diff --git a/src/aead.rs b/src/aead.rs index b9aa4c98..ea051c57 100644 --- a/src/aead.rs +++ b/src/aead.rs @@ -81,8 +81,11 @@ use crate::{ errors::UnknownCryptoError, hazardous::{ aead, - constants::{POLY1305_BLOCKSIZE, XCHACHA_NONCESIZE}, - stream::{chacha20, xchacha20::Nonce}, + mac::poly1305::POLY1305_OUTSIZE, + stream::{ + chacha20, + xchacha20::{Nonce, XCHACHA_NONCESIZE}, + }, }, }; @@ -95,7 +98,7 @@ pub fn seal(secret_key: &SecretKey, plaintext: &[u8]) -> Result, Unknown let nonce = Nonce::generate(); - let mut dst_out = vec![0u8; plaintext.len() + (XCHACHA_NONCESIZE + POLY1305_BLOCKSIZE)]; + let mut dst_out = vec![0u8; plaintext.len() + (XCHACHA_NONCESIZE + POLY1305_OUTSIZE)]; dst_out[..XCHACHA_NONCESIZE].copy_from_slice(nonce.as_ref()); aead::xchacha20poly1305::seal( @@ -116,12 +119,12 @@ pub fn open( ciphertext_with_tag_and_nonce: &[u8], ) -> Result, UnknownCryptoError> { // `+ 1` to avoid empty ciphertexts - if ciphertext_with_tag_and_nonce.len() < (XCHACHA_NONCESIZE + POLY1305_BLOCKSIZE + 1) { + if ciphertext_with_tag_and_nonce.len() < (XCHACHA_NONCESIZE + POLY1305_OUTSIZE + 1) { return Err(UnknownCryptoError); } let mut dst_out = - vec![0u8; ciphertext_with_tag_and_nonce.len() - (XCHACHA_NONCESIZE + POLY1305_BLOCKSIZE)]; + vec![0u8; ciphertext_with_tag_and_nonce.len() - (XCHACHA_NONCESIZE + POLY1305_OUTSIZE)]; aead::xchacha20poly1305::open( &chacha20::SecretKey::from_slice(secret_key.unprotected_as_bytes())?, diff --git a/src/hazardous/aead/chacha20poly1305.rs b/src/hazardous/aead/chacha20poly1305.rs index 8ecd48e6..ba00b72f 100644 --- a/src/hazardous/aead/chacha20poly1305.rs +++ b/src/hazardous/aead/chacha20poly1305.rs @@ -101,8 +101,7 @@ pub use crate::hazardous::stream::chacha20::{Nonce, SecretKey}; use crate::{ errors::UnknownCryptoError, hazardous::{ - constants::{POLY1305_KEYSIZE, POLY1305_OUTSIZE}, - mac::poly1305::{self, OneTimeKey}, + mac::poly1305::{self, OneTimeKey, POLY1305_KEYSIZE, POLY1305_OUTSIZE}, stream::chacha20, }, util, @@ -656,7 +655,7 @@ mod private { mod test_poly1305_key_gen { use super::*; - use crate::hazardous::constants::{CHACHA_KEYSIZE, IETF_CHACHA_NONCESIZE}; + use crate::hazardous::stream::chacha20::{CHACHA_KEYSIZE, IETF_CHACHA_NONCESIZE}; #[test] fn test_key_lengths() { diff --git a/src/hazardous/aead/xchacha20poly1305.rs b/src/hazardous/aead/xchacha20poly1305.rs index ab965c3e..78aa8d8c 100644 --- a/src/hazardous/aead/xchacha20poly1305.rs +++ b/src/hazardous/aead/xchacha20poly1305.rs @@ -94,8 +94,7 @@ use crate::{ errors::UnknownCryptoError, hazardous::{ aead::chacha20poly1305, - constants::IETF_CHACHA_NONCESIZE, - stream::chacha20::{self, Nonce as IETFNonce}, + stream::chacha20::{self, Nonce as IETFNonce, IETF_CHACHA_NONCESIZE}, }, }; @@ -159,7 +158,7 @@ pub fn open( #[cfg(test)] mod public { use super::*; - use crate::hazardous::constants::POLY1305_OUTSIZE; + use crate::hazardous::mac::poly1305::POLY1305_OUTSIZE; // One function tested per submodule. mod test_seal { diff --git a/src/hazardous/constants.rs b/src/hazardous/constants.rs deleted file mode 100644 index 61d844d7..00000000 --- a/src/hazardous/constants.rs +++ /dev/null @@ -1,60 +0,0 @@ -// MIT License - -// Copyright (c) 2018-2019 The orion Developers - -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: - -// The above copyright notice and this permission notice shall be included in -// all copies or substantial portions of the Software. - -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. - -/// The