beaconcrypt 0.3.2__tar.gz → 0.3.4__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/.github/workflows/python.yml +5 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/Cargo.lock +1 -1
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/Cargo.toml +1 -1
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/PKG-INFO +1 -1
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/beaconcrypt_test.go +26 -6
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/pyproject.toml +4 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/src/lib.rs +2 -2
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/src/pqxdh.rs +7 -8
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/tests/test_encryption.py +9 -5
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/tests/test_registration.py +2 -1
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/.cargo/config.toml +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/.github/workflows/go.yml +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/.github/workflows/release.yml +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/.github/workflows/rust.yml +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/.gitignore +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/LICENSE +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/README.md +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/beaconcrypt.go +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/bindings.h +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/build.rs +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/clippy.toml +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/doc/protocol.md +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/doc/rationale.md +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/doc/threat_model.md +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/go.mod +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/rustfmt.toml +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/src/beacon.rs +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/src/cnsa2.rs +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/src/error.rs +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/src/schema/cryptoframe.capnp +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/src/schema/phase1.capnp +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/src/schema/phase2.capnp +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/src/schema/protogram.capnp +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/src/server.rs +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/src/shared.rs +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/tests/beacon.rs +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/tests/server.rs +0 -0
- {beaconcrypt-0.3.2 → beaconcrypt-0.3.4}/uv.lock +0 -0
|
@@ -31,6 +31,11 @@ jobs:
|
|
|
31
31
|
run: |
|
|
32
32
|
sudo apt install capnproto
|
|
33
33
|
|
|
34
|
+
- name: Run Python tests
|
|
35
|
+
run: |
|
|
36
|
+
uv run --group dev maturin develop --bindings pyo3 --features pybinds
|
|
37
|
+
uv run --group dev pytest tests
|
|
38
|
+
|
|
34
39
|
- name: Build source distribution
|
|
35
40
|
run: uvx maturin sdist --out dist
|
|
36
41
|
|
|
@@ -58,7 +58,11 @@ func newBeacon(t *testing.T, serverPK []byte) *Beacon {
|
|
|
58
58
|
|
|
59
59
|
func TestRegister(t *testing.T) {
|
|
60
60
|
server := newServer(t)
|
|
61
|
-
|
|
61
|
+
serverPK, err := server.IdentityPK()
|
|
62
|
+
if err != nil {
|
|
63
|
+
t.Fatal(err)
|
|
64
|
+
}
|
|
65
|
+
beacon := newBeacon(t, serverPK)
|
|
62
66
|
|
|
63
67
|
if registerBeacon(t, server, beacon) == nil {
|
|
64
68
|
