Merge pull request #252 from klever-io/fix/rand-unsound-with-a-custom-logger

Fix/rand unsound with a custom logger

Author: klever-patrick

Cargo.lock

@@ -46,52 +46,46 @@ edition = "2021"
 homepage = "https://klever.org/"
 license = "Apache-2.0"
 repository = "https://github.com/klever-io/kos-rs"
-rust-version = "1.74.0"
+rust-version = "1.85.0"
 version = "0.3.0"
 
 [workspace.dependencies]
 bech32 = "0.9.1"
-sha2 = { version = "0.10" }
-sha3 = { version = "0.10" }
+sha2 = { version = "0.11.0" }
+sha3 = { version = "0.11.0" }
 hmac = { version = "0.12" }
 secp256k1 = { version = "0.27", features = [
     "recovery",
     "rand",
     "bitcoin_hashes",
 ] }
 ed25519-dalek = { version = "2" }
-coins-bip32 = { version = "0.8", default-features = false }
-coins-bip39 = { version = "0.8", default-features = false, features = [
+coins-bip32 = { version = "0.13.0", default-features = false }
+coins-bip39 = { version = "0.13.0", default-features = false, features = [
     "english",
 ] }
 bytes = { version = "1.11.1", default-features = false }
 hex = { version = "0.4.3", default-features = false }
-rand = "0.8"
-
+rand = "0.10.1"
 prost = "0.11"
 prost-types = "0.11"
-
-
 lazy_static = "1.4.0"
-
-
 reqwest = { version = "0.12", default-features = false, features = [
     "rustls-tls",
     "blocking",
     "json",
 ] }
 wasm-bindgen = "0.2"
-uniffi = { version = "0.28.1" }
+uniffi = { version = "0.31.1" }
 enum_delegate = "0.2"
 serde = { version = "1.0", default-features = false }
 serde_json = "1.0"
-thiserror = "1.0"
+thiserror = "2.0.18"
 kos-mobile = { version = "0.3.0", path = "./packages/kos-mobile", default-features = false }
 ecies = { version = "0.2.7", default-features = false, features = ["pure"] }
 kos = { version = "0.3.0", path = "./packages/kos", default-features = false, features = ["not-ksafe"] }
 
 # lightning
-lwk_common = "0.9.0"
-lwk_signer = "0.9.0"
-# lwk_wollet = { git = "https://github.com/breez/lwk", branch = "breez-sdk-liquid-0.6.3" }
-lwk_wollet = "0.9.0"
+lwk_common = "0.16.0"
+lwk_signer = "0.16.0"
+lwk_wollet = "0.16.0"

Cargo.toml

@@ -3,7 +3,7 @@
 UNAME := $(shell uname)
 
 all: fmt
-	cargo build
+	cargo build -j4
 
 fmt:
 	cargo fmt --all -- --check
@@ -35,7 +35,7 @@ clean-mobile-build:
 	cd packages/kos-mobile && ./build_clean.sh
 
 build-ksafe:
-	cargo build --package kos-hardware --target thumbv7em-none-eabihf --profile hardware
+	cargo build -j4 --package kos-hardware --target thumbv7em-none-eabihf --profile hardware
 
 build-android:
 	cd packages/kos-mobile && ./build_android.sh

Makefile

@@ -17,7 +17,7 @@ crate-type = ["lib"]
 kos = { workspace = true }
 ciborium = "0.2.2"
 hex = { version = "0.4.3", features = ["alloc"], default-features = false }
-xrpl-rust = { version = "0.5.0", default-features = false, features = ["core", "utils"] }
+xrpl-rust = { version = "1.1.0", default-features = false, features = ["core", "utils"] }
 cosmrs = { version = "0.21.1", default-features = false }
 bitcoin = { version = "0.32.5", default-features = false }
 byteorder = { version = "1.5.0" }
@@ -34,7 +34,7 @@ bs58 = { version = "0.5", default-features = false, features = ["alloc"] }
 sha3 = { version = "0.10.8", default-features = false }
 regex = { version = "1.11.1", default-features = false, features = ["perf"] }
 base64 = "0.22.1"
-sha2 = "0.10.9"
+sha2 = {workspace = true }
 base32 = "0.5.1"
 leb128 = "0.2.5"
 serde_cbor = "0.11.2"

packages/kos-codec/Cargo.toml

@@ -20,6 +20,7 @@ serde = { workspace = true, features = ["derive"], optional = true }
 serde_json = { workspace = true }
 serde-wasm-bindgen = "0.5"
 qrcode-generator = "4.1"
+getrandom = { version = "0.4", features = ["wasm_js"] }
 enum_delegate = { workspace = true }
 hex = { workspace = true }
 enum_dispatch = "0.3"

