rust: add tink-prf crate

Adapted from go/prf/*.

Author: daviddrysdale

rust/Cargo.lock

@@ -1,8 +1,11 @@
 [workspace]
-members = ["daead", "testutil", "tink"]
+# members = ["daead", "mac", "prf", "testutil", "tink"]
+members = ["daead", "prf", "testutil", "tink"]
 
 # Patch dependencies on tink crates so that they refer to the versions within this same repository.
 [patch.crates-io]
 tink = { path = "tink" }
 tink-daead = { path = "daead" }
+# tink-mac = { path = "mac" }
+tink-prf = { path = "prf" }
 tink-testutil = { path = "testutil" }

rust/Cargo.toml

@@ -54,7 +54,7 @@ Go packages and the equivalent Rust crates and modules, when available.
 | `tink-daead`         | `daead` |
 |                      | `hybrid` |
 |                      | `mac` |
-|                      | `prf` |
+| `tink-prf`           | `prf` |
 |                      | `signature` |
 |                      | `streamingaead` |
 

rust/README.md

@@ -0,0 +1,23 @@
+[package]
+name = "tink-prf"
+version = "0.1.0"
+authors = ["David Drysdale <[email protected]>"]
+edition = "2018"
+
+[dependencies]
+aes = "*"
+cmac = "*"
+digest = "*"
+hkdf = "*"
+hmac = "*"
+prost = "*"
+sha-1 = "*"
+sha2 = "*"
+tink = "*"
+
+[dev-dependencies]
+hex = "*"
+maplit = "*"
+serde = { version = "*", features = ["derive"] }
+serde_json = "*"
+tink-testutil = "*"

rust/prf/Cargo.toml

@@ -0,0 +1,118 @@
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+use crate::subtle;
+use prost::Message;
+use tink::{utils::wrap_err, TinkError};
+
+/// Maximal version of AES-CMAC PRF keys.
+pub const AES_CMAC_PRF_KEY_VERSION: u32 = 0;
+/// Type URL of AES-CMAC PRF keys that Tink supports.
+pub const AES_CMAC_PRF_TYPE_URL: &str = "type.googleapis.com/google.crypto.tink.AesCmacPrfKey";
+
+/// Generates new AES-CMAC keys and produces new instances of AES-CMAC.
+pub(crate) struct AesCmacPrfKeyManager;
+
+impl AesCmacPrfKeyManager {
+    pub fn new() -> Self {
+        Self
+    }
+}
+
+impl Default for AesCmacPrfKeyManager {
+    fn default() -> Self {
+        Self::new()
+    }
+}
+
+impl tink::registry::KeyManager for AesCmacPrfKeyManager {
+    /// Create an [`AesCmacPrf`](crate::subtle::AesCmacPrf) instance for the given serialized
+    /// [`AesCmacPrfKey`](tink:;proto::AesCmacPrfKey) proto.
+    fn primitive(&self, serialized_key: &[u8]) -> Result<tink::Primitive, TinkError> {
+        if serialized_key.is_empty() {
+            return Err("AesCmacPrfKeyManager: invalid key".into());
+        }
+
+        let key = tink::proto::AesCmacPrfKey::decode(serialized_key)
+            .map_err(|_| TinkError::new("AesCmacPrfKeyManager: invalid key"))?;
+        validate_key(&key)?;
+        match subtle::AesCmacPrf::new(&key.key_value) {
+            Ok(p) => Ok(tink::Primitive::Prf(std::sync::Arc::new(p))),
+            Err(e) => Err(wrap_err(
+                "AesCmacPrfManager: cannot create new primitive",
+                e,
+            )),
+        }
+    }
+
+    /// Generate a new serialized [`AesCmacPrfKey`](tink::proto::AesCmacPrfKey) according to
+    /// specification in the given [`AesCmacPrfKeyFormat`](tink::proto::AesCmacPrfKeyFormat).
+    fn new_key(&self, serialized_key_format: &[u8]) -> Result<Vec<u8>, TinkError> {
+        if serialized_key_format.is_empty() {
+            return Err("AesCmacPrfKeyManager: invalid key format".into());
+        }
+        let key_format = tink::proto::AesCmacPrfKeyFormat::decode(serialized_key_format)
+            .map_err(|_| TinkError::new("AesCmacPrfKeyManager: invalid key format"))?;
+        validate_key_format(&key_format)
+            .map_err(|e| wrap_err("AesCmacPrfKeyManager: invalid key format", e))?;
+        let key_value = tink::subtle::random::get_random_bytes(key_format.key_size as usize);
+
+        let mut sk = Vec::new();
+        tink::proto::AesCmacPrfKey {
+            version: AES_CMAC_PRF_KEY_VERSION,
+            key_value,
+        }
+        .encode(&mut sk)
+        .map_err(|e| wrap_err("Failed to encode new key", e))?;
+        Ok(sk)
+    }
+
+    fn does_support(&self, type_url: &str) -> bool {
+        type_url == AES_CMAC_PRF_TYPE_URL
+    }
+
+    fn type_url(&self) -> String {
+        AES_CMAC_PRF_TYPE_URL.to_string()
+    }
+
+    /// Create a new [`KeyData`](tink::proto::KeyData) according to the specification in the given
+    /// serialized [`AesCmacPrfKeyFormat`](tink::proto::AesCmacPrfKeyFormat). This should be used
+    /// solely by the key management API.
+    fn new_key_data(
+        &self,
+        serialized_key_format: &[u8],
+    ) -> Result<tink::proto::KeyData, TinkError> {
+        let serialized_key = self.new_key(serialized_key_format)?;
+
+        Ok(tink::proto::KeyData {
+            type_url: AES_CMAC_PRF_TYPE_URL.to_string(),
+            value: serialized_key,
+            key_material_type: tink::proto::key_data::KeyMaterialType::Symmetric as i32,
+        })
+    }
+}
+
+/// Validate the given [`AesCmacPrfKey`](tink::proto::AesCmacPrfKey). It only validates the version
+/// of the key because other parameters will be validated in primitive construction.
+fn validate_key(key: &tink::proto::AesCmacPrfKey) -> Result<(), TinkError> {
+    tink::keyset::validate_key_version(key.version, AES_CMAC_PRF_KEY_VERSION)
+        .map_err(|e| wrap_err("AesCmacPrfKeyManager: invalid version", e))?;
+    let key_size = key.key_value.len();
+    subtle::validate_aes_cmac_prf_params(key_size)
+}
+
+/// Validate the given [`AesCmacPrfKeyFormat`](tink::proto::AesCmacPrfKeyFormat).
+fn validate_key_format(format: &tink::proto::AesCmacPrfKeyFormat) -> Result<(), TinkError> {
+    subtle::validate_aes_cmac_prf_params(format.key_size as usize)
+}

rust/prf/src/aes_cmac_prf_key_manager.rs

@@ -0,0 +1,133 @@
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+use crate::subtle;
+use prost::Message;
+use tink::{
+    utils::{hash_name, wrap_err},
+    TinkError,
+};
+
+/// Maximal version of HKDF PRF keys.
+pub const HKDF_PRF_KEY_VERSION: u32 = 0;
+/// Type URL of HKDF PRF keys that Tink supports.
+pub const HKDF_PRF_TYPE_URL: &str = "type.googleapis.com/google.crypto.tink.HkdfPrfKey";
+
+/// Generates new HKDF PRF keys and produces new instances of HKDF.
+pub(crate) struct HkdfPrfKeyManager;
+
+impl HkdfPrfKeyManager {
+    pub fn new() -> Self {
+        Self
+    }
+}
+
+impl Default for HkdfPrfKeyManager {
+    fn default() -> Self {
+        Self::new()
+    }
+}
+
+impl tink::registry::KeyManager for HkdfPrfKeyManager {
+    /// Construct an HKDF instance for the given serialized [`HkdfPrfKey`](tink::proto::HkdfPrfKey).
+    fn primitive(&self, serialized_key: &[u8]) -> Result<tink::Primitive, TinkError> {
+        if serialized_key.is_empty() {
+            return Err("HkdfPrfKeyManager: invalid key".into());
+        }
+        let key = tink::proto::HkdfPrfKey::decode(serialized_key)
+            .map_err(|_| TinkError::new("HkdfPrfKeyManager: invalid key"))?;
+        validate_key(&key)?;
+        let params = key
+            .params
+            .ok_or_else(|| TinkError::new("no key parameters"))?;
+        let hash = hash_name(params.hash);
+
+        match subtle::HkdfPrf::new(hash, &key.key_value, &params.salt) {
+            Ok(p) => Ok(tink::Primitive::Prf(std::sync::Arc::new(p))),
+            Err(e) => Err(wrap_err("HkdfPrfManager: cannot create new primitive", e)),
+        }
+    }
+
+    /// Generate a new [`HkdfPrfKey`](tink::proto::HkdfPrfKey) according to specification in the
+    /// given [`HkdfPrfKeyFormat`](tink::proto::HkdfPrfKeyFormat).
+    fn new_key(&self, serialized_key_format: &[u8]) -> Result<Vec<u8>, TinkError> {
+        if serialized_key_format.is_empty() {
+            return Err("HkdfPrfKeyManager: invalid key format".into());
+        }
+
+        let key_format = tink::proto::HkdfPrfKeyFormat::decode(serialized_key_format)
+            .map_err(|_| TinkError::new("HkdfPrfKeyManager: invalid key format"))?;
+        validate_key_format(&key_format)
+            .map_err(|e| wrap_err("HkdfPrfKeyManager: invalid key format", e))?;
+
+        let key_value = tink::subtle::random::get_random_bytes(key_format.key_size as usize);
+        let mut sk = Vec::new();
+
+        tink::proto::HkdfPrfKey {
+            version: HKDF_PRF_KEY_VERSION,
+            params: key_format.params,
+            key_value,
+        }
+        .encode(&mut sk)
+        .map_err(|e| wrap_err("Failed to encode new key", e))?;
+        Ok(sk)
+    }
+
+    fn does_support(&self, type_url: &str) -> bool {
+        type_url == HKDF_PRF_TYPE_URL
+    }
+
+    fn type_url(&self) -> String {
+        HKDF_PRF_TYPE_URL.to_string()
+    }
+
+    /// Generate a new [`KeyData`](tink::proto::KeyData) according to specification in the given
+    /// serialized [`HkdfPrfKeyFormat`](tink::proto::HkdfPrfKeyFormat). This should be used solely
+    /// by the key management API.
+    fn new_key_data(
+        &self,
+        serialized_key_format: &[u8],
+    ) -> Result<tink::proto::KeyData, TinkError> {
+        let serialized_key = self.new_key(serialized_key_format)?;
+
+        Ok(tink::proto::KeyData {
+            type_url: HKDF_PRF_TYPE_URL.to_string(),
+            value: serialized_key,
+            key_material_type: tink::proto::key_data::KeyMaterialType::Symmetric as i32,
+        })
+    }
+}
+
+/// Validate the given [`HkdfPrfKey`](tink::proto::HkdfPrfKey). It only validates the version of the
+/// key because other parameters will be validated in primitive construction.
+fn validate_key(key: &tink::proto::HkdfPrfKey) -> Result<(), TinkError> {
+    tink::keyset::validate_key_version(key.version, HKDF_PRF_KEY_VERSION)
+        .map_err(|e| wrap_err("HkdfPrfKeyManager: invalid version", e))?;
+    let key_size = key.key_value.len();
+    let hash = hash_name(key.params.as_ref().unwrap().hash);
+    subtle::validate_hkdf_prf_params(hash, key_size, &key.params.as_ref().unwrap().salt)
+}
+
+/// Validate the given [`HkdfPrfKeyFormat`](tink::proto::HkdfPrfKeyFormat).
+fn validate_key_format(format: &tink::proto::HkdfPrfKeyFormat) -> Result<(), TinkError> {
+    if format.params.is_none() {
+        return Err("null HKDF params".into());
+    }
+    let hash = hash_name(format.params.as_ref().unwrap().hash);
+    subtle::validate_hkdf_prf_params(
+        hash,
+        format.key_size as usize,
+        &format.params.as_ref().unwrap().salt,
+    )
+}