t.Fatal("expected registration to return initial message")
|
|
@@ -67,8 +71,12 @@ func TestRegister(t *testing.T) {
|
|
|
67
71
|
|
|
68
72
|
func TestEncryptToMultiple(t *testing.T) {
|
|
69
73
|
server := newServer(t)
|
|
70
|
-
|
|
71
|
-
|
|
74
|
+
serverPK, err := server.IdentityPK()
|
|
75
|
+
if err != nil {
|
|
76
|
+
t.Fatal(err)
|
|
77
|
+
}
|
|
78
|
+
b1 := newBeacon(t, serverPK)
|
|
79
|
+
b2 := newBeacon(t, serverPK)
|
|
72
80
|
message := bytes.Repeat([]byte{0x01}, 32)
|
|
73
81
|
|
|
74
82
|
b1Initial := registerBeacon(t, server, b1)
|
|
@@ -92,7 +100,11 @@ func TestEncryptToMultiple(t *testing.T) {
|
|
|
92
100
|
|
|
93
101
|
func TestEncryptMultiple(t *testing.T) {
|
|
94
102
|
server := newServer(t)
|
|
95
|
-
|
|
103
|
+
serverPK, err := server.IdentityPK()
|
|
104
|
+
if err != nil {
|
|
105
|
+
t.Fatal(err)
|
|
106
|
+
}
|
|
107
|
+
b1 := newBeacon(t, serverPK)
|
|
96
108
|
message := bytes.Repeat([]byte{0x01}, 32)
|
|
97
109
|
|
|
98
110
|
registerBeacon(t, server, b1)
|
|
@@ -112,7 +124,11 @@ func TestEncryptMultiple(t *testing.T) {
|
|
|
112
124
|
|
|
113
125
|
func TestDecryptMultiple(t *testing.T) {
|
|
114
126
|
server := newServer(t)
|
|
115
|
-
|
|
127
|
+
serverPK, err := server.IdentityPK()
|
|
128
|
+
if err != nil {
|
|
129
|
+
t.Fatal(err)
|
|
130
|
+
}
|
|
131
|
+
beacon := newBeacon(t, serverPK)
|
|
116
132
|
message := bytes.Repeat([]byte{0x01}, 32)
|
|
117
133
|
|
|
118
134
|
registerBeacon(t, server, beacon)
|
|
@@ -143,7 +159,11 @@ func TestDecryptMultiple(t *testing.T) {
|
|
|
143
159
|
|
|
144
160
|
func TestDecryptMultipleSigned(t *testing.T) {
|
|
145
161
|
server := newServer(t)
|
|
146
|
-
|
|
162
|
+
serverPK, err := server.IdentityPK()
|
|
163
|
+
if err != nil {
|
|
164
|
+
t.Fatal(err)
|
|
165
|
+
}
|
|
166
|
+
beacon := newBeacon(t, serverPK)
|
|
147
167
|
message := bytes.Repeat([]byte{0x01}, 32)
|
|
148
168
|
|
|
149
169
|
registerBeacon(t, server, beacon)
|
|
@@ -475,9 +475,9 @@ pub mod beaconcrypt_py {
|
|
|
475
475
|
#[pymethods]
|
|
476
476
|
impl Beacon {
|
|
477
477
|
#[new]
|
|
478
|
-
fn new(server_kid: u64, server_id_pk:
|
|
478
|
+
fn new(server_kid: u64, server_id_pk: &[u8]) -> Self {
|
|
479
479
|
Self {
|
|
480
|
-
_0: BeaconCryptPqxdh::new(true, server_kid, server_id_pk, None),
|
|
480
|
+
_0: BeaconCryptPqxdh::new(true, server_kid, Some(server_id_pk), None),
|
|
481
481
|
}
|
|
482
482
|
}
|
|
483
483
|
|
|
@@ -143,7 +143,7 @@ impl CryptoProvider for BeaconCryptPqxdh {
|
|
|
143
143
|
let signed = crypto_sign::sign(data, self.identity_sk()).ok()?;
|
|
144
144
|
builder.set_data(&signed);
|
|
145
145
|
let mut buffer = vec![];
|
|
146
|
-
capnp::serialize_packed::write_message(&mut buffer, t_builder.borrow_inner()).
|
|
146
|
+
capnp::serialize_packed::write_message(&mut buffer, t_builder.borrow_inner()).ok()?;
|
|
147
147
|
Some(buffer)
|
|
148
148
|
}
|
|
149
149
|
|
|
@@ -315,7 +315,7 @@ impl ProviderBeacon for BeaconCryptPqxdh {
|
|
|
315
315
|
bundle.set_pq_key(&pq_sig);
|
|
316
316
|
|
|
317
317
|
let mut buffer = vec![];
|
|
318
|
-
capnp::serialize::write_message(&mut buffer, msg.borrow_inner()).
|
|
318
|
+
capnp::serialize::write_message(&mut buffer, msg.borrow_inner()).ok()?;
|
|
319
319
|
Some(buffer)
|
|
320
320
|
}
|
|
321
321
|
|
|
@@ -374,17 +374,16 @@ impl ProviderBeacon for BeaconCryptPqxdh {
|
|
|
374
374
|
#[cfg(feature = "server")]
|
|
375
375
|
impl ProviderServer for BeaconCryptPqxdh {
|
|
376
376
|
fn get_shared_secret(&mut self, buffer: &[u8]) -> Option<RegistrationOutput> {
|
|
377
|
-
let reader = capnp::serialize::read_message(buffer, ReaderOptions::new()).
