Bug 1678398 - Update HPKE to draft-07. r=mt

This patch updates HPKE to draft-07. A few other minor changes are included: - Refactor HPKE gtests for increased parameterized testing. - Replace memcpy calls with PORT_Memcpy - Serialization tweaks to make way for context Export/Import (D99277). This should not be landed without an ECH update, as fixed ECH test vectors will otherwise fail to decrypt. Differential Revision: https://phabricator.services.mozilla.com/D99276
author: Kevin Jacobs <kjacobs@mozilla.com> 2021-01-25 17:41:03 +0000
committer: Kevin Jacobs <kjacobs@mozilla.com> 2021-01-25 17:41:03 +0000
commit: ddc9d5dd387672585d52dbf326b40c9ed00ed671 (patch)
tree: 67715709441f71b7fdcb23415523ac7562c9e7f6 /gtests/common
parent: 34e04960e009510c84d419ec3edd6d31cfff1bea (diff)
download: nss-hg-ddc9d5dd387672585d52dbf326b40c9ed00ed671.tar.gz
1 files changed, 130 insertions, 120 deletions
diff --git a/gtests/common/testvectors/hpke-vectors.h b/gtests/common/testvectors/hpke-vectors.h
index dd7b417b8..afed3fea8 100644
--- a/gtests/common/testvectors/hpke-vectors.h
+++ b/gtests/common/testvectors/hpke-vectors.h
@@ -52,48 +52,37 @@ const hpke_vector kHpkeTestVectors[] = {
      static_cast<HpkeKdfId>(1),
      static_cast<HpkeAeadId>(1),
      "4f6465206f6e2061204772656369616e2055726e",
-     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a"
-     "02010104208c490e5b0c7dbe0c6d2192484d2b7a0423b3b4544f2481095a9"
-     "9dbf238fb350fa1230321008a07563949fac6232936ed6f36c4fa735930ecd"
-     "eaef6734e314aeac35a56fd0a",
-     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a"
-     "02010104205a8aa0d2476b28521588e0c704b14db82cdd4970d340d293a957"
-     "6deaee9ec1c7a1230321008756e2580c07c1d2ffcb662f5fadc6d6ff13da85"
-     "abd7adfecf984aaa102c1269",
+     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a02010104206"
+     "cee2e2755790708a2a1be22667883a5e3f9ec52810404a0d889a0ed3e28de00a123032100"
+     "950897e0d37a8bdb0f2153edf5fa580a64b399c39fbb3d014f80983352a63617",
+     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a0201010420e"
+     "caf25b8485bcf40b9f013dbb96a6230f25733b8435bba0997a1dedbc7f78806a123032100"
+     "a5912b20892e36905bac635267e2353d58f8cc7525271a2bf57b9c48d2ec2c07",
      "",
      "",
-     "8a07563949fac6232936ed6f36c4fa735930ecdeaef6734e314aeac35a56fd0a",
-     "550ee0b7ec1ea2532f2e2bac87040a4c",
-     "2b855847756795a57229559a",
+     "950897e0d37a8bdb0f2153edf5fa580a64b399c39fbb3d014f80983352a63617",
+     "e20cee1bf5392ad2d3a442e231f187ae",
+     "5d99b2f03c452f7a9441933a",
      {// Encryptions
       {"4265617574792069732074727574682c20747275746820626561757479",
        "436f756e742d30",
-       "971ba65db526758ea30ae748cd769bc8d90579b62a037816057f24ce4274"
-       "16bd47c05ed1c2446ac8e19ec9ae79"},
+       "9418f1ae06eddc43aa911032aed4a951754ee2286a786733761857f8d96a7ec8d852da9"
+       "3bc5eeab49623344aba"},
       {"4265617574792069732074727574682c20747275746820626561757479",
        "436f756e742d31",
-       "f18f1ec397667ca069b9a6ee0bebf0890cd5caa34bb9875b3600ca0142cb"