blocksize for the hash function SHA512. -pub const SHA512_BLOCKSIZE: usize = 128; -/// The output size for the hash function SHA512. -pub const SHA512_OUTSIZE: usize = 64; -/// The blocksize which ChaCha20 operates on. -pub const CHACHA_BLOCKSIZE: usize = 64; -/// The key size for ChaCha20. -pub const CHACHA_KEYSIZE: usize = 32; -/// The size of the subkey that HChaCha20 returns. -pub const HCHACHA_OUTSIZE: usize = 32; -/// The nonce size for IETF ChaCha20. -pub const IETF_CHACHA_NONCESIZE: usize = 12; -/// The nonce size for HChaCha20. -pub const HCHACHA_NONCESIZE: usize = 16; -/// The nonce size for XChaCha20. -pub const XCHACHA_NONCESIZE: usize = 24; -/// The blocksize which Poly1305 operates on. -pub const POLY1305_BLOCKSIZE: usize = 16; -/// The output size for Poly1305. -pub const POLY1305_OUTSIZE: usize = 16; -/// The key size for Poly1305. -pub const POLY1305_KEYSIZE: usize = 32; -/// The blocksize for the hash function BLAKE2b. -pub const BLAKE2B_BLOCKSIZE: usize = 128; -/// The key size for the hash function BLAKE2b when used in keyed mode. -pub const BLAKE2B_KEYSIZE: usize = 64; -/// The output size for the hash function BLAKE2b. -pub const BLAKE2B_OUTSIZE: usize = 64; - -/// Type for an array of length `SHA512_BLOCKSIZE`. -pub type BlocksizeArray = [u8; SHA512_BLOCKSIZE]; -/// Type for an array of length `SHA512_OUTSIZE`. -pub type HLenArray = [u8; SHA512_OUTSIZE]; -/// Type for a ChaCha state represented as an array of 16 32-bit unsigned -/// integers. -pub type ChaChaState = [u32; 16]; -/// Type for a Poly1305 tag. -pub type Poly1305Tag = [u8; POLY1305_OUTSIZE]; diff --git a/src/hazardous/hash/blake2b.rs b/src/hazardous/hash/blake2b.rs index a816441e..367d72ad 100644 --- a/src/hazardous/hash/blake2b.rs +++ b/src/hazardous/hash/blake2b.rs @@ -76,9 +76,15 @@ use crate::{ endianness::{load_u64_into_le, store_u64_into_le}, errors::UnknownCryptoError, - hazardous::constants::{BLAKE2B_BLOCKSIZE, BLAKE2B_KEYSIZE, BLAKE2B_OUTSIZE}, }; +/// The blocksize for the hash function BLAKE2b. +const BLAKE2B_BLOCKSIZE: usize = 128; +/// The maximum key size for the hash function BLAKE2b when used in keyed mode. +const BLAKE2B_KEYSIZE: usize = 64; +/// The maximum output size for the hash function BLAKE2b. +const BLAKE2B_OUTSIZE: usize = 64; + construct_secret_key! { /// A type to represent the `SecretKey` that BLAKE2b uses for keyed mode. /// diff --git a/src/hazardous/hash/sha512.rs b/src/hazardous/hash/sha512.rs index 5af8d1dc..be5cd42b 100644 --- a/src/hazardous/hash/sha512.rs +++ b/src/hazardous/hash/sha512.rs @@ -53,9 +53,13 @@ use crate::{ endianness::{load_u64_into_be, store_u64_into_be}, errors::UnknownCryptoError, - hazardous::constants::{SHA512_BLOCKSIZE, SHA512_OUTSIZE}, }; +/// The blocksize for the hash function SHA512. +pub const SHA512_BLOCKSIZE: usize = 128; +/// The output size for the hash function SHA512. +pub const SHA512_OUTSIZE: usize = 64; + construct_public! { /// A type to represent the `Digest` that SHA512 returns. /// diff --git a/src/hazardous/kdf/hkdf.rs b/src/hazardous/kdf/hkdf.rs index 8acae15e..e8fed6d8 100644 --- a/src/hazardous/kdf/hkdf.rs +++ b/src/hazardous/kdf/hkdf.rs @@ -68,7 +68,7 @@ use crate::{ errors::UnknownCryptoError, hazardous::{ - constants::SHA512_OUTSIZE, + hash::sha512::SHA512_OUTSIZE, mac::hmac::{self, SecretKey}, }, util, diff --git a/src/hazardous/kdf/pbkdf2.rs b/src/hazardous/kdf/pbkdf2.rs index cdc7f892..2ce28cf3 100644 --- a/src/hazardous/kdf/pbkdf2.rs +++ b/src/hazardous/kdf/pbkdf2.rs @@ -72,7 +72,7 @@ use crate::{ errors::UnknownCryptoError, hazardous::{ - constants::{HLenArray, SHA512_BLOCKSIZE, SHA512_OUTSIZE}, + hash::sha512::{SHA512_BLOCKSIZE, SHA512_OUTSIZE}, mac::hmac, }, util, @@ -105,7 +105,7 @@ fn function_f( block_len: usize, hmac: &mut hmac::Hmac, ) -> Result<(), UnknownCryptoError> { - let mut u_step: HLenArray = [0u8; 64]; + let mut u_step: [u8; SHA512_OUTSIZE] = [0u8; 64]; hmac.update(salt)?; hmac.update(&index.to_be_bytes())?; diff --git a/src/hazardous/mac/hmac.rs b/src/hazardous/mac/hmac.rs index 675af0f5..5ee69e95 100644 --- a/src/hazardous/mac/hmac.rs +++ b/src/hazardous/mac/hmac.rs @@ -58,10 +58,7 @@ use crate::{ errors::UnknownCryptoError, - hazardous::{ - constants::{BlocksizeArray, SHA512_BLOCKSIZE, SHA512_OUTSIZE}, - hash::sha512, - }, + hazardous::hash::sha512::{self, SHA512_BLOCKSIZE, SHA512_OUTSIZE}, }; use zeroize::Zeroize; @@ -117,8 +114,8 @@ impl Hmac { #[inline] /// Pad `key` with `ipad` and `opad`. fn pad_key_io(&mut self, key: &SecretKey) { - let mut ipad: BlocksizeArray = [0x36; SHA512_BLOCKSIZE]; - let mut opad: BlocksizeArray = [0x5C; SHA512_BLOCKSIZE]; + let mut ipad = [0x36; SHA512_BLOCKSIZE]; + let mut opad = [0x5C; SHA512_BLOCKSIZE]; // `key` has already been padded with zeroes to a length of SHA512_BLOCKSIZE // in SecretKey::from_slice for (idx, itm) in key.unprotected_as_bytes().iter().enumerate() { diff --git a/src/hazardous/mac/poly1305.rs b/src/hazardous/mac/poly1305.rs index 005fecaf..fe5ea8de 100644 --- a/src/hazardous/mac/poly1305.rs +++ b/src/hazardous/mac/poly1305.rs @@ -65,9 +65,17 @@ extern crate core; use crate::{ endianness::{load_u32_le, store_u32_into_le}, errors::UnknownCryptoError, - hazardous::constants::{Poly1305Tag, POLY1305_BLOCKSIZE, POLY1305_KEYSIZE, POLY1305_OUTSIZE}, }; +/// The blocksize which Poly1305 operates on. +const POLY1305_BLOCKSIZE: usize = 16; +/// The output size for Poly1305. +pub const POLY1305_OUTSIZE: usize = 16; +/// The key size for Poly1305. +pub const POLY1305_KEYSIZE: usize = 32; +/// Type for a Poly1305 tag. +type Poly1305Tag = [u8; POLY1305_OUTSIZE]; + construct_secret_key! { /// A type to represent the `OneTimeKey` that Poly1305 uses for authentication. /// diff --git a/src/hazardous/mod.rs b/src/hazardous/mod.rs index acd9b5d9..12f9e9e5 100644 --- a/src/hazardous/mod.rs +++ b/src/hazardous/mod.rs @@ -39,8 +39,5 @@ pub mod mac; /// Function). pub mod kdf; -/// Constant values and types. -pub mod constants; - /// Stream ciphers. pub mod stream; diff --git a/src/hazardous/stream/chacha20.rs b/src/hazardous/stream/chacha20.rs index f6ddde78..77e6b279 100644 --- a/src/hazardous/stream/chacha20.rs +++ b/src/hazardous/stream/chacha20.rs @@ -99,17 +99,23 @@ use crate::{ endianness::{load_u32_into_le, store_u32_into_le}, errors::UnknownCryptoError, - hazardous::constants::{ - ChaChaState, - CHACHA_BLOCKSIZE, - CHACHA_KEYSIZE, - HCHACHA_NONCESIZE, - HCHACHA_OUTSIZE, - IETF_CHACHA_NONCESIZE, - }, }; use zeroize::Zeroize; +/// The key size for ChaCha20. +pub const CHACHA_KEYSIZE: usize = 32; +/// The nonce size for IETF ChaCha20. +pub const IETF_CHACHA_NONCESIZE: usize = 12; +/// The blocksize which ChaCha20 operates on. +const CHACHA_BLOCKSIZE: usize = 64; +/// The size of the subkey that HChaCha20 returns. +const HCHACHA_OUTSIZE: usize = 32; +/// The nonce size for HChaCha20. +const