From 0f96a6f4661f0d87bd9149a88846db9674360291 Mon Sep 17 00:00:00 2001 From: Or Ricon Date: Thu, 7 Nov 2024 14:57:04 -0500 Subject: [PATCH] feat(BOUN-1236): implement secret tracking (#2433) This change adds a `Tracker` implementation for the client of the canister. This allows one to instantiate a tracker that will follow the current secret value from the canister, as well as participate in leader duties for secret generation (i.e if you as a client have been chosen as a leader, you will be required to generate the salt and encrypt it for other peers). --- Cargo.lock | 360 +++++++++--------- .../anonymization/client/src/lib.rs | 183 ++++++++- 2 files changed, 361 insertions(+), 182 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index f0fb41310d9..7053f0375a5 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -96,7 +96,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e01ed3140b2f8d422c68afa1ed2e85d996ea619c988ac834d255db32138655cb" dependencies = [ "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -214,7 +214,7 @@ dependencies = [ "actix-router", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -398,9 +398,9 @@ dependencies = [ [[package]] name = "anstream" -version = "0.6.15" +version = "0.6.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "64e15c1ab1f89faffbf04a634d5e1962e9074f2741eef6d97f3c4e322426d526" +checksum = "23a1e53f0f5d86382dafe1cf314783b2044280f406e7e1506368220ad11b1338" dependencies = [ "anstyle", "anstyle-parse", @@ -413,36 +413,36 @@ dependencies = [ [[package]] name = "anstyle" -version = "1.0.8" +version = "1.0.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1bec1de6f59aedf83baf9ff929c98f2ad654b97c9510f4e70cf6f661d49fd5b1" +checksum = "8365de52b16c035ff4fcafe0092ba9390540e3e352870ac09933bebcaa2c8c56" [[package]] name = "anstyle-parse" -version = "0.2.5" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb47de1e80c2b463c735db5b217a0ddc39d612e7ac9e2e96a5aed1f57616c1cb" +checksum = "3b2d16507662817a6a20a9ea92df6652ee4f94f914589377d69f3b21bc5798a9" dependencies = [ "utf8parse", ] [[package]] name = "anstyle-query" -version = "1.1.1" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6d36fc52c7f6c869915e99412912f22093507da8d9e942ceaf66fe4b7c14422a" +checksum = "79947af37f4177cfead1110013d678905c37501914fba0efea834c3fe9a8d60c" dependencies = [ - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] name = "anstyle-wincon" -version = "3.0.4" +version = "3.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5bf74e1b6e971609db8ca7a9ce79fd5768ab6ae46441c572e46cf596f59e57f8" +checksum = "2109dbce0e72be3ec00bed26e6a7479ca384ad226efdd66db8fa2e3a38c83125" dependencies = [ "anstyle", - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] @@ -515,7 +515,7 @@ dependencies = [ "proc-macro2", "quote", "serde", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -557,7 +557,7 @@ checksum = "965c2d33e53cb6b267e148a4cb0760bc01f4904c1cd4bb4002a085bb016d1490" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", "synstructure", ] @@ -569,7 +569,7 @@ checksum = "7b18050c2cd6fe86c3a76584ef5e0baf286d038cda203eb6223df2cc413565f7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -694,7 +694,7 @@ checksum = "3b43422f69d8ff38f95f1b2bb76517c91589a924d1559a0e935d7c8ce0274c11" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -737,7 +737,7 @@ checksum = "c7c24de15d275a1ecfd47a380fb4d5ec9bfe0933f309ed5e705b775596a3574d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -754,7 +754,7 @@ checksum = "721cae7de5c34fbb2acd27e21e6d2cf7b886dce0c27388d46c4e6c47ea4318dd" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -800,7 +800,7 @@ checksum = "3c87f3f15e7794432337fc718554eaa4dc8f04c9677a950ffe366f20a162ae42" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -1099,7 +1099,7 @@ dependencies = [ "regex", "rustc-hash 1.1.0", "shlex", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -1369,7 +1369,7 @@ dependencies = [ "proc-macro-crate", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", "syn_derive", ] @@ -1737,7 +1737,7 @@ dependencies = [ "lazy_static", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -2155,7 +2155,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -2257,9 +2257,9 @@ dependencies = [ [[package]] name = "colorchoice" -version = "1.0.2" +version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3fd119d74b830634cea2a0f58bbd0d54540518a14397557951e79340abc28c0" +checksum = "5b63caa9aa9397e2d9480a9b13673856c78d8ac123288526c37d7839f2a86990" [[package]] name = "colored" @@ -2617,18 +2617,18 @@ dependencies = [ [[package]] name = "cranelift-bforest" -version = "0.113.0" +version = "0.113.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ea5e7afe85cadb55c4c1176268a2ac046fdff8dfaeca39e18581b9dc319ca9e" +checksum = "540b193ff98b825a1f250a75b3118911af918a734154c69d80bcfcf91e7e9522" dependencies = [ "cranelift-entity", ] [[package]] name = "cranelift-bitset" -version = "0.113.0" +version = "0.113.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ab25ef3be935a80680e393183e1f94ef507e93a24a8369494d2c6818aedb3e3" +checksum = "c7cb269598b9557ab942d687d3c1086d77c4b50dcf35813f3a65ba306fd42279" dependencies = [ "serde", "serde_derive", @@ -2636,9 +2636,9 @@ dependencies = [ [[package]] name = "cranelift-codegen" -version = "0.113.0" +version = "0.113.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "900a19b84545924f1851cbfe386962edfc4ecbc3366a254825cf1ecbcda8ba08" +checksum = "46566d7c83a8bff4150748d66020f4c7224091952aa4b4df1ec4959c39d937a1" dependencies = [ "bumpalo", "cranelift-bforest", @@ -2659,33 +2659,33 @@ dependencies = [ [[package]] name = "cranelift-codegen-meta" -version = "0.113.0" +version = "0.113.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08c73b2395ffe9e7b4fdf7e2ebc052e7e27af13f68a964985346be4da477a5fc" +checksum = "2df8a86a34236cc75a8a6a271973da779c2aeb36c43b6e14da474cf931317082" dependencies = [ "cranelift-codegen-shared", ] [[package]] name = "cranelift-codegen-shared" -version = "0.113.0" +version = "0.113.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7d9ed0854e96a4ff0879bff39d078de8dea7f002721c9494c1fdb4e1baa86ccc" +checksum = "cf75340b6a57b7c7c1b74f10d3d90883ee6d43a554be8131a4046c2ebcf5eb65" [[package]] name = "cranelift-control" -version = "0.113.0" +version = "0.113.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4aca921dd422e781409de0129c255768fec5dec1dae83239b497fb9138abb89" +checksum = "2e84495bc5d23d86aad8c86f8ade4af765b94882af60d60e271d3153942f1978" dependencies = [ "arbitrary", ] [[package]] name = "cranelift-entity" -version = "0.113.0" +version = "0.113.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2d770e6605eccee15b49decdd82cd26f2b6404767802471459ea49c57379a98" +checksum = "963c17147b80df351965e57c04d20dbedc85bcaf44c3436780a59a3f1ff1b1c2" dependencies = [ "cranelift-bitset", "serde", @@ -2694,9 +2694,9 @@ dependencies = [ [[package]] name = "cranelift-frontend" -version = "0.113.0" +version = "0.113.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "29268711cb889cb39215b10faf88b9087d4c9e1d2633581e4f722a2bf4bb4ef9" +checksum = "727f02acbc4b4cb2ba38a6637101d579db50190df1dd05168c68e762851a3dd5" dependencies = [ "cranelift-codegen", "log", @@ -2706,15 +2706,15 @@ dependencies = [ [[package]] name = "cranelift-isle" -version = "0.113.0" +version = "0.113.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc65156f010aed1985767ad1bff0eb8d186743b7b03e23d0c17604a253e3f356" +checksum = "32b00cc2e03c748f2531eea01c871f502b909d30295fdcad43aec7bf5c5b4667" [[package]] name = "cranelift-native" -version = "0.113.0" +version = "0.113.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d8bf9b361eaf5a7627647270fabf1dc910d993edbeaf272a652c107861ebe9c2" +checksum = "bbeaf978dc7c1a2de8bbb9162510ed218eb156697bc45590b8fbdd69bb08e8de" dependencies = [ "cranelift-codegen", "libc", @@ -2906,7 +2906,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "13b588ba4ac1a99f7f2964d24b3d896ddc6bf847ee3855dbd4366f058cfcd331" dependencies = [ "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -2966,7 +2966,7 @@ checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -3103,7 +3103,7 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.11.1", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -3136,7 +3136,7 @@ checksum = "d336a2a514f6ccccaa3e09b02d41d35330c07ddf03a62165fcec10bb561c7806" dependencies = [ "darling_core 0.20.10", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -3229,7 +3229,7 @@ checksum = "8034092389675178f570469e6c3b0465d3d30b4505c294a6550db47f3c17ad18" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -3250,7 +3250,7 @@ checksum = "d150dea618e920167e5973d70ae6ece4385b7164e0d799fe7c122dd0a5d912ad" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -3261,7 +3261,7 @@ checksum = "67e77553c4162a157adbf834ebae5b415acbecbeafc7a74b0e886657506a7611" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -3274,7 +3274,7 @@ dependencies = [ "proc-macro2", "quote", "rustc_version", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -3294,7 +3294,7 @@ checksum = "cb7330aeadfbe296029522e6c40f315320aba36fc43a5b3632f3795348f3bd22" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -3501,7 +3501,7 @@ checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -3712,9 +3712,9 @@ checksum = "a357d28ed41a50f9c765dbfe56cbc04a64e53e5fc58ba79fbc34c10ef3df831f" [[package]] name = "encoding_rs" -version = "0.8.34" +version = "0.8.35" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b45de904aa0b010bce2ab45264d0631681847fa7b6f2eaa7dab7619943bc4f59" +checksum = "75030f3c4f45dafd7586dd6780965a8c7e8e285a5ecb86713e63a79c5b2766f3" dependencies = [ "cfg-if 1.0.0", ] @@ -3740,7 +3740,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -3753,7 +3753,7 @@ dependencies = [ "num-traits", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -4343,7 +4343,7 @@ checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -4353,7 +4353,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a8f2f12607f92c69b12ed746fabf9ca4f5c482cba46679c1a75b874ed7c26adb" dependencies = [ "futures-io", - "rustls 0.23.15", + "rustls 0.23.16", "rustls-pki-types", ] @@ -4976,7 +4976,7 @@ dependencies = [ "clap 4.5.20", "hyper 1.5.0", "hyper-util", - "rustls 0.23.15", + "rustls 0.23.16", "rustls-pemfile 2.2.0", "serde_json", "tokio", @@ -5105,7 +5105,7 @@ dependencies = [ "hyper 1.5.0", "hyper-util", "log", - "rustls 0.23.15", + "rustls 0.23.16", "rustls-native-certs 0.8.0", "rustls-pki-types", "tokio", @@ -5579,7 +5579,7 @@ dependencies = [ "rand 0.8.5", "rcgen", "reqwest 0.12.8", - "rustls 0.23.15", + "rustls 0.23.16", "rustls-acme", "rustls-pemfile 2.2.0", "serde_json", @@ -5658,7 +5658,7 @@ dependencies = [ "rcgen", "regex", "reqwest 0.12.8", - "rustls 0.23.15", + "rustls 0.23.16", "rustls-pemfile 2.2.0", "serde", "serde_bytes", @@ -5992,7 +5992,7 @@ dependencies = [ "prost 0.13.3", "rand 0.8.5", "rand_chacha 0.3.1", - "rustls 0.23.15", + "rustls 0.23.16", "serde", "serde_cbor", "tokio", @@ -6314,7 +6314,7 @@ dependencies = [ "quote", "serde", "serde_tokenstream 0.2.2", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -6328,7 +6328,7 @@ dependencies = [ "quote", "serde", "serde_tokenstream 0.2.2", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -6872,7 +6872,7 @@ dependencies = [ "rand 0.8.5", "rand_chacha 0.3.1", "rsa", - "rustls 0.23.15", + "rustls 0.23.16", "serde", "sha2 0.10.8", "simple_asn1", @@ -7629,7 +7629,7 @@ dependencies = [ "ic-types-test-utils", "rand 0.8.5", "rand_chacha 0.3.1", - "rustls 0.23.15", + "rustls 0.23.16", "tempfile", "tokio", ] @@ -7829,7 +7829,7 @@ dependencies = [ "ic-types", "pkcs8", "rand 0.8.5", - "rustls 0.23.15", + "rustls 0.23.16", "signature", "time", "tokio", @@ -7865,7 +7865,7 @@ dependencies = [ "ic-types", "json5", "maplit", - "rustls 0.23.15", + "rustls 0.23.16", "serde", "thiserror", "x509-parser", @@ -7878,7 +7878,7 @@ dependencies = [ "ic-base-types", "ic-crypto-tls-interfaces", "mockall 0.13.0", - "rustls 0.23.15", + "rustls 0.23.16", ] [[package]] @@ -8390,7 +8390,7 @@ dependencies = [ "rand 0.8.5", "reqwest 0.12.8", "rstest", - "rustls 0.23.15", + "rustls 0.23.16", "serde", "serde_bytes", "serde_cbor", @@ -8510,7 +8510,7 @@ dependencies = [ "prometheus", "rand 0.8.5", "rstest", - "rustls 0.23.15", + "rustls 0.23.16", "rustls-pemfile 2.2.0", "serde", "serde_json", @@ -10647,7 +10647,7 @@ dependencies = [ "quinn", "quinn-udp", "rcgen", - "rustls 0.23.15", + "rustls 0.23.16", "serde", "slog", "tempfile", @@ -10810,7 +10810,7 @@ dependencies = [ "prost 0.13.3", "quinn", "rstest", - "rustls 0.23.15", + "rustls 0.23.16", "slog", "socket2 0.5.7", "thiserror", @@ -14048,7 +14048,7 @@ checksum = "1ec89e9337638ecdc08744df490b221a7399bf8d164eb52a665454e60e075ad6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -14256,9 +14256,9 @@ dependencies = [ [[package]] name = "insta" -version = "1.40.0" +version = "1.41.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6593a41c7a73841868772495db7dc1e8ecab43bb5c0b6da2059246c4b506ab60" +checksum = "a1f72d3e19488cf7d8ea52d2fc0f8754fc933398b337cd3cbdb28aaeb35159ef" dependencies = [ "console 0.15.8", "lazy_static", @@ -14277,12 +14277,12 @@ dependencies = [ [[package]] name = "instant-acme" -version = "0.7.1" +version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "71bc444149bab1b339ba7e92e81d7615227feba7fd635b8551a3a170021598d0" +checksum = "37221e690dcc5d0ea7c1f70decda6ae3495e72e8af06bca15e982193ffdf4fc4" dependencies = [ "async-trait", - "base64 0.21.7", + "base64 0.22.1", "bytes", "http 1.1.0", "http-body 1.0.1", @@ -14549,7 +14549,7 @@ dependencies = [ "k8s-openapi", "kube-core", "pem 3.0.4", - "rustls 0.23.15", + "rustls 0.23.16", "rustls-pemfile 2.2.0", "secrecy", "serde", @@ -14849,9 +14849,9 @@ dependencies = [ [[package]] name = "libm" -version = "0.2.8" +version = "0.2.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4ec2a862134d2a7d32d7983ddcdd1c4923530833c9f2ea1a44fc5fa473989058" +checksum = "a00419de735aac21d53b0de5ce2c03bd3627277cf471300f27ebc89f7d828047" [[package]] name = "libnss" @@ -15076,7 +15076,7 @@ dependencies = [ "proc-macro2", "quote", "regex-syntax 0.6.29", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -15463,7 +15463,7 @@ dependencies = [ "cfg-if 1.0.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -15475,7 +15475,7 @@ dependencies = [ "cfg-if 1.0.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -15974,7 +15974,7 @@ dependencies = [ "proc-macro-crate", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -16606,7 +16606,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -16710,7 +16710,7 @@ dependencies = [ "phf_shared 0.11.2", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -16739,29 +16739,29 @@ checksum = "5be167a7af36ee22fe3115051bc51f6e6c7054c9348e28deb4f49bd6f705a315" [[package]] name = "pin-project" -version = "1.1.6" +version = "1.1.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "baf123a161dde1e524adf36f90bc5d8d3462824a9c43553ad07a8183161189ec" +checksum = "be57f64e946e500c8ee36ef6331845d40a93055567ec57e8fae13efd33759b95" dependencies = [ "pin-project-internal", ] [[package]] name = "pin-project-internal" -version = "1.1.6" +version = "1.1.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4502d8515ca9f32f1fb543d987f63d95a14934883db45bdb48060b6b69257f8" +checksum = "3c0f5fad0874fc7abcd4d750e76917eaebbecaa2c20bde22e1dbeeba8beb758c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] name = "pin-project-lite" -version = "0.2.14" +version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bda66fc9667c18cb2758a2ac84d1167245054bcf85d5d1aaa6923f45801bdd02" +checksum = "915a1e146535de9163f3987b8944ed8cf49a18bb0056bcebcdcece385cece4ff" [[package]] name = "pin-utils" @@ -17159,12 +17159,12 @@ dependencies = [ [[package]] name = "prettyplease" -version = "0.2.24" +version = "0.2.