From 110df6769737bac43afdbbecfbcb32eb9cee2482 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Fri, 1 Oct 2021 11:44:51 -0400 Subject: [PATCH] Move crypto glue into its own crate, and start the sync crate. --- cumberland/Cargo.toml | 6 ++ cumberland/src/lib.rs | 7 ++ network-hypervisor/Cargo.lock | 87 +++++++++++-------- network-hypervisor/Cargo.toml | 6 +- network-hypervisor/src/lib.rs | 1 - network-hypervisor/src/vl1/identity.rs | 12 +-- network-hypervisor/src/vl1/node.rs | 2 +- network-hypervisor/src/vl1/peer.rs | 18 ++-- network-hypervisor/src/vl1/protocol.rs | 3 +- network-hypervisor/src/vl1/rootset.rs | 9 +- ztcrypto/Cargo.toml | 11 +++ .../src/crypto => ztcrypto/src}/balloon.rs | 4 +- .../src/crypto => ztcrypto/src}/c25519.rs | 4 +- .../src/crypto => ztcrypto/src}/hash.rs | 0 .../src/crypto => ztcrypto/src}/kbkdf.rs | 4 +- .../src/crypto/mod.rs => ztcrypto/src/lib.rs | 1 + .../src/crypto => ztcrypto/src}/p521.rs | 7 +- .../src/crypto => ztcrypto/src}/poly1305.rs | 0 .../src/crypto => ztcrypto/src}/random.rs | 0 .../src/crypto => ztcrypto/src}/salsa.rs | 0 .../src/crypto => ztcrypto/src}/secret.rs | 2 +- 21 files changed, 109 insertions(+), 75 deletions(-) create mode 100644 cumberland/Cargo.toml create mode 100644 cumberland/src/lib.rs create mode 100644 ztcrypto/Cargo.toml rename {network-hypervisor/src/crypto => ztcrypto/src}/balloon.rs (97%) rename {network-hypervisor/src/crypto => ztcrypto/src}/c25519.rs (98%) rename {network-hypervisor/src/crypto => ztcrypto/src}/hash.rs (100%) rename {network-hypervisor/src/crypto => ztcrypto/src}/kbkdf.rs (90%) rename network-hypervisor/src/crypto/mod.rs => ztcrypto/src/lib.rs (89%) rename {network-hypervisor/src/crypto => ztcrypto/src}/p521.rs (99%) rename {network-hypervisor/src/crypto => ztcrypto/src}/poly1305.rs (100%) rename {network-hypervisor/src/crypto => ztcrypto/src}/random.rs (100%) rename {network-hypervisor/src/crypto => ztcrypto/src}/salsa.rs (100%) rename {network-hypervisor/src/crypto => ztcrypto/src}/secret.rs (97%) diff --git a/cumberland/Cargo.toml b/cumberland/Cargo.toml new file mode 100644 index 000000000..53ef4a5b3 --- /dev/null +++ b/cumberland/Cargo.toml @@ -0,0 +1,6 @@ +[package] +name = "cumberland" +version = "0.1.0" +edition = "2018" + +[dependencies] diff --git a/cumberland/src/lib.rs b/cumberland/src/lib.rs new file mode 100644 index 000000000..31e1bb209 --- /dev/null +++ b/cumberland/src/lib.rs @@ -0,0 +1,7 @@ +#[cfg(test)] +mod tests { + #[test] + fn it_works() { + assert_eq!(2 + 2, 4); + } +} diff --git a/network-hypervisor/Cargo.lock b/network-hypervisor/Cargo.lock index a657dcd51..ad4e1c4cf 100644 --- a/network-hypervisor/Cargo.lock +++ b/network-hypervisor/Cargo.lock @@ -45,9 +45,9 @@ checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" [[package]] name = "cc" -version = "1.0.69" +version = "1.0.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e70cc2f62c6ce1868963827bd677764c62d07c3d9a3e1fb1177ee1a9ab199eb2" +checksum = "d26a6ce4b6a484fa3edb70f7efa6fc430fd2b87285fe8b84304fd0936faa0dc0" [[package]] name = "cfg-if" @@ -74,9 +74,9 @@ dependencies = [ [[package]] name = "cpufeatures" -version = "0.1.5" +version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "66c99696f6c9dd7f35d486b9d04d7e6e202aa3e8c40d553f2fdf5e7e0c6a71ef" +checksum = "95059428f66df56b63431fdb4e1947ed2190586af5c5a8a8b71122bdf5a7f469" dependencies = [ "libc", ] @@ -93,13 +93,13 @@ dependencies = [ [[package]] name = "curve25519-dalek" -version = "3.1.0" +version = "3.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "639891fde0dbea823fc3d798a0fdf9d2f9440a42d64a78ab3488b0ca025117b3" +checksum = "0b9fdf9972b2bd6af2d913799d9ebc165ea4d2e65878e329d9c6b372c4491b61" dependencies = [ "byteorder", "digest", - "rand_core", + "rand_core 0.5.1", "subtle", "zeroize", ] @@ -125,9 +125,9 @@ dependencies = [ [[package]] name = "ed25519" -version = "1.1.1" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d0860415b12243916284c67a9be413e044ee6668247b99ba26d94b2bc06c8f6" +checksum = "4620d40f6d2601794401d6dd95a5cf69b6c157852539470eeda433a99b3c0efc" dependencies = [ "signature", ] @@ -225,9 +225,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.98" +version = "0.2.103" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "320cfe77175da3a483efed4bc0adc1968ca050b098ce4f2f1c13a56626128790" +checksum = "dd8f7255a17a627354f321ef0055d63b898c6fb27eff628af4d1b66b7331edf6" [[package]] name = "libgcrypt-sys" @@ -271,9 +271,9 @@ dependencies = [ [[package]] name = "memchr" -version = "2.4.0" +version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b16bd47d9e329435e309c58469fe0791c2d0d1ba96ec0954152a5ae2b04387dc" +checksum = "308cc39be01b73d0d18f82a0e7b2a3df85245f84af96fdddc5d202d27e47b86a" [[package]] name = "num_cpus" @@ -299,9 +299,9 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" [[package]] name = "openssl" -version = "0.10.35" +version = "0.10.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "549430950c79ae24e6d02e0b7404534ecf311d94cc9f861e9e4020187d13d885" +checksum = "8d9facdb76fec0b73c406f125d44d86fdad818d66fef0531eec9233ca425ff4a" dependencies = [ "bitflags", "cfg-if 1.0.0", @@ -313,9 +313,9 @@ dependencies = [ [[package]] name = "openssl-sys" -version = "0.9.65" +version = "0.9.67" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a7907e3bfa08bb85105209cdfcb6c63d109f8f6c1ed6ca318fff5c1853fbc1d" +checksum = "69df2d8dfc6ce3aaf44b40dec6f487d5a886516cf6879c49e98e0710f310a058" dependencies = [ "autocfg", "cc", @@ -351,9 +351,9 @@ dependencies = [ [[package]] name = "pkg-config" -version = "0.3.19" +version = "0.3.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3831453b3449ceb48b6d9c7ad7c96d5ea673e9b470a1dc578c2ce6521230884c" +checksum = "7c9b1041b4387893b91ee6746cddfc28516aff326a3519fb2adf820932c5e6cb" [[package]] name = "ppv-lite86" @@ -388,7 +388,7 @@ dependencies = [ "getrandom", "libc", "rand_chacha", - "rand_core", + "rand_core 0.5.1", "rand_hc", ] @@ -399,7 +399,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" dependencies = [ "ppv-lite86", - "rand_core", + "rand_core 0.5.1", ] [[package]] @@ -411,13 +411,19 @@ dependencies = [ "getrandom", ] +[[package]] +name = "rand_core" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" + [[package]] name = "rand_hc" version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" dependencies = [ - "rand_core", + "rand_core 0.5.1", ] [[package]] @@ -437,15 +443,15 @@ checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" [[package]] name = "serde" -version = "1.0.126" +version = "1.0.130" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec7505abeacaec74ae4778d9d9328fe5a5d04253220a85c4ee022239fc996d03" +checksum = "f12d06de37cf59146fbdecab66aa99f9fe4f78722e3607577a5375d66bd0c913" [[package]] name = "sha2" -version = "0.9.5" +version = "0.9.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b362ae5752fd2137731f9fa25fd4d9058af34666ca1966fb969119cc35719f12" +checksum = "b69f9a4c9740d74c5baa3fd2e547f9525fa8088a8a958e0ca2409a514e33f5fa" dependencies = [ "block-buffer", "cfg-if 1.0.0", @@ -513,9 +519,9 @@ dependencies = [ [[package]] name = "typenum" -version = "1.13.0" +version = "1.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "879f6906492a7cd215bfa4cf595b600146ccfac0c79bcbd1f3000162af5e8b06" +checksum = "b63708a265f51345575b27fe43f9500ad611579e764c79edbc2037b1121959ec" [[package]] name = "unicode-xid" @@ -580,12 +586,12 @@ dependencies = [ [[package]] name = "x25519-dalek" -version = "1.1.1" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a0c105152107e3b96f6a00a65e86ce82d9b125230e1c4302940eca58ff71f4f" +checksum = "2392b6b94a576b4e2bf3c5b2757d63f10ada8020a2e4d08ac849ebcf6ea8e077" dependencies = [ "curve25519-dalek", - "rand_core", + "rand_core 0.5.1", "zeroize", ] @@ -600,9 +606,9 @@ dependencies = [ [[package]] name = "zeroize_derive" -version = "1.1.0" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a2c1e130bebaeab2f23886bf9acbaca14b092408c452543c857f66399cd6dab1" +checksum = "bdff2024a851a322b08f179173ae2ba620445aef1e838f0c196820eade4ae0c7" dependencies = [ "proc-macro2", "quote", @@ -614,17 +620,24 @@ dependencies = [ name = "zerotier-network-hypervisor" version = "2.0.0" dependencies = [ - "aes-gmac-siv", "base64", "concat-arrays", "dashmap", - "ed25519-dalek", - "gcrypt", "libc", "lz4_flex", "parking_lot", - "rand_core", "urlencoding", "winapi", + "ztcrypto", +] + +[[package]] +name = "ztcrypto" +version = "0.1.0" +dependencies = [ + "aes-gmac-siv", + "ed25519-dalek", + "gcrypt", + "rand_core 0.6.3", "x25519-dalek", ] diff --git a/network-hypervisor/Cargo.toml b/network-hypervisor/Cargo.toml index ce744c0fe..225938abc 100644 --- a/network-hypervisor/Cargo.toml +++ b/network-hypervisor/Cargo.toml @@ -10,11 +10,7 @@ codegen-units = 1 panic = 'abort' [dependencies] -rand_core = "^0" -aes-gmac-siv = { path = "../aes-gmac-siv" } -x25519-dalek = "^1" -ed25519-dalek = "^1" -gcrypt = "^0" +ztcrypto = { path = "../ztcrypto" } base64 = "^0" urlencoding = "^2" lz4_flex = { version = "^0", features = ["safe-encode", "safe-decode", "checked-decode"] } diff --git a/network-hypervisor/src/lib.rs