Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Revamp error handling #63

Merged
merged 4 commits into from
Jan 5, 2021
Merged

Revamp error handling #63

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
8533eaa
revamp encapsulate error
kigawas Jan 5, 2021
0a46d32
revamp hkdf error
kigawas Jan 5, 2021
94f1fdf
update license
kigawas Jan 5, 2021
2d2f515
update dep
kigawas Jan 5, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "ecies"
version = "0.2.0"
version = "0.2.1"
# docs
authors = ["Weiliang Li <[email protected]>"]
description = "Elliptic Curve Integrated Encryption Scheme for secp256k1 in Rust"
Expand All @@ -25,11 +25,11 @@ libsecp256k1 = "0.3.5"
sha2 = "0.9.2"

# openssl aes
openssl = {version = "0.10.31", optional = true}
openssl = {version = "0.10.32", optional = true}

# pure rust aes
aes-gcm = {version = "0.8.0", optional = true}
typenum = {version = "1.12", optional = true}
typenum = {version = "1.12.0", optional = true}

[target.'cfg(target_arch = "wasm32")'.dependencies]
rand = {version = "0.7.3", features = ["wasm-bindgen"]}
Expand All @@ -50,8 +50,8 @@ wasm-bindgen-test = "0.3.19"

[target.'cfg(not(target_arch = "wasm32"))'.dev-dependencies]
futures-util = "0.3.8"
reqwest = "0.10.9"
tokio = "0.2.22"
reqwest = "0.10.10"
tokio = "0.2.24"

[[bench]]
harness = false
Expand Down
2 changes: 1 addition & 1 deletion LICENSE
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
MIT License

Copyright (c) 2019-2020 Weiliang Li
Copyright (c) 2019-2021 Weiliang Li

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
Expand Down
4 changes: 2 additions & 2 deletions src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ pub fn encrypt(receiver_pub: &[u8], msg: &[u8]) -> Result<Vec<u8>, SecpError> {
let receiver_pk = PublicKey::parse_slice(receiver_pub, None)?;
let (ephemeral_sk, ephemeral_pk) = generate_keypair();

let aes_key = encapsulate(&ephemeral_sk, &receiver_pk);
let aes_key = encapsulate(&ephemeral_sk, &receiver_pk)?;
let encrypted = aes_encrypt(&aes_key, msg).ok_or(SecpError::InvalidMessage)?;

let mut cipher_text = Vec::with_capacity(FULL_PUBLIC_KEY_SIZE + encrypted.len());
Expand All @@ -102,7 +102,7 @@ pub fn decrypt(receiver_sec: &[u8], msg: &[u8]) -> Result<Vec<u8>, SecpError> {
let ephemeral_pk = PublicKey::parse_slice(&msg[..FULL_PUBLIC_KEY_SIZE], None)?;
let encrypted = &msg[FULL_PUBLIC_KEY_SIZE..];

let aes_key = decapsulate(&ephemeral_pk, &receiver_sk);
let aes_key = decapsulate(&ephemeral_pk, &receiver_sk)?;

aes_decrypt(&aes_key, encrypted).ok_or(SecpError::InvalidMessage)
}
Expand Down
19 changes: 10 additions & 9 deletions src/utils.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
use hkdf::Hkdf;
use rand::thread_rng;
use secp256k1::{util::FULL_PUBLIC_KEY_SIZE, PublicKey, SecretKey};
use secp256k1::{util::FULL_PUBLIC_KEY_SIZE, Error as SecpError, PublicKey, SecretKey};
use sha2::Sha256;

use crate::consts::EMPTY_BYTES;
Expand All @@ -19,9 +19,9 @@ pub fn generate_keypair() -> (SecretKey, PublicKey) {
}

/// Calculate a shared AES key of our secret key and peer's public key by hkdf
pub fn encapsulate(sk: &SecretKey, peer_pk: &PublicKey) -> AesKey {
pub fn encapsulate(sk: &SecretKey, peer_pk: &PublicKey) -> Result<AesKey, SecpError> {
let mut shared_point = peer_pk.clone();
shared_point.tweak_mul_assign(&sk).unwrap();
shared_point.tweak_mul_assign(&sk)?;

let mut master = Vec::with_capacity(FULL_PUBLIC_KEY_SIZE * 2);
master.extend(PublicKey::from_secret_key(&sk).serialize().iter());
Expand All @@ -31,9 +31,9 @@ pub fn encapsulate(sk: &SecretKey, peer_pk: &PublicKey) -> AesKey {
}

/// Calculate a shared AES key of our public key and peer's secret key by hkdf
pub fn decapsulate(pk: &PublicKey, peer_sk: &SecretKey) -> AesKey {
pub fn decapsulate(pk: &PublicKey, peer_sk: &SecretKey) -> Result<AesKey, SecpError> {
let mut shared_point = pk.clone();
shared_point.tweak_mul_assign(&peer_sk).unwrap();
shared_point.tweak_mul_assign(&peer_sk)?;

let mut master = Vec::with_capacity(FULL_PUBLIC_KEY_SIZE * 2);
master.extend(pk.serialize().iter());
Expand All @@ -43,11 +43,12 @@ pub fn decapsulate(pk: &PublicKey, peer_sk: &SecretKey) -> AesKey {
}

// private below
fn hkdf_sha256(master: &[u8]) -> AesKey {
fn hkdf_sha256(master: &[u8]) -> Result<AesKey, SecpError> {
let h = Hkdf::<Sha256>::new(None, master);
let mut out = [0u8; 32];
h.expand(&EMPTY_BYTES, &mut out).unwrap();
out
h.expand(&EMPTY_BYTES, &mut out)
.map_err(|_| SecpError::InvalidInputLength)?;
Ok(out)
}

#[cfg(test)]
Expand Down Expand Up @@ -176,7 +177,7 @@ pub(crate) mod tests {

assert_eq!(encapsulate(&sk2, &pk3), decapsulate(&pk2, &sk3));
assert_eq!(
encapsulate(&sk2, &pk3).to_vec(),
encapsulate(&sk2, &pk3).map(|v| v.to_vec()).unwrap(),
decode_hex("6f982d63e8590c9d9b5b4c1959ff80315d772edd8f60287c9361d548d5200f82")
);
}
Expand Down