spideroak-crypto 0.7.0

SpiderOak's cryptography library
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141

package main

import (
	"encoding/json"
	"io"
	"net/http"
	"os"
	"strconv"
)

func main() {
	if err := main1(); err != nil {
		panic(err)
	}
}

func main1() error {
	// See https://www.rfc-editor.org/rfc/rfc9180.html#name-test-vectors
	resp, err := http.Get("https://raw.githubusercontent.com/cfrg/draft-irtf-cfrg-hpke/5f503c564da00b0687b3de75f1dfbdfc4079ad31/test-vectors.json")
	if err != nil {
		return err
	}
	defer resp.Body.Close()

	b, err := io.ReadAll(resp.Body)
	if err != nil {
		return err
	}
	var grps []TestGroup
	err = json.Unmarshal(b, &grps)
	if err != nil {
		return err
	}

	m := make(map[triple][]TestGroup)
	for _, g := range grps {
		k := triple{g.Kem, g.Kdf, g.AEAD}
		m[k] = append(m[k], g)
	}
	for k, v := range m {
		b, err := json.Marshal(struct {
			G []TestGroup `json:"test_groups"`
		}{G: v})
		if err != nil {
			return err
		}
		err = os.WriteFile(k.String()+".json", b, 0644)
		if err != nil {
			return err
		}
	}
	return nil
}

type triple struct {
	kem  uint16
	kdf  uint16
	aead uint16
}

func (t triple) String() string {
	s := "Hpke"
	switch t.kem {
	case 0x0010:
		s += "DhKemP256HkdfSha256"
	case 0x0011:
		s += "DhKemP384HkdfSha384"
	case 0x0012:
		s += "DhKemP521HkdfSha512"
	case 0x0020:
		s += "DhKemX25519HkdfSha256"
	case 0x0021:
		s += "DhKemX448HkdfSha512"
	default:
		panic("unknown kem" + strconv.Itoa(int(t.kem)))
	}
	switch t.kdf {
	case 0x0001:
		s += "HkdfSha256"
	case 0x0002:
		s += "HkdfSha384"
	case 0x0003:
		s += "HkdfSha512"
	default:
		panic("unknown kdf" + strconv.Itoa(int(t.kdf)))
	}
	switch t.aead {
	case 0x0001:
		s += "Aes128Gcm"
	case 0x0002:
		s += "Aes256Gcm"
	case 0x0003:
		s += "ChaCha20Poly1305"
	case 0xffff:
		s += "ExportOnly"
	default:
		panic("unknown aead" + strconv.Itoa(int(t.aead)))
	}
	return s
}

type TestGroup struct {
	Mode           uint8        `json:"mode"`
	Kem            uint16       `json:"kem_id"`
	Kdf            uint16       `json:"kdf_id"`
	AEAD           uint16       `json:"aead_id"`
	Info           string       `json:"info"`
	Ikmr           string       `json:"ikmR"`
	Ikms           string       `json:"ikmS"`
	Ikme           string       `json:"ikmE"`
	Skrm           string       `json:"skRm"`
	Sksm           string       `json:"skSm"`
	Skem           string       `json:"skEm"`
	Psk            string       `json:"psk"`
	PskID          string       `json:"psk_id"`
	Pkrm           string       `json:"pkRm"`
	Pksm           string       `json:"pkSm"`
	Pkem           string       `json:"pkEm"`
	Enc            string       `json:"enc"`
	SharedSecret   string       `json:"shared_secret"`
	KsCtx          string       `json:"key_schedule_context"`
	Secret         string       `json:"secret"`
	Key            string       `json:"key"`
	BaseNonce      string       `json:"base_nonce"`
	ExporterSecret string       `json:"exporter_secret"`
	Tests          []Test       `json:"encryptions"`
	Exports        []ExportTest `json:"exports"`
}

type Test struct {
	Aad   string `json:"aad"`
	Ct    string `json:"ct"`
	Nonce string `json:"nonce"`
	Pt    string `json:"pt"`
}

type ExportTest struct {
	ExporterCtx string `json:"exporter_context"`
	Len         int    `json:"L"`
	ExportedVal string `json:"exported_value"`
}