Updated dependencies. Removed useless zeroize.
This commit is contained in:
parent
ae6673cb48
commit
6aaae1bea4
8 changed files with 19 additions and 51 deletions
5
.gitignore
vendored
5
.gitignore
vendored
|
@ -1,5 +1,2 @@
|
||||||
/target
|
/target
|
||||||
Cargo.lock
|
/.idea
|
||||||
/.idea/.gitignore
|
|
||||||
/.idea/double-ratchet-2.iml
|
|
||||||
/.idea/vcs.xml
|
|
||||||
|
|
19
Cargo.toml
19
Cargo.toml
|
@ -17,20 +17,18 @@ maintenance = { status = "actively-developed" }
|
||||||
|
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
p256 = {version = "0.9", features = ["zeroize", "ecdh", "arithmetic", "pem", "jwk"]}
|
p256 = {version = "0.10", features = ["ecdh", "arithmetic", "pem", "jwk"]}
|
||||||
rand_core = {version = "0.6"}
|
rand_core = {version = "0.6"}
|
||||||
getrandom = {version = "0.2.3"}
|
getrandom = {version = "0.2.3"}
|
||||||
hkdf = "0.11.0"
|
hkdf = "0.12"
|
||||||
hmac = "0.11.0"
|
hmac = "0.12"
|
||||||
aes-gcm-siv = {version = "0.10.3"}
|
aes-gcm-siv = {version = "0.10.3"}
|
||||||
ring-compat = {version = "0.4.0", optional = true, features = ["digest"]}
|
sha2 = {version = "0.10"}
|
||||||
sha2 = {version = "0.9.5", optional = true}
|
serde = {version = "1", default-features = false, features = ["derive"]}
|
||||||
serde = {version = "1.0.125", default-features = false, features = ["derive"]}
|
serde_bytes = "0.11"
|
||||||
serde_bytes = "0.11.5"
|
bincode = "1"
|
||||||
bincode = "1.3.3"
|
|
||||||
hashbrown = {version = "0.12", features = ["serde"]}
|
hashbrown = {version = "0.12", features = ["serde"]}
|
||||||
zeroize = {version = "1.3", features = ["zeroize_derive"]}
|
zeroize = {version = "1.3", features = ["zeroize_derive"]}
|
||||||
const-oid = "0.7.0"
|
|
||||||
|
|
||||||
[dev-dependencies]
|
[dev-dependencies]
|
||||||
criterion = "0.3.4"
|
criterion = "0.3.4"
|
||||||
|
@ -41,9 +39,6 @@ harness = false
|
||||||
|
|
||||||
[profile.release]
|
[profile.release]
|
||||||
lto = true
|
lto = true
|
||||||
opt-level = 3
|
|
||||||
|
|
||||||
[features]
|
[features]
|
||||||
default = ["sha2"]
|
|
||||||
ring = ["ring-compat/digest"]
|
|
||||||
wasm = ["getrandom/js"]
|
wasm = ["getrandom/js"]
|
||||||
|
|
21
src/dh.rs
21
src/dh.rs
|
@ -8,27 +8,12 @@ use alloc::vec::Vec;
|
||||||
use alloc::string::ToString;
|
use alloc::string::ToString;
|
||||||
use p256::elliptic_curve::ecdh::diffie_hellman;
|
use p256::elliptic_curve::ecdh::diffie_hellman;
|
||||||
|
|
||||||
use zeroize::Zeroize;
|
|
||||||
|
|
||||||
#[derive(Clone)]
|
#[derive(Clone)]
|
||||||
pub struct DhKeyPair {
|
pub struct DhKeyPair {
|
||||||
pub private_key: SecretKey,
|
pub private_key: SecretKey,
|
||||||
pub public_key: PublicKey,
|
pub public_key: PublicKey,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Drop for DhKeyPair {
|
|
||||||
fn drop(&mut self) {
|
|
||||||
self.private_key = SecretKey::random(&mut OsRng);
|
|
||||||
self.public_key = self.private_key.public_key();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl Zeroize for DhKeyPair {
|
|
||||||
fn zeroize(&mut self) {
|
|
||||||
self.private_key = SecretKey::random(&mut OsRng);
|
|
||||||
