sachy.dev / sachy-embed-core
Repo of no-std crates for my personal embedded projects
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Switch to x25519 curve

Sachymetsu 4979bd9d df6e0987

+78 -30
+54 -2
Cargo.lock
··· 291 291 ] 292 292 293 293 [[package]] 294 + name = "curve25519-dalek" 295 + version = "5.0.0-pre.6" 296 + source = "registry+https://github.com/rust-lang/crates.io-index" 297 + checksum = "335f1947f241137a14106b6f5acc5918a5ede29c9d71d3f2cb1678d5075d9fc3" 298 + dependencies = [ 299 + "cfg-if", 300 + "cpufeatures 0.2.17", 301 + "curve25519-dalek-derive", 302 + "fiat-crypto", 303 + "rustc_version", 304 + "subtle", 305 + "zeroize", 306 + ] 307 + 308 + [[package]] 309 + name = "curve25519-dalek-derive" 310 + version = "0.1.1" 311 + source = "registry+https://github.com/rust-lang/crates.io-index" 312 + checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" 313 + dependencies = [ 314 + "proc-macro2", 315 + "quote", 316 + "syn", 317 + ] 318 + 319 + [[package]] 294 320 name = "darling" 295 321 version = "0.20.11" 296 322 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 412 438 version = "0.1.0-rc.0" 413 439 source = "git+https://github.com/RustCrypto/KEMs?rev=5b84cfb1c94ef4eeecd77d3281d18833d095978b#5b84cfb1c94ef4eeecd77d3281d18833d095978b" 414 440 dependencies = [ 415 - "elliptic-curve", 416 441 "hkdf", 417 - "k256", 418 442 "kem", 419 443 "rand_core", 444 + "x25519-dalek", 420 445 "zeroize", 421 446 ] 422 447 ··· 654 679 version = "2.3.0" 655 680 source = "registry+https://github.com/rust-lang/crates.io-index" 656 681 checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" 682 + 683 + [[package]] 684 + name = "fiat-crypto" 685 + version = "0.3.0" 686 + source = "registry+https://github.com/rust-lang/crates.io-index" 687 + checksum = "64cd1e32ddd350061ae6edb1b082d7c54915b5c672c389143b9a63403a109f24" 657 688 658 689 [[package]] 659 690 name = "find-msvc-tools" ··· 1468 1499 checksum = "b50b8869d9fc858ce7266cce0194bd74df58b9d0e3f6df3a9fc8eb470d95c09d" 1469 1500 1470 1501 [[package]] 1502 + name = "rustc_version" 1503 + version = "0.4.1" 1504 + source = "registry+https://github.com/rust-lang/crates.io-index" 1505 + checksum = "cfcb3a22ef46e85b45de6ee7e79d063319ebb6594faafcf1c225ea92ab6e9b92" 1506 + dependencies = [ 1507 + "semver", 1508 + ] 1509 + 1510 + [[package]] 1471 1511 name = "rustcrypto-ff" 1472 1512 version = "0.14.0-rc.1" 1473 1513 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 1545 1585 "elliptic-curve", 1546 1586 "k256", 1547 1587 "sha2 0.11.0-rc.5", 1588 + "x25519-dalek", 1548 1589 ] 1549 1590 1550 1591 [[package]] ··· 2263 2304 "serde_json", 2264 2305 "unicode-xid", 2265 2306 "wasmparser", 2307 + ] 2308 + 2309 + [[package]] 2310 + name = "x25519-dalek" 2311 + version = "3.0.0-pre.6" 2312 + source = "registry+https://github.com/rust-lang/crates.io-index" 2313 + checksum = "b3d5d6ff67acd3945b933e592bfa7143db4fcbb2f871754b6b9fbd7847fc5aea" 2314 + dependencies = [ 2315 + "curve25519-dalek", 2316 + "rand_core", 2317 + "zeroize", 2266 2318 ] 2267 2319 2268 2320 [[package]]
+6 -2
sachy-crypto/Cargo.toml
··· 13 13 [dependencies] 14 14 chacha20poly1305 = { version = "=0.11.0-rc.3", default-features = false, features = ["getrandom"] } 15 15 k256 = { version = "=0.14.0-rc.8", default-features = false, features = ["ecdh", "getrandom"] } 16 + x25519-dalek = { version = "=3.0.0-pre.6", default-features = false, features = ["zeroize"] } 16 17 sha2 = { version = "=0.11.0-rc.5", default-features = false, features = [] } 17 - dhkem = { version = "0.1.0-rc.0", features = ["getrandom", "k256"] } 18 + dhkem = { version = "0.1.0-rc.0", features = ["getrandom", "x25519"] } 18 19 elliptic-curve = { version = "0.14.0-rc.28", default-features = false, features = ["ecdh"] } 19 20 20 21 [dev-dependencies] 21 - chacha20poly1305 = { version = "=0.11.0-rc.3", default-features = false, features = ["getrandom", "alloc"] } 22 + chacha20poly1305 = { version = "=0.11.0-rc.3", default-features = false, features = [ 23 + "getrandom", 24 + "alloc", 25 + ] }
+18 -26
sachy-crypto/src/lib.rs
