summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Pointner <equinox@anytun.org>2017-09-19 00:11:54 +0200
committerChristian Pointner <equinox@anytun.org>2017-09-19 00:11:54 +0200
commitbe9a0746fdf882965ea5a325e5bc403ec5b977a2 (patch)
tree28e75961c9d25f2bc6c89faf472d733665422a27
parentadded key derivation test case (diff)
refactored role and direction
Diffstat
-rw-r--r--satp/crypto-kd-aesctr.go8
-rw-r--r--satp/crypto-kd-aesctr_test.go49
-rw-r--r--satp/crypto-kd.go31
-rw-r--r--satp/crypto-kd_test.go24
4 files changed, 68 insertions, 44 deletions
diff --git a/satp/crypto-kd-aesctr.go b/satp/crypto-kd-aesctr.go
index 58a1c04..749e3dc 100644
--- a/satp/crypto-kd-aesctr.go
+++ b/satp/crypto-kd-aesctr.go
@@ -48,13 +48,13 @@ type AESCTRKeyDerivation struct {
salt []byte
}
-func (kd *AESCTRKeyDerivation) generateCTR(dir KeyDirection, usage KeyUsage, sequenceNumber uint32, ctr []byte) {
+func (kd *AESCTRKeyDerivation) generateCTR(role KDRole, dir Direction, usage KeyUsage, sequenceNumber uint32, ctr []byte) {
ctr[aes.BlockSize-1] = 0
ctr[aes.BlockSize-2] = 0
subtle.ConstantTimeCopy(1, ctr[:len(kd.salt)], kd.salt)
keyID := [8]byte{}
- binary.BigEndian.PutUint32(keyID[:4], getKDLabel(dir, usage))
+ binary.BigEndian.PutUint32(keyID[:4], getKDLabel(role, dir, usage))
binary.BigEndian.PutUint32(keyID[4:], sequenceNumber)
// unfortunately crypto.xorBytes is not exported...
@@ -65,11 +65,11 @@ func (kd *AESCTRKeyDerivation) generateCTR(dir KeyDirection, usage KeyUsage, seq
}
}
-func (kd *AESCTRKeyDerivation) Generate(dir KeyDirection, usage KeyUsage, sequenceNumber uint32, out []byte) error {
+func (kd *AESCTRKeyDerivation) Generate(role KDRole, dir Direction, usage KeyUsage, sequenceNumber uint32, out []byte) error {
// this needs to stay in this function so that the go compiler can detect that it doesn't escape
// from this function and whence will get allocated on the stack
ctr := [aes.BlockSize]byte{}
- kd.generateCTR(dir, usage, sequenceNumber, ctr[:])
+ kd.generateCTR(role, dir, usage, sequenceNumber, ctr[:])
for i := range out { // unfortunately there is no memset-style function in go...
out[i] = 0
}
diff --git a/satp/crypto-kd-aesctr_test.go b/satp/crypto-kd-aesctr_test.go
index 63ac57a..a36157c 100644
--- a/satp/crypto-kd-aesctr_test.go
+++ b/satp/crypto-kd-aesctr_test.go
@@ -71,20 +71,21 @@ func TestAESCTRKeyDerivationNew(t *testing.T) {
func TestAESCTRKeyDerivationGenerateCtr(t *testing.T) {
testvectors := []struct {
salt []byte
- dir KeyDirection
+ role KDRole
+ dir Direction
usage KeyUsage
sequenceNumber uint32
ctr []byte
}{
- {[]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, DirLeft, UsageEncryptKey, 0x12345678,
+ {[]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, RoleLeft, Outbound, UsageEncryptKey, 0x12345678,
[]byte{0, 0, 0, 0, 0, 0, 0x35, 0x6A, 0x19, 0x2B, 0x12, 0x34, 0x56, 0x78, 0, 0}},
- {[]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, DirRight, UsageEncryptSalt, 0x01020304,