-       "a774dd35f2aafd79a02a08ca5f2806"},
+       "74d69c61899b9158bb50e95d92fbad106f612ea67c61b3c4bef65c8bf3dc18e17bf41ec"
+       "4c408688aae58358d0e"},
       {"4265617574792069732074727574682c20747275746820626561757479",
        "436f756e742d32",
-       "51a8dea350fe6e753f743ec17c956de4cbdfa35f3018fc6a12752c51d137"
-       "2c5093959f18c7253da9c953c6cfbe"}},
+       "e6602db9be05d81c4ab8fa621bc35993a7b759851075a34b3bffd257340011c70c9fa1f"
+       "5c11868a076fc3adb3b"}},
      {// Exports
-      {"436f6e746578742d30", 32,
-       "0df04ac640d34a56561419bab20a68e6b7331070208004f89c7b973f4c47"
-       "2e92"},
-      {"436f6e746578742d31", 32,
-       "723c2c8f80e6b827e72bd8e80973a801a05514afe3d4bc46e82e505dceb9"
-       "53aa"},
-      {"436f6e746578742d32", 32,
-       "38010c7d5d81093a11b55e2403a258e9a195bcf066817b332dd996b0a9bc"
-       "bc9a"},
-      {"436f6e746578742d33", 32,
-       "ebf6ab4c3186131de9b2c3c0bc3e2ad21dfcbc4efaf050cd0473f5b1535a"
-       "8b6d"},
-      {"436f6e746578742d34", 32,
-       "c4823eeb3efd2d5216b2d3b16e542bf57470dc9b9ea9af6bce85b151a358"
-       "9d90"}}},
+      {"", 32,
+       "be82c06bd83fd6edd74385de5a70859b9e03def4c7bb224a10cfae86087f8a25"},
+      {"00", 32,
+       "82cbfd3c2b2db75e2311d457e569cf12b6387eb4309bca8e77adb2f2b599fc85"},
+      {"54657374436f6e74657874", 32,
+       "c8387c1e6ec4f026c7f3577e3f29df51f46161295eec84c4f64a9174f7b64e4f"}}},
 
     // A.1. DHKEM(X25519, HKDF-SHA256), HKDF-SHA256, AES-128-GCM, PSK mode
     {1,
@@ -102,132 +91,153 @@ const hpke_vector kHpkeTestVectors[] = {
      static_cast<HpkeKdfId>(1),
      static_cast<HpkeAeadId>(1),
      "4f6465206f6e2061204772656369616e2055726e",
-     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a020"
-     "1010420e7d2b539792a48a24451303ccd0cfe77176b6cb06823c439edfd217458"
-     "a1398aa12303210008d39d3e7f9b586341b6004dafba9679d2bd9340066edb247"
-     "e3e919013efcd0f",
-     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a020"
-     "10104204b41ef269169090551fcea177ecdf622bca86d82298e21cd93119b804c"
-     "cc5eaba123032100a5c85773bed3a831e7096f7df4ff5d1d8bac48fc97bfac366"
-     "141efab91892a3a",
-     "5db3b80a81cb63ca59470c83414ef70a",
+     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a02010104204"
+     "c1feed23e15ec6a55b8457e0c0f42a3a1ab3ccc309b7cbb7ac6165fc657bd3ba123032100"
+     "f16fa9440b2cb36c855b4b82fb87e1c02ce656dd132f7a7aec739294b6912768",
+     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a02010104208"
+     "e5430f0d821407670e5e3f6eecc9f52b2cad27b15a5fad1f3d05359ae30d81ca123032100"
+     "13c789187a2dda71889e4b98dc5443624ae68f309cea91865561cfa207586e3a",
+     "0247fd33b913760fa1fa51e1892d9f307fbe65eb171e8132c2af18555a738b82",
      "456e6e796e20447572696e206172616e204d6f726961",
-     "08d39d3e7f9b586341b6004dafba9679d2bd9340066edb247e3e919013efcd0f",
-     "811e9b2d7a10f4f9d58786bf8a534ca6",
-     "b79b0c5a8c3808e238b10411",
+     "f16fa9440b2cb36c855b4b82fb87e1c02ce656dd132f7a7aec739294b6912768",
+     "70030b55bfb737d4f4355cf62302d281",
+     "746d5e6255902701c3e0b99f",