packages/kos-web/Cargo.toml

@@ -23,14 +23,13 @@ blake2b-ref = { version = "0.3.1", default-features = false }
 rlp = { version = "0.5.0", default-features = false }
 hex = { version = "0.4.3", features = ["alloc"], default-features = false }
 ripemd = { version = "0.1.3", default-features = false }
-schnorrkel = { version = "0.11.4", default-features = false }
+schnorrkel = { version = "0.11.5", default-features = false }
 ed25519-dalek = { version = "2.1.0", features = ["hazmat"], default-features = false }
 pbkdf2 = { version = "0.12.2", features = ["sha2", "hmac", "password-hash"], default-features = false }
 bip39-dict = { version = "0.1.0", features = ["english"], default-features = false }
 libsecp256k1 = { version = "0.7.1", features = ["hmac", "static-context"], default-features = false }
-rand_core = { version = "0.6.4", default-features = false }
-
-rand = { workspace = true, optional = true }
+rand_core = { version = "0.10.1", default-features = false }
+rand = { version = "0.10.1", optional = true, features = ["sys_rng"] }
 coins-bip32 = { workspace = true, optional = true }
 coins-bip39 = { workspace = true, optional = true }
 getrandom = { version = "0.2", features = ["js"], optional = true }
@@ -44,16 +43,13 @@ cbc = { version = "0.1", features = ["block-padding", "std"], optional = true }
 serde = { version = "1.0.215", features = ["derive"], optional = true }
 base32 = { version = "0.5.1" }
 
-
-
-
 [features]
 default = ["not-ksafe"]
 not-ksafe = [
+    "schnorrkel/std",
     "rand",
     "coins-bip32",
     "coins-bip39",
-    "rand_core/getrandom",
     "getrandom",
     "alloy-dyn-abi",
     "serde_json",

packages/kos/Cargo.toml

@@ -353,11 +353,8 @@ pub fn create_encrypted_certificate_pem(
 }
 
 pub fn create_checksum(password: &str) -> String {
-    let rng = rand::thread_rng();
-    let salt = SaltString::generate(rng);
-    let password_hash = pbkdf2::Pbkdf2
-        .hash_password(password.as_bytes(), &salt)
-        .unwrap();
+    let salt = SaltString::generate(&mut OsRng);
+    let password_hash = Pbkdf2.hash_password(password.as_bytes(), &salt).unwrap();
 
     password_hash.to_string()
 }
@@ -397,7 +394,8 @@ pub fn decrypt(data: &[u8], password: &str, iterations: u32) -> Result<Vec<u8>,
 
 pub fn gcm_encrypt(data: &[u8], password: &str, iterations: u32) -> Result<Vec<u8>, ChainError> {
     // Derive key from password
-    let salt: [u8; 32] = rand::thread_rng().gen();
+    let mut salt = [0u8; 32];
+    rand::rng().fill_bytes(&mut salt);
     let derived_key = derive_key(&salt, password, iterations);
     let key = Key::<Aes256Gcm>::from_slice(&derived_key);
     let cipher = Aes256Gcm::new(key);
@@ -441,7 +439,8 @@ pub fn gcm_decrypt(
 type Aes256CbcEnc = cbc::Encryptor<aes::Aes256>;
 type Aes256CbcDec = cbc::Decryptor<aes::Aes256>;
 pub fn cbc_encrypt(data: &[u8], password: &str, iterations: u32) -> Result<Vec<u8>, ChainError> {
-    let iv: [u8; IV_SIZE] = rand::thread_rng().gen();
+    let mut iv = [0u8; IV_SIZE];
+    rand::rng().fill_bytes(&mut iv);
     let derived_key = derive_key(&iv, password, iterations); // KeySize [u8; 32]
     let key = GenericArray::from_slice(&derived_key);
 
@@ -460,7 +459,8 @@ pub fn cbc_encrypt(data: &[u8], password: &str, iterations: u32) -> Result<Vec<u
     hmac_input.extend_from_slice(&iv);
     hmac_input.extend_from_slice(ct);
 
-    let hmac_salt: [u8; 32] = rand::thread_rng().gen();
+    let mut hmac_salt = [0u8; 32];
+    rand::rng().fill_bytes(&mut hmac_salt);
     let hmac_key = derive_key(&hmac_salt, password, iterations);
 
     let mut mac: Hmac<Sha256> = <Hmac<Sha256> as KeyInit>::new_from_slice(&hmac_key)
@@ -523,7 +523,8 @@ pub fn cbc_decrypt(
 type Aes256CfbEnc = cfb_mode::Encryptor<aes::Aes256>;
 type Aes256CfbDec = cfb_mode::Decryptor<aes::Aes256>;
 pub fn cfb_encrypt(data: &[u8], password: &str, iterations: u32) -> Result<Vec<u8>, ChainError> {
-    let iv: [u8; IV_SIZE] = rand::thread_rng().gen();
+    let mut iv = [0u8; IV_SIZE];
+    rand::rng().fill_bytes(&mut iv);
     let derived_key = derive_key(&iv, password, iterations); //  KeySize [u8; 32]
     let key = GenericArray::from_slice(&derived_key);
 

packages/kos/src/crypto/cipher.rs

@@ -1,17 +1,31 @@
 use crate::chains::ChainError;
+use alloc::vec;
 use alloc::vec::Vec;
-
+use coins_bip39::mnemonic::Entropy;
 use coins_bip39::{English, Mnemonic};
+use rand::Rng;
+
+fn word_count_to_entropy_bytes(count: usize) -> Result<usize, ChainError> {
+    match count {
+        12 => Ok(16),
+        15 => Ok(20),
+        18 => Ok(24),
+        21 => Ok(28),
+        24 => Ok(32),
+        _ => Err(ChainError::InvalidMnemonic),
+    }
+}
 
+#[cfg(feature = "not-ksafe")]
 pub fn generate_mnemonic(count: usize) -> Result<Mnemonic<English>, ChainError> {
-    // create rng
-    let mut rng = rand::thread_rng();
-    // generate mnemonic phrase
-    Ok(Mnemonic::<English>::new_with_count(&mut rng, count)?)
+    let entropy_bytes = word_count_to_entropy_bytes(count)?;
+    let mut buf = vec![0u8; entropy_bytes];
+    rand::rng().fill_bytes(&mut buf[..]);
+    let entropy = Entropy::from_slice(&buf)?;
+    Ok(Mnemonic::<English>::new_from_entropy(entropy))
 }
 
 pub fn validate_mnemonic(phrase: &str) -> Result<(), ChainError> {
-    // validate mnemonic phrase
     let _mnemonic: Mnemonic<English> = phrase.parse()?;
     Ok(())
 }

packages/kos/src/crypto/mnemonic.rs

@@ -1,5 +1,7 @@
-#[allow(unused_imports)]
-use rand_core::{CryptoRng, Error, RngCore};
+use rand_core::CryptoRng;
+
+#[cfg(feature = "ksafe")]
+use rand_core::{TryCryptoRng, TryRng};
 
 #[cfg(feature = "ksafe")]
 extern "C" {
@@ -12,44 +14,44 @@ extern "C" {
 struct MyRng;
 
 #[cfg(feature = "ksafe")]
-impl RngCore for MyRng {
-    fn next_u32(&mut self) -> u32 {
+impl TryRng for MyRng {
+    type Error = core::convert::Infallible;
+
+    fn try_next_u32(&mut self) -> Result<u32, Self::Error> {
         let mut buf = [0u8; 4];
         unsafe {
             random_buffer(buf.as_mut_ptr(), buf.len() as u32);
         }
-        u32::from_ne_bytes(buf)
+        Ok(u32::from_ne_bytes(buf))
     }
 
-    fn next_u64(&mut self) -> u64 {
+    fn try_next_u64(&mut self) -> Result<u64, Self::Error> {
         let mut buf = [0u8; 8];
         unsafe {
             random_buffer(buf.as_mut_ptr(), buf.len() as u32);
         }
-        u64::from_ne_bytes(buf)
+        Ok(u64::from_ne_bytes(buf))
     }
 
-    fn fill_bytes(&mut self, dest: &mut [u8]) {
+    fn try_fill_bytes(&mut self, dest: &mut [u8]) -> Result<(), Self::Error> {
         unsafe {
             random_buffer(dest.as_mut_ptr(), dest.len() as u32);
         }
-    }
-
-    fn try_fill_bytes(&mut self, dest: &mut [u8]) -> Result<(), Error> {
-        self.fill_bytes(dest);
         Ok(())
     }
 }
 
 #[cfg(feature = "ksafe")]
-impl CryptoRng for MyRng {}
+impl TryCryptoRng for MyRng {}
 
 #[cfg(not(feature = "ksafe"))]
-pub fn getrandom_or_panic() -> impl RngCore + CryptoRng {
-    rand_core::OsRng
+#[allow(dead_code)]
+pub fn getrandom_or_panic() -> impl CryptoRng {
+    rand_core::UnwrapErr(rand::rngs::SysRng)
 }
 
 #[cfg(feature = "ksafe")]
-pub fn getrandom_or_panic() -> impl RngCore + CryptoRng {
+#[allow(dead_code)]
+pub fn getrandom_or_panic() -> impl CryptoRng {
     MyRng
 }

packages/kos/src/crypto/rng.rs

@@ -1,6 +1,5 @@
 use alloc::vec::Vec;
 use core::fmt::{Display, Formatter};
-use schnorrkel::context::SigningContext;
 use schnorrkel::derive::ChainCode;
 
 const SUBSTRATE_CTX: &[u8; 9] = b"substrate";
@@ -40,11 +39,8 @@ impl Sr25519Trait for Sr25519 {
 
     fn sign(msg: &[u8], pvk: &[u8; 64]) -> Result<Vec<u8>, Sr25519Error> {
         let pvk = schnorrkel::SecretKey::from_bytes(pvk).map_err(|_| Sr25519Error::ErrDerive)?;
-
         let pbk = pvk.to_public();
-        let ctx = SigningContext::new(SUBSTRATE_CTX).bytes(msg);
-        let ctx = schnorrkel::context::attach_rng(ctx, crate::crypto::rng::getrandom_or_panic());
-        let sig = pvk.sign(ctx, &pbk);
+        let sig = pvk.sign_simple(SUBSTRATE_CTX, msg, &pbk);
         Ok(sig.to_bytes().as_slice().to_vec())
     }