+ {[]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, RoleRight, Outbound, UsageEncryptSalt, 0x01020304,
[]byte{0, 0, 0, 0, 0, 0, 0x1B, 0x64, 0x53, 0x89, 0x01, 0x02, 0x03, 0x04, 0, 0}},
- {[]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, DirLeft, UsageAuthKey, 0xdeadbeef,
+ {[]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, RoleLeft, Outbound, UsageAuthKey, 0xdeadbeef,
[]byte{0, 0, 0, 0, 0, 0, 0xAC, 0x34, 0x78, 0xD6, 0xDE, 0xAD, 0xBE, 0xEF, 0, 0}},
- {[]byte{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13}, DirLeft, UsageAuthKey, 0xdeadbeef,
+ {[]byte{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13}, RoleLeft, Outbound, UsageAuthKey, 0xdeadbeef,
[]byte{0, 1, 2, 3, 4, 5, 0xAA, 0x33, 0x70, 0xDF, 0xD4, 0xA6, 0xB2, 0xE2, 0, 0}},
- {[]byte{0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0, 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC}, DirLeft, UsageEncryptSalt, 0x01020304,
+ {[]byte{0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0, 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC}, RoleLeft, Outbound, UsageEncryptSalt, 0x01020304,
[]byte{0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xA9, 0x2E, 0x7A, 0xEE, 0x57, 0x7A, 0x99, 0xB8, 0, 0}},
}
@@ -97,7 +98,7 @@ func TestAESCTRKeyDerivationGenerateCtr(t *testing.T) {
aesCTR := kd.(*AESCTRKeyDerivation)
ctr := [aes.BlockSize]byte{}
- aesCTR.generateCTR(vector.dir, vector.usage, vector.sequenceNumber, ctr[:])
+ aesCTR.generateCTR(vector.role, vector.dir, vector.usage, vector.sequenceNumber, ctr[:])
if bytes.Compare(ctr[:], vector.ctr) != 0 {
t.Fatalf("resulting ctr is invalid, is: '%v', should be '%v'", ctr[:], vector.ctr)
}
@@ -106,24 +107,25 @@ func TestAESCTRKeyDerivationGenerateCtr(t *testing.T) {
func TestAESCTRKeyDerivationGenerate(t *testing.T) {
testvectors := []struct {
- dir KeyDirection
+ role KDRole
+ dir Direction
usage KeyUsage
sequenceNumber uint32
out []byte
}{
- {DirLeft, UsageEncryptKey, 0,
+ {RoleLeft, Outbound, UsageEncryptKey, 0,
[]byte{0x46, 0x04, 0x12, 0x67, 0x0C, 0x7A, 0x20, 0x07, 0x67, 0xC5, 0x9A, 0xB4, 0xBE, 0x2E, 0xBE, 0x50,
0xE9, 0xBC, 0x04, 0x7C, 0x17, 0x54, 0x73, 0x02, 0x4A, 0x54, 0x28, 0x44, 0x6F, 0xFA, 0xD2, 0xB6}},
- {DirRight, UsageEncryptKey, 0x0012CA37,
+ {RoleLeft, Inbound, UsageEncryptKey, 0x0012CA37,
[]byte{0x93, 0xEE, 0xC4, 0xD4, 0x94, 0xDA, 0x29, 0x72, 0x0C, 0xF5, 0xB6, 0x1D, 0x45, 0x3F, 0xA1, 0x19,
0xB0, 0x31, 0xB1, 0x7D, 0xA3, 0x78, 0x2C, 0x7A, 0x72, 0x19, 0x39, 0x4E, 0xEE, 0x40, 0x52, 0xDA}},
- {DirRight, UsageEncryptSalt, 0x0012CA37,
+ {RoleRight, Outbound, UsageEncryptSalt, 0x0012CA37,
[]byte{0x7C, 0x20, 0x7D, 0x35, 0xAD, 0x9C, 0xED, 0xC6, 0xE6, 0x16, 0xE4, 0xA9, 0x36, 0x3C, 0x49, 0xAA,
0xF4, 0xA9, 0x59, 0x0D, 0x6A, 0xC1, 0x63, 0xAB, 0x17, 0x3D, 0xA8, 0x9F, 0x3F, 0xD7, 0x10, 0xC3}},
- {DirRight, UsageAuthKey, 0xE,
+ {RoleRight, Outbound, UsageAuthKey, 0xE,
[]byte{0xE3, 0x26, 0x29, 0x37, 0xED, 0xF1, 0x36, 0x80, 0xB4, 0x8E, 0x6C, 0xF7, 0x7C, 0xEE, 0x8C, 0x49,
