Skip to content

Commit

Permalink
add support for argon2id as a memory hard function in opaque (#99)
Browse files Browse the repository at this point in the history
  • Loading branch information
@aldenml
aldenml authored Mar 5, 2023
1 parent 930964b commit b50f9e9
Show file tree
Hide file tree
Showing 13 changed files with 405 additions and 88 deletions.
49 changes: 49 additions & 0 deletions bindings/js/libecc-post.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3554,6 +3554,23 @@ const ecc_opaque_ristretto255_sha512_MHF_SCRYPT = 1;
*/
Module.ecc_opaque_ristretto255_sha512_MHF_SCRYPT = ecc_opaque_ristretto255_sha512_MHF_SCRYPT;

const ecc_opaque_ristretto255_sha512_MHF_ARGON2ID = 2;
/**
* Use Argon2id(t=3,p=1,m=2^16) for the Memory Hard Function (MHF). With this
* option, the salt should always be of length ecc_opaque_ristretto255_sha512_MHF_ARGON2ID_SALTSIZE.
*
* @type {number}
*/
Module.ecc_opaque_ristretto255_sha512_MHF_ARGON2ID = ecc_opaque_ristretto255_sha512_MHF_ARGON2ID;

const ecc_opaque_ristretto255_sha512_MHF_ARGON2ID_SALTSIZE = 16;
/**
* The length of the salt when using ecc_opaque_ristretto255_sha512_MHF_ARGON2ID.
*
* @type {number}
*/
Module.ecc_opaque_ristretto255_sha512_MHF_ARGON2ID_SALTSIZE = ecc_opaque_ristretto255_sha512_MHF_ARGON2ID_SALTSIZE;

/**
* Derive a private and public key pair deterministically from a seed.
*
Expand Down Expand Up @@ -3998,6 +4015,8 @@ Module.ecc_opaque_ristretto255_sha512_CreateRegistrationResponse = (
* @param {Uint8Array} client_identity the optional encoded client identity, size:client_identity_len
* @param {number} client_identity_len the length of `client_identity`
* @param {number} mhf the memory hard function to use
* @param {Uint8Array} mhf_salt the salt to use in the memory hard function computation, size:mhf_salt_len
* @param {number} mhf_salt_len the length of `mhf_salt`
* @param {Uint8Array} nonce size:ecc_opaque_ristretto255_sha512_Nn
*/
Module.ecc_opaque_ristretto255_sha512_FinalizeRegistrationRequestWithNonce = (
Expand All @@ -4012,6 +4031,8 @@ Module.ecc_opaque_ristretto255_sha512_FinalizeRegistrationRequestWithNonce = (
client_identity,
client_identity_len,
mhf,
mhf_salt,
mhf_salt_len,
nonce,
) => {
const ptr_record = mput(record, ecc_opaque_ristretto255_sha512_REGISTRATIONRECORDSIZE);
Expand All @@ -4021,6 +4042,7 @@ Module.ecc_opaque_ristretto255_sha512_FinalizeRegistrationRequestWithNonce = (
const ptr_response = mput(response, ecc_opaque_ristretto255_sha512_REGISTRATIONRESPONSESIZE);
const ptr_server_identity = mput(server_identity, server_identity_len);
const ptr_client_identity = mput(client_identity, client_identity_len);
const ptr_mhf_salt = mput(mhf_salt, mhf_salt_len);
const ptr_nonce = mput(nonce, ecc_opaque_ristretto255_sha512_Nn);
_ecc_opaque_ristretto255_sha512_FinalizeRegistrationRequestWithNonce(
ptr_record,
Expand All @@ -4034,6 +4056,8 @@ Module.ecc_opaque_ristretto255_sha512_FinalizeRegistrationRequestWithNonce = (
ptr_client_identity,
client_identity_len,
mhf,
ptr_mhf_salt,
mhf_salt_len,
ptr_nonce,
);
mget(record, ptr_record, ecc_opaque_ristretto255_sha512_REGISTRATIONRECORDSIZE);
Expand All @@ -4045,6 +4069,7 @@ Module.ecc_opaque_ristretto255_sha512_FinalizeRegistrationRequestWithNonce = (
mfree(ptr_response, ecc_opaque_ristretto255_sha512_REGISTRATIONRESPONSESIZE);
mfree(ptr_server_identity, server_identity_len);
mfree(ptr_client_identity, client_identity_len);
mfree(ptr_mhf_salt, mhf_salt_len);
mfree(ptr_nonce, ecc_opaque_ristretto255_sha512_Nn);
}

