From 7c6a5ab4c5e7a81c7442061029b9230748a6639d Mon Sep 17 00:00:00 2001 From: DanConwayDev Date: Thu, 18 Apr 2024 07:39:27 +0100 Subject: refactor: bump rust-nostr to v0.30 use ncryptsec bump nostr and nostr-sdk packages and also in test_utils remove custom ncryptsec implementation and use the newly added implementation nip49 version in rust-nostr note a patched v0.30 is used so that log_n is exposed so that user can be warned it might take a few seconds to decrypt. this has now been merged into the library. note that this will no longer decrypt existing ncryptsec values as it is uses a longer string. this should therefore be bundled with the upcoming change to storing nsec and ncryptsec in git config. --- Cargo.lock | 348 ++++++++++++++++++----------------------- Cargo.toml | 4 +- src/key_handling/encryption.rs | 155 ++---------------- test_utils/Cargo.toml | 4 +- test_utils/src/lib.rs | 10 +- tests/login.rs | 2 +- 6 files changed, 172 insertions(+), 351 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 6b09b9e..51ef7a7 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -330,20 +330,20 @@ dependencies = [ [[package]] name = "async-wsocket" -version = "0.3.0" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d253e375ea899cb131b92a474587e217634e7ea927c24d8098eecbcad0c5c97a" +checksum = "5c38341e6ee670913fb9dc3aba40c22d616261da4dc0928326d3168ebf576fb0" dependencies = [ "async-utility", "futures-util", "thiserror", "tokio", - "tokio-rustls 0.25.0", + "tokio-rustls", "tokio-socks", "tokio-tungstenite 0.21.0", "url", "wasm-ws", - "webpki-roots 0.26.1", + "webpki-roots", ] [[package]] @@ -399,6 +399,12 @@ version = "0.21.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" +[[package]] +name = "base64" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9475866fec1451be56a3c2400fd081ff546538961565ccb5b7142cbd22bc7a51" + [[package]] name = "base64ct" version = "1.6.0" @@ -407,9 +413,9 @@ checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" [[package]] name = "bech32" -version = "0.9.1" +version = "0.10.0-beta" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d86b93f97252c47b41663388e6d155714a9d0c398b99f1005cbc5f978b29f445" +checksum = "98f7eed2b2781a6f0b5c903471d48e15f56fb4e1165df8a9a2337fd1a59d45ea" [[package]] name = "bip39" @@ -424,23 +430,27 @@ dependencies = [ [[package]] name = "bitcoin" -version = "0.30.2" +version = "0.31.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1945a5048598e4189e239d3f809b19bdad4845c4b2ba400d304d2dcf26d2c462" +checksum = "6c85783c2fe40083ea54a33aa2f0ba58831d90fcd190f5bdc47e74e84d2a96ae" dependencies = [ "bech32", - "bitcoin-private", - "bitcoin_hashes 0.12.0", + "bitcoin-internals", + "bitcoin_hashes 0.13.0", + "hex-conservative", "hex_lit", "secp256k1", "serde", ] [[package]] -name = "bitcoin-private" -version = "0.1.0" +name = "bitcoin-internals" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "73290177011694f38ec25e165d0387ab7ea749a4b81cd4c80dae5988229f7a57" +checksum = "9425c3bf7089c983facbae04de54513cce73b41c7f9ff8c845b54e7bc64ebbfb" +dependencies = [ + "serde", +] [[package]] name = "bitcoin_hashes" @@ -450,11 +460,12 @@ checksum = "90064b8dee6815a6470d60bad07bbbaee885c0e12d04177138fa3291a01b7bc4" [[package]] name = "bitcoin_hashes" -version = "0.12.0" +version = "0.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d7066118b13d4b20b23645932dfb3a81ce7e29f95726c2036fa33cd7b092501" +checksum = "1930a4dabfebb8d7d9992db18ebe3ae2876f0a305fab206fd168df931ede293b" dependencies = [ - "bitcoin-private", + "bitcoin-internals", + "hex-conservative", "serde", ] @@ -848,15 +859,6 @@ version = "0.3.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a357d28ed41a50f9c765dbfe56cbc04a64e53e5fc58ba79fbc34c10ef3df831f" -[[package]] -name = "encoding_rs" -version = "0.8.34" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b45de904aa0b010bce2ab45264d0631681847fa7b6f2eaa7dab7619943bc4f59" -dependencies = [ - "cfg-if", -] - [[package]] name = "enumflags2" version = "0.7.9" @@ -1184,25 +1186,6 @@ dependencies = [ "wasm-bindgen", ] -[[package]] -name = "h2" -version = "0.3.26" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81fe527a889e1532da5c525686d96d4c2e74cdd345badf8dfef9f6b39dd5f5e8" -dependencies = [ - "bytes", - "fnv", - "futures-core", - "futures-sink", - "futures-util", - "http 0.2.12", - "indexmap", - "slab", - "tokio", - "tokio-util", - "tracing", -] - [[package]] name = "hashbrown" version = "0.14.3" @@ -1237,6 +1220,12 @@ version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" +[[package]] +name = "hex-conservative" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "30ed443af458ccb6d81c1e7e661545f94d3176752fb1df2f543b902a1e0f51e2" + [[package]] name = "hex_lit" version = "0.1.1" @@ -1285,12 +1274,24 @@ dependencies = [ [[package]] name = "http-body" -version = "0.4.6" +version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ceab25649e9960c0311ea418d17bee82c0dcec1bd053b5f9a66e265a693bed2" +checksum = "1cac85db508abc24a2e48553ba12a996e87244a0395ce011e62b37158745d643" dependencies = [ "bytes", - "http 0.2.12", + "http 1.1.0", +] + +[[package]] +name = "http-body-util" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0475f8b2ac86659c21b64320d5d653f9efe42acd2a4e560073ec61a155a34f1d" +dependencies = [ + "bytes", + "futures-core", + "http 1.1.0", + "http-body", "pin-project-lite", ] @@ -1300,48 +1301,60 @@ version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d897f394bad6a705d5f4104762e116a75639e470d80901eed05a860a95cb1904" -[[package]] -name = "httpdate" -version = "1.0.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" - [[package]] name = "hyper" -version = "0.14.28" +version = "1.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf96e135eb83a2a8ddf766e426a841d8ddd7449d5f00d34ea02b41d2f19eef80" +checksum = "9f24ce812868d86d19daa79bf3bf9175bc44ea323391147a5e3abde2a283871b" dependencies = [ "bytes", "futures-channel", - "futures-core", "futures-util", - "h2", - "http 0.2.12", + "http 1.1.0", "http-body", "httparse", - "httpdate", "itoa", "pin-project-lite", - "socket2 0.5.6", + "smallvec", "tokio", - "tower-service", - "tracing", "want", ] [[package]] name = "hyper-rustls" -version = "0.24.2" +version = "0.26.