Skip to content

Commit

Permalink
Group revamp (#261)
Browse files Browse the repository at this point in the history
* Revamp `KeGroup` trait

* Update dependencies

* Fix `hash_to_scalar` using `OprfGroup` instead of `KeGroup`

* Relax constraints on associated types of `KeGroup`

* Improve `KeGroup` implementation on `Curve`

* Improve `KeyExchange` trait

* Fix new Clippy 1.59 warnings
  • Loading branch information
daxpedda authored Feb 25, 2022
1 parent 47a26a1 commit b2f1085
Show file tree
Hide file tree
Showing 28 changed files with 2,126 additions and 1,567 deletions.
93 changes: 42 additions & 51 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,20 @@ jobs:
fail-fast: false
matrix:
backend_feature:
- ristretto255_u64
- ristretto255_u32
- p256
- x25519_u64,ristretto255_u64
- --features ristretto255_u64,ristretto255_voprf
- --features ristretto255_u32,ristretto255_voprf
-
- --features x25519_u64,ristretto255_u64,ristretto255_voprf
- --features x25519_u32,ristretto255_u32,ristretto255_voprf
- --features x25519_u64
- --features x25519_u32
frontend_feature:
-
- --features slow-hash
- --features serde
toolchain:
- stable
- 1.56.1
- 1.57.0
name: test
steps:
- name: Checkout sources
Expand All @@ -36,13 +43,13 @@ jobs:
uses: actions-rs/cargo@v1
with:
command: test
args: --no-default-features --features ${{ matrix.backend_feature }}
args: --no-default-features ${{ matrix.backend_feature }} ${{ matrix.frontend_feature }}

- name: Run cargo test with std
uses: actions-rs/cargo@v1
with:
command: test
args: --no-default-features --features std --features ${{ matrix.backend_feature }}
args: --no-default-features --features std ${{ matrix.backend_feature }} ${{ matrix.frontend_feature }}

cross-test:
name: Test on ${{ matrix.target }} (using cross)
Expand All @@ -54,43 +61,21 @@ jobs:
# 32-bit x86
- i686-unknown-linux-gnu
backend_feature:
- ristretto255_u64
- ristretto255_u32
- p256
- x25519_u64,ristretto255_u64
- --features ristretto255_u64,ristretto255_voprf
- --features ristretto255_u32,ristretto255_voprf
-
- x25519_u64,ristretto255_u64,ristretto255_voprf
- x25519_u32,ristretto255_u64,ristretto255_voprf
- x25519_u64
- x25519_u32
steps:
- uses: actions/checkout@v2
- uses: hecrj/setup-rust-action@v1
- run: cargo install cross
# Note: just use `cross` as you would `cargo`, but always
# pass the `--target=${{ matrix.target }}` arg. (Yes, really).
- run: cross test --verbose --target=${{ matrix.target }} --no-default-features --features ${{ matrix.backend_feature }}
- run: cross test --verbose --target=${{ matrix.target }} --no-default-features --features std --features ${{ matrix.backend_feature }}

feature-test:
name: Test on ${{ matrix.target }} with ${{ matrix.frontend_feature }}
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
backend_feature:
- ristretto255_u64
- ristretto255_u32
- p256
- ristretto255_u64,p256
- x25519_u64,ristretto255_u64
- x25519_u32,ristretto255_u32
- x25519_u64,p256
- x25519_u32,p256
- x25519_u64,ristretto255_u64,p256
frontend_feature:
- slow-hash
- serde
steps:
- uses: actions/checkout@v2
- uses: hecrj/setup-rust-action@v1
- run: cargo test --verbose --features ${{ matrix.frontend_feature }} --no-default-features --features ${{ matrix.backend_feature }}
- run: cargo test --verbose --features ${{ matrix.frontend_feature }},std --no-default-features --features ${{ matrix.backend_feature }}
- run: cross test --verbose --target=${{ matrix.target }} --no-default-features ${{ matrix.backend_feature }}
- run: cross test --verbose --target=${{ matrix.target }} --no-default-features --features std ${{ matrix.backend_feature }}