Expand All @@ -4063,6 +4088,8 @@ Module.ecc_opaque_ristretto255_sha512_FinalizeRegistrationRequestWithNonce = (
* @param {Uint8Array} client_identity the optional encoded client identity, size:client_identity_len
* @param {number} client_identity_len the length of `client_identity`
* @param {number} mhf the memory hard function to use
* @param {Uint8Array} mhf_salt the salt to use in the memory hard function computation, size:mhf_salt_len
* @param {number} mhf_salt_len the length of `mhf_salt`
*/
Module.ecc_opaque_ristretto255_sha512_FinalizeRegistrationRequest = (
record,
Expand All @@ -4076,6 +4103,8 @@ Module.ecc_opaque_ristretto255_sha512_FinalizeRegistrationRequest = (
client_identity,
client_identity_len,
mhf,
mhf_salt,
mhf_salt_len,
) => {
const ptr_record = mput(record, ecc_opaque_ristretto255_sha512_REGISTRATIONRECORDSIZE);
const ptr_export_key = mput(export_key, ecc_opaque_ristretto255_sha512_Nh);
Expand All @@ -4084,6 +4113,7 @@ Module.ecc_opaque_ristretto255_sha512_FinalizeRegistrationRequest = (
const ptr_response = mput(response, ecc_opaque_ristretto255_sha512_REGISTRATIONRESPONSESIZE);
const ptr_server_identity = mput(server_identity, server_identity_len);
const ptr_client_identity = mput(client_identity, client_identity_len);
const ptr_mhf_salt = mput(mhf_salt, mhf_salt_len);
_ecc_opaque_ristretto255_sha512_FinalizeRegistrationRequest(
ptr_record,
ptr_export_key,
Expand All @@ -4096,6 +4126,8 @@ Module.ecc_opaque_ristretto255_sha512_FinalizeRegistrationRequest = (
ptr_client_identity,
client_identity_len,
mhf,
ptr_mhf_salt,
mhf_salt_len,
);
mget(record, ptr_record, ecc_opaque_ristretto255_sha512_REGISTRATIONRECORDSIZE);
mget(export_key, ptr_export_key, ecc_opaque_ristretto255_sha512_Nh);
Expand All @@ -4106,6 +4138,7 @@ Module.ecc_opaque_ristretto255_sha512_FinalizeRegistrationRequest = (
mfree(ptr_response, ecc_opaque_ristretto255_sha512_REGISTRATIONRESPONSESIZE);
mfree(ptr_server_identity, server_identity_len);
mfree(ptr_client_identity, client_identity_len);
mfree(ptr_mhf_salt, mhf_salt_len);
}

/**
Expand Down Expand Up @@ -4307,6 +4340,8 @@ Module.ecc_opaque_ristretto255_sha512_CreateCredentialResponse = (
* @param {Uint8Array} client_identity size:client_identity_len
* @param {number} client_identity_len the length of `client_identity`
* @param {number} mhf the memory hard function to use
* @param {Uint8Array} mhf_salt the salt to use in the memory hard function computation, size:mhf_salt_len
* @param {number} mhf_salt_len the length of `mhf_salt`
* @return {number} on success returns 0, else -1.
*/
Module.ecc_opaque_ristretto255_sha512_RecoverCredentials = (
Expand All @@ -4322,6 +4357,8 @@ Module.ecc_opaque_ristretto255_sha512_RecoverCredentials = (
client_identity,
client_identity_len,
mhf,
mhf_salt,
mhf_salt_len,
) => {
const ptr_client_private_key = mput(client_private_key, ecc_opaque_ristretto255_sha512_Nsk);
const ptr_server_public_key = mput(server_public_key, ecc_opaque_ristretto255_sha512_Npk);
Expand All @@ -4331,6 +4368,7 @@ Module.ecc_opaque_ristretto255_sha512_RecoverCredentials = (
const ptr_response = mput(response, ecc_opaque_ristretto255_sha512_CREDENTIALRESPONSESIZE);
const ptr_server_identity = mput(server_identity, server_identity_len);
const ptr_client_identity = mput(client_identity, client_identity_len);
const ptr_mhf_salt = mput(mhf_salt, mhf_salt_len);
const fun_ret = _ecc_opaque_ristretto255_sha512_RecoverCredentials(
ptr_client_private_key,
ptr_server_public_key,
Expand All @@ -4344,6 +4382,8 @@ Module.ecc_opaque_ristretto255_sha512_RecoverCredentials = (
ptr_client_identity,
client_identity_len,
mhf,
ptr_mhf_salt,
mhf_salt_len,
);
mget(client_private_key, ptr_client_private_key, ecc_opaque_ristretto255_sha512_Nsk);
mget(server_public_key, ptr_server_public_key, ecc_opaque_ristretto255_sha512_Npk);
Expand All @@ -4356,6 +4396,7 @@ Module.ecc_opaque_ristretto255_sha512_RecoverCredentials = (
mfree(ptr_response, ecc_opaque_ristretto255_sha512_CREDENTIALRESPONSESIZE);
mfree(ptr_server_identity, server_identity_len);
mfree(ptr_client_identity, client_identity_len);
mfree(ptr_mhf_salt, mhf_salt_len);
return fun_ret;
}

Expand Down Expand Up @@ -4691,6 +4732,8 @@ Module.ecc_opaque_ristretto255_sha512_ClientInit = (
* @param {number} server_identity_len the length of `server_identity`
* @param {Uint8Array} ke2 a KE2 message structure, size:ecc_opaque_ristretto255_sha512_KE2SIZE
* @param {number} mhf the memory hard function to use
* @param {Uint8Array} mhf_salt the salt to use in the memory hard function computation, size:mhf_salt_len
* @param {number} mhf_salt_len the length of `mhf_salt`
* @param {Uint8Array} context the application specific context, size:context_len
* @param {number} context_len the length of `context`
* @return {number} 0 if is able to recover credentials and authenticate with the server, else -1
Expand All @@ -4706,6 +4749,8 @@ Module.ecc_opaque_ristretto255_sha512_ClientFinish = (
server_identity_len,
ke2,
mhf,
mhf_salt,
mhf_salt_len,
context,
context_len,
) => {
Expand All @@ -4716,6 +4761,7 @@ Module.ecc_opaque_ristretto255_sha512_ClientFinish = (
const ptr_client_identity = mput(client_identity, client_identity_len);
const ptr_server_identity = mput(server_identity, server_identity_len);
const ptr_ke2 = mput(ke2, ecc_opaque_ristretto255_sha512_KE2SIZE);
const ptr_mhf_salt = mput(mhf_salt, mhf_salt_len);
const ptr_context = mput(context, context_len);
const fun_ret = _ecc_opaque_ristretto255_sha512_ClientFinish(
ptr_ke3_raw,
Expand All @@ -4728,6 +4774,8 @@ Module.ecc_opaque_ristretto255_sha512_ClientFinish = (
server_identity_len,
ptr_ke2,
mhf,
ptr_mhf_salt,
mhf_salt_len,
ptr_context,
context_len,
);
Expand All @@ -4742,6 +4790,7 @@ Module.ecc_opaque_ristretto255_sha512_ClientFinish = (
mfree(ptr_client_identity, client_identity_len);
mfree(ptr_server_identity, server_identity_len);
mfree(ptr_ke2, ecc_opaque_ristretto255_sha512_KE2SIZE);
mfree(ptr_mhf_salt, mhf_salt_len);
mfree(ptr_context, context_len);
return fun_ret;
}
Expand Down
2 changes: 1 addition & 1 deletion bindings/js/libecc.js
View file

Large diffs are not rendered by default.

