From 97596ebc1527312a140ffac6170881245c7eb4c7 Mon Sep 17 00:00:00 2001 From: c0repwn3r Date: Thu, 15 Dec 2022 14:20:11 -0500 Subject: [PATCH] [noise] handshake state init helper --- quicktap/src/noise/handshake/initiator.rs | 6 +-- quicktap/src/noise/handshake/mod.rs | 4 +- quicktap/src/noise/handshake/response.rs | 4 +- quicktap/src/noise/handshake/tests.rs | 66 ++--------------------- 4 files changed, 11 insertions(+), 69 deletions(-) diff --git a/quicktap/src/noise/handshake/initiator.rs b/quicktap/src/noise/handshake/initiator.rs index 24694c6..267fe15 100644 --- a/quicktap/src/noise/handshake/initiator.rs +++ b/quicktap/src/noise/handshake/initiator.rs @@ -7,7 +7,7 @@ use crate::noise::handshake::{HANDSHAKE_INITIATOR_CHAIN_KEY, HANDSHAKE_INITIATOR use crate::qcrypto::aead::{qcrypto_aead, qcrypto_aead_decrypt}; use crate::qcrypto::hashes::{qcrypto_hash_twice, qcrypto_mac}; use crate::qcrypto::hkdf::qcrypto_hkdf; -use crate::qcrypto::pki::{qcrypto_dh_ephemeral, qcrypto_dh_generate_ephemeral, qcrypto_dh_generate_longterm, qcrypto_dh_longterm}; +use crate::qcrypto::pki::{qcrypto_dh_generate_longterm, qcrypto_dh_longterm}; use crate::qcrypto::{LABEL_MAC1, timestamp}; /// Generate a handshake initiator packet and encrypt it using the given session state, starting a new handshake state @@ -17,7 +17,7 @@ use crate::qcrypto::{LABEL_MAC1, timestamp}; /// While containing unwraps, this function will never panic. #[allow(clippy::module_name_repetitions)] pub fn handshake_init_to(session: &mut HandshakeState) -> Result<[u8; 148], NoiseError> { - session.s_pub_i = PublicKey::from(&session.s_priv_me); + session.s_pub_i = PublicKey::from(session.s_priv_me); session.s_pub_r = session.s_pub_them; session.i_i = thread_rng().gen(); @@ -122,7 +122,7 @@ impl HandshakeInitiatorRaw { #[allow(clippy::module_name_repetitions)] pub fn handshake_init_from(session: &mut HandshakeState, packet: [u8; 148]) -> Result<(), NoiseError> { let s_pub_i = session.s_pub_them; - let s_pub_r = PublicKey::from(&session.s_priv_me); + let s_pub_r = PublicKey::from(session.s_priv_me); let msg = HandshakeInitiatorRaw::from_bytes(packet); diff --git a/quicktap/src/noise/handshake/mod.rs b/quicktap/src/noise/handshake/mod.rs index 823430b..e646eea 100644 --- a/quicktap/src/noise/handshake/mod.rs +++ b/quicktap/src/noise/handshake/mod.rs @@ -2,7 +2,7 @@ use std::fmt::{Debug, Formatter}; use rand::rngs::OsRng; use tai64::Tai64N; -use x25519_dalek::{EphemeralSecret, PublicKey, StaticSecret}; +use x25519_dalek::{PublicKey, StaticSecret}; use crate::qcrypto::timestamp; pub mod initiator; @@ -63,7 +63,7 @@ impl<'a> HandshakeState<'a> { /// Create a new handshake state representing a brand-new handshake. /// This function initializes the important values with their appropriate initialization vectors, and zeroes out all other values. - pub fn new(private_key: &StaticSecret, other_pubkey: PublicKey, pre_shared_key: Option<[u8; 32]>) -> Self { + pub fn new(private_key: &'a StaticSecret, other_pubkey: PublicKey, pre_shared_key: Option<[u8; 32]>) -> Self { Self { h: [0u8; 32], ck: [0u8; 32], diff --git a/quicktap/src/noise/handshake/response.rs b/quicktap/src/noise/handshake/response.rs index 93ae5d3..2981bb4 100644 --- a/quicktap/src/noise/handshake/response.rs +++ b/quicktap/src/noise/handshake/response.rs @@ -7,7 +7,7 @@ use crate::qcrypto::aead::{qcrypto_aead, qcrypto_aead_decrypt}; use crate::qcrypto::hashes::{qcrypto_hash_twice, qcrypto_mac}; use crate::qcrypto::hkdf::qcrypto_hkdf; use crate::qcrypto::LABEL_MAC1; -use crate::qcrypto::pki::{qcrypto_dh_ephemeral, qcrypto_dh_generate_ephemeral, qcrypto_dh_generate_longterm, qcrypto_dh_longterm}; +use crate::qcrypto::pki::{qcrypto_dh_generate_longterm, qcrypto_dh_longterm}; /// Creates a handshake response packet using the current active handshake session. /// # Errors @@ -59,7 +59,7 @@ pub fn handshake_response_to(session: &mut HandshakeState) -> Result<[u8; 92], N /// # Panics /// This function, while containing unwraps, will never panic. pub fn handshake_response_from(session: &mut HandshakeState, packet: [u8; 92]) -> Result<(), NoiseError> { - let mut msg = HandshakeResponseRaw::from_bytes(packet); + let msg = HandshakeResponseRaw::from_bytes(packet); let e_pub_r = PublicKey::from(msg.ephemeral); diff --git a/quicktap/src/noise/handshake/tests.rs b/quicktap/src/noise/handshake/tests.rs index 1dd567d..c083ee2 100644 --- a/quicktap/src/noise/handshake/tests.rs +++ b/quicktap/src/noise/handshake/tests.rs @@ -1,5 +1,3 @@ -use rand::rngs::OsRng; -use x25519_dalek::{EphemeralSecret, PublicKey, StaticSecret}; use crate::noise::handshake::HandshakeState; use crate::noise::handshake::initiator::{handshake_init_from, handshake_init_to}; use crate::noise::handshake::response::{handshake_response_from, handshake_response_to}; @@ -10,36 +8,8 @@ fn noise_halfhandshake_test() { let alice_keypair = qcrypto_dh_generate_longterm(); let bob_keypair = qcrypto_dh_generate_longterm(); - let mut alice_session = HandshakeState { - h: [0u8; 32], - ck: [0u8; 32], - e_pub_i: PublicKey::from([0u8; 32]), - e_pub_r: PublicKey::from([0u8; 32]), - s_pub_i: PublicKey::from([0u8; 32]), - s_pub_r: PublicKey::from([0u8; 32]), - e_priv_me: StaticSecret::new(OsRng), - s_priv_me: alice_keypair.0, - s_pub_them: bob_keypair.1, - i_i: 0, - i_r: 0, - q: [0u8; 32], - cookies: vec![], - }; - let mut bob_session = HandshakeState { - h: [0u8; 32], - ck: [0u8; 32], - e_pub_i: PublicKey::from([0u8; 32]), - e_pub_r: PublicKey::from([0u8; 32]), - s_pub_i: PublicKey::from([0u8; 32]), - s_pub_r: PublicKey::from([0u8; 32]), - e_priv_me: StaticSecret::new(OsRng), - s_priv_me: bob_keypair.0, - s_pub_them: alice_keypair.1, - i_i: 0, - i_r: 0, - q: [0u8; 32], - cookies: vec![], - }; + let mut alice_session = HandshakeState::new(&alice_keypair.0, bob_keypair.1, None); + let mut bob_session = HandshakeState::new(&bob_keypair.0, alice_keypair.1, None); let handshake_init = handshake_init_to(&mut alice_session).unwrap(); handshake_init_from(&mut bob_session, handshake_init).unwrap(); @@ -55,36 +25,8 @@ fn noise_nocookie_handshake_test() { let alice_keypair = qcrypto_dh_generate_longterm(); let bob_keypair = qcrypto_dh_generate_longterm(); - let mut alice_session = HandshakeState { - h: [0u8; 32], - ck: [0u8; 32], - e_pub_i: PublicKey::from([0u8; 32]), - e_pub_r: PublicKey::from([0u8; 32]), - s_pub_i: PublicKey::from([0u8; 32]), - s_pub_r: PublicKey::from([0u8; 32]), - e_priv_me: StaticSecret::new(OsRng), - s_priv_me: alice_keypair.0, - s_pub_them: bob_keypair.1, - i_i: 0, - i_r: 0, - q: [0u8; 32], - cookies: vec![], - }; - let mut bob_session = HandshakeState { - h: [0u8; 32], - ck: [0u8; 32], - e_pub_i: PublicKey::from([0u8; 32]), - e_pub_r: PublicKey::from([0u8; 32]), - s_pub_i: PublicKey::from([0u8; 32]), - s_pub_r: PublicKey::from([0u8; 32]), - e_priv_me: StaticSecret::new(OsRng), - s_priv_me: bob_keypair.0, - s_pub_them: alice_keypair.1, - i_i: 0, - i_r: 0, - q: [0u8; 32], - cookies: vec![], - }; + let mut alice_session = HandshakeState::new(&alice_keypair.0, bob_keypair.1, None); + let mut bob_session = HandshakeState::new(&bob_keypair.0, alice_keypair.1, None); let handshake_init = handshake_init_to(&mut alice_session).unwrap(); handshake_init_from(&mut bob_session, handshake_init).unwrap();