Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CleartextCredentials serialization is unspecified #469

Closed
iaik-jheher opened this issue Nov 13, 2024 · 4 comments
Closed

CleartextCredentials serialization is unspecified #469

iaik-jheher opened this issue Nov 13, 2024 · 4 comments

Comments

@iaik-jheher
Copy link

iaik-jheher commented Nov 13, 2024

CleartextCredentials is specified as:

struct {
  uint8 server_public_key[Npk];
  uint8 server_identity<1..2^16-1>;
  uint8 client_identity<1..2^16-1>;
} CleartextCredentials;

An instance of CleartextCredentials is then concatenated with the envelope nonce to generate the auth_tag:

auth_tag =
    MAC(auth_key, concat(envelope_nonce, cleartext_credentials))

However, the document does not specify anywhere how to serialize a CleartextCredentials structure to bytes. As opposed to every other structure in the document, which has fixed field lengths (and can simply be serialized by concatenating the fields), CleartextCredentials has two fields with dynamic lengths. It is not immediately obvious how it should be serialized.

I was able to make an educated guess (based on the length constraint) that CleartextCredentials should be serialized as:

concat(
    server_public_key,
    I2OSP(len(server_identity), 2), server_identity,
    I2OSP(len(client_identity), 2), client_identity)

Which also then matches the provided test vectors. Nevertheless, this should be specified in the document.

@iaik-jheher
Copy link
Author

This also affects CustomLabel. I suspect that language similar to RFC 8446's section 3.4 is missing.

@kevinlewi
Copy link
Collaborator

@iaik-jheher Thank you for pointing this out! This has been addressed in #471 , please take a look and let me know if this looks good.

@iaik-jheher
Copy link
Author

Looks good to me!

@kevinlewi
Copy link
Collaborator

Closed by #471

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants