Skip to content

Commit

Permalink
crypto_kx: use curve25519-dalek; MSRV 1.60
Browse files Browse the repository at this point in the history 
Upgrades to the latest `curve25519-dalek` v4.0.0-rc.1 release.

The `x25519-dalek` crate is a wrapper whose functionality isn't really
used, and we can use the `Scalar` and `MontgomeryPoint` types directly
and eliminate the extra dependency.
  • Loading branch information
@tarcieri
tarcieri committed Feb 8, 2023
1 parent dcb1ed5 commit 90f0934
Show file tree
Hide file tree
Showing 8 changed files with 56 additions and 176 deletions.
116 changes: 12 additions & 104 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 2 additions & 7 deletions crypto_kx/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,17 +15,12 @@ rust-version = "1.60"

[dependencies]
blake2 = { version = "0.10", default-features = false }
curve25519-dalek = { version = "4.0.0-rc.1", default-features = false, features = ["zeroize"] }
rand_core = "0.6"

# optional dependencies
serdect = { version = "0.1", optional = true, default-features = false }

[target.'cfg(target_pointer_width = "32")'.dependencies]
x25519-dalek = { version = "1", default-features = false, features = ["u32_backend"] }

[target.'cfg(target_pointer_width = "64")'.dependencies]
x25519-dalek = { version = "1", default-features = false, features = ["u64_backend"] }

[target.'cfg(target_family = "wasm")'.dependencies]
getrandom = { version = "0.2", default-features = false, features = ["js"] }

Expand All @@ -35,4 +30,4 @@ sodiumoxide = "0.2"

[features]
serde = ["serdect"]
std = ["blake2/std", "rand_core/std", "x25519-dalek/std"]
std = ["blake2/std", "rand_core/std"]
36 changes: 13 additions & 23 deletions crypto_kx/src/keypair.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,17 +4,15 @@ use rand_core::{CryptoRng, RngCore};
use crate::{ClientSessionKeys, PublicKey, SecretKey, ServerSessionKeys, SessionKey};

/// A [`SecretKey`] with its related [`PublicKey`].
pub struct KeyPair {
pub struct Keypair {
secret: SecretKey,
public: PublicKey,
}

impl KeyPair {
/// Generate a new random [`KeyPair`].
impl Keypair {
/// Generate a new random [`Keypair`].
pub fn generate(csprng: impl RngCore + CryptoRng) -> Self {
let secret = SecretKey::generate(csprng);

Self::from(secret)
SecretKey::generate(csprng).into()
}

/// Get the contained [`PublicKey`].
Expand All @@ -27,7 +25,7 @@ impl KeyPair {
&self.secret
}

/// Consume the [`KeyPair`] to extract the contained [`SecretKey`] & [`PublicKey`].
/// Consume the [`Keypair`] to extract the contained [`SecretKey`] & [`PublicKey`].
pub fn split(self) -> (PublicKey, SecretKey) {
(self.public, self.secret)
}
Expand All @@ -37,7 +35,6 @@ impl KeyPair {
/// It's the implementation of libsodium's `crypto_kx_client_session_keys`.
pub fn session_keys_to(&self, server_pk: &PublicKey) -> ClientSessionKeys {
let (tx, rx) = self.gen_session_keys(server_pk, &self.public, server_pk);

ClientSessionKeys { tx, rx }
}

Expand All @@ -46,7 +43,6 @@ impl KeyPair {
/// It's the implementation of libsodium's `crypto_kx_server_session_keys`.
pub fn session_keys_from(&self, client_pk: &PublicKey) -> ServerSessionKeys {
let (rx, tx) = self.gen_session_keys(client_pk, client_pk, &self.public);

ServerSessionKeys { tx, rx }
}

Expand All @@ -58,10 +54,8 @@ impl KeyPair {
) -> (SessionKey, SessionKey) {
debug_assert!(other_pubkey == client_pk || other_pubkey == server_pk);

let shared_secret = self
.secret
.as_dalek()
.diffie_hellman(other_pubkey.as_dalek());
// Elliptic Curve Diffie-Hellman
let shared_secret = self.secret.0 * other_pubkey.0;

let mut hasher = Blake2b512::new();

Expand All @@ -75,11 +69,9 @@ impl KeyPair {
}
}

impl From<SecretKey> for KeyPair {
impl From<SecretKey> for Keypair {
fn from(secret: SecretKey) -> Self {
let public_dalek = x25519_dalek::PublicKey::from(secret.as_dalek());
let public = PublicKey::from(public_dalek.to_bytes());

let public = secret.public_key();
Self { secret, public }
}
}
Expand All @@ -92,18 +84,16 @@ mod tests {

#[test]
fn from_secretkey_yield_same() {
let keypair = KeyPair::generate(&mut OsRng);

let reconstructed_keypair =
KeyPair::from(SecretKey::from(keypair.secret().as_dalek().to_bytes()));
let keypair = Keypair::generate(&mut OsRng);
let reconstructed_keypair = Keypair::from(SecretKey::from(keypair.secret().to_bytes()));

assert_eq!(
keypair.public().as_ref(),
reconstructed_keypair.public().as_ref(),
);
assert_eq!(
keypair.secret().as_dalek().to_bytes(),
reconstructed_keypair.secret().as_dalek().to_bytes(),
keypair.secret().to_bytes(),
reconstructed_keypair.secret().to_bytes(),
);
}
}
Loading

0 comments on commit 90f0934

Please sign in to comment.