keyfork-entropy: split off from keyfork-plumbing, ensure_safe() always

This commit is contained in:
Ryan Heywood 2024-01-09 19:59:58 -05:00
parent 1b33e3cf0e
commit 44c6ebed06
Signed by: ryan
GPG Key ID: 8E401478A3FBEF72
9 changed files with 24 additions and 13 deletions

7
Cargo.lock generated
View File

@ -1053,8 +1053,8 @@ dependencies = [
"clap", "clap",
"keyfork-derive-openpgp", "keyfork-derive-openpgp",
"keyfork-derive-util", "keyfork-derive-util",
"keyfork-entropy",
"keyfork-mnemonic-util", "keyfork-mnemonic-util",
"keyfork-plumbing",
"keyfork-prompt", "keyfork-prompt",
"keyfork-shard", "keyfork-shard",
"keyforkd", "keyforkd",
@ -1113,6 +1113,10 @@ dependencies = [
"thiserror", "thiserror",
] ]
[[package]]
name = "keyfork-entropy"
version = "0.1.0"
[[package]] [[package]]
name = "keyfork-frame" name = "keyfork-frame"
version = "0.1.0" version = "0.1.0"
@ -1140,6 +1144,7 @@ dependencies = [
name = "keyfork-plumbing" name = "keyfork-plumbing"
version = "0.1.0" version = "0.1.0"
dependencies = [ dependencies = [
"keyfork-entropy",
"keyfork-mnemonic-util", "keyfork-mnemonic-util",
"smex", "smex",
] ]

View File

@ -3,6 +3,7 @@
resolver = "2" resolver = "2"
members = [ members = [
"keyfork", "keyfork",
"keyfork-entropy",
"keyfork-derive-key", "keyfork-derive-key",
"keyfork-derive-openpgp", "keyfork-derive-openpgp",
"keyfork-derive-path-data", "keyfork-derive-path-data",

View File

@ -0,0 +1,9 @@
[package]
name = "keyfork-entropy"
version = "0.1.0"
edition = "2021"
license = "MIT"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]

View File

@ -1,7 +1,4 @@
use std::{ use std::{fs::{read_dir, read_to_string, File}, io::Read};
fs::{read_dir, read_to_string},
io::Read,
};
static WARNING_LINKS: [&str; 1] = static WARNING_LINKS: [&str; 1] =
["https://lore.kernel.org/lkml/20211223141113.1240679-2-Jason@zx2c4.com/"]; ["https://lore.kernel.org/lkml/20211223141113.1240679-2-Jason@zx2c4.com/"];
@ -58,8 +55,9 @@ pub fn ensure_safe() {
} }
pub fn generate_entropy_of_size(byte_count: usize) -> Result<Vec<u8>, std::io::Error> { pub fn generate_entropy_of_size(byte_count: usize) -> Result<Vec<u8>, std::io::Error> {
ensure_safe();
let mut vec = vec![0u8; byte_count]; let mut vec = vec![0u8; byte_count];
let mut entropy_file = std::fs::File::open("/dev/urandom")?; let mut entropy_file = File::open("/dev/urandom")?;
entropy_file.read_exact(&mut vec[..])?; entropy_file.read_exact(&mut vec[..])?;
Ok(vec) Ok(vec)
} }

View File

@ -7,5 +7,6 @@ license = "AGPL-3.0-only"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies] [dependencies]
keyfork-entropy = { version = "0.1.0", path = "../keyfork-entropy" }
keyfork-mnemonic-util = { version = "0.1.0", path = "../keyfork-mnemonic-util" } keyfork-mnemonic-util = { version = "0.1.0", path = "../keyfork-mnemonic-util" }
smex = { version = "0.1.0", path = "../smex" } smex = { version = "0.1.0", path = "../smex" }

View File

@ -13,8 +13,7 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
"Maximum supported bit size is 256, got: {bit_size}" "Maximum supported bit size is 256, got: {bit_size}"
); );
keyfork_plumbing::ensure_safe(); let entropy = keyfork_entropy::generate_entropy_of_size(bit_size / 8)?;
let entropy = keyfork_plumbing::generate_entropy_of_size(bit_size / 8)?;
println!("{}", smex::encode(&entropy)); println!("{}", smex::encode(&entropy));
Ok(()) Ok(())

View File

@ -11,7 +11,6 @@ keyfork-mnemonic-util = { version = "0.1.0", path = "../keyfork-mnemonic-util" }
clap = { version = "4.4.2", features = ["derive", "env", "wrap_help"] } clap = { version = "4.4.2", features = ["derive", "env", "wrap_help"] }
thiserror = "1.0.48" thiserror = "1.0.48"
smex = { version = "0.1.0", path = "../smex" } smex = { version = "0.1.0", path = "../smex" }
keyfork-plumbing = { version = "0.1.0", path = "../keyfork-plumbing" }
keyfork-shard = { version = "0.1.0", path = "../keyfork-shard" } keyfork-shard = { version = "0.1.0", path = "../keyfork-shard" }
serde = { version = "1.0.192", features = ["derive"] } serde = { version = "1.0.192", features = ["derive"] }
keyforkd = { version = "0.1.0", path = "../keyforkd", features = ["tracing"] } keyforkd = { version = "0.1.0", path = "../keyforkd", features = ["tracing"] }
@ -23,3 +22,4 @@ card-backend-pcsc = "0.5.0"
openpgp-card-sequoia = "0.2.0" openpgp-card-sequoia = "0.2.0"
openpgp-card = "0.4.1" openpgp-card = "0.4.1"
keyfork-prompt = { version = "0.1.0", path = "../keyfork-prompt" } keyfork-prompt = { version = "0.1.0", path = "../keyfork-prompt" }
keyfork-entropy = { version = "0.1.0", path = "../keyfork-entropy" }

View File

@ -103,8 +103,7 @@ impl MnemonicSeedSource {
}; };
let seed = match self { let seed = match self {
MnemonicSeedSource::System => { MnemonicSeedSource::System => {
keyfork_plumbing::ensure_safe(); keyfork_entropy::generate_entropy_of_size(size / 8)?
keyfork_plumbing::generate_entropy_of_size(size / 8)?
} }
MnemonicSeedSource::Playing => todo!(), MnemonicSeedSource::Playing => todo!(),
MnemonicSeedSource::Tarot => todo!(), MnemonicSeedSource::Tarot => todo!(),

View File

@ -101,8 +101,7 @@ fn factory_reset_current_card(
} }
fn generate_shard_secret(threshold: u8, max: u8, keys_per_shard: u8) -> Result<()> { fn generate_shard_secret(threshold: u8, max: u8, keys_per_shard: u8) -> Result<()> {
keyfork_plumbing::ensure_safe(); let seed = keyfork_entropy::generate_entropy_of_size(256 / 8)?;
let seed = keyfork_plumbing::generate_entropy_of_size(256 / 8)?;
let mut pm = PromptManager::new(std::io::stdin(), std::io::stderr())?; let mut pm = PromptManager::new(std::io::stdin(), std::io::stderr())?;
let mut certs = vec![]; let mut certs = vec![];
let mut seen_cards: HashSet<String> = HashSet::new(); let mut seen_cards: HashSet<String> = HashSet::new();