A set of cryptographic primitives for building a multi-hop Proxy Re-encryption scheme, known as Transform Encryption.

Overview

recrypt

CI

A pure-Rust library that implements a set of cryptographic primitives for building a multi-hop Proxy Re-encryption scheme, known as Transform Encryption.

What is Transform Encryption?

Suppose you have two (public, private) key pairs: (A, AA) and (B, BB).

Transform Encryption allows data encrypted to one public key (A) to be transformed so that it can be decrypted using another user's private key (BB). This transformation process requires a special transform key (A -> B) that is computed using the first user's private key (AA) and the second user's public key (B). Having a transform key and performing the transformation does not allow the person doing this process to decrypt the data or to recover either user's private key.

See the Single-hop Transform Encryption Example for more details on computing a transform key and applying a transform using recrypt.

Usage

If you are building an application and would like to use Transform Encryption, you might try looking at the IronCore SDKs as they provide higher level of abstraction as part of the IronCore Privacy Platform:

  • ironweb - Javascript implementation of IronCore's Privacy Platform. Appropriate for all modern browsers.
  • ironoxide - Pure Rust implementation of IronCore's Privacy Platform.
  • ironoxide-java - Java bindings for ironoxide. Appropriate for all JVM languages.
  • ironoxide-scala - Scala wrappers around ironoxide-java.
  • ironode - NodeJS implementation of IronCore's Privacy Platform.

All SDKs are intended to be compatible with one another.

Rust Dependency

See https://crates.io/crates/recrypt for the most recent version.

Other bindings

In addition to the native Rust implementation, we provide additional bindings to Recrypt:

A Scala implementation of recrypt is also available.

API Documentation and Example Usage

See https://recrypt.rs

Security and Audits

NCC Group's Cryptography Services team has conducted an audit of this library - release 0.6.2 contains all of the audited code, including updates that were created to resolve issues that were discovered during the audit. The NCC Group audit found that the chosen pairing and elliptic curve are cryptographically sound, and that the Rust implementation is a faithful and correct embodiment of the target protocol. In addition, the audit confirmed that the implementation does not leak secret information via timing or memory access pattern side-channel attacks.

To learn more about our approach to cryptography and to read our publications, please go here.

Memory Protection

We do support memory protection via mlock. This will be detected and turned on automatically for supported platforms. If you need to disable this you can use the disable_memlock feature flag which is disabled by default.

Benchmarks

Results from 79b6e6 (from 2019-12-04)

Note: The most accurate way to characterize performance is to run the benchmarks for yourself in your target environment!

These benchmarks were done on a Thinkpad X1 Extreme (Gen2)

Abbreviated entry from /proc/cpuinfo

vendor_id       : GenuineIntel
cpu family      : 6
model           : 158
model name      : Intel(R) Core(TM) i9-9880H CPU @ 2.30GHz

If you are unfamiliar with the output of criterion.rs benchmarks, please see the docs for how to interpret the output.

$ cargo bench

256-bit generate key pair
                        time:   [757.61 us 760.48 us 764.48 us]
256-bit generate plaintext
                        time:   [2.9911 ms 2.9962 ms 3.0032 ms]
256-bit generate ed25519 keypair
                        time:   [15.627 us 15.686 us 15.793 us]
Found 1 outliers among 20 measurements (5.00%)
  1 (5.00%) high severe
256-bit generate transform key
                        time:   [15.050 ms 15.072 ms 15.094 ms]
256-bit compute public key
                        time:   [715.24 us 717.64 us 720.06 us]
Found 2 outliers among 20 measurements (10.00%)
  2 (10.00%) high mild
256-bit derive symmetric key
                        time:   [1.9093 us 1.9625 us 2.0225 us]
Found 3 outliers among 20 measurements (15.00%)
  2 (10.00%) high mild
  1 (5.00%) high severe
256-bit encrypt (level 0)
                        time:   [7.0845 ms 7.1014 ms 7.1337 ms]
Found 4 outliers among 20 measurements (20.00%)
  1 (5.00%) low mild
  3 (15.00%) high severe
256-bit decrypt (level 0)
                        time:   [6.4466 ms 6.4530 ms 6.4598 ms]
Found 1 outliers among 20 measurements (5.00%)
  1 (5.00%) high mild
256-bit transform (level 1)
                        time:   [18.466 ms 18.492 ms 18.519 ms]
256-bit decrypt (level 1)
                        time:   [22.856 ms 22.888 ms 22.927 ms]
Found 1 outliers among 20 measurements (5.00%)
  1 (5.00%) high severe
256-bit transform (level 2)
                        time:   [41.160 ms 41.339 ms 41.541 ms]
256-bit decrypt (level 2)
                        time:   [38.508 ms 38.560 ms 38.617 ms]
Found 2 outliers among 20 measurements (10.00%)
  1 (5.00%) low mild
  1 (5.00%) high severe

Contributing

Building

Rust (stable) is required.