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec3efd23720e2049821a693cbc7e65ea87c72f1c58ff2f9522ff332b1491e590" +checksum = "a0bea761b46ae2b24eb4aef630d8d1c398157b6fc29e6350ecf090a0b70c952c" dependencies = [ "futures-util", - "http 0.2.12", + "http 1.1.0", "hyper", - "rustls 0.21.10", + "hyper-util", + "rustls", + "rustls-pki-types", "tokio", - "tokio-rustls 0.24.1", + "tokio-rustls", + "tower-service", +] + +[[package]] +name = "hyper-util" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca38ef113da30126bbff9cd1705f9273e15d45498615d138b0c20279ac7a76aa" +dependencies = [ + "bytes", + "futures-channel", + "futures-util", + "http 1.1.0", + "http-body", + "hyper", + "pin-project-lite", + "socket2 0.5.6", + "tokio", + "tower", + "tower-service", + "tracing", ] [[package]] @@ -1549,9 +1562,9 @@ checksum = "01cda141df6706de531b6c46c3a33ecca755538219bd484262fa09410c13539c" [[package]] name = "lnurl-pay" -version = "0.3.0" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b628658116d331c9567f6cb22415d726125ff6e328d1fb1b422b1b58afeaec21" +checksum = "02c042191c2e3f27147decfad8182eea2c7dd1c6c1733562e25d3d401369669d" dependencies = [ "bech32", "reqwest", @@ -1763,12 +1776,11 @@ checksum = "61807f77802ff30975e01f4f071c8ba10c022052f98b3294119f3e615d13e5be" [[package]] name = "nostr" -version = "0.29.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25e4e34578e8cc2b4050c6224a0c422b23ba1e61f2602b4e320c221ac3cbbc2e" +version = "0.30.0" +source = "git+https://github.com/DanConwayDev/nostr?branch=expose-nip49-log-n#6ef397b6c4cd5edd6e6c31ff33d8a978b5b04f8c" dependencies = [ "aes 0.8.4", - "base64", + "base64 0.21.7", "bip39", "bitcoin", "cbc", @@ -1793,9 +1805,8 @@ dependencies = [ [[package]] name = "nostr-database" -version = "0.29.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8e15ab55f96ea5e560af0c75f1d942b1064266d443d11b2afbe51ca9ad78a018" +version = "0.30.0" +source = "git+https://github.com/DanConwayDev/nostr?branch=expose-nip49-log-n#6ef397b6c4cd5edd6e6c31ff33d8a978b5b04f8c" dependencies = [ "async-trait", "lru", @@ -1807,9 +1818,8 @@ dependencies = [ [[package]] name = "nostr-relay-pool" -version = "0.29.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e8efc437bcf8c433887a9897dfb6f99914170f656a2a66398e737b3050c2aa34" +version = "0.30.0" +source = "git+https://github.com/DanConwayDev/nostr?branch=expose-nip49-log-n#6ef397b6c4cd5edd6e6c31ff33d8a978b5b04f8c" dependencies = [ "async-utility", "async-wsocket", @@ -1823,9 +1833,8 @@ dependencies = [ [[package]] name = "nostr-sdk" -version = "0.29.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81ed0ab9cbc3b20d3dba99337f2e0739f052ebe32133d690e212022a06a22044" +version = "0.30.0" +source = "git+https://github.com/DanConwayDev/nostr?branch=expose-nip49-log-n#6ef397b6c4cd5edd6e6c31ff33d8a978b5b04f8c" dependencies = [ "async-utility", "lnurl-pay", @@ -1842,22 +1851,21 @@ dependencies = [ [[package]] name = "nostr-signer" -version = "0.29.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "307bdc7c26887d7e65632e66872989a19892dfe9f2c6dbd9a1d3f959c5c524d5" +version = "0.30.0" +source = "git+https://github.com/DanConwayDev/nostr?branch=expose-nip49-log-n#6ef397b6c4cd5edd6e6c31ff33d8a978b5b04f8c" dependencies = [ "async-utility", "nostr", "nostr-relay-pool", "thiserror", "tokio", + "tracing", ] [[package]] name = "nostr-zapper" -version = "0.29.