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "910d41a655dac3b764f1ade94821093d3610248694320cd072303a8eedcf221d" +checksum = "64d1ec885c64d0457d564db4ec299b2dae3f9c02808b8ad9c3a089c591b18033" dependencies = [ "proc-macro2", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -17343,7 +17343,7 @@ checksum = "6ff7ff745a347b87471d859a377a9a404361e7efc2a971d73424a6d183c0fc77" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -17383,7 +17383,7 @@ dependencies = [ "prost 0.12.6", "prost-types 0.12.6", "regex", - "syn 2.0.82", + "syn 2.0.85", "tempfile", ] @@ -17404,7 +17404,7 @@ dependencies = [ "prost 0.13.3", "prost-types 0.13.3", "regex", - "syn 2.0.82", + "syn 2.0.85", "tempfile", ] @@ -17418,7 +17418,7 @@ dependencies = [ "itertools 0.12.1", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -17431,7 +17431,7 @@ dependencies = [ "itertools 0.13.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -17516,9 +17516,9 @@ dependencies = [ [[package]] name = "pulley-interpreter" -version = "26.0.0" +version = "26.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d68c610ff29655a42eeef41a5b5346e714586971a7d927739477e552fe7e23e3" +checksum = "df33e7f8a43ccc7f93b330fef4baf271764674926f3f4d40f4a196d54de8af26" dependencies = [ "cranelift-bitset", "log", @@ -17577,7 +17577,7 @@ dependencies = [ "quinn-proto", "quinn-udp", "rustc-hash 2.0.0", - "rustls 0.23.15", + "rustls 0.23.16", "socket2 0.5.7", "thiserror", "tokio", @@ -17594,7 +17594,7 @@ dependencies = [ "rand 0.8.5", "ring 0.17.8", "rustc-hash 2.0.0", - "rustls 0.23.15", + "rustls 0.23.16", "slab", "thiserror", "tinyvec", @@ -17976,9 +17976,9 @@ dependencies = [ [[package]] name = "regex" -version = "1.11.0" +version = "1.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38200e5ee88914975b69f657f0801b6f6dccafd44fd9326302a4aaeecfacb1d8" +checksum = "b544ef1b4eac5dc2db33ea63606ae9ffcfac26c1416a2806ae0bf5f56b201191" dependencies = [ "aho-corasick", "memchr", @@ -18211,7 +18211,7 @@ dependencies = [ "percent-encoding", "pin-project-lite", "quinn", - "rustls 0.23.15", + "rustls 0.23.16", "rustls-native-certs 0.8.0", "rustls-pemfile 2.2.0", "rustls-pki-types", @@ -18466,7 +18466,7 @@ dependencies = [ "regex", "relative-path", "rustc_version", - "syn 2.0.82", + "syn 2.0.85", "unicode-ident", ] @@ -18589,9 +18589,9 @@ dependencies = [ [[package]] name = "rustix" -version = "0.38.37" +version = "0.38.38" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8acb788b847c24f28525660c4d7758620a7210875711f79e7f663cc152726811" +checksum = "aa260229e6538e52293eeb577aabd09945a09d6d9cc0fc550ed7529056c2e32a" dependencies = [ "bitflags 2.6.0", "errno 0.3.9", @@ -18628,9 +18628,9 @@ dependencies = [ [[package]] name = "rustls" -version = "0.23.15" +version = "0.23.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5fbb44d7acc4e873d613422379f69f237a1b141928c02f6bc6ccfddddc2d7993" +checksum = "eee87ff5d9b36712a58574e12e9f0ea80f915a5b0ac518d322b24a465617925e" dependencies = [ "brotli 7.0.0", "brotli-decompressor", @@ -18775,9 +18775,9 @@ dependencies = [ [[package]] name = "scale-info" -version = "2.11.4" +version = "2.11.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22760a375f81a31817aeaf6f5081e9ccb7ffd7f2da1809a6e3fc82b6656f10d5" +checksum = "1aa7ffc1c0ef49b0452c6e2986abf2b07743320641ffd5fc63d552458e3b779b" dependencies = [ "cfg-if 1.0.0", "derive_more 1.0.0", @@ -18787,14 +18787,14 @@ dependencies = [ [[package]] name = "scale-info-derive" -version = "2.11.4" +version = "2.11.