0.5.3 incompatible but better asymmetric keys id (both encryption and signing)

2024-08-19 16:45:33 +02:00 · 2024-08-19 16:45:33 +02:00 · 134f619037
commit 134f619037
parent 6431d4896a
7 changed files with 38 additions and 6 deletions
--- a/README.md
+++ b/README.md
@ -6,6 +6,12 @@ Cryptographic API works exactly the same and compiles to any platform supported

 All primitives meant to send over the network or store are `kotlinx.serialization` compatible, serializers included.

+# Important notes on upgrade
+
+Since version __0.5.*__ key identity calculation for asymmetric keys is updated
+to make it more safe for theoretic future attack on blake2b hashing. Key.id values
+are incompatible with older. Sorry for inconvenience.
+
 # Usage

 ```kotlin
--- a/build.gradle.kts
+++ b/build.gradle.kts
@ -5,7 +5,7 @@ plugins {
 }

 group = "net.sergeych"
-version = "0.4.3"
+version = "0.5.3"

 repositories {
    mavenCentral()
--- a/src/commonMain/kotlin/net/sergeych/crypto2/KeyId.kt
+++ b/src/commonMain/kotlin/net/sergeych/crypto2/KeyId.kt
@ -45,6 +45,17 @@ data class KeyId(val id: BinaryId, val kdp: PBKD.Params?=null ) {

    override fun toString() = id.toString()

-    constructor(magicNumber: KeysmagicNumber, keyData: UByteArray, kdp: PBKD.Params?=null)
-    : this(BinaryId.createFromUBytes(magicNumber.ordinal, blake2b3l(keyData)), kdp)
+    constructor(
+        magicNumber: KeysmagicNumber,
+        keyData: UByteArray,
+        kdp: PBKD.Params? = null,
+        donNotHash: Boolean = false,
+    )
+            : this(
+        BinaryId.createFromUBytes(
+            magicNumber.ordinal,
+            if (donNotHash) keyData else blake2b3l(keyData)
+        ),
+        kdp
+    )
 }
--- a/src/commonMain/kotlin/net/sergeych/crypto2/PublicKey.kt
+++ b/src/commonMain/kotlin/net/sergeych/crypto2/PublicKey.kt
@ -69,4 +69,6 @@ class PublicKey(override val keyBytes: UByteArray) : UniversalKey(), EncryptingK
        randomFill: IntRange? = null,
    ): Asymmetric.Message =
        Asymmetric.createMessage(senderKey, this, WithFill.encode(plainData, randomFill))
+
+    override val id by lazy { KeyId(magic, keyBytes, null, true) }
 }
--- a/src/commonMain/kotlin/net/sergeych/crypto2/UniversalKey.kt
+++ b/src/commonMain/kotlin/net/sergeych/crypto2/UniversalKey.kt
@ -13,7 +13,7 @@ sealed class UniversalKey: KeyInstance {
    open val magic: KeysmagicNumber = KeysmagicNumber.Unknown


-    override val id by lazy { KeyId(magic, keyBytes) }
+    override val id by lazy { KeyId(magic, keyBytes, null) }

    // Important: id can be overridden, so we use it, not magic:
    open val label by lazy { id.keymagic.label }
--- a/src/commonMain/kotlin/net/sergeych/crypto2/VerifyingPublicKey.kt
+++ b/src/commonMain/kotlin/net/sergeych/crypto2/VerifyingPublicKey.kt
@ -24,4 +24,6 @@ class VerifyingPublicKey(override val keyBytes: UByteArray) : UniversalKey(), Ve

    @Transient
    override val magic: KeysmagicNumber = KeysmagicNumber.defaultVerifying
+
+    override val id by lazy { KeyId(magic, keyBytes, null, true) }
 }
--- a/src/commonTest/kotlin/KeysTest.kt
+++ b/src/commonTest/kotlin/KeysTest.kt
@ -159,6 +159,11 @@ class KeysTest {
        val x2 = pk1.encryptMessage(plain, sk1).encoded

        assertFalse { x1 contentEquals x2 }
+
+        // public key ID should use key bytes instead
+        assertContentEquals(pk1.keyBytes, pk1.id.binaryTag.take(32).toUByteArray())
+        assertContentEquals(pk1.keyBytes, sk1.id.binaryTag.take(32).toUByteArray())
+
    }
    @Test
    fun asymmetricKeySerializationTest() = runTest {
@ -261,5 +266,11 @@ class KeysTest {
        val dk2 = unpack<VerifyingPublicKey>(s2)
        assertEquals(k, dk1)
        assertEquals(k.verifyingKey, dk2)
+
+        // id for public/shared keys should be of the key itself to increase safety.
+        // not hashed!
+        assertContentEquals(k.verifyingKey.keyBytes, dk2.id.binaryTag.take(32).toUByteArray())
+        assertContentEquals(k.verifyingKey.keyBytes, dk1.id.binaryTag.take(32).toUByteArray())
+
    }
 }