$ cargo build

Running Tests

$ cargo test

Running benchmarks

$ cargo bench

Relation to Proxy Re-Encryption

In the academic literature, transform encryption is referred to as proxy re-encryption. A proxy re-encryption (PRE) scheme is a public-key encryption scheme, where each participant has a pair of related keys, one public and one private, which are mathematically related. Alice encrypts a message to Bob using his public key, and Bob decrypts the encrypted message using his public key to retrieve the original message.

PRE allows someone (the delegator) to delegate the ability to decrypt her messages to another person (the delegatee). Rather than just sharing her private key with the delegatee, the delegator computes a transform key (or re-encryption key) that allows messages encrypted to her public key to be transformed so they appear can be decrypted using the delegatee's private key. Computing this transform key requires the delegator's private key and the delegatee's public key; once it is computed, the key is stored on a semi-trusted proxy.

When the proxy receives a message encrypted to the delegator, it applies the transform algorithm using the transform key and delivers the transformed message to the delegatee. The proxy does not need to be trusted, because possession of the transform key does not allow the proxy to decrypt the message or to recover any information about either the delegator's or the delegatee's private keys, even if it collaborates with the delegatee.

When the delegator no longer wants to allow access, she just requests that the proxy discard the transform key. She must trust the proxy to perform this action.

PRE Scheme Properties

There are a number of ways to categorize PRE schemes; some of the most important are the following:

  • Directionality describes whether delegate from A to B also allows transformation from B to A. Unidirectional schemes do not allow this.
  • Interactivity describes whether both parties must be actively involved in order to generate the transform key. A non-interactive scheme only requires the public key of the delegatee.
  • Transitivity describes whether a proxy can re-delegate encryption. That is, if the proxy holds a transform key from A to B and a transform key from B to C, can it generate a transform key from a to C? A non-transitive scheme does not allow this.
  • Collusion safety describes whether it is possible for a delegatee to collude with the proxy that holds a transform key to that delegatee in order to recover the private key of the delegator. A collusion-safe scheme does not allow this.
  • Multi-hop describes whether it is possible to allow a delegatee to also be a delegator. That is, does the scheme allow a ciphertext that has already been transformed from Alice to Bob to subsequently be transformed from Bob to Carol. In a multi-hop situation, the proxies would chain the transformations, so any delegatee in the chain could decrypt any message that one of her delegators could decrypt.

The Recrypt library implements a PRE scheme that is unidirectional, non-interactive, non-transitive, collusion-safe, and multi-hop.

Algorithms

The PRE algorithm implemented here was originally suggested in a short paper titled "A Fully Secure Unidirectional and Multi-user Proxy Re-encryption Scheme" by H. Wang and Z. Cao, published in the proceedings of the ACM Conference on Computer and Communications Security (CCS) in 2009. The algorithm was enhanced in a paper titled "A Multi-User CCA-Secure Proxy Re-Encryption Scheme" by Y. Cai and X. Liu, published in the proceedings of the IEEE 12th International Conference on Dependable, Autonomic, and Secure Computing in 2014.

We provide a synopsis of the algorithms, along with a description of how they can be used to implement an access control system, in the paper "Cryptographically Enforced Orthogonal Access Control at Scale" by B. Wall and P. Walsh, published in SCC '18, the proceedings of the 6th International Workshop on Security in Cloud Computing in 2018.

The algorithms in these papers were very generic and made no implementation choices. They specified only the use of a bilinear pairing function. We made a number of implementation choices. Foremost, we use the optimal Ate pairing as our pairing function. This requires a "pairing-friendly" elliptic curve; we chose a Barreto-Naehrig curve, which supports efficient implementation of the pairing.

Our implementation was guided by the following papers:

  • "Pairing-Friendly Elliptic Curves of Prime Order" by P.S.L.M. Barreto and M. Naehrig, published in Proceedings of the 12th International Workshop on Selected Areas in Cryptography (SAC), 2006, pp. 319-331.

  • "Constructing Tower Extensions of Finite Fields for Implementation of Pairing-Based Cryptography" by N. Benger and M. Scott, published in Proceedings of the 3rd International Workshop on Arithmetic of Finite Fields, 2010, pp. 180-195.

  • "High-Speed Software Implementation of the Optimal Ate Pairing over Barreto-Naehrig Curves" by J. Beuchat et al., published in Proceedings from the 4th International Conference on Pairing-Based Cryptography, 2010, pp. 21-39.

  • "Implementing Cryptographic Pairings over Barreto-Naehrig Curves" by A. J. Devegili et al., published in Proceedings from the 1st International Conference on Pairing-Based Cryptography, 2007, pp. 197-207.

  • "Multiplication and Squaring on Pairing-Friendly Fields" by A. J. Devegili et al., published in 2006 and available at http://eprint.iacr.org/2006/471.