12 changes: 12 additions & 0 deletions bindings/js/opaque.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,7 @@ export function opaque_CreateRegistrationResponse(
* @param {Uint8Array} server_identity the optional encoded server identity
* @param {Uint8Array} client_identity the optional encoded client identity
* @param {number} mhf the memory hard function to use
* @param {Uint8Array} mhf_salt the salt to use in the memory hard function computation
* @param {Uint8Array} nonce size:ecc_opaque_ristretto255_sha512_Nn
* @return object {record, exportKey}
*/
Expand All @@ -147,10 +148,12 @@ export function opaque_FinalizeRegistrationRequestWithNonce(
server_identity,
client_identity,
mhf,
mhf_salt,
nonce,
) {
server_identity = server_identity || new Uint8Array(0);
client_identity = client_identity || new Uint8Array(0);
mhf_salt = mhf_salt || new Uint8Array(0);

let record_raw = new Uint8Array(libecc.ecc_opaque_ristretto255_sha512_REGISTRATIONRECORDSIZE);
let export_key = new Uint8Array(64);
Expand All @@ -164,6 +167,7 @@ export function opaque_FinalizeRegistrationRequestWithNonce(
server_identity, server_identity.length,
client_identity, client_identity.length,
mhf,
mhf_salt, mhf_salt.length,
nonce,
);

Expand All @@ -183,6 +187,7 @@ export function opaque_FinalizeRegistrationRequestWithNonce(
* @param {Uint8Array} server_identity the optional encoded server identity
* @param {Uint8Array} client_identity the optional encoded client identity
* @param {number} mhf the memory hard function to use
* @param {Uint8Array} mhf_salt the salt to use in the memory hard function computation
* @return object {record, exportKey}
*/
export function opaque_FinalizeRegistrationRequest(
Expand All @@ -192,9 +197,11 @@ export function opaque_FinalizeRegistrationRequest(
server_identity,
client_identity,
mhf,
mhf_salt,
) {
server_identity = server_identity || new Uint8Array(0);
client_identity = client_identity || new Uint8Array(0);
mhf_salt = mhf_salt || new Uint8Array(0);

let record_raw = new Uint8Array(libecc.ecc_opaque_ristretto255_sha512_REGISTRATIONRECORDSIZE);
let export_key = new Uint8Array(64);
Expand All @@ -208,6 +215,7 @@ export function opaque_FinalizeRegistrationRequest(
server_identity, server_identity.length,
client_identity, client_identity.length,
mhf,
mhf_salt, mhf_salt.length,
);

return {
Expand Down Expand Up @@ -279,6 +287,7 @@ export function opaque_ClientInit(
* to server_public_key if not specified
* @param {Uint8Array} ke2_raw a KE2 message structure
* @param {number} mhf
* @param {Uint8Array} mhf_salt the salt to use in the memory hard function computation
* @param {Uint8Array} context
* @return object {ke3, sessionKey, exportKey, finishRet}
*/
Expand All @@ -288,10 +297,12 @@ export function opaque_ClientFinish(
server_identity,
ke2_raw,
mhf,
mhf_salt,
context,
) {
client_identity = client_identity || new Uint8Array(0);
server_identity = server_identity || new Uint8Array(0);
mhf_salt = mhf_salt || new Uint8Array(0);

let ke3_raw = new Uint8Array(libecc.ecc_opaque_ristretto255_sha512_KE3SIZE);
let session_key = new Uint8Array(64);
Expand All @@ -306,6 +317,7 @@ export function opaque_ClientFinish(
server_identity, server_identity.length,
ke2_raw,
mhf,
mhf_salt, mhf_salt.length,
context, context.length,
);

Expand Down
Loading

0 comments on commit b50f9e9

Please sign in to comment.