Switch HMAC to BLAKE2s-256

Regenerate protocol modules
Less use of callSoon
2023-05-03 18:27:28 +01:00 · 2023-05-03 18:27:22 +01:00 · 2023-05-02 22:24:19 +01:00
9 changed files with 28 additions and 68 deletions
--- a/depends.tup
+++ b/depends.tup
@ -3,6 +3,7 @@ include ../taps/depends.tup
 NIM_FLAGS += --path:$(TUP_CWD)/../nim
 NIM_FLAGS += --path:$(TUP_CWD)/../preserves-nim/src
 NIM_FLAGS += --path:$(TUP_CWD)/../taps/src
+NIM_FLAGS += --path:$(TUP_CWD)/../hashlib
 NIM_FLAGS += --path:%<nimsha2>
 NIM_GROUPS += $(TUP_CWD)/../nimble/<nimsha2>
 NIM_GROUPS += $(TUP_CWD)/<protocol>
--- a/src/syndicate/Tupfile
+++ b/src/syndicate/Tupfile
@ -1,3 +1,4 @@
 include_rules
 NIM_FLAGS += --path:$(TUP_CWD)/..
 : foreach *.nim |> !nim_check |>
+: capabilities.nim |> !nim_bin |> $(BIN_DIR)/mint
--- a/src/syndicate/actors.nim
+++ b/src/syndicate/actors.nim
@ -395,8 +395,7 @@ proc spawn*(name: string; turn: var Turn; bootProc: TurnAction; initialAssertion
    var newOutBound: Table[Handle, OutboundAssertion]
    for key in initialAssertions:
      discard turn.facet.outbound.pop(key, newOutbound[key])
-    callSoon do ():
-      discard newActor(name, bootProc, newOutBound)
+    discard newActor(name, bootProc, newOutBound)

 proc newInertRef*(): Ref =
  let a = bootActor("inert") do (turn: var Turn): turn.stop()
@ -434,22 +433,18 @@ template tryFacet(facet; body: untyped) =
  #try: body
  #except: terminate(facet, getCurrentException())

-proc run(queues: Queues) =
-  callSoon do ():
-    for facet, queue in queues:
-      for action in queue: run(facet, action)
-
 proc run*(facet; action: TurnAction; zombieTurn = false) =
  if not zombieTurn:
    if not facet.actor.exitReason.isNil: return
    if not facet.isAlive: return
    # TODO: not Nim idiom
  tryFacet(facet):
-    var turn = Turn(
-      facet: facet,
-      queues: newTable[Facet, seq[TurnAction]]())
-    action(turn)
-    run(turn.queues)
+    var queues = newTable[Facet, seq[TurnAction]]()
+    block:
+      var turn = Turn(facet: facet, queues: queues)
+      action(turn)
+    for facet, queue in queues:
+      for action in queue: run(facet, action)

 proc run*(`ref`: Ref; action: TurnAction) =
  ## Convenience proc to run a `TurnAction` in the scope of a `Ref`.
--- a/src/syndicate/capabilities.nim
+++ b/src/syndicate/capabilities.nim
@ -1,18 +1,24 @@
-# SPDX-FileCopyrightText: ☭ 2021 Emery Hemingway
+# SPDX-FileCopyrightText: ☭ Emery Hemingway
 # SPDX-License-Identifier: Unlicense

+from std/sequtils import toSeq
+import hashlib/misc/blake2
+
 import preserves
-import ./protocols/sturdy, ./private/hmacs
+import ./protocols/sturdy
 from ./actors import Ref

 export `$`

+proc hmac(key, data: openarray[byte]): seq[byte] =
+  count[Hmac[BLAKE2S_256]](key, data).data[0..15].toSeq
+
 proc mint*[T](key: openarray[byte]; oid: Preserve[T]): SturdyRef[T] =
-  SturdyRef[T](oid: oid, sig: hmacSha256(key, encode(oid), key.len))
+  SturdyRef[T](oid: oid, sig: hmac(key, encode oid))

 proc mint*[T](key: openarray[byte]; oid: T; E = void): SturdyRef[E] =
  var oidPr = toPreserve(oid, E)
-  SturdyRef[E](oid: oidPr, sig: hmacSha256(key, encode(oidPr), key.len))
+  SturdyRef[E](oid: oidPr, sig: hmac(key, encode oidPr))

 proc mint*(): SturdyRef[Ref] =
  var key: array[16, byte]
@ -22,13 +28,13 @@ proc attenuate*[T](r: SturdyRef[T]; caveats: Attenuation): SturdyRef[T] =
  result = SturdyRef[T](
    oid: r.oid,
    caveatChain: r.caveatChain,
-    sig: hmacSha256(r.sig, caveats.encode))
+    sig: hmac(r.sig, encode caveats))
  result.caveatChain.add caveats