self.public_key = self.private_key.public_key();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl DhKeyPair {
|
impl DhKeyPair {
|
||||||
fn ex_public_key_bytes(&self) -> Vec<u8> {
|
fn ex_public_key_bytes(&self) -> Vec<u8> {
|
||||||
|
@ -38,7 +23,7 @@ impl DhKeyPair {
|
||||||
|
|
||||||
impl PartialEq for DhKeyPair {
|
impl PartialEq for DhKeyPair {
|
||||||
fn eq(&self, other: &Self) -> bool {
|
fn eq(&self, other: &Self) -> bool {
|
||||||
if self.private_key.to_bytes() != other.private_key.to_bytes() {
|
if self.private_key.to_be_bytes() != other.private_key.to_be_bytes() {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
if self.ex_public_key_bytes() != other.ex_public_key_bytes() {
|
if self.ex_public_key_bytes() != other.ex_public_key_bytes() {
|
||||||
|
@ -51,7 +36,7 @@ impl PartialEq for DhKeyPair {
|
||||||
impl Debug for DhKeyPair {
|
impl Debug for DhKeyPair {
|
||||||
fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
|
fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
|
||||||
f.debug_struct("DhKeyPair")
|
f.debug_struct("DhKeyPair")
|
||||||
.field("private_key", &self.private_key.to_bytes())
|
.field("private_key", &self.private_key.to_be_bytes())
|
||||||
.field("public_key", &self.ex_public_key_bytes())
|
.field("public_key", &self.ex_public_key_bytes())
|
||||||
.finish()
|
.finish()
|
||||||
}
|
}
|
||||||
|
@ -74,7 +59,7 @@ impl DhKeyPair {
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn key_agreement(&self, public_key: &PublicKey) -> SharedSecret {
|
pub fn key_agreement(&self, public_key: &PublicKey) -> SharedSecret {
|
||||||
diffie_hellman(self.private_key.to_secret_scalar(), public_key.as_affine())
|
diffie_hellman(self.private_key.to_nonzero_scalar(), public_key.as_affine())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,5 @@
|
||||||
use hmac::{Hmac, Mac, NewMac};
|
use hmac::{Hmac, Mac};
|
||||||
|
|
||||||
#[cfg(feature = "ring")]
|
|
||||||
use ring_compat::digest::Sha512;
|
|
||||||
|
|
||||||
#[cfg(not(feature = "ring"))]
|
|
||||||
use sha2::Sha512;
|
use sha2::Sha512;
|
||||||
|
|
||||||
use core::convert::TryInto;
|
use core::convert::TryInto;
|
||||||
|
|
|
@ -1,10 +1,7 @@
|
||||||
|
|
||||||
use hkdf::Hkdf;
|
use hkdf::Hkdf;
|
||||||
|
|
||||||
#[cfg(feature = "ring")]
|
|
||||||
use ring_compat::digest::Sha512;
|
|
||||||
|
|
||||||
#[cfg(not(feature = "ring"))]
|
|
||||||
use sha2::Sha512;
|
use sha2::Sha512;
|
||||||
|
|
||||||
use core::convert::TryInto;
|
use core::convert::TryInto;
|
||||||
|
|
|
@ -119,7 +119,7 @@
|
||||||
//! # let shared_nhkb = [2; 32];
|
//! # let shared_nhkb = [2; 32];
|
||||||
//! let (bob_ratchet, public_key) = RatchetEncHeader::init_bob(sk, shared_hka, shared_nhkb);
|
//! let (bob_ratchet, public_key) = RatchetEncHeader::init_bob(sk, shared_hka, shared_nhkb);
|
||||||
//! let ex_ratchet = bob_ratchet.export();
|
//! let ex_ratchet = bob_ratchet.export();
|
||||||
//! let im_ratchet = RatchetEncHeader::import(&ex_ratchet);
|
//! let im_ratchet = RatchetEncHeader::import(&ex_ratchet).unwrap();
|
||||||
//! assert_eq!(im_ratchet, bob_ratchet)
|
//! assert_eq!(im_ratchet, bob_ratchet)
|
||||||
//! ```
|
//! ```
|
||||||
//!
|
//!
