Merge pull request #15 from DebugSteven/develop

Create new types for keys and clear values on drop
dalek-cryptography · Jan 10, 2019 · 1dcab60 · 1dcab60
2 parents 909b44a + ad48c87
commit 1dcab60
Show file tree

Hide file tree

Showing 5 changed files with 165 additions and 110 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -20,16 +20,19 @@ exclude = [
 travis-ci = { repository = "dalek-cryptography/x25519-dalek", branch = "master"}
 
 [dependencies.curve25519-dalek]
-version = "^0.19"
+version = "1"
 default-features = false
 
 [dependencies.rand_core]
 default-features = false
 version = "0.2"
 
+[dependencies.clear_on_drop]
+version = "0.2"
+
 [dev-dependencies]
 criterion = "0.2"
-rand = "0.5"
+rand = "0.6"
 
 [[bench]]
 name = "x25519"
@@ -38,6 +41,6 @@ harness = false
 [features]
 default = ["std", "nightly", "u64_backend"]
 std = ["curve25519-dalek/std"]
-nightly = ["curve25519-dalek/nightly"]
+nightly = ["curve25519-dalek/nightly", "clear_on_drop/nightly"]
 u64_backend = ["curve25519-dalek/u64_backend"]
 u32_backend = ["curve25519-dalek/u32_backend"]
diff --git a/README.md b/README.md
@@ -25,44 +25,45 @@ up on modern public key cryptography and have learned a nifty trick called
 kittens will be able to secretly organise to find their mittens, and then spend
 the rest of the afternoon nomming some yummy pie!
 
-First, Alice uses `x25519_dalek::generate_secret()` and then
-`x25519_dalek::generate_public()` to produce her secret and public keys:
+First, Alice uses `x25519_dalek::EphemeralSecret::new()` and then
+`x25519_dalek::EphemeralPublic::from()` to produce her secret and public keys:
 
 ```rust
 extern crate x25519_dalek;
 extern crate rand;
 
-use x25519_dalek::generate_secret;
-use x25519_dalek::generate_public;
+use x25519_dalek::EphemeralPublic;
+use x25519_dalek::EphemeralSecret;
 use rand::OsRng;
 
 let mut alice_csprng = OsRng::new().unwrap();
-let     alice_secret = generate_secret(&mut alice_csprng);
-let     alice_public = generate_public(&alice_secret);
+let     alice_secret = EphemeralSecret::new(&mut alice_csprng);
+let     alice_public = EphemeralPublic::from(&alice_secret);
 ```
 
 Bob does the same:
 
 ```rust
 let mut bob_csprng = OsRng::new().unwrap();
-let     bob_secret = generate_secret(&mut bob_csprng);
-let     bob_public = generate_public(&bob_secret);
+let     bob_secret = EphemeralSecret::new(&mut bob_csprng);
+let     bob_public = EphemeralPublic::from(&bob_secret);
 ```
 
 Alice meows across the room, telling `alice_public` to Bob, and Bob
 loudly meows `bob_public` back to Alice.  Alice now computes her
 shared secret with Bob by doing:
 
 ```rust
-use x25519_dalek::diffie_hellman;
+use x25519_dalek::EphemeralPublic;
+use x25519_dalek::EphemeralSecret;
 
-let shared_secret = diffie_hellman(&alice_secret, &bob_public.as_bytes());
+let shared_secret = EphemeralSecret::diffie_hellman(alice_secret, &bob_public);
 ```
 
 Similarly, Bob computes the same shared secret by doing:
 
 ```rust
-let shared_secret = diffie_hellman(&bob_secret, &alice_public.as_bytes());
+let shared_secret = EphemeralSecret::diffie_hellman(bob_secret, &alice_public);
 ```
 
 Voilá!  Alice and Bob can now use their shared secret to encrypt their

diff --git a/benches/x25519.rs b/benches/x25519.rs
@@ -11,26 +11,28 @@
 
 #[macro_use]
 extern crate criterion;
+extern crate curve25519_dalek;
 extern crate rand;
 extern crate x25519_dalek;
 
 use criterion::Criterion;
 
+use curve25519_dalek::montgomery::MontgomeryPoint;
+
 use rand::OsRng;
 
-use x25519_dalek::generate_public;
-use x25519_dalek::generate_secret;
-use x25519_dalek::diffie_hellman;
+use x25519_dalek::EphemeralPublic;
+use x25519_dalek::EphemeralSecret;
 
 fn bench_diffie_hellman(c: &mut Criterion) {
     let mut csprng: OsRng = OsRng::new().unwrap();
-    let alice_secret: [u8; 32] = generate_secret(&mut csprng);
-    let bob_secret: [u8; 32] = generate_secret(&mut csprng);
-    let bob_public: [u8; 32] = generate_public(&bob_secret).to_bytes();
+    let bob_secret: EphemeralSecret = EphemeralSecret::new(&mut csprng);
+    let bob_public: EphemeralPublic = EphemeralPublic::from(&bob_secret);
 
     c.bench_function("diffie_hellman", move |b| {
-        b.iter(||
-               diffie_hellman(&alice_secret, &bob_public)
+        b.iter_with_setup(
+            || EphemeralSecret::new(&mut csprng),
+            |alice_secret| alice_secret.diffie_hellman(&bob_public),
         )
     });
 }

