Changed curve and added bench
This commit is contained in:
Hannes
parent
37d1a6b8f1
commit
7618334e50
7 changed files with 160 additions and 22 deletions
25
src/dh.rs
25
src/dh.rs
|
|
@ -1,19 +1,30 @@
|
|||
use x25519_dalek::{PublicKey, SharedSecret, StaticSecret};
|
||||
use rand_core::OsRng;
|
||||
use core::fmt::{Debug, Formatter};
|
||||
use core::fmt;
|
||||
use p256::PublicKey as PublicKey;
|
||||
use p256::ecdh::SharedSecret;
|
||||
use p256::SecretKey;
|
||||
use alloc::vec::Vec;
|
||||
use alloc::string::ToString;
|
||||
use p256::elliptic_curve::ecdh::diffie_hellman;
|
||||
|
||||
pub struct DhKeyPair {
|
||||
pub private_key: StaticSecret,
|
||||
pub private_key: SecretKey,
|
||||
pub public_key: PublicKey,
|
||||
}
|
||||
|
||||
impl DhKeyPair {
|
||||
fn ex_public_key_bytes(&self) -> Vec<u8> {
|
||||
self.public_key.to_string().as_bytes().to_vec()
|
||||
}
|
||||
}
|
||||
|
||||
impl PartialEq for DhKeyPair {
|
||||
fn eq(&self, other: &Self) -> bool {
|
||||
if self.private_key.to_bytes() != other.private_key.to_bytes() {
|
||||
return false
|
||||
}
|
||||
if self.public_key.to_bytes() != other.public_key.to_bytes() {
|
||||
if self.ex_public_key_bytes() != other.ex_public_key_bytes() {
|
||||
return false
|
||||
}
|
||||
true
|
||||
|
|
@ -24,7 +35,7 @@ impl Debug for DhKeyPair {
|
|||
fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
|
||||
f.debug_struct("DhKeyPair")
|
||||
.field("private_key", &self.private_key.to_bytes())
|
||||
.field("public_key", &self.public_key.to_bytes())
|
||||
.field("public_key", &self.ex_public_key_bytes())
|
||||
.finish()
|
||||
}
|
||||
}
|
||||
|
|
@ -37,8 +48,8 @@ impl Default for DhKeyPair {
|
|||
|
||||
impl DhKeyPair {
|
||||
pub fn new() -> Self {
|
||||
let secret = StaticSecret::new(OsRng);
|
||||
let public = PublicKey::from(&secret);
|
||||
let secret = SecretKey::random(&mut OsRng);
|
||||
let public = PublicKey::from_secret_scalar(&secret.secret_scalar());
|
||||
DhKeyPair {
|
||||
private_key: secret,
|
||||
public_key: public,
|
||||
|
|
@ -46,7 +57,7 @@ impl DhKeyPair {
|
|||
}
|
||||
|
||||
pub fn key_agreement(&self, public_key: &PublicKey) -> SharedSecret {
|
||||
self.private_key.diffie_hellman(public_key)
|
||||
diffie_hellman(self.private_key.secret_scalar(), public_key.as_affine())
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
use x25519_dalek::PublicKey;
|
||||
use p256::PublicKey;
|
||||
use crate::dh::DhKeyPair;
|
||||
use alloc::vec::Vec;
|
||||
use serde::{Serialize, Deserialize};
|
||||
|
|
@ -8,6 +8,8 @@ use aes_gcm_siv::aead::{NewAead, AeadInPlace};
|
|||
|
||||
#[cfg(test)]
|
||||
use crate::dh::gen_key_pair;
|
||||
use alloc::string::{ToString, String};
|
||||
use core::str::FromStr;
|
||||
|
||||
#[derive(Debug, Copy, Clone)]
|
||||
pub struct Header {
|
||||
|
|
@ -20,7 +22,7 @@ pub struct Header {
|
|||
struct ExHeader {
|
||||
#[serde(with = "serde_bytes")]
|
||||
ad: Vec<u8>,
|
||||
public_key: [u8; 32],
|
||||
public_key: Vec<u8>,
|
||||
pn: usize,
|
||||
n: usize
|
||||
}
|
||||
|
|
@ -39,7 +41,7 @@ impl Header {
|
|||
pub fn concat(&self, ad: &[u8]) -> Vec<u8> {
|
||||
let ex_header = ExHeader {
|
||||
ad: ad.to_vec(),
|
||||
public_key: self.public_key.to_bytes(),
|
||||
public_key: self.public_key.to_string().as_bytes().to_vec(),
|
||||
pn: self.pn,
|
||||
n: self.n
|
||||
};
|
||||
|
|
@ -72,13 +74,17 @@ impl Header {
|
|||
};
|
||||
Some(Header::from(buffer))
|
||||
}
|
||||
pub fn ex_public_key_bytes(&self) -> Vec<u8> {
|
||||
self.public_key.to_string().as_bytes().to_vec()
|
||||
}
|
||||
}
|
||||
|
||||
impl From<Vec<u8>> for Header {
|
||||
fn from(d: Vec<u8>) -> Self {
|
||||
let ex_header: ExHeader = bincode::deserialize(&d).unwrap();
|
||||
let public_key_string = String::from_utf8(ex_header.public_key).unwrap();
|
||||
Header {
|
||||
public_key: PublicKey::from(ex_header.public_key),
|
||||
public_key: PublicKey::from_str(&public_key_string).unwrap(),
|
||||
pn: ex_header.pn,
|
||||
n: ex_header.n,
|
||||
}
|
||||
|
|
@ -88,8 +94,9 @@ impl From<Vec<u8>> for Header {
|
|||
impl From<&[u8]> for Header {
|
||||
fn from(d: &[u8]) -> Self {
|
||||
let ex_header: ExHeader = bincode::deserialize(d).unwrap();
|
||||
let public_key_string = String::from_utf8(ex_header.public_key).unwrap();
|
||||
Header {
|
||||
public_key: PublicKey::from(ex_header.public_key),
|
||||
public_key: PublicKey::from_str(&public_key_string).unwrap(),
|
||||
pn: ex_header.pn,
|
||||
n: ex_header.n,
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
use x25519_dalek::SharedSecret;
|
||||
|
||||
use hkdf::Hkdf;
|
||||
|
||||
#[cfg(feature = "ring")]
|
||||
|
|
@ -11,6 +11,7 @@ use core::convert::TryInto;
|
|||
|
||||
#[cfg(test)]
|
||||
use crate::dh::gen_shared_secret;
|
||||
use p256::ecdh::SharedSecret;
|
||||
|
||||
pub fn kdf_rk(rk: &[u8; 32], dh_out: &SharedSecret) -> ([u8; 32], [u8; 32]) {
|
||||
let h = Hkdf::<Sha512>::new(Some(rk), dh_out.as_bytes());
|
||||
|
|
|
|||
|
|
@ -130,7 +130,7 @@
|
|||
|
||||
extern crate alloc;
|
||||
|
||||
pub use x25519_dalek::PublicKey;
|
||||
pub use p256::PublicKey;
|
||||
|
||||
mod aead;
|
||||
mod dh;
|
||||
|
|
|
|||
|
|
@ -2,13 +2,14 @@
|
|||
//!
|
||||
|
||||
use crate::dh::DhKeyPair;
|
||||
use x25519_dalek::PublicKey;
|
||||
use p256::PublicKey;
|
||||
use hashbrown::HashMap;
|
||||
use crate::kdf_root::{kdf_rk, kdf_rk_he};
|
||||
use crate::header::Header;
|
||||
use alloc::vec::Vec;
|
||||
use crate::kdf_chain::kdf_ck;
|
||||
use crate::aead::{encrypt, decrypt};
|
||||
use alloc::string::ToString;
|
||||
|
||||
const MAX_SKIP: usize = 100;
|
||||
|
||||
|
|
@ -24,7 +25,7 @@ pub struct Ratchet {
|
|||
ns: usize,
|
||||
nr: usize,
|
||||
pn: usize,
|
||||
mkskipped: HashMap<(PublicKey, usize), [u8; 32]>,
|
||||
mkskipped: HashMap<(Vec<u8>, usize), [u8; 32]>,
|
||||
}
|
||||
|
||||
impl Ratchet {
|
||||
|
|
@ -75,10 +76,10 @@ impl Ratchet {
|
|||
}
|
||||
|
||||
fn try_skipped_message_keys(&mut self, header: &Header, ciphertext: &[u8], nonce: &[u8; 12], ad: &[u8]) -> Option<Vec<u8>> {
|
||||
if self.mkskipped.contains_key(&(header.public_key, header.n)) {
|
||||
let mk = *self.mkskipped.get(&(header.public_key, header.n))
|
||||
if self.mkskipped.contains_key(&(header.ex_public_key_bytes(), header.n)) {
|
||||
let mk = *self.mkskipped.get(&(header.ex_public_key_bytes(), header.n))
|
||||
.unwrap();
|
||||
self.mkskipped.remove(&(header.public_key, header.n)).unwrap();
|
||||
self.mkskipped.remove(&(header.ex_public_key_bytes(), header.n)).unwrap();
|
||||
Some(decrypt(&mk, ciphertext, &header.concat(ad), nonce))
|
||||
} else {
|
||||
None
|
||||
|
|
@ -94,7 +95,7 @@ impl Ratchet {
|
|||
while self.nr < until {
|
||||
let (ckr, mk) = kdf_ck(&d);
|
||||
self.ckr = Some(ckr);
|
||||
self.mkskipped.insert((self.dhr.unwrap(), self.nr), mk);
|
||||
self.mkskipped.insert((self.dhr.unwrap().to_string().as_bytes().to_vec(), self.nr), mk);
|
||||
self.nr += 1
|
||||
}
|
||||
Ok(())
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue