Clean up headers

Author: bifurcation

include/mls/common.h

@@ -9,10 +9,6 @@
 #include <bytes/bytes.h>
 using namespace bytes_ns;
 
-#include <hpke/digest.h>
-#include <hpke/hpke.h>
-#include <hpke/signature.h>
-
 #include <tls/tls_syntax.h>
 
 namespace mls {
@@ -44,65 +40,6 @@ operator!=(const T& lhs, const T& rhs)
   return lhs._tls_fields_w() != rhs._tls_fields_w();
 }
 
-///
-/// Cipher suites
-///
-struct CipherSuite
-{
-  enum struct ID : uint16_t
-  {
-    unknown = 0x0000,
-    X25519_AES128GCM_SHA256_Ed25519 = 0x0001,
-    P256_AES128GCM_SHA256_P256 = 0x0002,
-    X25519_CHACHA20POLY1305_SHA256_Ed25519 = 0x0003,
-    X448_AES256GCM_SHA512_Ed448 = 0x0004,
-    P521_AES256GCM_SHA512_P521 = 0x0005,
-    X448_CHACHA20POLY1305_SHA512_Ed448 = 0x0006,
-  };
-
-  CipherSuite();
-  CipherSuite(ID id_in);
-  CipherSuite(const CipherSuite& other);
-  CipherSuite(CipherSuite&& other);
-  CipherSuite& operator=(const CipherSuite& other);
-
-  ID id;
-  std::unique_ptr<hpke::HPKE> hpke;
-  std::unique_ptr<hpke::Digest> digest;
-  std::unique_ptr<hpke::Signature> sig;
-
-  bytes expand_with_label(const bytes& secret,
-                          const std::string& label,
-                          const bytes& context,
-                          size_t size) const;
-
-private:
-  void reset(ID id_in);
-};
-
-tls::istream&
-operator>>(tls::istream& str, CipherSuite& suite);
-tls::ostream&
-operator<<(tls::ostream& str, const CipherSuite& suite);
-bool
-operator==(const CipherSuite& lhs, const CipherSuite& rhs);
-bool
-operator!=(const CipherSuite& lhs, const CipherSuite& rhs);
-
-enum struct SignatureScheme : uint16_t
-{
-  unknown = 0x0000,
-  P256_SHA256 = 0x0403,
-  P521_SHA512 = 0x0603,
-  Ed25519 = 0x0807,
-  Ed448 = 0x0808,
-};
-
-SignatureScheme
-scheme_for_suite(CipherSuite::ID id);
-
-extern const std::array<CipherSuite::ID, 6> all_supported_suites;
-
 ///
 /// Error types
 ///

include/mls/credential.h

@@ -18,7 +18,6 @@ enum struct CredentialType : uint8_t
 
 // struct {
 //     opaque identity<0..2^16-1>;
-//     SignatureScheme algorithm;
 //     SignaturePublicKey public_key;
 // } BasicCredential;
 struct BasicCredential

include/mls/crypto.h

@@ -1,12 +1,67 @@
 #pragma once
 
-#include "mls/common.h"
+#include <mls/common.h>
 #include <openssl/evp.h>
 #include <tls/tls_syntax.h>
+#include <hpke/digest.h>
+#include <hpke/hpke.h>
+#include <hpke/signature.h>
+#include <hpke/random.h>
 #include <vector>
 
 namespace mls {
 
+/// Cipher suites
+struct CipherSuite
+{
+  enum struct ID : uint16_t
+  {
+    unknown = 0x0000,
+    X25519_AES128GCM_SHA256_Ed25519 = 0x0001,
+    P256_AES128GCM_SHA256_P256 = 0x0002,
+    X25519_CHACHA20POLY1305_SHA256_Ed25519 = 0x0003,
+    X448_AES256GCM_SHA512_Ed448 = 0x0004,
+    P521_AES256GCM_SHA512_P521 = 0x0005,
+    X448_CHACHA20POLY1305_SHA512_Ed448 = 0x0006,
+  };
+
+  CipherSuite();
+  CipherSuite(ID id_in);
+  CipherSuite(const CipherSuite& other);
+  CipherSuite(CipherSuite&& other);
+  CipherSuite& operator=(const CipherSuite& other);
+
+  ID id;
+  std::unique_ptr<hpke::HPKE> hpke;
+  std::unique_ptr<hpke::Digest> digest;
+  std::unique_ptr<hpke::Signature> sig;
+
+  bytes expand_with_label(const bytes& secret,
+                          const std::string& label,
+                          const bytes& context,
+                          size_t size) const;
+
+private:
+  void reset(ID id_in);
+};
+
+tls::istream&
+operator>>(tls::istream& str, CipherSuite& suite);
+
+tls::ostream&
+operator<<(tls::ostream& str, const CipherSuite& suite);
+
+bool
+operator==(const CipherSuite& lhs, const CipherSuite& rhs);
+
+bool
+operator!=(const CipherSuite& lhs, const CipherSuite& rhs);
+
+extern const std::array<CipherSuite::ID, 6> all_supported_suites;
+
+// Utilities
+using hpke::random_bytes;
+
 bool
 constant_time_eq(const bytes& lhs, const bytes& rhs);
 

