mut(),
Self::AddListenSocket(r) => r.bytes_mut(),
Self::AddPskBroker(r) => r.bytes_mut(),
Self::Ping(r) => r.as_mut_bytes(),
Self::SupplyKeypair(r) => r.as_mut_bytes(),
Self::AddListenSocket(r) => r.as_mut_bytes(),
Self::AddPskBroker(r) => r.as_mut_bytes(),
}
}
}

20
rosenpass/src/api/boilerplate/request_response.rs
View File

@@ -1,7 +1,7 @@
use rosenpass_util::zerocopy::{
RefMaker, ZerocopyEmancipateExt, ZerocopyEmancipateMutExt, ZerocopySliceExt,
};
use zerocopy::{ByteSlice, ByteSliceMut, Ref};
use zerocopy::{Immutable, KnownLayout, Ref, SplitByteSlice, SplitByteSliceMut};
use super::{Message, PingRequest, PingResponse};
use super::{RequestRef, ResponseRef, ZerocopyResponseMakerSetupMessageExt};
@@ -9,27 +9,27 @@ use super::{RequestRef, ResponseRef, ZerocopyResponseMakerSetupMessageExt};
/// Extension trait for [Message]s that are requests messages
pub trait RequestMsg: Sized + Message {
/// The response message belonging to this request message
type ResponseMsg: ResponseMsg;
type ResponseMsg: ResponseMsg + Immutable + KnownLayout;
/// Construct a response make for this particular message
fn zk_response_maker<B: ByteSlice>(buf: B) -> RefMaker<B, Self::ResponseMsg> {
fn zk_response_maker<B: SplitByteSlice>(buf: B) -> RefMaker<B, Self::ResponseMsg> {
buf.zk_ref_maker()
}
/// Setup a response maker (through [Message::setup]) for this request message type
fn setup_response<B: ByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self::ResponseMsg>> {
fn setup_response<B: SplitByteSliceMut>(buf: B) -> anyhow::Result<Ref<B, Self::ResponseMsg>> {
Self::zk_response_maker(buf).setup_msg()
}
/// Setup a response maker from a buffer prefix (through [Message::setup]) for this request message type
fn setup_response_from_prefix<B: ByteSliceMut>(
fn setup_response_from_prefix<B: SplitByteSliceMut>(
buf: B,
) -> anyhow::Result<Ref<B, Self::ResponseMsg>> {
Self::zk_response_maker(buf).from_prefix()?.setup_msg()
}
/// Setup a response maker from a buffer suffix (through [Message::setup]) for this request message type
fn setup_response_from_suffix<B: ByteSliceMut>(
fn setup_response_from_suffix<B: SplitByteSliceMut>(
buf: B,
) -> anyhow::Result<Ref<B, Self::ResponseMsg>> {
Self::zk_response_maker(buf).from_prefix()?.setup_msg()
@@ -125,8 +125,8 @@ impl<B1, B2> From<AddPskBrokerPair<B1, B2>> for RequestResponsePair<B1, B2> {
impl<B1, B2> RequestResponsePair<B1, B2>
where
B1: ByteSlice,
B2: ByteSlice,
B1: SplitByteSlice,
B2: SplitByteSlice,
{
/// Returns a tuple to both the request and the response message
pub fn both(&self) -> (RequestRef<&[u8]>, ResponseRef<&[u8]>) {
@@ -167,8 +167,8 @@ where
impl<B1, B2> RequestResponsePair<B1, B2>
where
B1: ByteSliceMut,
B2: ByteSliceMut,
B1: SplitByteSliceMut,
B2: SplitByteSliceMut,
{
/// Returns a mutable tuple to both the request and the response message
pub fn both_mut(&mut self) -> (RequestRef<&mut [u8]>, ResponseRef<&mut [u8]>) {

34
rosenpass/src/api/boilerplate/response_ref.rs
View File

@@ -1,7 +1,7 @@
// TODO: This is copied verbatim from ResponseRef…not pretty
use anyhow::ensure;
use anyhow::{anyhow, ensure};
use zerocopy::{ByteSlice, ByteSliceMut, Ref};
use zerocopy::{IntoBytes, Ref, SplitByteSlice, SplitByteSliceMut};
use super::{ByteSliceRefExt, MessageAttributes, PingResponse, ResponseMsgType};
@@ -16,7 +16,7 @@ struct ResponseRefMaker<B> {
msg_type: ResponseMsgType,
}
impl<B: ByteSlice> ResponseRef<B> {
impl<B: SplitByteSlice> ResponseRef<B> {
/// Produce a [ResponseRef] from a raw message buffer,
/// reading the type from the buffer
///
@@ -99,7 +99,7 @@ impl<B> From<Ref<B, super::AddPskBrokerResponse>> for ResponseRef<B> {
}
}
impl<B: ByteSlice> ResponseRefMaker<B> {
impl<B: SplitByteSlice> ResponseRefMaker<B> {
fn new(buf: B) -> anyhow::Result<Self> {
let msg_type = buf.deref().response_msg_type_from_prefix()?;
Ok(Self { buf, msg_type })
@@ -129,7 +129,8 @@ impl<B: ByteSlice> ResponseRefMaker<B> {
self.ensure_fit()?;
let point = self.target_size();
let Self { buf, msg_type } = self;
let (buf, _) = buf.split_at(point);
let (buf, _) = buf.split_at(point)
.map_err(|_| anyhow!("Failed to split buffer!"))?;
Ok(Self { buf, msg_type })
}
@@ -138,7 +139,8 @@ impl<B: ByteSlice> ResponseRefMaker<B> {
self.ensure_fit()?;
let point = self.buf.len() - self.target_size();
let Self { buf, msg_type } = self;
let (buf, _) = buf.split_at(point);
let (buf, _) = buf.split_at(point)
.map_err(|_| anyhow!("Failed to split buffer!"))?;
Ok(Self { buf, msg_type })
}
@@ -163,7 +165,7 @@ pub enum ResponseRef<B> {
impl<B> ResponseRef<B>
where
B: ByteSlice,
B: SplitByteSlice,
{
/// Access the byte data of this reference
///
@@ -172,25 +174,25 @@ where
/// See [Self::parse].
pub fn bytes(&self) -> &[u8] {
match self {
Self::Ping(r) => r.bytes(),
Self::SupplyKeypair(r) => r.bytes(),
Self::AddListenSocket(r) => r.bytes(),
Self::AddPskBroker(r) => r.bytes(),
Self::Ping(r) => r.as_bytes(),
Self::SupplyKeypair(r) => r.as_bytes(),
Self::AddListenSocket(r) => r.as_bytes(),
Self::AddPskBroker(r) => r.as_bytes(),
}
}
}
impl<B> ResponseRef<B>
where
B: ByteSliceMut,
B: SplitByteSliceMut,
{
/// Access the byte data of this reference; mutably
pub fn bytes_mut(&mut self) -> &[u8] {
match self {
Self::Ping(r) => r.bytes_mut(),
Self::SupplyKeypair(r) => r.bytes_mut(),
Self::AddListenSocket(r) => r.bytes_mut(),
Self::AddPskBroker(r) => r.bytes_mut(),
Self::Ping(r) => r.as_mut_bytes(),
Self::SupplyKeypair(r) => r.as_mut_bytes(),
Self::AddListenSocket(r) => r.as_mut_bytes(),
Self::AddPskBroker(r) => r.as_mut_bytes(),
}
}
}

10
rosenpass/src/api/boilerplate/server.rs
View File

@@ -1,6 +1,6 @@
use super::{ByteSliceRefExt, Message, PingRequest, PingResponse, RequestRef, RequestResponsePair};
use std::{collections::VecDeque, os::fd::OwnedFd};
use zerocopy::{ByteSlice, ByteSliceMut};
use zerocopy::{SplitByteSlice, SplitByteSliceMut};
/// The rosenpass API implementation functions.
///
@@ -152,8 +152,8 @@ pub trait Server {
req_fds: &mut VecDeque<OwnedFd>,
) -> anyhow::Result<()>
where
ReqBuf: ByteSlice,
ResBuf: ByteSliceMut,
ReqBuf: SplitByteSlice,
ResBuf: SplitByteSliceMut,
{
match p {
RequestResponsePair::Ping((req, res)) => self.ping(req, req_fds, res),
@@ -182,8 +182,8 @@ pub trait Server {
res: ResBuf,
) -> anyhow::Result<usize>
where
ReqBuf: ByteSlice,
ResBuf: ByteSliceMut,
ReqBuf: SplitByteSlice,
ResBuf: SplitByteSliceMut,
{
let req = req.parse_request_from_prefix()?;
// TODO: This is not pretty; This match should be moved into RequestRef