  • "Faster Squaring in the Cyclotomic Subgroup of Sixth Degree Extensions" by R. Granger and M. Scott, published in Proceedings from the 13th International Conferencee on Practice and Theory in Public Key Cryptography (PKC), 2010, pp. 209-223.

  • "Multiplication of Multidigit Numbers on Automata" by A. Karatsuba and Y. Ofman, in the journal Soviet Physics Doklady, vol. 7, Jan. 1963.

  • "New Software Speed Records for Cryptographic Pairings" by M. Naehrig, R. Niederhagen, and P. Schwabe, in Proceedings of the 1st International Conference on Progress in Cryptology and Information Security in Latin America (LATINCRYPT), 2010, pp. 109-123.

  • "On the Final Exponentiation for Calculating Pairings on Ordinary Elliptic Curves" by M. Scott et al., published in Proceedings of the 3rd International Converence on Pairing-Based Cryptography (PKC), 2009, pp. 78-88.

And by the book: Guide to Pairing-Based Cryptography by N.E. Mrabet and M. Joye, Chapman and Hall/CRC Cryptography and Network Security Series, 2016.

Intellectual Property

Recrypt-rust incorporates technology that is protected by the following patents (additional patents may be pending in the U.S. and elsewhere):

  • US 10,659,222 - Orthogonal Access Control for Groups via Multi-Hop Transform Encryption
  • US 11,146,391 - Orthogonal Access Control for Groups via Multi-Hop Transform Encryption
  • WO2018201062A1 - Orthogonal Access Control for Groups via Multi-Hop Transform Encryption
  • EP3616384A4 - Orthogonal Access Control for Groups via Multi-Hop Transform Encryption
  • KR20200027921 A - Orthogonal Access Control for Groups via Multi-Hop Transform Encryption

License

Recrypt-rust is licensed under the GNU Affero General Public License. We also offer commercial licenses - email for more information.

Copyright (c) 2018-present IronCore Labs, Inc. All rights reserved.

Comments
  • Allowing users to receive PublicKey and PrivateKey as JSON String

    Allowing users to receive PublicKey and PrivateKey as JSON String

    I noticed this request/issue < https://github.com/IronCoreLabs/recrypt-rs/issues/89 > , by @drbh , which mentioned being able to serialize and deserialize recrypt data structures (to store on disk etc.)

    I notice that @clintfred mentioned (in the aforementioned feature/issue) that "We would consider a PR for this, but it's not a priority at this point".

    Please consider the following PR and advise on what is required to successfully merge this new functionality.

    What does this PR provide?

    The aim of this PR is to provide users of recrypt-rs with a JSON/String representation of recrypt generated keys (PublicKey struct, PrivateKey struct etc.)

    How does it work?

    To enable a feature called serde (to their application), users of recrypt will simple update their Cargo.toml to include this new feature.

    recrypt = { version = "~0.11.0",  features = ["serde"],  default-features = false }
    

    Syntax for representing keys as JSON/String

    Once keys are generated, the following syntax can be used to generate JSON/String representation.

     serde_json::to_string(&priv_key).unwrap()
    

    Work performed so far

    I have updated both recrypt-rs and gridiron so that they both implement serde as an optional feature. Users/calling-code can choose to take advantage of the feature in the event that they want to be able to read and write the PrivateKey and PublicKey fields to disk (or return these values back to the calling code etc.)

    I have created a PR which demonstrates this serialization/deserialization. I hope this is helpful to the codebase and users. Here is a working implementation.

    main.rs

    use recrypt::prelude::*;
    
    fn main() {
        // create a new recrypt
        let mut recrypt = Recrypt::new();
    
        // generate a plaintext to encrypt
        let pt = recrypt.gen_plaintext();
    
        // generate a public/private keypair and some signing keys
        let (priv_key, pub_key) = recrypt.generate_key_pair().unwrap();
        println!("Private Key: {:?}", serde_json::to_string(&priv_key).unwrap());
        println!("Public Key: {:?}", serde_json::to_string(&pub_key).unwrap());
    }
    

    Cargo.toml

    [dependencies]
    serde = { version = "^1.0", features = ["derive"] }
    serde_json = "^1.0"
    recrypt = { git= "https://github.com/tpmccallum/recrypt-rs", branch = "optional_serde_feature", version = "~0.11.0", features = ["wasm", "serde"], default-features = false }
    

    Output

    Private Key: "{\"bytes\":[65,87,140,167,200,98,231,79,144,36,254,60,165,139,82,127,77,18,160,138,228,152,244,23,142,178,210,193,53,156,46,212],\"_internal_key\":{\"value\":{\"limbs\":[344237537,189664523,903829374,1976569010,712921401,287292289,1656743474,2113130108,110]}}}"
    Public Key: "{\"x\":[28,6,74,23,3,173,239,177,82,1,81,76,208,140,83,102,200,169,71,97,43,161,15,107,145,224,154,54,84,122,83,96],\"y\":[82,96,170,240,15,127,153,54,205,154,91,30,65,67,49,78,192,73,156,207,50,216,33,34,175,107,174,35,108,164,2,185],\"_internal_key\":{\"value\":{\"x\":{\"limbs\":[556943096,1982674010,1216135794,1701197264,1016537482,1179852127,1656387065,390134280,99]},\"y\":{\"limbs\":[341939558,159841115,1987058143,76820373,1677678398,2112994737,1738790866,1872574136,89]},\"z\":{\"limbs\":[1123696276,871041335,1082750262,1179880934,640986614,1564709300,1793041940,1343582089,36]}}}}"
    