src/common.cpp

@@ -10,229 +10,4 @@ seconds_since_epoch()
   return std::time(nullptr);
 }
 
-///
-/// CipherSuites and details
-///
-
-using hpke::AEAD;
-using hpke::Digest;
-using hpke::HPKE;
-using hpke::KDF;
-using hpke::KEM;
-using hpke::Signature;
-
-struct CipherAlgorithms
-{
-  KEM::ID kem_id;
-  KDF::ID kdf_id;
-  AEAD::ID aead_id;
-  Digest::ID digest_id;
-  Signature::ID sig_id;
-  SignatureScheme scheme;
-};
-
-template<CipherSuite::ID CS>
-extern const CipherAlgorithms cipher_algs;
-
-template<>
-const CipherAlgorithms
-  cipher_algs<CipherSuite::ID::X25519_AES128GCM_SHA256_Ed25519>{
-    KEM::ID::DHKEM_X25519_SHA256, KDF::ID::HKDF_SHA256,
-    AEAD::ID::AES_128_GCM,        Digest::ID::SHA256,
-    Signature::ID::Ed25519,       SignatureScheme::Ed25519,
-  };
-
-template<>
-const CipherAlgorithms cipher_algs<CipherSuite::ID::P256_AES128GCM_SHA256_P256>{
-  KEM::ID::DHKEM_P256_SHA256, KDF::ID::HKDF_SHA256,
-  AEAD::ID::AES_128_GCM,      Digest::ID::SHA256,
-  Signature::ID::P256_SHA256, SignatureScheme::P256_SHA256,
-};
-
-template<>
-const CipherAlgorithms
-  cipher_algs<CipherSuite::ID::X25519_CHACHA20POLY1305_SHA256_Ed25519>{
-    KEM::ID::DHKEM_X25519_SHA256, KDF::ID::HKDF_SHA256,
-    AEAD::ID::CHACHA20_POLY1305,  Digest::ID::SHA256,
-    Signature::ID::Ed25519,       SignatureScheme::Ed25519,
-  };
-
-template<>
-const CipherAlgorithms
-  cipher_algs<CipherSuite::ID::X448_AES256GCM_SHA512_Ed448>{
-    KEM::ID::DHKEM_X448_SHA512, KDF::ID::HKDF_SHA512, AEAD::ID::AES_256_GCM,
-    Digest::ID::SHA512,         Signature::ID::Ed448, SignatureScheme::Ed448,
-  };
-
-template<>
-const CipherAlgorithms cipher_algs<CipherSuite::ID::P521_AES256GCM_SHA512_P521>{
-  KEM::ID::DHKEM_P521_SHA512, KDF::ID::HKDF_SHA512,
-  AEAD::ID::AES_256_GCM,      Digest::ID::SHA512,
-  Signature::ID::P521_SHA512, SignatureScheme::P521_SHA512,
-};
-
-template<>
-const CipherAlgorithms
-  cipher_algs<CipherSuite::ID::X448_CHACHA20POLY1305_SHA512_Ed448>{
-    KEM::ID::DHKEM_X448_SHA512,  KDF::ID::HKDF_SHA512,
-    AEAD::ID::CHACHA20_POLY1305, Digest::ID::SHA512,
-    Signature::ID::Ed448,        SignatureScheme::Ed448,
-  };
-
-static const CipherAlgorithms&
-algs_for_suite(CipherSuite::ID id)
-{
-  switch (id) {
-    case CipherSuite::ID::X25519_AES128GCM_SHA256_Ed25519:
-      return cipher_algs<CipherSuite::ID::X25519_AES128GCM_SHA256_Ed25519>;
-
-    case CipherSuite::ID::P256_AES128GCM_SHA256_P256:
-      return cipher_algs<CipherSuite::ID::P256_AES128GCM_SHA256_P256>;
-
-    case CipherSuite::ID::X25519_CHACHA20POLY1305_SHA256_Ed25519:
-      return cipher_algs<
-        CipherSuite::ID::X25519_CHACHA20POLY1305_SHA256_Ed25519>;
-
-    case CipherSuite::ID::X448_AES256GCM_SHA512_Ed448:
-      return cipher_algs<CipherSuite::ID::X448_AES256GCM_SHA512_Ed448>;
-
-    case CipherSuite::ID::P521_AES256GCM_SHA512_P521:
-      return cipher_algs<CipherSuite::ID::P521_AES256GCM_SHA512_P521>;
-
-    case CipherSuite::ID::X448_CHACHA20POLY1305_SHA512_Ed448:
-      return cipher_algs<CipherSuite::ID::X448_CHACHA20POLY1305_SHA512_Ed448>;
-
-    default:
-      throw InvalidParameterError("Unsupported ciphersuite");
-  }
-}
-
-static std::unique_ptr<HPKE>
-hpke_for_suite(CipherSuite::ID id)
-{
-  const auto& algs = algs_for_suite(id);
-  return std::make_unique<HPKE>(algs.kem_id, algs.kdf_id, algs.aead_id);
-}
-
-static std::unique_ptr<Digest>
-digest_for_suite(CipherSuite::ID id)
-{
-  return Digest::create(algs_for_suite(id).digest_id);
-}
-
-static std::unique_ptr<Signature>
-sig_for_suite(CipherSuite::ID id)
-{
-  return Signature::create(algs_for_suite(id).sig_id);
-}
-
-SignatureScheme
-scheme_for_suite(CipherSuite::ID id)
-{
-  return algs_for_suite(id).scheme;
-}
-
-CipherSuite::CipherSuite()
-  : id(CipherSuite::ID::unknown)
-{}
-
-CipherSuite::CipherSuite(ID id_in)
-  : id(id_in)
-{
-  reset(id);
-}
-
-CipherSuite::CipherSuite(const CipherSuite& other)
-  : id(other.id)
-{
-  reset(id);
-}
-
-CipherSuite::CipherSuite(CipherSuite&& other)
-  : id(other.id)
-  , hpke(std::move(other.hpke))
-  , digest(std::move(other.digest))
-  , sig(std::move(other.sig))
-{}
-
-CipherSuite&
-CipherSuite::operator=(const CipherSuite& other)
-{
-  if (this != &other) {
-    reset(other.id);
-  }
-  return *this;
-}
-
-struct HKDFLabel
-{
-  uint16_t length;
-  bytes label;
-  bytes context;
-
-  TLS_SERIALIZABLE(length, label, context)
-  TLS_TRAITS(tls::pass, tls::vector<1>, tls::vector<4>)
-};
-
-bytes
-CipherSuite::expand_with_label(const bytes& secret,
-                               const std::string& label,
-                               const bytes& context,
-                               size_t length) const
-{
-  auto mls_label = to_bytes(std::string("mls10 ") + label);
-  auto length16 = static_cast<uint16_t>(length);
-  auto label_bytes = tls::marshal(HKDFLabel{ length16, mls_label, context });
-  return hpke->kdf->expand(secret, label_bytes, length);
-}
-
-void
-CipherSuite::reset(ID id_in)
-{
-  if (id_in == ID::unknown) {
-    return;
-  }
-
-  id = id_in;
-  hpke = hpke_for_suite(id);
-  digest = digest_for_suite(id);
-  sig = sig_for_suite(id);
-}
-
-tls::istream&
-operator>>(tls::istream& str, CipherSuite& suite)
-{
-  CipherSuite::ID id;
-  str >> id;
-  suite = CipherSuite(id);
-  return str;
-}
-
-tls::ostream&
-operator<<(tls::ostream& str, const CipherSuite& suite)
-{
-  return str << suite.id;
-}
-
-bool
-operator==(const CipherSuite& lhs, const CipherSuite& rhs)
-{
-  return lhs.id == rhs.id;
-}
-
-bool
-operator!=(const CipherSuite& lhs, const CipherSuite& rhs)
-{
-  return lhs.id != rhs.id;
-}
-
-const std::array<CipherSuite::ID, 6> all_supported_suites = {
-  CipherSuite::ID::X25519_AES128GCM_SHA256_Ed25519,
-  CipherSuite::ID::P256_AES128GCM_SHA256_P256,
-  CipherSuite::ID::X25519_CHACHA20POLY1305_SHA256_Ed25519,
-  CipherSuite::ID::X448_AES256GCM_SHA512_Ed448,
-  CipherSuite::ID::P521_AES256GCM_SHA512_P521,
-  CipherSuite::ID::X448_CHACHA20POLY1305_SHA512_Ed448,
-};
-
 } // namespace mls