Commit 5aef4fcd authored by Martin Thomson's avatar Martin Thomson

Bug 1699021 - Add AES-256-GCM to HPKE, r=bbeurdouche

Differential Revision: https://phabricator.services.mozilla.com/D108734

--HG--
extra : rebase_source : ffa43f8cd1f341d56e8782f81a2aa24243533614
parent b1b15770
...@@ -20,11 +20,11 @@ for tc in json.load(sys.stdin): ...@@ -20,11 +20,11 @@ for tc in json.load(sys.stdin):
# X25519 # X25519
if tc["kem_id"] != 32: if tc["kem_id"] != 32:
continue continue
# SHA-2 256, 384, and 512 # SHA-2 256, 384, and 512 (1..3)
if tc["kdf_id"] != 1 and tc["kdf_id"] != 2 and tc["kdf_id"] != 3: if not tc["kdf_id"] in [1, 2, 3]:
continue continue
# AES-128-GCM and ChaCha20Poly1305 # AES-128-GCM, AES-256-GCM, and ChaCha20Poly1305 (1..3 also)
if tc["aead_id"] != 1 and tc["aead_id"] != 3: if not tc["aead_id"] in [1, 2, 3]:
continue continue
print(f"{{{i},") print(f"{{{i},")
......
This diff is collapsed.
...@@ -65,6 +65,7 @@ static const hpkeKdfParams kdfParams[] = { ...@@ -65,6 +65,7 @@ static const hpkeKdfParams kdfParams[] = {
static const hpkeAeadParams aeadParams[] = { static const hpkeAeadParams aeadParams[] = {
/* AEAD, Nk, Nn, tagLen, mechanism */ /* AEAD, Nk, Nn, tagLen, mechanism */
{ HpkeAeadAes128Gcm, 16, 12, 16, CKM_AES_GCM }, { HpkeAeadAes128Gcm, 16, 12, 16, CKM_AES_GCM },
{ HpkeAeadAes256Gcm, 32, 12, 16, CKM_AES_GCM },
{ HpkeAeadChaCha20Poly1305, 32, 12, 16, CKM_CHACHA20_POLY1305 }, { HpkeAeadChaCha20Poly1305, 32, 12, 16, CKM_CHACHA20_POLY1305 },
}; };
...@@ -100,8 +101,10 @@ aeadId2Params(HpkeAeadId aeadId) ...@@ -100,8 +101,10 @@ aeadId2Params(HpkeAeadId aeadId)
switch (aeadId) { switch (aeadId) {
case HpkeAeadAes128Gcm: case HpkeAeadAes128Gcm:
return &aeadParams[0]; return &aeadParams[0];
case HpkeAeadChaCha20Poly1305: case HpkeAeadAes256Gcm:
return &aeadParams[1]; return &aeadParams[1];
case HpkeAeadChaCha20Poly1305:
return &aeadParams[2];
default: default:
return NULL; return NULL;
} }
......
...@@ -37,7 +37,7 @@ typedef enum { ...@@ -37,7 +37,7 @@ typedef enum {
HpkeModePsk = 1, HpkeModePsk = 1,
} HpkeModeId; } HpkeModeId;
/* https://tools.ietf.org/html/draft-irtf-cfrg-hpke-07#section-7.1 */ /* https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hpke-08#section-7.1 */
typedef enum { typedef enum {
HpkeDhKemX25519Sha256 = 0x20, HpkeDhKemX25519Sha256 = 0x20,
} HpkeKemId; } HpkeKemId;
...@@ -50,6 +50,7 @@ typedef enum { ...@@ -50,6 +50,7 @@ typedef enum {
typedef enum { typedef enum {
HpkeAeadAes128Gcm = 1, HpkeAeadAes128Gcm = 1,
HpkeAeadAes256Gcm = 2,
HpkeAeadChaCha20Poly1305 = 3, HpkeAeadChaCha20Poly1305 = 3,
} HpkeAeadId; } HpkeAeadId;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment