-
Notifications
You must be signed in to change notification settings - Fork 57
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add v6 SKESK #2207
base: main
Are you sure you want to change the base?
Add v6 SKESK #2207
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #2207 +/- ##
=======================================
Coverage 84.81% 84.81%
=======================================
Files 116 116
Lines 23292 23292
=======================================
Hits 19755 19755
Misses 3537 3537 ☔ View full report in Codecov by Sentry. |
src/librepgp/stream-write.cpp
Outdated
|
||
/* Use SEIPDv2 for SKESK if enabled and preconditions are met */ | ||
if (handler->ctx->enable_skesk_v6 && handler->ctx->aalg != PGP_AEAD_NONE && | ||
skeycount > 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Question: what is the meaning of skeycount in this context?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
pkeycount = handler->ctx->recipients.size();
skeycount = handler->ctx->passwords.size();
These are the number of SKESK or PKESK packets.
When writing the code I assumed that only one of those variables is non-zero, meaning, we have distinct cases for symmetric and asymmetric encryption. I now think that is a wrong assumption and you can actually use PKESK and SKESK packets simultaniously for the same SEIPD message.
Thus, I will need to adapt the logic here to also take into account the v2-SEIPD capability of the "PKESK recipients".
@ni4 from my view this could be merged. Do you have any comments on the PR? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks!
@TJ-91 Could you please resolve conflicts here? I'm not seem able to push to this branch. Thanks! |
@ni4 I rebased (but now checks fail like on main) |
@TJ-91 there is some merge conflict here. |
I rebased |
I added generating and parsing of v6 SKESK packets. They work similarly to the already implemented AEAD stuff, but use SEIPDv2 instead, and also, use HKDF for key derivation.
I added the Crypto Refresh test vectors for EAX/OCB, as well as an encrypt-decrypt test.
Further, I added the
rnp_op_encrypt_enable_skesk_v6()
API call that enables creating v6 SKESK. In the CLI it can be activated with--enable-v6-skesk
.The default behaviour for SKESK should be the same as before, even when compiling with
ENABLE_CRYPTO_REFRESH
.