2
rosenpass/src/app_server.rs
View File

@@ -13,7 +13,7 @@ use signal_hook_mio::v1_0 as signal_hook_mio;
use anyhow::{bail, Context, Result};
use derive_builder::Builder;
use log::{error, info, warn};
use zerocopy::AsBytes;
use zerocopy::IntoBytes;
use rosenpass_util::attempt;
use rosenpass_util::fmt::debug::NullDebug;

30
rosenpass/src/msgs.rs
View File

@@ -9,7 +9,7 @@
//! To achieve this we utilize the zerocopy library.
//!
use std::mem::size_of;
use zerocopy::{AsBytes, FromBytes, FromZeroes};
use zerocopy::{FromBytes, Immutable, IntoBytes, KnownLayout};
use super::RosenpassError;
use rosenpass_cipher_traits::primitives::{Aead as _, Kem};
@@ -51,7 +51,7 @@ pub type MsgEnvelopeCookie = [u8; COOKIE_SIZE];
///
/// ```
/// use rosenpass::msgs::{Envelope, InitHello};
/// use zerocopy::{AsBytes, FromBytes, Ref, FromZeroes};
/// use zerocopy::{IntoBytes, FromBytes, Ref};
/// use memoffset::offset_of;
///
/// // Zero-initialization
@@ -76,8 +76,8 @@ pub type MsgEnvelopeCookie = [u8; COOKIE_SIZE];
/// assert_eq!(ih3.msg_type, 42);
/// ```
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes, Clone)]
pub struct Envelope<M: AsBytes + FromBytes> {
#[derive(IntoBytes, FromBytes, Clone, Immutable, KnownLayout)]
pub struct Envelope<M: IntoBytes + FromBytes> {
/// [MsgType] of this message
pub msg_type: u8,
/// Reserved for future use
@@ -106,7 +106,7 @@ pub struct Envelope<M: AsBytes + FromBytes> {
///
/// ```
/// use rosenpass::msgs::{Envelope, InitHello};
/// use zerocopy::{AsBytes, FromBytes, Ref, FromZeroes};
/// use zerocopy::{IntoBytes, FromBytes, Ref};
/// use memoffset::span_of;
///
/// // Zero initialization
@@ -126,7 +126,7 @@ pub struct Envelope<M: AsBytes + FromBytes> {
/// assert_eq!(ih.payload.sidi, [1,2,3,4]);
/// ```
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes)]
#[derive(IntoBytes, FromBytes, Immutable, KnownLayout)]
pub struct InitHello {
/// Randomly generated connection id
pub sidi: [u8; 4],
@@ -155,7 +155,7 @@ pub struct InitHello {
///
/// ```
/// use rosenpass::msgs::{Envelope, RespHello};
/// use zerocopy::{AsBytes, FromBytes, Ref, FromZeroes};
/// use zerocopy::{IntoBytes, FromBytes, Ref};
/// use memoffset::span_of;
///
/// // Zero initialization
@@ -175,7 +175,7 @@ pub struct InitHello {
/// assert_eq!(ih.payload.sidi, [1,2,3,4]);
/// ```
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes)]
#[derive(IntoBytes, FromBytes, Immutable, KnownLayout)]
pub struct RespHello {
/// Randomly generated connection id
pub sidr: [u8; 4],
@@ -206,7 +206,7 @@ pub struct RespHello {
///
/// ```
/// use rosenpass::msgs::{Envelope, InitConf};
/// use zerocopy::{AsBytes, FromBytes, Ref, FromZeroes};
/// use zerocopy::{IntoBytes, FromBytes, Ref};
/// use memoffset::span_of;
///
/// // Zero initialization
@@ -226,7 +226,7 @@ pub struct RespHello {
/// assert_eq!(ih.payload.sidi, [1,2,3,4]);
/// ```
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes, Debug)]
#[derive(IntoBytes, FromBytes, Debug, Immutable, KnownLayout)]
pub struct InitConf {
/// Copied from InitHello
pub sidi: [u8; 4],
@@ -264,7 +264,7 @@ pub struct InitConf {
///
/// ```
/// use rosenpass::msgs::{Envelope, EmptyData};
/// use zerocopy::{AsBytes, FromBytes, Ref, FromZeroes};
/// use zerocopy::{IntoBytes, FromBytes, Ref};
/// use memoffset::span_of;
///
/// // Zero initialization
@@ -284,7 +284,7 @@ pub struct InitConf {
/// assert_eq!(ih.payload.sid, [1,2,3,4]);
/// ```
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes, Clone, Copy)]
#[derive(IntoBytes, FromBytes, Clone, Copy, Immutable, KnownLayout)]
pub struct EmptyData {
/// Copied from RespHello
pub sid: [u8; 4],
@@ -311,7 +311,7 @@ pub struct EmptyData {
///
/// [Envelope] and [InitHello] contain some extra examples on how to use structures from the [::zerocopy] crate.
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes)]
#[derive(IntoBytes, FromBytes, Immutable, KnownLayout)]
pub struct Biscuit {
/// H(spki) Ident ifies the initiator
pub pidi: [u8; KEY_LEN],
@@ -336,7 +336,7 @@ pub struct Biscuit {
///
/// [Envelope] and [InitHello] contain some extra examples on how to use structures from the [::zerocopy] crate.
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes)]
#[derive(IntoBytes, FromBytes, Immutable, KnownLayout)]
pub struct CookieReplyInner {
/// [MsgType] of this message
pub msg_type: u8,
@@ -363,7 +363,7 @@ pub struct CookieReplyInner {
///
/// [Envelope] and [InitHello] contain some extra examples on how to use structures from the [::zerocopy] crate.
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes)]
#[derive(IntoBytes, FromBytes, Immutable, KnownLayout)]
pub struct CookieReply {
pub inner: CookieReplyInner,
pub padding: [u8; size_of::<Envelope<InitHello>>() - size_of::<CookieReplyInner>()],

