Skip to content

Commit

Permalink
Separate the HKDF classes dependent on external modules from the inde…
Browse files Browse the repository at this point in the history
…pendent base class.
  • Loading branch information
dajiaji committed Jul 27, 2023
1 parent b0c9aaf commit e650afc
Show file tree
Hide file tree
Showing 15 changed files with 111 additions and 42 deletions.
4 changes: 3 additions & 1 deletion mod.ts
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,8 @@ export { DhkemP521HkdfSha512 } from "./src/kems/dhkemP521.ts";
export { DhkemX25519HkdfSha256 } from "./src/kems/dhkemX25519.ts";
export { DhkemX448HkdfSha512 } from "./src/kems/dhkemX448.ts";

export { HkdfSha256, HkdfSha384, HkdfSha512 } from "./src/kdfs/hkdf.ts";
export { HkdfSha256 } from "./src/kdfs/hkdfSha256.ts";
export { HkdfSha384 } from "./src/kdfs/hkdfSha384.ts";
export { HkdfSha512 } from "./src/kdfs/hkdfSha512.ts";
export { Aes128Gcm, Aes256Gcm } from "./src/aeads/aesGcm.ts";
export { Chacha20Poly1305 } from "./src/aeads/chacha20Poly1305.ts";
4 changes: 3 additions & 1 deletion src/cipherSuite.ts
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,9 @@ import { AeadId, KdfId, KemId, Mode } from "./identifiers.ts";
import { Aes128Gcm, Aes256Gcm } from "./aeads/aesGcm.ts";
import { ExportOnly } from "./aeads/exportOnly.ts";
import { Chacha20Poly1305 } from "./aeads/chacha20Poly1305.ts";
import { HkdfSha256, HkdfSha384, HkdfSha512 } from "./kdfs/hkdf.ts";
import { HkdfSha256 } from "./kdfs/hkdfSha256.ts";
import { HkdfSha384 } from "./kdfs/hkdfSha384.ts";
import { HkdfSha512 } from "./kdfs/hkdfSha512.ts";
import { RecipientContext } from "./recipientContext.ts";
import { SenderContext } from "./senderContext.ts";
import { loadSubtleCrypto } from "./webCrypto.ts";
Expand Down
36 changes: 5 additions & 31 deletions src/kdfs/hkdf.ts
Original file line number Diff line number Diff line change
@@ -1,15 +1,11 @@
import { hmac } from "npm:@noble/[email protected]/hmac";
import { sha256 } from "npm:@noble/[email protected]/sha256";
import { sha384, sha512 } from "npm:@noble/[email protected]/sha512";

import type { KdfInterface } from "../interfaces/kdfInterface.ts";

import { KdfId } from "../identifiers.ts";
import { KdfAlgorithm } from "../algorithm.ts";

import * as consts from "../consts.ts";

export class Hkdf extends KdfAlgorithm implements KdfInterface {
export class HkdfNative extends KdfAlgorithm implements KdfInterface {
public readonly id: KdfId = KdfId.HkdfSha256;
public readonly hashSize: number = 0;
protected readonly algHash: HmacKeyGenParams = {
Expand Down Expand Up @@ -58,29 +54,7 @@ export class Hkdf extends KdfAlgorithm implements KdfInterface {
salt = new ArrayBuffer(this.hashSize);
}
if (salt.byteLength !== this.hashSize) {
// Web Cryptography API supports only Nh(hashSize) length key.
// In this case, fallback to the upper-layer hmac library.
switch (this.algHash.hash) {
case "SHA-256":
return hmac(
sha256,
new Uint8Array(salt),
new Uint8Array(ikm),
);
case "SHA-384":
return hmac(
sha384,
new Uint8Array(salt),
new Uint8Array(ikm),
);
default:
// case "SHA-512":
return hmac(
sha512,
new Uint8Array(salt),
new Uint8Array(ikm),
);
}
throw new Error("The salt length must be the same as the hashSize");
}
const key = await (this._api as SubtleCrypto).importKey(
"raw",
Expand Down Expand Up @@ -188,7 +162,7 @@ export class Hkdf extends KdfAlgorithm implements KdfInterface {
}
}

export class HkdfSha256 extends Hkdf implements KdfInterface {
export class HkdfSha256Native extends HkdfNative {
public readonly id: KdfId = KdfId.HkdfSha256;
public readonly hashSize: number = 32;
protected readonly algHash: HmacKeyGenParams = {
Expand All @@ -198,7 +172,7 @@ export class HkdfSha256 extends Hkdf implements KdfInterface {
};
}

export class HkdfSha384 extends Hkdf implements KdfInterface {
export class HkdfSha384Native extends HkdfNative {
public readonly id: KdfId = KdfId.HkdfSha384;
public readonly hashSize: number = 48;
protected readonly algHash: HmacKeyGenParams = {
Expand All @@ -208,7 +182,7 @@ export class HkdfSha384 extends Hkdf implements KdfInterface {
};
}

export class HkdfSha512 extends Hkdf implements KdfInterface {
export class HkdfSha512Native extends HkdfNative {
public readonly id: KdfId = KdfId.HkdfSha512;
public readonly hashSize: number = 64;
protected readonly algHash: HmacKeyGenParams = {
Expand Down
29 changes: 29 additions & 0 deletions src/kdfs/hkdfSha256.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
import { hmac } from "npm:@noble/[email protected]/hmac";
import { sha256 } from "npm:@noble/[email protected]/sha256";

import { HkdfSha256Native } from "./hkdf.ts";

export class HkdfSha256 extends HkdfSha256Native {
public override async extract(
salt: ArrayBuffer,
ikm: ArrayBuffer,
): Promise<ArrayBuffer> {
this.checkInit();
if (salt.byteLength === 0) {
salt = new ArrayBuffer(this.hashSize);
}
if (salt.byteLength !== this.hashSize) {
return hmac(sha256, new Uint8Array(salt), new Uint8Array(ikm));
}
const key = await (this._api as SubtleCrypto).importKey(
"raw",
salt,
this.algHash,
false,
[
"sign",
],
);
return await (this._api as SubtleCrypto).sign("HMAC", key, ikm);
}
}
29 changes: 29 additions & 0 deletions src/kdfs/hkdfSha384.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
import { hmac } from "npm:@noble/[email protected]/hmac";
import { sha384 } from "npm:@noble/[email protected]/sha512";

import { HkdfSha384Native } from "./hkdf.ts";

export class HkdfSha384 extends HkdfSha384Native {
public override async extract(
salt: ArrayBuffer,
ikm: ArrayBuffer,
): Promise<ArrayBuffer> {
this.checkInit();
if (salt.byteLength === 0) {
salt = new ArrayBuffer(this.hashSize);
}
if (salt.byteLength !== this.hashSize) {
return hmac(sha384, new Uint8Array(salt), new Uint8Array(ikm));
}
const key = await (this._api as SubtleCrypto).importKey(
"raw",
salt,
this.algHash,
false,
[
"sign",
],
);
return await (this._api as SubtleCrypto).sign("HMAC", key, ikm);
}
}
29 changes: 29 additions & 0 deletions src/kdfs/hkdfSha512.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
import { hmac } from "npm:@noble/[email protected]/hmac";
import { sha512 } from "npm:@noble/[email protected]/sha512";

import { HkdfSha512Native } from "./hkdf.ts";

export class HkdfSha512 extends HkdfSha512Native {
public override async extract(
salt: ArrayBuffer,
ikm: ArrayBuffer,
): Promise<ArrayBuffer> {
this.checkInit();
if (salt.byteLength === 0) {
salt = new ArrayBuffer(this.hashSize);
}
if (salt.byteLength !== this.hashSize) {
return hmac(sha512, new Uint8Array(salt), new Uint8Array(ikm));
}
const key = await (this._api as SubtleCrypto).importKey(
"raw",
salt,
this.algHash,
false,
[
"sign",
],
);
return await (this._api as SubtleCrypto).sign("HMAC", key, ikm);
}
}
2 changes: 1 addition & 1 deletion src/kems/dhkemP256.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import { KemId } from "../identifiers.ts";
import { HkdfSha256 } from "../kdfs/hkdf.ts";
import { HkdfSha256 } from "../kdfs/hkdfSha256.ts";
import { Dhkem } from "./dhkem.ts";
import { Ec } from "./dhkemPrimitives/ec.ts";

Expand Down
2 changes: 1 addition & 1 deletion src/kems/dhkemP384.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import { KemId } from "../identifiers.ts";
import { HkdfSha384 } from "../kdfs/hkdf.ts";
import { HkdfSha384 } from "../kdfs/hkdfSha384.ts";
import { Dhkem } from "./dhkem.ts";
import { Ec } from "./dhkemPrimitives/ec.ts";

