Skip to content

Commit

Permalink
use fix salt size/don't return disclosure for decoys
Browse files Browse the repository at this point in the history
  • Loading branch information
abdulmth committed Dec 4, 2023
1 parent 2942a98 commit d063364
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 14 deletions.
17 changes: 7 additions & 10 deletions src/encoder.rs
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
// Copyright 2020-2023 IOTA Stiftung
// SPDX-License-Identifier: Apache-2.0

use std::ops::Range;

use super::Disclosure;
use super::Hasher;
use super::Sha256Hasher;
Expand All @@ -17,7 +15,7 @@ use serde_json::Value;

pub(crate) const DIGESTS_KEY: &str = "_sd";
pub(crate) const ARRAY_DIGEST_KEY: &str = "...";
pub(crate) const DEFAULT_SALT_RANGE: Range<usize> = 24..34;
pub(crate) const DEFAULT_SALT_SIZE: usize = 30;

/// Transforms a JSON object into an SD-JWT object by substituting selected values
/// with their corresponding disclosure digests.
Expand All @@ -39,7 +37,7 @@ impl SdObjectEncoder {
pub fn new(object: &str) -> Result<SdObjectEncoder<Sha256Hasher>> {
Ok(SdObjectEncoder {
object: serde_json::from_str(object).map_err(|e| Error::DeserializationError(e.to_string()))?,
salt_length: rand::thread_rng().gen_range(DEFAULT_SALT_RANGE),
salt_length: DEFAULT_SALT_SIZE,
hasher: Sha256Hasher::new(),
})
}
Expand All @@ -52,7 +50,7 @@ impl TryFrom<Value> for SdObjectEncoder {
match value {
Value::Object(object) => Ok(SdObjectEncoder {
object,
salt_length: rand::thread_rng().gen_range(DEFAULT_SALT_RANGE),
salt_length: DEFAULT_SALT_SIZE,
hasher: Sha256Hasher::new(),
}),
_ => Err(Error::DataTypeMismatch("expected object".to_owned())),
Expand All @@ -65,7 +63,7 @@ impl<H: Hasher> SdObjectEncoder<H> {
pub fn with_custom_hasher(object: &str, hasher: H) -> Result<Self> {
Ok(Self {
object: serde_json::from_str(object).map_err(|e| Error::DeserializationError(e.to_string()))?,
salt_length: rand::thread_rng().gen_range(DEFAULT_SALT_RANGE),
salt_length: DEFAULT_SALT_SIZE,
hasher,
})
}
Expand Down Expand Up @@ -198,12 +196,11 @@ impl<H: Hasher> SdObjectEncoder<H> {

/// Adds a decoy digest to the specified path.
/// If path is an empty slice, decoys will be added to the top level.
pub fn add_decoys(&mut self, path: &[&str], number_of_decoys: usize) -> Result<Vec<Disclosure>> {
let mut disclosures = vec![];
pub fn add_decoys(&mut self, path: &[&str], number_of_decoys: usize) -> Result<()> {
for _ in 0..number_of_decoys {
disclosures.push(self.add_decoy(path)?);
self.add_decoy(path)?;
}
Ok(disclosures)
Ok(())
}

fn add_decoy(&mut self, path: &[&str]) -> Result<Disclosure> {
Expand Down
12 changes: 8 additions & 4 deletions src/hasher.rs
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@ use crypto::hashes::sha::SHA256;
use crypto::hashes::sha::SHA256_LEN;

/// Used to implement hash functions to be used for encoding/decoding.
///
/// ## Note
///
/// Implementations of this trait are expected only for algorithms listed in
/// the IANA "Named Information Hash Algorithm" registry.
/// See [Hash Function Claim](https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-06.html#name-hash-function-claim)
pub trait Hasher: Sync + Send {
/// Digests input to produce unique fixed-size hash value in bytes.
fn digest(&self, input: &[u8]) -> Vec<u8>;
Expand All @@ -13,10 +19,8 @@ pub trait Hasher: Sync + Send {
///
/// ## Note
///
/// The hash algorithm identifier MUST be a hash algorithm value
/// from the "Hash Name String" column in the IANA "Named Information
/// Hash Algorithm" registry [IANA.Hash.Algorithms](https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-06.html#IANA.Hash.Algorithms)
/// or a value defined in another specification and/or profile of this specification.
/// The hash algorithm identifier MUST be a hash algorithm value from the
/// "Hash Name String" column in the IANA "Named Information Hash Algorithm"
fn alg_name(&self) -> &'static str;
}

Expand Down

0 comments on commit d063364

Please sign in to comment.