    Please note

    The reason that I am using my github repo as the recrypt dependency in the above is example is that I also had to update gridiron so that pub struct Monty was serde compatible. There is a second PR for gridiron at https://github.com/IronCoreLabs/gridiron/pull/31 which will require merging so that recrypt and gridiron can interoperate.

    Moving forward

    If it is Ok with you all I would like to work through all of this code to ensure that it adds features and functionality to your users but poses no risk or issues whatsoever.

    My next step is to run the tests (as apposed to just focussing on the PrivateKey PublicKey structs) and add this same serialization/deserialization functionality to other parts of recrypt and IronCoreLabs software. I believe that this will add value in terms of using this software as a service via RPC, JS, JSON etc.

    Feedback

    Please provide any feedback and advice which will enable me to achieve the above goals. Happy to alter/update code as well as perform any testing required in order to complete this task.

    Kind regards Tim

    opened by tpmccallum 14
  • Pairing-free re-encryption exists at least for single-hop

    Pairing-free re-encryption exists at least for single-hop

    This paper specifies for single-hop but multi-hop may follow. The major contribution is reducing single-hop re-encryption to DLog without pairings.

    https://eprint.iacr.org/2018/1136

    A Provably-Secure Unidirectional Proxy Re-Encryption Scheme Without Pairing in the Random Oracle Model

    S. Sharmila Deva Selvi and Arinjita Paul and C. Pandu Rangan

    Abstract: Proxy re-encryption (PRE) enables delegation of decryption rights by entrusting a proxy server with special information, that allows it to transform a ciphertext under one public key into a ciphertext of the same message under a different public key. It is important to note that, the proxy which performs the re-encryption learns nothing about the message encrypted under either public keys. Due to its transformation property, proxy re-encryption schemes have practical applications in distributed storage, encrypted email forwarding, Digital Rights Management (DRM) and cloud storage. From its introduction, several proxy re-encryption schemes have been proposed in the literature, and a majority of them have been realized using bilinear pairing. In Africacrypt 2010, the first PKI-based collusion resistant CCA secure PRE scheme without pairing was proposed in the random oracle model. In this paper, we point out an important weakness in the scheme. We also present the first collusion-resistant pairing-free unidirectional proxy re-encryption scheme which meets CCA security under a variant of the computational Diffie-Hellman hardness assumption in the random oracle model.

    Category / Keywords: public-key cryptography / Proxy Re-Encryption, Random Oracle Model, Chosen Ciphertext Security, provably secure, unidirectional.

    opened by WildCryptoFox 9
  • Remove dependency on arrayvec

    Remove dependency on arrayvec

    Would need to bump MSRV to 1.48 because of this addition to Rust. We could possibly make do with an implementation available start in 1.43, but it doesn't seem as clean.

    Open to opinions on if the bump to 1.48 is acceptable, or if we should make an attempt at the 1.43 version instead.

    CI changes:

    • More resilient way of installing rustfmt, as it's not always available on nightly.
    • Switch to using rust_cache, which we've been moving towards already as we've been adding sccache. This is just an intermediate step towards that with less noise and some bugfixes built in
    opened by giarc3 4
  • Update arrayvec requirement from ~0.5 to ~0.7

    Update arrayvec requirement from ~0.5 to ~0.7

    Updates the requirements on arrayvec to permit the latest version.

    Changelog

    Sourced from arrayvec's changelog.

    0.7.0

    • fn new_const is now the way to const-construct arrayvec and arraystring, and fn new has been reverted to a regular "non-const" function. This works around performance issue #182, where the const fn version did not optimize well. Change by @​bluss with thanks to @​rodrimati1992 and @​niklasf for analyzing the problem.

    • The deprecated feature flag unstable-const-fn was removed, since it's not needed

    • Optimize .retain() by using the same algorithm as in std, change by @​niklasf, issue #174. Original optimization in Rust std by @​oxalica in rust-lang/rust/pull/81126

    0.6.1

    • The ArrayVec::new and ArrayString::new constructors are properly const fns on stable and the feature flag unstable-const-fn is now deprecated. by @​rodrimati1992

    • Small fix to the capacity check macro by @​Xaeroxe

    • Typo fix in documentation by @​cuviper

    • Small code cleanup by @​bluss

    0.6.0

    • The const generics release 🎉. Arrayvec finally implements what it wanted to implement, since its first version: a vector backed by an array, with generic parameters for the arbitrary element type and backing array capacity.

      The New type syntax is ArrayVec<T, CAP> where CAP is the arrayvec capacity. For arraystring the syntax is ArrayString<CAP>.

      Length is stored internally as u32; this limits the maximum capacity. The size of the ArrayVec or ArrayString structs for the same capacity may grow slightly compared with the previous version (depending on padding requirements for the element type). Change by @​bluss.

    • Arrayvec's .extend() and FromIterator/.collect() to arrayvec now panic if the capacity of the arrayvec is exceeded. Change by @​bluss.

    • Arraystring now implements TryFrom<&str> and TryFrom<fmt::Arguments> by @​c410-f3r

    • Minimum supported rust version is Rust 1.51

    0.5.2

    ... (truncated)

    Commits
    • 5685049 0.7.0
    • b0dfc87 Merge pull request #183 from bluss/revert-new
    • b7f3aa9 FIX: Add new_const() for const construction and revert new to old version
    • 6b9faa7 Merge pull request #174 from niklasf/optimize-retain
    • b82a6d4 FIX: Update .retain() optimization for const generics
    • c094906 Fix mutable reborrow
    • 345c6b4 Mirror optimization of std::Vec::retain (rust-lang/rust#81126)
    • 198a403 0.6.1
    • 57e1400 FIX: Minor code style change in the char module
    • 0aab340 MAINT: Remove unused file custom.css
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 4
  • Update proptest requirement from ~0.9 to ~0.10

    Update proptest requirement from ~0.9 to ~0.10

    Updates the requirements on proptest to permit the latest version.

    Commits
    • a829731 Version 0.10.1.
    • 30717df Merge branch '0.10.1-changes' into master
    • 6ff402d Improve panic message in bytes_used().
    • 6c6eb79 Expand docs on new Recorder API.
    • 7a83e63 Merge remote-tracking branch 'mimoo/counter' into 0.10.1-changes
    • a586ff5 New RngAlgorithm::Recorder to record bytes used to create value
    • 6521f0f Proptest-derive version 0.2.0.
    • e5ba1dd Fix thumbv7em-none-eabihf build on no_std.
    • 01a070c Merge branch '0.10.0-changes'
    • 2f500cf Run formatter.
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 4
  • Re: serde and backends

    Re: serde and backends

    Hi, The Cargo.toml specifies u64_backend for default features and u32_backend for the wasm feature.

    When adding a new feature such as features = ["serde"] would you prefer u32 or u64 i.e. 32

    serde = ["ed25519-dalek/u32_backend", "serde_crate"]
    

    64

    serde = ["ed25519-dalek/u64_backend", "serde_crate"]
    

    It is worth considering that a new feature like serde may be used a) in isolation or b) in conjunction with another feature like the wasm feature. This leads me to believe that a new feature like the serde feature should use u32_backend. Happy to be guided by you on this though.

    Kind regards Tim

    question 
    opened by tpmccallum 4
  • Add memory protections for secret values

    Add memory protections for secret values

    see #107

    These changes should prevent private keys from getting written to disk by the operating system. I went through and looked for any memory that we were zeroing out and added the protections there. All unit tests continue to work well.

    Do we run unit tests in a Windows environment? If so, I'll attempt to add Windows support to this.

    One ugly: in memlock.rs I have conditional compilation so this only happens on unix platforms, but there are empty no-op functions on non-unix. But I have to annotate each function with the conditional compilation. I initially used mod memlock { ... } and had two of those blocks each with an annotation. So then the file only had two of those, which was nice. But Clippy whined about inception. The use would be use crate::internal::memlock::memlock which is ugly. I couldn't find a way around this. Any ideas? I went for the thing I think is least ugly there.

    One other ugly: there's no way to call out to these functions without unsafe code. I don't believe it's dirty in this case; it just is what it is. We don't mutate the data values.

    opened by zmre 4
  • Update criterion requirement from ~0.2 to ~0.3

    Update criterion requirement from ~0.2 to ~0.3

    Updates the requirements on criterion to permit the latest version.

    Changelog

    Sourced from criterion's changelog.

    [0.3.3] - 2020-06-29

    Added

    • Added CRITERION_HOME environment variable to set the directory for Criterion to store its results and charts in.
    • Added support for cargo-criterion. The long-term goal here is to remove code from Criterion-rs itself to improve compile times, as well as to add features to cargo-criterion that are difficult to implement in Criterion-rs.
    • Add sampling mode option for benchmarks. This allows the user to change how Criterion.rs chooses the iteration counts in each sample. By default, nothing will change for most benchmarks, but very slow benchmarks will now run fewer iterations to fit in the desired number of samples. This affects the statistics and plots generated.

    Changed

    • The serialization format for some of the files has changed. This may cause your first benchmark run after updating to produce errors, but they're harmless and will go away after running the benchmarks once.

    Fixed

    • Fixed a bug where the current measurement was not shown on the relative regression plot.
    • Fixed rare panic in the plotters backend.
    • Panic with a clear error message (rather than panicking messily later on) when the user sets the group or function name to the empty string.
    • Escape single quotes in benchmark names when generating Gnuplot scripts.

    [0.3.2] - 2020-04-26

    Added

    • Added ?Sized bound to benchmark parameter types, which allows dynamically sized types like &str and &[T] to be used as benchmark parameters.
    • Added the --output-format <format> command-line option. If --output-format bencher is passed, Criterion.rs will print its measurements in a format similar to that used by the bencher crate or unstable libtest benchmarks, and using similar statistical measurements as well. Though this provides less information than the default format, it may be useful for supporting tools which parse this output format.
    • Added --nocapture argument. This argument does nothing, but prevents Criterion.rs from exiting when running tests or benchmarks and allowing stdout output from other tests.

    Fixed

    • Fixed panic when environment variables contains non-UTF8 characters.
    • Fixed panic when CRITERION_DEBUG or CRITERION_TARGET_DIR environment variables contain non-UTF8 characters.

    [0.3.1] - 2020-01-25

    Added

    • Added new plotting backend using the plotters crate. Implementation generously provided by Hao Hou, author of the plotters crate.
    • Added --plotting-backend command-line option to select the plotting backend. The existing gnuplot backend will be used by default when available, and the plotters backend will be used when gnuplot is not available or when requested.
    • Added Criterion::plotting_backend() function to configure the plotting backend in code.
    • Added --load-baseline command-line option to load a baseline for comparison
    Commits
    • 3fcbcd2 Bump version numbers.
    • ef785b5 Attempt to fix docs build.
    • 520ebdf Bump oldest-working Rust version to 1.36.
    • b9c4f08 Add missing image file.
    • 111829f Add test that checks file output for flat sampling benchmarks.
    • bb63e5d Fix broken test.
    • 134e7a4 Fix clippy warning.
    • 5d13949 Add example of changing the statistical settings to the user guide. Fixes #407.
    • 1b7488b Add example of changing the sampling mode to the user guide.
    • f53c727 Update changelog.
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 3
  • Add explicit 32-bit and 64-bit backends as features

    Add explicit 32-bit and 64-bit backends as features

    The need for this feature arose from testing performed in https://github.com/IronCoreLabs/recrypt-rs/issues/112

    This will allow 3rd-party applications the flexibility to choose different build combinations (32-bit, 64-bit or wasm)

    For example, 3rd-party applications will be able to use the newly proposed optional Serde feature (once implemented) via 32-bit, 64-bit or wasm i.e.

    Adding the optional Serde feature - 64-bit + serde

    [dependencies]
    recrypt = { version = "~0.11.0", features = ["serde"] } 
    

    Adding the optional Serde feature - 32-bit + serde

    [dependencies]
    recrypt = { version = "~0.11.0", features = ["serde", "u32"], default-features = false } 
    

    Adding the optional Serde feature - wasm +serde

    [dependencies]
    recrypt = { version = "~0.11.0", features = ["serde", "wasm"], default-features = false } 
    

    One of the main drivers for this additional explicit 32-bit mode is that 3rd-party Rust applications (which use recrypt) are not able to perform the following long-hand dependency declaration in their Cargo.toml

    recrypt = { version = "~0.11.0", features = ["ed25519-dalek/u32_backend"] } 
    

    The above causes the following error

    error: feature names may not contain slashes: `ed25519-dalek/u32_backend`
    
    opened by tpmccallum 3
  • error: failed to run custom build command for clear_on_drop v0.2.3

    error: failed to run custom build command for clear_on_drop v0.2.3

    Hi, I am receiving the following error when compiling my application. The error is as follows.

    Error

    error: failed to run custom build command for clear_on_drop v0.2.3
    

    Please see below for the verbose error.

    Rust source code

    // Recrypt
    use recrypt::prelude::*;
    
    // Serde
    use serde::{Deserialize, Serialize};
    use serde_json;
    
    // Bindgen
    use wasm_bindgen::prelude::*;
    
    #[no_mangle]
    #[wasm_bindgen]
    pub fn generate_key_pair() {
        let mut recrypt = Recrypt::new();
        let (priv_key, pub_key) = recrypt.generate_key_pair().unwrap();
    }
    

    Cargo.toml dependencies

    [dependencies]
    serde = { version = "^1.0", features = ["derive"] }
    serde_json = "^1.0"
    wasm-bindgen = "^0.2"
    recrypt = "0.11.0"
    

    Verbose error message

    error: failed to run custom build command for `clear_on_drop v0.2.3`
    
    Caused by:
      process didn't exit successfully: `/media/nvme/wasm-learning/example/target/release/build/clear_on_drop-11c6cc1c8c572c26/build-script-build` (exit code: 1)
    --- stdout
    TARGET = Some("wasm32-unknown-unknown")
    OPT_LEVEL = Some("3")
    HOST = Some("x86_64-unknown-linux-gnu")
    CC_wasm32-unknown-unknown = None
    CC_wasm32_unknown_unknown = None
    TARGET_CC = None
    CC = None
    CFLAGS_wasm32-unknown-unknown = None
    CFLAGS_wasm32_unknown_unknown = None
    TARGET_CFLAGS = None
    CFLAGS = None
    CRATE_CC_NO_DEFAULTS = None
    DEBUG = Some("false")
    running: "clang" "-O3" "-ffunction-sections" "-fdata-sections" "-fPIC" "--target=wasm32-unknown-unknown" "-Wall" "-Wextra" "-o" "/media/nvme/wasm-learning/example/target/wasm32-unknown-unknown/release/build/clear_on_drop-1cd78e41925c3a8c/out/src/hide.o" "-c" "src/hide.c"
    cargo:warning=error: unable to create target: 'No available targets are compatible with this triple.'
    cargo:warning=1 error generated.
    exit code: 1
    
    --- stderr
    
    
    error occurred: Command "clang" "-O3" "-ffunction-sections" "-fdata-sections" "-fPIC" "--target=wasm32-unknown-unknown" "-Wall" "-Wextra" "-o" "/media/nvme/wasm-learning/example/target/wasm32-unknown-unknown/release/build/clear_on_drop-1cd78e41925c3a8c/out/src/hide.o" "-c" "src/hide.c" with args "clang" did not execute successfully (status code exit code: 1).
    
    
    
    warning: build failed, waiting for other jobs to finish...
    error: build failed
    Error: Compiling your crate to WebAssembly failed
    Caused by: failed to execute `cargo build`: exited with exit code: 101
      full command: "cargo" "build" "--lib" "--release" "--target" "wasm32-unknown-unknown"
    
    opened by tpmccallum 3
  • Serializing the encrypted value?

    Serializing the encrypted value?

    I'm following the single hop example and would like to store the encrypted_val in some persisted datastore.

    How can I serialized and then deserialize this structure to store on disk and then decrypt later?

    Snippet in question

    let encrypted_val = recrypt
        .encrypt(&pt, &initial_pub_key, &signing_keypair)
        .unwrap();
    
    question 
    opened by drbh 3
  • What is the point of signing key pairs?

    What is the point of signing key pairs?

    Hi!

    I think I understand how to use the transform encryption feature of this lib, thanks to the documentation example. But I do not understand why we need a signing key pair when encrypting or generating a transform key. According to my tests, encryption/transformation/decryption seems to work even if I generate a new signing key pair every time one is needed.

    So I wonder:

    • Is it OK to do that? (Generate new key pairs and not keeping them)
    • Could you explain/document what is the point of these keys and how to use them?

    Have a nice day!

    opened by dsferruzza 0
  • Revisit if we want Debug implementations on secret data

    Revisit if we want Debug implementations on secret data

    We should decide if we want Debug implementations on secret data. Patrick was removing it as part of his memory protections PR, but I think it warrants a larger discussion.

    We've discussed that we could conditionally remove the Debug as part of a feature flag, which would allow people who don't want to be able to use Debug in their codebases while still allowing it for others. This feature could be on by default if we wanted to be safe by default (which is always a good goal).

    Even if we do remove it, logging the bytes is still possible with {:?}, prv_key.bytes().

    opened by coltfred 0
  • Need more regression tests with fixed inputs to verify expected outputs

    Need more regression tests with fixed inputs to verify expected outputs

    Should have more tests that run hard-coded values through the recrypt algorithms to verify that the expected outputs are produced. For example:

    • For a fixed RNG (all zeroes, all ones, or a known sequence of some kind), make sure we get the expected value from GeneratePlaintext
    • For a fixed RNG, make sure we get the expected output from GenerateKeyPair
    • For a fixed RNG and fixed input, make sure we get the expected TransformKey

    Similar checks for encrypt operations and transform operations.

    tech debt 
    opened by BobWall23 1
  • Expose `Ed25519Error` type externally or add mapping of it to `RecryptErr` type.

    Expose `Ed25519Error` type externally or add mapping of it to `RecryptErr` type.

    We recently changed the library to expose the RecryptErr type which was accidentally not being exposed out of the library. Now I noticed that we have the same problem with the Ed25519Error type. From what I can tell it's only ever used as part of the SigningKeypair methods, so maybe the better path forward here would be to get rid of it in favor of the RecryptErr type.

    opened by ernieturner 0
  • Recrypt 1.0

    Recrypt 1.0

    Prep and cleanup to be able to ship 1.0.0 of recrypt.

    • [ ] Settled public API
    • [ ] Cleanup of README/documentation
    • [ ] Consume from bindings to make all those 1.0.0 releases.
    Epic 
    opened by ernieturner 0
Owner
IronCore Labs
The toolset for cloud trust
IronCore Labs
UDP proxy with Proxy Protocol and mmproxy support

udppp UDP proxy with Proxy Protocol and mmproxy support. Features Async Support Proxy Protocol V2 SOCKET preserve client IP addresses in L7 proxies(mm

b23r0 10 Dec 18, 2022
Lightweight proxy that allows redirect HTTP(S) traffic through a proxy.

Proxyswarm Proxyswarm is a lightweight proxy that allows redirect HTTP(S) traffic through a proxy. WARNING: This app isn't recomended for download lar

Jorge Alejandro Jimenez Luna 4 Apr 16, 2022
Web3-proxy: a fast caching and load balancing proxy for web3 (Ethereum or similar) JsonRPC servers.

web3-proxy Web3-proxy is a fast caching and load balancing proxy for web3 (Ethereum or similar) JsonRPC servers. Signed transactions (eth_sendRawTrans

null 55 Jan 8, 2023
A TCP proxy using HTTP - Reach SSH behind a Nginx reverse proxy

?? TCP over HTTP ?? The Questions ?? What does it do? You can proxy TCP traffic over HTTP. A basic setup would be: [Your TCP target] <--TCP-- [Exit No

Julian 185 Dec 15, 2022
A fast, stable, efficient, and lightweight intranet penetration, port forwarding tool supports multiple connections, cascading proxy, and transmission encryption

A fast, stable, efficient, and lightweight intranet penetration, port forwarding tool supports multiple connections, cascading proxy, and transmission encryption

editso 1.3k Dec 30, 2022
A multi-connection TCP reverse proxy server and client.

tprox A multi-connection TCP reverse proxy. The tprox server is able to proxy multiple incoming connections to the tprox client over a single TCP conn

Mohammed Ajmal Siddiqui 4 Sep 21, 2022
Easy per application transparent proxy built on cgroup.

cproxy can redirect TCP and UDP traffic made by a program to a proxy, without requiring the program supporting a proxy. Compared to many existi

Xiangru Lian 263 Dec 20, 2022
server security proxy write by Rust

server-security-proxy server security proxy write by Rust how to use config toml file

baoyachi. Aka Rust Hairy crabs 3 May 24, 2021
A tcp over http2 + tls proxy

mtunnel A tcp over http2 + tls proxy. Usage 1. get certificates, by following steps. 2. make your config client config: { "local_addr": "127.0.0.1

cssivision 9 Sep 5, 2022
A versatile and efficient proxy framework with nice features suitable for various use cases.

A versatile and efficient proxy framework with nice features suitable for various use cases.

null 1.7k Jan 9, 2023
Hudsucker is a MITM HTTP/S proxy written in Rust.

hudsucker Hudsucker is a MITM HTTP/S proxy written in Rust. Features Modify HTTP/S requests Modify HTTP/S responses Modify websocket messages Usage Fo

null 86 Dec 25, 2022
Simple and fast layer 4 proxy in Rust

Fourth 这一波在第四层。 English Fourth是一个Rust实现的Layer 4代理,用于监听指定端口TCP流量,并根据规则转发到指定目标。 功能 监听指定端口代理到本地或远端指定端口 监听指定端口,通过TLS ClientHello消息中的SNI进行分流 安装方法 为了确保获得您架构

Rui Li 17 Nov 8, 2022
Drop-in proxy for Discord gateway connections and sessions allowing for zero downtime deploys

gateway-proxy This is a very hacky project, so it might stop working if Discord changes their API core. This is unlikely, but keep that in mind while

Jens Reidel 39 Nov 26, 2022
Minecraft proxy

mc-proxy This is a fully functional proxy for online and offline-mode Minecraft servers. It is based on an optimized, custom-made packet parser for Mi

null 21 Oct 7, 2022
A remote shell, TCP tunnel and HTTP proxy for Replit.

Autobahn A remote shell, TCP tunnel and HTTP proxy for Replit. Hybrid SSH/HTTP server for Replit. Based on leon332157/replish. Autobahn runs a WebSock

Patrick Winters 12 Sep 24, 2022
Hybrid Traffic Mesh Proxy

Hybrid Traffic Mesh Proxy L7 proxy on kubernetes dependencies: routeagent: refresh proxy routes fetched with k8s sdk register routes curl -v --unix-s

Goku 1 Feb 11, 2022
Shotover: L7 data-layer proxy

Shotover: L7 data-layer proxy

null 64 Dec 16, 2022
A high performence Socks5 proxy server with bind/reverse support implementation by Rust.

rsocx A high performence Socks5 proxy server with bind/reverse support implementation by Rust Features Async-std No unsafe code Single executable Linu

b23r0 259 Jan 6, 2023
Image proxy and embed generator.

January Description Image proxy and metadata scraper. Features: Can scrape metadata from websites, e.g. OpenGraph Can scrape embeds from websites, e.g

Revolt 26 Dec 26, 2022