From 02acdbeb0393c3de59c0636b2e5ec711c940e899 Mon Sep 17 00:00:00 2001
From: Tony Garnock-Jones <tonyg@leastfixedpoint.com>
Date: Mon, 6 Feb 2023 16:31:04 +0100
Subject: [PATCH] Switch to HMAC-BLAKE2s

---
 Makefile                                              |  2 +-
 syndicate-examples/chat.rkt                           |  2 +-
 syndicate-noise/info.rkt                              |  7 -------
 .../syndicate => syndicate}/distributed/noise.rkt     |  0
 syndicate/distributed/tcp.rkt                         |  2 +-
 syndicate/info.rkt                                    | 11 ++++++++---
 syndicate/sturdy.rkt                                  |  7 +++++--
 syndicate/test/core/sturdy.rkt                        |  8 ++++----
 8 files changed, 20 insertions(+), 19 deletions(-)
 delete mode 100644 syndicate-noise/info.rkt
 rename {syndicate-noise/syndicate => syndicate}/distributed/noise.rkt (100%)

diff --git a/Makefile b/Makefile
index fedd011..4098eb9 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
 __ignored__ := $(shell ./setup.sh)
 
-PACKAGES=syndicate syndicate-examples syndicate-msd syndicate-noise
+PACKAGES=syndicate syndicate-examples syndicate-msd
 COLLECTS=syndicate syndicate-examples
 
 all: setup
diff --git a/syndicate-examples/chat.rkt b/syndicate-examples/chat.rkt
index 4bbcd4c..cfc42b9 100644
--- a/syndicate-examples/chat.rkt
+++ b/syndicate-examples/chat.rkt
@@ -12,7 +12,7 @@
   (require (only-in file/sha1 hex-string->bytes))
 
   (define me (symbol->string (strong-gensym 'user)))
-  (define ref (SturdyRef "syndicate" '() (hex-string->bytes "a6480df5306611ddd0d3882b546e1977")))
+  (define ref (SturdyRef "syndicate" '() (hex-string->bytes "6617ec85e29cee1eb4f2085aa1fdedff")))
 
   (standard-actor-system (ds)
     (define conn-facet this-facet)
diff --git a/syndicate-noise/info.rkt b/syndicate-noise/info.rkt
deleted file mode 100644
index 551b089..0000000
--- a/syndicate-noise/info.rkt
+++ /dev/null
@@ -1,7 +0,0 @@
-#lang setup/infotab
-;;; SPDX-License-Identifier: LGPL-3.0-or-later
-;;; SPDX-FileCopyrightText: Copyright © 2023 Tony Garnock-Jones <tonyg@leastfixedpoint.com>
-
-(define collection 'multi)
-(define deps '("base" "syndicate" "noise-protocol"))
-(define build-deps '("libsodium"))
diff --git a/syndicate-noise/syndicate/distributed/noise.rkt b/syndicate/distributed/noise.rkt
similarity index 100%
rename from syndicate-noise/syndicate/distributed/noise.rkt
rename to syndicate/distributed/noise.rkt
diff --git a/syndicate/distributed/tcp.rkt b/syndicate/distributed/tcp.rkt
index e150ec7..06353ea 100644
--- a/syndicate/distributed/tcp.rkt
+++ b/syndicate/distributed/tcp.rkt
@@ -5,7 +5,7 @@
 (provide run-tcp-client-relay
          run-tcp-server-relay)
 
-(require (only-in sha bytes->hex-string))
+(require (only-in file/sha1 bytes->hex-string))
 (require syndicate/distributed/gatekeeper)
 (require syndicate/drivers/tcp)
 (require syndicate/relay)
diff --git a/syndicate/info.rkt b/syndicate/info.rkt
index 79bf2d6..8f23520 100644
--- a/syndicate/info.rkt
+++ b/syndicate/info.rkt
@@ -8,10 +8,11 @@
 
 	       "base"
 
-	       "data-lib"
                "auxiliary-macro-context"
+               "data-lib"
+               "libb2"
+               "noise-protocol"
                "preserves"
-               "sha"
                "struct-defaults"
                "web-server-lib"
 
@@ -27,7 +28,11 @@
 
                ))
 
-(define build-deps '("rackunit-lib" "at-exp-lib"))
+(define build-deps '(
+                     "at-exp-lib"
+                     "libsodium"
+                     "rackunit-lib"
+                     ))
 
 (define pre-install-collection "private/install.rkt")
 
diff --git a/syndicate/sturdy.rkt b/syndicate/sturdy.rkt
index 89c42f9..4657be5 100644
--- a/syndicate/sturdy.rkt
+++ b/syndicate/sturdy.rkt
@@ -21,7 +21,8 @@
          (all-from-out "schemas/sturdy.rkt"))
 
 (require racket/match)
-(require (only-in sha hmac-sha256))
+(require (only-in libb2 blake2s BLAKE2S_BLOCKLEN))
+(require (only-in noise-protocol/hmac make-hmac))
 (require (only-in racket/random crypto-random-bytes))
 (require preserves)
 (require preserves-schema)
@@ -45,8 +46,10 @@
                    #:read-syntax? #f
                    #:decode-embedded embedded-not-allowed))
 
+(define hmac-BLAKE2s (make-hmac blake2s BLAKE2S_BLOCKLEN))
+
 (define (signature key data)
-  (subbytes (hmac-sha256 key data) 0 KEY_LENGTH))
+  (subbytes (hmac-BLAKE2s key data) 0 KEY_LENGTH))
 
 (define (mint oid key)
   (SturdyRef oid '() (signature key (sturdy-encode oid))))
diff --git a/syndicate/test/core/sturdy.rkt b/syndicate/test/core/sturdy.rkt
index c59d3e9..b6fe337 100644
--- a/syndicate/test/core/sturdy.rkt
+++ b/syndicate/test/core/sturdy.rkt
@@ -11,18 +11,18 @@
 
   (define s0 (mint "test" #""))
 
-  (check-equal? s0 (SturdyRef "test" '() #"J\270\253\306N\365\2240\303\206\324\2G\306m\377"))
+  (check-equal? s0 (SturdyRef "test" '() #">\330w\326\3r{\216U`j\24\376\203\242\360"))
   (check-true (SturdyRef-valid? s0 #""))
 
   (define s1 (attenuate-sturdy s0 'a 'b 'c))
 
-  (check-equal? s1 (SturdyRef "test" '(a b c) #"oO\243\334\366aW6\5\303<\314St\275\226"))
+  (check-equal? s1 (SturdyRef "test" '(a b c) #"\261\220\327\363X\317\202\251&\367\3734*\355\333\324"))
   (check-true (SturdyRef-valid? s1 #""))
   (check-false (SturdyRef-valid?
-                (SturdyRef "test" '(a b c) #"pO\243\334\366aW6\5\303<\314St\275\226")
+                (SturdyRef "test" '(a b c) #"\261\220\327\363X\317\202\251&\367\3734?\355\333\324")
                 #""))
   (check-false (SturdyRef-valid?
-                (SturdyRef "test" '(a c b) #"oO\243\334\366aW6\5\303<\314St\275\226")
+                (SturdyRef "test" '(a c b) #"\261\220\327\363X\317\202\251&\367\3734*\355\333\324")
                 #""))
 
   )