fix: added nonce to ciphertext + uid in auth. add. data. Fix for #64 (#…

…65)

.github/workflows/python_and_docker.yml

@@ -74,7 +74,7 @@ jobs:
       - pyo3
     uses: Cosmian/reusable_workflows/.github/workflows/cloudproof_js.yml@develop
     with:
-      branch: ser_server_side
+      branch: develop
       target: wasm32-unknown-unknown
       kms-version: ${{ needs.build-and-push-image.outputs.image-tag }}
       findex-cloud-version: 0.3.1

CHANGELOG.md

@@ -2,6 +2,12 @@
 
 All notable changes to this project will be documented in this file.
 
+## [4.8.1] - 2023-10-12
+
+### Bug Fixes
+
+Fix for [#64](https://github.com/Cosmian/kms/issues/64)
+
 ## [4.8.0] - 2023-10-07
 
 ### Bug Fixes

crate/cli/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "cosmian_kms_cli"
-version = "4.8.0"
+version = "4.8.1"
 edition = "2021"
 license-file = "../../LICENSE.md"
 description = "CLI used to manage the Cosmian KMS."

crate/client/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "cosmian_kms_client"
-version = "4.8.0"
+version = "4.8.1"
 authors = ["Bruno Grieder <[email protected]>"]
 edition = "2021"
 license-file = "../../LICENSE.md"

crate/kmip/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "cosmian_kmip"
-version = "4.8.0"
+version = "4.8.1"
 edition = "2021"
 license-file = "../../LICENSE.md"
 

crate/logger/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "cosmian_logger"
-version = "4.8.0"
+version = "4.8.1"
 authors = ["Emmanuel Coste <[email protected]>"]
 edition = "2021"
 license-file = "../../LICENSE.md"

crate/pyo3/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "cosmian_kms_python"
-version = "4.8.0"
+version = "4.8.1"
 authors = ["Hugo Rosenkranz-Costa <[email protected]>"]
 edition = "2021"
 license-file = "../../LICENSE.md"

crate/server/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "cosmian_kms_server"
-version = "4.8.0"
+version = "4.8.1"
 authors = ["Bruno Grieder <[email protected]>"]
 edition = "2021"
 license-file = "../../LICENSE.md"

crate/server/src/database/redis/objects_db.rs

@@ -1,8 +1,14 @@
-use std::collections::{HashMap, HashSet};
+use std::{
+    collections::{HashMap, HashSet},
+    sync::Mutex,
+};
 
 use async_trait::async_trait;
 use cloudproof::reexport::{
-    crypto_core::{kdf256, Aes256Gcm, Dem, Instantiable, Nonce, SymmetricKey},
+    crypto_core::{
+        reexport::rand_core::SeedableRng, Aes256Gcm, CsRng, Dem, Instantiable, Nonce,
+        RandomFixedSizeCBytes, SymmetricKey,
+    },
     findex::{
         implementations::redis::{FindexRedisError, RemovedLocationsFinder},
         Keyword, Location,
@@ -15,7 +21,7 @@ use cosmian_kmip::kmip::{
 use redis::{aio::ConnectionManager, pipe, AsyncCommands};
 use serde::{Deserialize, Serialize};
 
-use crate::result::KResult;
+use crate::{error::KmsError, result::KResult};
 
 /// Extract the keywords from the attributes
 pub(crate) fn keywords_from_attributes(attributes: &Attributes) -> HashSet<Keyword> {
@@ -93,13 +99,15 @@ pub const DB_KEY_LENGTH: usize = 32;
 pub(crate) struct ObjectsDB {
     mgr: ConnectionManager,
     dem: Aes256Gcm,
+    rng: Mutex<CsRng>,
 }
 
 impl ObjectsDB {
     pub async fn new(mgr: ConnectionManager, db_key: SymmetricKey<DB_KEY_LENGTH>) -> KResult<Self> {
         Ok(Self {
             mgr,
             dem: Aes256Gcm::new(&db_key),
+            rng: Mutex::new(CsRng::from_entropy()),
         })
     }
 
@@ -108,22 +116,33 @@ impl ObjectsDB {
     }
 
     fn encrypt_object(&self, uid: &str, redis_db_object: &RedisDbObject) -> KResult<Vec<u8>> {
-        let mut nonce_bytes = [0; Aes256Gcm::NONCE_LENGTH];
-        kdf256!(&mut nonce_bytes, uid.as_bytes());
-        let ciphertext = self.dem.encrypt(
-            &Nonce::from(nonce_bytes),
+        let nonce = {
+            let mut rng = self.rng.lock().expect("failed acquiring a lock on the RNG");
+            Nonce::new(&mut *rng)
+        };
+        let ct = self.dem.encrypt(
+            &nonce,
             &serde_json::to_vec(redis_db_object)?,
-            None,
+            Some(uid.as_bytes()),
         )?;
+        let mut ciphertext = Vec::with_capacity(Aes256Gcm::NONCE_LENGTH + ct.len());
+        ciphertext.extend_from_slice(nonce.as_bytes());
+        ciphertext.extend(ct);
         Ok(ciphertext)
     }
 
     fn decrypt_object(&self, uid: &str, ciphertext: &[u8]) -> KResult<RedisDbObject> {
-        let mut nonce_bytes = [0; Aes256Gcm::NONCE_LENGTH];
-        kdf256!(&mut nonce_bytes, uid.as_bytes());
-        let plaintext = self
-            .dem
-            .decrypt(&Nonce::from(nonce_bytes), ciphertext, None)?;
+        if ciphertext.len() <= Aes256Gcm::NONCE_LENGTH {
+            return Err(KmsError::CryptographicError(
+                "invalid ciphertext".to_string(),
+            ))
+        }
+        let nonce_bytes = &ciphertext[..Aes256Gcm::NONCE_LENGTH];
+        let plaintext = self.dem.decrypt(
+            &Nonce::try_from(nonce_bytes)?,
+            &ciphertext[Aes256Gcm::NONCE_LENGTH..],
+            Some(uid.as_bytes()),
+        )?;
         let redis_db_object: RedisDbObject = serde_json::from_slice(&plaintext)?;
         Ok(redis_db_object)
     }
@@ -141,6 +160,9 @@ impl ObjectsDB {
 
     pub async fn object_get(&self, uid: &str) -> KResult<RedisDbObject> {
         let ciphertext: Vec<u8> = self.mgr.clone().get(ObjectsDB::object_key(uid)).await?;
+        if ciphertext.is_empty() {
+            return Err(KmsError::ItemNotFound(uid.to_string()))
+        }
         let mut dbo: RedisDbObject = self.decrypt_object(uid, &ciphertext)?;
         dbo.object = Object::post_fix(dbo.object_type, dbo.object);
         Ok(dbo)

crate/utils/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "cosmian_kms_utils"
-version = "4.8.0"
+version = "4.8.1"
 authors = ["Bruno Grieder <[email protected]>"]
 edition = "2021"
 license-file = "../../LICENSE.md"

delivery/Dockerfile.standalone

@@ -1,6 +1,6 @@
 FROM ubuntu:22.04 as builder
 
-LABEL version="4.8.0"
+LABEL version="4.8.1"
 LABEL name="Cosmian KMS docker container"
 
 ENV DEBIAN_FRONTEND=noninteractive