diff options
author | Tink Team <tink-dev@google.com> | 2023-08-02 01:28:23 -0700 |
---|---|---|
committer | Copybara-Service <copybara-worker@google.com> | 2023-08-02 01:29:34 -0700 |
commit | 005fbb5e91f380602771f78a911fdae8b773d663 (patch) | |
tree | 26d41aa47b5f7a9fe4e6fba0d30b19297854e308 | |
parent | db7579df4bf3e912878c52e8162f2b551c2ec711 (diff) | |
download | tink-005fbb5e91f380602771f78a911fdae8b773d663.tar.gz |
Pass HPKE mode in HPKE createContext.
PiperOrigin-RevId: 553067158
3 files changed, 19 insertions, 5 deletions
diff --git a/java_src/src/main/java/com/google/crypto/tink/hybrid/internal/HpkeContext.java b/java_src/src/main/java/com/google/crypto/tink/hybrid/internal/HpkeContext.java index 4d5b35a2d..c1077ac3a 100644 --- a/java_src/src/main/java/com/google/crypto/tink/hybrid/internal/HpkeContext.java +++ b/java_src/src/main/java/com/google/crypto/tink/hybrid/internal/HpkeContext.java @@ -58,6 +58,7 @@ final class HpkeContext { /** Helper function factored out to facilitate unit testing. */ static HpkeContext createContext( + byte[] mode, byte[] encapsulatedKey, byte[] sharedSecret, HpkeKem kem, @@ -68,7 +69,7 @@ final class HpkeContext { byte[] suiteId = HpkeUtil.hpkeSuiteId(kem.getKemId(), kdf.getKdfId(), aead.getAeadId()); byte[] pskIdHash = kdf.labeledExtract(HpkeUtil.EMPTY_SALT, EMPTY_IKM, "psk_id_hash", suiteId); byte[] infoHash = kdf.labeledExtract(HpkeUtil.EMPTY_SALT, info, "info_hash", suiteId); - byte[] keyScheduleContext = Bytes.concat(HpkeUtil.BASE_MODE, pskIdHash, infoHash); + byte[] keyScheduleContext = Bytes.concat(mode, pskIdHash, infoHash); byte[] secret = kdf.labeledExtract(sharedSecret, EMPTY_IKM, "secret", suiteId); byte[] key = kdf.labeledExpand(secret, keyScheduleContext, "key", suiteId, aead.getKeyLength()); @@ -96,7 +97,7 @@ final class HpkeContext { kem.encapsulate(recipientPublicKey.getPublicKey().toByteArray()); byte[] encapsulatedKey = encapOutput.getEncapsulatedKey(); byte[] sharedSecret = encapOutput.getSharedSecret(); - return createContext(encapsulatedKey, sharedSecret, kem, kdf, aead, info); + return createContext(HpkeUtil.BASE_MODE, encapsulatedKey, sharedSecret, kem, kdf, aead, info); } /** @@ -119,7 +120,7 @@ final class HpkeContext { byte[] info) throws GeneralSecurityException { byte[] sharedSecret = kem.decapsulate(encapsulatedKey, recipientPrivateKey); - return createContext(encapsulatedKey, sharedSecret, kem, kdf, aead, info); + return createContext(HpkeUtil.BASE_MODE, encapsulatedKey, sharedSecret, kem, kdf, aead, info); } private static BigInteger maxSequenceNumber(int nonceLength) { diff --git a/java_src/src/main/java/com/google/crypto/tink/hybrid/internal/HpkeUtil.java b/java_src/src/main/java/com/google/crypto/tink/hybrid/internal/HpkeUtil.java index a71992409..559e445d0 100644 --- a/java_src/src/main/java/com/google/crypto/tink/hybrid/internal/HpkeUtil.java +++ b/java_src/src/main/java/com/google/crypto/tink/hybrid/internal/HpkeUtil.java @@ -30,6 +30,7 @@ import java.security.GeneralSecurityException; public final class HpkeUtil { // HPKE mode identifiers. public static final byte[] BASE_MODE = intToByteArray(1, 0x0); + public static final byte[] AUTH_MODE = intToByteArray(1, 0x2); // HPKE KEM algorithm identifiers. public static final byte[] X25519_HKDF_SHA256_KEM_ID = intToByteArray(2, 0x20); diff --git a/java_src/src/test/java/com/google/crypto/tink/hybrid/internal/HpkeContextTest.java b/java_src/src/test/java/com/google/crypto/tink/hybrid/internal/HpkeContextTest.java index 8e2d09e1f..38fe78c9a 100644 --- a/java_src/src/test/java/com/google/crypto/tink/hybrid/internal/HpkeContextTest.java +++ b/java_src/src/test/java/com/google/crypto/tink/hybrid/internal/HpkeContextTest.java @@ -104,13 +104,25 @@ public final class HpkeContextTest { HpkeContext encryptionContext = HpkeContext.createContext( - testSetup.encapsulatedKey, testSetup.sharedSecret, kem, kdf, aead, testSetup.info); + mode, + testSetup.encapsulatedKey, + testSetup.sharedSecret, + kem, + kdf, + aead, + testSetup.info); verifyContext(encryptionContext, testVector); verifyEncrypt(encryptionContext, testVector); HpkeContext decryptionContext = HpkeContext.createContext( - testSetup.encapsulatedKey, testSetup.sharedSecret, kem, kdf, aead, testSetup.info); + mode, + testSetup.encapsulatedKey, + testSetup.sharedSecret, + kem, + kdf, + aead, + testSetup.info); verifyContext(decryptionContext, testVector); verifyDecrypt(decryptionContext, testVector); } |