Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Bug 1692930 - Update HPKE to final version, r=bbeurdouche
This adds the final HPKE version string.

This removes the draft version markers from the implementation and stops
tracking the draft version with the exported syntax.

I've added the script that I used to convert the JSON test vectors from the
specification; that should allow us to pick up new tests relatively easily,
especially if we need to add new algorithms.

This change breaks several ECH test cases.  As fixing those tests is
extraordinarily fiddly, I'm going to defer making those changes until we need to
update ECH.  As we can't land this code until ECH is updated to depend on the
final HPKE and until we have coordinated with servers on when the ECH update can
be deployed, it should be OK to defer.

In short, don't land this without the matching ECH changes.

Differential Revision: https://phabricator.services.mozilla.com/D105256

--HG--
extra : rebase_source : b0717403cf5136efc14f85499182763aa551efc3
  • Loading branch information
martinthomson committed Mar 15, 2021
1 parent 71f201b commit a441315
Show file tree
Hide file tree
Showing 12 changed files with 14,841 additions and 364 deletions.
5 changes: 0 additions & 5 deletions coreconf/config.gypi
Expand Up @@ -573,11 +573,6 @@
'NSS_DISABLE_DBM',
],
}],
[ 'enable_draft_hpke==1', {
'defines': [
'NSS_ENABLE_DRAFT_HPKE',
],
}],
[ 'disable_libpkix==1', {
'defines': [
'NSS_DISABLE_LIBPKIX',
Expand Down
4 changes: 0 additions & 4 deletions coreconf/config.mk
Expand Up @@ -195,10 +195,6 @@ ifdef NSS_PKIX_NO_LDAP
DEFINES += -DNSS_PKIX_NO_LDAP
endif

ifdef NSS_ENABLE_DRAFT_HPKE
DEFINES += -DNSS_ENABLE_DRAFT_HPKE
endif

# FIPS support requires startup tests to be executed at load time of shared modules.
# For performance reasons, these tests are disabled by default.
# When compiling binaries that must support FIPS mode,
Expand Down
62 changes: 62 additions & 0 deletions gtests/common/testvectors/hpke-convert.py
@@ -0,0 +1,62 @@
#!/usr/bin/env python3
# This script converts the test vectors referenced by the specification into
# a form that matches our implementation.

import json
import sys


def pkcs8(sk, pk):
print(
f'"3067020100301406072a8648ce3d020106092b06010401da470f01044c304a0201010420{sk}a123032100{pk}",'
)


i = 0
for tc in json.load(sys.stdin):
# Only mode_base and mode_psk
if tc["mode"] != 0 and tc["mode"] != 1:
continue
# X25519
if tc["kem_id"] != 32:
continue
# SHA-2 256, 384, and 512
if tc["kdf_id"] != 1 and tc["kdf_id"] != 2 and tc["kdf_id"] != 3:
continue
# AES-128-GCM and ChaCha20Poly1305
if tc["aead_id"] != 1 and tc["aead_id"] != 3:
continue

print(f"{{{i},")
print(f"static_cast<HpkeModeId>({tc['mode']}),")
print(f"static_cast<HpkeKemId>({tc['kem_id']}),")
print(f"static_cast<HpkeKdfId>({tc['kdf_id']}),")
print(f"static_cast<HpkeAeadId>({tc['aead_id']}),")
print(f'"{tc["info"]}", // info')
pkcs8(tc["skEm"], tc["pkEm"])
pkcs8(tc["skRm"], tc["pkRm"])
print(f'"{tc.get("psk", "")}", // psk')
print(f'"{tc.get("psk_id", "")}", // psk_id')
print(f'"{tc["enc"]}", // enc')
print(f'"{tc["key"]}", // key')
print(f'"{tc["base_nonce"]}", // nonce')

print("{ // Encryptions")
for e in tc["encryptions"]:
print("{")
print(f'"{e["plaintext"]}", // pt')
print(f'"{e["aad"]}", // aad')
print(f'"{e["ciphertext"]}", // ct')
print("},")
print("},")

print("{ // Exports")
for e in tc["exports"]:
print("{")
print(f'"{e["exporter_context"]}", // context')
print(f'{e["L"]}, // len')
print(f'"{e["exported_value"]}", // exported')
print("},")
print("},")
print("},")
i = i + 1

0 comments on commit a441315

Please sign in to comment.