      {// Encryptions
       {"4265617574792069732074727574682c20747275746820626561757479",
        "436f756e742d30",
-       "fb68f911b4e4033d1547f646ea30c9cee987fb4b4a8c30918e5de6e96de32fc"
-       "63466f2fc05e09aeff552489741"},
+       "63f7ed3d99e625d4a7373982b5f04daf0c3dfff39cac4b38eeb9d5c225cc3183bdbc91a"
+       "053db9b195319cc8c45"},
       {"4265617574792069732074727574682c20747275746820626561757479",
        "436f756e742d31",
-       "85e7472fbb7e2341af35fb2a0795df9a85caa99a8f584056b11d452bc160470"
-       "672e297f9892ce2c5020e794ae1"},
+       "65e7160f80fdf47893a5abe1edcff46c85899f04acb97882e194ce6d4fceec2dc4cb2d3"
+       "abe5d969880722859b2"},
       {"4265617574792069732074727574682c20747275746820626561757479",
        "436f756e742d32",
-       "74229b7491102bcf94cf7633888bc48baa4e5a73cc544bfad4ff61585506fac"
-       "b44b359ade03c0b2b35c6430e4c"}},
+       "915e08e6e340fca64982e90ad93490826bfb74af8f48062212c87105dad2b7569c83688"
+       "e564ed5862592b77cdc"}},
      {// Exports
-      {"436f6e746578742d30", 32,
-       "bd292b132fae00243851451c3f3a87e9e11c3293c14d61b114b7e12e07245ffd"},
-      {"436f6e746578742d31", 32,
-       "695de26bc9336caee01cb04826f6e224f4d2108066ab17fc18f0c993dce05f24"},
-      {"436f6e746578742d32", 32,
-       "c53f26ef1bf4f5fd5469d807c418a0e103d035c76ccdbc6afb5bc42b24968f6c"},
-      {"436f6e746578742d33", 32,
-       "8cea4a595dfe3de84644ca8ea7ea9401a345f0db29bb4beebc2c471afc602ec4"},
-      {"436f6e746578742d34", 32,
-       "e6313f12f6c2054c69018f273211c54fcf2439d90173392eaa34b4caac929068"}}},
-
-    // A.2. DHKEM(X25519, HKDF-SHA256), HKDF-SHA256, ChaCha20Poly1305, Base mode
+      {"", 32,
+       "7c40ceb745e14d19fceeac6e4756c796957fe5ff28709198c3f8cbdb5d368fe1"},
+      {"00", 32,
+       "1ef0fd07bd40326f1b88f3545c92969cff202ca7186b9fd1315241f93fcc2edf"},
+      {"54657374436f6e74657874", 32,
+       "997368419db9490aa96c977cdd90bda8fd6234054d4add3d2f31aaaa2f8c1172"}}},
+    // A.2. DHKEM(X25519, HKDF-SHA256), HKDF-SHA256, ChaCha20Poly1305, Base
+    // mode
     {2,
      static_cast<HpkeModeId>(0),
      static_cast<HpkeKemId>(32),
      static_cast<HpkeKdfId>(1),
      static_cast<HpkeAeadId>(3),
      "4f6465206f6e2061204772656369616e2055726e",
-     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a020"
-     "10104205006a9a0f0138b9b5d577ed4a67c4f795aee8fc146ac63d7a4167765be"
-     "3ad7dca123032100716281787b035b2fee90455d951fa70b3db6cc92f13bedfd7"
-     "58c3487994b7020",
-     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a020"
-     "101042062139576dcbf9878ccd56262d1b28dbea897821c03370d81971513cc74"
-     "aea3ffa1230321001ae26f65041b36ad69eb392c198bfd33df1c6ff17a910cb3e"
-     "49db7506b6a4e7f",
+     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a0201010420e"
+     "fda8f0538ce6ab9f165aae26e02ad96dcb1775b248267174aeb3d140e002ee3a123032100"
+     "1440805f4e60cbd34835baf0813c3071d17def1dbd8c04e75889bb2271d7823a",
+     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a02010104201"
+     "4365bb26500e7cf263720c4ab04bd45b8e146b4f724facd1fa01d58b63975e4a123032100"
