Skip to content

Update dependencies #18

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
migueldemoura merged 4 commits into from
Jan 6, 2022
Merged

Update dependencies #18

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
4cf578f
Remove generic-array
migueldemoura Jan 2, 2022
1586936
Move assert deps to dev-dependencies
migueldemoura Jan 2, 2022
99376e6
Update clap to 3.0.0
migueldemoura Jan 2, 2022
bd1a580
Update hpke to v0.8.0
migueldemoura Jan 2, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
78 changes: 28 additions & 50 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

11 changes: 6 additions & 5 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,9 @@ description = "Tool to interact with the firewall matched data feature"
edition = "2021"

[dependencies]
assert_cmd = "2.0.2"
assert_fs = "1.0.6"
bincode = "1.3.3"
clap = "3.0.0-beta.5"
generic-array = { version = "0.14.4", features = ["serde"] }
hpke = { version = "0.7.1", default-features = false, features = [
clap = { version = "3.0.0", features = ["derive"] }
hpke = { version = "0.8.0", default-features = false, features = [
"x25519",
"serde_impls",
] }
Expand All @@ -20,5 +17,9 @@ rand = "0.8.4"
serde = { version = "1.0.130", features = ["derive"] }
serde_json = "1.0.68"

[dev-dependencies]
assert_cmd = "2.0.2"
assert_fs = "1.0.6"

[profile.release]
lto = true
12 changes: 6 additions & 6 deletions src/main.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,13 @@ mod matched_data;

use crate::matched_data::generate_key_pair;
use clap::{ArgEnum, Parser};
use hpke::kex::Serializable;
use hpke::Serializable;
use serde::{Deserialize, Serialize};
use std::io::{stdin, stdout, Write};
use std::{fs, str};

#[derive(Parser)]
#[clap(author, version)]
#[clap(about, author, version)]
struct Options {
#[clap(subcommand)]
command: Command,
Expand All @@ -28,7 +28,7 @@ struct GenerateKeyPairOptions {
short,
long,
value_name = "format",
about = "Output format of key pair",
help = "Output format of key pair",
default_value = "json"
)]
output_format: KeyPairOutputFormat,
Expand All @@ -42,13 +42,13 @@ enum DecryptOutputFormat {

#[derive(Parser)]
struct DecryptOptions {
#[clap(about = "File containing the base64 encoded encrypted matched data")]
#[clap(help = "File containing the base64 encoded encrypted matched data")]
matched_data_filename: String,

#[clap(
short = 'k',
long,
about = "File containing the base64 encoded private key"
help = "File containing the base64 encoded private key"
)]
private_key_filename: String,

Expand All @@ -57,7 +57,7 @@ struct DecryptOptions {
short,
long,
value_name = "format",
about = "Output format of matched data",
help = "Output format of matched data",
default_value = "utf8-lossy"
)]
output_format: DecryptOutputFormat,
Expand Down
25 changes: 11 additions & 14 deletions src/matched_data.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,44 +3,41 @@ use hpke::{
aead::{AeadTag, ChaCha20Poly1305},
kdf::HkdfSha256,
kem::X25519HkdfSha256,
kex::{Deserializable, KeyExchange},
setup_receiver, EncappedKey, HpkeError, Kem as KemTrait, OpModeR,
setup_receiver, Deserializable, HpkeError, Kem as KemTrait, OpModeR,
};
use rand::{rngs::StdRng, SeedableRng};
use serde::{Deserialize, Serialize};

type Kem = X25519HkdfSha256;
type Aead = ChaCha20Poly1305;
type Kdf = HkdfSha256;
type Kex = <Kem as KemTrait>::Kex;

type PrivateKey = <Kem as KemTrait>::PrivateKey;
type PublicKey = <Kem as KemTrait>::PublicKey;
type EncappedKey = <Kem as KemTrait>::EncappedKey;

#[derive(Serialize, Deserialize)]
pub struct EncryptedData {
encapped_key: EncappedKey<Kex>,
encapped_key: EncappedKey,
ciphertext: Vec<u8>,
tag: AeadTag<Aead>,
}

// Generates a public-private key pair
pub fn generate_key_pair() -> (
<Kex as KeyExchange>::PrivateKey,
<Kex as KeyExchange>::PublicKey,
) {
pub fn generate_key_pair() -> (PrivateKey, PublicKey) {
let mut csprng = StdRng::from_entropy();
Kem::gen_keypair(&mut csprng)
}

// Constructs a PrivateKey from an array of bytes
pub fn get_private_key_from_bytes(
private_key_bytes: &[u8],
) -> Result<<Kex as KeyExchange>::PrivateKey, HpkeError> {
<Kex as KeyExchange>::PrivateKey::from_bytes(private_key_bytes)
pub fn get_private_key_from_bytes(private_key_bytes: &[u8]) -> Result<PrivateKey, HpkeError> {
PrivateKey::from_bytes(private_key_bytes)
}

// Decrypts data with provided private key
pub fn decrypt_data(
encrypted_data: &EncryptedData,
private_key: &<Kex as KeyExchange>::PrivateKey,
private_key: &PrivateKey,
) -> Result<Vec<u8>, HpkeError> {
// Decapsulate and derive the shared secret. Create a shared AEAD context.
let mut aead_ctx = setup_receiver::<Aead, Kdf, Kem>(
Expand All @@ -52,7 +49,7 @@ pub fn decrypt_data(

// Decrypt ciphertext in place
let mut ciphertext_copy = encrypted_data.ciphertext.clone();
aead_ctx.open(&mut ciphertext_copy, &[], &encrypted_data.tag)?;
aead_ctx.open_in_place_detached(&mut ciphertext_copy, &[], &encrypted_data.tag)?;

// Rename for clarity
let plaintext = ciphertext_copy;
Expand Down