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "061d5eb00b430747a984ea9e41cd82c849832151b4263d8230c9c220dc2c62f8" +version = "0.30.0" +source = "git+https://github.com/DanConwayDev/nostr?branch=expose-nip49-log-n#6ef397b6c4cd5edd6e6c31ff33d8a978b5b04f8c" dependencies = [ "async-trait", "nostr", @@ -1957,9 +1965,8 @@ checksum = "830b246a0e5f20af87141b25c173cd1b609bd7779a4617d6ec582abaf90870f3" [[package]] name = "nwc" -version = "0.29.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d1894ffe54a1e5adf8dbb22b5a290c0748ec4a88aa07fa69c4359010edea49ed" +version = "0.30.0" +source = "git+https://github.com/DanConwayDev/nostr?branch=expose-nip49-log-n#6ef397b6c4cd5edd6e6c31ff33d8a978b5b04f8c" dependencies = [ "async-utility", "nostr", @@ -2413,20 +2420,20 @@ checksum = "adad44e29e4c806119491a7f06f03de4d1af22c3a680dd47f1e6e179439d1f56" [[package]] name = "reqwest" -version = "0.11.27" +version = "0.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd67538700a17451e7cba03ac727fb961abb7607553461627b97de0b89cf4a62" +checksum = "3e6cc1e89e689536eb5aeede61520e874df5a4707df811cd5da4aa5fbb2aae19" dependencies = [ - "base64", + "base64 0.22.0", "bytes", - "encoding_rs", "futures-core", "futures-util", - "h2", - "http 0.2.12", + "http 1.1.0", "http-body", + "http-body-util", "hyper", "hyper-rustls", + "hyper-util", "ipnet", "js-sys", "log", @@ -2434,22 +2441,22 @@ dependencies = [ "once_cell", "percent-encoding", "pin-project-lite", - "rustls 0.21.10", + "rustls", "rustls-pemfile", + "rustls-pki-types", "serde", "serde_json", "serde_urlencoded", "sync_wrapper", - "system-configuration", "tokio", - "tokio-rustls 0.24.1", + "tokio-rustls", "tokio-socks", "tower-service", "url", "wasm-bindgen", "wasm-bindgen-futures", "web-sys", - "webpki-roots 0.25.4", + "webpki-roots", "winreg", ] @@ -2535,18 +2542,6 @@ dependencies = [ "windows-sys 0.52.0", ] -[[package]] -name = "rustls" -version = "0.21.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f9d5a6813c0759e4609cd494e8e725babae6a2ca7b62a5536a13daaec6fcb7ba" -dependencies = [ - "log", - "ring", - "rustls-webpki 0.101.7", - "sct", -] - [[package]] name = "rustls" version = "0.22.3" @@ -2556,18 +2551,19 @@ dependencies = [ "log", "ring", "rustls-pki-types", - "rustls-webpki 0.102.2", + "rustls-webpki", "subtle", "zeroize", ] [[package]] name = "rustls-pemfile" -version = "1.0.4" +version = "2.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c" +checksum = "29993a25686778eb88d4189742cd713c9bce943bc54251a33509dc63cbacf73d" dependencies = [ - "base64", + "base64 0.22.0", + "rustls-pki-types", ] [[package]] @@ -2576,16 +2572,6 @@ version = "1.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ecd36cc4259e3e4514335c4a138c6b43171a8d61d8f5c9348f9fc7529416f247" -[[package]] -name = "rustls-webpki" -version = "0.101.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b6275d1ee7a1cd780b64aca7726599a1dbc893b1e64144529e55c3c2f745765" -dependencies = [ - "ring", - "untrusted", -] - [[package]] name = "rustls-webpki" version = "0.102.2" @@ -2630,23 +2616,13 @@ dependencies = [ "sha2", ] -[[package]] -name = "sct" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da046153aa2352493d6cb7da4b6e5c0c057d8a1d0a9aa8560baffdd945acd414" -dependencies = [ - "ring", - "untrusted", -] - [[package]] name = "secp256k1" -version = "0.27.0" +version = "0.28.