Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PAKE #215

Merged
merged 4 commits into from
Apr 12, 2024
Merged

PAKE #215

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
bddcc27
Get p2p and c2s positive/negative tests working
tbraun96 Apr 10, 2024
e4c935f
Improve test
tbraun96 Apr 10, 2024
6f7c840
Cleanup
tbraun96 Apr 10, 2024
f98214f
Remove debug_cause_timeout tests
tbraun96 Apr 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions citadel_crypt/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ num_cpus = { workspace = true }
[dev-dependencies]
citadel_logging = { workspace = true }
rstest = { workspace = true }
lazy_static = { workspace = true }

[lib]
doctest = false
7 changes: 6 additions & 1 deletion citadel_crypt/src/endpoint_crypto_container.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -260,12 +260,17 @@ pub trait EndpointRatchetConstructor<R: Ratchet>: Send + Sync + 'static {
new_drill_vers: u32,
opts: Vec<ConstructorOpts>,
transfer: AliceToBobTransferType,
psks: &[Vec<u8>],
) -> Option<Self>
where
Self: Sized;
fn stage0_alice(&self) -> Option<AliceToBobTransferType>;
fn stage0_bob(&self) -> Option<BobToAliceTransferType>;
fn stage1_alice(&mut self, transfer: BobToAliceTransferType) -> Result<(), CryptError>;
fn stage1_alice(
&mut self,
transfer: BobToAliceTransferType,
psks: &[Vec<u8>],
) -> Result<(), CryptError>;

fn update_version(&mut self, version: u32) -> Option<()>;
fn finish_with_custom_cid(self, cid: u64) -> Option<R>;
Expand Down
27 changes: 20 additions & 7 deletions citadel_crypt/src/fcm/fcm_ratchet.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -149,10 +149,11 @@ impl EndpointRatchetConstructor<ThinRatchet> for ThinRatchetConstructor {
_new_drill_vers: u32,
mut opts: Vec<ConstructorOpts>,
transfer: AliceToBobTransferType,
psks: &[Vec<u8>],
) -> Option<Self> {
match transfer {
AliceToBobTransferType::Fcm(transfer) => {
ThinRatchetConstructor::new_bob(opts.remove(0), transfer)
ThinRatchetConstructor::new_bob(opts.remove(0), transfer, psks)
}

_ => {
Expand All @@ -170,9 +171,13 @@ impl EndpointRatchetConstructor<ThinRatchet> for ThinRatchetConstructor {
Some(BobToAliceTransferType::Fcm(self.stage0_bob()?))
}

fn stage1_alice(&mut self, transfer: BobToAliceTransferType) -> Result<(), CryptError> {
fn stage1_alice(
&mut self,
transfer: BobToAliceTransferType,
psks: &[Vec<u8>],
) -> Result<(), CryptError> {
match transfer {
BobToAliceTransferType::Fcm(transfer) => self.stage1_alice(transfer),
BobToAliceTransferType::Fcm(transfer) => self.stage1_alice(transfer, psks),

_ => Err(CryptError::DrillUpdateError(
"Incompatible Ratchet Type passed! [X-44]".to_string(),
Expand Down Expand Up @@ -228,9 +233,13 @@ impl ThinRatchetConstructor {
}

///
pub fn new_bob(opts: ConstructorOpts, transfer: FcmAliceToBobTransfer) -> Option<Self> {
pub fn new_bob(
opts: ConstructorOpts,
transfer: FcmAliceToBobTransfer,
psks: &[Vec<u8>],
) -> Option<Self> {
let params = transfer.params;
let pqc = PostQuantumContainer::new_bob(opts, transfer.transfer_params).ok()?;
let pqc = PostQuantumContainer::new_bob(opts, transfer.transfer_params, psks).ok()?;
let drill =
EntropyBank::new(transfer.cid, transfer.version, params.encryption_algorithm).ok()?;

Expand Down Expand Up @@ -268,9 +277,13 @@ impl ThinRatchetConstructor {
}

///
pub fn stage1_alice(&mut self, transfer: FcmBobToAliceTransfer) -> Result<(), CryptError> {
pub fn stage1_alice(
&mut self,
transfer: FcmBobToAliceTransfer,
psks: &[Vec<u8>],
) -> Result<(), CryptError> {
self.pqc
.alice_on_receive_ciphertext(transfer.params_tx)
.alice_on_receive_ciphertext(transfer.params_tx, psks)
.map_err(|err| CryptError::DrillUpdateError(err.to_string()))?;
let bytes = self
.pqc
Expand Down
36 changes: 25 additions & 11 deletions citadel_crypt/src/stacked_ratchet.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -434,11 +434,14 @@ pub mod constructor {
}

impl<R: Ratchet, Fcm: Ratchet> ConstructorType<R, Fcm> {
pub fn stage1_alice(&mut self, transfer: BobToAliceTransferType) -> Result<(), CryptError> {
pub fn stage1_alice(
&mut self,
transfer: BobToAliceTransferType,
psks: &[Vec<u8>],
) -> Result<(), CryptError> {
match self {
ConstructorType::Default(con) => con.stage1_alice(transfer),

ConstructorType::Fcm(con) => con.stage1_alice(transfer),
ConstructorType::Default(con) => con.stage1_alice(transfer, psks),
ConstructorType::Fcm(con) => con.stage1_alice(transfer, psks),
}
}

Expand Down Expand Up @@ -510,10 +513,11 @@ pub mod constructor {
new_drill_vers: u32,
opts: Vec<ConstructorOpts>,
transfer: AliceToBobTransferType,
psks: &[Vec<u8>],
) -> Option<Self> {
match transfer {
AliceToBobTransferType::Default(transfer) => {
StackedRatchetConstructor::new_bob(cid, new_drill_vers, opts, transfer)
StackedRatchetConstructor::new_bob(cid, new_drill_vers, opts, transfer, psks)
}

_ => {
Expand All @@ -531,8 +535,12 @@ pub mod constructor {
Some(BobToAliceTransferType::Default(self.stage0_bob()?))
}

fn stage1_alice(&mut self, transfer: BobToAliceTransferType) -> Result<(), CryptError> {
self.stage1_alice(transfer)
fn stage1_alice(
&mut self,
transfer: BobToAliceTransferType,
psks: &[Vec<u8>],
) -> Result<(), CryptError> {
self.stage1_alice(transfer, psks)
}

fn update_version(&mut self, version: u32) -> Option<()> {
Expand Down Expand Up @@ -665,6 +673,7 @@ pub mod constructor {
new_drill_vers: u32,
opts: Vec<ConstructorOpts>,
transfer: AliceToBobTransfer,
psks: &[Vec<u8>],
) -> Option<Self> {
log::trace!(target: "citadel", "[BOB] creating container with {:?} security level", transfer.security_level);
let count = transfer.security_level.value() as usize + 1;
Expand All @@ -679,7 +688,7 @@ pub mod constructor {
EntropyBank::new(cid, new_drill_vers, params.encryption_algorithm)
.ok()?,
),
pqc: PostQuantumContainer::new_bob(opts, params_tx).ok()?,
pqc: PostQuantumContainer::new_bob(opts, params_tx, psks).ok()?,
})
})
.collect();
Expand All @@ -699,6 +708,7 @@ pub mod constructor {
pqc: PostQuantumContainer::new_bob(
ConstructorOpts::new_init(Some(params)),
transfer.scramble_alice_params,
psks,
)
.ok()?,
},
Expand Down Expand Up @@ -798,7 +808,11 @@ pub mod constructor {
}

/// Returns Some(()) if process succeeded
pub fn stage1_alice(&mut self, transfer: BobToAliceTransferType) -> Result<(), CryptError> {
pub fn stage1_alice(
&mut self,
transfer: BobToAliceTransferType,
psks: &[Vec<u8>],
) -> Result<(), CryptError> {
if let BobToAliceTransferType::Default(transfer) = transfer {
let nonce_msg = &self.nonce_message;

Expand All @@ -810,7 +824,7 @@ pub mod constructor {
{
container
.pqc
.alice_on_receive_ciphertext(bob_param_tx)
.alice_on_receive_ciphertext(bob_param_tx, psks)
.map_err(|err| CryptError::DrillUpdateError(err.to_string()))?;
}

Expand All @@ -834,7 +848,7 @@ pub mod constructor {
let nonce_scramble = &self.nonce_scramble;
self.scramble
.pqc
.alice_on_receive_ciphertext(transfer.scramble_bob_params_tx)
.alice_on_receive_ciphertext(transfer.scramble_bob_params_tx, psks)
.map_err(|err| CryptError::DrillUpdateError(err.to_string()))?;
// do the same as above
let decrypted_scramble_drill = self
Expand Down
Loading
Loading