goto-opensource
diff --git a/Diff for: ‎Cargo.toml
+2-1 b/Diff for: ‎Cargo.toml
+2-1
diff --git a/Diff for: ