feat-4429: Blake3 Hash (#4434)
Co-authored-by: itsezc <itsezc> Co-authored-by: Gerard Guillemas Martos <gguillemas@users.noreply.github.com> Co-authored-by: Gerard Guillemas Martos <gerard.guillemas@surrealdb.com>
This commit is contained in:
parent
63bc5fa1db
commit
4749af1ba4
13 changed files with 193 additions and 10 deletions
26
Cargo.lock
generated
26
Cargo.lock
generated
|
@ -409,6 +409,12 @@ dependencies = [
|
|||
"password-hash",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "arrayref"
|
||||
version = "0.3.7"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "6b4930d2cb77ce62f89ee5d5289b4ac049559b1c45539271f5ed4fdc7db34545"
|
||||
|
||||
[[package]]
|
||||
name = "arrayvec"
|
||||
version = "0.7.4"
|
||||
|
@ -957,6 +963,19 @@ dependencies = [
|
|||
"digest",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "blake3"
|
||||
version = "1.5.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e9ec96fe9a81b5e365f9db71fe00edc4fe4ca2cc7dcb7861f0603012a7caa210"
|
||||
dependencies = [
|
||||
"arrayref",
|
||||
"arrayvec",
|
||||
"cc",
|
||||
"cfg-if",
|
||||
"constant_time_eq",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "block-buffer"
|
||||
version = "0.10.4"
|
||||
|
@ -1342,6 +1361,12 @@ dependencies = [
|
|||
"wasm-bindgen",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "constant_time_eq"
|
||||
version = "0.3.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "f7144d30dcf0fafbce74250a3963025d8d52177934239851c917d29f1df280c2"
|
||||
|
||||
[[package]]
|
||||
name = "convert_case"
|
||||
version = "0.4.0"
|
||||
|
@ -5916,6 +5941,7 @@ dependencies = [
|
|||
"base64 0.21.7",
|
||||
"bcrypt",
|
||||
"bincode",
|
||||
"blake3",
|
||||
"bytes",
|
||||
"castaway",
|
||||
"cedar-policy",
|
||||
|
|
17
cackle.toml
17
cackle.toml
|
@ -1361,3 +1361,20 @@ allow_unsafe = true
|
|||
|
||||
[pkg.castaway]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.blake3]
|
||||
build.allow_apis = [
|
||||
"fs",
|
||||
]
|
||||
build.allow_build_instructions = [
|
||||
"cargo:rustc-link-lib=static=blake3_avx512_assembly",
|
||||
"cargo:rustc-link-lib=static=blake3_sse2_sse41_avx2_assembly",
|
||||
"cargo:rustc-link-search=native=*",
|
||||
]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.arrayref]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.constant_time_eq]
|
||||
allow_unsafe = true
|
||||
|
|
|
@ -60,6 +60,7 @@ ascii = { version = "0.3.2", package = "any_ascii" }
|
|||
async-recursion = "1.0.5"
|
||||
base64 = "0.21.5"
|
||||
bcrypt = "0.15.0"
|
||||
blake3 = "1.5.3"
|
||||
bincode = "1.3.3"
|
||||
bytes = "1.5.0"
|
||||
ciborium = "0.2.1"
|
||||
|
|
|
@ -6,6 +6,10 @@ use sha1::Sha1;
|
|||
use sha2::Sha256;
|
||||
use sha2::Sha512;
|
||||
|
||||
pub fn blake3((arg,): (String,)) -> Result<Value, Error> {
|
||||
Ok(blake3::hash(arg.as_bytes()).to_string().into())
|
||||
}
|
||||
|
||||
pub fn md5((arg,): (String,)) -> Result<Value, Error> {
|
||||
let mut hasher = Md5::new();
|
||||
hasher.update(arg.as_str());
|
||||
|
|
|
@ -151,6 +151,7 @@ pub fn synchronous(
|
|||
//
|
||||
"count" => count::count,
|
||||
//
|
||||
"crypto::blake3" => crypto::blake3,
|
||||
"crypto::md5" => crypto::md5,
|
||||
"crypto::sha1" => crypto::sha1,
|
||||
"crypto::sha256" => crypto::sha256,
|
||||
|
|
|
@ -12,6 +12,7 @@ pub struct Package;
|
|||
impl_module_def!(
|
||||
Package,
|
||||
"crypto",
|
||||
"blake3" => run,
|
||||
"md5" => run,
|
||||
"sha1" => run,
|
||||
"sha256" => run,
|
||||
|
|
|
@ -144,6 +144,7 @@ pub(crate) static PATHS: phf::Map<UniCase<&'static str>, PathKind> = phf_map! {
|
|||
//
|
||||
UniCase::ascii("count") => PathKind::Function,
|
||||
//
|
||||
UniCase::ascii("crypto::blake3") => PathKind::Function,
|
||||
UniCase::ascii("crypto::md5") => PathKind::Function,
|
||||
UniCase::ascii("crypto::sha1") => PathKind::Function,
|
||||
UniCase::ascii("crypto::sha256") => PathKind::Function,
|
||||
|
|
|
@ -83,6 +83,7 @@ allow = [
|
|||
"CC0-1.0",
|
||||
"MPL-2.0",
|
||||
"Apache-2.0",
|
||||
"BSD-2-Clause",
|
||||
"BSD-3-Clause",
|
||||
"Unlicense",
|
||||
]
|
||||
|
|
|
@ -203,6 +203,7 @@
|
|||
"count("
|
||||
"crypto"
|
||||
"crypto::"
|
||||
"crypto::blake3("
|
||||
"crypto::md5("
|
||||
"crypto::sha1("
|
||||
"crypto::sha256("
|
||||
|
|
|
@ -202,6 +202,7 @@
|
|||
"count("
|
||||
"crypto"
|
||||
"crypto::"
|
||||
"crypto::blake3("
|
||||
"crypto::md5("
|
||||
"crypto::sha1("
|
||||
"crypto::sha256("
|
||||
|
|
|
@ -1249,6 +1249,20 @@ async fn function_count() -> Result<(), Error> {
|
|||
// crypto
|
||||
// --------------------------------------------------
|
||||
|
||||
#[tokio::test]
|
||||
async fn function_crypto_blake3() -> Result<(), Error> {
|
||||
let sql = r#"
|
||||
RETURN crypto::blake3('tobie');
|
||||
"#;
|
||||
let mut test = Test::new(sql).await?;
|
||||
//
|
||||
let tmp = test.next()?.result?;
|
||||
let val = Value::from("f75ef30a80a78016f4a4da40ac56c858c0001b3a320118adc3785972901ddce6");
|
||||
assert_eq!(tmp, val);
|
||||
//
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn function_crypto_md5() -> Result<(), Error> {
|
||||
let sql = r#"
|
||||
|
|
|
@ -275,10 +275,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.65.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.bitflags]]
|
||||
version = "1.3.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.bitmaps]]
|
||||
version = "3.2.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -291,6 +287,10 @@ criteria = "safe-to-deploy"
|
|||
version = "0.10.6"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.blake3]]
|
||||
version = "1.5.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.blowfish]]
|
||||
version = "0.9.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -323,10 +323,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.6.12"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.bytemuck]]
|
||||
version = "1.15.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.byteorder]]
|
||||
version = "1.5.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
|
@ -276,8 +276,8 @@ user-login = "mumoshu"
|
|||
user-name = "Yusuke Kuoka"
|
||||
|
||||
[[publisher.surrealkv]]
|
||||
version = "0.3.1"
|
||||
when = "2024-08-05"
|
||||
version = "0.3.2"
|
||||
when = "2024-08-12"
|
||||
user-id = 145457
|
||||
user-login = "tobiemh"
|
||||
user-name = "Tobie Morgan Hitchcock"
|
||||
|
@ -366,6 +366,15 @@ criteria = "safe-to-deploy"
|
|||
version = "0.1.6"
|
||||
notes = "Contains no unsafe code, no IO, no build.rs."
|
||||
|
||||
[[audits.bytecode-alliance.audits.arrayref]]
|
||||
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.3.6"
|
||||
notes = """
|
||||
Unsafe code, but its logic looks good to me. Necessary given what it is
|
||||
doing. Well tested, has quickchecks.
|
||||
"""
|
||||
|
||||
[[audits.bytecode-alliance.audits.base64]]
|
||||
who = "Pat Hickey <phickey@fastly.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -383,6 +392,12 @@ criteria = "safe-to-deploy"
|
|||
version = "1.0.0"
|
||||
notes = "I am the author of this crate."
|
||||
|
||||
[[audits.bytecode-alliance.audits.constant_time_eq]]
|
||||
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.2.4"
|
||||
notes = "A few tiny blocks of `unsafe` but each of them is very obviously correct."
|
||||
|
||||
[[audits.bytecode-alliance.audits.core-foundation-sys]]
|
||||
who = "Dan Gohman <dev@sunfishcode.online>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -829,6 +844,22 @@ and nothing changed from the baseline audit of 1.1.0. Skimmed through the
|
|||
'''
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.bitflags]]
|
||||
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.3.2"
|
||||
notes = """
|
||||
Security review of earlier versions of the crate can be found at
|
||||
(Google-internal, sorry): go/image-crate-chromium-security-review
|
||||
|
||||
The crate exposes a function marked as `unsafe`, but doesn't use any
|
||||
`unsafe` blocks (except for tests of the single `unsafe` function). I
|
||||
think this justifies marking this crate as `ub-risk-1`.
|
||||
|
||||
Additional review comments can be found at https://crrev.com/c/4723145/31
|
||||
"""
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.bitflags]]
|
||||
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1045,6 +1076,38 @@ https://crrev.com/c/3265545. The CL description contains a link to a
|
|||
"""
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.serde]]
|
||||
who = "Dustin J. Mitchell <djmitche@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.197 -> 1.0.198"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.serde]]
|
||||
who = "danakj <danakj@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.198 -> 1.0.201"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.serde]]
|
||||
who = "Dustin J. Mitchell <djmitche@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.201 -> 1.0.202"
|
||||
notes = "Trivial changes"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.serde]]
|
||||
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.202 -> 1.0.203"
|
||||
notes = "s/doc_cfg/docsrs/ + tuple_impls/tuple_impl_body-related changes"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.serde]]
|
||||
who = "Adrian Taylor <adetaylor@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.203 -> 1.0.204"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.serde_derive]]
|
||||
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1052,6 +1115,31 @@ version = "1.0.197"
|
|||
notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.serde_derive]]
|
||||
who = "danakj <danakj@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.197 -> 1.0.201"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.serde_derive]]
|
||||
who = "Dustin J. Mitchell <djmitche@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.201 -> 1.0.202"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.serde_derive]]
|
||||
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.202 -> 1.0.203"
|
||||
notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.serde_derive]]
|
||||
who = "Adrian Taylor <adetaylor@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.203 -> 1.0.204"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.serial_test]]
|
||||
who = "Max Lee <endlesspring@google.com>"
|
||||
criteria = "safe-to-run"
|
||||
|
@ -1243,6 +1331,11 @@ who = "Ameer Ghani <inahga@divviup.org>"
|
|||
criteria = "safe-to-deploy"
|
||||
version = "1.12.1"
|
||||
|
||||
[[audits.isrg.audits.subtle]]
|
||||
who = "David Cook <dcook@divviup.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "2.5.0 -> 2.6.1"
|
||||
|
||||
[[audits.isrg.audits.thiserror]]
|
||||
who = "Brandon Pitman <bran@bran.land>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1852,6 +1945,12 @@ version = "0.7.32"
|
|||
notes = "Clean, safe macros for zerocopy."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.arrayref]]
|
||||
who = "Sean Bowe <ewillbefull@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.3.6 -> 0.3.7"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.base64]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1877,6 +1976,26 @@ delta = "0.10.3 -> 0.10.4"
|
|||
notes = "Adds panics to prevent a block size of zero from causing unsoundness."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.constant_time_eq]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.2.4 -> 0.2.5"
|
||||
notes = "No code changes."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.constant_time_eq]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.2.5 -> 0.2.6"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.constant_time_eq]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.2.6 -> 0.3.0"
|
||||
notes = "Replaces some `unsafe` code by bumping MSRV to 1.66 (to access `core::hint::black_box`)."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.errno]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
Loading…
Reference in a new issue