feat-4429: Blake3 Hash (#4434)

Co-authored-by: itsezc <itsezc>
Co-authored-by: Gerard Guillemas Martos <gguillemas@users.noreply.github.com>
Co-authored-by: Gerard Guillemas Martos <gerard.guillemas@surrealdb.com>
This commit is contained in:
Chiru B 2024-08-16 20:28:38 +05:30 committed by GitHub
parent 63bc5fa1db
commit 4749af1ba4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
13 changed files with 193 additions and 10 deletions

26
Cargo.lock generated
View file

@ -409,6 +409,12 @@ dependencies = [
"password-hash",
]
[[package]]
name = "arrayref"
version = "0.3.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6b4930d2cb77ce62f89ee5d5289b4ac049559b1c45539271f5ed4fdc7db34545"
[[package]]
name = "arrayvec"
version = "0.7.4"
@ -957,6 +963,19 @@ dependencies = [
"digest",
]
[[package]]
name = "blake3"
version = "1.5.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e9ec96fe9a81b5e365f9db71fe00edc4fe4ca2cc7dcb7861f0603012a7caa210"
dependencies = [
"arrayref",
"arrayvec",
"cc",
"cfg-if",
"constant_time_eq",
]
[[package]]
name = "block-buffer"
version = "0.10.4"
@ -1342,6 +1361,12 @@ dependencies = [
"wasm-bindgen",
]
[[package]]
name = "constant_time_eq"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f7144d30dcf0fafbce74250a3963025d8d52177934239851c917d29f1df280c2"
[[package]]
name = "convert_case"
version = "0.4.0"
@ -5916,6 +5941,7 @@ dependencies = [
"base64 0.21.7",
"bcrypt",
"bincode",
"blake3",
"bytes",
"castaway",
"cedar-policy",

View file

@ -1361,3 +1361,20 @@ allow_unsafe = true
[pkg.castaway]
allow_unsafe = true
[pkg.blake3]
build.allow_apis = [
"fs",
]
build.allow_build_instructions = [
"cargo:rustc-link-lib=static=blake3_avx512_assembly",
"cargo:rustc-link-lib=static=blake3_sse2_sse41_avx2_assembly",
"cargo:rustc-link-search=native=*",
]
allow_unsafe = true
[pkg.arrayref]
allow_unsafe = true
[pkg.constant_time_eq]
allow_unsafe = true

View file

@ -60,6 +60,7 @@ ascii = { version = "0.3.2", package = "any_ascii" }
async-recursion = "1.0.5"
base64 = "0.21.5"
bcrypt = "0.15.0"
blake3 = "1.5.3"
bincode = "1.3.3"
bytes = "1.5.0"
ciborium = "0.2.1"

View file

@ -6,6 +6,10 @@ use sha1::Sha1;
use sha2::Sha256;
use sha2::Sha512;
pub fn blake3((arg,): (String,)) -> Result<Value, Error> {
Ok(blake3::hash(arg.as_bytes()).to_string().into())
}
pub fn md5((arg,): (String,)) -> Result<Value, Error> {
let mut hasher = Md5::new();
hasher.update(arg.as_str());

View file

@ -151,6 +151,7 @@ pub fn synchronous(
//
"count" => count::count,
//
"crypto::blake3" => crypto::blake3,
"crypto::md5" => crypto::md5,
"crypto::sha1" => crypto::sha1,
"crypto::sha256" => crypto::sha256,

View file

@ -12,6 +12,7 @@ pub struct Package;
impl_module_def!(
Package,
"crypto",
"blake3" => run,
"md5" => run,
"sha1" => run,
"sha256" => run,

View file

@ -144,6 +144,7 @@ pub(crate) static PATHS: phf::Map<UniCase<&'static str>, PathKind> = phf_map! {
//
UniCase::ascii("count") => PathKind::Function,
//
UniCase::ascii("crypto::blake3") => PathKind::Function,
UniCase::ascii("crypto::md5") => PathKind::Function,
UniCase::ascii("crypto::sha1") => PathKind::Function,
UniCase::ascii("crypto::sha256") => PathKind::Function,

View file

@ -83,6 +83,7 @@ allow = [
"CC0-1.0",
"MPL-2.0",
"Apache-2.0",
"BSD-2-Clause",
"BSD-3-Clause",
"Unlicense",
]

View file

@ -203,6 +203,7 @@
"count("
"crypto"
"crypto::"
"crypto::blake3("
"crypto::md5("
"crypto::sha1("
"crypto::sha256("

View file

@ -202,6 +202,7 @@
"count("
"crypto"
"crypto::"
"crypto::blake3("
"crypto::md5("
"crypto::sha1("
"crypto::sha256("

View file

@ -1249,6 +1249,20 @@ async fn function_count() -> Result<(), Error> {
// crypto
// --------------------------------------------------
#[tokio::test]
async fn function_crypto_blake3() -> Result<(), Error> {
let sql = r#"
RETURN crypto::blake3('tobie');
"#;
let mut test = Test::new(sql).await?;
//
let tmp = test.next()?.result?;
let val = Value::from("f75ef30a80a78016f4a4da40ac56c858c0001b3a320118adc3785972901ddce6");
assert_eq!(tmp, val);
//
Ok(())
}
#[tokio::test]
async fn function_crypto_md5() -> Result<(), Error> {
let sql = r#"

View file

@ -275,10 +275,6 @@ criteria = "safe-to-deploy"
version = "0.65.1"
criteria = "safe-to-deploy"
[[exemptions.bitflags]]
version = "1.3.2"
criteria = "safe-to-deploy"
[[exemptions.bitmaps]]
version = "3.2.1"
criteria = "safe-to-deploy"
@ -291,6 +287,10 @@ criteria = "safe-to-deploy"
version = "0.10.6"
criteria = "safe-to-deploy"
[[exemptions.blake3]]
version = "1.5.3"
criteria = "safe-to-deploy"
[[exemptions.blowfish]]
version = "0.9.1"
criteria = "safe-to-deploy"
@ -323,10 +323,6 @@ criteria = "safe-to-deploy"
version = "0.6.12"
criteria = "safe-to-deploy"
[[exemptions.bytemuck]]
version = "1.15.0"
criteria = "safe-to-deploy"
[[exemptions.byteorder]]
version = "1.5.0"
criteria = "safe-to-deploy"

View file

@ -276,8 +276,8 @@ user-login = "mumoshu"
user-name = "Yusuke Kuoka"
[[publisher.surrealkv]]
version = "0.3.1"
when = "2024-08-05"
version = "0.3.2"
when = "2024-08-12"
user-id = 145457
user-login = "tobiemh"
user-name = "Tobie Morgan Hitchcock"
@ -366,6 +366,15 @@ criteria = "safe-to-deploy"
version = "0.1.6"
notes = "Contains no unsafe code, no IO, no build.rs."
[[audits.bytecode-alliance.audits.arrayref]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "0.3.6"
notes = """
Unsafe code, but its logic looks good to me. Necessary given what it is
doing. Well tested, has quickchecks.
"""
[[audits.bytecode-alliance.audits.base64]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
@ -383,6 +392,12 @@ criteria = "safe-to-deploy"
version = "1.0.0"
notes = "I am the author of this crate."
[[audits.bytecode-alliance.audits.constant_time_eq]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "0.2.4"
notes = "A few tiny blocks of `unsafe` but each of them is very obviously correct."
[[audits.bytecode-alliance.audits.core-foundation-sys]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
@ -829,6 +844,22 @@ and nothing changed from the baseline audit of 1.1.0. Skimmed through the
'''
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.bitflags]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.3.2"
notes = """
Security review of earlier versions of the crate can be found at
(Google-internal, sorry): go/image-crate-chromium-security-review
The crate exposes a function marked as `unsafe`, but doesn't use any
`unsafe` blocks (except for tests of the single `unsafe` function). I
think this justifies marking this crate as `ub-risk-1`.
Additional review comments can be found at https://crrev.com/c/4723145/31
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.bitflags]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
@ -1045,6 +1076,38 @@ https://crrev.com/c/3265545. The CL description contains a link to a
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.serde]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.197 -> 1.0.198"
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.serde]]
who = "danakj <danakj@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.198 -> 1.0.201"
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.serde]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.201 -> 1.0.202"
notes = "Trivial changes"
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.serde]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.202 -> 1.0.203"
notes = "s/doc_cfg/docsrs/ + tuple_impls/tuple_impl_body-related changes"
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.serde]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.203 -> 1.0.204"
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.serde_derive]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
@ -1052,6 +1115,31 @@ version = "1.0.197"
notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits"
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.serde_derive]]
who = "danakj <danakj@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.197 -> 1.0.201"
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.serde_derive]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.201 -> 1.0.202"
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.serde_derive]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.202 -> 1.0.203"
notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits"
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.serde_derive]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.203 -> 1.0.204"
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.serial_test]]
who = "Max Lee <endlesspring@google.com>"
criteria = "safe-to-run"
@ -1243,6 +1331,11 @@ who = "Ameer Ghani <inahga@divviup.org>"
criteria = "safe-to-deploy"
version = "1.12.1"
[[audits.isrg.audits.subtle]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "2.5.0 -> 2.6.1"
[[audits.isrg.audits.thiserror]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
@ -1852,6 +1945,12 @@ version = "0.7.32"
notes = "Clean, safe macros for zerocopy."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.zcash.audits.arrayref]]
who = "Sean Bowe <ewillbefull@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.3.6 -> 0.3.7"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.base64]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
@ -1877,6 +1976,26 @@ delta = "0.10.3 -> 0.10.4"
notes = "Adds panics to prevent a block size of zero from causing unsoundness."
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.constant_time_eq]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.2.4 -> 0.2.5"
notes = "No code changes."
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.constant_time_eq]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.2.5 -> 0.2.6"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.constant_time_eq]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.2.6 -> 0.3.0"
notes = "Replaces some `unsafe` code by bumping MSRV to 1.66 (to access `core::hint::black_box`)."
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.errno]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"