|
|
377
|
+
let reader = capnp::serialize::read_message(buffer, ReaderOptions::new()).ok()?;
|
|
378
378
|
let typed_reader = TypedReader::<_, phase1_capnp::init_kex::Owned>::new(reader);
|
|
379
|
-
let registration = typed_reader.get().
|
|
379
|
+
let registration = typed_reader.get().ok()?;
|
|
380
380
|
|
|
381
381
|
let decoded_beacon_id = decode_sign(registration.get_identity_key().ok()?).ok()?;
|
|
382
382
|
let remote_id = crypto_sign::PublicKey::from_bytes(&decoded_beacon_id).ok()?;
|
|
383
|
-
let pq_verified = crypto_sign::verify(registration.get_pq_key().ok()?, &remote_id)
|
|
384
|
-
let prekey_verified =
|
|
385
|
-
crypto_sign::verify(registration.get_pre_key().ok()?, &remote_id).unwrap();
|
|
383
|
+
let pq_verified = crypto_sign::verify(registration.get_pq_key().ok()?, &remote_id)?;
|
|
384
|
+
let prekey_verified = crypto_sign::verify(registration.get_pre_key().ok()?, &remote_id)?;
|
|
386
385
|
let onetime_verified =
|
|
387
|
-
crypto_sign::verify(registration.get_one_time_key().ok()?, &remote_id)
|
|
386
|
+
crypto_sign::verify(registration.get_one_time_key().ok()?, &remote_id)?;
|
|
388
387
|
|
|
389
388
|
let beacon_prekey =
|
|
390
389
|
crypto_kx::PublicKey::from_bytes(&decode_kem(&prekey_verified).ok()?).ok()?;
|
|
@@ -18,8 +18,9 @@ def register_beacon(
|
|
|
18
18
|
|
|
19
19
|
def test_encrypt_to_multiple():
|
|
20
20
|
server = BeaconCryptServer(0, None)
|
|
21
|
-
|
|
22
|
-
|
|
21
|
+
server_pk = server.id_pk()
|
|
22
|
+
b1 = BeaconCryptBeacon(0, server_pk)
|
|
23
|
+
b2 = BeaconCryptBeacon(0, server_pk)
|
|
23
24
|
message = bytes(0x1 * 32)
|
|
24
25
|
|
|
25
26
|
b1_initial = register_beacon(server, b1)
|
|
@@ -33,7 +34,8 @@ def test_encrypt_to_multiple():
|
|
|
33
34
|
|
|
34
35
|
def test_encrypt_multiple():
|
|
35
36
|
server = BeaconCryptServer(0, None)
|
|
36
|
-
|
|
37
|
+
server_pk = server.id_pk()
|
|
38
|
+
b1 = BeaconCryptBeacon(0, server_pk)
|
|
37
39
|
message = bytes(0x1 * 32)
|
|
38
40
|
|
|
39
41
|
_ = register_beacon(server, b1)
|
|
@@ -45,7 +47,8 @@ def test_encrypt_multiple():
|
|
|
45
47
|
|
|
46
48
|
def test_decrypt_multiple():
|
|
47
49
|
server = BeaconCryptServer(0, None)
|
|
48
|
-
|
|
50
|
+
server_pk = server.id_pk()
|
|
51
|
+
beacon = BeaconCryptBeacon(0, server_pk)
|
|
49
52
|
message = bytes(0x1 * 32)
|
|
50
53
|
|
|
51
54
|
_ = register_beacon(server, beacon)
|
|
@@ -61,7 +64,8 @@ def test_decrypt_multiple():
|
|
|
61
64
|
|
|
62
65
|
def test_decrypt_multiple_signed():
|
|
63
66
|
server = BeaconCryptServer(0, None)
|
|
64
|
-
|
|
67
|
+
server_pk = server.id_pk()
|
|
68
|
+
beacon = BeaconCryptBeacon(0, server_pk)
|
|
65
69
|
message = bytes(0x1 * 32)
|
|
66
70
|
|
|
67
71
|
_ = register_beacon(server, beacon)
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|