From f0328b27cd4a8e1cb4d59efa759af73a46b50668 Mon Sep 17 00:00:00 2001
From: Emery Hemingway <ehmry@posteo.net>
Date: Wed, 3 May 2023 18:10:33 +0100
Subject: [PATCH] Switch HMAC to BLAKE2s-256

---
 depends.tup                     |  3 +--
 src/syndicate/Tupfile           |  1 +
 src/syndicate/capabilities.nim  | 20 +++++++++------
 src/syndicate/private/hmacs.nim | 43 ---------------------------------
 syndicate.nimble                |  4 +--
 5 files changed, 17 insertions(+), 54 deletions(-)
 delete mode 100644 src/syndicate/private/hmacs.nim

diff --git a/depends.tup b/depends.tup
index b1bb327..878dcb6 100644
--- a/depends.tup
+++ b/depends.tup
@@ -3,6 +3,5 @@ include ../taps/depends.tup
 NIM_FLAGS += --path:$(TUP_CWD)/../nim
 NIM_FLAGS += --path:$(TUP_CWD)/../preserves-nim/src
 NIM_FLAGS += --path:$(TUP_CWD)/../taps/src
-NIM_FLAGS += --path:%<nimsha2>
-NIM_GROUPS += $(TUP_CWD)/../nimble/<nimsha2>
+NIM_FLAGS += --path:$(TUP_CWD)/../hashlib
 NIM_GROUPS += $(TUP_CWD)/<protocol>
diff --git a/src/syndicate/Tupfile b/src/syndicate/Tupfile
index 50d81d2..38f82e2 100644
--- a/src/syndicate/Tupfile
+++ b/src/syndicate/Tupfile
@@ -1,3 +1,4 @@
 include_rules
 NIM_FLAGS += --path:$(TUP_CWD)/..
 : foreach *.nim |> !nim_check |>
+: capabilities.nim |> !nim_bin |> $(BIN_DIR)/mint
diff --git a/src/syndicate/capabilities.nim b/src/syndicate/capabilities.nim
index 0b439d9..4b4fbb5 100644
--- a/src/syndicate/capabilities.nim
+++ b/src/syndicate/capabilities.nim
@@ -1,18 +1,24 @@
-# SPDX-FileCopyrightText: ☭ 2021 Emery Hemingway
+# SPDX-FileCopyrightText: ☭ Emery Hemingway
 # SPDX-License-Identifier: Unlicense
 
+from std/sequtils import toSeq
+import hashlib/misc/blake2
+
 import preserves
-import ./protocols/sturdy, ./private/hmacs
+import ./protocols/sturdy
 from ./actors import Ref
 
 export `$`
 
+proc hmac(key, data: openarray[byte]): seq[byte] =
+  count[Hmac[BLAKE2S_256]](key, data).data[0..15].toSeq
+
 proc mint*[T](key: openarray[byte]; oid: Preserve[T]): SturdyRef[T] =
-  SturdyRef[T](oid: oid, sig: hmacSha256(key, encode(oid), key.len))
+  SturdyRef[T](oid: oid, sig: hmac(key, encode oid))
 
 proc mint*[T](key: openarray[byte]; oid: T; E = void): SturdyRef[E] =
   var oidPr = toPreserve(oid, E)
-  SturdyRef[E](oid: oidPr, sig: hmacSha256(key, encode(oidPr), key.len))
+  SturdyRef[E](oid: oidPr, sig: hmac(key, encode oidPr))
 
 proc mint*(): SturdyRef[Ref] =
   var key: array[16, byte]
@@ -22,13 +28,13 @@ proc attenuate*[T](r: SturdyRef[T]; caveats: Attenuation): SturdyRef[T] =
   result = SturdyRef[T](
     oid: r.oid,
     caveatChain: r.caveatChain,
-    sig: hmacSha256(r.sig, caveats.encode))
+    sig: hmac(r.sig, encode caveats))
   result.caveatChain.add caveats
 
 proc validate*[T](key: openarray[byte]; r: SturdyRef[T]): bool =
-  var sig = hmacSha256(key, r.oid.encode, key.len)
+  var sig = hmac(key, encode r.oid)
   for a in r.caveatChain:
-    sig = hmacSha256(sig, a.encode)
+    sig = hmac(sig, encode a)
   r.sig == sig
 
 when isMainModule:
diff --git a/src/syndicate/private/hmacs.nim b/src/syndicate/private/hmacs.nim
deleted file mode 100644
index ba466cb..0000000
--- a/src/syndicate/private/hmacs.nim
+++ /dev/null
@@ -1,43 +0,0 @@
-# SPDX-FileCopyrightText: 2021 ☭ Emery Hemingway
-# SPDX-License-Identifier: Unlicense
-
-import nimSHA2
-
-proc fillPad(pad: var openarray[byte]; key: openarray[byte]; fillByte: byte) =
-  for i in 0..key.high: pad[i] = fillByte xor key[i].uint8
-  for i in key.len..pad.high: pad[i] = fillByte
-
-proc hmacSha256*[T:char|byte](key: openarray[byte]; msg: openarray[T]; outLength = 32): seq[byte] =
-  const blockSize = 64
-  assert(outLength <= 32)
-  var
-    hash: SHA256
-    pad: array[blockSize, byte]
-  block:
-    const xorByte = 0x36'u8
-    if key.len < blockSize:
-      fillPad(pad, key, xorByte)
-    else:
-      initSHA(hash)
-      update(hash, key)
-      var keyDigest = final(hash)
-      fillPad(pad, keyDigest, xorByte)
-    initSHA(hash)
-    update(hash, pad)
-    update(hash, msg)
-  var digest = final(hash)
-  block:
-    const xorByte = 0x5c'u8
-    if key.len < blockSize:
-      fillPad(pad, key, xorByte)
-    else:
-      initSHA(hash)
-      update(hash, key)
-      var keyDigest = final(hash)
-      fillPad(pad, keyDigest, xorByte)
-    initSHA(hash)
-    update(hash, pad)
-    update(hash, digest)
-  digest = final(hash)
-  result.setLen(outLength)
-  copyMem(result[0].addr, digest[0].addr, result.len)
diff --git a/syndicate.nimble b/syndicate.nimble
index e47c0d8..7e827a0 100644
--- a/syndicate.nimble
+++ b/syndicate.nimble
@@ -1,6 +1,6 @@
 # Package
 
-version = "20230506"
+version = "20230507"
 author        = "Emery Hemingway"
 description   = "Syndicated actors for conversational concurrency"
 license       = "Unlicense"
@@ -9,4 +9,4 @@ srcDir        = "src"
 
 # Dependencies
 
-requires "nim >= 1.4.8", "nimSHA2 >= 0.1.1", "preserves >= 20221208", "taps >= 20221119"
+requires "hashlib", "nim >= 1.4.8", "preserves >= 20221208", "taps >= 20221119"