refactor: applies suggestions

Author: lucasqueiroz23

lib/protocol/constants.js

@@ -34,30 +34,21 @@ const curve25519Supported = (typeof crypto.diffieHellman === 'function'
 
 const mlkemSupported = (() => {
   try {
-    if (
-      !curve25519Supported
-      || typeof crypto.encapsulate !== 'function'
-      || typeof crypto.decapsulate !== 'function'
-    )
+    if (!curve25519Supported
+        || typeof crypto.encapsulate !== 'function'
+        || typeof crypto.decapsulate !== 'function') {
       return false;
-
-    const algorithm = 'ml-kem-768';
-    const test_clientKeys = crypto.generateKeyPairSync(algorithm);
-
-    const { ciphertext, sharedKey } = crypto.encapsulate(
-      test_clientKeys.publicKey
+    }
+    const keys = crypto.generateKeyPairSync('ml-kem-768');
+    const { ciphertext } = crypto.encapsulate(
+      keys.publicKey
     );
 
-    const sharedSecret = crypto.decapsulate(
-      test_clientKeys.privateKey,
+    crypto.decapsulate(
+      keys.privateKey,
       ciphertext
     );
 
-    for (let i = 0; i < sharedSecret.length && i < sharedKey.length; i++) {
-      if (sharedSecret[i] !== sharedKey[i])
-        return false;
-    }
-
     return true;
   } catch {
     return false;

lib/protocol/kex.js

@@ -624,6 +624,7 @@ const createKeyExchange = (() => {
 
       // "H"
       const exchangeHash = hash.digest();
+
       if (!isServer) {
         bufferParser.init(this._sig, 0);
         const sigType = bufferParser.readString(true);
@@ -1594,14 +1595,6 @@ const createKeyExchange = (() => {
       this._x25519Keys = null;
       this._mlkemKeys = null;
 
-      this._curve25519KeySize = 32;
-      this._encapsulationKeySize = 1184;
-      this._decapsulationKeySize = 2400;
-      this._ciphertextSize = 1088;
-
-      this.K_PQ = null;
-      this.K_CL = null;
-
       this._S_CT2 = null; // needed for server
     }
 
@@ -1611,7 +1604,6 @@ const createKeyExchange = (() => {
 
       if (!this._mlkemKeys)
         this._mlkemKeys = generateKeyPairSync('ml-kem-768');
-
     }
 
     convertPublicKey(key) {
@@ -1630,11 +1622,11 @@ const createKeyExchange = (() => {
         // client
         const C_PK1 = this._x25519Keys.publicKey
           .export({ type: 'spki', format: 'der' })
-          .slice(-this._curve25519KeySize);
+          .slice(-32);
 
         const C_PK2 = this._mlkemKeys.publicKey
           .export({ type: 'spki', format: 'der' })
-          .slice(-this._encapsulationKeySize);
+          .slice(-1184);
 
         return Buffer.concat([C_PK2, C_PK1]);
       }
@@ -1646,7 +1638,7 @@ const createKeyExchange = (() => {
       // one that initiates the kex
       const S_PK1 = this._x25519Keys.publicKey
         .export({ type: 'spki', format: 'der' })
-        .slice(-this._curve25519KeySize);
+        .slice(-32);
 
       return Buffer.concat([this._S_CT2, S_PK1]);
     }
@@ -1664,10 +1656,12 @@ const createKeyExchange = (() => {
       asnWriter.writeByte(0x00);
       // XXX: hack to write a raw buffer without a tag -- yuck
       asnWriter._ensure(key.length);
-      key.copy(asnWriter._buf,
+      key.copy(
+        asnWriter._buf,
         asnWriter._offset,
         0,
-        key.length);
+        key.length
+      );
       asnWriter._offset += key.length;
       asnWriter.endSequence();
       asnWriter.endSequence();
@@ -1683,17 +1677,14 @@ const createKeyExchange = (() => {
           // server
           const C_PK2 = otherPublicKey.slice(
             0,
-            this._encapsulationKeySize
-          );
-          const C_PK1 = otherPublicKey.slice(
-            this._encapsulationKeySize
+            1184
           );
+          const C_PK1 = otherPublicKey.slice(1184);
 
           if (C_PK1.length !== 32) {
-            const expected = this._curve25519KeySize;
             const got = C_PK1.length;
             throw new Error(
-              `Invalid C_PK1 length: expected ${expected}, got ${got}`
+              `Invalid C_PK1 length: expected 32, got ${got}`
             );
           }
 
@@ -1708,8 +1699,6 @@ const createKeyExchange = (() => {
             }),
           });
 
-          this.K_CL = K_CL;
-
           const templateDER = this._mlkemKeys.publicKey
             .export({ type: 'spki', format: 'der' });
 
@@ -1719,12 +1708,12 @@ const createKeyExchange = (() => {
             C_PK2_DER,
             0,
             0,
-            templateDER.length - this._encapsulationKeySize
+            templateDER.length - 1184
           );
 
           C_PK2.copy(
             C_PK2_DER,
-            templateDER.length - this._encapsulationKeySize
+            templateDER.length - 1184
           );
 
           const { sharedKey: K_PQ, ciphertext: S_CT2 } = encapsulate(
@@ -1735,27 +1724,24 @@ const createKeyExchange = (() => {
             })
           );
 
-          this.K_PQ = K_PQ;
-
           this._S_CT2 = S_CT2;
-      
+
           // K = HASH(K_PQ || K_CL) from 2.4 on draft
           const K = createHash('sha256')
-          .update(K_PQ)
-          .update(K_CL)
-          .digest();
-      
+            .update(K_PQ)
+            .update(K_CL)
+            .digest();
+
           return K;
         }
         // client
-        const S_CT2 = otherPublicKey.slice(0, this._ciphertextSize);
-        const S_PK1 = otherPublicKey.slice(this._ciphertextSize);
+        const S_CT2 = otherPublicKey.slice(0, 1088);
+        const S_PK1 = otherPublicKey.slice(1088);
 
         if (S_PK1.length !== 32) {
-          const expected = this._curve25519KeySize;
           const got = S_PK1.length;
           throw new Error(
-            `Invalid S_PK1 length: expected ${expected}, got ${got}`
+            `Invalid S_PK1 length: expected 32, got ${got}`
           );
         }
 
@@ -1770,27 +1756,22 @@ const createKeyExchange = (() => {
           }),
         });
 
-        this.K_CL = K_CL;
-
         const K_PQ = decapsulate(
           this._mlkemKeys.privateKey,
           S_CT2
         );
-        this.K_PQ = K_PQ;
 
         // K = HASH(K_PQ || K_CL) from 2.4 on draft
         const K = createHash('sha256')
-        .update(K_PQ)
-        .update(K_CL)
-        .digest();
-      
-        return K;
+          .update(K_PQ)
+          .update(K_CL)
+          .digest();
 
+        return K;
 
       } catch (error) {
         return error;
       }
-
     }
   }
 

test/test-misc-client-server.js

@@ -1621,73 +1621,4 @@ if (mlkemSupported) {
       .on('error', mustCall(onError))
       .on('close', mustCall(() => { }));
   }
-
-  {
-    const { client, server } = setup_(
-      'both sides should compute same secret when using mlkem768x25519-sha256',
-      {
-        client: {
-          ...clientCfg,
-          algorithms: { kex: ['mlkem768x25519-sha256'] }
-        },
-        server: {
-          ...serverCfg,
-          algorithms: { kex: ['mlkem768x25519-sha256'] }
-        }
-      },
-    );
-
-    let clientK_PQ = null;
-    let clientK_CL = null;
-    let serverK_PQ = null;
-    let serverK_CL = null;
-
-    server.on('connection', mustCall((conn) => {
-      conn.on('handshake', mustCall((_) => {
-
-        const kex = conn._protocol._kex;
-        serverK_PQ = kex.K_PQ;
-        serverK_CL = kex.K_CL;
-
-      })).on('authentication', mustCall((ctx) => {
-        ctx.accept();
-      })).on('ready', mustCall(() => {
-
-        assert(serverK_PQ !== null, 'server did not generate K_PQ');
-        assert(serverK_CL !== null, 'server did not generate K_CL');
-
-        assert(
-          clientK_PQ.equals(serverK_PQ),
-          'K_PQ mismatch'
-        );
-        assert(
-          clientK_CL.equals(serverK_CL),
-          'K_CL mismatch'
-        );
-
-        conn.end();
-      }));
-    }));
-
-    client.on('handshake', mustCall(() => {
-
-      const kex = client._protocol._kex;
-      clientK_PQ = kex.K_PQ;
-      clientK_CL = kex.K_CL;
-
-    })).on('ready', mustCall(() => {
-
-      assert(clientK_PQ !== null, 'client did not generate K_PQ');
-      assert(clientK_CL !== null, 'client did not generate K_CL');
-      assert(
-        clientK_PQ.equals(serverK_PQ),
-        'K_PQ mismatch between client and server'
-      );
-      assert(
-        clientK_CL.equals(serverK_CL),
-        'K_CL mismatch between client and server'
-      );
-
-    }));
-  }
 }