|
||||||
|
|
|
@ -33,7 +33,6 @@ pub struct Ratchet {
|
||||||
|
|
||||||
impl Drop for Ratchet {
|
impl Drop for Ratchet {
|
||||||
fn drop(&mut self) {
|
fn drop(&mut self) {
|
||||||
self.dhs.zeroize();
|
|
||||||
if let Some(mut _d) = self.dhr {
|
if let Some(mut _d) = self.dhr {
|
||||||
let sk = SecretKey::random(&mut OsRng);
|
let sk = SecretKey::random(&mut OsRng);
|
||||||
_d = sk.public_key()
|
_d = sk.public_key()
|
||||||
|
@ -182,7 +181,6 @@ pub struct RatchetEncHeader {
|
||||||
|
|
||||||
impl Zeroize for RatchetEncHeader {
|
impl Zeroize for RatchetEncHeader {
|
||||||
fn zeroize(&mut self) {
|
fn zeroize(&mut self) {
|
||||||
self.dhs.zeroize();
|
|
||||||
self.rk.zeroize();
|
self.rk.zeroize();
|
||||||
self.cks.zeroize();
|
self.cks.zeroize();
|
||||||
self.ckr.zeroize();
|
self.ckr.zeroize();
|
||||||
|
@ -225,7 +223,7 @@ impl From<&RatchetEncHeader> for ExRatchetEncHeader {
|
||||||
fn from(reh: &RatchetEncHeader) -> Self {
|
fn from(reh: &RatchetEncHeader) -> Self {
|
||||||
let private_dhs = reh.dhs.private_key.to_jwk_string();
|
let private_dhs = reh.dhs.private_key.to_jwk_string();
|
||||||
let public_dhs = reh.dhs.public_key.to_jwk_string();
|
let public_dhs = reh.dhs.public_key.to_jwk_string();
|
||||||
let dhs = (private_dhs, public_dhs);
|
let dhs = (private_dhs.to_string(), public_dhs);
|
||||||
let dhr = reh.dhr.map(|e| e.to_jwk_string());
|
let dhr = reh.dhr.map(|e| e.to_jwk_string());
|
||||||
let rk = reh.rk;
|
let rk = reh.rk;
|
||||||
let cks = reh.cks;
|
let cks = reh.cks;
|
||||||
|
@ -441,8 +439,8 @@ impl RatchetEncHeader {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Import the ratchet from Binary data. Panics when binary data is invalid.
|
/// Import the ratchet from Binary data. Panics when binary data is invalid.
|
||||||
pub fn import(inp: &[u8]) -> Self {
|
pub fn import(inp: &[u8]) -> Option<Self> {
|
||||||
let ex: ExRatchetEncHeader = bincode::deserialize(inp).unwrap();
|
let ex: ExRatchetEncHeader = bincode::deserialize(inp).ok()?;
|
||||||
RatchetEncHeader::from(&ex)
|
Some(RatchetEncHeader::from(&ex))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -189,10 +189,10 @@ fn import_export() {
|
||||||
let alice_ratchet = RatchetEncHeader::init_alice(sk, public_key, shared_hka, shared_nhkb);
|
let alice_ratchet = RatchetEncHeader::init_alice(sk, public_key, shared_hka, shared_nhkb);
|
||||||
|
|
||||||
let ex_bob_ratchet = bob_ratchet.export();
|
let ex_bob_ratchet = bob_ratchet.export();
|
||||||
let in_bob_ratchet = RatchetEncHeader::import(&ex_bob_ratchet);
|
let in_bob_ratchet = RatchetEncHeader::import(&ex_bob_ratchet).unwrap();
|
||||||
assert_eq!(in_bob_ratchet, bob_ratchet);
|
assert_eq!(in_bob_ratchet, bob_ratchet);
|
||||||
|
|
||||||
let ex_alice_ratchet = alice_ratchet.export();
|
let ex_alice_ratchet = alice_ratchet.export();
|
||||||
let in_alice_ratchet = RatchetEncHeader::import(&ex_alice_ratchet);
|
let in_alice_ratchet = RatchetEncHeader::import(&ex_alice_ratchet).unwrap();
|
||||||
assert_eq!(in_alice_ratchet, alice_ratchet);
|
assert_eq!(in_alice_ratchet, alice_ratchet);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue