KeyExchange->KeyExchangeKind for consistency

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>
This commit is contained in:
Luca Fulchir 2023-06-01 11:48:32 +02:00
parent ac213a6528
commit 08d2755656
Signed by: luca.fulchir
GPG Key ID: 8F6440603D13A78E
5 changed files with 26 additions and 48 deletions

View File

@ -3,7 +3,7 @@
use crate::{
connection::handshake::HandshakeID,
enc::{asym::KeyExchange, hkdf::HkdfKind, sym::CipherKind},
enc::{asym::KeyExchangeKind, hkdf::HkdfKind, sym::CipherKind},
};
use ::std::{
net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr},
@ -25,7 +25,7 @@ pub struct Config {
/// Supported handshakes
pub handshakes: Vec<HandshakeID>,
/// Supported key exchanges
pub key_exchanges: Vec<KeyExchange>,
pub key_exchanges: Vec<KeyExchangeKind>,
/// Supported Hkdfs
pub hkdfs: Vec<HkdfKind>,
/// Supported Ciphers
@ -47,7 +47,7 @@ impl Default for Config {
],
resolvers: Vec::new(),
handshakes: [HandshakeID::DirectorySynchronized].to_vec(),
key_exchanges: [KeyExchange::X25519DiffieHellman].to_vec(),
key_exchanges: [KeyExchangeKind::X25519DiffieHellman].to_vec(),
hkdfs: [HkdfKind::Sha3].to_vec(),
ciphers: [CipherKind::XChaCha20Poly1305].to_vec(),
}

View File

@ -13,7 +13,7 @@ use crate::{
auth,
connection::{ProtocolVersion, ID},
enc::{
asym::{ExchangePubKey, KeyExchange, KeyID},
asym::{ExchangePubKey, KeyExchangeKind, KeyID},
hkdf::HkdfKind,
sym::{CipherKind, HeadLen, Secret, TagLen},
Random,
@ -88,7 +88,7 @@ pub struct Req {
/// Id of the server key used for the key exchange
pub key_id: KeyID,
/// Selected key exchange
pub exchange: KeyExchange,
pub exchange: KeyExchangeKind,
/// Selected hkdf
pub hkdf: HkdfKind,
/// Selected cipher
@ -106,7 +106,7 @@ impl Req {
pub fn encrypted_offset(&self) -> usize {
ProtocolVersion::len()
+ KeyID::len()
+ KeyExchange::len()
+ KeyExchangeKind::len()
+ HkdfKind::len()
+ CipherKind::len()
+ self.exchange_key.kind().pub_len()
@ -121,7 +121,7 @@ impl Req {
/// actual length of the directory synchronized request
pub fn len(&self) -> usize {
KeyID::len()
+ KeyExchange::len()
+ KeyExchangeKind::len()
+ HkdfKind::len()
+ CipherKind::len()
+ self.exchange_key.kind().pub_len()
@ -149,7 +149,7 @@ impl super::HandshakeParsing for Req {
let key_id: KeyID =
KeyID(u16::from_le_bytes(raw[0..1].try_into().unwrap()));
use ::num_traits::FromPrimitive;
let exchange: KeyExchange = match KeyExchange::from_u8(raw[2]) {
let exchange: KeyExchangeKind = match KeyExchangeKind::from_u8(raw[2]) {
Some(exchange) => exchange,
None => return Err(Error::Parsing),
};
@ -343,15 +343,6 @@ impl RespInner {
RespInner::ClearText(_) => RespData::len(),
}
}
/*
/// Get the ciptertext, or panic
pub fn ciphertext<'a>(&'a mut self) -> &'a mut VecDeque<u8> {
match self {
RespInner::CipherText(data) => data,
_ => panic!(),
}
}
*/
/// parse the cleartext
pub fn deserialize_as_cleartext(&mut self, raw: &[u8]) {
let clear = match self {
@ -369,20 +360,6 @@ impl RespInner {
};
*self = RespInner::ClearText(clear);
}
/*
/// switch from ciphertext to cleartext
pub fn mark_as_cleartext(&mut self) {
let mut newdata: VecDeque<u8>;
match self {
RespInner::CipherText(data) => {
newdata = VecDeque::new();
::core::mem::swap(&mut newdata, data);
}
_ => return,
}
*self = RespInner::ClearText(newdata);
}
*/
/// serialize, but only if ciphertext
pub fn serialize(&self, out: &mut [u8]) {
todo!()

