Merge pull request #504 from kotval/main

Bump crypto crates to enable libsignal compatibility

Cargo.toml

@@ -138,15 +138,17 @@ opt-level = "s" # z,s: Optimize for size instead of performance; 1 for easier de
 # prefer hardware-accelerated versions of services
 [patch.crates-io]
 sha2 = { git = "https://github.com/betrusted-io/hashes.git", branch = "sha2-v0.10.8-xous" }
+# sha2 = { path = "../hashes/sha2" }
+# This is needed by `p256`, currently the last holdout (a `vault` depenedncy)
 sha2_legacy = { git = "https://github.com/RustCrypto/hashes.git", tag = "sha2-v0.9.9", package = "sha2" }
 
 [patch.crates-io.aes]
 path = "services/aes"
 
 [patch.crates-io.curve25519-dalek]
-git = "https://github.com/betrusted-io/curve25519-dalek.git"
-branch = "main"
-#path = "../curve25519-dalek"  # when doing local dev work
+#git = "https://github.com/betrusted-io/curve25519-dalek.git"
+#branch = "main"
+path = "../curve25519-dalek/curve25519-dalek" # when doing local dev work
 # feature overrides are specified at the crate level
 
 [patch."https://github.com/betrusted-io/xous-engine-25519.git"]

RELEASE-v0.9.md

@@ -466,7 +466,9 @@ perform the Xous firmware upgrade. This requires running manual update commands,
 - Formatting and contribution standards have been modified. Formatting with `rustfmt` and trailing white space removal is now mandatory for all Xous contributions, see [#477](https://github.com/betrusted-io/xous-core/pull/477) for a discussion of how we got there and why.
 - The repo has gone through a "flag day" where all the crates have been formatted, which means commits before the flag day may be more difficult to undo. The changes are committed on a crate-by-crate basis, so if something is really broken we can undo the formatting for the crate and add an exception to the rustfmt rules.
 - Implement #478: backlight should turn on automatically when a U2F/FIDO packet comes in from the host, allowing users in dark conditions to see the screen and know what they are approving.
-- the `sha2` API has been upgraded from 0.9.9 to 0.10.8. In the process of upgrading this, the `sha2` code is now domiciled in a fork of the `RustCrypto/hashes` repo. This should hopefully make tracking changes on RustCrypto somewhat easier, at the price of some difficulty in maintaining external crate pins (but I think that can be solved with some scripting). In the process of conversion, crates that depend on the 0.9.9 API for acceleration are now not accelerated. In particular, the ed25519-dalek signature check on the gateware at boot now runs with software SHA-512, which means that boot is much slower. This should be fixed before the release is live, but users testing the bleeding edge should be aware of this temporary regression in performance.
+- the `sha2` API has been upgraded from 0.9.9 to 0.10.8. In the process of upgrading this, the `sha2` code is now domiciled in a fork of the `RustCrypto/hashes` repo. This should hopefully make tracking changes on RustCrypto somewhat easier, at the price of some difficulty in maintaining external crate pins (but I think that can be solved with some scripting). In the process of conversion, crates that depend on the 0.9.9 API for acceleration are now not accelerated.
+- upgrade all other crypto APIs to latest version, with the exception of `p256` inside `vault` (this code is vendored from OpenSK), and the curve25519 implementations inside the loader (because they have been tightly optimized for size, we'll have to revisit the patch set later; but also, only verification steps are done in the loader so there is less risk of leaking secret key material - not as worried about ct_eq and zeroize bugs)
+- a number of other crates and pins were upgraded in the process due to a cargo `update` run; the `build.rs` changes were reviewed and nothing nefarious was found, so at least this process did not introduce any obvious attacks against build hosts through supply chain contamination.
 - @gsora has added the `hidapi` - apps can now register a HID descriptor for custom interactions over USB. See `apps/hidv2` for democumentation.
 - change kernel and loader targets to riscv-unknown-elf-none because `xous` is now a proper target (required for Rust 1.76 compatibility)
 

apps/vault/Cargo.toml

@@ -39,11 +39,11 @@ ctap-crypto = { path = "libraries/crypto" }
 cbor = { path = "libraries/cbor" }
 persistent_store = { path = "libraries/persistent_store" }
 ed25519-compact = { version = "1", default-features = false, optional = true }
-rand = { version = "0.8.4", optional = true }
+rand = { version = "0.8.5", optional = true }
 
 # ux formatting
 hex = { version = "0.4.3", default-features = false, features = ["alloc"] }
-chrono = { version = "0.4.19", default-features = false, features = ["std"] }
+chrono = { version = "0.4.33", default-features = false, features = ["std"] }
 
 # password generation
 passwords = "3.1.9"

apps/vault/src/prereqs.rs

@@ -211,7 +211,7 @@ pub(crate) fn ntp_updater(time_conn: xous::CID) {
                     match result {
                         Ok(time) => {
                             log::debug!("Got NTP time: {}.{}", time.sec(), time.sec_fraction());
-                            let current_time = Utc.ymd(1970, 1, 1).and_hms(0, 0, 0)
+                            let current_time = Utc.with_ymd_and_hms(1970, 1, 1, 0, 0, 0).unwrap()
                                 + chrono::Duration::seconds(time.sec() as i64);
                             log::debug!("Setting UTC time: {:?}", current_time.to_string());
                             xous::send_message(

apps/vault/src/storage.rs

@@ -766,8 +766,8 @@ impl From<PasswordRecord> for Vec<u8> {
 /// target
 fn utc_now() -> DateTime<Utc> {
     let now = SystemTime::now().duration_since(UNIX_EPOCH).expect("system time before Unix epoch");
-    let naive = NaiveDateTime::from_timestamp(now.as_secs() as i64, now.subsec_nanos() as u32);
-    DateTime::from_utc(naive, Utc)
+    let naive = NaiveDateTime::from_timestamp_opt(now.as_secs() as i64, now.subsec_nanos() as u32).unwrap();
+    DateTime::from_naive_utc_and_offset(naive, Utc)
 }
 
 pub fn hex(data: Vec<u8>) -> String {

apps/vault/src/vault_api.rs

@@ -63,7 +63,10 @@ pub fn atime_to_str(req_atime: u64) -> String {
         request_str.push_str(t!("vault.u2f.appinfo.never", locales::LANG));
     } else {
         let now = utc_now();
-        let atime = DateTime::<Utc>::from_utc(NaiveDateTime::from_timestamp(req_atime as i64, 0), Utc);
+        let atime = DateTime::<Utc>::from_naive_utc_and_offset(
+            NaiveDateTime::from_timestamp_opt(req_atime as i64, 0).unwrap(),
+            Utc,
+        );
         // avoid format! macro, it is too slow.
         if now.signed_duration_since(atime).num_days() > 1 {
             request_str.push_str(t!("vault.u2f.appinfo.last_authtime", locales::LANG));
@@ -90,8 +93,8 @@ pub fn atime_to_str(req_atime: u64) -> String {
 /// target
 pub fn utc_now() -> DateTime<Utc> {
     let now = SystemTime::now().duration_since(UNIX_EPOCH).expect("system time before Unix epoch");
-    let naive = NaiveDateTime::from_timestamp(now.as_secs() as i64, now.subsec_nanos() as u32);
-    DateTime::from_utc(naive, Utc)
+    let naive = NaiveDateTime::from_timestamp_opt(now.as_secs() as i64, now.subsec_nanos() as u32).unwrap();
+    DateTime::from_naive_utc_and_offset(naive, Utc)
 }
 
 /// app info format:

imports/getrandom/CHANGELOG.md

@@ -4,6 +4,134 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.2.12] - 2024-01-09
+### Fixed
+- Custom backend for targets without atomics [#385]
+
+### Changed
+- Improve robustness of the Hermit backend and `sys_fill_exact` [#386]
+- Raise minimum supported Apple OS versions to macOS 10.12 and iOS 10 [#388]
+
+### Added
+- Document platform support policy [#387]
+
+[#385]: https://github.com/rust-random/getrandom/pull/385
+[#386]: https://github.com/rust-random/getrandom/pull/386
+[#387]: https://github.com/rust-random/getrandom/pull/387
+[#388]: https://github.com/rust-random/getrandom/pull/388
+
+## [0.2.11] - 2023-11-08
+### Added
+- GNU/Hurd support [#370]
+
+### Changed
+- Renamed `__getrandom_internal` to `__GETRANDOM_INTERNAL`  [#369]
+- Updated link to Hermit docs [#374]
+
+[#369]: https://github.com/rust-random/getrandom/pull/369
+[#370]: https://github.com/rust-random/getrandom/pull/370
+[#374]: https://github.com/rust-random/getrandom/pull/374
+
+## [0.2.10] - 2023-06-06
+### Added
+- Support for PS Vita (`armv7-sony-vita-newlibeabihf`) [#359]
+
+### Changed
+- Use getentropy from libc on Emscripten targets [#362]
+
+[#359]: https://github.com/rust-random/getrandom/pull/359
+[#362]: https://github.com/rust-random/getrandom/pull/362
+
+## [0.2.9] - 2023-04-06
+### Added
+- AIX support [#282]
+- `getrandom_uninit` function [#291]
+- `wasm64-unknown-unknown` support [#303]
+- tvOS and watchOS support [#317]
+- QNX/nto support [#325]
+- Support for `getrandom` syscall on NetBSD ≥ 10.0 [#331]
+- `RtlGenRandom` fallback for non-UWP Windows [#337]
+
+### Breaking Changes
+- Update MSRV to 1.36 [#291]
+
+### Fixed
+- Solaris/OpenBSD/Dragonfly build [#301]
+
+### Changed
+- Update MSRV to 1.36 [#291]
+- Use getentropy on Emscripten [#307]
+- Solaris: consistantly use `/dev/random` source [#310]
+- Move 3ds selection above rdrand/js/custom fallback [#312]
+- Remove buffer zeroing from Node.js implementation [#315]
+- Use `open` instead of `open64` [#326]
+- Remove #cfg from bsd_arandom.rs [#332]
+- Hermit: use `sys_read_entropy` syscall [#333]
+- Eliminate potential panic in sys_fill_exact [#334]
+- rdrand: Remove checking for 0 and !0 and instead check CPU family and do a self-test [#335]
+- Move `__getrandom_custom` definition into a const block [#344]
+- Switch the custom backend to Rust ABI [#347]
+
+[#282]: https://github.com/rust-random/getrandom/pull/282
+[#291]: https://github.com/rust-random/getrandom/pull/291
+[#301]: https://github.com/rust-random/getrandom/pull/301
+[#303]: https://github.com/rust-random/getrandom/pull/303
+[#307]: https://github.com/rust-random/getrandom/pull/307
+[#310]: https://github.com/rust-random/getrandom/pull/310
+[#312]: https://github.com/rust-random/getrandom/pull/312
+[#315]: https://github.com/rust-random/getrandom/pull/315
+[#317]: https://github.com/rust-random/getrandom/pull/317
+[#325]: https://github.com/rust-random/getrandom/pull/325
+[#326]: https://github.com/rust-random/getrandom/pull/326
+[#331]: https://github.com/rust-random/getrandom/pull/331
+[#332]: https://github.com/rust-random/getrandom/pull/332
+[#333]: https://github.com/rust-random/getrandom/pull/333
+[#334]: https://github.com/rust-random/getrandom/pull/334
+[#335]: https://github.com/rust-random/getrandom/pull/335
+[#337]: https://github.com/rust-random/getrandom/pull/337
+[#344]: https://github.com/rust-random/getrandom/pull/344
+[#347]: https://github.com/rust-random/getrandom/pull/347
+
+## [0.2.8] - 2022-10-20
+### Changed
+- The [Web Cryptography API] will now be preferred on `wasm32-unknown-unknown`
+  when using the `"js"` feature, even on Node.js [#284] [#295]
+
+### Added
+- Added benchmarks to track buffer initialization cost [#272]
+
+### Fixed
+- Use `$crate` in `register_custom_getrandom!` [#270]
+
+### Documentation
+- Add information about enabling `"js"` feature [#280]
+- Fix link to `wasm-bindgen` [#278]
+- Document the varied implementations for underlying randomness sources [#276]
+
+[Web Cryptography API]: https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API
+[#284]: https://github.com/rust-random/getrandom/pull/284
+[#295]: https://github.com/rust-random/getrandom/pull/295
+[#272]: https://github.com/rust-random/getrandom/pull/272
+[#270]: https://github.com/rust-random/getrandom/pull/270
+[#280]: https://github.com/rust-random/getrandom/pull/280
+[#278]: https://github.com/rust-random/getrandom/pull/278
+[#276]: https://github.com/rust-random/getrandom/pull/276
+
+## [0.2.7] - 2022-06-14
+### Changed
+- Update `wasi` dependency to `0.11` [#253]
+
+### Fixed
+- Use `AtomicPtr` instead of `AtomicUsize` for Strict Provenance compatibility. [#263]
+
+### Documentation
+- Add comments explaining use of fallback mechanisms [#257] [#260]
+
+[#263]: https://github.com/rust-random/getrandom/pull/263
+[#260]: https://github.com/rust-random/getrandom/pull/260
+[#253]: https://github.com/rust-random/getrandom/pull/253
+[#257]: https://github.com/rust-random/getrandom/pull/257
+
 ## [0.2.6] - 2022-03-28
 ### Added
 - Nintendo 3DS (`armv6k-nintendo-3ds`) support [#248]
@@ -55,7 +183,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [0.2.2] - 2021-01-19
 ### Changed
 - Forward `rustc-dep-of-std` to dependencies. [#198]
-- Highlight feature-dependend functionality in documentation using the `doc_cfg` feature. [#200]
+- Highlight feature-dependent functionality in documentation using the `doc_cfg` feature. [#200]
 
 [#198]: https://github.com/rust-random/getrandom/pull/198
 [#200]: https://github.com/rust-random/getrandom/pull/200
@@ -185,7 +313,7 @@ disabled `dummy` feature. [#90]
 ## [0.1.9] - 2019-08-14 [YANKED]
 ### Changed
 - Remove `std` dependency for opening and reading files. [#58]
-- Use `wasi` isntead of `libc` on WASI target. [#64]
+- Use `wasi` instead of `libc` on WASI target. [#64]
 - By default emit a compile-time error when built for an unsupported target.
 This behaviour can be disabled by using the `dummy` feature. [#71]
 
@@ -291,7 +419,13 @@ Publish initial implementation.
 ## [0.0.0] - 2019-01-19
 Publish an empty template library.
 
-[0.2.5]: https://github.com/rust-random/getrandom/compare/v0.2.5...v0.2.6
+[0.2.12]: https://github.com/rust-random/getrandom/compare/v0.2.11...v0.2.12
+[0.2.11]: https://github.com/rust-random/getrandom/compare/v0.2.10...v0.2.11
+[0.2.10]: https://github.com/rust-random/getrandom/compare/v0.2.9...v0.2.10
+[0.2.9]: https://github.com/rust-random/getrandom/compare/v0.2.8...v0.2.9
+[0.2.8]: https://github.com/rust-random/getrandom/compare/v0.2.7...v0.2.8
+[0.2.7]: https://github.com/rust-random/getrandom/compare/v0.2.6...v0.2.7
+[0.2.6]: https://github.com/rust-random/getrandom/compare/v0.2.5...v0.2.6
 [0.2.5]: https://github.com/rust-random/getrandom/compare/v0.2.4...v0.2.5
 [0.2.4]: https://github.com/rust-random/getrandom/compare/v0.2.3...v0.2.4
 [0.2.3]: https://github.com/rust-random/getrandom/compare/v0.2.2...v0.2.3