b/network-hypervisor/src/lib.rs index 9a1008eb4..3ea7b61c6 100644 --- a/network-hypervisor/src/lib.rs +++ b/network-hypervisor/src/lib.rs @@ -1,4 +1,3 @@ -pub mod crypto; pub mod util; pub mod error; pub mod vl1; diff --git a/network-hypervisor/src/vl1/identity.rs b/network-hypervisor/src/vl1/identity.rs index 97e461693..487b35bcd 100644 --- a/network-hypervisor/src/vl1/identity.rs +++ b/network-hypervisor/src/vl1/identity.rs @@ -8,12 +8,12 @@ use std::str::FromStr; use concat_arrays::concat_arrays; -use crate::crypto::balloon; -use crate::crypto::c25519::*; -use crate::crypto::hash::*; -use crate::crypto::p521::*; -use crate::crypto::salsa::Salsa; -use crate::crypto::secret::Secret; +use ztcrypto::balloon; +use ztcrypto::c25519::*; +use ztcrypto::hash::*; +use ztcrypto::p521::*; +use ztcrypto::salsa::Salsa; +use ztcrypto::secret::Secret; use crate::error::InvalidFormatError; use crate::vl1::Address; use crate::vl1::buffer::Buffer; diff --git a/network-hypervisor/src/vl1/node.rs b/network-hypervisor/src/vl1/node.rs index d9fb64c06..d7be6406b 100644 --- a/network-hypervisor/src/vl1/node.rs +++ b/network-hypervisor/src/vl1/node.rs @@ -5,7 +5,7 @@ use std::time::Duration; use dashmap::DashMap; use parking_lot::Mutex; -use crate::crypto::random::{SecureRandom, next_u64_secure}; +use ztcrypto::random::{SecureRandom, next_u64_secure}; use crate::error::InvalidParameterError; use crate::util::gate::IntervalGate; use crate::util::pool::{Pool, Pooled}; diff --git a/network-hypervisor/src/vl1/peer.rs b/network-hypervisor/src/vl1/peer.rs index ef0af85c8..81070c37a 100644 --- a/network-hypervisor/src/vl1/peer.rs +++ b/network-hypervisor/src/vl1/peer.rs @@ -6,17 +6,17 @@ use std::sync::atomic::{AtomicI64, AtomicU64, AtomicU8, Ordering}; use parking_lot::Mutex; -use aes_gmac_siv::{AesCtr, AesGmacSiv}; +use ztcrypto::aes_gmac_siv::{AesCtr, AesGmacSiv}; +use ztcrypto::c25519::C25519KeyPair; +use ztcrypto::hash::{SHA384, SHA384_HASH_SIZE}; +use ztcrypto::kbkdf::zt_kbkdf_hmac_sha384; +use ztcrypto::p521::P521KeyPair; +use ztcrypto::poly1305::Poly1305; +use ztcrypto::random::next_u64_secure; +use ztcrypto::salsa::Salsa; +use ztcrypto::secret::Secret; use crate::{VERSION_MAJOR, VERSION_MINOR, VERSION_PROTO, VERSION_REVISION}; -use crate::crypto::c25519::C25519KeyPair; -use crate::crypto::hash::{SHA384, SHA384_HASH_SIZE}; -use crate::crypto::kbkdf::zt_kbkdf_hmac_sha384; -use crate::crypto::p521::P521KeyPair; -use crate::crypto::poly1305::Poly1305; -use crate::crypto::random::next_u64_secure; -use crate::crypto::salsa::Salsa; -use crate::crypto::secret::Secret; use crate::defaults::UDP_DEFAULT_MTU; use crate::util::pool::{Pool, PoolFactory}; use crate::vl1::{Dictionary, Endpoint, Identity, InetAddress, Path}; diff --git a/network-hypervisor/src/vl1/protocol.rs b/network-hypervisor/src/vl1/protocol.rs index bc4be13ba..1c0847b91 100644 --- a/network-hypervisor/src/vl1/protocol.rs +++ b/network-hypervisor/src/vl1/protocol.rs @@ -2,7 +2,6 @@ use std::mem::MaybeUninit; use crate::vl1::Address; use crate::vl1::buffer::{RawObject, Buffer}; -use crate::crypto::hash::SHA384; pub const VERB_VL1_NOP: u8 = 0x00; pub const VERB_VL1_HELLO: u8 = 0x01; @@ -186,7 +185,7 @@ pub fn compress_packet(src: &[u8], dest: &mut Buffer<{ PACKET_SIZE_MAX }>) -> bo /// Add HMAC-SHA384 to the end of a packet and set verb flag. #[inline(always)] pub fn add_extended_auth(pkt: &mut Buffer<{ PACKET_SIZE_MAX }>, hmac_secret_key: &[u8]) -> std::io::Result<()> { - pkt.append_bytes_fixed(&SHA384::hmac(hmac_secret_key, pkt.as_bytes_starting_at(PACKET_VERB_INDEX + 1)?))?; + pkt.append_bytes_fixed(&ztcrypto::hash::SHA384::hmac(hmac_secret_key, pkt.as_bytes_starting_at(PACKET_VERB_INDEX + 1)?))?; pkt.as_bytes_mut()[PACKET_VERB_INDEX] |= VERB_FLAG_EXTENDED_AUTHENTICATION; Ok(()) } diff --git a/network-hypervisor/src/vl1/rootset.rs b/network-hypervisor/src/vl1/rootset.rs index e5c47fe8e..b6a5a24f0 100644 --- a/network-hypervisor/src/vl1/rootset.rs +++ b/network-hypervisor/src/vl1/rootset.rs @@ -3,10 +3,11 @@ use std::io::Write; use concat_arrays::concat_arrays; -use crate::crypto::c25519::*; -use crate::crypto::hash::SHA384; -use crate::crypto::p521::*; -use crate::crypto::secret::Secret; +use ztcrypto::c25519::*; +use ztcrypto::hash::SHA384; +use ztcrypto::p521::*; +use ztcrypto::secret::Secret; + use crate::error::InvalidFormatError; use crate::vl1::{Endpoint, Identity}; use crate::vl1::buffer::Buffer; diff --git a/ztcrypto/Cargo.toml b/ztcrypto/Cargo.toml new file mode 100644 index 000000000..0e5600708 --- /dev/null +++ b/ztcrypto/Cargo.toml @@ -0,0 +1,11 @@ +[package] +name = "ztcrypto" +version = "0.1.0" +edition = "2018" + +[dependencies] +rand_core = "^0" +aes-gmac-siv = { path = "../aes-gmac-siv" } +gcrypt = "^0" +x25519-dalek = "^1" +ed25519-dalek = "^1" diff --git a/network-hypervisor/src/crypto/balloon.rs b/ztcrypto/src/balloon.rs similarity index 97% rename from network-hypervisor/src/crypto/balloon.rs rename to ztcrypto/src/balloon.rs index b07947a3f..9bbbb5b98 100644 --- a/network-hypervisor/src/crypto/balloon.rs +++ b/ztcrypto/src/balloon.rs @@ -1,10 +1,10 @@ use std::convert::TryInto; use std::mem::MaybeUninit; -use crate::crypto::hash::{SHA384, SHA512}; +use crate::hash::{SHA384, SHA512}; #[inline(always)] -fn hash_int_le(sha: &mut crate::crypto::hash::SHA512, i: u64) { +fn hash_int_le(sha: &mut SHA512, i: u64) { #[cfg(target_endian = "big")] { sha.update(&i.to_le_bytes()); } diff --git a/network-hypervisor/src/crypto/c25519.rs b/ztcrypto/src/c25519.rs similarity index 98% rename from network-hypervisor/src/crypto/c25519.rs rename to ztcrypto/src/c25519.rs index ae4209c38..704e0907c 100644 --- a/network-hypervisor/src/crypto/c25519.rs +++ b/ztcrypto/src/c25519.rs @@ -3,8 +3,8 @@ use std::io::Write; use ed25519_dalek::Digest; -use crate::crypto::random::SecureRandom; -use crate::crypto::secret::Secret; +use crate::random::SecureRandom; +use crate::secret::Secret; pub const C25519_PUBLIC_KEY_SIZE: usize = 32; pub const C25519_SECRET_KEY_SIZE: usize = 32; diff --git a/network-hypervisor/src/crypto/hash.rs b/ztcrypto/src/hash.rs similarity index 100% rename from network-hypervisor/src/crypto/hash.rs rename to ztcrypto/src/hash.rs diff --git a/network-hypervisor/src/crypto/kbkdf.rs b/ztcrypto/src/kbkdf.rs similarity index 90% rename from network-hypervisor/src/crypto/kbkdf.rs rename to ztcrypto/src/kbkdf.rs index 38056ae1b..99f5d7aed 100644 --- a/network-hypervisor/src/crypto/kbkdf.rs +++ b/ztcrypto/src/kbkdf.rs @@ -1,5 +1,5 @@ -use crate::crypto::hash::{SHA384, SHA384_HASH_SIZE}; -use crate::crypto::secret::Secret; +use crate::hash::{SHA384, SHA384_HASH_SIZE}; +use crate::secret::Secret; /// Derive a key using KBKDF prefaced by the bytes 'ZT' for use in ZeroTier. /// This is a fixed cost key derivation function used to derive sub-keys from a single original diff --git a/network-hypervisor/src/crypto/mod.rs b/ztcrypto/src/lib.rs similarity index 89% rename from network-hypervisor/src/crypto/mod.rs rename to ztcrypto/src/lib.rs index e443914d1..db32939e6 100644 --- a/network-hypervisor/src/crypto/mod.rs +++ b/ztcrypto/src/lib.rs @@ -9,3 +9,4 @@ pub mod random; pub mod secret; pub use aes_gmac_siv; +pub use rand_core; diff --git a/network-hypervisor/src/crypto/p521.rs b/ztcrypto/src/p521.rs similarity index 99% rename from network-hypervisor/src/crypto/p521.rs rename to ztcrypto/src/p521.rs index 7dafe5d0c..46ead09bd 100644 --- a/network-hypervisor/src/crypto/p521.rs +++ b/ztcrypto/src/p521.rs @@ -1,8 +1,9 @@ -use std::str::FromStr; use std::convert::TryInto; +use std::str::FromStr; use gcrypt::sexp::SExpression; -use crate::crypto::secret::Secret; + +use crate::secret::Secret; pub const P521_PUBLIC_KEY_SIZE: usize = 132; pub const P521_SECRET_KEY_SIZE: usize = 66; @@ -218,7 +219,7 @@ impl Clone for P521PublicKey { #[cfg(test)] mod tests { - use crate::crypto::p521::P521KeyPair; + use crate::p521::P521KeyPair; #[test] fn generate_sign_verify_agree() { diff --git a/network-hypervisor/src/crypto/poly1305.rs b/ztcrypto/src/poly1305.rs similarity index 100% rename from network-hypervisor/src/crypto/poly1305.rs rename to ztcrypto/src/poly1305.rs diff --git a/network-hypervisor/src/crypto/random.rs b/ztcrypto/src/random.rs similarity index 100% rename from network-hypervisor/src/crypto/random.rs rename to ztcrypto/src/random.rs diff --git a/network-hypervisor/src/crypto/salsa.rs b/ztcrypto/src/salsa.rs similarity index 100% rename from network-hypervisor/src/crypto/salsa.rs rename to ztcrypto/src/salsa.rs diff --git a/network-hypervisor/src/crypto/secret.rs b/ztcrypto/src/secret.rs similarity index 97% rename from network-hypervisor/src/crypto/secret.rs rename to ztcrypto/src/secret.rs index cd260a0ca..55cac208b 100644 --- a/network-hypervisor/src/crypto/secret.rs +++ b/ztcrypto/src/secret.rs @@ -12,7 +12,7 @@ use std::ptr::write_volatile; /// but it's still not a bad idea due to things like swap or obscure side channel /// attacks that allow memory to be read. #[derive(Clone, PartialEq, Eq)] -pub struct Secret(pub(crate) [u8; L]); +pub struct Secret(pub [u8; L]); impl Secret { #[inline(always)]