Expand Down
2 changes: 1 addition & 1 deletion src/kems/dhkemP521.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import { KemId } from "../identifiers.ts";
import { HkdfSha512 } from "../kdfs/hkdf.ts";
import { HkdfSha512 } from "../kdfs/hkdfSha512.ts";
import { Dhkem } from "./dhkem.ts";
import { Ec } from "./dhkemPrimitives/ec.ts";

Expand Down
2 changes: 1 addition & 1 deletion src/kems/dhkemX25519.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import { KemId } from "../identifiers.ts";
import { HkdfSha256 } from "../kdfs/hkdf.ts";
import { HkdfSha256 } from "../kdfs/hkdfSha256.ts";
import { Dhkem } from "./dhkem.ts";
import { X25519 } from "./dhkemPrimitives/x25519.ts";

Expand Down
2 changes: 1 addition & 1 deletion src/kems/dhkemX448.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import { KemId } from "../identifiers.ts";
import { HkdfSha512 } from "../kdfs/hkdf.ts";
import { HkdfSha512 } from "../kdfs/hkdfSha512.ts";
import { Dhkem } from "./dhkem.ts";
import { X448 } from "./dhkemPrimitives/x448.ts";

Expand Down
4 changes: 3 additions & 1 deletion test/cipherSuite.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,9 @@ import { DhkemP384HkdfSha384 } from "../src/kems/dhkemP384.ts";
import { DhkemP521HkdfSha512 } from "../src/kems/dhkemP521.ts";
import { DhkemX25519HkdfSha256 } from "../src/kems/dhkemX25519.ts";
import { DhkemX448HkdfSha512 } from "../src/kems/dhkemX448.ts";
import { HkdfSha256, HkdfSha384, HkdfSha512 } from "../src/kdfs/hkdf.ts";
import { HkdfSha256 } from "../src/kdfs/hkdfSha256.ts";
import { HkdfSha384 } from "../src/kdfs/hkdfSha384.ts";
import { HkdfSha512 } from "../src/kdfs/hkdfSha512.ts";
import { Aes128Gcm } from "../src/aeads/aesGcm.ts";

import * as errors from "../src/errors.ts";
Expand Down
2 changes: 1 addition & 1 deletion test/encryptionContext.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import { describe, it } from "testing/bdd.ts";
import { CipherSuite } from "../src/cipherSuite.ts";
import { EncryptionContext } from "../src/encryptionContext.ts";
import { AeadId, KdfId, KemId } from "../src/identifiers.ts";
import { HkdfSha256 } from "../src/kdfs/hkdf.ts";
import { HkdfSha256 } from "../src/kdfs/hkdfSha256.ts";
import { loadSubtleCrypto } from "../src/webCrypto.ts";
import { i2Osp } from "../src/utils/misc.ts";
import { ExportOnly } from "../src/aeads/exportOnly.ts";
Expand Down
4 changes: 3 additions & 1 deletion test/kdfContext.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,9 @@ import { assertEquals } from "testing/asserts.ts";

import { describe, it } from "testing/bdd.ts";

import { HkdfSha256, HkdfSha384, HkdfSha512 } from "../src/kdfs/hkdf.ts";
import { HkdfSha256 } from "../src/kdfs/hkdfSha256.ts";
import { HkdfSha384 } from "../src/kdfs/hkdfSha384.ts";
import { HkdfSha512 } from "../src/kdfs/hkdfSha512.ts";
import { AeadId, KdfId, KemId } from "../src/identifiers.ts";
import { loadCrypto, loadSubtleCrypto } from "../src/webCrypto.ts";
import { i2Osp } from "../src/utils/misc.ts";
Expand Down
2 changes: 1 addition & 1 deletion x/dhkem-secp256k1/src/dhkem-secp256k1.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import type { KemInterface } from "../../../src/interfaces/kemInterface.ts";
import { Algorithm } from "../../../src/algorithm.ts";
import { KemId } from "../../../src/identifiers.ts";
import { XCryptoKey } from "../../../src/xCryptoKey.ts";
import { HkdfSha256 } from "../../../src/kdfs/hkdf.ts";
import { HkdfSha256 } from "../../../src/kdfs/hkdfSha256.ts";
import { Dhkem } from "../../../src/kems/dhkem.ts";

import * as consts from "../../../src/consts.ts";
Expand Down

0 comments on commit e650afc

Please sign in to comment.