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abc61ebe25a5c410c0e245028fc9934bf8fa4817199ef5a24a68092edfd34614" +checksum = "46385cc24172cf615450267463f937c10072516359b3ff1cb24228a4a08bf951" dependencies = [ "proc-macro-crate", "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.85", ] [[package]] @@ -18828,7 +18828,7 @@ dependencies = [ "proc-macro2", "quote", "serde_derive_internals", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -19101,7 +19101,7 @@ checksum = "de523f781f095e28fa605cdce0f8307e451cc0fd14e2eb4cd2e98a355b147766" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -19112,7 +19112,7 @@ checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -19168,7 +19168,7 @@ checksum = "6c64451ba24fc7a6a2d60fc75dd9c83c90903b19028d4eff35e88fc1e86564e9" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -19191,7 +19191,7 @@ dependencies = [ "proc-macro2", "quote", "serde", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -19253,7 +19253,7 @@ dependencies = [ "darling 0.20.10", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -19795,7 +19795,7 @@ dependencies = [ "proc-macro2", "quote", "structmeta-derive 0.2.0", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -19807,7 +19807,7 @@ dependencies = [ "proc-macro2", "quote", "structmeta-derive 0.3.0", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -19818,7 +19818,7 @@ checksum = "a60bcaff7397072dca0017d1db428e30d5002e00b6847703e2e42005c95fbe00" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -19829,7 +19829,7 @@ checksum = "152a0b65a590ff6c3da95cabe2353ee04e6167c896b28e3b14478c2636c922fc" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -19851,7 +19851,7 @@ dependencies = [ "proc-macro2", "quote", "rustversion", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -19912,9 +19912,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.82" +version = "2.0.85" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "83540f837a8afc019423a8edb95b52a8effe46957ee402287f4292fae35be021" +checksum = "5023162dfcd14ef8f32034d8bcd4cc5ddc61ef7a247c024a33e24e1f24d21b56" dependencies = [ "proc-macro2", "quote", @@ -19930,7 +19930,7 @@ dependencies = [ "proc-macro-error", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -19978,7 +19978,7 @@ checksum = "c8af7666ab7b6390ab78131fb5b0fce11d6b7a6951602017c35fa82800708971" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -20188,7 +20188,7 @@ dependencies = [ "proc-macro2", "quote", "structmeta 0.2.0", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -20200,7 +20200,7 @@ dependencies = [ "proc-macro2", "quote", "structmeta 0.3.0", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -20445,7 +20445,7 @@ checksum = "ae71770322cbd277e69d762a16c444af02aa0575ac0d174f0b9562d3b37f8602" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -20620,7 +20620,7 @@ checksum = "8d9ef545650e79f30233c0003bcc2504d7efac6dad25fca40744de773fe2049c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -20659,7 +20659,7 @@ checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -20701,7 +20701,7 @@ version = "0.26.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0c7bc40d0e5a97695bb96e27995cd3a08538541b0a846f65bba7a359f36700d4" dependencies = [ - "rustls 0.23.15", + "rustls 0.23.16", "rustls-pki-types", "tokio", ] @@ -20845,7 +20845,7 @@ dependencies = [ "prost-build 0.13.3", "prost-types 0.13.3", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -21016,7 +21016,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -21627,7 +21627,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", "wasm-bindgen-shared", ] @@ -21661,7 +21661,7 @@ checksum = "26c6ab57572f7a24a4985830b120de1594465e5d500f24afe89e16b4e833ef68" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -21712,9 +21712,9 @@ dependencies = [ [[package]] name = "wasm-streams" -version = "0.4.1" +version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e072d4e72f700fb3443d8fe94a39315df013eef1104903cdb0a2abd322bbecd" +checksum = "15053d8d85c7eccdbefef60f06769760a563c7f0a9d6902a13d35c7800b0ad65" dependencies = [ "futures-util", "js-sys", @@ -21799,9 +21799,9 @@ dependencies = [ [[package]] name = "wasmtime" -version = "26.0.0" +version = "26.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5ffa3230b9ba1ab6568d116df21bf4ca55ed2bfac87723d910471d30d9656ea1" +checksum = "51e762e163fd305770c6c341df3290f0cabb3c264e7952943018e9a1ced8d917" dependencies = [ "anyhow", "bitflags 2.6.0", @@ -21841,23 +21841,23 @@ dependencies = [ [[package]] name = "wasmtime-asm-macros" -version = "26.0.0" +version = "26.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ef15fad08bbaa0e5c5539b76fa5965ca25e24f17a584f83a40b43ba9a2b36f44" +checksum = "63caa7aebb546374e26257a1900fb93579171e7c02514cde26805b9ece3ef812" dependencies = [ "cfg-if 1.0.0", ] [[package]] name = "wasmtime-component-macro" -version = "26.0.0" +version = "26.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "23fb4e179f424260d0739c09d3bc83d34347a55d291d10dcb5244686a75c7733" +checksum = "d61a4b5ce2ad9c15655e830f0eac0c38b8def30c74ecac71f452d3901e491b68" dependencies = [ "anyhow", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", "wasmtime-component-util", "wasmtime-wit-bindgen", "wit-parser", @@ -21865,15 +21865,15 @@ dependencies = [ [[package]] name = "wasmtime-component-util" -version = "26.0.0" +version = "26.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cfe3c27d64af5f584014db9381c081223d27a57e1dce2f6280bbafea37575619" +checksum = "35e87a1212270dbb84a49af13d82594e00a92769d6952b0ea7fc4366c949f6ad" [[package]] name = "wasmtime-cranelift" -version = "26.0.0" +version = "26.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb56d9ee4a093509624bd0861888cd111f6530e16969a68bb12dc7dd7a2be27f" +checksum = "7cb40dddf38c6a5eefd5ce7c1baf43b00fe44eada11a319fab22e993a960262f" dependencies = [ "anyhow", "cfg-if 1.0.0", @@ -21896,9 +21896,9 @@ dependencies = [ [[package]] name = "wasmtime-environ" -version = "26.0.0" +version = "26.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f3444c1759d5b906ff76a3cab073dd92135bdd06e5d1f46635ec40a58207d314" +checksum = "8613075e89e94a48c05862243c2b718eef1b9c337f51493ebf951e149a10fa19" dependencies = [ "anyhow", "cranelift-bitset", @@ -21919,9 +21919,9 @@ dependencies = [ [[package]] name = "wasmtime-jit-icache-coherence" -version = "26.0.0" +version = "26.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6e458e6a1a010a53f86ac8d75837c0c6b2ce3e54b7503b2f1dc5629a4a541f5a" +checksum = "da47fba49af72581bc0dc67c8faaf5ee550e6f106e285122a184a675193701a5" dependencies = [ "anyhow", "cfg-if 1.0.0", @@ -21931,26 +21931,26 @@ dependencies = [ [[package]] name = "wasmtime-slab" -version = "26.0.0" +version = "26.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "339c9a2a62b989a3184baff31be3a5b5256ad52629634eb432f9ccf0ab251f83" +checksum = "770e10cdefb15f2b6304152978e115bd062753c1ebe7221c0b6b104fa0419ff6" [[package]] name = "wasmtime-versioned-export-macros" -version = "26.0.0" +version = "26.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abe01058e422966659e1af00af833147d54658b07c7e74606d73ca9af3f1690a" +checksum = "db8efb877c9e5e67239d4553bb44dd2a34ae5cfb728f3cf2c5e64439c6ca6ee7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] name = "wasmtime-wit-bindgen" -version = "26.0.0" +version = "26.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c9e85935a1199e96b73e7fcd27a127035d2082265720a67d59268a24892d567" +checksum = "4bef2a726fd8d1ee9b0144655e16c492dc32eb4c7c9f7e3309fcffe637870933" dependencies = [ "anyhow", "heck 0.5.0", @@ -22492,7 +22492,7 @@ checksum = "28cc31741b18cb6f1d5ff12f5b7523e3d6eb0852bbbad19d73905511d9849b95" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", "synstructure", ] @@ -22514,7 +22514,7 @@ checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -22534,7 +22534,7 @@ checksum = "0ea7b4a3637ea8669cedf0f1fd5c286a17f3de97b8dd5a70a6c167a1730e63a5" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", "synstructure", ] @@ -22555,7 +22555,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -22577,7 +22577,7 @@ checksum = "6eafa6dfb17584ea3e2bd6e76e0cc15ad7af12b09abdd1ca55961bed9b1063c6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] diff --git a/rs/boundary_node/anonymization/client/src/lib.rs b/rs/boundary_node/anonymization/client/src/lib.rs index 1fb6d704559..9617ef40090 100644 --- a/rs/boundary_node/anonymization/client/src/lib.rs +++ b/rs/boundary_node/anonymization/client/src/lib.rs @@ -1,10 +1,18 @@ -use std::time::SystemTime; +use std::{sync::Arc, time::SystemTime}; use anonymization_interface::{self as ifc}; -use anyhow::{anyhow, Context}; +use anyhow::{anyhow, Context, Error}; use async_trait::async_trait; use candid::{Decode, Encode, Principal}; use ic_canister_client::Agent; +use rsa::{ + pkcs1::{DecodeRsaPublicKey, EncodeRsaPublicKey}, + rand_core::CryptoRngCore, + Pkcs1v15Encrypt, RsaPrivateKey, RsaPublicKey, +}; + +const SALT_SIZE: usize = 64; +const RSA_KEY_SIZE: usize = 2048; #[derive(Debug, thiserror::Error)] pub enum RegisterError { @@ -256,3 +264,174 @@ impl Submit for Canister { } } } + +// Canister methods + +pub struct CanisterMethods { + /// register method tied to canister + register: Arc, + + /// query method tied to canister + query: Arc, + + /// submit method tied to canister + submit: Arc, +} + +impl From for CanisterMethods { + fn from(value: Canister) -> Self { + Self { + register: Arc::new(value.clone()), + query: Arc::new(value.clone()), + submit: Arc::new(value.clone()), + } + } +} + +// Client + +#[async_trait] +pub trait Track: Sync + Send { + async fn track(&mut self, cb: impl Fn(Vec) + Send + Sync) -> Result<(), Error>; +} + +pub struct Tracker { + /// rng for generating a salt when needed + rng: Box, + + /// canister client for salt sharing + canister: CanisterMethods, + + /// Ephemeral private key for identifying client + pkey: RsaPrivateKey, + + /// Current value of the salt + cur: Option>, +} + +impl Tracker { + pub fn new( + mut rng: Box, + canister: CanisterMethods, + ) -> Result { + // Generate private key + let pkey = RsaPrivateKey::new(&mut rng, RSA_KEY_SIZE) + .context("failed to generate rsa private key")?; + + Ok(Self { + rng, + canister, + pkey, + cur: None, + }) + } + + fn vec_pubkey(&self) -> Vec { + self.pkey + .to_public_key() + .to_pkcs1_der() + .expect("failed to encode public-key") + .to_vec() + } +} + +#[async_trait] +impl Track for Tracker { + async fn track(&mut self, cb: impl Fn(Vec) + Send + Sync) -> Result<(), Error> { + // Register public-key + loop { + if self + .canister + .register + .register(&self.vec_pubkey()) + .await + .is_ok() + { + break; + } + } + + loop { + match self.canister.query.query().await { + // Ok means we got a new salt value + Ok(ct) => { + // Decrypt salt + let salt = match self.pkey.decrypt( + Pkcs1v15Encrypt, // padding + &ct, // ciphertext + ) { + Ok(v) => v, + + // Retry on failure + Err(_) => continue, + }; + + // Set value + self.cur = Some(salt.to_owned()); + + // Trigger callback + cb(salt); + } + + // Leader means we're being asked to generate a salt + // and encrypt it for others + Err(QueryError::LeaderDuty(mode, pairs)) => { + let salt = match mode { + // Generate salt + LeaderMode::Bootstrap => { + let mut salt = vec![0u8; SALT_SIZE]; + self.rng.fill_bytes(&mut salt); + salt + } + + LeaderMode::Refresh => { + match &self.cur { + // Re-use existing salt + Some(salt) => salt.to_owned(), + + // Do nothing + None => continue, + } + } + }; + + // Encrypt salt for each principal + let mut out = vec![]; + + for Pair(p, pk) in pairs { + // Parse public-key + let pubkey = match RsaPublicKey::from_pkcs1_der(&pk) { + Ok(v) => v, + + // Skip invalid keys + Err(_) => continue, + }; + + // Encrypt salt for principal + let ct = match pubkey.encrypt( + &mut self.rng, // rng + Pkcs1v15Encrypt, // padding + &salt, // msg + ) { + Ok(v) => v, + + // Skip on failure + Err(_) => continue, + }; + + // Append to result + out.push(Pair( + p, // principal + ct, // ciphertext + )); + } + + // Submit encrypted salt values + let _ = self.canister.submit.submit(&out).await; + } + + Err(_) => continue, + } + } + } +}