HCHACHA_NONCESIZE: usize = 16; +/// Type for a ChaCha state represented as an array of 16 32-bit unsigned +/// integers. +type ChaChaState = [u32; 16]; + construct_secret_key! { /// A type to represent the `SecretKey` that `chacha20`, `xchacha20`, `chacha20poly1305` and /// `xchacha20poly1305` use. diff --git a/src/hazardous/stream/xchacha20.rs b/src/hazardous/stream/xchacha20.rs index a814980c..53c2ee1e 100644 --- a/src/hazardous/stream/xchacha20.rs +++ b/src/hazardous/stream/xchacha20.rs @@ -82,12 +82,12 @@ pub use crate::hazardous::stream::chacha20::SecretKey; use crate::{ errors::UnknownCryptoError, - hazardous::{ - constants::{IETF_CHACHA_NONCESIZE, XCHACHA_NONCESIZE}, - stream::chacha20::{self, Nonce as IETFNonce}, - }, + hazardous::stream::chacha20::{self, Nonce as IETFNonce, IETF_CHACHA_NONCESIZE}, }; +/// The nonce size for XChaCha20. +pub const XCHACHA_NONCESIZE: usize = 24; + construct_public! { /// A type that represents a `Nonce` that XChaCha20 and XChaCha20Poly1305 use. /// diff --git a/src/typedefs.rs b/src/typedefs.rs index a48c43d9..a9270645 100644 --- a/src/typedefs.rs +++ b/src/typedefs.rs @@ -566,8 +566,7 @@ macro_rules! construct_hmac_key { #[must_use] /// Make an object from a given byte slice. pub fn from_slice(slice: &[u8]) -> Result<$name, UnknownCryptoError> { - use crate::hazardous::hash::sha512; - use crate::hazardous::constants::SHA512_OUTSIZE; + use crate::hazardous::hash::sha512::{self, SHA512_OUTSIZE}; let mut secret_key = [0u8; $size]; diff --git a/tests/aead/mod.rs b/tests/aead/mod.rs index e93d7f90..9f021f66 100644 --- a/tests/aead/mod.rs +++ b/tests/aead/mod.rs @@ -12,7 +12,10 @@ use self::{ }, orion::{ errors::UnknownCryptoError, - hazardous::{aead, constants}, + hazardous::{ + aead, + stream::{chacha20::IETF_CHACHA_NONCESIZE, xchacha20::XCHACHA_NONCESIZE}, + }, }, }; @@ -44,7 +47,7 @@ fn aead_test_runner( } // Determine variant based on NONCE size - if nonce.len() == constants::IETF_CHACHA_NONCESIZE { + if nonce.len() == IETF_CHACHA_NONCESIZE { aead::chacha20poly1305::seal( &SecretKey::from_slice(&key).unwrap(), &chacha20poly1305::Nonce::from_slice(&nonce).unwrap(), @@ -67,7 +70,7 @@ fn aead_test_runner( assert!(dst_pt_out[..].as_ref() == input); Ok(()) - } else if nonce.len() == constants::XCHACHA_NONCESIZE { + } else if nonce.len() == XCHACHA_NONCESIZE { aead::xchacha20poly1305::seal( &SecretKey::from_slice(&key).unwrap(), &xchacha20poly1305::Nonce::from_slice(&nonce).unwrap(), diff --git a/tests/stream/mod.rs b/tests/stream/mod.rs index bf2b4677..3709e437 100644 --- a/tests/stream/mod.rs +++ b/tests/stream/mod.rs @@ -9,9 +9,9 @@ extern crate orion; use self::{ chacha20::SecretKey, hex::decode, - orion::hazardous::{ - constants, - stream::{chacha20, xchacha20}, + orion::hazardous::stream::{ + chacha20::{self, IETF_CHACHA_NONCESIZE}, + xchacha20::{self, XCHACHA_NONCESIZE}, }, }; @@ -26,7 +26,7 @@ pub fn chacha_test_runner( let original_ct = ct.to_vec(); // Selecting variant based on nonce size - if nonce.len() == constants::IETF_CHACHA_NONCESIZE { + if nonce.len() == IETF_CHACHA_NONCESIZE { chacha20::encrypt( &SecretKey::from_slice(&key).unwrap(), &chacha20::Nonce::from_slice(&nonce).unwrap(), @@ -44,7 +44,7 @@ pub fn chacha_test_runner( ) .unwrap(); } - if nonce.len() == constants::XCHACHA_NONCESIZE { + if nonce.len() == XCHACHA_NONCESIZE { xchacha20::encrypt( &SecretKey::from_slice(&key).unwrap(), &xchacha20::Nonce::from_slice(&nonce).unwrap(),