View File

@ -46,7 +46,7 @@ use crate::{
connection::handshake::HandshakeID,
enc::{
self,
asym::{KeyExchange, KeyID, PubKey},
asym::{KeyExchangeKind, KeyID, PubKey},
hkdf::HkdfKind,
sym::CipherKind,
},
@ -361,7 +361,7 @@ pub struct Record {
/// Multiple ones can point to the same authentication server
pub addresses: Vec<Address>,
/// List of supported key exchanges
pub key_exchanges: Vec<KeyExchange>,
pub key_exchanges: Vec<KeyExchangeKind>,
/// List of supported key exchanges
pub hkdfs: Vec<HkdfKind>,
/// List of supported ciphers
@ -523,7 +523,8 @@ impl Record {
return Err(Error::NotEnoughData(bytes_parsed));
}
while num_key_exchanges > 0 {
let key_exchange = match KeyExchange::from_u8(raw[bytes_parsed]) {
let key_exchange = match KeyExchangeKind::from_u8(raw[bytes_parsed])
{
Some(key_exchange) => key_exchange,
None => {
// continue parsing. This could be a new key exchange type

View File

@ -72,10 +72,10 @@ impl KeyKind {
}
}
/// Returns the key exchanges supported by this key
pub fn key_exchanges(&self) -> &'static [KeyExchange] {
const EMPTY: [KeyExchange; 0] = [];
const X25519_KEY_EXCHANGES: [KeyExchange; 1] =
[KeyExchange::X25519DiffieHellman];
pub fn key_exchanges(&self) -> &'static [KeyExchangeKind] {
const EMPTY: [KeyExchangeKind; 0] = [];
const X25519_KEY_EXCHANGES: [KeyExchangeKind; 1] =
[KeyExchangeKind::X25519DiffieHellman];
match self {
KeyKind::Ed25519 => &EMPTY,
KeyKind::X25519 => &X25519_KEY_EXCHANGES,
@ -88,11 +88,11 @@ impl KeyKind {
#[derive(Debug, Copy, Clone, PartialEq, ::num_derive::FromPrimitive)]
#[non_exhaustive]
#[repr(u8)]
pub enum KeyExchange {
pub enum KeyExchangeKind {
/// X25519 Public key
X25519DiffieHellman = 0,
}
impl KeyExchange {
impl KeyExchangeKind {
/// The serialize length of the field
pub fn len() -> usize {
1
@ -103,7 +103,7 @@ impl KeyExchange {
rnd: &Random,
) -> Result<(ExchangePrivKey, ExchangePubKey), Error> {
match self {
KeyExchange::X25519DiffieHellman => {
KeyExchangeKind::X25519DiffieHellman => {
let raw_priv = ::x25519_dalek::StaticSecret::new(rnd);
let pub_key = ExchangePubKey::X25519(
::x25519_dalek::PublicKey::from(&raw_priv),
@ -217,12 +217,12 @@ impl ExchangePrivKey {
/// Run the key exchange between two keys of the same kind
pub fn key_exchange(
&self,
exchange: KeyExchange,
exchange: KeyExchangeKind,
pub_key: ExchangePubKey,
) -> Result<Secret, Error> {
match self {
ExchangePrivKey::X25519(priv_key) => {
if exchange != KeyExchange::X25519DiffieHellman {
if exchange != KeyExchangeKind::X25519DiffieHellman {
return Err(Error::UnsupportedKeyExchange);
}
if let ExchangePubKey::X25519(inner_pub_key) = pub_key {
@ -298,8 +298,8 @@ impl ExchangePubKey {
/// Give priority to our list
pub fn server_select_key_exchange(
cfg: &Config,
client_supported: &Vec<KeyExchange>,
) -> Option<KeyExchange> {
client_supported: &Vec<KeyExchangeKind>,
) -> Option<KeyExchangeKind> {
cfg.key_exchanges
.iter()
.find(|k| client_supported.contains(k))
@ -311,8 +311,8 @@ pub fn server_select_key_exchange(
/// This is used only in the Directory Synchronized handshake
pub fn client_select_key_exchange(
cfg: &Config,
server_supported: &Vec<KeyExchange>,
) -> Option<KeyExchange> {
server_supported: &Vec<KeyExchangeKind>,
) -> Option<KeyExchangeKind> {
server_supported
.iter()
.find(|k| cfg.key_exchanges.contains(k))

View File

@ -70,7 +70,7 @@ pub(crate) struct ThreadTracker {
/// (udp_src_sender_port % total_threads) - 1
pub(crate) struct HandshakeTracker {
thread_id: ThreadTracker,
key_exchanges: Vec<(asym::KeyKind, asym::KeyExchange)>,
key_exchanges: Vec<(asym::KeyKind, asym::KeyExchangeKind)>,
ciphers: Vec<CipherKind>,
/// ephemeral keys used server side in key exchange
keys_srv: Vec<HandshakeServer>,