+     "26147d5c2978bccc3cc03a4f9ac607560b5d83f852be4e9024f2cb7207d4c30e",
      "",
      "",
-     "716281787b035b2fee90455d951fa70b3db6cc92f13bedfd758c3487994b7020",
-     "1d5e71e2885ddadbcc479798cc65ea74d308f2a9e99c0cc7fe480adce66b5722",
-     "8354a7fcfef97d4bbef6d24e",
+     "1440805f4e60cbd34835baf0813c3071d17def1dbd8c04e75889bb2271d7823a",
+     "a17448a542d0d6d75e3b21be0a1f68607904b4802c6b19a7e7e90976aa00a5c8",
+     "6f6b832dba944a91e5684514",
      {// Encryptions
       {"4265617574792069732074727574682c20747275746820626561757479",
        "436f756e742d30",
-       "fa4632a400962c98143e58450e75d879365359afca81a5f5b5997c6555647ec"
-       "302045a80c57d3e2c2abe7e1ced"},
+       "1b9ce69bd0e6b4242ac2dd841ef093fc9dfa9e684f81c2d1778fd3268ca5aa7d612cd87"
+       "f72acd2aeaee084dee2"},
       {"4265617574792069732074727574682c20747275746820626561757479",
        "436f756e742d31",
-       "8313fcbf760714f5a93b6864820e48dcec3ddd476ad4408ff1c1a1f7bfb8cb8"
-       "699fada4a9e59bf8086eb1c0635"},
+       "f041fb8de275b5319587269cb39190029906b9267eb5619b7bec8a5e0b3b3a0bead1696"
+       "17f2c4d45d028b1b654"},
       {"4265617574792069732074727574682c20747275746820626561757479",
        "436f756e742d32",
-       "020f2856d95b85e1def9549bf327c484d327616f1e213045f117be4c287571a"
-       "b983958f74766cbc6f8197c8d8d"}},
+       "0042c74002608a20e432ee9628e84cba76482aca29359e93d60067371be547355acca2c"
+       "271a2072b85a77a6237"}},
      {// Exports
-      {"436f6e746578742d30", 32,
-       "22bbe971392c685b55e13544cdaf976f36b89dc1dbe1296c2884971a5aa9e331"},
-      {"436f6e746578742d31", 32,
-       "5c0fa72053a2622d8999b726446db9ef743e725e2cb040afac2d83eae0d41981"},
-      {"436f6e746578742d32", 32,
-       "72b0f9999fd37ac2b948a07dadd01132587501a5a9460d596c1f7383299a2442"},
-      {"436f6e746578742d33", 32,
-       "73d2308ed5bdd63aacd236effa0db2d3a30742b6293a924d95a372e76d90486b"},
-      {"436f6e746578742d34", 32,
-       "d4f8878dbc471935e86cdee08746e53837bbb4b6013003bebb0bc1cc3e074085"}}},
-
-    // A.2. DHKEM(X25519, HKDF-SHA256), HKDF-SHA256, ChaCha20Poly1305, PSK mode
+      {"", 32,
+       "996dc6fda1dc47e687613e0e221d64a3598e1ead9585177d22f230716569c04d"},
+      {"00", 32,
+       "6d07b4e3e06ace3dc3f1b2a0826a0f896aa828769ff993c2e3829ae40325c27d"},
+      {"54657374436f6e74657874", 32,
+       "bb69068c4f7767331512d375e4ab0ca0c6c51446040096ea0ae1cc3f9a3f54bd"}}},
+    // A.2. DHKEM(X25519, HKDF-SHA256), HKDF-SHA256, ChaCha20Poly1305, PSK
+    // mode
     {3,
      static_cast<HpkeModeId>(1),
      static_cast<HpkeKemId>(32),
      static_cast<HpkeKdfId>(1),
      static_cast<HpkeAeadId>(3),
      "4f6465206f6e2061204772656369616e2055726e",
-     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a020"
-     "10104204bfdb62b95ae2a1f29f20ea49e24aa2673e0d240c6e967f668f55ed5de"
-     "e996dca123032100f4639297e3305b03d34dd5d86522ddc6ba11a608a0003670a"
-     "30734823cdd3763",
-     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a020"
-     "1010420a6ab4e1bb782d580d837843089d65ebe271a0ee9b5a951777cecf1293c"
-     "58c150a123032100c49b46ed73ecb7d3a6a3e44f54b8f00f9ab872b57dd79ded6"
-     "6d7231a14c64144",
-     "5db3b80a81cb63ca59470c83414ef70a",
+     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a0201010420d"
+     "b1c9dfba77e1e3b8687ea18af207cffca803bdd983f955376b8271ef9c78a46a123032100"
+     "8e4b29035c22b67b3a7a0f5a52f12b3ab17a9ae1f0c63b029137ba09f420224a",
+     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a02010104204"
+     "e335da3ec60e68c156586b8217de6801cb83b5a4de413645fcb112c00b2228ba123032100"
+     "94ea1227a357dfd3548aadb9ef19d9974add594871498e123390a8bcb4db5d51",
+     "0247fd33b913760fa1fa51e1892d9f307fbe65eb171e8132c2af18555a738b82",
      "456e6e796e20447572696e206172616e204d6f726961",
-     "f4639297e3305b03d34dd5d86522ddc6ba11a608a0003670a30734823cdd3763",
-     "396c06a52b39d0930594aa2c6944561cc1741f638557a12bef1c1cad349157c9",
-     "baa4ecf96b5d6d536d0d7210",
+     "8e4b29035c22b67b3a7a0f5a52f12b3ab17a9ae1f0c63b029137ba09f420224a",
+     "a603fe0f9897dc6ce042a467d6bd430a01cd679e930f1b5706ad425e4153496d",
+     "318e48afae42913a928146e6",
      {// Encryptions
       {"4265617574792069732074727574682c20747275746820626561757479",
        "436f756e742d30",
-       "f97ca72675b8199e8ffec65b4c200d901110b177b246f241b6f9716fb60b35b"
-       "32a6d452675534b591e8141468a"},
+       "c87f8158a501c7a2f31708bbdba10f9c5ad035624c3153eeb028e65b82f41f38cbe1cd9"
+       "aafb10e502d328b83c1"},
       {"4265617574792069732074727574682c20747275746820626561757479",
        "436f756e742d31",
-       "57796e2b9dd0ddf807f1a7cb5884dfc50e61468c4fd69fa03963731e51674ca"
-       "88fee94eeac3290734e1627ded6"},
+       "aef7a0b0e3a58b177dac9628439b44d1e706724e265ab3b46d791612b51637342479ad9"
+       "45607b8b54112bd8c86"},
       {"4265617574792069732074727574682c20747275746820626561757479",
        "436f756e742d32",
-       "b514150af1057151687d0036a9b4a3ad50fb186253f839d8433622baa85719e"
-       "d5d2532017a0ce7b9ca0007f276"}},
+       "c00884a5c658213bd4381d65b54d93682692fef9408a6e437a97a904267727269b242d3"
+       "d81725ad8f0c764e082"}},
      {// Exports
-      {"436f6e746578742d30", 32,
-       "735400cd9b9193daffe840f412074728ade6b1978e9ae27957aacd588dbd7c9e"},
-      {"436f6e746578742d31", 32,
-       "cf4e351e1943d171ff2d88726f18160086ecbec52a8151dba8cf5ba0737a6097"},
-      {"436f6e746578742d32", 32,
-       "8e23b44d4f23dd906d1c100580a670d171132c9786212c4ca2876a1541a84fae"},
-      {"436f6e746578742d33", 32,
-       "56252a940ece53d4013eb619b444ee1d019a08eec427ded2b6dbf24be624a4a0"},
-      {"436f6e746578742d34", 32,
-       "fc6cdca9ce8ab062401478ffd16ee1c07e2b15d7c781d4227f07c6043d937fad"}}}};
-
+      {"", 32,
+       "23c31ee2757bbecf105f74c90bf1e640b6ddc545dc8d80b1abbf2aa9dd1786ce"},
+      {"00", 32,
+       "05af7597519945fe8443f7cb84cdb651a8dd18cd7bbbd65d31095d3c69c1257e"},
+      {"54657374436f6e74657874", 32,
+       "5814619f842c7c328c9657854154e51b581c7bbd3b646bd773be67f93900a109"}}},
+    // DHKEM(X25519, HKDF-SHA256), HKDF-SHA512, ChaCha20Poly1305, Base mode
+    // Tests KEM.hash != KDF.hash.
+    {4,
+     static_cast<HpkeModeId>(0),
+     static_cast<HpkeKemId>(32),
+     static_cast<HpkeKdfId>(3),
+     static_cast<HpkeAeadId>(3),
+     "4f6465206f6e2061204772656369616e2055726e",
+     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a02010104200"
+     "6e74abcc8b65671d1ef4a6cb273662c6a3b3ff6590852bfebc7bc94887f5c4ea123032100"
+     "de2746f66f3e14a3389f570e8f8cc1de4e39a89d1cbb445fad711d7acf407e15",
+     "3067020100301406072a8648ce3d020106092b06010401da470f01044c304a02010104202"
+     "dc14b2f31b233963f0a2d9a836072f29666fdea84a5893d30254deb9183e0a9a123032100"
+     "318f92c9e96142c4ce9a06ea04f7099698ee4160044f2db585d9e2b02abd6041",
+     "",
+     "",
+     "de2746f66f3e14a3389f570e8f8cc1de4e39a89d1cbb445fad711d7acf407e15",
+     "4a54adb318d8a420506b0473815a32c2b1923a936fa7c735c8a038a38fcc80d2",
+     "9c6d83a59628e7327d19a3d8",
+     {// Encryptions
+      {"4265617574792069732074727574682c20747275746820626561757479",
+       "436f756e742d30",
+       "59cbc98df2d7640598377e3184e07c008dea1c264c72a8414028715960ab6d6909a3110"
+       "e633a23baf8b9b5e2f1"},
+      {"4265617574792069732074727574682c20747275746820626561757479",
+       "436f756e742d31",
+       "c9a4b68ea349eea9fdf499f7577c9325e9b76f24308a81ac5dfbbee3489dd41c85d7fb3"
+       "5e585859ea5c790f155"},
+      {"4265617574792069732074727574682c20747275746820626561757479",
+       "436f756e742d32",
+       "5d9f717b192b43bea1f6bd25ee63d7b88b06019132c31a4e262a4c1d4f01c7bd70d00df"
+       "0e2f858cf654ae86447"}},
+     {// Exports
+      {"", 32,
+       "97b0ac016b9dedb5f115cf6fd24b927f8e75b48a2ab6069efe7fec6a18ff4272"},
+      {"00", 32,
+       "c994b47854104e476d9e47bb15f9fb66f4879f68bc89a4cfccc259e80a30c913"},
+      {"54657374436f6e74657874", 32,
+       "9199e5beeda45397b1bbee3dd13ad1afbd2963f83d9e5ebdf1e23b6c7e012317"}}},
+};
 #endif  // hpke_vectors_h__
author	Kevin Jacobs <kjacobs@mozilla.com>	2021-01-25 17:41:03 +0000
committer	Kevin Jacobs <kjacobs@mozilla.com>	2021-01-25 17:41:03 +0000
commit	ddc9d5dd387672585d52dbf326b40c9ed00ed671 (patch)
tree	67715709441f71b7fdcb23415523ac7562c9e7f6 /gtests/common
parent	34e04960e009510c84d419ec3edd6d31cfff1bea (diff)
download	nss-hg-ddc9d5dd387672585d52dbf326b40c9ed00ed671.tar.gz