Skip to content

Commit

Permalink
More RFCs from #54.
Browse files Browse the repository at this point in the history
  • Loading branch information
@derekpierre
derekpierre committed Jun 6, 2023
1 parent 2b3e15b commit 8b1b90c
Show file tree
Hide file tree
Showing 3 changed files with 27 additions and 40 deletions.
9 changes: 5 additions & 4 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

- Re-exported `ferveo` Python and WASM bindings. ([#58])
- Added `RequestSharedSecret`, `RequestPublicKey`, `RequestSecretKey`, `RequestKeyFactory` as wrappers for underlying Curve 25519 key functionality. ([#54])
- Added Rust `pre-commit` hooks for repos.
- Added `secret_box` functionality.
- Added Rust `pre-commit` hooks for repos. ([#54])
- Added `secret_box` functionality. ([#54])


### Changed

- Replaced opaque types with native `ferveo` types. ([#53])
- Removed `E2EThresholdDecryptionRequest` type and bindings. ([54])
- Removed `E2EThresholdDecryptionRequest` type and bindings. ([#54])
- Modified `EncryptedThresholdDecryptionRequest`/`EncryptedThresholdDecryptionResponse` to use Curve 25519 keys instead of Umbral keys for encryption/decryption. ([#54])
- Modified `ThresholdDecryptionResponse`/`EncryptedThresholdDecryptionResponse` to include `ritual_id` member in struct.
- Modified `ThresholdDecryptionResponse`/`EncryptedThresholdDecryptionResponse` to include `ritual_id` member in struct. ([#54])


[#53]: https://github.com/nucypher/nucypher-core/pull/53
[#58]: https://github.com/nucypher/nucypher-core/pull/58
Expand Down
2 changes: 1 addition & 1 deletion nucypher-core/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,4 +25,4 @@ chacha20poly1305 = "0.10.1"
zeroize = { version="1.6.0", features = ["derive"] }
rand_core = "0.6.4"
rand_chacha = "0.3.1"
rand = "0.8.5"
rand = "0.8.5"
56 changes: 21 additions & 35 deletions nucypher-core/src/dkg.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,7 @@ pub mod request_keys {
use rand_chacha::ChaCha20Rng;
use rand_core::{CryptoRng, OsRng, RngCore};
use serde::{Deserialize, Serialize};
use sha2::{Digest, Sha256};
use x25519_dalek::{PublicKey, SharedSecret, StaticSecret};

use crate::secret_box::{kdf, SecretBox};
Expand All @@ -132,33 +133,33 @@ pub mod request_keys {

/// A Diffie-Hellman shared secret
#[derive(ZeroizeOnDrop)]
pub struct RequestSharedSecret(pub(crate) SharedSecret);
pub struct RequestSharedSecret {
shared_secret: SharedSecret,
hashed_bytes: [u8; 32],
}

/// Implementation of Diffie-Hellman shared secret
impl RequestSharedSecret {
/// Create new shared secret from underlying library.
pub fn new(shared_secret: SharedSecret) -> Self {
Self(shared_secret)
}

/// Convert this shared secret to a byte array.
#[inline]
pub fn to_bytes(&self) -> [u8; 32] {
self.0.to_bytes()
let hash = Sha256::digest(shared_secret.as_bytes());
let hashed_bytes = hash.as_slice().try_into().expect("invalid length");
Self {
shared_secret,
hashed_bytes,
}
}

/// View this shared secret key as a byte array.
#[inline]
pub fn as_bytes(&self) -> &[u8; 32] {
self.0.as_bytes()
&self.hashed_bytes
}
}

impl AsRef<[u8]> for RequestSharedSecret {
/// View this shared secret key as a byte array.
#[inline]
fn as_ref(&self) -> &[u8] {
self.0.as_bytes()
self.as_bytes()
}
}

Expand All @@ -171,26 +172,18 @@ pub mod request_keys {

/// A request public key.
#[derive(PartialEq, Eq, Hash, Copy, Clone, Debug, Serialize, Deserialize)]
pub struct RequestPublicKey(pub(crate) PublicKey);
pub struct RequestPublicKey(PublicKey);

/// Implementation of request public key
impl RequestPublicKey {
/// Convert this public key to a byte array.
#[inline]
pub fn to_bytes(&self) -> [u8; 32] {
self.0.to_bytes()
}

/// View this public key as a byte array.
#[inline]
pub fn as_bytes(&self) -> &[u8; 32] {
self.0.as_bytes()
}
}

impl AsRef<[u8]> for RequestPublicKey {
/// View this public key as a byte array.
#[inline]
fn as_ref(&self) -> &[u8] {
self.0.as_bytes()
}
Expand All @@ -203,14 +196,6 @@ pub mod request_keys {
}
}

impl<'a> From<&'a RequestSecretKey> for RequestPublicKey {
/// Compute corresponding [`RequestPublicKey`].
fn from(secret: &'a RequestSecretKey) -> RequestPublicKey {
let public_key = PublicKey::from(&secret.0);
RequestPublicKey(public_key)
}
}

impl<'a> ProtocolObjectInner<'a> for RequestPublicKey {
fn version() -> (u16, u16) {
(1, 0)
Expand Down Expand Up @@ -249,23 +234,24 @@ pub mod request_keys {
their_public_key: &RequestPublicKey,
) -> RequestSharedSecret {
let shared_secret = self.0.diffie_hellman(&their_public_key.0);
RequestSharedSecret(shared_secret)
RequestSharedSecret::new(shared_secret)
}

/// Create secret key from rng.
pub fn random_from_rng<T: RngCore + CryptoRng>(csprng: T) -> Self {
pub fn random_from_rng(csprng: &mut (impl RngCore + CryptoRng)) -> Self {
let secret_key = StaticSecret::random_from_rng(csprng);
Self(secret_key)
}

/// Create random secret key.
pub fn random() -> Self {
Self::random_from_rng(OsRng)
Self::random_from_rng(&mut OsRng)
}

/// Returns a public key corresponding to this secret key.
pub fn public_key(&self) -> RequestPublicKey {
RequestPublicKey::from(self)
let public_key = PublicKey::from(&self.0);
RequestPublicKey(public_key)
}
}

Expand Down Expand Up @@ -332,9 +318,9 @@ pub mod request_keys {
let prefix = b"REQUEST_KEY_DERIVATION/";
let info = [prefix, label].concat();
let seed = kdf::<RequestKeyFactoryDerivedKeySize>(self.0.as_secret(), Some(&info));
let rng =
let mut rng =
ChaCha20Rng::from_seed(<[u8; 32]>::try_from(seed.as_secret().as_slice()).unwrap());
RequestSecretKey::random_from_rng(rng)
RequestSecretKey::random_from_rng(&mut rng)
}

/// Creates a `RequestKeyFactory` deterministically from the given label.
Expand Down

0 comments on commit 8b1b90c

Please sign in to comment.