0xEA, 0x70, 0x6D, 0x24, 0x25, 0x35, 0xAF, 0x79, 0x7F, 0x02, 0x7C, 0x59, 0x2C, 0x7E, 0x41, 0x55}},
- {DirLeft, UsageAuthKey, 0xC,
+ {RoleRight, Inbound, UsageAuthKey, 0xC,
[]byte{0x2C, 0xF9, 0x7A, 0x96, 0x17, 0x28, 0x52, 0xFD, 0xF6, 0x57, 0xC4, 0x86, 0x7D, 0xA8, 0x04, 0xE3,
0xB4, 0x23, 0xA6, 0xAE, 0x66, 0xF8, 0xB9, 0xCC, 0x79, 0x72, 0xA6, 0xB9, 0x54, 0x72, 0x7F, 0xF4}},
}
@@ -137,7 +139,7 @@ func TestAESCTRKeyDerivationGenerate(t *testing.T) {
for _, vector := range testvectors {
out := [32]byte{}
- kd.Generate(vector.dir, vector.usage, vector.sequenceNumber, out[:])
+ kd.Generate(vector.role, vector.dir, vector.usage, vector.sequenceNumber, out[:])
if bytes.Compare(out[:], vector.out) != 0 {
t.Fatalf("resulting key material is invalid, is: '%v', should be '%v'", out[:], vector.out)
}
@@ -151,15 +153,16 @@ func TestAESCTRKeyDerivationGenerateRepeat(t *testing.T) {
testvectors := []struct {
key []byte
salt []byte
- dir KeyDirection
+ role KDRole
+ dir Direction
usage KeyUsage
sequenceNumber uint32
length int
}{
- {buffer[:16], buffer[16:30], DirLeft, UsageEncryptKey, 0x12345678, 23},
- {buffer[32:48], buffer[48:62], DirLeft, UsageEncryptKey, 0x1, 16},
- {buffer[64:80], buffer[80:94], DirLeft, UsageEncryptKey, 0x1, 20},
- {buffer[96:112], buffer[112:126], DirLeft, UsageEncryptKey, 0x1, 14},
+ {buffer[:16], buffer[16:30], RoleLeft, Outbound, UsageEncryptKey, 0x12345678, 23},
+ {buffer[32:48], buffer[48:62], RoleLeft, Inbound, UsageEncryptKey, 0x1, 16},
+ {buffer[64:80], buffer[80:94], RoleRight, Outbound, UsageEncryptKey, 0x1, 20},
+ {buffer[96:112], buffer[112:126], RoleRight, Outbound, UsageEncryptKey, 0x1, 14},
}
for _, vector := range testvectors {
@@ -170,8 +173,8 @@ func TestAESCTRKeyDerivationGenerateRepeat(t *testing.T) {
out1 := make([]byte, vector.length)
out2 := buffer[128 : 128+vector.length]
- kd.Generate(vector.dir, vector.usage, vector.sequenceNumber, out1)
- kd.Generate(vector.dir, vector.usage, vector.sequenceNumber, out2)
+ kd.Generate(vector.role, vector.dir, vector.usage, vector.sequenceNumber, out1)
+ kd.Generate(vector.role, vector.dir, vector.usage, vector.sequenceNumber, out2)
if bytes.Compare(out1, out2) != 0 {
t.Fatalf("result of 2 consecutive key generations differ, out1: '%v', out2: '%v'", out1, out2)
@@ -197,7 +200,7 @@ func BenchmarkAESCTRKeyDerivationGenerateCtr(b *testing.B) {
b.ResetTimer()
for i := 0; i < b.N; i++ {
- aesCTR.generateCTR(DirRight, UsageAuthKey, 0xAA55AA55, ctr)
+ aesCTR.generateCTR(RoleRight, Outbound, UsageAuthKey, 0xAA55AA55, ctr)
}
}
@@ -214,6 +217,6 @@ func BenchmarkAESCTRKeyDerivationGenerate(b *testing.B) {
b.ResetTimer()
for i := 0; i < b.N; i++ {
- kd.Generate(DirLeft, UsageEncryptKey, 0xdeadbeef, out)
+ kd.Generate(RoleLeft, Outbound, UsageEncryptKey, 0xdeadbeef, out)
}
}
diff --git a/satp/crypto-kd.go b/satp/crypto-kd.go
index 784080e..16f2192 100644
--- a/satp/crypto-kd.go
+++ b/satp/crypto-kd.go
@@ -30,13 +30,26 @@
package satp
-type KeyDirection int
+// TODO: move this to a more global place
+type Direction int
+
+const (
+ Inbound Direction = iota
+ Outbound
+)
+
+type KDRole int
type KeyUsage int
type Label uint32
const (
- DirLeft KeyDirection = iota
- DirRight
+ RoleLeft KDRole = iota
+ RoleRight
+
+ RoleServer = RoleLeft
+ RoleClient = RoleRight
+ RoleAlice = RoleLeft
+ RoleBob = RoleRight
UsageEncryptKey KeyUsage = iota
UsageEncryptSalt
@@ -51,26 +64,26 @@ const (
)
type KeyDerivation interface {
- Generate(dir KeyDirection, usage KeyUsage, sequenceNumber uint32, out []byte) error
+ Generate(role KDRole, dir Direction, usage KeyUsage, sequenceNumber uint32, out []byte) error
}
-func getKDLabel(dir KeyDirection, usage KeyUsage) uint32 {
+func getKDLabel(role KDRole, dir Direction, usage KeyUsage) uint32 {
switch usage {
case UsageEncryptKey:
- if dir == DirLeft {
+ if (role == RoleLeft && dir == Outbound) || (role == RoleRight && dir == Inbound) {
return LabelLeftEncrypt
}
return LabelRightEncrypt
case UsageEncryptSalt:
- if dir == DirLeft {
+ if (role == RoleLeft && dir == Outbound) || (role == RoleRight && dir == Inbound) {
return LabelLeftEncryptSalt
}
return LabelRightEncryptSalt
case UsageAuthKey:
- if dir == DirLeft {
+ if (role == RoleLeft && dir == Outbound) || (role == RoleRight && dir == Inbound) {
return LabelLeftAuthKey
}
return LabelRightAuthKey
}
- panic("Key-derivation: invalid direction and/or usage")
+ panic("Key-derivation: invalid role, direction and/or usage")
}
diff --git a/satp/crypto-kd_test.go b/satp/crypto-kd_test.go
index 0ba2bf0..1c01fc9 100644
--- a/satp/crypto-kd_test.go
+++ b/satp/crypto-kd_test.go
@@ -36,20 +36,28 @@ import (
func TestKDGetLabel(t *testing.T) {
testvectors := []struct {
- dir KeyDirection
+ role KDRole
+ dir Direction
usage KeyUsage
label uint32
}{
- {DirLeft, UsageEncryptKey, 0x356A192B},
- {DirRight, UsageEncryptKey, 0xDA4B9237},
- {DirLeft, UsageEncryptSalt, 0x77DE68DA},
- {DirRight, UsageEncryptSalt, 0x1B645389},
- {DirLeft, UsageAuthKey, 0xAC3478D6},
- {DirRight, UsageAuthKey, 0xC1DFD96E},
+ {RoleLeft, Outbound, UsageEncryptKey, 0x356A192B},
+ {RoleRight, Outbound, UsageEncryptKey, 0xDA4B9237},
+ {RoleAlice, Outbound, UsageEncryptSalt, 0x77DE68DA},
+ {RoleBob, Outbound, UsageEncryptSalt, 0x1B645389},
+ {RoleServer, Outbound, UsageAuthKey, 0xAC3478D6},
+ {RoleClient, Outbound, UsageAuthKey, 0xC1DFD96E},
+
+ {RoleAlice, Inbound, UsageEncryptKey, 0xDA4B9237},
+ {RoleBob, Inbound, UsageEncryptKey, 0x356A192B},
+ {RoleServer, Inbound, UsageEncryptSalt, 0x1B645389},
+ {RoleClient, Inbound, UsageEncryptSalt, 0x77DE68DA},
+ {RoleLeft, Inbound, UsageAuthKey, 0xC1DFD96E},
+ {RoleRight, Inbound, UsageAuthKey, 0xAC3478D6},
}
for _, vector := range testvectors {
- label := getKDLabel(vector.dir, vector.usage)
+ label := getKDLabel(vector.role, vector.dir, vector.usage)
if label != vector.label {
t.Fatalf("returned label is invalid, is: 0x%08X, should be 0x%08X", label, vector.label)
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-17 03:58:44 +0000