18
rosenpass/src/protocol/protocol.rs
View File

@@ -17,7 +17,7 @@ use std::{
use anyhow::{bail, ensure, Context, Result};
use assert_tv::{TestVector, TestVectorNOP};
use memoffset::span_of;
use zerocopy::{AsBytes, FromBytes, Ref};
use zerocopy::{FromBytes, Immutable, IntoBytes, KnownLayout, Ref};
use rosenpass_cipher_traits::primitives::{
Aead as _, AeadWithNonceInCiphertext, Kem, KeyedHashInstance,
@@ -413,7 +413,7 @@ pub struct InitiatorHandshake {
///
/// Used as [KnownInitConfResponse] for now cache [EmptyData] (responder confirmation)
/// responses to [InitConf]
pub struct KnownResponse<ResponseType: AsBytes + FromBytes> {
pub struct KnownResponse<ResponseType: IntoBytes + FromBytes> {
/// When the response was initially computed
pub received_at: Timing,
/// Hash of the message that triggered the response; created using
@@ -423,7 +423,7 @@ pub struct KnownResponse<ResponseType: AsBytes + FromBytes> {
pub response: Envelope<ResponseType>,
}
impl<ResponseType: AsBytes + FromBytes> Debug for KnownResponse<ResponseType> {
impl<ResponseType: IntoBytes + FromBytes> Debug for KnownResponse<ResponseType> {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
f.debug_struct("KnownResponse")
.field("received_at", &self.received_at)
@@ -435,7 +435,7 @@ impl<ResponseType: AsBytes + FromBytes> Debug for KnownResponse<ResponseType> {
#[test]
fn known_response_format() {
use zerocopy::FromZeroes;
use zerocopy::FromZeros;
let v = KnownResponse::<[u8; 32]> {
received_at: 42.0,
@@ -508,7 +508,7 @@ impl KnownResponseHasher {
/// # Panic & Safety
///
/// Panics in case of a problem with this underlying hash function
pub fn hash<Msg: AsBytes + FromBytes>(&self, msg: &Envelope<Msg>) -> KnownResponseHash {
pub fn hash<Msg: IntoBytes + FromBytes + Immutable>(&self, msg: &Envelope<Msg>) -> KnownResponseHash {
let data = &msg.as_bytes()[span_of!(Envelope<Msg>, msg_type..cookie)];
// This function is only used internally and results are not propagated
// to outside the peer. Thus, it uses SHAKE256 exclusively.
@@ -2354,8 +2354,8 @@ impl CryptoServer {
///
/// To save some code, the function returns the size of the message,
/// but the same could be easily achieved by calling [size_of] with the
/// message type or by calling [AsBytes::as_bytes] on the message reference.
pub fn seal_and_commit_msg<M: AsBytes + FromBytes>(
/// message type or by calling [IntoBytes::as_bytes] on the message reference.
pub fn seal_and_commit_msg<M: IntoBytes + FromBytes + Immutable + KnownLayout>(
&mut self,
peer: PeerPtr,
msg_type: MsgType,
@@ -3078,7 +3078,7 @@ impl IniHsPtr {
impl<M> Envelope<M>
where
M: AsBytes + FromBytes,
M: IntoBytes + FromBytes + Immutable + KnownLayout,
{
/// Internal business logic: Calculate the message authentication code (`mac`) and also append cookie value
pub fn seal(&mut self, peer: PeerPtr, srv: &CryptoServer) -> Result<()> {
@@ -3107,7 +3107,7 @@ where
impl<M> Envelope<M>
where
M: AsBytes + FromBytes,
M: IntoBytes + FromBytes + Immutable + KnownLayout,
{
/// Internal business logic: Check the message authentication code produced by [Self::seal]
pub fn check_seal(&self, srv: &CryptoServer, shake_or_blake: KeyedHash) -> Result<bool> {

