hscrypto: Implement hs_mac.
This commit is contained in:
parent
44e9d31af9
commit
0a52d90af3
|
@ -3903,6 +3903,8 @@ dependencies = [
|
||||||
name = "tor-hscrypto"
|
name = "tor-hscrypto"
|
||||||
version = "0.1.0"
|
version = "0.1.0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
|
"digest 0.10.6",
|
||||||
|
"hex-literal",
|
||||||
"paste",
|
"paste",
|
||||||
"rand_core 0.6.4",
|
"rand_core 0.6.4",
|
||||||
"serde",
|
"serde",
|
||||||
|
|
|
@ -15,6 +15,7 @@ repository = "https://gitlab.torproject.org/tpo/core/arti.git/"
|
||||||
default = []
|
default = []
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
|
digest = "0.10.0"
|
||||||
paste = "1"
|
paste = "1"
|
||||||
rand_core = "0.6.2"
|
rand_core = "0.6.2"
|
||||||
serde = { version = "1.0.103", features = ["derive"] }
|
serde = { version = "1.0.103", features = ["derive"] }
|
||||||
|
@ -22,3 +23,4 @@ thiserror = "1"
|
||||||
tor-llcrypto = { version = "0.4.0", path = "../tor-llcrypto" }
|
tor-llcrypto = { version = "0.4.0", path = "../tor-llcrypto" }
|
||||||
|
|
||||||
[dev-dependencies]
|
[dev-dependencies]
|
||||||
|
hex-literal = "0.3"
|
||||||
|
|
|
@ -1,4 +1,57 @@
|
||||||
|
//! Mid-level cryptographic operations used in the onion service protocol.
|
||||||
|
|
||||||
|
use tor_llcrypto::d::Sha3_256;
|
||||||
|
use tor_llcrypto::util::ct::CtByteArray;
|
||||||
|
|
||||||
|
use digest::Digest;
|
||||||
|
|
||||||
/// Compute the lightweight MAC function used in the onion service protocol.
|
/// Compute the lightweight MAC function used in the onion service protocol.
|
||||||
pub fn hs_mac(key: &[u8], msg: &[u8]) -> [u8; 32] {
|
pub fn hs_mac(key: &[u8], msg: &[u8]) -> CtByteArray<32> {
|
||||||
todo!() // TODO hs
|
// rend-spec-v3 says: "Instantiate H with SHA3-256... Instantiate MAC(key=k,
|
||||||
|
// message=m) with H(k_len | k | m), where k_len is htonll(len(k))."
|
||||||
|
|
||||||
|
let mut hasher = Sha3_256::new();
|
||||||
|
let klen = key.len() as u64;
|
||||||
|
hasher.update(klen.to_be_bytes());
|
||||||
|
hasher.update(key);
|
||||||
|
hasher.update(msg);
|
||||||
|
let a: [u8; 32] = hasher.finalize().into();
|
||||||
|
a.into()
|
||||||
|
}
|
||||||
|
|
||||||
|
#[cfg(test)]
|
||||||
|
mod test {
|
||||||
|
use super::*;
|
||||||
|
use hex_literal::hex;
|
||||||
|
|
||||||
|
/// Helper: just call Sha3_256 and return the result as a CtByteArray.
|
||||||
|
fn d(s: &[u8]) -> CtByteArray<32> {
|
||||||
|
let a: [u8; 32] = Sha3_256::digest(s).into();
|
||||||
|
a.into()
|
||||||
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn mac_from_definition() {
|
||||||
|
assert_eq!(hs_mac(b"", b""), d(&[0; 8]));
|
||||||
|
assert_eq!(
|
||||||
|
hs_mac(b"hello", b"world"),
|
||||||
|
d(b"\0\0\0\0\0\0\0\x05helloworld")
|
||||||
|
);
|
||||||
|
assert_eq!(
|
||||||
|
hs_mac(b"helloworl", b"d"),
|
||||||
|
d(b"\0\0\0\0\0\0\0\x09helloworld")
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn mac_testvec() {
|
||||||
|
// From C Tor; originally generated in Python.
|
||||||
|
let msg = b"i am in a library somewhere using my computer";
|
||||||
|
let key = b"i'm from the past talking to the future.";
|
||||||
|
|
||||||
|
assert_eq!(
|
||||||
|
hs_mac(key, msg).as_ref(),
|
||||||
|
&hex!("753fba6d87d49497238a512a3772dd291e55f7d1cd332c9fb5c967c7a10a13ca")
|
||||||
|
);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue