8000 Consistency between encryption library and RFC [depends on #193] by dtebbs · Pull Request #199 · clearmatics/zeth · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Consistency between encryption library and RFC [depends on #193] #199

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Apr 22, 2020
Merged

Consistency between encryption library and RFC [depends on #193] #199

merged 4 commits into from
Apr 22, 2020

Conversation

dtebbs
Copy link
Contributor
@dtebbs dtebbs commented Apr 20, 2020

Verified that the code is consistent with the relevant RFC. Added comments explaining this with links to code.

@dtebbs dtebbs changed the title Consistency between encryption library and RFC [depends on #193] WIP: Consistency between encryption library and RFC [depends on #193] Apr 20, 2020
@dtebbs dtebbs force-pushed the ik-cca-rfc-consistency branch from 5a0c19c to 3fd1305 Compare April 21, 2020 08:19
@dtebbs dtebbs force-pushed the ik-cca-rfc-consistency branch from 3fd1305 to 2bffe03 Compare April 21, 2020 10:47
@dtebbs dtebbs changed the title WIP: Consistency between encryption library and RFC [depends on #193] Consistency between encryption library and RFC [depends on #193] Apr 21, 2020
dtebbs
dtebbs commented Apr 21, 2020
View reviewed changes
pyClient/zeth/encryption.py Outdated
# cleared, and bit 6 of the last byte set. This happens at key generation
# time. See:
#
# https://github.com/openssl/openssl/blob/be9d82bb35812ac65cd92316d1ae7c7c75efe9cf/crypto/ec/ecx_meth.c#L81
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note, the execution path through the code is very difficult to follow. To be sure, I've also experimentally verified that keys are generated with the expectd properties.

@AntoineRondelet AntoineRondelet self-requested a review April 21, 2020 11:29
@dtebbs dtebbs force-pushed the ik-cca-rfc-consistency branch from 50e3a68 to a5a998e Compare April 21, 2020 18:21
AntoineRondelet
AntoineRondelet reviewed Apr 22, 2020
View reviewed changes
pyClient/zeth/encryption.py Outdated
# RFC 8439, 2018,
# <https://tools.ietf.org/html/rfc8439>

# This implementation makes use of the `cryptography` library with OpenSSL
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for double checking on that @dtebbs
Can we change this comment to a module-level docstring in order to add the explanations below to the module documentation?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moved to docstring

8000 Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks

@dtebbs
Copy link
Contributor Author
dtebbs commented Apr 22, 2020

Also tidied some other things in that file (specifically some duplicated functionality). Let me know if you prefer that split into another PR.

AntoineRondelet
AntoineRondelet reviewed Apr 22, 2020
View reviewed changes
pyClient/zeth/encryption.py
@@ -217,3 +234,23 @@ def decrypt(
message = decryptor.update(ct_sym)

return message


def _exchange(sk: EncryptionSecretKey, pk: EncryptionPublicKey) -> bytes:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What does _ mean? Does it mean "internal function"?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(Same question for the _ prefix used for the constants in the tests)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, exactly. The linters will complain if another module tries to use it, and I think they also use this to check for unused functions.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see, thanks

pyClient/zeth/encryption.py Outdated
encrypted with a different public key.

This implementation makes use of the `cryptography` library with OpenSSL
nnbackend. For the avoidance of doubt, the implementation adheres to the
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nnbackend -> backend

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. Fixed.

@dtebbs dtebbs force-pushed the ik-cca-rfc-consistency branch from bc05e58 to e4df1bc Compare April 22, 2020 14:15
@AntoineRondelet AntoineRondelet merged commit 080d6af into ik-cca Apr 22, 2020
@AntoineRondelet AntoineRondelet deleted the ik-cca-rfc-consistency branch May 7, 2020 19:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AntoineRondelet AntoineRondelet AntoineRondelet left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dtebbs @AntoineRondelet
0