6
rosenpass/src/protocol/zerocopy.rs
View File

@@ -2,19 +2,19 @@
use std::mem::size_of;
use zerocopy::{FromBytes, Ref};
use zerocopy::{FromBytes, Immutable, KnownLayout, Ref};
use crate::RosenpassError;
/// Used to parse a network message using [zerocopy]
pub fn truncating_cast_into<T: FromBytes>(
pub fn truncating_cast_into<T: FromBytes + KnownLayout + Immutable>(
buf: &mut [u8],
) -> Result<Ref<&mut [u8], T>, RosenpassError> {
Ref::new(&mut buf[..size_of::<T>()]).ok_or(RosenpassError::BufferSizeMismatch)
}
/// Used to parse a network message using [zerocopy], mutably
pub fn truncating_cast_into_nomut<T: FromBytes>(
pub fn truncating_cast_into_nomut<T: FromBytes + KnownLayout + Immutable>(
buf: &[u8],
) -> Result<Ref<&[u8], T>, RosenpassError> {
Ref::new(&buf[..size_of::<T>()]).ok_or(RosenpassError::BufferSizeMismatch)

5
util/src/ipc/shm/ringbuf/main.rs
View File

@@ -2,6 +2,8 @@
use std::{borrow::Borrow, sync::atomic::AtomicU64};
use zerocopy::{FromBytes, IntoBytes};
use crate::{
ipc::shm::SharedMemorySegment,
ringbuf::concurrent::framework::{
@@ -13,7 +15,8 @@ use crate::{
///
/// These values must be shared between the reader/writer in such a way that access to the inner
/// variables is synchronized and atomic between the two parties.
#[derive(Debug, Default)]
#[repr(C)]
#[derive(Debug, Default, IntoBytes, FromBytes)]
pub struct ShmPipeVariables {
/// See [crate::ringbuf::sched::RingBufferScheduler::items_read()]
pub items_read: AtomicU64,