simple-login-test:
runs-on: ubuntu-latest
Expand All @@ -99,7 +84,7 @@ jobs:
matrix:
toolchain:
- stable
- 1.56.1
- 1.57.0
name: test simple_login command-line example
steps:
- name: install expect
Expand All @@ -122,7 +107,7 @@ jobs:
matrix:
toolchain:
- stable
- 1.56.1
- 1.57.0
name: test digital_locker command-line example
steps:
- name: install expect
Expand Down Expand Up @@ -150,10 +135,13 @@ jobs:
# for any no_std target
- thumbv6m-none-eabi
backend_feature:
- ristretto255_u64
- ristretto255_u32
- p256
- x25519_u64,ristretto255_u64
- ristretto255_u64,ristretto255_voprf
- ristretto255_u32,ristretto255_voprf
-
- x25519_u64,ristretto255_u64,ristretto255_voprf
- x25519_u32,ristretto255_u32,ristretto255_voprf
- x25519_u64
- x25519_u32
frontend_feature:
- slow-hash
- serde
Expand All @@ -170,10 +158,13 @@ jobs:
fail-fast: false
matrix:
backend_feature:
- ristretto255_u64
- ristretto255_u32
- p256
- x25519_u64,ristretto255_u64
- --features ristretto255_u64,ristretto255_voprf
- --features ristretto255_u32,ristretto255_voprf
-
- --features x25519_u64,ristretto255_u64,ristretto255_voprf
- --features x25519_u32,ristretto255_u32,ristretto255_voprf
- --features x25519_u32
- --features x25519_u32
steps:
- name: Checkout sources
uses: actions/checkout@v2
Expand All @@ -189,7 +180,7 @@ jobs:
uses: actions-rs/cargo@v1
with:
command: bench
args: --no-default-features --features ${{ matrix.backend_feature }} --no-run
args: --no-default-features ${{ matrix.backend_feature }} --no-run

clippy:
name: cargo clippy
Expand All @@ -210,15 +201,15 @@ jobs:
uses: actions-rs/cargo@v1
with:
command: clippy
args: --all-targets -- -D warnings
args: --all-targets --features slow-hash,std,x25519_u64 -- -D warnings

- name: Run cargo doc
uses: actions-rs/cargo@v1
env:
RUSTDOCFLAGS: -D warnings
with:
command: doc
args: --no-deps --document-private-items --features p256,slow-hash,std
args: --no-deps --document-private-items --features slow-hash,std,x25519_u64

format:
name: cargo fmt
Expand Down
73 changes: 33 additions & 40 deletions Cargo.toml
100755 → 100644
Original file line number Diff line number Diff line change
Expand Up @@ -8,47 +8,27 @@ license = "Apache-2.0 OR MIT"
name = "opaque-ke"
readme = "README.md"
repository = "https://github.com/novifinancial/opaque-ke"
rust-version = "1.56"
rust-version = "1.57"
version = "2.0.0-pre.1"

[features]
default = ["ristretto255_u64", "serde"]
p256 = ["p256_", "voprf/p256"]
ristretto255 = []
ristretto255_fiat_u32 = [
"curve25519-dalek/fiat_u32_backend",
"ristretto255",
"voprf/ristretto255_fiat_u32",
]
ristretto255_fiat_u64 = [
"curve25519-dalek/fiat_u64_backend",
"ristretto255",
"voprf/ristretto255_fiat_u64",
]
ristretto255_simd = [
"curve25519-dalek/simd_backend",
"ristretto255",
"voprf/ristretto255_simd",
]
ristretto255_u32 = [
"curve25519-dalek/u32_backend",
"ristretto255",
"voprf/ristretto255_u32",
]
ristretto255_u64 = [
"curve25519-dalek/u64_backend",
"ristretto255",
"voprf/ristretto255_u64",
]
default = ["ristretto255_u64", "ristretto255_voprf", "serde"]
ristretto255 = ["curve25519-dalek", "voprf/ristretto255"]
ristretto255_fiat_u32 = ["curve25519-dalek/fiat_u32_backend", "ristretto255"]
ristretto255_fiat_u64 = ["curve25519-dalek/fiat_u64_backend", "ristretto255"]
ristretto255_simd = ["curve25519-dalek/simd_backend", "ristretto255"]
ristretto255_u32 = ["curve25519-dalek/u32_backend", "ristretto255"]
ristretto255_u64 = ["curve25519-dalek/u64_backend", "ristretto255"]
ristretto255_voprf = ["ristretto255", "voprf/ristretto255-ciphersuite"]
serde = ["serde_", "generic-array/serde", "voprf/serde"]
slow-hash = ["argon2"]
std = ["getrandom", "rand/std", "rand/std_rng", "voprf/std"]
x25519 = []
x25519 = ["curve25519-dalek-3"]
x25519_fiat_u32 = ["x25519", "x25519-dalek/fiat_u32_backend"]
x25519_fiat_u64 = ["x25519", "x25519-dalek/fiat_u64_backend"]
# x25519-dalek isn't properly re-exposing `simd_backend`.
x25519_simd = [
"curve25519-dalek/simd_backend",
"curve25519-dalek-3/simd_backend",
"x25519",
"x25519-dalek/nightly",
]
Expand All @@ -60,26 +40,23 @@ argon2 = { version = "0.3", default-features = false, features = [
"alloc",
], optional = true }
constant_time_eq = "0.1"
curve25519-dalek = { version = "3", default-features = false, optional = true }
derive-where = { version = "1.0.0-rc.1", features = ["zeroize"] }
curve25519-dalek = { version = "=4.0.0-pre.1", default-features = false, optional = true }
curve25519-dalek-3 = { version = "3", package = "curve25519-dalek", default-features = false, optional = true }
derive-where = { version = "=1.0.0-rc.3", features = ["zeroize-on-drop"] }
digest = "0.10"
displaydoc = { version = "0.2", default-features = false }
elliptic-curve = { version = "0.12.0-pre.1", features = ["hash2curve", "sec1"] }
generic-array = "0.14"
getrandom = { version = "0.2", optional = true }
hkdf = "0.12"
hmac = "0.12"
p256_ = { package = "p256", version = "0.10", default-features = false, features = [
"arithmetic",
], optional = true }
rand = { version = "0.8", default-features = false }
serde_ = { version = "1", package = "serde", default-features = false, features = [
"derive",
], optional = true }
subtle = { version = "2.3", default-features = false }
voprf = { git = "https://github.com/novifinancial/voprf", rev = "55ef981a3f9a12eddd8c372ffdf51818011343ee", default-features = false, features = [
"danger",
] }
x25519-dalek = { version = "1", default-features = false, optional = true }
voprf = { version = "0.3", default-features = false, features = ["danger"] }
x25519-dalek = { version = "=2.0.0-pre.1", default-features = false, optional = true }
zeroize = { version = "1", features = ["zeroize_derive"] }

[target.'cfg(target_arch = "wasm32")'.dependencies]
Expand All @@ -93,7 +70,12 @@ criterion = "0.3"
hex = "0.4"
json = "0.12"
lazy_static = "1"
p256 = { version = "=0.11.0-pre.0", default-features = false, features = [
"hash2curve",
"voprf",
] }
proptest = "1"
rand = "0.8"
regex = "1"
rustyline = "9"
serde_json = "1"
Expand All @@ -102,3 +84,14 @@ sha2 = "0.10"
[[bench]]
harness = false
name = "opaque"

[package.metadata.docs.rs]
features = ["std", "slow-hash", "x25519_u64"]
targets = []

[patch.crates-io]
chacha20 = { git = "https://github.com/RustCrypto/stream-ciphers" }
chacha20poly1305 = { git = "https://github.com/khonsulabs/aeads", branch = "update-dependencies" }
derive-where = { git = "https://github.com/ModProg/derive-where" }
poly1305 = { git = "https://github.com/RustCrypto/universal-hashes" }
voprf = { git = "https://github.com/khonsulabs/voprf", branch = "v08" }
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ opaque-ke = "0.6.0"

### Minimum Supported Rust Version

Rust **1.56** or higher.
Rust **1.57** or higher.

Audit
-----
Expand Down
12 changes: 5 additions & 7 deletions benches/opaque.rs
Original file line number Diff line number Diff line change
Expand Up @@ -20,26 +20,24 @@ static SUFFIX: &str = "ristretto255_u32";
static SUFFIX: &str = "ristretto255_fiat_u64";
#[cfg(feature = "ristretto255_fiat_u32")]
static SUFFIX: &str = "ristretto255_fiat_u32";
#[cfg(all(not(feature = "ristretto255"), feature = "p256"))]
#[cfg(all(not(feature = "ristretto255")))]
static SUFFIX: &str = "p256";

struct Default;

#[cfg(feature = "ristretto255")]
impl CipherSuite for Default {
type OprfGroup = curve25519_dalek::ristretto::RistrettoPoint;
type KeGroup = curve25519_dalek::ristretto::RistrettoPoint;
type OprfGroup = opaque_ke::Ristretto255;
type KeGroup = opaque_ke::Ristretto255;
type KeyExchange = opaque_ke::key_exchange::tripledh::TripleDH;
type Hash = sha2::Sha512;
type SlowHash = opaque_ke::slow_hash::NoOpHash;
}

#[cfg(not(feature = "ristretto255"))]
impl CipherSuite for Default {
type OprfGroup = p256_::ProjectivePoint;
type KeGroup = p256_::PublicKey;
type OprfGroup = p256::NistP256;
type KeGroup = p256::NistP256;
type KeyExchange = opaque_ke::key_exchange::tripledh::TripleDH;
type Hash = sha2::Sha256;
type SlowHash = opaque_ke::slow_hash::NoOpHash;
}

Expand Down
10 changes: 4 additions & 6 deletions examples/digital_locker.rs
Original file line number Diff line number Diff line change
Expand Up @@ -49,19 +49,17 @@ struct Default;

#[cfg(feature = "ristretto255")]
impl CipherSuite for Default {
type OprfGroup = curve25519_dalek::ristretto::RistrettoPoint;
type KeGroup = curve25519_dalek::ristretto::RistrettoPoint;
type OprfGroup = opaque_ke::Ristretto255;
type KeGroup = opaque_ke::Ristretto255;
type KeyExchange = opaque_ke::key_exchange::tripledh::TripleDH;
type Hash = sha2::Sha512;
type SlowHash = opaque_ke::slow_hash::NoOpHash;
}

#[cfg(not(feature = "ristretto255"))]
impl CipherSuite for Default {
type OprfGroup = p256_::ProjectivePoint;
type KeGroup = p256_::PublicKey;
type OprfGroup = p256::NistP256;
type KeGroup = p256::NistP256;
type KeyExchange = opaque_ke::key_exchange::tripledh::TripleDH;
type Hash = sha2::Sha256;
type SlowHash = opaque_ke::slow_hash::NoOpHash;
}

Expand Down
10 changes: 4 additions & 6 deletions examples/simple_login.rs
Original file line number Diff line number Diff line change
Expand Up @@ -43,19 +43,17 @@ struct Default;

#[cfg(feature = "ristretto255")]
impl CipherSuite for Default {
type OprfGroup = curve25519_dalek::ristretto::RistrettoPoint;
type KeGroup = curve25519_dalek::ristretto::RistrettoPoint;
type OprfGroup = opaque_ke::Ristretto255;
type KeGroup = opaque_ke::Ristretto255;
type KeyExchange = opaque_ke::key_exchange::tripledh::TripleDH;
type Hash = sha2::Sha512;
type SlowHash = opaque_ke::slow_hash::NoOpHash;
}

#[cfg(not(feature = "ristretto255"))]
impl CipherSuite for Default {
type OprfGroup = p256_::ProjectivePoint;
type KeGroup = p256_::PublicKey;
type OprfGroup = p256::NistP256;
type KeGroup = p256::NistP256;
type KeyExchange = opaque_ke::key_exchange::tripledh::TripleDH;
type Hash = sha2::Sha256;
type SlowHash = opaque_ke::slow_hash::NoOpHash;
}

Expand Down
Empty file modified scripts/simple_login.exp
100755 → 100644
Empty file.
Loading

0 comments on commit b2f1085

Please sign in to comment.