Sachy's crypto scheme lmao #13

+864 -138

5 changed files

Diff round #17

expand all

Cargo.lock

Cargo.toml

sachy-crypto

Cargo.toml

README.md

src

lib.rs

+410 -138

Cargo.lock

··· 17 17 source = "registry+https://github.com/rust-lang/crates.io-index" 18 18 checksum = "320119579fcad9c21884f5c4861d16174d0e06250625266f50fe6898340abefa" 19 19 20 + [[package]] 21 + name = "aead" 22 + version = "0.6.0-rc.10" 23 + source = "registry+https://github.com/rust-lang/crates.io-index" 24 + checksum = "6b657e772794c6b04730ea897b66a058ccd866c16d1967da05eeeecec39043fe" 25 + dependencies = [ 26 + "crypto-common 0.2.1", 27 + "inout", 28 + ] 29 + 20 30 [[package]] 21 31 name = "aho-corasick" 22 32 version = "1.1.4" ··· 62 72 "backtrace", 63 73 ] 64 74 75 + [[package]] 76 + name = "base16ct" 77 + version = "1.0.0" 78 + source = "registry+https://github.com/rust-lang/crates.io-index" 79 + checksum = "fd307490d624467aa6f74b0eabb77633d1f758a7b25f12bceb0b22e08d9726f6" 80 + 65 81 [[package]] 66 82 name = "base64ct" 67 83 version = "1.8.3" ··· 89 105 "generic-array", 90 106 ] 91 107 108 + [[package]] 109 + name = "block-buffer" 110 + version = "0.12.0" 111 + source = "registry+https://github.com/rust-lang/crates.io-index" 112 + checksum = "cdd35008169921d80bc60d3d0ab416eecb028c4cd653352907921d95084790be" 113 + dependencies = [ 114 + "hybrid-array", 115 + ] 116 + 92 117 [[package]] 93 118 name = "byteorder" 94 119 version = "1.5.0" ··· 112 137 113 138 [[package]] 114 139 name = "cc" 115 - version = "1.2.56" 140 + version = "1.2.57" 116 141 source = "registry+https://github.com/rust-lang/crates.io-index" 117 - checksum = "aebf35691d1bfb0ac386a69bac2fde4dd276fb618cf8bf4f5318fe285e821bb2" 142 + checksum = "7a0dd1ca384932ff3641c8718a02769f1698e7563dc6974ffd03346116310423" 118 143 dependencies = [ 119 144 "find-msvc-tools", 120 145 "shlex", ··· 126 151 source = "registry+https://github.com/rust-lang/crates.io-index" 127 152 checksum = "9330f8b2ff13f34540b44e946ef35111825727b38d33286ef986142615121801" 128 153 154 + [[package]] 155 + name = "chacha20" 156 + version = "0.10.0" 157 + source = "registry+https://github.com/rust-lang/crates.io-index" 158 + checksum = "6f8d983286843e49675a4b7a2d174efe136dc93a18d69130dd18198a6c167601" 159 + dependencies = [ 160 + "cfg-if", 161 + "cipher", 162 + "cpufeatures 0.3.0", 163 + ] 164 + 165 + [[package]] 166 + name = "chacha20poly1305" 167 + version = "0.11.0-rc.3" 168 + source = "registry+https://github.com/rust-lang/crates.io-index" 169 + checksum = "1c9ed179664f12fd6f155f6dd632edf5f3806d48c228c67ff78366f2a0eb6b5e" 170 + dependencies = [ 171 + "aead", 172 + "chacha20", 173 + "cipher", 174 + "poly1305", 175 + ] 176 + 177 + [[package]] 178 + name = "cipher" 179 + version = "0.5.1" 180 + source = "registry+https://github.com/rust-lang/crates.io-index" 181 + checksum = "e34d8227fe1ba289043aeb13792056ff80fd6de1a9f49137a5f499de8e8c78ea" 182 + dependencies = [ 183 + "block-buffer 0.12.0", 184 + "crypto-common 0.2.1", 185 + "inout", 186 + ] 187 + 188 + [[package]] 189 + name = "cmov" 190 + version = "0.5.2" 191 + source = "registry+https://github.com/rust-lang/crates.io-index" 192 + checksum = "de0758edba32d61d1fd9f4d69491b47604b91ee2f7e6b33de7e54ca4ebe55dc3" 193 + 194 + [[package]] 195 + name = "const-oid" 196 + version = "0.10.2" 197 + source = "registry+https://github.com/rust-lang/crates.io-index" 198 + checksum = "a6ef517f0926dd24a1582492c791b6a4818a4d94e789a334894aa15b0d12f55c" 199 + 129 200 [[package]] 130 201 name = "core-foundation" 131 202 version = "0.10.1" ··· 142 213 source = "registry+https://github.com/rust-lang/crates.io-index" 143 214 checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b" 144 215 216 + [[package]] 217 + name = "cpubits" 218 + version = "0.1.0" 219 + source = "registry+https://github.com/rust-lang/crates.io-index" 220 + checksum = "5ef0c543070d296ea414df2dd7625d1b24866ce206709d8a4a424f28377f5861" 221 + 145 222 [[package]] 146 223 name = "cpufeatures" 147 224 version = "0.2.17" ··· 151 228 "libc", 152 229 ] 153 230 231 + [[package]] 232 + name = "cpufeatures" 233 + version = "0.3.0" 234 + source = "registry+https://github.com/rust-lang/crates.io-index" 235 + checksum = "8b2a41393f66f16b0823bb79094d54ac5fbd34ab292ddafb9a0456ac9f87d201" 236 + dependencies = [ 237 + "libc", 238 + ] 239 + 154 240 [[package]] 155 241 name = "critical-section" 156 242 version = "1.2.0" 157 243 source = "registry+https://github.com/rust-lang/crates.io-index" 158 244 checksum = "790eea4361631c5e7d22598ecd5723ff611904e3344ce8720784c93e3d83d40b" 159 245 246 + [[package]] 247 + name = "crypto-bigint" 248 + version = "0.7.2" 249 + source = "registry+https://github.com/rust-lang/crates.io-index" 250 + checksum = "e9b6a7421484856c90cb2e996b91068d608539bb4e6f0a111b16d70678824d09" 251 + dependencies = [ 252 + "cpubits", 253 + "ctutils", 254 + "getrandom", 255 + "hybrid-array", 256 + "num-traits", 257 + "rand_core", 258 + "subtle", 259 + "zeroize", 260 + ] 261 + 160 262 [[package]] 161 263 name = "crypto-common" 162 264 version = "0.1.7" ··· 167 269 "typenum", 168 270 ] 169 271 272 + [[package]] 273 + name = "crypto-common" 274 + version = "0.2.1" 275 + source = "registry+https://github.com/rust-lang/crates.io-index" 276 + checksum = "77727bb15fa921304124b128af125e7e3b968275d1b108b379190264f4423710" 277 + dependencies = [ 278 + "getrandom", 279 + "hybrid-array", 280 + "rand_core", 281 + ] 282 + 283 + [[package]] 284 + name = "ctutils" 285 + version = "0.4.0" 286 + source = "registry+https://github.com/rust-lang/crates.io-index" 287 + checksum = "1005a6d4446f5120ef475ad3d2af2b30c49c2c9c6904258e3bb30219bebed5e4" 288 + dependencies = [ 289 + "cmov", 290 + "subtle", 291 + ] 292 + 170 293 [[package]] 171 294 name = "darling" 172 295 version = "0.20.11" ··· 243 366 "thiserror 2.0.18", 244 367 ] 245 368 369 + [[package]] 370 + name = "der" 371 + version = "0.8.0" 372 + source = "registry+https://github.com/rust-lang/crates.io-index" 373 + checksum = "71fd89660b2dc699704064e59e9dba0147b903e85319429e131620d022be411b" 374 + dependencies = [ 375 + "const-oid", 376 + "zeroize", 377 + ] 378 + 246 379 [[package]] 247 380 name = "derive_builder" 248 381 version = "0.20.2" ··· 274 407 "syn", 275 408 ] 276 409 410 + [[package]] 411 + name = "dhkem" 412 + version = "0.1.0-rc.0" 413 + source = "git+https://github.com/RustCrypto/KEMs?rev=2d277162e0c5ed1c53bb315d0c0dace394cba70a#2d277162e0c5ed1c53bb315d0c0dace394cba70a" 414 + dependencies = [ 415 + "elliptic-curve", 416 + "hkdf", 417 + "k256", 418 + "kem", 419 + "rand_core", 420 + "zeroize", 421 + ] 422 + 277 423 [[package]] 278 424 name = "digest" 279 425 version = "0.10.7" 280 426 source = "registry+https://github.com/rust-lang/crates.io-index" 281 427 checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" 282 428 dependencies = [ 283 - "block-buffer", 284 - "crypto-common", 429 + "block-buffer 0.10.4", 430 + "crypto-common 0.1.7", 431 + ] 432 + 433 + [[package]] 434 + name = "digest" 435 + version = "0.11.2" 436 + source = "registry+https://github.com/rust-lang/crates.io-index" 437 + checksum = "4850db49bf08e663084f7fb5c87d202ef91a3907271aff24a94eb97ff039153c" 438 + dependencies = [ 439 + "block-buffer 0.12.0", 440 + "crypto-common 0.2.1", 441 + "ctutils", 285 442 ] 286 443 287 444 [[package]] ··· 293 450 "litrs", 294 451 ] 295 452 453 + [[package]] 454 + name = "ecdsa" 455 + version = "0.17.0-rc.16" 456 + source = "registry+https://github.com/rust-lang/crates.io-index" 457 + checksum = "91bbdd377139884fafcad8dc43a760a3e1e681aa26db910257fa6535b70e1829" 458 + dependencies = [ 459 + "der", 460 + "elliptic-curve", 461 + "signature", 462 + "zeroize", 463 + ] 464 + 296 465 [[package]] 297 466 name = "either" 298 467 version = "1.15.0" 299 468 source = "registry+https://github.com/rust-lang/crates.io-index" 300 469 checksum = "48c757948c5ede0e46177b7add2e67155f70e33c07fea8284df6576da70b3719" 301 470 471 + [[package]] 472 + name = "elliptic-curve" 473 + version = "0.14.0-rc.29" 474 + source = "registry+https://github.com/rust-lang/crates.io-index" 475 + checksum = "e84043d573efd4ac9d2d125817979a379204bf7e328b25a4a30487e8d100e618" 476 + dependencies = [ 477 + "base16ct", 478 + "crypto-bigint", 479 + "crypto-common 0.2.1", 480 + "digest 0.11.2", 481 + "hkdf", 482 + "hybrid-array", 483 + "rand_core", 484 + "rustcrypto-ff", 485 + "rustcrypto-group", 486 + "sec1", 487 + "subtle", 488 + "zeroize", 489 + ] 490 + 302 491 [[package]] 303 492 name = "embassy-net" 304 493 version = "0.7.1" ··· 338 527 339 528 [[package]] 340 529 name = "embassy-time" 341 - version = "0.5.0" 530 + version = "0.5.1" 342 531 source = "registry+https://github.com/rust-lang/crates.io-index" 343 - checksum = "f4fa65b9284d974dad7a23bb72835c4ec85c0b540d86af7fc4098c88cff51d65" 532 + checksum = "592b0c143ec626e821d4d90da51a2bd91d559d6c442b7c74a47d368c9e23d97a" 344 533 dependencies = [ 345 534 "cfg-if", 346 535 "critical-section", ··· 355 544 356 545 [[package]] 357 546 name = "embassy-time-driver" 358 - version = "0.2.1" 547 + version = "0.2.2" 359 548 source = "registry+https://github.com/rust-lang/crates.io-index" 360 - checksum = "a0a244c7dc22c8d0289379c8d8830cae06bb93d8f990194d0de5efb3b5ae7ba6" 549 + checksum = "6ee71af1b3a0deaa53eaf2d39252f83504c853646e472400b763060389b9fcc9" 361 550 dependencies = [ 362 551 "document-features", 363 552 ] ··· 521 710 "cfg-if", 522 711 "libc", 523 712 "r-efi", 713 + "rand_core", 524 714 "wasip2", 525 715 "wasip3", 526 716 ] ··· 609 799 source = "registry+https://github.com/rust-lang/crates.io-index" 610 800 checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" 611 801 802 + [[package]] 803 + name = "hkdf" 804 + version = "0.13.0-rc.5" 805 + source = "registry+https://github.com/rust-lang/crates.io-index" 806 + checksum = "cbb55385998ae66b8d2d5143c05c94b9025ab863966f0c94ce7a5fde30105092" 807 + dependencies = [ 808 + "hmac", 809 + ] 810 + 811 + [[package]] 812 + name = "hmac" 813 + version = "0.13.0-rc.6" 814 + source = "registry+https://github.com/rust-lang/crates.io-index" 815 + checksum = "60017b071c523c9e5a55dd1253582bff6150c5e96a7e8511e419de1ab5ee97f9" 816 + dependencies = [ 817 + "digest 0.11.2", 818 + ] 819 + 612 820 [[package]] 613 821 name = "home" 614 822 version = "0.5.12" ··· 618 826 "windows-sys 0.61.2", 619 827 ] 620 828 829 + [[package]] 830 + name = "hybrid-array" 831 + version = "0.4.8" 832 + source = "registry+https://github.com/rust-lang/crates.io-index" 833 + checksum = "8655f91cd07f2b9d0c24137bd650fe69617773435ee5ec83022377777ce65ef1" 834 + dependencies = [ 835 + "subtle", 836 + "typenum", 837 + "zeroize", 838 + ] 839 + 621 840 [[package]] 622 841 name = "i2cdev" 623 842 version = "0.6.2" ··· 654 873 "serde_core", 655 874 ] 656 875 876 + [[package]] 877 + name = "inout" 878 + version = "0.2.2" 879 + source = "registry+https://github.com/rust-lang/crates.io-index" 880 + checksum = "4250ce6452e92010fdf7268ccc5d14faa80bb12fc741938534c58f16804e03c7" 881 + dependencies = [ 882 + "hybrid-array", 883 + ] 884 + 657 885 [[package]] 658 886 name = "io-kit-sys" 659 887 version = "0.4.1" ··· 681 909 682 910 [[package]] 683 911 name = "itoa" 684 - version = "1.0.17" 912 + version = "1.0.18" 685 913 source = "registry+https://github.com/rust-lang/crates.io-index" 686 - checksum = "92ecc6618181def0457392ccd0ee51198e065e016d1d527a7ac1b6dc7c1f09d2" 914 + checksum = "8f42a60cbdf9a97f5d2305f08a87dc4e09308d1276d28c869c684d7777685682" 687 915 688 916 [[package]] 689 917 name = "jiff" ··· 707 935 "syn", 708 936 ] 709 937 938 + [[package]] 939 + name = "k256" 940 + version = "0.14.0-rc.8" 941 + source = "registry+https://github.com/rust-lang/crates.io-index" 942 + checksum = "f7d2c6c227649d5ec80eaae541f1736232641a0bcdb3062a52b34edb42054158" 943 + dependencies = [ 944 + "cpubits", 945 + "ecdsa", 946 + "elliptic-curve", 947 + ] 948 + 949 + [[package]] 950 + name = "kem" 951 + version = "0.3.0-rc.6" 952 + source = "registry+https://github.com/rust-lang/crates.io-index" 953 + checksum = "e3ae2c3347ff4a7af4f679a9e397c2c7e6034a00b773dd2dd3c001d7f40897c9" 954 + dependencies = [ 955 + "crypto-common 0.2.1", 956 + "rand_core", 957 + ] 958 + 710 959 [[package]] 711 960 name = "leb128fmt" 712 961 version = "0.1.0" ··· 715 964 716 965 [[package]] 717 966 name = "libc" 718 - version = "0.2.182" 967 + version = "0.2.183" 719 968 source = "registry+https://github.com/rust-lang/crates.io-index" 720 - checksum = "6800badb6cb2082ffd7b6a67e6125bb39f18782f793520caee8cb8846be06112" 969 + checksum = "b5b646652bf6661599e1da8901b3b9522896f01e736bad5f723fe7a3a27f899d" 721 970 722 971 [[package]] 723 972 name = "libm" ··· 949 1198 950 1199 [[package]] 951 1200 name = "once_cell" 952 - version = "1.21.3" 1201 + version = "1.21.4" 953 1202 source = "registry+https://github.com/rust-lang/crates.io-index" 954 - checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" 1203 + checksum = "9f7c3e4beb33f85d45ae3e3a1792185706c8e16d043238c593331cc7cd313b50" 955 1204 956 1205 [[package]] 957 1206 name = "owo-colors" ··· 999 1248 checksum = "89815c69d36021a140146f26659a81d6c2afa33d216d736dd4be5381a7362220" 1000 1249 dependencies = [ 1001 1250 "pest", 1002 - "sha2", 1251 + "sha2 0.10.9", 1003 1252 ] 1004 1253 1005 1254 [[package]] ··· 1019 1268 source = "registry+https://github.com/rust-lang/crates.io-index" 1020 1269 checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" 1021 1270 1271 + [[package]] 1272 + name = "poly1305" 1273 + version = "0.9.0-rc.6" 1274 + source = "registry+https://github.com/rust-lang/crates.io-index" 1275 + checksum = "19feddcbdf17fad33f40041c7f9e768faf19455f32a6d52ba1b8b65ffc7b1cae" 1276 + dependencies = [ 1277 + "cpufeatures 0.3.0", 1278 + "universal-hash", 1279 + ] 1280 + 1022 1281 [[package]] 1023 1282 name = "portable-atomic" 1024 1283 version = "1.13.1" ··· 1027 1286 1028 1287 [[package]] 1029 1288 name = "portable-atomic-util" 1030 - version = "0.2.5" 1289 + version = "0.2.6" 1031 1290 source = "registry+https://github.com/rust-lang/crates.io-index" 1032 - checksum = "7a9db96d7fa8782dd8c15ce32ffe8680bbd1e978a43bf51a34d39483540495f5" 1291 + checksum = "091397be61a01d4be58e7841595bd4bfedb15f1cd54977d79b8271e94ed799a3" 1033 1292 dependencies = [ 1034 1293 "portable-atomic", 1035 1294 ] ··· 1177 1436 source = "registry+https://github.com/rust-lang/crates.io-index" 1178 1437 checksum = "f8dcc9c7d52a811697d2151c701e0d08956f92b0e24136cf4cf27b57a6a0d9bf" 1179 1438 1439 + [[package]] 1440 + name = "rand_core" 1441 + version = "0.10.0" 1442 + source = "registry+https://github.com/rust-lang/crates.io-index" 1443 + checksum = "0c8d0fd677905edcbeedbf2edb6494d676f0e98d54d5cf9bda0b061cb8fb8aba" 1444 + 1180 1445 [[package]] 1181 1446 name = "regex" 1182 1447 version = "1.12.3" ··· 1212 1477 source = "registry+https://github.com/rust-lang/crates.io-index" 1213 1478 checksum = "b50b8869d9fc858ce7266cce0194bd74df58b9d0e3f6df3a9fc8eb470d95c09d" 1214 1479 1480 + [[package]] 1481 + name = "rustcrypto-ff" 1482 + version = "0.14.0-rc.0" 1483 + source = "registry+https://github.com/rust-lang/crates.io-index" 1484 + checksum = "c5db129183b2c139d7d87d08be57cba626c715789db17aec65c8866bfd767d1f" 1485 + dependencies = [ 1486 + "rand_core", 1487 + "subtle", 1488 + ] 1489 + 1490 + [[package]] 1491 + name = "rustcrypto-group" 1492 + version = "0.14.0-rc.0" 1493 + source = "registry+https://github.com/rust-lang/crates.io-index" 1494 + checksum = "57c4b1463f274a3ff6fb2f44da43e576cb9424367bd96f185ead87b52fe00523" 1495 + dependencies = [ 1496 + "rand_core", 1497 + "rustcrypto-ff", 1498 + "subtle", 1499 + ] 1500 + 1215 1501 [[package]] 1216 1502 name = "rustix" 1217 1503 version = "0.38.44" ··· 1260 1546 "toml_edit", 1261 1547 ] 1262 1548 1549 + [[package]] 1550 + name = "sachy-crypto" 1551 + version = "0.1.0" 1552 + dependencies = [ 1553 + "chacha20poly1305", 1554 + "dhkem", 1555 + "elliptic-curve", 1556 + "k256", 1557 + "sha2 0.11.0-rc.5", 1558 + ] 1559 + 1263 1560 [[package]] 1264 1561 name = "sachy-esphome" 1265 1562 version = "0.1.0" ··· 1299 1596 "defmt 1.0.1", 1300 1597 "embassy-time", 1301 1598 "sachy-fmt", 1302 - "winnow", 1599 + "winnow 0.7.15", 1303 1600 ] 1304 1601 1305 1602 [[package]] ··· 1330 1627 source = "registry+https://github.com/rust-lang/crates.io-index" 1331 1628 checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" 1332 1629 1630 + [[package]] 1631 + name = "sec1" 1632 + version = "0.8.0" 1633 + source = "registry+https://github.com/rust-lang/crates.io-index" 1634 + checksum = "f46b9a5ab87780a3189a1d704766579517a04ad59de653b7aad7d38e8a15f7dc" 1635 + dependencies = [ 1636 + "base16ct", 1637 + "ctutils", 1638 + "der", 1639 + "hybrid-array", 1640 + "subtle", 1641 + "zeroize", 1642 + ] 1643 + 1333 1644 [[package]] 1334 1645 name = "semver" 1335 1646 version = "1.0.27" ··· 1381 1692 1382 1693 [[package]] 1383 1694 name = "serialport" 1384 - version = "4.7.3" 1695 + version = "4.9.0" 1385 1696 source = "registry+https://github.com/rust-lang/crates.io-index" 1386 - checksum = "2acaf3f973e8616d7ceac415f53fc60e190b2a686fbcf8d27d0256c741c5007b" 1697 + checksum = "a4d91116f97173694f1642263b2ff837f80d933aa837e2314969f6728f661df3" 1387 1698 dependencies = [ 1388 1699 "bitflags 2.11.0", 1389 1700 "cfg-if", ··· 1394 1705 "nix 0.26.4", 1395 1706 "scopeguard", 1396 1707 "unescaper", 1397 - "winapi", 1708 + "windows-sys 0.52.0", 1398 1709 ] 1399 1710 1400 1711 [[package]] ··· 1404 1715 checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283" 1405 1716 dependencies = [ 1406 1717 "cfg-if", 1407 - "cpufeatures", 1408 - "digest", 1718 + "cpufeatures 0.2.17", 1719 + "digest 0.10.7", 1720 + ] 1721 + 1722 + [[package]] 1723 + name = "sha2" 1724 + version = "0.11.0-rc.5" 1725 + source = "registry+https://github.com/rust-lang/crates.io-index" 1726 + checksum = "7c5f3b1e2dc8aad28310d8410bd4d7e180eca65fca176c52ab00d364475d0024" 1727 + dependencies = [ 1728 + "cfg-if", 1729 + "cpufeatures 0.2.17", 1730 + "digest 0.11.2", 1409 1731 ] 1410 1732 1411 1733 [[package]] ··· 1414 1736 source = "registry+https://github.com/rust-lang/crates.io-index" 1415 1737 checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" 1416 1738 1739 + [[package]] 1740 + name = "signature" 1741 + version = "3.0.0-rc.10" 1742 + source = "registry+https://github.com/rust-lang/crates.io-index" 1743 + checksum = "7f1880df446116126965eeec169136b2e0251dba37c6223bcc819569550edea3" 1744 + dependencies = [ 1745 + "rand_core", 1746 + ] 1747 + 1417 1748 [[package]] 1418 1749 name = "smoltcp" 1419 1750 version = "0.12.0" ··· 1450 1781 source = "registry+https://github.com/rust-lang/crates.io-index" 1451 1782 checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" 1452 1783 1784 + [[package]] 1785 + name = "subtle" 1786 + version = "2.6.1" 1787 + source = "registry+https://github.com/rust-lang/crates.io-index" 1788 + checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292" 1789 + 1453 1790 [[package]] 1454 1791 name = "supports-color" 1455 1792 version = "3.0.2" ··· 1493 1830 1494 1831 [[package]] 1495 1832 name = "tempfile" 1496 - version = "3.26.0" 1833 + version = "3.27.0" 1497 1834 source = "registry+https://github.com/rust-lang/crates.io-index" 1498 - checksum = "82a72c767771b47409d2345987fda8628641887d5466101319899796367354a0" 1835 + checksum = "32497e9a4c7b38532efcdebeef879707aa9f794296a4f0244f6f69e9bc8574bd" 1499 1836 dependencies = [ 1500 1837 "fastrand", 1501 1838 "getrandom", ··· 1506 1843 1507 1844 [[package]] 1508 1845 name = "terminal_size" 1509 - version = "0.4.3" 1846 + version = "0.4.4" 1510 1847 source = "registry+https://github.com/rust-lang/crates.io-index" 1511 - checksum = "60b8cb979cb11c32ce1603f8137b22262a9d131aaa5c37b5678025f22b8becd0" 1848 + checksum = "230a1b821ccbd75b185820a1f1ff7b14d21da1e442e22c0863ea5f08771a8874" 1512 1849 dependencies = [ 1513 1850 "rustix 1.1.4", 1514 - "windows-sys 0.60.2", 1851 + "windows-sys 0.61.2", 1515 1852 ] 1516 1853 1517 1854 [[package]] ··· 1566 1903 1567 1904 [[package]] 1568 1905 name = "toml_datetime" 1569 - version = "1.0.0+spec-1.1.0" 1906 + version = "1.1.0+spec-1.1.0" 1570 1907 source = "registry+https://github.com/rust-lang/crates.io-index" 1571 - checksum = "32c2555c699578a4f59f0cc68e5116c8d7cabbd45e1409b989d4be085b53f13e" 1908 + checksum = "97251a7c317e03ad83774a8752a7e81fb6067740609f75ea2b585b569a59198f" 1572 1909 dependencies = [ 1573 1910 "serde_core", 1574 1911 ] 1575 1912 1576 1913 [[package]] 1577 1914 name = "toml_edit" 1578 - version = "0.25.4+spec-1.1.0" 1915 + version = "0.25.8+spec-1.1.0" 1579 1916 source = "registry+https://github.com/rust-lang/crates.io-index" 1580 - checksum = "7193cbd0ce53dc966037f54351dbbcf0d5a642c7f0038c382ef9e677ce8c13f2" 1917 + checksum = "16bff38f1d86c47f9ff0647e6838d7bb362522bdf44006c7068c2b1e606f1f3c" 1581 1918 dependencies = [ 1582 1919 "indexmap", 1583 1920 "toml_datetime", 1584 1921 "toml_parser", 1585 1922 "toml_writer", 1586 - "winnow", 1923 + "winnow 1.0.0", 1587 1924 ] 1588 1925 1589 1926 [[package]] 1590 1927 name = "toml_parser" 1591 - version = "1.0.9+spec-1.1.0" 1928 + version = "1.1.0+spec-1.1.0" 1592 1929 source = "registry+https://github.com/rust-lang/crates.io-index" 1593 - checksum = "702d4415e08923e7e1ef96cd5727c0dfed80b4d2fa25db9647fe5eb6f7c5a4c4" 1930 + checksum = "2334f11ee363607eb04df9b8fc8a13ca1715a72ba8662a26ac285c98aabb4011" 1594 1931 dependencies = [ 1595 - "winnow", 1932 + "winnow 1.0.0", 1596 1933 ] 1597 1934 1598 1935 [[package]] 1599 1936 name = "toml_writer" 1600 - version = "1.0.6+spec-1.1.0" 1937 + version = "1.1.0+spec-1.1.0" 1601 1938 source = "registry+https://github.com/rust-lang/crates.io-index" 1602 - checksum = "ab16f14aed21ee8bfd8ec22513f7287cd4a91aa92e44edfe2c17ddd004e92607" 1939 + checksum = "d282ade6016312faf3e41e57ebbba0c073e4056dab1232ab1cb624199648f8ed" 1603 1940 1604 1941 [[package]] 1605 1942 name = "typenum" ··· 1652 1989 source = "registry+https://github.com/rust-lang/crates.io-index" 1653 1990 checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853" 1654 1991 1992 + [[package]] 1993 + name = "universal-hash" 1994 + version = "0.6.1" 1995 + source = "registry+https://github.com/rust-lang/crates.io-index" 1996 + checksum = "f4987bdc12753382e0bec4a65c50738ffaabc998b9cdd1f952fb5f39b0048a96" 1997 + dependencies = [ 1998 + "crypto-common 0.2.1", 1999 + "ctutils", 2000 + ] 2001 + 1655 2002 [[package]] 1656 2003 name = "version_check" 1657 2004 version = "0.9.5" ··· 1728 2075 "rustix 0.38.44", 1729 2076 ] 1730 2077 1731 - [[package]] 1732 - name = "winapi" 1733 - version = "0.3.9" 1734 - source = "registry+https://github.com/rust-lang/crates.io-index" 1735 - checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" 1736 - dependencies = [ 1737 - "winapi-i686-pc-windows-gnu", 1738 - "winapi-x86_64-pc-windows-gnu", 1739 - ] 1740 - 1741 - [[package]] 1742 - name = "winapi-i686-pc-windows-gnu" 1743 - version = "0.4.0" 1744 - source = "registry+https://github.com/rust-lang/crates.io-index" 1745 - checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" 1746 - 1747 - [[package]] 1748 - name = "winapi-x86_64-pc-windows-gnu" 1749 - version = "0.4.0" 1750 - source = "registry+https://github.com/rust-lang/crates.io-index" 1751 - checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" 1752 - 1753 2078 [[package]] 1754 2079 name = "windows-link" 1755 2080 version = "0.2.1" ··· 1758 2083 1759 2084 [[package]] 1760 2085 name = "windows-sys" 1761 - version = "0.59.0" 2086 + version = "0.52.0" 1762 2087 source = "registry+https://github.com/rust-lang/crates.io-index" 1763 - checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" 2088 + checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" 1764 2089 dependencies = [ 1765 - "windows-targets 0.52.6", 2090 + "windows-targets", 1766 2091 ] 1767 2092 1768 2093 [[package]] 1769 2094 name = "windows-sys" 1770 - version = "0.60.2" 2095 + version = "0.59.0" 1771 2096 source = "registry+https://github.com/rust-lang/crates.io-index" 1772 - checksum = "f2f500e4d28234f72040990ec9d39e3a6b950f9f22d3dba18416c35882612bcb" 2097 + checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" 1773 2098 dependencies = [ 1774 - "windows-targets 0.53.5", 2099 + "windows-targets", 1775 2100 ] 1776 2101 1777 2102 [[package]] ··· 1789 2114 source = "registry+https://github.com/rust-lang/crates.io-index" 1790 2115 checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" 1791 2116 dependencies = [ 1792 - "windows_aarch64_gnullvm 0.52.6", 1793 - "windows_aarch64_msvc 0.52.6", 1794 - "windows_i686_gnu 0.52.6", 1795 - "windows_i686_gnullvm 0.52.6", 1796 - "windows_i686_msvc 0.52.6", 1797 - "windows_x86_64_gnu 0.52.6", 1798 - "windows_x86_64_gnullvm 0.52.6", 1799 - "windows_x86_64_msvc 0.52.6", 1800 - ] 1801 - 1802 - [[package]] 1803 - name = "windows-targets" 1804 - version = "0.53.5" 1805 - source = "registry+https://github.com/rust-lang/crates.io-index" 1806 - checksum = "4945f9f551b88e0d65f3db0bc25c33b8acea4d9e41163edf90dcd0b19f9069f3" 1807 - dependencies = [ 1808 - "windows-link", 1809 - "windows_aarch64_gnullvm 0.53.1", 1810 - "windows_aarch64_msvc 0.53.1", 1811 - "windows_i686_gnu 0.53.1", 1812 - "windows_i686_gnullvm 0.53.1", 1813 - "windows_i686_msvc 0.53.1", 1814 - "windows_x86_64_gnu 0.53.1", 1815 - "windows_x86_64_gnullvm 0.53.1", 1816 - "windows_x86_64_msvc 0.53.1", 2117 + "windows_aarch64_gnullvm", 2118 + "windows_aarch64_msvc", 2119 + "windows_i686_gnu", 2120 + "windows_i686_gnullvm", 2121 + "windows_i686_msvc", 2122 + "windows_x86_64_gnu", 2123 + "windows_x86_64_gnullvm", 2124 + "windows_x86_64_msvc", 1817 2125 ] 1818 2126 1819 2127 [[package]] ··· 1822 2130 source = "registry+https://github.com/rust-lang/crates.io-index" 1823 2131 checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" 1824 2132 1825 - [[package]] 1826 - name = "windows_aarch64_gnullvm" 1827 - version = "0.53.1" 1828 - source = "registry+https://github.com/rust-lang/crates.io-index" 1829 - checksum = "a9d8416fa8b42f5c947f8482c43e7d89e73a173cead56d044f6a56104a6d1b53" 1830 - 1831 2133 [[package]] 1832 2134 name = "windows_aarch64_msvc" 1833 2135 version = "0.52.6" 1834 2136 source = "registry+https://github.com/rust-lang/crates.io-index" 1835 2137 checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" 1836 2138 1837 - [[package]] 1838 - name = "windows_aarch64_msvc" 1839 - version = "0.53.1" 1840 - source = "registry+https://github.com/rust-lang/crates.io-index" 1841 - checksum = "b9d782e804c2f632e395708e99a94275910eb9100b2114651e04744e9b125006" 1842 - 1843 2139 [[package]] 1844 2140 name = "windows_i686_gnu" 1845 2141 version = "0.52.6" 1846 2142 source = "registry+https://github.com/rust-lang/crates.io-index" 1847 2143 checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" 1848 2144 1849 - [[package]] 1850 - name = "windows_i686_gnu" 1851 - version = "0.53.1" 1852 - source = "registry+https://github.com/rust-lang/crates.io-index" 1853 - checksum = "960e6da069d81e09becb0ca57a65220ddff016ff2d6af6a223cf372a506593a3" 1854 - 1855 2145 [[package]] 1856 2146 name = "windows_i686_gnullvm" 1857 2147 version = "0.52.6" 1858 2148 source = "registry+https://github.com/rust-lang/crates.io-index" 1859 2149 checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" 1860 2150 1861 - [[package]] 1862 - name = "windows_i686_gnullvm" 1863 - version = "0.53.1" 1864 - source = "registry+https://github.com/rust-lang/crates.io-index" 1865 - checksum = "fa7359d10048f68ab8b09fa71c3daccfb0e9b559aed648a8f95469c27057180c" 1866 - 1867 2151 [[package]] 1868 2152 name = "windows_i686_msvc" 1869 2153 version = "0.52.6" 1870 2154 source = "registry+https://github.com/rust-lang/crates.io-index" 1871 2155 checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" 1872 2156 1873 - [[package]] 1874 - name = "windows_i686_msvc" 1875 - version = "0.53.1" 1876 - source = "registry+https://github.com/rust-lang/crates.io-index" 1877 - checksum = "1e7ac75179f18232fe9c285163565a57ef8d3c89254a30685b57d83a38d326c2" 1878 - 1879 2157 [[package]] 1880 2158 name = "windows_x86_64_gnu" 1881 2159 version = "0.52.6" 1882 2160 source = "registry+https://github.com/rust-lang/crates.io-index" 1883 2161 checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" 1884 2162 1885 - [[package]] 1886 - name = "windows_x86_64_gnu" 1887 - version = "0.53.1" 1888 - source = "registry+https://github.com/rust-lang/crates.io-index" 1889 - checksum = "9c3842cdd74a865a8066ab39c8a7a473c0778a3f29370b5fd6b4b9aa7df4a499" 1890 - 1891 2163 [[package]] 1892 2164 name = "windows_x86_64_gnullvm" 1893 2165 version = "0.52.6" 1894 2166 source = "registry+https://github.com/rust-lang/crates.io-index" 1895 2167 checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" 1896 2168 1897 - [[package]] 1898 - name = "windows_x86_64_gnullvm" 1899 - version = "0.53.1" 1900 - source = "registry+https://github.com/rust-lang/crates.io-index" 1901 - checksum = "0ffa179e2d07eee8ad8f57493436566c7cc30ac536a3379fdf008f47f6bb7ae1" 1902 - 1903 2169 [[package]] 1904 2170 name = "windows_x86_64_msvc" 1905 2171 version = "0.52.6" ··· 1907 2173 checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" 1908 2174 1909 2175 [[package]] 1910 - name = "windows_x86_64_msvc" 1911 - version = "0.53.1" 2176 + name = "winnow" 2177 + version = "0.7.15" 1912 2178 source = "registry+https://github.com/rust-lang/crates.io-index" 1913 - checksum = "d6bbff5f0aada427a1e5a6da5f1f98158182f26556f345ac9e04d36d0ebed650" 2179 + checksum = "df79d97927682d2fd8adb29682d1140b343be4ac0f08fd68b7765d9c059d3945" 1914 2180 1915 2181 [[package]] 1916 2182 name = "winnow" 1917 - version = "0.7.14" 2183 + version = "1.0.0" 1918 2184 source = "registry+https://github.com/rust-lang/crates.io-index" 1919 - checksum = "5a5364e9d77fcdeeaa6062ced926ee3381faa2ee02d3eb83a5c27a8825540829" 2185 + checksum = "a90e88e4667264a994d34e6d1ab2d26d398dcdca8b7f52bec8668957517fc7d8" 1920 2186 dependencies = [ 1921 2187 "memchr", 1922 2188 ] ··· 2009 2275 "wasmparser", 2010 2276 ] 2011 2277 2278 + [[package]] 2279 + name = "zeroize" 2280 + version = "1.8.2" 2281 + source = "registry+https://github.com/rust-lang/crates.io-index" 2282 + checksum = "b97154e67e32c85465826e8bcc1c59429aaaf107c1e4a9e53c8d8ccd5eff88d0" 2283 + 2012 2284 [[package]] 2013 2285 name = "zmij" 2014 2286 version = "1.0.21"

Cargo.toml

··· 4 4 "sachy-battery", 5 5 "sachy-bthome", 6 6 "sachy-config", 7 + "sachy-crypto", 7 8 "sachy-esphome", 8 9 "sachy-fmt", 9 10 "sachy-fnv", ··· 26 27 embassy-sync = { version = "0.7" } 27 28 embassy-net = { version = "0.7" } 28 29 defmt = { version = "1" } 30 + 31 + [patch.crates-io] 32 + dhkem = { git = "https://github.com/RustCrypto/KEMs", rev = "2d277162e0c5ed1c53bb315d0c0dace394cba70a" }

+15

sachy-crypto/Cargo.toml

··· 1 + [package] 2 + name = "sachy-crypto" 3 + authors.workspace = true 4 + edition.workspace = true 5 + repository.workspace = true 6 + license.workspace = true 7 + version.workspace = true 8 + rust-version.workspace = true 9 + 10 + [dependencies] 11 + chacha20poly1305 = { version = "=0.11.0-rc.3", default-features = false, features = ["getrandom", "alloc"] } 12 + k256 = { version = "=0.14.0-rc.8", default-features = false, features = ["ecdh", "getrandom"] } 13 + sha2 = { version = "=0.11.0-rc.5", default-features = false, features = [] } 14 + dhkem = { version = "0.1.0-rc.0", features = ["getrandom", "k256"] } 15 + elliptic-curve = { version = "0.14.0-rc.28", default-features = false, features = ["ecdh"] }

sachy-crypto/README.md

··· 1 + # Sachy's Crypto 2 + 3 + A custom rolled encryption scheme that more or less implements HPKE. 4 + 5 + ☢️ **WARNING: DO NOT USE IN PRODUCTION. THIS CRATE IS FOR LEARNING/PERSONAL USAGE. AAAAAAAAAA** ☢️

+430

sachy-crypto/src/lib.rs

··· 1 + #![no_std] 2 + 3 + use core::ops::{AddAssign, BitXor}; 4 + 5 + use chacha20poly1305::{ 6 + AeadInOut, ChaCha20Poly1305, KeyInit, 7 + aead::{self, Buffer}, 8 + }; 9 + use dhkem::{ 10 + Encapsulate, Kem, Secp256k1DecapsulationKey, Secp256k1EncapsulationKey, Secp256k1Kem, 11 + TryDecapsulate, 12 + kem::{Ciphertext, SharedKey}, 13 + }; 14 + use elliptic_curve::sec1::{FromSec1Point, ToSec1Point}; 15 + use k256::{Sec1Point, ecdh::SharedSecret, elliptic_curve::subtle::ConstantTimeEq}; 16 + 17 + extern crate alloc; 18 + 19 + /// Error type. 20 + /// 21 + /// This type is deliberately opaque as to avoid potential side-channel 22 + /// leakage (e.g. padding oracle). 23 + #[derive(Clone, Copy, Debug, Eq, Hash, Ord, PartialEq, PartialOrd)] 24 + pub struct ProtoError; 25 + 26 + impl core::fmt::Display for ProtoError { 27 + fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result { 28 + f.write_str("ProtoError") 29 + } 30 + } 31 + 32 + impl core::error::Error for ProtoError {} 33 + 34 + impl From<chacha20poly1305::Error> for ProtoError { 35 + fn from(_value: chacha20poly1305::Error) -> Self { 36 + Self 37 + } 38 + } 39 + 40 + pub struct ClientHandshake(Secp256k1DecapsulationKey); 41 + 42 + pub struct EncapsulatedPublicKey(Secp256k1EncapsulationKey); 43 + 44 + #[derive(Debug, PartialEq, Eq, Clone, Copy)] 45 + pub enum Role { 46 + Client, 47 + Server, 48 + } 49 + 50 + impl From<Role> for u8 { 51 + fn from(value: Role) -> Self { 52 + match value { 53 + Role::Client => 0, 54 + Role::Server => 1, 55 + } 56 + } 57 + } 58 + 59 + impl BitXor for Role { 60 + type Output = u8; 61 + 62 + fn bitxor(self, rhs: Self) -> u8 { 63 + u8::from(self) ^ u8::from(rhs) 64 + } 65 + } 66 + 67 + impl EncapsulatedPublicKey { 68 + pub fn serialize(&self) -> Sec1Point { 69 + self.0.to_sec1_point(true) 70 + } 71 + 72 + pub fn deserialize(buf: &[u8]) -> Result<Self, ProtoError> { 73 + Ok(Self( 74 + Secp256k1EncapsulationKey::from_sec1_bytes(buf).map_err(|_| ProtoError)?, 75 + )) 76 + } 77 + 78 + pub fn encapsulate(&self) -> (Ciphertext<Secp256k1Kem>, SharedKey<Secp256k1Kem>) { 79 + self.0.encapsulate() 80 + } 81 + } 82 + 83 + impl ClientHandshake { 84 + pub fn send() -> (EncapsulatedPublicKey, Self) { 85 + let (decap, encap) = Secp256k1Kem::generate_keypair(); 86 + 87 + (EncapsulatedPublicKey(encap), Self(decap)) 88 + } 89 + 90 + pub fn finish(self, ciphertext: &[u8], psk: &[u8; 32]) -> Result<TransportState, ProtoError> { 91 + let shared = self 92 + .0 93 + .try_decapsulate_slice(ciphertext) 94 + .map_err(|_| ProtoError)?; 95 + 96 + TransportState::init(psk, shared, Role::Client) 97 + } 98 + } 99 + 100 + pub struct ServerHandshake(SharedKey<Secp256k1Kem>); 101 + 102 + impl ServerHandshake { 103 + pub fn receive(buf: &[u8]) -> Result<(Ciphertext<Secp256k1Kem>, Self), ProtoError> { 104 + let encap = EncapsulatedPublicKey::deserialize(buf)?; 105 + 106 + let (ciphertext, sk) = encap.encapsulate(); 107 + 108 + Ok((ciphertext, Self(sk))) 109 + } 110 + 111 + pub fn finish(self, psk: &[u8; 32]) -> Result<TransportState, ProtoError> { 112 + TransportState::init(psk, self.0, Role::Server) 113 + } 114 + } 115 + 116 + /// Low-level Transport implementation. 117 + /// 118 + /// This trait provides a particular "flavor" of transport, as there are 119 + /// different ways the specifics of the construction can be implemented. 120 + pub trait TransportPrimitive<A> 121 + where 122 + A: AeadInOut, 123 + { 124 + /// Type used as the Trasnport counter. 125 + type Counter: AddAssign + Copy + Default + Eq; 126 + 127 + /// Value to use when incrementing the Transport counter (i.e. one) 128 + const COUNTER_INCR: Self::Counter; 129 + 130 + /// Maximum number of messages allowed to be sent via Transport 131 + const COUNTER_MAX: Self::Counter; 132 + 133 + /// Encrypt an AEAD message in-place at the given position in the Transport. 134 + fn encrypt_in_place( 135 + &self, 136 + nonce: &aead::Nonce<A>, 137 + associated_data: &[u8], 138 + buffer: &mut dyn Buffer, 139 + ) -> Result<(), ProtoError>; 140 + 141 + /// Decrypt an AEAD message in-place at the given position in the Transport. 142 + fn decrypt_in_place( 143 + &self, 144 + nonce: &aead::Nonce<A>, 145 + associated_data: &[u8], 146 + buffer: &mut dyn Buffer, 147 + ) -> Result<(), ProtoError>; 148 + } 149 + 150 + pub struct SendingState<'a> { 151 + transport: &'a TransportState, 152 + counter: u64, 153 + } 154 + 155 + impl SendingState<'_> { 156 + pub fn encrypt(&mut self, msg: &mut alloc::vec::Vec<u8>) -> Result<(), ProtoError> { 157 + let counter = self.counter.to_be_bytes(); 158 + 159 + self.transport.encrypt_in_place( 160 + &self.transport.mix_nonce(&counter, Role::Client), 161 + &counter, 162 + msg, 163 + )?; 164 + 165 + self.counter = self.counter.wrapping_add(TransportState::COUNTER_INCR); 166 + 167 + // If we wrapped around and equal the finish value, we have maxed out the amount of 168 + // messages we can send. 169 + if self.counter.ct_eq(&TransportState::COUNTER_MAX).into() { 170 + Err(ProtoError) 171 + } else { 172 + Ok(()) 173 + } 174 + } 175 + } 176 + 177 + pub struct ReceivingState<'a> { 178 + transport: &'a TransportState, 179 + counter: u64, 180 + } 181 + 182 + impl ReceivingState<'_> { 183 + pub fn decrypt(&mut self, msg: &mut alloc::vec::Vec<u8>) -> Result<(), ProtoError> { 184 + let counter = self.counter.to_be_bytes(); 185 + 186 + self.transport.decrypt_in_place( 187 + &self.transport.mix_nonce(&counter, Role::Server), 188 + &counter, 189 + msg, 190 + )?; 191 + 192 + self.counter = self.counter.wrapping_add(TransportState::COUNTER_INCR); 193 + 194 + // If we wrapped around and equal the finish value, we have maxed out the amount of 195 + // messages we can send. 196 + if self.counter.ct_eq(&TransportState::COUNTER_MAX).into() { 197 + Err(ProtoError) 198 + } else { 199 + Ok(()) 200 + } 201 + } 202 + } 203 + 204 + impl TransportPrimitive<ChaCha20Poly1305> for TransportState { 205 + type Counter = u64; 206 + 207 + const COUNTER_INCR: Self::Counter = 1; 208 + 209 + const COUNTER_MAX: Self::Counter = u64::MAX; 210 + 211 + fn encrypt_in_place( 212 + &self, 213 + epstein: &aead::Nonce<ChaCha20Poly1305>, 214 + associated_data: &[u8], 215 + buffer: &mut dyn Buffer, 216 + ) -> Result<(), ProtoError> { 217 + self.aead 218 + .encrypt_in_place(epstein, associated_data, buffer)?; 219 + Ok(()) 220 + } 221 + 222 + fn decrypt_in_place( 223 + &self, 224 + epstein: &aead::Nonce<ChaCha20Poly1305>, 225 + associated_data: &[u8], 226 + buffer: &mut dyn Buffer, 227 + ) -> Result<(), ProtoError> { 228 + self.aead 