diff options
| author | Linus Färnstrand <linus@mullvad.net> | 2024-10-03 12:37:07 +0200 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2024-10-15 11:57:00 +0200 |
| commit | 8e55a5e4844a4f82e2dfadd643298729954d2dd6 (patch) | |
| tree | 4866edb31a46c6e725accf3b1e9b899a27f95180 | |
| parent | bbed3cdf8053a92629d443e967531ce5ff4f8ee8 (diff) | |
| download | mullvadvpn-8e55a5e4844a4f82e2dfadd643298729954d2dd6.tar.xz mullvadvpn-8e55a5e4844a4f82e2dfadd643298729954d2dd6.zip | |
Split out Classic McEliece code in tuncfg-server example
| -rw-r--r-- | talpid-tunnel-config-client/examples/tuncfg-server.rs | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/talpid-tunnel-config-client/examples/tuncfg-server.rs b/talpid-tunnel-config-client/examples/tuncfg-server.rs index 1c4c55d878..4ba996431c 100644 --- a/talpid-tunnel-config-client/examples/tuncfg-server.rs +++ b/talpid-tunnel-config-client/examples/tuncfg-server.rs @@ -5,7 +5,6 @@ mod proto { tonic::include_proto!("ephemeralpeer"); } -use classic_mceliece_rust::{PublicKey, CRYPTO_PUBLICKEYBYTES}; use proto::{ ephemeral_peer_server::{EphemeralPeer, EphemeralPeerServer}, EphemeralPeerRequestV1, EphemeralPeerResponseV1, PostQuantumResponseV1, @@ -45,12 +44,7 @@ impl EphemeralPeer for EphemeralPeerImpl { println!("\tKEM algorithm: {}", kem_pubkey.algorithm_name); let (ciphertext, shared_secret) = match kem_pubkey.algorithm_name.as_str() { "Classic-McEliece-460896f-round3" => { - let key_data: [u8; CRYPTO_PUBLICKEYBYTES] = - kem_pubkey.key_data.as_slice().try_into().unwrap(); - let public_key = PublicKey::from(&key_data); - let (ciphertext, shared_secret) = - classic_mceliece_rust::encapsulate_boxed(&public_key, &mut rng); - (ciphertext.as_array().to_vec(), *shared_secret.as_array()) + encapsulate_classic_mceliece(kem_pubkey.key_data.as_slice(), &mut rng) } "ML-KEM-1024" => encapsulate_ml_kem(kem_pubkey.key_data.as_slice(), &mut rng), name => panic!("Unsupported KEM algorithm: {name}"), @@ -80,6 +74,21 @@ impl EphemeralPeer for EphemeralPeerImpl { /// Generate a random shared secret and encapsulate it with the given /// public key/encapsulation key. Returns the ciphertext to return /// to the owner of the public key, along with the shared secret. +fn encapsulate_classic_mceliece<R: RngCore + CryptoRng>( + public_key: &[u8], + rng: &mut R, +) -> (Vec<u8>, [u8; 32]) { + use classic_mceliece_rust::{PublicKey, CRYPTO_PUBLICKEYBYTES}; + + let public_key_array = <[u8; CRYPTO_PUBLICKEYBYTES]>::try_from(public_key).unwrap(); + let public_key = PublicKey::from(&public_key_array); + let (ciphertext, shared_secret) = classic_mceliece_rust::encapsulate_boxed(&public_key, rng); + (ciphertext.as_array().to_vec(), *shared_secret.as_array()) +} + +/// Generate a random shared secret and encapsulate it with the given +/// public key/encapsulation key. Returns the ciphertext to return +/// to the owner of the public key, along with the shared secret. fn encapsulate_ml_kem<R: RngCore + CryptoRng>( public_key: &[u8], rng: &mut R, |