gitea-mirror/rosenpass
1
0
Fork 0
mirror of https://github.com/rosenpass/rosenpass.git synced 2026-01-18 15:57:58 -08:00
Code Issues Packages Projects Releases Wiki Activity

feat: Migrate away from sodium blake2b towards the rust crypto implementation

Browse Source
This commit is contained in:
Karolin Varner
2024-01-20 13:08:18 +01:00
committed by Karolin Varner
parent e0f75ab97e
commit b6203683fc
6 changed files with 80 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
ciphers/src/subtle/blake2b.rs Normal file
View File

@@ -0,0 +1,42 @@
use zeroize::Zeroizing;
use blake2::Blake2bMac;
use blake2::digest::{OutputSizeUser, Mac, FixedOutput};
use blake2::digest::crypto_common::KeySizeUser;
use blake2::digest::crypto_common::generic_array::GenericArray;
use blake2::digest::crypto_common::typenum::U32;
use rosenpass_to::{with_destination, To, ops::copy_slice};
use rosenpass_util::typenum2const;
type Impl = Blake2bMac<U32>;
type KeyLen = <Impl as KeySizeUser>::KeySize;
type OutLen = <Impl as OutputSizeUser>::OutputSize;
const KEY_LEN : usize = typenum2const! { KeyLen };
const OUT_LEN : usize = typenum2const! { OutLen };
pub const KEY_MIN: usize = KEY_LEN;
pub const KEY_MAX: usize = KEY_LEN;
pub const OUT_MIN: usize = OUT_LEN;
pub const OUT_MAX: usize = OUT_LEN;
#[inline]
pub fn hash<'a>(key: &'a [u8], data: &'a [u8]) -> impl To<[u8], anyhow::Result<()>> + 'a {
with_destination(|out: &mut [u8]| {
let mut h = Impl::new_from_slice(key)?;
h.update(data);
// Jesus christ, blake2 crate, your usage of GenericArray might be nice and fancy
// but it introduces a ton of complexity. This cost me half an hour just to figure
// out the right way to use the imports while allowing for zeroization.
// An API based on slices might actually be simpler.
let mut tmp = Zeroizing::new([0u8; OUT_LEN]);
let mut tmp = GenericArray::from_mut_slice(tmp.as_mut());
h.finalize_into(&mut tmp);
copy_slice(tmp.as_ref()).to(out);
Ok(())
})
}

8
ciphers/src/subtle/incorrect_hmac_blake2b.rs
View File

@@ -1,9 +1,11 @@
use anyhow::ensure;
use rosenpass_constant_time::xor;
use rosenpass_sodium::hash::blake2b;
use rosenpass_to::{ops::copy_slice, with_destination, To};
use zeroize::Zeroizing;
use rosenpass_constant_time::xor;
use rosenpass_to::{ops::copy_slice, with_destination, To};
use crate::subtle::blake2b;
pub const KEY_LEN: usize = 32;
pub const KEY_MIN: usize = KEY_LEN;
pub const KEY_MAX: usize = KEY_LEN;

1
ciphers/src/subtle/mod.rs
View File

@@ -1,3 +1,4 @@
pub mod incorrect_hmac_blake2b;
pub mod chacha20poly1305_ietf;
pub mod xchacha20poly1305_ietf;
pub mod blake2b;