229 + .decrypt_in_place(epstein, associated_data, buffer)?; 230 + Ok(()) 231 + } 232 + } 233 + 234 + #[repr(align(4))] 235 + pub struct TransportState { 236 + aead: ChaCha20Poly1305, 237 + first: aead::Nonce<ChaCha20Poly1305>, 238 + second: aead::Nonce<ChaCha20Poly1305>, 239 + role: Role, 240 + } 241 + 242 + impl TransportState { 243 + pub fn init( 244 + psk: &[u8; 32], 245 + shared: impl Into<SharedSecret>, 246 + role: Role, 247 + ) -> Result<Self, ProtoError> { 248 + let noncer = shared.into(); 249 + let kdf = noncer.extract::<sha2::Sha256>(Some(psk)); 250 + 251 + let mut key = [0u8; 32]; 252 + 253 + let mut first = aead::Nonce::<ChaCha20Poly1305>::default(); 254 + let mut second = aead::Nonce::<ChaCha20Poly1305>::default(); 255 + 256 + kdf.expand(b"SachY-Crypt0", &mut key) 257 + .map_err(|_| ProtoError)?; 258 + 259 + kdf.expand(b"N*nceOne", &mut first) 260 + .map_err(|_| ProtoError)?; 261 + kdf.expand(b"N#nceTwo", &mut second) 262 + .map_err(|_| ProtoError)?; 263 + 264 + Ok(Self { 265 + aead: ChaCha20Poly1305::new(&key.into()), 266 + first, 267 + second, 268 + role, 269 + }) 270 + } 271 + 272 + pub fn split(&self) -> (SendingState<'_>, ReceivingState<'_>) { 273 + ( 274 + SendingState { 275 + transport: self, 276 + counter: 0, 277 + }, 278 + ReceivingState { 279 + transport: self, 280 + counter: 0, 281 + }, 282 + ) 283 + } 284 + 285 + fn mix_nonce(&self, position: &[u8; 8], send: Role) -> aead::Nonce<ChaCha20Poly1305> { 286 + let mut trump = aead::Nonce::<ChaCha20Poly1305>::default(); 287 + 288 + let context_select = self.role ^ send; 289 + 290 + // Role switch allows toggling which nonce to use for encrypting/decrypting 291 + // Callee ROLE XOR Transport ROLE selects either one or other nonce context, 292 + // (0) for first context, (1) for second context 293 + // Sending: Client ^ Client = 0 (select first) 294 + // Receiving: Server ^ Server = 0 (select first) 295 + // Sending: Server ^ Client = 1 (select second) 296 + // Receiving: Client ^ Server = 1 (select second) 297 + let epstein = if context_select.ct_eq(&0).into() { 298 + &self.first 299 + } else { 300 + &self.second 301 + }; 302 + 303 + let (head, tail) = trump.split_at_mut(position.len()); 304 + let (first, second) = epstein.split_at(position.len()); 305 + 306 + // XOR the base nonce with position bytes, copying them to the output nonce 307 + head.iter_mut() 308 + .zip(first) 309 + .zip(position) 310 + .for_each(|((head, ep), pos)| *head = ep ^ pos); 311 + 312 + // Copy rest of base nonce into output nonce 313 + tail.iter_mut() 314 + .zip(second) 315 + .for_each(|(tail, ep)| *tail = *ep); 316 + 317 + trump 318 + } 319 + } 320 + 321 + #[cfg(test)] 322 + mod tests { 323 + use alloc::vec; 324 + use dhkem::Generate; 325 + use elliptic_curve::array::Array; 326 + 327 + use super::*; 328 + 329 + #[test] 330 + fn handshake_protocol_works() -> Result<(), ProtoError> { 331 + let psk: [u8; 32] = [ 332 + 31, 48, 29, 177, 88, 236, 186, 84, 65, 51, 214, 243, 174, 24, 45, 101, 229, 129, 62, 333 + 132, 45, 174, 183, 65, 89, 73, 107, 177, 77, 90, 164, 251, 334 + ]; 335 + 336 + let (ek, client) = ClientHandshake::send(); 337 + 338 + // Pretend to send ek across the webz: client -> server 339 + let (ciphertext, server) = ServerHandshake::receive(ek.serialize().as_bytes())?; 340 + 341 + // Pretend to send ciphertext across the webz: server -> client 342 + let alice = client.finish(&ciphertext, &psk)?; 343 + let bob = server.finish(&psk)?; 344 + 345 + let nonce = aead::Nonce::<ChaCha20Poly1305>::generate(); 346 + 347 + let mut buffer1 = vec![0u8; 64]; 348 + let mut buffer2 = vec![0u8; 64]; 349 + 350 + // Using the same nonce to check that the internal AEAD states match. Normally, client/server 351 + // would work with unique derived nonces, because nonce reuse is BAD 352 + alice.aead.encrypt_in_place(&nonce, &[], &mut buffer1)?; 353 + bob.aead.encrypt_in_place(&nonce, &[], &mut buffer2)?; 354 + 355 + // If the nonces match, then we can assume the rest of the internal state is the same too 356 + // so the outputs should match each other 357 + assert_eq!(&buffer1, &buffer2); 358 + 359 + // Both Transports have derived base nonces for each context. 360 + // First context nonces will not match Second context nonces. 361 + assert_eq!(alice.first, bob.first); 362 + assert_eq!(alice.second, bob.second); 363 + assert_ne!(alice.first, alice.second); 364 + assert_ne!(bob.first, bob.second); 365 + 366 + Ok(()) 367 + } 368 + 369 + #[test] 370 + fn two_way_transport_sync_works() -> Result<(), ProtoError> { 371 + let shared_secret = [ 372 + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 373 + 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 374 + 0x9c, 0x9d, 0x9e, 0x9f, 375 + ]; 376 + 377 + let psk: [u8; 32] = [ 378 + 31, 48, 29, 177, 88, 236, 186, 84, 65, 51, 214, 243, 174, 24, 45, 101, 229, 129, 62, 379 + 132, 45, 174, 183, 65, 89, 73, 107, 177, 77, 90, 164, 251, 380 + ]; 381 + 382 + let alice = TransportState::init(&psk, Array(shared_secret), Role::Client)?; 383 + let bob = TransportState::init(&psk, Array(shared_secret), Role::Server)?; 384 + 385 + let (mut alice_send, mut alice_recv) = alice.split(); 386 + let (mut bob_send, mut bob_recv) = bob.split(); 387 + 388 + let orig = b"Test Message, Please ignore."; 389 + 390 + let mut msg = orig.to_vec(); 391 + 392 + // a -> b 393 + alice_send.encrypt(&mut msg)?; 394 + 395 + assert_ne!(orig.as_slice(), msg.as_slice()); 396 + let ct1 = msg.clone(); 397 + 398 + bob_recv.decrypt(&mut msg)?; 399 + 400 + // a -> b 401 + alice_send.encrypt(&mut msg)?; 402 + 403 + assert_ne!(msg.as_slice(), ct1.as_slice()); 404 + let ct2 = msg.clone(); 405 + 406 + bob_recv.decrypt(&mut msg)?; 407 + 408 + // b -> a 409 + bob_send.encrypt(&mut msg)?; 410 + 411 + // None of the ciphertexts should match each other 412 + assert_ne!(msg.as_slice(), ct1.as_slice()); 413 + assert_ne!(msg.as_slice(), ct2.as_slice()); 414 + assert_ne!(ct1.as_slice(), ct2.as_slice()); 415 + 416 + alice_recv.decrypt(&mut msg)?; 417 + 418 + assert_eq!(orig.as_slice(), msg.as_slice()); 419 + 420 + // Counters are tracked from sender to receiver 421 + assert_eq!(alice_send.counter, bob_recv.counter); 422 + assert_eq!(bob_send.counter, alice_recv.counter); 423 + 424 + // Counters are not linked on the same side 425 + assert_ne!(alice_send.counter, alice_recv.counter); 426 + assert_ne!(bob_send.counter, bob_recv.counter); 427 + 428 + Ok(()) 429 + } 430 + }

History

18 rounds 0 comments

sachy.dev submitted #17 2hrs

interdiff

1 commit

expand

c7adc8d5

Sachy's crypto scheme lmao

2/2 success

expand