Merge branch 'main' of github.com:franziskuskiefer/hpke-rs into main

cryspen · Apr 20, 2021 · 7613455 · 7613455
2 parents cf80fe8 + e1ad3e7
commit 7613455
Show file tree

Hide file tree

Showing 7 changed files with 250 additions and 125 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "hpke-rs"
-version = "0.0.6"
+version = "0.0.7"
 authors = ["Franziskus Kiefer <[email protected]>"]
 edition = "2018"
 license = "MPL-2.0"
@@ -10,16 +10,19 @@ readme = "README.md"
 repository = "https://github.com/franziskuskiefer/hpke-rs"
 
 [dependencies]
-evercrypt = { version = "0.0.8", git = "https://github.com/franziskuskiefer/evercrypt-rust" }
+evercrypt = { version = "0.0.8" }
 serde_json = { version = "1.0", optional = true }
 serde = { version = "1.0", features = ["derive"], optional = true }
 
 [features]
 rust-crypto = ["evercrypt/rust-crypto-aes"]
 serialization = ["serde", "serde_json", "evercrypt/serialization"]
 hazmat = []
+deterministic = []
+hpke-test = []
 
 [dev-dependencies]
 serde_json = "1.0"
 serde = { version = "1.0", features = ["derive"] }
 lazy_static = "1.4"
+hpke-rs = { path = ".", features = ["deterministic", "hpke-test", "hazmat"]}
diff --git a/src/dh_kem.rs b/src/dh_kem.rs
@@ -10,6 +10,8 @@ pub(crate) struct DhKem {
     sk_len: usize,
     kdf: kdf::Kdf,
     dh_id: ecdh::Mode,
+    #[cfg(feature = "deterministic")]
+    randomness: Vec<u8>,
 }
 
 impl DhKem {
@@ -22,11 +24,11 @@ impl DhKem {
             },
             kdf: kdf::Kdf::new(kdf_id),
             dh_id,
+            #[cfg(feature = "deterministic")]
+            randomness: Vec::new(),
         }
     }
     fn dh(&self, sk: &[u8], pk: &[u8]) -> Result<Vec<u8>, Error> {
-        // Unwrapping here is fine because we have to make sure that the input
-        // keys are valid before we get here.
         let dh = ecdh_derive(self.dh_id, pk, sk)?;
 
         match self.dh_id {
@@ -63,7 +65,7 @@ impl DhKem {
             suite_id,
             "shared_secret",
             kem_context,
-            self.get_secret_len(),
+            self.secret_len(),
         )
     }
 
@@ -78,13 +80,28 @@ impl DhKem {
     fn deserialize(&self, enc: &[u8]) -> Vec<u8> {
         enc.to_vec()
     }
+
+    #[cfg(feature = "deterministic")]
+    fn random(&self) -> Vec<u8> {
+        if self.randomness.len() == self.secret_len() {
+            self.randomness.clone()
+        } else {
+            // In this case the randomness wasn't set. Just use real randomness.
+            random(self.secret_len())
+        }
+    }
+
+    #[cfg(not(feature = "deterministic"))]
+    fn random(&self) -> Vec<u8> {
+        random(self.secret_len())
+    }
 }
 
 impl KemTrait for DhKem {
-    fn get_secret_len(&self) -> usize {
+    fn secret_len(&self) -> usize {
         self.sk_len
     }
-    fn get_encoded_pk_len(&self) -> usize {
+    fn encoded_pk_len(&self) -> usize {
         self.encoded_pk_len
     }
 
@@ -134,7 +151,7 @@ impl KemTrait for DhKem {
     }
 
     fn encaps(&self, pk_r: &[u8], suite_id: &[u8]) -> Result<(Vec<u8>, Vec<u8>), Error> {
-        let (pk_e, sk_e) = self.derive_key_pair(&get_random_vec(self.get_secret_len()), suite_id);
+        let (pk_e, sk_e) = self.derive_key_pair(suite_id, &self.random());
         let dh_pk = self.dh(&sk_e, pk_r)?;
         let enc = self.serialize(&pk_e);
 
@@ -160,7 +177,7 @@ impl KemTrait for DhKem {
         sk_s: &[u8],
         suite_id: &[u8],
     ) -> Result<(Vec<u8>, Vec<u8>), Error> {
-        let (pk_e, sk_e) = self.derive_key_pair(&get_random_vec(self.get_secret_len()), suite_id);
+        let (pk_e, sk_e) = self.derive_key_pair(suite_id, &self.random());
         let dh_pk = concat(&[&self.dh(&sk_e, pk_r)?, &self.dh(&sk_s, pk_r)?]);
 
         let enc = self.serialize(&pk_e);
@@ -188,6 +205,11 @@ impl KemTrait for DhKem {
 
         Ok(self.extract_and_expand(dh_pk.to_vec(), &kem_context, suite_id))
     }
+
+    #[cfg(feature = "deterministic")]
+    fn set_random(&mut self, r: &[u8]) {
+        self.randomness = r.to_vec();
+    }
 }
 
 impl From<EcdhError> for Error {

diff --git a/src/kem.rs b/src/kem.rs
@@ -94,8 +94,11 @@ pub(crate) trait KemTrait: std::fmt::Debug + Sync {
         suite_id: &[u8],
     ) -> Result<Vec<u8>, Error>;
 
-    fn get_secret_len(&self) -> usize;
-    fn get_encoded_pk_len(&self) -> usize;
+    fn secret_len(&self) -> usize;
+    fn encoded_pk_len(&self) -> usize;
+
+    #[cfg(feature = "deterministic")]
+    fn set_random(&mut self, r: &[u8]);
 }
 
 #[derive(Debug)]
@@ -131,7 +134,7 @@ impl std::fmt::Display for Kem {
     }
 }
 
-fn get_kem_object(mode: Mode, kdf_id: kdf::Mode) -> Box<dyn KemTrait> {
+fn kem_object(mode: Mode, kdf_id: kdf::Mode) -> Box<dyn KemTrait> {
     match mode {
         Mode::DhKem25519 => Box::new(dh_kem::DhKem::init(kdf_id, evercrypt::ecdh::Mode::X25519)),
         Mode::DhKemP256 => Box::new(dh_kem::DhKem::init(kdf_id, evercrypt::ecdh::Mode::P256)),
@@ -143,36 +146,35 @@ impl Kem {
     pub(crate) fn new(mode: Mode) -> Self {
         Self {
             mode,
-            kem: get_kem_object(mode, get_kdf(mode)),
+            kem: kem_object(mode, get_kdf(mode)),
         }
     }
 
     #[inline]
-    fn get_ciphersuite(&self) -> Vec<u8> {
+    fn ciphersuite(&self) -> Vec<u8> {
         util::concat(&[b"KEM", &(self.mode as u16).to_be_bytes()])
     }
 
     pub(crate) fn encaps(&self, pk_r: &[u8]) -> Result<(Vec<u8>, Vec<u8>), Error> {
-        self.kem.encaps(pk_r, &self.get_ciphersuite())
+        self.kem.encaps(pk_r, &self.ciphersuite())
     }
     pub(crate) fn decaps(&self, enc: &[u8], sk_r: &[u8]) -> Result<Vec<u8>, Error> {
-        self.kem.decaps(enc, sk_r, &self.get_ciphersuite())
+        self.kem.decaps(enc, sk_r, &self.ciphersuite())
     }
     pub(crate) fn auth_encaps(
         &self,
         pk_r: &[u8],
         sk_s: &[u8],
     ) -> Result<(Vec<u8>, Vec<u8>), Error> {
-        self.kem.auth_encaps(pk_r, sk_s, &self.get_ciphersuite())
+        self.kem.auth_encaps(pk_r, sk_s, &self.ciphersuite())
     }
     pub(crate) fn auth_decaps(
         &self,
         enc: &[u8],
         sk_r: &[u8],
         pk_s: &[u8],
     ) -> Result<Vec<u8>, Error> {
-        self.kem
-            .auth_decaps(enc, sk_r, pk_s, &self.get_ciphersuite())
+        self.kem.auth_decaps(enc, sk_r, pk_s, &self.ciphersuite())
     }
     pub(crate) fn key_gen(&self) -> (Vec<u8>, Vec<u8>) {
         self.kem.key_gen()
@@ -182,6 +184,11 @@ impl Kem {
     ///
     /// Returns (PublicKey, PrivateKey).
     pub(crate) fn derive_key_pair(&self, ikm: &[u8]) -> (PublicKey, PrivateKey) {
-        self.kem.derive_key_pair(&self.get_ciphersuite(), ikm)
+        self.kem.derive_key_pair(&self.ciphersuite(), ikm)
+    }
+
+    #[cfg(feature = "deterministic")]
+    pub(crate) fn set_random(&mut self, r: &[u8]) {
+        self.kem.set_random(r);
     }
 }