Skip to content

Commit

Permalink
update and confirm new ring::aead version (mimblewimble#343)
Browse files Browse the repository at this point in the history
  • Loading branch information
yeastplume authored Feb 24, 2020
1 parent bed60df commit bf27520
Show file tree
Hide file tree
Showing 2 changed files with 53 additions and 46 deletions.
44 changes: 27 additions & 17 deletions api/src/types.rs
Original file line number Diff line number Diff line change
Expand Up @@ -80,17 +80,22 @@ impl EncryptedBody {
))?
.as_bytes()
.to_vec();
let sealing_key = aead::SealingKey::new(&aead::AES_256_GCM, &enc_key.0).context(
ErrorKind::APIEncryption("EncryptedBody Enc: Unable to create key".to_owned()),
)?;

let nonce: [u8; 12] = thread_rng().gen();
let suffix_len = aead::AES_256_GCM.tag_len();
for _ in 0..suffix_len {
to_encrypt.push(0);

let unbound_key = aead::UnboundKey::new(&aead::AES_256_GCM, &enc_key.0).unwrap();
let sealing_key: aead::LessSafeKey = aead::LessSafeKey::new(unbound_key);
let aad = aead::Aad::from(&[]);
let res = sealing_key.seal_in_place_append_tag(
aead::Nonce::assume_unique_for_key(nonce),
aad,
&mut to_encrypt,
);
if let Err(_) = res {
return Err(
ErrorKind::APIEncryption("EncryptedBody: encryption failed".to_owned()).into(),
);
}
aead::seal_in_place(&sealing_key, &nonce, &[], &mut to_encrypt, suffix_len).context(
ErrorKind::APIEncryption("EncryptedBody: Encryption Failed".to_owned()),
)?;

Ok(EncryptedBody {
nonce: to_hex(nonce.to_vec()),
Expand Down Expand Up @@ -120,20 +125,25 @@ impl EncryptedBody {
let mut to_decrypt = base64::decode(&self.body_enc).context(ErrorKind::APIEncryption(
"EncryptedBody Dec: Encrypted request contains invalid Base64".to_string(),
))?;
let opening_key = aead::OpeningKey::new(&aead::AES_256_GCM, &dec_key.0).context(
ErrorKind::APIEncryption("EncryptedBody Dec: Unable to create key".to_owned()),
)?;
let nonce = from_hex(self.nonce.clone()).context(ErrorKind::APIEncryption(
"EncryptedBody Dec: Invalid Nonce".to_string(),
))?;
aead::open_in_place(&opening_key, &nonce, &[], 0, &mut to_decrypt).context(
ErrorKind::APIEncryption(
"EncryptedBody Dec: Decryption Failed (is key correct?)".to_string(),
),
)?;
let mut n = [0u8; 12];
n.copy_from_slice(&nonce[0..12]);
let unbound_key = aead::UnboundKey::new(&aead::AES_256_GCM, &dec_key.0).unwrap();
let opening_key: aead::LessSafeKey = aead::LessSafeKey::new(unbound_key);
let aad = aead::Aad::from(&[]);
let res =
opening_key.open_in_place(aead::Nonce::assume_unique_for_key(n), aad, &mut to_decrypt);
if let Err(_) = res {
return Err(
ErrorKind::APIEncryption("EncryptedBody: decryption failed".to_owned()).into(),
);
}
for _ in 0..aead::AES_256_GCM.tag_len() {
to_decrypt.pop();
}

let decrypted = String::from_utf8(to_decrypt).context(ErrorKind::APIEncryption(
"EncryptedBody Dec: Invalid UTF-8".to_string(),
))?;
Expand Down
55 changes: 26 additions & 29 deletions impls/src/lifecycle/seed.rs
Original file line number Diff line number Diff line change
Expand Up @@ -230,23 +230,6 @@ pub struct EncryptedWalletSeed {
pub nonce: String,
}

struct RandomNonce;

impl aead::NonceSequence for RandomNonce {
fn advance(&mut self) -> Result<aead::Nonce, ring::error::Unspecified> {
let nonce: [u8; 12] = thread_rng().gen();
Ok(aead::Nonce::assume_unique_for_key(nonce))
}
}

struct OpeningNonce([u8; 12]);

impl aead::NonceSequence for OpeningNonce {
fn advance(&mut self) -> Result<aead::Nonce, ring::error::Unspecified> {
Ok(aead::Nonce::assume_unique_for_key(self.0))
}
}

impl EncryptedWalletSeed {
/// Create a new encrypted seed from the given seed + password
pub fn from_seed(
Expand All @@ -256,7 +239,7 @@ impl EncryptedWalletSeed {
let salt: [u8; 8] = thread_rng().gen();
let nonce: [u8; 12] = thread_rng().gen();
let password = password.as_bytes();
let mut key = [0; 64];
let mut key = [0; 32];
pbkdf2::derive(
ring::pbkdf2::PBKDF2_HMAC_SHA512,
NonZeroU32::new(100).unwrap(),
Expand All @@ -266,15 +249,21 @@ impl EncryptedWalletSeed {
);
let content = seed.0.to_vec();
let mut enc_bytes = content;
let suffix_len = aead::CHACHA20_POLY1305.tag_len();
/*let suffix_len = aead::CHACHA20_POLY1305.tag_len();
for _ in 0..suffix_len {
enc_bytes.push(0);
}
}*/
let unbound_key = aead::UnboundKey::new(&aead::CHACHA20_POLY1305, &key).unwrap();
let mut sealing_key: aead::SealingKey<RandomNonce> =
aead::BoundKey::new(unbound_key, RandomNonce);
let aad = aead::Aad::empty();
sealing_key.seal_in_place_append_tag(aad, &mut enc_bytes);
let sealing_key: aead::LessSafeKey = aead::LessSafeKey::new(unbound_key);
let aad = aead::Aad::from(&[]);
let res = sealing_key.seal_in_place_append_tag(
aead::Nonce::assume_unique_for_key(nonce),
aad,
&mut enc_bytes,
);
if let Err(_) = res {
return Err(ErrorKind::Encryption.into());
}

Ok(EncryptedWalletSeed {
encrypted_seed: util::to_hex(enc_bytes.to_vec()),
Expand Down Expand Up @@ -309,12 +298,20 @@ impl EncryptedWalletSeed {

let mut n = [0u8; 12];
n.copy_from_slice(&nonce[0..12]);
let nonce = OpeningNonce(n);
let unbound_key = aead::UnboundKey::new(&aead::CHACHA20_POLY1305, &key).unwrap();
let mut opening_key: aead::OpeningKey<OpeningNonce> =
aead::BoundKey::new(unbound_key, nonce);
let aad = aead::Aad::empty();
opening_key.open_in_place(aad, &mut encrypted_seed);
let opening_key: aead::LessSafeKey = aead::LessSafeKey::new(unbound_key);
let aad = aead::Aad::from(&[]);
let res = opening_key.open_in_place(
aead::Nonce::assume_unique_for_key(n),
aad,
&mut encrypted_seed,
);
if let Err(_) = res {
return Err(ErrorKind::Encryption.into());
}
for _ in 0..aead::AES_256_GCM.tag_len() {
encrypted_seed.pop();
}

Ok(WalletSeed::from_bytes(&encrypted_seed))
}
Expand Down

0 comments on commit bf27520

Please sign in to comment.