From 41f5ce0c06c3f0e2d314510c93040ad934c7e348 Mon Sep 17 00:00:00 2001 From: Simon Wicky Date: Thu, 18 Apr 2024 14:18:20 +0200 Subject: [PATCH] tidy up tests and warnings --- benches/benchmarks.rs | 3 +- src/crypto/keys.rs | 154 ------------------------------ src/header/delays.rs | 4 +- src/header/keys.rs | 36 +++---- src/header/mod.rs | 27 +++--- src/header/routing/destination.rs | 2 +- src/header/routing/mod.rs | 2 +- src/header/routing/nodes.rs | 2 +- src/surb/mod.rs | 16 ++-- src/test_utils.rs | 11 ++- tests/integration_test.rs | 33 +++---- 11 files changed, 77 insertions(+), 213 deletions(-) delete mode 100644 src/crypto/keys.rs diff --git a/benches/benchmarks.rs b/benches/benchmarks.rs index efe5f04..5504038 100644 --- a/benches/benchmarks.rs +++ b/benches/benchmarks.rs @@ -18,9 +18,10 @@ use criterion::{black_box, criterion_group, criterion_main, Criterion}; use sphinx_packet::constants::{ DESTINATION_ADDRESS_LENGTH, IDENTIFIER_LENGTH, NODE_ADDRESS_LENGTH, }; -use sphinx_packet::crypto::keygen; + use sphinx_packet::header::delays; use sphinx_packet::route::{Destination, DestinationAddressBytes, Node, NodeAddressBytes}; +use sphinx_packet::test_utils::fixtures::keygen; use sphinx_packet::SphinxPacket; use std::time::Duration; diff --git a/src/crypto/keys.rs b/src/crypto/keys.rs deleted file mode 100644 index 77dee4f..0000000 --- a/src/crypto/keys.rs +++ /dev/null @@ -1,154 +0,0 @@ -// Copyright 2020 Nym Technologies SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Ideally we would have used pure x25519_dalek implementation and created a wrapper for -// it, but unfortunately it's not an option as what we're doing here is not 'pure' -// x25519, as we require (in form of optimization, TODO: WHICH WE MUST ACTUALLY LEARN IF ITS -// NOT A VULNERABILITY) multiplying scalars together before exponentiation, i.e. -// to obtain g^{xyz} we compute `tmp = x*y*z` followed by g^tmp rather than -// G1 = g^x, G2 = G1^y, G3 = G2^z - -use curve25519_dalek::{ - constants::ED25519_BASEPOINT_TABLE, montgomery::MontgomeryPoint, scalar::Scalar, -}; -use rand::{rngs::OsRng, CryptoRng, RngCore}; - -pub const PRIVATE_KEY_SIZE: usize = 32; -pub const PUBLIC_KEY_SIZE: usize = 32; -pub const SHARED_SECRET_SIZE: usize = PUBLIC_KEY_SIZE; - -// this is specific to our keys being on curve25519; -// if not done, it could introduce attacks involving use -// of small-order points (and some side-channel attacks I think?). -// TODO: could an ECC 'expert' verify those claims? -pub fn clamp_scalar_bytes(mut scalar_bytes: [u8; PRIVATE_KEY_SIZE]) -> Scalar { - scalar_bytes[0] &= 248; - scalar_bytes[31] &= 127; - scalar_bytes[31] |= 64; - - Scalar::from_bits(scalar_bytes) -} - -// TODO: similarly to what x25519_dalek is doing, we should probably -// derive zeroize::Zeroize on drop here -pub struct PrivateKey(Scalar); - -// Because the lint below was renamed in nightly but not in stable, making this problematic in CI -// which tests both, for a brief period we allow renamed lints. -#[allow(renamed_and_removed_lints)] // TODO: remove this in next version -#[allow(clippy::derive_hash_xor_eq)] // TODO: we must be careful about that one if anything changes in the future -#[derive(Copy, Clone, Debug, Hash)] -pub struct PublicKey(MontgomeryPoint); - -// type aliases for easier reasoning -pub type EphemeralSecret = PrivateKey; -pub type SharedSecret = PublicKey; - -impl PrivateKey { - /// Perform a key exchange with another public key - pub fn diffie_hellman(&self, remote_public_key: &PublicKey) -> SharedSecret { - PublicKey(self.0 * remote_public_key.0) - } - - // Do not expose this. It can lead to serious security issues if used incorrectly. - pub(crate) fn clone(&self) -> Self { - PrivateKey(self.0) - } - - // honestly, this method shouldn't really exist, but right now we have no decent - // rng propagation in the library - pub fn new() -> Self { - let mut rng = OsRng; - Self::new_with_rng(&mut rng) - } - - pub fn new_with_rng(rng: &mut R) -> Self { - let mut bytes = [0u8; PRIVATE_KEY_SIZE]; - rng.fill_bytes(&mut bytes); - PrivateKey(clamp_scalar_bytes(bytes)) - } - - pub fn to_bytes(&self) -> [u8; PRIVATE_KEY_SIZE] { - self.0.to_bytes() - } -} - -impl Default for PrivateKey { - fn default() -> Self { - PrivateKey::new() - } -} - -// TODO: is this 'safe' ? -impl<'a, 'b> std::ops::Mul<&'b Scalar> for &'a EphemeralSecret { - type Output = EphemeralSecret; - fn mul(self, rhs: &'b Scalar) -> EphemeralSecret { - PrivateKey(self.0 * rhs) - } -} - -impl<'b> std::ops::MulAssign<&'b Scalar> for EphemeralSecret { - fn mul_assign(&mut self, _rhs: &'b Scalar) { - self.0.mul_assign(_rhs) - } -} - -impl From for EphemeralSecret { - fn from(scalar: Scalar) -> EphemeralSecret { - // TODO: should we ensure it's a valid scalar by performing - // montgomery reduction and/or clamping? - PrivateKey(scalar) - } -} - -impl From<[u8; PRIVATE_KEY_SIZE]> for PrivateKey { - fn from(bytes: [u8; 32]) -> PrivateKey { - // TODO: do we have to clamp it here? - PrivateKey(clamp_scalar_bytes(bytes)) - } -} - -impl PublicKey { - pub fn as_bytes(&self) -> &[u8; PUBLIC_KEY_SIZE] { - self.0.as_bytes() - } -} - -impl<'a> From<&'a PrivateKey> for PublicKey { - fn from(private_key: &'a PrivateKey) -> PublicKey { - // multiplication in edwards using the precomputed ed25519 basepoint table is over 3x quicker - // than multiplication inside montgomery using the curve generator - PublicKey((&ED25519_BASEPOINT_TABLE * &private_key.0).to_montgomery()) - } -} - -impl From<[u8; PUBLIC_KEY_SIZE]> for PublicKey { - fn from(bytes: [u8; PUBLIC_KEY_SIZE]) -> PublicKey { - PublicKey(MontgomeryPoint(bytes)) - } -} - -impl PartialEq for PublicKey { - fn eq(&self, other: &Self) -> bool { - self.0.eq(&other.0) - } -} - -impl Eq for PublicKey {} - -pub fn keygen() -> (PrivateKey, PublicKey) { - let private_key = PrivateKey::new(); - let public_key = PublicKey::from(&private_key); - (private_key, public_key) -} diff --git a/src/header/delays.rs b/src/header/delays.rs index 35add6c..e281350 100644 --- a/src/header/delays.rs +++ b/src/header/delays.rs @@ -176,7 +176,7 @@ mod delay_summing { let delay2 = Delay(123); let expected1 = Delay(165); - assert_eq!(expected1, &delay1 + &delay2); + assert_eq!(expected1, delay1 + delay2); let expected2 = Delay(265); let delay3 = Delay(100); @@ -185,7 +185,7 @@ mod delay_summing { #[test] fn works_with_iterator() { - let delays = vec![Delay(42), Delay(123), Delay(100)]; + let delays = [Delay(42), Delay(123), Delay(100)]; let expected = Delay(265); assert_eq!