diff --git a/src/lib.rs b/src/lib.rs
@@ -32,21 +32,21 @@
 //! incantations, the kittens will be able to secretly organise to find their
 //! mittens, and then spend the rest of the afternoon nomming some yummy pie!
 //!
-//! First, Alice uses `x25519_dalek::generate_secret()` and
-//! `x25519_dalek::generate_public()` to produce her secret and public keys:
+//! First, Alice uses `x25519_dalek::EphemeralSecret::new()` and
+//! `x25519_dalek::EphemeralPublic::from()` to produce her secret and public keys:
 //!
 //! ```
 //! extern crate x25519_dalek;
 //! extern crate rand;
 //!
 //! # fn main() {
-//! use x25519_dalek::generate_secret;
-//! use x25519_dalek::generate_public;
+//! use x25519_dalek::EphemeralPublic;
+//! use x25519_dalek::EphemeralSecret;
 //! use rand::thread_rng;
 //!
 //! let mut alice_csprng = thread_rng();
-//! let     alice_secret = generate_secret(&mut alice_csprng);
-//! let     alice_public = generate_public(&alice_secret);
+//! let     alice_secret = EphemeralSecret::new(&mut alice_csprng);
+//! let     alice_public = EphemeralPublic::from(&alice_secret);
 //! # }
 //! ```
 //!
@@ -57,13 +57,13 @@
 //! # extern crate rand;
 //! #
 //! # fn main() {
-//! # use x25519_dalek::generate_secret;
-//! # use x25519_dalek::generate_public;
+//! # use x25519_dalek::EphemeralPublic;
+//! # use x25519_dalek::EphemeralSecret;
 //! # use rand::thread_rng;
 //! #
 //! let mut bob_csprng = thread_rng();
-//! let     bob_secret = generate_secret(&mut bob_csprng);
-//! let     bob_public = generate_public(&bob_secret);
+//! let     bob_secret = EphemeralSecret::new(&mut bob_csprng);
+//! let     bob_public = EphemeralPublic::from(&bob_secret);
 //! # }
 //! ```
 //!
@@ -76,21 +76,20 @@
 //! # extern crate rand;
 //! #
 //! # fn main() {
-//! # use x25519_dalek::generate_secret;
-//! # use x25519_dalek::generate_public;
+//! # use x25519_dalek::EphemeralPublic;
+//! # use x25519_dalek::EphemeralSecret;
 //! # use rand::thread_rng;
 //! #
 //! # let mut alice_csprng = thread_rng();
-//! # let     alice_secret = generate_secret(&mut alice_csprng);
-//! # let     alice_public = generate_public(&alice_secret);
+//! # let     alice_secret = EphemeralSecret::new(&mut alice_csprng);
+//! # let     alice_public = EphemeralPublic::from(&alice_secret);
 //! #
 //! # let mut bob_csprng = thread_rng();
-//! # let     bob_secret = generate_secret(&mut bob_csprng);
-//! # let     bob_public = generate_public(&bob_secret);
+//! # let     bob_secret = EphemeralSecret::new(&mut bob_csprng);
+//! # let     bob_public = EphemeralPublic::from(&bob_secret);
 //! #
-//! use x25519_dalek::diffie_hellman;
-//!
-//! let shared_secret = diffie_hellman(&alice_secret, &bob_public.as_bytes());
+//! #
+//! let shared_secret = EphemeralSecret::diffie_hellman(alice_secret, &bob_public);
 //! # }
 //! ```
 //!
@@ -101,20 +100,19 @@
 //! # extern crate rand;
 //! #
 //! # fn main() {
-//! # use x25519_dalek::diffie_hellman;
-//! # use x25519_dalek::generate_secret;
-//! # use x25519_dalek::generate_public;
+//! # use x25519_dalek::EphemeralPublic;
+//! # use x25519_dalek::EphemeralSecret;
 //! # use rand::thread_rng;
 //! #
 //! # let mut alice_csprng = thread_rng();
-//! # let     alice_secret = generate_secret(&mut alice_csprng);
-//! # let     alice_public = generate_public(&alice_secret);
+//! # let     alice_secret = EphemeralSecret::new(&mut alice_csprng);
+//! # let     alice_public = EphemeralPublic::from(&alice_secret);
 //! #
 //! # let mut bob_csprng = thread_rng();
-//! # let     bob_secret = generate_secret(&mut bob_csprng);
-//! # let     bob_public = generate_public(&bob_secret);
+//! # let     bob_secret = EphemeralSecret::new(&mut bob_csprng);
+//! # let     bob_public = EphemeralPublic::from(&bob_secret);
 //! #
-//! let shared_secret = diffie_hellman(&bob_secret, &alice_public.as_bytes());
+//! let shared_secret = EphemeralSecret::diffie_hellman(bob_secret, &alice_public);
 //! # }
 //! ```
 //!
@@ -126,6 +124,8 @@
 #![cfg_attr(feature = "bench", feature(test))]
 #![deny(missing_docs)]
 
+extern crate clear_on_drop;
+
 extern crate curve25519_dalek;
 
 extern crate rand_core;