Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactoring AES crypto code #56

Merged
merged 19 commits into from
Oct 24, 2019
Merged

Refactoring AES crypto code #56

merged 19 commits into from
Oct 24, 2019

Conversation

MatthewBennington
Copy link

Issue #, if available: Partially addresses #36 (refactoring of Cipher.dfy)

Description of changes:

  • Split Cipher.dfy into two files: WrappingAlgorithmSuite.dfy , and AESUtils.dfy
  • Brought AESEncryption.dfy inline with style, and added export set.

Note: This PR does not address tests, or serialization/deserialization of the authentication tag. These are coming in my next PR.

Testing:
make all

It may make sense to wait for #47 before merging this PR.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

RustanLeino
RustanLeino reviewed Oct 3, 2019
View reviewed changes
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
src/Crypto/AESUtils.dfy Outdated Show resolved Hide resolved
src/Crypto/WrappingAlgorithmSuite.dfy Outdated Show resolved Hide resolved
src/Crypto/WrappingAlgorithmSuite.dfy Outdated Show resolved Hide resolved
src/Crypto/WrappingAlgorithmSuite.dfy Outdated Show resolved Hide resolved
src/SDK/Keyring/AESKeyring.dfy Outdated Show resolved Hide resolved
src/SDK/ToyClient.dfy Outdated Show resolved Hide resolved
RustanLeino
RustanLeino previously approved these changes Oct 4, 2019
View reviewed changes
RustanLeino
RustanLeino reviewed Oct 4, 2019
View reviewed changes
src/Crypto/AESUtils.dfy Outdated Show resolved Hide resolved
lavaleri
lavaleri suggested changes Oct 4, 2019
View reviewed changes
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
src/Crypto/AESEncryption.dfy Outdated

//Note: AESDecrypt expects the message authentication tag (also known as MAC) to be present as the last n bytes of ctxt.
// n = params.tagLen
method AESDecrypt(params: AESUtils.Params, key: seq<uint8>, ctxt: seq<uint8>, iv: seq<uint8>, aad: seq<uint8>)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should be more descriptive than params. encryptionParams? AESAlgorithm? encryptionAlg? algProperties? Naming is hard.

src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
src/SDK/Keyring/AESKeyring.dfy Outdated Show resolved Hide resolved
src/SDK/ToyClient.dfy Outdated Show resolved Hide resolved
src/SDK/ToyClient.dfy Outdated Show resolved Hide resolved
src/Crypto/WrappingAlgorithmSuite.dfy Outdated Show resolved Hide resolved
src/SDK/AlgorithmSuite.dfy Outdated Show resolved Hide resolved
lavaleri
lavaleri reviewed Oct 7, 2019
View reviewed changes
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
lavaleri
lavaleri reviewed Oct 11, 2019
View reviewed changes
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
lavaleri
lavaleri reviewed Oct 15, 2019
View reviewed changes
src/Crypto/AESUtils.dfy Outdated Show resolved Hide resolved
RustanLeino
RustanLeino requested changes Oct 18, 2019
View reviewed changes
src/Crypto/EncryptionParameters.dfy Outdated Show resolved Hide resolved
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
lavaleri
lavaleri suggested changes Oct 18, 2019
View reviewed changes
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
src/Crypto/EncryptionParameters.dfy Outdated Show resolved Hide resolved
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
src/Crypto/AESEncryption.dfy Outdated
EncryptionArtifacts(s[.. |s| - p.tagLen as int], s[|s| - p.tagLen as int ..])
}

method {:extern "AESEncryption.AES_GCM", "AESEncrypt"} AESEncrypt(params: EncryptionParameters.Params, iv: seq<uint8>, key: seq<uint8>, msg: seq<uint8>, aad: seq<uint8>)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now that EncryptionParameters can represent more than just AES/GCM, we should change how we are passing this data in. A couple options I see:

  1. Add preconditions here to ensure that the params being passed in have "AES" and "GCM"
  2. Create a new datatype that is a subtype of Params, i.e. Params that have "AES" and "GCM"

(2) would be my preference, but I'm unsure how friendly dafny will be for that option, or if there are other considerations elsewhere in this PR that I may be missing. Thoughts?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I looked into this initially, I couldn't figure out a decent was of sub typing a datatype. I'll go with option #1 in the next revision. We can discuss further in today's sync.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of a subtype, we could move GCM to a field of the AES Algorithm datatype.

src/Crypto/EncryptionParameters.dfy Outdated Show resolved Hide resolved
src/SDK/Keyring/AESKeyring.dfy Show resolved Hide resolved
lavaleri
lavaleri reviewed Oct 21, 2019
View reviewed changes
src/Crypto/AESEncryption.dfy Outdated Show resolved Hide resolved
src/Crypto/EncryptionAlgorithms.dfy Outdated Show resolved Hide resolved
lavaleri
lavaleri previously approved these changes Oct 23, 2019
View reviewed changes
lavaleri
lavaleri previously approved these changes Oct 23, 2019
View reviewed changes
RustanLeino
RustanLeino previously approved these changes Oct 24, 2019
View reviewed changes
@MatthewBennington MatthewBennington merged commit 1c38ac6 into aws:develop Oct 24, 2019
josecorella pushed a commit to josecorella/aws-encryption-sdk-dafny that referenced this pull request Oct 11, 2023
@lavaleri
feat: Add smithy->Java codegen to CryptoPrimitives and KMS (aws#56)
522def3
josecorella pushed a commit that referenced this pull request Oct 11, 2023
@lavaleri @josecorella
feat: Add smithy->Java codegen to CryptoPrimitives and KMS (#56)
d6d41f6
josecorella pushed a commit that referenced this pull request Oct 11, 2023
@lavaleri @josecorella
feat: Add smithy->Java codegen to CryptoPrimitives and KMS (#56)
3077964
josecorella pushed a commit that referenced this pull request Oct 11, 2023
@lavaleri @josecorella
feat: Add smithy->Java codegen to CryptoPrimitives and KMS (#56)
6a5ef00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lavaleri lavaleri lavaleri approved these changes

@RustanLeino RustanLeino RustanLeino left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@MatthewBennington @RustanLeino @lavaleri