From 00cd2b7984bc9125668782254dfad2a3089dbaf1 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sat, 14 Oct 2017 16:15:28 +0200 Subject: role is now part of kd --- satp/crypto-kd-aesctr.go | 13 +++++---- satp/crypto-kd-aesctr_test.go | 68 +++++++++++++++++++++++-------------------- satp/crypto-kd.go | 2 +- 3 files changed, 45 insertions(+), 38 deletions(-) diff --git a/satp/crypto-kd-aesctr.go b/satp/crypto-kd-aesctr.go index 749e3dc..b3f2907 100644 --- a/satp/crypto-kd-aesctr.go +++ b/satp/crypto-kd-aesctr.go @@ -46,15 +46,16 @@ const ( type AESCTRKeyDerivation struct { cipher cipher.Block salt []byte + role KDRole } -func (kd *AESCTRKeyDerivation) generateCTR(role KDRole, dir Direction, usage KeyUsage, sequenceNumber uint32, ctr []byte) { +func (kd *AESCTRKeyDerivation) generateCTR(dir Direction, usage KeyUsage, sequenceNumber uint32, ctr []byte) { ctr[aes.BlockSize-1] = 0 ctr[aes.BlockSize-2] = 0 subtle.ConstantTimeCopy(1, ctr[:len(kd.salt)], kd.salt) keyID := [8]byte{} - binary.BigEndian.PutUint32(keyID[:4], getKDLabel(role, dir, usage)) + binary.BigEndian.PutUint32(keyID[:4], getKDLabel(kd.role, dir, usage)) binary.BigEndian.PutUint32(keyID[4:], sequenceNumber) // unfortunately crypto.xorBytes is not exported... @@ -65,11 +66,11 @@ func (kd *AESCTRKeyDerivation) generateCTR(role KDRole, dir Direction, usage Key } } -func (kd *AESCTRKeyDerivation) Generate(role KDRole, dir Direction, usage KeyUsage, sequenceNumber uint32, out []byte) error { +func (kd *AESCTRKeyDerivation) Generate(dir Direction, usage KeyUsage, sequenceNumber uint32, out []byte) error { // this needs to stay in this function so that the go compiler can detect that it doesn't escape // from this function and whence will get allocated on the stack ctr := [aes.BlockSize]byte{} - kd.generateCTR(role, dir, usage, sequenceNumber, ctr[:]) + kd.generateCTR(dir, usage, sequenceNumber, ctr[:]) for i := range out { // unfortunately there is no memset-style function in go... out[i] = 0 } @@ -78,12 +79,12 @@ func (kd *AESCTRKeyDerivation) Generate(role KDRole, dir Direction, usage KeyUsa return nil } -func NewAESCTRKeyDerivation(key, salt []byte) (KeyDerivation, error) { +func NewAESCTRKeyDerivation(key, salt []byte, role KDRole) (KeyDerivation, error) { if len(salt) != AES_CTR_KD_SALT_LENGTH { return nil, errors.New("invalid salt size: " + strconv.Itoa(len(salt))) } - kd := &AESCTRKeyDerivation{salt: salt} + kd := &AESCTRKeyDerivation{salt: salt, role: role} var err error if kd.cipher, err = aes.NewCipher(key); err != nil { diff --git a/satp/crypto-kd-aesctr_test.go b/satp/crypto-kd-aesctr_test.go index a36157c..030dc12 100644 --- a/satp/crypto-kd-aesctr_test.go +++ b/satp/crypto-kd-aesctr_test.go @@ -55,14 +55,16 @@ func TestAESCTRKeyDerivationNew(t *testing.T) { } for _, vector := range testvectors { - _, err := NewAESCTRKeyDerivation(vector.key, vector.salt) - if vector.valid { - if err != nil { - t.Fatal("unexpected error:", err) - } - } else { - if err == nil { - t.Fatalf("creating aes-ctr key derivation with key %v and salt %v should give an error", vector.key, vector.salt) + for _, role := range []KDRole{RoleLeft, RoleRight} { + _, err := NewAESCTRKeyDerivation(vector.key, vector.salt, role) + if vector.valid { + if err != nil { + t.Fatal("unexpected error:", err) + } + } else { + if err == nil { + t.Fatalf("creating aes-ctr key derivation with key %v and salt %v should give an error", vector.key, vector.salt) + } } } } @@ -91,14 +93,14 @@ func TestAESCTRKeyDerivationGenerateCtr(t *testing.T) { for _, vector := range testvectors { key := [aes.BlockSize]byte{} - kd, err := NewAESCTRKeyDerivation(key[:], vector.salt) + kd, err := NewAESCTRKeyDerivation(key[:], vector.salt, vector.role) if err != nil { t.Fatal("unexpected error:", err) } aesCTR := kd.(*AESCTRKeyDerivation) ctr := [aes.BlockSize]byte{} - aesCTR.generateCTR(vector.role, vector.dir, vector.usage, vector.sequenceNumber, ctr[:]) + aesCTR.generateCTR(vector.dir, vector.usage, vector.sequenceNumber, ctr[:]) if bytes.Compare(ctr[:], vector.ctr) != 0 { t.Fatalf("resulting ctr is invalid, is: '%v', should be '%v'", ctr[:], vector.ctr) } @@ -106,40 +108,44 @@ func TestAESCTRKeyDerivationGenerateCtr(t *testing.T) { } func TestAESCTRKeyDerivationGenerate(t *testing.T) { + key := []byte{0x77, 0x67, 0xA3, 0x90, 0x3E, 0xB9, 0x22, 0x06, 0x87, 0xBF, 0xF8, 0xA1, 0x4E, 0x94, 0x0F, 0xA7} + salt := []byte{0x3D, 0x58, 0x3F, 0xC6, 0x70, 0xA9, 0x6B, 0xCF, 0x92, 0xDA, 0x27, 0x0D, 0x07, 0x67} + kdLeft, err := NewAESCTRKeyDerivation(key, salt, RoleLeft) + if err != nil { + t.Fatal("unexpected error:", err) + } + kdRight, err := NewAESCTRKeyDerivation(key, salt, RoleRight) + if err != nil { + t.Fatal("unexpected error:", err) + } + testvectors := []struct { - role KDRole + kd KeyDerivation dir Direction usage KeyUsage sequenceNumber uint32 out []byte }{ - {RoleLeft, Outbound, UsageEncryptKey, 0, + {kdLeft, Outbound, UsageEncryptKey, 0, []byte{0x46, 0x04, 0x12, 0x67, 0x0C, 0x7A, 0x20, 0x07, 0x67, 0xC5, 0x9A, 0xB4, 0xBE, 0x2E, 0xBE, 0x50, 0xE9, 0xBC, 0x04, 0x7C, 0x17, 0x54, 0x73, 0x02, 0x4A, 0x54, 0x28, 0x44, 0x6F, 0xFA, 0xD2, 0xB6}}, - {RoleLeft, Inbound, UsageEncryptKey, 0x0012CA37, + {kdLeft, Inbound, UsageEncryptKey, 0x0012CA37, []byte{0x93, 0xEE, 0xC4, 0xD4, 0x94, 0xDA, 0x29, 0x72, 0x0C, 0xF5, 0xB6, 0x1D, 0x45, 0x3F, 0xA1, 0x19, 0xB0, 0x31, 0xB1, 0x7D, 0xA3, 0x78, 0x2C, 0x7A, 0x72, 0x19, 0x39, 0x4E, 0xEE, 0x40, 0x52, 0xDA}}, - {RoleRight, Outbound, UsageEncryptSalt, 0x0012CA37, + {kdRight, Outbound, UsageEncryptSalt, 0x0012CA37, []byte{0x7C, 0x20, 0x7D, 0x35, 0xAD, 0x9C, 0xED, 0xC6, 0xE6, 0x16, 0xE4, 0xA9, 0x36, 0x3C, 0x49, 0xAA, 0xF4, 0xA9, 0x59, 0x0D, 0x6A, 0xC1, 0x63, 0xAB, 0x17, 0x3D, 0xA8, 0x9F, 0x3F, 0xD7, 0x10, 0xC3}}, - {RoleRight, Outbound, UsageAuthKey, 0xE, + {kdRight, Outbound, UsageAuthKey, 0xE, []byte{0xE3, 0x26, 0x29, 0x37, 0xED, 0xF1, 0x36, 0x80, 0xB4, 0x8E, 0x6C, 0xF7, 0x7C, 0xEE, 0x8C, 0x49, 0xEA, 0x70, 0x6D, 0x24, 0x25, 0x35, 0xAF, 0x79, 0x7F, 0x02, 0x7C, 0x59, 0x2C, 0x7E, 0x41, 0x55}}, - {RoleRight, Inbound, UsageAuthKey, 0xC, + {kdRight, Inbound, UsageAuthKey, 0xC, []byte{0x2C, 0xF9, 0x7A, 0x96, 0x17, 0x28, 0x52, 0xFD, 0xF6, 0x57, 0xC4, 0x86, 0x7D, 0xA8, 0x04, 0xE3, 0xB4, 0x23, 0xA6, 0xAE, 0x66, 0xF8, 0xB9, 0xCC, 0x79, 0x72, 0xA6, 0xB9, 0x54, 0x72, 0x7F, 0xF4}}, } - key := []byte{0x77, 0x67, 0xA3, 0x90, 0x3E, 0xB9, 0x22, 0x06, 0x87, 0xBF, 0xF8, 0xA1, 0x4E, 0x94, 0x0F, 0xA7} - salt := []byte{0x3D, 0x58, 0x3F, 0xC6, 0x70, 0xA9, 0x6B, 0xCF, 0x92, 0xDA, 0x27, 0x0D, 0x07, 0x67} - kd, err := NewAESCTRKeyDerivation(key, salt) - if err != nil { - t.Fatal("unexpected error:", err) - } - for _, vector := range testvectors { out := [32]byte{} - kd.Generate(vector.role, vector.dir, vector.usage, vector.sequenceNumber, out[:]) + vector.kd.Generate(vector.dir, vector.usage, vector.sequenceNumber, out[:]) if bytes.Compare(out[:], vector.out) != 0 { t.Fatalf("resulting key material is invalid, is: '%v', should be '%v'", out[:], vector.out) } @@ -166,15 +172,15 @@ func TestAESCTRKeyDerivationGenerateRepeat(t *testing.T) { } for _, vector := range testvectors { - kd, err := NewAESCTRKeyDerivation(vector.key, vector.salt) + kd, err := NewAESCTRKeyDerivation(vector.key, vector.salt, vector.role) if err != nil { t.Fatal("unexpected error:", err) } out1 := make([]byte, vector.length) out2 := buffer[128 : 128+vector.length] - kd.Generate(vector.role, vector.dir, vector.usage, vector.sequenceNumber, out1) - kd.Generate(vector.role, vector.dir, vector.usage, vector.sequenceNumber, out2) + kd.Generate(vector.dir, vector.usage, vector.sequenceNumber, out1) + kd.Generate(vector.dir, vector.usage, vector.sequenceNumber, out2) if bytes.Compare(out1, out2) != 0 { t.Fatalf("result of 2 consecutive key generations differ, out1: '%v', out2: '%v'", out1, out2) @@ -190,7 +196,7 @@ func BenchmarkAESCTRKeyDerivationGenerateCtr(b *testing.B) { var buffer [256]byte rand.Read(buffer[:]) - kd, err := NewAESCTRKeyDerivation(buffer[:16], buffer[16:30]) + kd, err := NewAESCTRKeyDerivation(buffer[:16], buffer[16:30], RoleRight) if err != nil { b.Fatal("unexpected error:", err) } @@ -200,7 +206,7 @@ func BenchmarkAESCTRKeyDerivationGenerateCtr(b *testing.B) { b.ResetTimer() for i := 0; i < b.N; i++ { - aesCTR.generateCTR(RoleRight, Outbound, UsageAuthKey, 0xAA55AA55, ctr) + aesCTR.generateCTR(Outbound, UsageAuthKey, 0xAA55AA55, ctr) } } @@ -208,7 +214,7 @@ func BenchmarkAESCTRKeyDerivationGenerate(b *testing.B) { var buffer [256]byte rand.Read(buffer[:]) - kd, err := NewAESCTRKeyDerivation(buffer[:16], buffer[16:30]) + kd, err := NewAESCTRKeyDerivation(buffer[:16], buffer[16:30], RoleLeft) if err != nil { b.Fatal("unexpected error:", err) } @@ -217,6 +223,6 @@ func BenchmarkAESCTRKeyDerivationGenerate(b *testing.B) { b.ResetTimer() for i := 0; i < b.N; i++ { - kd.Generate(RoleLeft, Outbound, UsageEncryptKey, 0xdeadbeef, out) + kd.Generate(Outbound, UsageEncryptKey, 0xdeadbeef, out) } } diff --git a/satp/crypto-kd.go b/satp/crypto-kd.go index 823c5bb..db52f77 100644 --- a/satp/crypto-kd.go +++ b/satp/crypto-kd.go @@ -56,7 +56,7 @@ const ( ) type KeyDerivation interface { - Generate(role KDRole, dir Direction, usage KeyUsage, sequenceNumber uint32, out []byte) error + Generate(dir Direction, usage KeyUsage, sequenceNumber uint32, out []byte) error } func getKDLabel(role KDRole, dir Direction, usage KeyUsage) uint32 { -- cgit v1.2.3