Rename kh_ to key_handle_
This commit is contained in:
Julien Cretin
@@ -24,10 +24,10 @@ use crate::env::Env;
|
||||
/// Implementations may use the environment store: [`STORE_KEY`] is reserved for this usage.
|
||||
pub trait KeyStore {
|
||||
/// Returns the AES key for key handles encryption.
|
||||
fn kh_encryption(&mut self) -> Result<[u8; 32], Error>;
|
||||
fn key_handle_encryption(&mut self) -> Result<[u8; 32], Error>;
|
||||
|
||||
/// Returns the key for key handles authentication.
|
||||
fn kh_authentication(&mut self) -> Result<[u8; 32], Error>;
|
||||
fn key_handle_authentication(&mut self) -> Result<[u8; 32], Error>;
|
||||
|
||||
/// Derives an ECDSA private key from a seed.
|
||||
///
|
||||
@@ -51,11 +51,11 @@ pub struct Error;
|
||||
pub const STORE_KEY: usize = 2046;
|
||||
|
||||
impl<T: Env> KeyStore for T {
|
||||
fn kh_encryption(&mut self) -> Result<[u8; 32], Error> {
|
||||
fn key_handle_encryption(&mut self) -> Result<[u8; 32], Error> {
|
||||
Ok(get_master_keys(self)?.encryption)
|
||||
}
|
||||
|
||||
fn kh_authentication(&mut self) -> Result<[u8; 32], Error> {
|
||||
fn key_handle_authentication(&mut self) -> Result<[u8; 32], Error> {
|
||||
Ok(get_master_keys(self)?.authentication)
|
||||
}
|
||||
|
||||
@@ -120,10 +120,13 @@ fn test_key_store() {
|
||||
let key_store = env.key_store();
|
||||
|
||||
// Master keys are well-defined and stable.
|
||||
let encryption_key = key_store.kh_encryption().unwrap();
|
||||
let authentication_key = key_store.kh_authentication().unwrap();
|
||||
assert_eq!(key_store.kh_encryption(), Ok(encryption_key));
|
||||
assert_eq!(key_store.kh_authentication(), Ok(authentication_key));
|
||||
let encryption_key = key_store.key_handle_encryption().unwrap();
|
||||
let authentication_key = key_store.key_handle_authentication().unwrap();
|
||||
assert_eq!(key_store.key_handle_encryption(), Ok(encryption_key));
|
||||
assert_eq!(
|
||||
key_store.key_handle_authentication(),
|
||||
Ok(authentication_key)
|
||||
);
|
||||
|
||||
// ECDSA seeds are well-defined and stable.
|
||||
let ecdsa_seed = key_store.generate_ecdsa_seed().unwrap();
|
||||
@@ -133,6 +136,6 @@ fn test_key_store() {
|
||||
// Master keys change after reset. We don't require this for ECDSA seeds because it's not the
|
||||
// case, but it might be better.
|
||||
key_store.reset().unwrap();
|
||||
assert!(key_store.kh_encryption().unwrap() != encryption_key);
|
||||
assert!(key_store.kh_authentication().unwrap() != authentication_key);
|
||||
assert!(key_store.key_handle_encryption().unwrap() != encryption_key);
|
||||
assert!(key_store.key_handle_authentication().unwrap() != authentication_key);
|
||||
}
|
||||
|
||||
@@ -260,7 +260,7 @@ pub fn encrypt_key_handle(
|
||||
private_key: &PrivateKey,
|
||||
application: &[u8; 32],
|
||||
) -> Result<Vec<u8>, Ctap2StatusCode> {
|
||||
let aes_enc_key = crypto::aes256::EncryptionKey::new(&env.key_store().kh_encryption()?);
|
||||
let aes_enc_key = crypto::aes256::EncryptionKey::new(&env.key_store().key_handle_encryption()?);
|
||||
|
||||
let mut plaintext = [0; 64];
|
||||
let version = match private_key {
|
||||
@@ -279,7 +279,10 @@ pub fn encrypt_key_handle(
|
||||
let mut encrypted_id = aes256_cbc_encrypt(env.rng(), &aes_enc_key, &plaintext, true)?;
|
||||
encrypted_id.insert(0, version);
|
||||
|
||||
let id_hmac = hmac_256::<Sha256>(&env.key_store().kh_authentication()?, &encrypted_id[..]);
|
||||
let id_hmac = hmac_256::<Sha256>(
|
||||
&env.key_store().key_handle_authentication()?,
|
||||
&encrypted_id[..],
|
||||
);
|
||||
encrypted_id.extend(&id_hmac);
|
||||
Ok(encrypted_id)
|
||||
}
|
||||
@@ -305,7 +308,7 @@ pub fn decrypt_credential_source(
|
||||
}
|
||||
let hmac_message_size = credential_id.len() - 32;
|
||||
if !verify_hmac_256::<Sha256>(
|
||||
&env.key_store().kh_authentication()?,
|
||||
&env.key_store().key_handle_authentication()?,
|
||||
&credential_id[..hmac_message_size],
|
||||
array_ref![credential_id, hmac_message_size, 32],
|
||||
) {
|
||||
@@ -329,7 +332,7 @@ pub fn decrypt_credential_source(
|
||||
return Ok(None);
|
||||
}
|
||||
|
||||
let aes_enc_key = crypto::aes256::EncryptionKey::new(&env.key_store().kh_encryption()?);
|
||||
let aes_enc_key = crypto::aes256::EncryptionKey::new(&env.key_store().key_handle_encryption()?);
|
||||
let decrypted_id = aes256_cbc_decrypt(&aes_enc_key, payload, true)?;
|
||||
|
||||
if rp_id_hash != &decrypted_id[32..] {
|
||||
@@ -599,7 +602,7 @@ mod test {
|
||||
encrypted_id[0] = UNSUPPORTED_CREDENTIAL_ID_VERSION;
|
||||
// Override the HMAC to pass the check.
|
||||
encrypted_id.truncate(&encrypted_id.len() - 32);
|
||||
let hmac_key = env.key_store().kh_authentication().unwrap();
|
||||
let hmac_key = env.key_store().key_handle_authentication().unwrap();
|
||||
let id_hmac = hmac_256::<Sha256>(&hmac_key, &encrypted_id[..]);
|
||||
encrypted_id.extend(&id_hmac);
|
||||
|
||||
@@ -668,13 +671,17 @@ mod test {
|
||||
private_key: crypto::ecdsa::SecKey,
|
||||
application: &[u8; 32],
|
||||
) -> Result<Vec<u8>, Ctap2StatusCode> {
|
||||
let aes_enc_key = crypto::aes256::EncryptionKey::new(&env.key_store().kh_encryption()?);
|
||||
let aes_enc_key =
|
||||
crypto::aes256::EncryptionKey::new(&env.key_store().key_handle_encryption()?);
|
||||
let mut plaintext = [0; 64];
|
||||
private_key.to_bytes(array_mut_ref!(plaintext, 0, 32));
|
||||
plaintext[32..64].copy_from_slice(application);
|
||||
|
||||
let mut encrypted_id = aes256_cbc_encrypt(env.rng(), &aes_enc_key, &plaintext, true)?;
|
||||
let id_hmac = hmac_256::<Sha256>(&env.key_store().kh_authentication()?, &encrypted_id[..]);
|
||||
let id_hmac = hmac_256::<Sha256>(
|
||||
&env.key_store().key_handle_authentication()?,
|
||||
&encrypted_id[..],
|
||||
);
|
||||
encrypted_id.extend(&id_hmac);
|
||||
Ok(encrypted_id)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user