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25996b82292a7a57ed3508f052cfff8640d38d32018784acd714758b43da9c8f" +checksum = "d24b59d129cdadea20aea4fb2352fa053712e5d713eee47d700cd4b2bc002f10" dependencies = [ - "bitcoin_hashes 0.12.0", + "bitcoin_hashes 0.13.0", "rand", "secp256k1-sys", "serde", @@ -2654,9 +2630,9 @@ dependencies = [ [[package]] name = "secp256k1-sys" -version = "0.8.1" +version = "0.9.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "70a129b9e9efbfb223753b9163c4ab3b13cff7fd9c7f010fbac25ab4099fa07e" +checksum = "e5d1746aae42c19d583c3c1a8c646bfad910498e2051c551a7f2e3c0c9fbb7eb" dependencies = [ "cc", ] @@ -2955,27 +2931,6 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160" -[[package]] -name = "system-configuration" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7" -dependencies = [ - "bitflags 1.3.2", - "core-foundation", - "system-configuration-sys", -] - -[[package]] -name = "system-configuration-sys" -version = "0.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a75fb188eb626b924683e3b95e3a48e63551fcfb51949de2f06a9d91dbee93c9" -dependencies = [ - "core-foundation-sys", - "libc", -] - [[package]] name = "tempfile" version = "3.10.1" @@ -3078,23 +3033,13 @@ dependencies = [ "syn 2.0.59", ] -[[package]] -name = "tokio-rustls" -version = "0.24.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c28327cf380ac148141087fbfb9de9d7bd4e84ab5d2c28fbc911d753de8a7081" -dependencies = [ - "rustls 0.21.10", - "tokio", -] - [[package]] name = "tokio-rustls" version = "0.25.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "775e0c0f0adb3a2f22a00c4745d728b479985fc15ee7ca6a2608388c5569860f" dependencies = [ - "rustls 0.22.3", + "rustls", "rustls-pki-types", "tokio", ] @@ -3131,26 +3076,12 @@ checksum = "c83b561d025642014097b66e6c1bb422783339e0909e4429cde4749d1990bc38" dependencies = [ "futures-util", "log", - "rustls 0.22.3", + "rustls", "rustls-pki-types", "tokio", - "tokio-rustls 0.25.0", + "tokio-rustls", "tungstenite 0.21.0", - "webpki-roots 0.26.1", -] - -[[package]] -name = "tokio-util" -version = "0.7.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5419f34732d9eb6ee4c3578b7989078579b7f039cbbb9ca2c4da015749371e15" -dependencies = [ - "bytes", - "futures-core", - "futures-sink", - "pin-project-lite", - "tokio", - "tracing", + "webpki-roots", ] [[package]] @@ -3170,6 +3101,28 @@ dependencies = [ "winnow", ] +[[package]] +name = "tower" +version = "0.4.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8fa9be0de6cf49e536ce1851f987bd21a43b771b09473c3549a6c853db37c1c" +dependencies = [ + "futures-core", + "futures-util", + "pin-project", + "pin-project-lite", + "tokio", + "tower-layer", + "tower-service", + "tracing", +] + +[[package]] +name = "tower-layer" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c20c8dbed6283a09604c3e69b4b7eeb54e298b8a600d4d5ecb5ad39de609f1d0" + [[package]] name = "tower-service" version = "0.3.2" @@ -3182,6 +3135,7 @@ version = "0.1.40" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c3523ab5a71916ccf420eebdf5521fcef02141234bbc0b8a49f2fdc4544364ef" dependencies = [ + "log", "pin-project-lite", "tracing-attributes", "tracing-core", @@ -3245,7 +3199,7 @@ dependencies = [ "httparse", "log", "rand", - "rustls 0.22.3", + "rustls", "rustls-pki-types", "sha1", "thiserror", @@ -3498,12 +3452,6 @@ dependencies = [ "wasm-bindgen", ] -[[package]] -name = "webpki-roots" -version = "0.25.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5f20c57d8d7db6d3b86154206ae5d8fba62dd39573114de97c2cb0578251f8e1" - [[package]] name = "webpki-roots" version = "0.26.1" @@ -3685,9 +3633,9 @@ dependencies = [ [[package]] name = "winreg" -version = "0.50.0" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "524e57b2c537c0f9b1e69f1965311ec12182b4122e45035b1508cd24d2adadb1" +checksum = "a277a57398d4bfa075df44f501a17cfdf8542d224f0d36095a2adc7aee4ef0a5" dependencies = [ "cfg-if", "windows-sys 0.48.0", diff --git a/Cargo.toml b/Cargo.toml index ae3b657..1316357 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -23,8 +23,8 @@ futures = "0.3.28" git2 = "0.18.1" indicatif = "0.17.7" keyring = "2.0.5" -nostr = "0.29" -nostr-sdk = "0.29" +nostr = { git = "https://github.com/DanConwayDev/nostr", branch="expose-nip49-log-n" } +nostr-sdk = { git = "https://github.com/DanConwayDev/nostr", branch="expose-nip49-log-n" } passwords = "3.1.13" scrypt = "0.11.0" serde = { version = "1.0.181", features = ["derive"] } diff --git a/src/key_handling/encryption.rs b/src/key_handling/encryption.rs index 54002fa..3f4ee41 100644 --- a/src/key_handling/encryption.rs +++ b/src/key_handling/encryption.rs @@ -1,16 +1,7 @@ -use std::str::FromStr; - -use anyhow::{anyhow, bail, ensure, Context, Result}; -use chacha20poly1305::{ - aead::{rand_core::RngCore, Aead, AeadCore, KeyInit, OsRng, Payload}, - XChaCha20Poly1305, -}; +use anyhow::Result; #[cfg(test)] use mockall::*; use nostr::{prelude::*, Keys}; -use nostr_sdk::bech32::{self, FromBase32, ToBase32}; -use rand::{distributions::Alphanumeric, thread_rng, Rng}; -use zeroize::Zeroize; #[derive(Default)] pub struct Encryptor; @@ -20,143 +11,38 @@ pub trait EncryptDecrypt { /// requires less CPU time if the password is long fn encrypt_key(&self, keys: &Keys, password: &str) -> Result; fn decrypt_key(&self, encrypted_key: &str, password: &str) -> Result; - /// generates a long random string - fn random_token(&self) -> String; } /// approach and code adapted from nostr gossip client impl EncryptDecrypt for Encryptor { fn encrypt_key(&self, keys: &Keys, password: &str) -> Result { - // Generate a random 16-byte salt - let salt = { - let mut salt: [u8; 16] = [0; 16]; - OsRng.fill_bytes(&mut salt); - salt - }; - - let nonce = XChaCha20Poly1305::generate_nonce(&mut OsRng); - let log2_rounds: u8 = if password.len() > 20 { // we have enough of entropy - no need to spend CPU time adding much more 1 } else { + println!("this may take a few seconds..."); // default (scrypt::Params::RECOMMENDED_LOG_N) is 17 but 30s is too long to wait 15 }; - - let associated_data: Vec = vec![1]; - - let ciphertext = { - let cipher = { - let symmetric_key = password_to_key(password, &salt, log2_rounds) - .context("failed create encryption key from password")?; - XChaCha20Poly1305::new((&symmetric_key).into()) - }; - cipher - .encrypt( - &nonce, - Payload { - msg: keys - .secret_key() - .context( - "supplied key should reveal secret key. Is this a public key only?", - )? - .display_secret() - .to_string() - .as_bytes(), - aad: &associated_data, - }, - ) - .map_err(|_| anyhow!("ChaChaPoly1305 failed to encrypt nsec with password"))? - }; - // Combine salt, IV and ciphertext - let mut concatenation: Vec = Vec::new(); - concatenation.push(0x1); // 1 byte version number - concatenation.push(log2_rounds); // 1 byte for scrypt N (rounds) - concatenation.extend(salt); // 16 bytes of salt - concatenation.extend(nonce); // 24 bytes of nonce - concatenation.extend(associated_data); // 1 byte of key security - concatenation.extend(ciphertext); // 48 bytes of ciphertext expected - // Total length is 91 = 1 + 1 + 16 + 24 + 1 + 48 - - bech32::encode( - "ncryptsec", - concatenation.to_base32(), - bech32::Variant::Bech32, - ) - .context("encrypted nsec failed to encode") + Ok(nostr::nips::nip49::EncryptedSecretKey::new( + keys.secret_key()?, + password, + log2_rounds, + KeySecurity::Medium, + )? + .to_bech32()?) } fn decrypt_key(&self, encrypted_key: &str, password: &str) -> Result { - let data = - bech32::decode(encrypted_key).context("failed to decode encrypted key as bech32")?; - if data.0 != "ncryptsec" { - bail!("encrypted key is in the wrong format - it doesnt start with ncryptsec"); - } - let concatenation = Vec::::from_base32(&data.1) - .context("failed to convert bech32::decode output to Vec")?; - - // Break into parts - let version: u8 = concatenation[0]; - ensure!(version == 0x1, "encryption version is incorrect"); - let log2_rounds: u8 = concatenation[1]; - let salt: [u8; 16] = concatenation[2..2 + 16].try_into()?; - let nonce = &concatenation[2 + 16..2 + 16 + 24]; - let associated_data = &concatenation[(2 + 16 + 24)..=(2 + 16 + 24)]; - let ciphertext = &concatenation[2 + 16 + 24 + 1..]; - - let cipher = { - let symmetric_key = password_to_key(password, &salt, log2_rounds)?; - XChaCha20Poly1305::new((&symmetric_key).into()) - }; - - let payload = Payload { - msg: ciphertext, - aad: associated_data, - }; - - let mut inner_secret = cipher - .decrypt(nonce.into(), payload) - .map_err(|_| anyhow!("failed to decrypt"))?; - - if associated_data.is_empty() { - bail!("invalid encrypted key"); + let encrypted_key = nostr::nips::nip49::EncryptedSecretKey::from_bech32(encrypted_key)?; + // to request that log_n gets exposed + if encrypted_key.log_n() > 14 { + println!("this may take a few seconds..."); } - - let key = - Keys::from_str(std::str::from_utf8(&inner_secret).context("inner secret is not [u8]")?) - .context( - "incorrect password. Key decrypted with password did not produce a valid nsec.", - )?; - - inner_secret.zeroize(); - - Ok(key) - } - - fn random_token(&self) -> String { - thread_rng() - .sample_iter(&Alphanumeric) - .take(32) - .map(char::from) - .collect() + Ok(nostr::Keys::new(encrypted_key.to_secret_key(password)?)) } } -/// uses scrypt to stretch password into key -fn password_to_key(password: &str, salt: &[u8; 16], log_n: u8) -> Result<[u8; 32]> { - let params = scrypt::Params::new(log_n, 8, 1, 32) - .context("scrypt failed to generate params to stretch password")?; - let mut key: [u8; 32] = [0; 32]; - if log_n > 14 { - println!("this may take a few seconds..."); - } - - scrypt::scrypt(password.as_bytes(), salt, ¶ms, &mut key) - .context("scrypt failed to stretch password")?; - Ok(key) -} - #[cfg(test)] mod tests { use test_utils::*; @@ -235,17 +121,4 @@ mod tests { ); Ok(()) } - - #[test] - fn password_to_key_returns_ok_with_standard_password() { - let salt = { - let mut salt: [u8; 16] = [0; 16]; - OsRng.fill_bytes(&mut salt); - salt - }; - - let log2_rounds: u8 = 1; - - assert!