RunesAuth
/
libFenrir
3
1
Fork 0
Code Issues 1 Pull Requests 1 Packages Projects 1 Releases Wiki Activity

KeyExchange->KeyExchangeKind for consistency 

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>
This commit is contained in:
Luca Fulchir 2023-06-01 11:48:32 +02:00
parent ac213a6528
commit 08d2755656
Signed by: luca.fulchir
GPG Key ID: 8F6440603D13A78E
5 changed files with 26 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/config/mod.rs
View File

@ -3,7 +3,7 @@
use crate::{ use crate::{
connection::handshake::HandshakeID, connection::handshake::HandshakeID,
enc::{asym::KeyExchange, hkdf::HkdfKind, sym::CipherKind}, enc::{asym::KeyExchangeKind, hkdf::HkdfKind, sym::CipherKind},
}; };
use ::std::{ use ::std::{
net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr}, net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr},
@ -25,7 +25,7 @@ pub struct Config {
/// Supported handshakes /// Supported handshakes
pub handshakes: Vec<HandshakeID>, pub handshakes: Vec<HandshakeID>,
/// Supported key exchanges /// Supported key exchanges
pub key_exchanges: Vec<KeyExchange>, pub key_exchanges: Vec<KeyExchangeKind>,
/// Supported Hkdfs /// Supported Hkdfs
pub hkdfs: Vec<HkdfKind>, pub hkdfs: Vec<HkdfKind>,
/// Supported Ciphers /// Supported Ciphers
@ -47,7 +47,7 @@ impl Default for Config {
], ],
resolvers: Vec::new(), resolvers: Vec::new(),
handshakes: [HandshakeID::DirectorySynchronized].to_vec(), handshakes: [HandshakeID::DirectorySynchronized].to_vec(),
key_exchanges: [KeyExchange::X25519DiffieHellman].to_vec(), key_exchanges: [KeyExchangeKind::X25519DiffieHellman].to_vec(),
hkdfs: [HkdfKind::Sha3].to_vec(), hkdfs: [HkdfKind::Sha3].to_vec(),
ciphers: [CipherKind::XChaCha20Poly1305].to_vec(), ciphers: [CipherKind::XChaCha20Poly1305].to_vec(),
} }

33
src/connection/handshake/dirsync.rs
View File

@ -13,7 +13,7 @@ use crate::{
auth, auth,
connection::{ProtocolVersion, ID}, connection::{ProtocolVersion, ID},
enc::{ enc::{
asym::{ExchangePubKey, KeyExchange, KeyID}, asym::{ExchangePubKey, KeyExchangeKind, KeyID},
hkdf::HkdfKind, hkdf::HkdfKind,
sym::{CipherKind, HeadLen, Secret, TagLen}, sym::{CipherKind, HeadLen, Secret, TagLen},
Random, Random,
@ -88,7 +88,7 @@ pub struct Req {
/// Id of the server key used for the key exchange /// Id of the server key used for the key exchange
pub key_id: KeyID, pub key_id: KeyID,
/// Selected key exchange /// Selected key exchange
pub exchange: KeyExchange, pub exchange: KeyExchangeKind,
/// Selected hkdf /// Selected hkdf
pub hkdf: HkdfKind, pub hkdf: HkdfKind,
/// Selected cipher /// Selected cipher
@ -106,7 +106,7 @@ impl Req {
pub fn encrypted_offset(&self) -> usize { pub fn encrypted_offset(&self) -> usize {
ProtocolVersion::len() ProtocolVersion::len()
+ KeyID::len() + KeyID::len()
+ KeyExchange::len() + KeyExchangeKind::len()
+ HkdfKind::len() + HkdfKind::len()
+ CipherKind::len() + CipherKind::len()
+ self.exchange_key.kind().pub_len() + self.exchange_key.kind().pub_len()
@ -121,7 +121,7 @@ impl Req {
/// actual length of the directory synchronized request /// actual length of the directory synchronized request
pub fn len(&self) -> usize { pub fn len(&self) -> usize {
KeyID::len() KeyID::len()
+ KeyExchange::len() + KeyExchangeKind::len()
+ HkdfKind::len() + HkdfKind::len()
+ CipherKind::len() + CipherKind::len()
+ self.exchange_key.kind().pub_len() + self.exchange_key.kind().pub_len()
@ -149,7 +149,7 @@ impl super::HandshakeParsing for Req {
let key_id: KeyID = let key_id: KeyID =
KeyID(u16::from_le_bytes(raw[0..1].try_into().unwrap())); KeyID(u16::from_le_bytes(raw[0..1].try_into().unwrap()));
use ::num_traits::FromPrimitive; use ::num_traits::FromPrimitive;
let exchange: KeyExchange = match KeyExchange::from_u8(raw[2]) { let exchange: KeyExchangeKind = match KeyExchangeKind::from_u8(raw[2]) {
Some(exchange) => exchange, Some(exchange) => exchange,
None => return Err(Error::Parsing), None => return Err(Error::Parsing),
}; };
@ -343,15 +343,6 @@ impl RespInner {
RespInner::ClearText(_) => RespData::len(), RespInner::ClearText(_) => RespData::len(),
} }
} }
/*
/// Get the ciptertext, or panic
pub fn ciphertext<'a>(&'a mut self) -> &'a mut VecDeque<u8> {
match self {
RespInner::CipherText(data) => data,
_ => panic!(),
}
}
*/
/// parse the cleartext /// parse the cleartext
pub fn deserialize_as_cleartext(&mut self, raw: &[u8]) { pub fn deserialize_as_cleartext(&mut self, raw: &[u8]) {
let clear = match self { let clear = match self {
@ -369,20 +360,6 @@ impl RespInner {
}; };
*self = RespInner::ClearText(clear); *self = RespInner::ClearText(clear);
} }
/*
/// switch from ciphertext to cleartext
pub fn mark_as_cleartext(&mut self) {
let mut newdata: VecDeque<u8>;
match self {
RespInner::CipherText(data) => {
newdata = VecDeque::new();
::core::mem::swap(&mut newdata, data);
}
_ => return,
}
*self = RespInner::ClearText(newdata);
}
*/
/// serialize, but only if ciphertext /// serialize, but only if ciphertext
pub fn serialize(&self, out: &mut [u8]) { pub fn serialize(&self, out: &mut [u8]) {
todo!() todo!()

7
src/dnssec/record.rs
View File

@ -46,7 +46,7 @@ use crate::{
connection::handshake::HandshakeID, connection::handshake::HandshakeID,
enc::{ enc::{
self, self,
asym::{KeyExchange, KeyID, PubKey}, asym::{KeyExchangeKind, KeyID, PubKey},
hkdf::HkdfKind, hkdf::HkdfKind,
sym::CipherKind, sym::CipherKind,
}, },
@ -361,7 +361,7 @@ pub struct Record {
/// Multiple ones can point to the same authentication server /// Multiple ones can point to the same authentication server
pub addresses: Vec<Address>, pub addresses: Vec<Address>,
/// List of supported key exchanges /// List of supported key exchanges
pub key_exchanges: Vec<KeyExchange>, pub key_exchanges: Vec<KeyExchangeKind>,
/// List of supported key exchanges /// List of supported key exchanges
pub hkdfs: Vec<HkdfKind>, pub hkdfs: Vec<HkdfKind>,
/// List of supported ciphers /// List of supported ciphers
@ -523,7 +523,8 @@ impl Record {
return Err(Error::NotEnoughData(bytes_parsed)); return Err(Error::NotEnoughData(bytes_parsed));
} }
while num_key_exchanges > 0 { while num_key_exchanges > 0 {
let key_exchange = match KeyExchange::from_u8(raw[bytes_parsed]) { let key_exchange = match KeyExchangeKind::from_u8(raw[bytes_parsed])
{
Some(key_exchange) => key_exchange, Some(key_exchange) => key_exchange,
None => { None => {
// continue parsing. This could be a new key exchange type // continue parsing. This could be a new key exchange type

26
src/enc/asym.rs
View File

@ -72,10 +72,10 @@ impl KeyKind {
} }
} }
/// Returns the key exchanges supported by this key /// Returns the key exchanges supported by this key
pub fn key_exchanges(&self) -> &'static [KeyExchange] { pub fn key_exchanges(&self) -> &'static [KeyExchangeKind] {
const EMPTY: [KeyExchange; 0] = []; const EMPTY: [KeyExchangeKind; 0] = [];
const X25519_KEY_EXCHANGES: [KeyExchange; 1] = const X25519_KEY_EXCHANGES: [KeyExchangeKind; 1] =
[KeyExchange::X25519DiffieHellman]; [KeyExchangeKind::X25519DiffieHellman];
match self { match self {
KeyKind::Ed25519 => &EMPTY, KeyKind::Ed25519 => &EMPTY,
KeyKind::X25519 => &X25519_KEY_EXCHANGES, KeyKind::X25519 => &X25519_KEY_EXCHANGES,
@ -88,11 +88,11 @@ impl KeyKind {
#[derive(Debug, Copy, Clone, PartialEq, ::num_derive::FromPrimitive)] #[derive(Debug, Copy, Clone, PartialEq, ::num_derive::FromPrimitive)]
#[non_exhaustive] #[non_exhaustive]
#[repr(u8)] #[repr(u8)]
pub enum KeyExchange { pub enum KeyExchangeKind {
/// X25519 Public key /// X25519 Public key
X25519DiffieHellman = 0, X25519DiffieHellman = 0,
} }
impl KeyExchange { impl KeyExchangeKind {
/// The serialize length of the field /// The serialize length of the field
pub fn len() -> usize { pub fn len() -> usize {
1 1
@ -103,7 +103,7 @@ impl KeyExchange {
rnd: &Random, rnd: &Random,
) -> Result<(ExchangePrivKey, ExchangePubKey), Error> { ) -> Result<(ExchangePrivKey, ExchangePubKey), Error> {
match self { match self {
KeyExchange::X25519DiffieHellman => { KeyExchangeKind::X25519DiffieHellman => {
let raw_priv = ::x25519_dalek::StaticSecret::new(rnd); let raw_priv = ::x25519_dalek::StaticSecret::new(rnd);
let pub_key = ExchangePubKey::X25519( let pub_key = ExchangePubKey::X25519(
::x25519_dalek::PublicKey::from(&raw_priv), ::x25519_dalek::PublicKey::from(&raw_priv),
@ -217,12 +217,12 @@ impl ExchangePrivKey {
/// Run the key exchange between two keys of the same kind /// Run the key exchange between two keys of the same kind
pub fn key_exchange( pub fn key_exchange(
&self, &self,
exchange: KeyExchange, exchange: KeyExchangeKind,
pub_key: ExchangePubKey, pub_key: ExchangePubKey,
) -> Result<Secret, Error> { ) -> Result<Secret, Error> {
match self { match self {
ExchangePrivKey::X25519(priv_key) => { ExchangePrivKey::X25519(priv_key) => {
if exchange != KeyExchange::X25519DiffieHellman { if exchange != KeyExchangeKind::X25519DiffieHellman {
return Err(Error::UnsupportedKeyExchange); return Err(Error::UnsupportedKeyExchange);
} }
if let ExchangePubKey::X25519(inner_pub_key) = pub_key { if let ExchangePubKey::X25519(inner_pub_key) = pub_key {
@ -298,8 +298,8 @@ impl ExchangePubKey {
/// Give priority to our list /// Give priority to our list
pub fn server_select_key_exchange( pub fn server_select_key_exchange(
cfg: &Config, cfg: &Config,
client_supported: &Vec<KeyExchange>, client_supported: &Vec<KeyExchangeKind>,
) -> Option<KeyExchange> { ) -> Option<KeyExchangeKind> {
cfg.key_exchanges cfg.key_exchanges
.iter() .iter()
.find(|k| client_supported.contains(k)) .find(|k| client_supported.contains(k))
@ -311,8 +311,8 @@ pub fn server_select_key_exchange(
/// This is used only in the Directory Synchronized handshake /// This is used only in the Directory Synchronized handshake
pub fn client_select_key_exchange( pub fn client_select_key_exchange(
cfg: &Config, cfg: &Config,
server_supported: &Vec<KeyExchange>, server_supported: &Vec<KeyExchangeKind>,
) -> Option<KeyExchange> { ) -> Option<KeyExchangeKind> {
server_supported server_supported
.iter() .iter()
.find(|k| cfg.key_exchanges.contains(k)) .find(|k| cfg.key_exchanges.contains(k))

2
src/inner/mod.rs
View File

@ -70,7 +70,7 @@ pub(crate) struct ThreadTracker {
/// (udp_src_sender_port % total_threads) - 1 /// (udp_src_sender_port % total_threads) - 1
pub(crate) struct HandshakeTracker { pub(crate) struct HandshakeTracker {
thread_id: ThreadTracker, thread_id: ThreadTracker,
key_exchanges: Vec<(asym::KeyKind, asym::KeyExchange)>, key_exchanges: Vec<(asym::KeyKind, asym::KeyExchangeKind)>,
ciphers: Vec<CipherKind>, ciphers: Vec<CipherKind>,
/// ephemeral keys used server side in key exchange /// ephemeral keys used server side in key exchange
keys_srv: Vec<HandshakeServer>, keys_srv: Vec<HandshakeServer>,