··· 4 4 5 5 use chacha20poly1305::{AeadInOut, ChaCha20Poly1305, KeyInit, aead}; 6 6 use dhkem::{ 7 - Encapsulate, Kem, Secp256k1DecapsulationKey, Secp256k1EncapsulationKey, Secp256k1Kem, 8 - TryDecapsulate, 9 - kem::{Ciphertext, SharedKey}, 7 + Encapsulate, Expander, Kem, X25519DecapsulationKey, X25519EncapsulationKey, X25519Kem, 8 + kem::{Ciphertext, Decapsulate, Key, KeyExport, SharedKey, TryKeyInit}, 10 9 }; 11 - use elliptic_curve::{ 12 - sec1::{FromSec1Point, ToSec1Point}, 13 - subtle::ConstantTimeEq, 14 - }; 15 - use k256::Secp256k1; 10 + use elliptic_curve::subtle::ConstantTimeEq; 16 11 17 12 extern crate alloc; 18 13 19 - pub type SharedSecret = elliptic_curve::ecdh::SharedSecret<Secp256k1>; 20 - pub type Sec1Point = elliptic_curve::sec1::Sec1Point<Secp256k1>; 21 - 22 14 /// Error type. 23 15 /// 24 16 /// This type is deliberately opaque as to avoid potential side-channel ··· 40 32 } 41 33 } 42 34 43 - pub struct ClientHandshake(Secp256k1DecapsulationKey); 35 + pub struct ClientHandshake(X25519DecapsulationKey); 44 36 45 - pub struct EncapsulatedPublicKey(Secp256k1EncapsulationKey); 37 + pub struct EncapsulatedPublicKey(X25519EncapsulationKey); 46 38 47 39 /// The role of the participant, whether sending/receiving during handshake, 48 40 /// and then whether sending/receiving during communication. ··· 72 64 } 73 65 74 66 impl EncapsulatedPublicKey { 75 - pub fn serialize(&self) -> Sec1Point { 76 - self.0.to_sec1_point(true) 67 + pub fn serialize(&self) -> Key<X25519EncapsulationKey> { 68 + self.0.to_bytes() 77 69 } 78 70 79 71 pub fn deserialize(buf: &[u8]) -> Result<Self, ProtoError> { 80 72 Ok(Self( 81 - Secp256k1EncapsulationKey::from_sec1_bytes(buf).map_err(|_| ProtoError)?, 73 + X25519EncapsulationKey::new_from_slice(buf).map_err(|_| ProtoError)?, 82 74 )) 83 75 } 84 76 85 - pub fn encapsulate(&self) -> (Ciphertext<Secp256k1Kem>, SharedKey<Secp256k1Kem>) { 77 + pub fn encapsulate(&self) -> (Ciphertext<X25519Kem>, SharedKey<X25519Kem>) { 86 78 self.0.encapsulate() 87 79 } 88 80 } 89 81 90 82 impl ClientHandshake { 91 83 pub fn send() -> (EncapsulatedPublicKey, Self) { 92 - let (decap, encap) = Secp256k1Kem::generate_keypair(); 84 + let (decap, encap) = X25519Kem::generate_keypair(); 93 85 94 86 (EncapsulatedPublicKey(encap), Self(decap)) 95 87 } ··· 97 89 pub fn finish(self, ciphertext: &[u8], psk: &[u8; 32]) -> Result<TransportState, ProtoError> { 98 90 let shared = self 99 91 .0 100 - .try_decapsulate_slice(ciphertext) 92 + .decapsulate_slice(ciphertext) 101 93 .map_err(|_| ProtoError)?; 102 94 103 95 TransportState::init(psk, shared, Role::Sender) 104 96 } 105 97 } 106 98 107 - pub struct ServerHandshake(SharedKey<Secp256k1Kem>); 99 + pub struct ServerHandshake(SharedKey<X25519Kem>); 108 100 109 101 impl ServerHandshake { 110 - pub fn receive(buf: &[u8]) -> Result<(Ciphertext<Secp256k1Kem>, Self), ProtoError> { 102 + pub fn receive(buf: &[u8]) -> Result<(Ciphertext<X25519Kem>, Self), ProtoError> { 111 103 let encap = EncapsulatedPublicKey::deserialize(buf)?; 112 104 113 105 let (ciphertext, sk) = encap.encapsulate(); ··· 189 181 impl TransportState { 190 182 pub fn init( 191 183 psk: &[u8; 32], 192 - shared: impl Into<SharedSecret>, 184 + shared: SharedKey<X25519Kem>, 193 185 role: Role, 194 186 ) -> Result<Self, ProtoError> { 195 - let noncer = shared.into(); 196 - let kdf = noncer.extract::<sha2::Sha256>(Some(psk)); 187 + let kdf = Expander::<sha2::Sha256>::new_labeled_hpke(psk, b"Sachy-Crypto", &shared) 188 + .map_err(|_| ProtoError)?; 197 189 198 190 let mut key = [0u8; 32]; 199 191 let mut client = aead::Nonce::<ChaCha20Poly1305>::default(); 200 192 let mut server = aead::Nonce::<ChaCha20Poly1305>::default(); 201 193 202 - kdf.expand(b"SachY-Crypt0", &mut key) 194 + kdf.expand(b"SecretKey012", &mut key) 203 195 .map_err(|_| ProtoError)?; 204 196 kdf.expand(b"NonceClient*", &mut client) 205 197 .map_err(|_| ProtoError)?; ··· 354 346 let (ek, client) = ClientHandshake::send(); 355 347 356 348 // Pretend to send ek across the webz: client -> server 357 - let (ciphertext, server) = ServerHandshake::receive(ek.serialize().as_bytes())?; 349 + let (ciphertext, server) = ServerHandshake::receive(&ek.serialize())?; 358 350 359 351 // Pretend to send ciphertext across the webz: server -> client 360 352 let alice = client.finish(&ciphertext, &psk)?;