 proc validate*[T](key: openarray[byte]; r: SturdyRef[T]): bool =
-  var sig = hmacSha256(key, r.oid.encode, key.len)
+  var sig = hmac(key, encode r.oid)
  for a in r.caveatChain:
-    sig = hmacSha256(sig, a.encode)
+    sig = hmac(sig, encode a)
  r.sig == sig

 when isMainModule:
--- a/src/syndicate/private/hmacs.nim
+++ b/src/syndicate/private/hmacs.nim
@ -1,43 +0,0 @@
-# SPDX-FileCopyrightText: 2021 ☭ Emery Hemingway
-# SPDX-License-Identifier: Unlicense
-
-import nimSHA2
-
-proc fillPad(pad: var openarray[byte]; key: openarray[byte]; fillByte: byte) =
-  for i in 0..key.high: pad[i] = fillByte xor key[i].uint8
-  for i in key.len..pad.high: pad[i] = fillByte
-
-proc hmacSha256*[T:char|byte](key: openarray[byte]; msg: openarray[T]; outLength = 32): seq[byte] =
-  const blockSize = 64
-  assert(outLength <= 32)
-  var
-    hash: SHA256
-    pad: array[blockSize, byte]
-  block:
-    const xorByte = 0x36'u8
-    if key.len < blockSize:
-      fillPad(pad, key, xorByte)
-    else:
-      initSHA(hash)
-      update(hash, key)
-      var keyDigest = final(hash)
-      fillPad(pad, keyDigest, xorByte)
-    initSHA(hash)
-    update(hash, pad)
-    update(hash, msg)
-  var digest = final(hash)
-  block:
-    const xorByte = 0x5c'u8
-    if key.len < blockSize:
-      fillPad(pad, key, xorByte)
-    else:
-      initSHA(hash)
-      update(hash, key)
-      var keyDigest = final(hash)
-      fillPad(pad, keyDigest, xorByte)
-    initSHA(hash)
-    update(hash, pad)
-    update(hash, digest)
-  digest = final(hash)
-  result.setLen(outLength)
-  copyMem(result[0].addr, digest[0].addr, result.len)
--- a/src/syndicate/protocols/protocol.nim
+++ b/src/syndicate/protocols/protocol.nim
@ -19,7 +19,7 @@ type
    `handle`*: Handle

  Extension* {.preservesRecord: "label".} = object
-    `data`*: seq[Preserve[void]]
+    `field0`*: seq[Preserve[void]]

  Sync* {.preservesRecord: "sync".} = object
    `peer`* {.preservesLiteral: "#!<lit #t>".}: bool
--- a/src/syndicate/protocols/secureChatProtocol.nim
+++ b/src/syndicate/protocols/secureChatProtocol.nim
@ -24,11 +24,11 @@ type
  SessionKind* {.pure.} = enum
    `observeUsers`, `observeSpeech`, `NickClaim`, `Says`
  SessionObserveUsers*[Cap] {.preservesRecord: "Observe".} = object
-    `data`* {.preservesLiteral: "user".}: bool
+    `field0`* {.preservesLiteral: "user".}: bool
    `observer`*: Cap

  SessionObserveSpeech*[Cap] {.preservesRecord: "Observe".} = object
-    `data`* {.preservesLiteral: "says".}: bool
+    `field0`* {.preservesLiteral: "says".}: bool
    `observer`*: Cap

  `Session`*[Cap] {.preservesOr.} = object
--- a/src/syndicate/protocols/sturdy.nim
+++ b/src/syndicate/protocols/sturdy.nim
@ -112,11 +112,11 @@ type
  WireRefKind* {.pure.} = enum
    `mine`, `yours`
  WireRefMine* {.preservesTuple.} = object
-    `data`* {.preservesLiteral: "0".}: bool
+    `field0`* {.preservesLiteral: "0".}: bool
    `oid`*: Oid

  WireRefYours*[Cap] {.preservesTuple.} = ref object
-    `data`* {.preservesLiteral: "1".}: bool
+    `field0`* {.preservesLiteral: "1".}: bool
    `oid`*: Oid
    `attenuation`* {.preservesTupleTail.}: seq[Caveat[Cap]]

--- a/syndicate.nimble
+++ b/syndicate.nimble
@ -1,6 +1,6 @@
 # Package

-version = "20230410"
+version = "20230503"
 author        = "Emery Hemingway"
 description   = "Syndicated actors for conversational concurrency"
 license       = "Unlicense"
Author	SHA1	Message	Date
Emery Hemingway	c97eeafc42	Switch HMAC to BLAKE2s-256	2023-05-03 18:27:28 +01:00
Emery Hemingway	65fbc319cb	Regenerate protocol modules	2023-05-03 18:27:22 +01:00
Emery Hemingway	0a07bcf66a	Less use of callSoon	2023-05-02 22:24:19 +01:00