Sachy's crypto scheme lmao #13

+47 -32

4 changed files

Interdiff #7 → #8

expand all

Cargo.lock

Cargo.toml

sachy-crypto

Cargo.toml

src

lib.rs

Cargo.lock

This file has not been changed.

Cargo.toml

This file has not been changed.

sachy-crypto/Cargo.toml

This file has not been changed.

+47 -32

sachy-crypto/src/lib.rs

··· 3 3 use core::ops::{AddAssign, Sub}; 4 4 5 5 use chacha20poly1305::{ 6 - AeadCore, AeadInOut, KeyInit, XChaCha20Poly1305, 6 + AeadCore, AeadInOut, ChaCha20Poly1305, KeyInit, 7 7 aead::{ 8 8 self, Buffer, 9 9 array::{Array, ArraySize}, ··· 145 145 } 146 146 147 147 pub struct TransportState { 148 - aead: XChaCha20Poly1305, 148 + aead: ChaCha20Poly1305, 149 149 } 150 150 151 151 pub struct SendingState<'a> { 152 152 transport: &'a TransportState, 153 - epstein: Nonce<XChaCha20Poly1305, TransportState>, 154 153 counter: u64, 155 154 } 156 155 157 156 impl SendingState<'_> { 158 - fn aead_nonce(&self, position: &[u8; 8]) -> aead::Nonce<XChaCha20Poly1305> { 159 - let mut result = Array::default(); 160 - 161 - let (prefix, tail) = 162 - result.split_at_mut(NonceSize::<XChaCha20Poly1305, TransportState>::to_usize()); 163 - 164 - prefix.copy_from_slice(&self.epstein); 165 - 166 - tail[..8].copy_from_slice(position); 167 - 168 - result 169 - } 170 - 171 157 pub fn encrypt(&mut self, msg: &mut alloc::vec::Vec<u8>) -> Result<(), ProtoError> { 172 158 let counter = self.counter.to_be_bytes(); 173 159 174 - let epstein = self.aead_nonce(&counter); 160 + let mut epstein = Array::generate(); 175 161 176 162 self.transport.encrypt_in_place(&epstein, &counter, msg)?; 177 163 178 - msg.extend(epstein); 164 + msg.extend_from_slice(Self::mix_nonce(&mut epstein, &counter)); 179 165 180 166 self.counter += TransportState::COUNTER_INCR; 181 167 ··· 185 171 Ok(()) 186 172 } 187 173 } 174 + 175 + fn mix_nonce<'a>( 176 + nonce: &'a mut aead::Nonce<ChaCha20Poly1305>, 177 + position: &'a [u8; 8], 178 + ) -> &'a aead::Nonce<ChaCha20Poly1305> { 179 + nonce[..position.len()] 180 + .iter_mut() 181 + .zip(position) 182 + .for_each(|(byte, count)| *byte ^= *count); 183 + 184 + nonce 185 + } 188 186 } 189 187 190 188 pub struct ReceivingState<'a> { ··· 194 192 195 193 impl ReceivingState<'_> { 196 194 pub fn decrypt(&mut self, msg: &mut alloc::vec::Vec<u8>) -> Result<(), ProtoError> { 197 - let index = msg.len() - <XChaCha20Poly1305 as AeadCore>::NonceSize::to_usize(); 195 + let counter = self.counter.to_be_bytes(); 198 196 199 197 // Extract the nonce from the payload as this does not need to be decrypted 200 - let epstein = Array::try_from_iter(msg.drain(index..)).map_err(|_| ProtoError)?; 201 - 202 - let counter = &epstein[NonceSize::<XChaCha20Poly1305, TransportState>::to_usize()..]; 198 + let epstein = Self::extract_nonce(&counter, msg)?; 203 199 204 - self.transport.decrypt_in_place(&epstein, counter, msg)?; 200 + self.transport.decrypt_in_place(&epstein, &counter, msg)?; 205 201 206 202 self.counter += TransportState::COUNTER_INCR; 207 203 ··· 211 207 Ok(()) 212 208 } 213 209 } 210 + 211 + fn extract_nonce( 212 + position: &[u8; 8], 213 + msg: &mut alloc::vec::Vec<u8>, 214 + ) -> Result<aead::Nonce<ChaCha20Poly1305>, ProtoError> { 215 + let index = msg 216 + .len() 217 + .checked_sub(<ChaCha20Poly1305 as AeadCore>::NonceSize::to_usize()) 218 + .ok_or(ProtoError)?; 219 + 220 + let mut epstein = Array::try_from(&msg[index..]).map_err(|_| ProtoError)?; 221 + 222 + epstein[..position.len()] 223 + .iter_mut() 224 + .zip(position) 225 + .for_each(|(keyed, count)| { 226 + *keyed ^= *count; 227 + }); 228 + 229 + msg.truncate(index); 230 + 231 + Ok(epstein) 232 + } 214 233 } 215 234 216 - impl TransportPrimitive<XChaCha20Poly1305> for TransportState { 235 + impl TransportPrimitive<ChaCha20Poly1305> for TransportState { 217 236 type NonceOverhead = U8; 218 237 219 238 type Counter = u64; ··· 224 243 225 244 fn encrypt_in_place( 226 245 &self, 227 - epstein: &aead::Nonce<XChaCha20Poly1305>, 246 + epstein: &aead::Nonce<ChaCha20Poly1305>, 228 247 associated_data: &[u8], 229 248 buffer: &mut dyn Buffer, 230 249 ) -> Result<(), ProtoError> { ··· 235 254 236 255 fn decrypt_in_place( 237 256 &self, 238 - epstein: &aead::Nonce<XChaCha20Poly1305>, 257 + epstein: &aead::Nonce<ChaCha20Poly1305>, 239 258 associated_data: &[u8], 240 259 buffer: &mut dyn Buffer, 241 260 ) -> Result<(), ProtoError> { ··· 256 275 .map_err(|_| ProtoError)?; 257 276 258 277 Ok(Self { 259 - aead: XChaCha20Poly1305::new(&key.into()), 278 + aead: ChaCha20Poly1305::new(&key.into()), 260 279 }) 261 280 } 262 281 ··· 264 283 ( 265 284 SendingState { 266 285 transport: self, 267 - epstein: Nonce::<XChaCha20Poly1305, Self>::generate(), 268 286 counter: 0, 269 287 }, 270 288 ReceivingState { ··· 297 315 let client_transport = client.finish(&ciphertext, &psk)?; 298 316 let server_transport = server.finish(&psk)?; 299 317 300 - let nonce = aead::Nonce::<XChaCha20Poly1305>::generate(); 318 + let nonce = aead::Nonce::<ChaCha20Poly1305>::generate(); 301 319 302 320 let mut buffer1 = vec![0u8; 64]; 303 321 let mut buffer2 = vec![0u8; 64]; ··· 337 355 let (mut alice_send, mut alice_recv) = alice.split(); 338 356 let (mut bob_send, mut bob_recv) = bob.split(); 339 357 340 - // Confirm that both send channels have different nonces. 341 - assert_ne!(alice_send.epstein.as_slice(), bob_send.epstein.as_slice()); 342 - 343 358 let orig = b"Test Message, Please ignore.".to_vec(); 344 359 345 360 let mut msg = orig.clone();

History

18 rounds 0 comments

sachy.dev submitted #17 2d

diff interdiff

1 commit

expand

c7adc8d5

Sachy's crypto scheme lmao

2/2 success

expand