(expected, delays.iter().sum()); diff --git a/src/header/keys.rs b/src/header/keys.rs index 7d106f3..513777e 100644 --- a/src/header/keys.rs +++ b/src/header/keys.rs @@ -147,12 +147,11 @@ mod deriving_key_material { #[test] fn it_returns_no_routing_keys() { let empty_route: Vec = vec![]; - let initial_secret = EphemeralSecret::new(); - let hacky_secret_copy = EphemeralSecret::from(initial_secret.to_bytes()); + let initial_secret = StaticSecret::random(); let key_material = KeyMaterial::derive(&empty_route, &initial_secret); assert_eq!(0, key_material.routing_keys.len()); assert_eq!( - SharedSecret::from(&hacky_secret_copy).as_bytes(), + PublicKey::from(&initial_secret).as_bytes(), key_material.initial_shared_secret.as_bytes() ) } @@ -163,12 +162,11 @@ mod deriving_key_material { use super::*; use crate::test_utils::random_node; - fn setup() -> (Vec, EphemeralSecret, KeyMaterial) { + fn setup() -> (Vec, StaticSecret, KeyMaterial) { let route: Vec = vec![random_node(), random_node(), random_node()]; - let initial_secret = EphemeralSecret::new(); - let hacky_secret_copy = EphemeralSecret::from(initial_secret.to_bytes()); + let initial_secret = StaticSecret::random(); let key_material = KeyMaterial::derive(&route, &initial_secret); - (route, hacky_secret_copy, key_material) + (route, initial_secret, key_material) } #[test] @@ -181,7 +179,7 @@ mod deriving_key_material { fn it_returns_correctly_inited_shared_secret() { let (_, initial_secret, key_material) = setup(); assert_eq!( - SharedSecret::from(&initial_secret).as_bytes(), + PublicKey::from(&initial_secret).as_bytes(), key_material.initial_shared_secret.as_bytes() ); } @@ -194,13 +192,19 @@ mod deriving_key_material { // incorrectly blinded shared key through the mixnet in the (unencrypted) // Sphinx packet header. So this test ensures that the accumulator gets incremented // properly on each run through the loop. - let mut expected_accumulator = initial_secret; + let mut expected_accumulator = vec![initial_secret]; //SW TODO adapt this test to new way of computation for (i, node) in route.iter().enumerate() { - let expected_shared_key = expected_accumulator.diffie_hellman(&node.pub_key); + let expected_shared_key = + expected_accumulator + .iter() + .fold(node.pub_key, |acc, blinding_factor| { + PublicKey::from(blinding_factor.diffie_hellman(&acc).to_bytes()) + }); + let expected_routing_keys = RoutingKeys::derive(expected_shared_key); - expected_accumulator = &expected_accumulator - * &Scalar::from_bytes_mod_order(expected_routing_keys.blinding_factor); + expected_accumulator + .push(StaticSecret::from(expected_routing_keys.blinding_factor)); let expected_routing_keys = RoutingKeys::derive(expected_shared_key); assert_eq!(expected_routing_keys, key_material.routing_keys[i]) } @@ -214,8 +218,8 @@ mod key_derivation_function { #[test] fn it_expands_the_seed_key_to_expected_length() { - let initial_secret = EphemeralSecret::new(); - let shared_key = SharedSecret::from(&initial_secret); + let initial_secret = StaticSecret::random(); + let shared_key = PublicKey::from(&initial_secret); let routing_keys = RoutingKeys::derive(shared_key); assert_eq!( crypto::STREAM_CIPHER_KEY_SIZE, @@ -225,8 +229,8 @@ mod key_derivation_function { #[test] fn it_returns_the_same_output_for_two_equal_inputs() { - let initial_secret = EphemeralSecret::new(); - let shared_key = SharedSecret::from(&initial_secret); + let initial_secret = StaticSecret::random(); + let shared_key = PublicKey::from(&initial_secret); let routing_keys1 = RoutingKeys::derive(shared_key); let routing_keys2 = RoutingKeys::derive(shared_key); assert_eq!(routing_keys1, routing_keys2); diff --git a/src/header/mod.rs b/src/header/mod.rs index fb77361..72dc4ff 100644 --- a/src/header/mod.rs +++ b/src/header/mod.rs @@ -245,29 +245,32 @@ impl SphinxHeader { #[cfg(test)] mod create_and_process_sphinx_packet_header { use super::*; - use crate::{constants::NODE_ADDRESS_LENGTH, test_utils::fixtures::destination_fixture}; + use crate::{ + constants::NODE_ADDRESS_LENGTH, + test_utils::fixtures::{destination_fixture, keygen}, + }; use std::time::Duration; #[test] fn it_returns_correct_routing_information_at_each_hop_for_route_of_3_mixnodes() { - let (node1_sk, node1_pk) = crypto::keygen(); + let (node1_sk, node1_pk) = keygen(); let node1 = Node { address: NodeAddressBytes::from_bytes([5u8; NODE_ADDRESS_LENGTH]), pub_key: node1_pk, }; - let (node2_sk, node2_pk) = crypto::keygen(); + let (node2_sk, node2_pk) = keygen(); let node2 = Node { address: NodeAddressBytes::from_bytes([4u8; NODE_ADDRESS_LENGTH]), pub_key: node2_pk, }; - let (node3_sk, node3_pk) = crypto::keygen(); + let (node3_sk, node3_pk) = keygen(); let node3 = Node { address: NodeAddressBytes::from_bytes([2u8; NODE_ADDRESS_LENGTH]), pub_key: node3_pk, }; let route = [node1, node2, node3]; let destination = destination_fixture(); - let initial_secret = EphemeralSecret::new(); + let initial_secret = StaticSecret::random(); let average_delay = 1; let delays = delays::generate_from_average_duration(route.len(), Duration::from_secs(average_delay)); @@ -387,24 +390,24 @@ mod unwrap_routing_information { mod unwrapping_using_previously_derived_keys { use super::*; use crate::constants::NODE_ADDRESS_LENGTH; - use crate::test_utils::fixtures::destination_fixture; + use crate::test_utils::fixtures::{destination_fixture, keygen}; use std::time::Duration; #[test] fn produces_same_result_for_forward_hop() { - let (node1_sk, node1_pk) = crypto::keygen(); + let (node1_sk, node1_pk) = keygen(); let node1 = Node { address: NodeAddressBytes::from_bytes([5u8; NODE_ADDRESS_LENGTH]), pub_key: node1_pk, }; - let (_, node2_pk) = crypto::keygen(); + let (_, node2_pk) = keygen(); let node2 = Node { address: NodeAddressBytes::from_bytes([4u8; NODE_ADDRESS_LENGTH]), pub_key: node2_pk, }; let route = [node1, node2]; let destination = destination_fixture(); - let initial_secret = EphemeralSecret::new(); + let initial_secret = StaticSecret::random(); let average_delay = 1; let delays = delays::generate_from_average_duration(route.len(), Duration::from_secs(average_delay)); @@ -439,14 +442,14 @@ mod unwrapping_using_previously_derived_keys { #[test] fn produces_same_result_for_final_hop() { - let (node1_sk, node1_pk) = crypto::keygen(); + let (node1_sk, node1_pk) = keygen(); let node1 = Node { address: NodeAddressBytes::from_bytes([5u8; NODE_ADDRESS_LENGTH]), pub_key: node1_pk, }; let route = [node1]; let destination = destination_fixture(); - let initial_secret = EphemeralSecret::new(); + let initial_secret = StaticSecret::random(); let average_delay = 1; let delays = delays::generate_from_average_duration(route.len(), Duration::from_secs(average_delay)); @@ -483,7 +486,7 @@ mod converting_header_to_bytes { fn it_is_possible_to_convert_back_and_forth() { let encapsulated_routing_info = encapsulated_routing_information_fixture(); let header = SphinxHeader { - shared_secret: SharedSecret::from(&EphemeralSecret::new()), + shared_secret: PublicKey::from(&StaticSecret::random()), routing_info: encapsulated_routing_info, }; diff --git a/src/header/routing/destination.rs b/src/header/routing/destination.rs index 69282df..cdb6985 100644 --- a/src/header/routing/destination.rs +++ b/src/header/routing/destination.rs @@ -76,7 +76,7 @@ impl FinalRoutingInformation { // return D || I || PAD PaddedFinalRoutingInformation { value: std::iter::once(self.flag) - .chain(self.version.to_bytes().into_iter()) + .chain(self.version.to_bytes()) .chain(self.destination.as_bytes().iter().cloned()) .chain(self.identifier.iter().cloned()) .chain(padding.iter().cloned()) diff --git a/src/header/routing/mod.rs b/src/header/routing/mod.rs index f78a069..ee64664 100644 --- a/src/header/routing/mod.rs +++ b/src/header/routing/mod.rs @@ -289,7 +289,7 @@ mod encapsulating_forward_routing_information { let delay0 = Delay::new_from_nanos(10); let delay1 = Delay::new_from_nanos(20); let delay2 = Delay::new_from_nanos(30); - let delays = [delay0.clone(), delay1.clone(), delay2].to_vec(); + let delays = [delay0, delay1, delay2].to_vec(); let routing_keys = [ routing_keys_fixture(), routing_keys_fixture(), diff --git a/src/header/routing/nodes.rs b/src/header/routing/nodes.rs index 31358ff..87d5881 100644 --- a/src/header/routing/nodes.rs +++ b/src/header/routing/nodes.rs @@ -69,7 +69,7 @@ impl RoutingInformation { .chain(self.version.to_bytes().iter().cloned()) .chain(self.node_address.as_bytes_ref().iter().cloned()) .chain(self.delay.to_bytes().iter().cloned()) - .chain(self.header_integrity_mac.into_inner().into_iter()) + .chain(self.header_integrity_mac.into_inner()) .chain(self.next_routing_information.iter().cloned()) .collect() } diff --git a/src/surb/mod.rs b/src/surb/mod.rs index de5ae64..42f02fb 100644 --- a/src/surb/mod.rs +++ b/src/surb/mod.rs @@ -166,24 +166,26 @@ impl SURB { mod prepare_and_use_process_surb { use super::*; use crate::constants::NODE_ADDRESS_LENGTH; - use crate::crypto; use crate::header::{delays, HEADER_SIZE}; - use crate::{packet::builder::DEFAULT_PAYLOAD_SIZE, test_utils::fixtures::destination_fixture}; + use crate::{ + packet::builder::DEFAULT_PAYLOAD_SIZE, + test_utils::fixtures::{destination_fixture, keygen}, + }; use std::time::Duration; #[allow(non_snake_case)] fn SURB_fixture() -> SURB { - let (_, node1_pk) = crypto::keygen(); + let (_, node1_pk) = keygen(); let node1 = Node { address: NodeAddressBytes::from_bytes([5u8; NODE_ADDRESS_LENGTH]), pub_key: node1_pk, }; - let (_, node2_pk) = crypto::keygen(); + let (_, node2_pk) = keygen(); let node2 = Node { address: NodeAddressBytes::from_bytes([4u8; NODE_ADDRESS_LENGTH]), pub_key: node2_pk, }; - let (_, node3_pk) = crypto::keygen(); + let (_, node3_pk) = keygen(); let node3 = Node { address: NodeAddressBytes::from_bytes([2u8; NODE_ADDRESS_LENGTH]), pub_key: node3_pk, @@ -191,7 +193,7 @@ mod prepare_and_use_process_surb { let surb_route = vec![node1, node2, node3]; let surb_destination = destination_fixture(); - let surb_initial_secret = EphemeralSecret::new(); + let surb_initial_secret = StaticSecret::random(); let surb_delays = delays::generate_from_average_duration(surb_route.len(), Duration::from_secs(3)); @@ -206,7 +208,7 @@ mod prepare_and_use_process_surb { fn returns_error_if_surb_route_empty() { let surb_route = Vec::new(); let surb_destination = destination_fixture(); - let surb_initial_secret = EphemeralSecret::new(); + let surb_initial_secret = StaticSecret::random(); let surb_delays = delays::generate_from_average_duration(surb_route.len(), Duration::from_secs(3)); let expected = ErrorKind::InvalidSURB; diff --git a/src/test_utils.rs b/src/test_utils.rs index 5255ef3..7c0a215 100644 --- a/src/test_utils.rs +++ b/src/test_utils.rs @@ -14,12 +14,13 @@ use crate::{ constants::NODE_ADDRESS_LENGTH, - crypto, route::{Node, NodeAddressBytes}, }; pub mod fixtures { + use x25519_dalek::{PublicKey, StaticSecret}; + use crate::{ constants::{ BLINDING_FACTOR_SIZE, DESTINATION_ADDRESS_LENGTH, HEADER_INTEGRITY_MAC_SIZE, @@ -84,10 +85,16 @@ pub mod fixtures { integrity_mac: header_integrity_mac_fixture(), } } + + pub fn keygen() -> (StaticSecret, PublicKey) { + let private_key = StaticSecret::random(); + let public_key = PublicKey::from(&private_key); + (private_key, public_key) + } } pub fn random_node() -> Node { - let random_private_key = crypto::PrivateKey::new(); + let random_private_key = x25519_dalek::EphemeralSecret::random(); Node { address: NodeAddressBytes::from_bytes([2u8; NODE_ADDRESS_LENGTH]), pub_key: (&random_private_key).into(), diff --git a/tests/integration_test.rs b/tests/integration_test.rs index 3b336d1..c195eb9 100644 --- a/tests/integration_test.rs +++ b/tests/integration_test.rs @@ -14,7 +14,6 @@ extern crate sphinx_packet; -use sphinx_packet::crypto; use sphinx_packet::header::delays; use sphinx_packet::route::{Destination, Node}; use sphinx_packet::SphinxPacket; @@ -25,6 +24,7 @@ use sphinx_packet::SphinxPacket; mod create_and_process_sphinx_packet { use super::*; use sphinx_packet::route::{DestinationAddressBytes, NodeAddressBytes}; + use sphinx_packet::test_utils::fixtures::keygen; use sphinx_packet::{ constants::{ DESTINATION_ADDRESS_LENGTH, IDENTIFIER_LENGTH, NODE_ADDRESS_LENGTH, PAYLOAD_SIZE, @@ -36,17 +36,17 @@ mod create_and_process_sphinx_packet { #[test] fn returns_the_correct_data_at_each_hop_for_route_of_3_mixnodes_without_surb() { - let (node1_sk, node1_pk) = crypto::keygen(); + let (node1_sk, node1_pk) = keygen(); let node1 = Node::new( NodeAddressBytes::from_bytes([5u8; NODE_ADDRESS_LENGTH]), node1_pk, ); - let (node2_sk, node2_pk) = crypto::keygen(); + let (node2_sk, node2_pk) = keygen(); let node2 = Node::new( NodeAddressBytes::from_bytes([4u8; NODE_ADDRESS_LENGTH]), node2_pk, ); - let (node3_sk, node3_pk) = crypto::keygen(); + let (node3_sk, node3_pk) = keygen(); let node3 = Node::new( NodeAddressBytes::from_bytes([2u8; NODE_ADDRESS_LENGTH]), node3_pk, @@ -103,6 +103,7 @@ mod create_and_process_sphinx_packet { mod converting_sphinx_packet_to_and_from_bytes { use super::*; use sphinx_packet::route::{DestinationAddressBytes, NodeAddressBytes}; + use sphinx_packet::test_utils::fixtures::keygen; use sphinx_packet::{ constants::{ DESTINATION_ADDRESS_LENGTH, IDENTIFIER_LENGTH, NODE_ADDRESS_LENGTH, PAYLOAD_SIZE, @@ -114,17 +115,17 @@ mod converting_sphinx_packet_to_and_from_bytes { #[test] fn it_is_possible_to_do_the_conversion_without_data_loss() { - let (node1_sk, node1_pk) = crypto::keygen(); + let (node1_sk, node1_pk) = keygen(); let node1 = Node::new( NodeAddressBytes::from_bytes([5u8; NODE_ADDRESS_LENGTH]), node1_pk, ); - let (node2_sk, node2_pk) = crypto::keygen(); + let (node2_sk, node2_pk) = keygen(); let node2 = Node::new( NodeAddressBytes::from_bytes([4u8; NODE_ADDRESS_LENGTH]), node2_pk, ); - let (node3_sk, node3_pk) = crypto::keygen(); + let (node3_sk, node3_pk) = keygen(); let node3 = Node::new( NodeAddressBytes::from_bytes([2u8; NODE_ADDRESS_LENGTH]), node3_pk, @@ -184,17 +185,17 @@ mod converting_sphinx_packet_to_and_from_bytes { #[test] #[should_panic] fn it_panics_if_data_of_invalid_length_is_provided() { - let (_, node1_pk) = crypto::keygen(); + let (_, node1_pk) = keygen(); let node1 = Node::new( NodeAddressBytes::from_bytes([5u8; NODE_ADDRESS_LENGTH]), node1_pk, ); - let (_, node2_pk) = crypto::keygen(); + let (_, node2_pk) = keygen(); let node2 = Node::new( NodeAddressBytes::from_bytes([4u8; NODE_ADDRESS_LENGTH]), node2_pk, ); - let (_, node3_pk) = crypto::keygen(); + let (_, node3_pk) = keygen(); let node3 = Node::new( NodeAddressBytes::from_bytes([2u8; NODE_ADDRESS_LENGTH]), node3_pk, @@ -219,30 +220,30 @@ mod converting_sphinx_packet_to_and_from_bytes { #[cfg(test)] mod create_and_process_surb { use super::*; - use crypto::EphemeralSecret; use sphinx_packet::route::NodeAddressBytes; use sphinx_packet::surb::{SURBMaterial, SURB}; use sphinx_packet::{ constants::{NODE_ADDRESS_LENGTH, PAYLOAD_SIZE, SECURITY_PARAMETER}, packet::builder::DEFAULT_PAYLOAD_SIZE, - test_utils::fixtures::destination_fixture, + test_utils::fixtures::{destination_fixture, keygen}, ProcessedPacket, }; use std::time::Duration; + use x25519_dalek::StaticSecret; #[test] fn returns_the_correct_data_at_each_hop_for_route_of_3_mixnodes() { - let (node1_sk, node1_pk) = crypto::keygen(); + let (node1_sk, node1_pk) = keygen(); let node1 = Node { address: NodeAddressBytes::from_bytes([5u8; NODE_ADDRESS_LENGTH]), pub_key: node1_pk, }; - let (node2_sk, node2_pk) = crypto::keygen(); + let (node2_sk, node2_pk) = keygen(); let node2 = Node { address: NodeAddressBytes::from_bytes([4u8; NODE_ADDRESS_LENGTH]), pub_key: node2_pk, }; - let (node3_sk, node3_pk) = crypto::keygen(); + let (node3_sk, node3_pk) = keygen(); let node3 = Node { address: NodeAddressBytes::from_bytes([2u8; NODE_ADDRESS_LENGTH]), pub_key: node3_pk, @@ -250,7 +251,7 @@ mod create_and_process_surb { let surb_route = vec![node1, node2, node3]; let surb_destination = destination_fixture(); - let surb_initial_secret = EphemeralSecret::new(); + let surb_initial_secret = StaticSecret::random(); let surb_delays = delays::generate_from_average_duration(surb_route.len(), Duration::from_secs(3));