(password_to_key(TEST_PASSWORD, &salt, log2_rounds).is_ok()); - } } diff --git a/test_utils/Cargo.toml b/test_utils/Cargo.toml index c4e1b1a..0784b1a 100644 --- a/test_utils/Cargo.toml +++ b/test_utils/Cargo.toml @@ -9,8 +9,8 @@ assert_cmd = "2.0.12" dialoguer = "0.10.4" directories = "5.0.1" git2 = "0.18.1" -nostr = "0.29" -nostr-sdk = "0.29" +nostr = { git = "https://github.com/DanConwayDev/nostr", branch="expose-nip49-log-n" } +nostr-sdk = { git = "https://github.com/DanConwayDev/nostr", branch="expose-nip49-log-n" } once_cell = "1.18.0" rand = "0.8" rexpect = { git = "https://github.com/rust-cli/rexpect.git", rev = "9eb61dd" } diff --git a/test_utils/src/lib.rs b/test_utils/src/lib.rs index a693607..daed8fa 100644 --- a/test_utils/src/lib.rs +++ b/test_utils/src/lib.rs @@ -24,8 +24,8 @@ pub static TEST_KEY_1_NPUB: &str = pub static TEST_KEY_1_PUBKEY_HEX: &str = "f53e4bcd7a9cdef049cf6467d638a1321958acd3b71eb09823fd6fadb023d768"; pub static TEST_KEY_1_DISPLAY_NAME: &str = "bob"; -pub static TEST_KEY_1_ENCRYPTED: &str = "ncryptsec1qyq607h3cykxc3f2a44u89cdk336fptccn3fm5pf3nmf93d3c86qpunc7r6klwcn6lyszjy72wxwqq9aljg4pm6atvjrds9e248yhv76xfnt464265kgnjsvg8rlg06wg4sp9uljzfpu8zuaztcvfn2j8ggdrg8mldh850cy75efsyqqansert9wqmn4e6khpgvfz7h5le9"; -pub static TEST_KEY_1_ENCRYPTED_WEAK: &str = "ncryptsec1qy8ke0tjqnn8wt3w6lnc86c27ry3qrptxctjfcgruryxy0at238kwyjwsswd7z88thysruzw3awlrsxjvw5uptcd7vt70ft9rtkx00m8cgy3khm4hxa5d2gfnc6athnfruy2eyl6pkas8k34jg85z7xjqqadzfzh9rp0fzxqtw0tvxksac3n8yc98uksvuf93e0lcvqy8j6"; +pub static TEST_KEY_1_ENCRYPTED: &str = "ncryptsec1qgq77e3uftz8dh3jkjxwdms3v6gwqaqduxyzld82kskas8jcs5xup3sf2pc5tr0erqkqrtu0ptnjgjlgvx8lt7c0d7laryq2u7psfa6zm7mk7ln3ln58468shwatm7cx5wy5wvm7yk74ksrngygwxg74"; +pub static TEST_KEY_1_ENCRYPTED_WEAK: &str = "ncryptsec1qg835almhlrmyxqtqeva44d5ugm9wk2ccmwspxrqv4wjsdpdlud9es5hsrvs0pas7dvsretm0mc26qwfc7v8986mqngnjshcplnqzj62lxf44a0kkdv788f6dh20x2eum96l2j8v37s5grrheu2hgrkf"; pub static TEST_KEY_1_KEYS: Lazy = Lazy::new(|| nostr::Keys::from_str(TEST_KEY_1_NSEC).unwrap()); @@ -121,13 +121,13 @@ pub fn make_event_old_or_change_user( unsigned.created_at = nostr::types::Timestamp::from(nostr::types::Timestamp::now().as_u64() - how_old_in_secs); - unsigned.id = nostr::EventId::new( + unsigned.id = Some(nostr::EventId::new( &keys.public_key(), - unsigned.created_at, + &unsigned.created_at, &unsigned.kind, &unsigned.tags, &unsigned.content, - ); + )); unsigned.sign(keys).unwrap() } diff --git a/tests/login.rs b/tests/login.rs index 351d099..371a7e7 100644 --- a/tests/login.rs +++ b/tests/login.rs @@ -956,7 +956,7 @@ mod with_offline_flag { p.expect(format!("login as {}\r\n", TEST_KEY_1_NPUB).as_str())? .expect_password(EXPECTED_PASSWORD_PROMPT)? .succeeds_with(TEST_INVALID_PASSWORD)?; - p.expect_end_with(format!("Error: failed to log in as {}\r\n\r\nCaused by:\r\n 0: failed to decrypt key with provided password\r\n 1: failed to decrypt\r\n", TEST_KEY_1_NPUB).as_str()) + p.expect_end_with(format!("Error: failed to log in as {}\r\n\r\nCaused by:\r\n 0: failed to decrypt key with provided password\r\n 1: ChaCha20Poly1305: aead::Error\r\n", TEST_KEY_1_NPUB).as_str()) }) } } -- cgit v1.2.3