41
util/src/zerocopy/ref_maker.rs
View File

@@ -1,9 +1,9 @@
//! A module providing the [`RefMaker`] type and its associated methods for constructing
//! [`zerocopy::Ref`] references from byte buffers.
use anyhow::{ensure, Context};
use anyhow::ensure;
use std::marker::PhantomData;
use zerocopy::{ByteSlice, ByteSliceMut, Ref};
use zerocopy::{Immutable, KnownLayout, Ref, SplitByteSlice, SplitByteSliceMut};
use zeroize::Zeroize;
use crate::zeroize::ZeroizedExt;
@@ -82,7 +82,10 @@ impl<B, T> RefMaker<B, T> {
}
}
impl<B: ByteSlice, T> RefMaker<B, T> {
impl<B: SplitByteSlice, T> RefMaker<B, T>
where
T: KnownLayout + Immutable,
{
/// Parses the buffer into a [`zerocopy::Ref<B, T>`].
///
/// This will fail if the buffer is smaller than `size_of::<T>`.
@@ -120,7 +123,7 @@ impl<B: ByteSlice, T> RefMaker<B, T> {
/// ```
pub fn parse(self) -> anyhow::Result<Ref<B, T>> {
self.ensure_fit()?;
Ref::<B, T>::new(self.buf).context("Parser error!")
Ref::<B, T>::from_bytes(self.buf).map_err(|e| anyhow::anyhow!("Parser error: {e:?}"))
}
/// Splits the internal buffer into a `RefMaker` containing a buffer with
@@ -142,7 +145,10 @@ impl<B: ByteSlice, T> RefMaker<B, T> {
/// ```
pub fn from_prefix_with_tail(self) -> anyhow::Result<(Self, B)> {
self.ensure_fit()?;
let (head, tail) = self.buf.split_at(Self::target_size());
let (head, tail) = self
.buf
.split_at(Self::target_size())
.map_err(|_| anyhow::anyhow!("Failed to split buffer!"))?;
Ok((Self::new(head), tail))
}
@@ -165,7 +171,10 @@ impl<B: ByteSlice, T> RefMaker<B, T> {
/// ```
pub fn split_prefix(self) -> anyhow::Result<(Self, Self)> {
self.ensure_fit()?;
let (head, tail) = self.buf.split_at(Self::target_size());
let (head, tail) = self
.buf
.split_at(Self::target_size())
.map_err(|_| anyhow::anyhow!("Failed to split buffer!"))?;
Ok((Self::new(head), Self::new(tail)))
}
@@ -204,7 +213,10 @@ impl<B: ByteSlice, T> RefMaker<B, T> {
pub fn from_suffix_with_head(self) -> anyhow::Result<(Self, B)> {
self.ensure_fit()?;
let point = self.bytes().len() - Self::target_size();
let (head, tail) = self.buf.split_at(point);
let (head, tail) = self
.buf
.split_at(point)
.map_err(|_| anyhow::anyhow!("Failed to split buffer!"))?;
Ok((Self::new(tail), head))
}
@@ -227,7 +239,10 @@ impl<B: ByteSlice, T> RefMaker<B, T> {
pub fn split_suffix(self) -> anyhow::Result<(Self, Self)> {
self.ensure_fit()?;
let point = self.bytes().len() - Self::target_size();
let (head, tail) = self.buf.split_at(point);
let (head, tail) = self
.buf
.split_at(point)
.map_err(|_| anyhow::anyhow!("Failed to split buffer!"))?;
Ok((Self::new(head), Self::new(tail)))
}
@@ -282,7 +297,10 @@ impl<B: ByteSlice, T> RefMaker<B, T> {
}
}
impl<B: ByteSliceMut, T> RefMaker<B, T> {
impl<B: SplitByteSliceMut, T> RefMaker<B, T>
where
T: KnownLayout + Immutable,
{
/// Creates a zeroized reference of type `T` from the buffer.
///
/// # Errors
@@ -312,7 +330,10 @@ impl<B: ByteSliceMut, T> RefMaker<B, T> {
}
}
impl<B: ByteSliceMut, T> Zeroize for RefMaker<B, T> {
impl<B: SplitByteSliceMut, T> Zeroize for RefMaker<B, T>
where
T: KnownLayout + Immutable,
{
fn zeroize(&mut self) {
self.bytes_mut().zeroize()
}

14
util/src/zerocopy/zerocopy_ref_ext.rs
View File

@@ -1,7 +1,7 @@
//! Extension traits for converting `Ref<B, T>` into references backed by
//! standard slices.
use zerocopy::{ByteSlice, ByteSliceMut, Ref};
use zerocopy::{SplitByteSlice, SplitByteSliceMut, Immutable, KnownLayout, Ref};
/// A trait for converting a `Ref<B, T>` into a `Ref<&[u8], T>`.
///
@@ -16,7 +16,7 @@ pub trait ZerocopyEmancipateExt<B, T> {
///
/// ```
/// # use std::ops::Deref;
/// # use zerocopy::{AsBytes, ByteSlice, FromBytes, FromZeroes, Ref};
/// # use zerocopy::{AsBytes, SplitByteSlice, FromBytes, FromZeroes, Ref};
/// # use rosenpass_util::zerocopy::ZerocopyEmancipateExt;
/// #[derive(FromBytes, FromZeroes, AsBytes)]
/// #[repr(C)]
@@ -64,18 +64,20 @@ pub trait ZerocopyEmancipateMutExt<B, T> {
impl<B, T> ZerocopyEmancipateExt<B, T> for Ref<B, T>
where
B: ByteSlice,
B: SplitByteSlice,
T: KnownLayout + Immutable,
{
fn emancipate(&self) -> Ref<&[u8], T> {
Ref::new(self.bytes()).unwrap()
Ref::new(zerocopy::Ref::<B, T>::bytes(&self)).unwrap()
}
}
impl<B, T> ZerocopyEmancipateMutExt<B, T> for Ref<B, T>
where
B: ByteSliceMut,
B: SplitByteSliceMut,
T: KnownLayout + Immutable,
{
fn emancipate_mut(&mut self) -> Ref<&mut [u8], T> {
Ref::new(self.bytes_mut()).unwrap()
Ref::new(zerocopy::Ref::<B, T>::bytes_mut(self)).unwrap()
}
}

40
util/src/zerocopy/zerocopy_slice_ext.rs
View File

@@ -1,7 +1,7 @@
//! Extension traits for parsing slices into [`zerocopy::Ref`] values using the
//! [`RefMaker`] abstraction.
use zerocopy::{ByteSlice, ByteSliceMut, Ref};
use zerocopy::{Immutable, KnownLayout, Ref, SplitByteSlice, SplitByteSliceMut};
use super::RefMaker;
@@ -9,7 +9,7 @@ use super::RefMaker;
///
/// This trait adds methods for creating [`Ref`] references from
/// slices by using the [`RefMaker`] type internally.
pub trait ZerocopySliceExt: Sized + ByteSlice {
pub trait ZerocopySliceExt: Sized + SplitByteSlice {
/// Creates a new `RefMaker` for the given slice.
///
/// # Example
@@ -52,7 +52,10 @@ pub trait ZerocopySliceExt: Sized + ByteSlice {
/// assert_eq!(data_ref.0, 0x0201);
/// assert_eq!(data_ref.1, 0x0403);
/// ```
fn zk_parse<T>(self) -> anyhow::Result<Ref<Self, T>> {
fn zk_parse<T>(self) -> anyhow::Result<Ref<Self, T>>
where
T: Immutable + KnownLayout,
{
self.zk_ref_maker().parse()
}
@@ -80,7 +83,10 @@ pub trait ZerocopySliceExt: Sized + ByteSlice {
/// let header_ref = bytes.0.zk_parse_prefix::<Header>().unwrap();
/// assert_eq!(header_ref.0, 0xDDCCBBAA);
/// ```
fn zk_parse_prefix<T>(self) -> anyhow::Result<Ref<Self, T>> {
fn zk_parse_prefix<T>(self) -> anyhow::Result<Ref<Self, T>>
where
T: Immutable + KnownLayout,
{
self.zk_ref_maker().from_prefix()?.parse()
}
@@ -108,18 +114,21 @@ pub trait ZerocopySliceExt: Sized + ByteSlice {
/// let header_ref = bytes.0.zk_parse_suffix::<Header>().unwrap();
/// assert_eq!(header_ref.0, 0x30201000);
/// ```
fn zk_parse_suffix<T>(self) -> anyhow::Result<Ref<Self, T>> {
fn zk_parse_suffix<T>(self) -> anyhow::Result<Ref<Self, T>>
where
T: Immutable + KnownLayout,
{
self.zk_ref_maker().from_suffix()?.parse()
}
}
impl<B: ByteSlice> ZerocopySliceExt for B {}
impl<B: SplitByteSlice> ZerocopySliceExt for B {}
/// Extension trait for zero-copy parsing of mutable slices with zeroization
/// capabilities.
///
/// Provides convenience methods to create zero-initialized references.
pub trait ZerocopyMutSliceExt: ZerocopySliceExt + Sized + ByteSliceMut {
pub trait ZerocopyMutSliceExt: ZerocopySliceExt + Sized + SplitByteSliceMut {
/// Creates a new zeroized reference from the entire slice.
///
/// This zeroizes the slice first, then provides a `Ref`.
@@ -143,7 +152,10 @@ pub trait ZerocopyMutSliceExt: ZerocopySliceExt + Sized + ByteSliceMut {
/// assert_eq!(data_ref.0, [0,0,0,0]);
/// assert_eq!(bytes.0, [0, 0, 0, 0]);
/// ```
fn zk_zeroized<T>(self) -> anyhow::Result<Ref<Self, T>> {
fn zk_zeroized<T>(self) -> anyhow::Result<Ref<Self, T>>
where
T: Immutable + KnownLayout,
{
self.zk_ref_maker().make_zeroized()
}
@@ -171,7 +183,10 @@ pub trait ZerocopyMutSliceExt: ZerocopySliceExt + Sized + ByteSliceMut {
/// assert_eq!(data_ref.0, [0,0,0,0]);
/// assert_eq!(bytes.0, [0, 0, 0, 0, 0xFF, 0xFF]);
/// ```
fn zk_zeroized_from_prefix<T>(self) -> anyhow::Result<Ref<Self, T>> {
fn zk_zeroized_from_prefix<T>(self) -> anyhow::Result<Ref<Self, T>>
where
T: Immutable + KnownLayout,
{
self.zk_ref_maker().from_prefix()?.make_zeroized()
}
@@ -199,9 +214,12 @@ pub trait ZerocopyMutSliceExt: ZerocopySliceExt + Sized + ByteSliceMut {
/// assert_eq!(data_ref.0, [0,0,0,0]);
/// assert_eq!(bytes.0, [0xFF, 0xFF, 0, 0, 0, 0]);
/// ```
fn zk_zeroized_from_suffix<T>(self) -> anyhow::Result<Ref<Self, T>> {
fn zk_zeroized_from_suffix<T>(self) -> anyhow::Result<Ref<Self, T>>
where
T: Immutable + KnownLayout,
{
self.zk_ref_maker().from_suffix()?.make_zeroized()
}
}
impl<B: ByteSliceMut> ZerocopyMutSliceExt for B {}
impl<B: SplitByteSliceMut> ZerocopyMutSliceExt for B {}

1
wireguard-broker/Cargo.toml
View File

@@ -41,6 +41,7 @@ rand = { workspace = true }
procspawn = { workspace = true }
[features]
default = ["experiment_api"]
experiment_api = ["rustix", "libc"]
experiment_memfd_secret = []

4
wireguard-broker/src/api/client.rs
View File

@@ -38,6 +38,8 @@
use std::{borrow::BorrowMut, fmt::Debug};
use zerocopy::IntoBytes;
use crate::{
api::{
config::NetworkBrokerConfig,
@@ -219,7 +221,7 @@ where
// Send message
self.io
.borrow_mut()
.send_msg(req.bytes())
.send_msg(req.as_bytes())
.map_err(IoError)?;
Ok(())

10
wireguard-broker/src/api/msgs.rs
View File

@@ -3,7 +3,7 @@
use std::str::{from_utf8, Utf8Error};
use zerocopy::{AsBytes, FromBytes, FromZeroes};
use zerocopy::{FromBytes, Immutable, IntoBytes, KnownLayout};
/// The number of bytes reserved for overhead when packaging data.
pub const ENVELOPE_OVERHEAD: usize = 1 + 3;
@@ -15,8 +15,8 @@ pub const RESPONSE_MSG_BUFFER_SIZE: usize = ENVELOPE_OVERHEAD + 1;
/// Envelope for messages being passed around.
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes)]
pub struct Envelope<M: AsBytes + FromBytes> {
#[derive(IntoBytes, FromBytes, Immutable, KnownLayout)]
pub struct Envelope<M: IntoBytes + FromBytes> {
/// [MsgType] of this message
pub msg_type: u8,
/// Reserved for future use
@@ -29,7 +29,7 @@ pub struct Envelope<M: AsBytes + FromBytes> {
/// # Example
///
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes)]
#[derive(IntoBytes, FromBytes, Immutable, KnownLayout)]
pub struct SetPskRequest {
/// The pre-shared key.
pub psk: [u8; 32],
@@ -85,7 +85,7 @@ impl SetPskRequest {
/// Message format for response to the set pre-shared key operation.
#[repr(packed)]
#[derive(AsBytes, FromBytes, FromZeroes)]
#[derive(IntoBytes, FromBytes, Immutable, KnownLayout)]
pub struct SetPskResponse {
pub return_code: u8,
}

3
wireguard-broker/src/api/server.rs
View File

@@ -8,6 +8,7 @@
use std::borrow::BorrowMut;
use rosenpass_secret_memory::{Public, Secret};
use zerocopy::IntoBytes;
use crate::api::msgs::{self, Envelope, SetPskRequest, SetPskResponse};
use crate::WireGuardBroker;
@@ -85,7 +86,7 @@ where
res.msg_type = msgs::MsgType::SetPsk as u8;
self.handle_set_psk(&req.payload, &mut res.payload)?;
Ok(res.bytes().len())
Ok(res.as_bytes().len())
}
/// Sets the pre-shared key for the interface identified in `req` to the pre-shared key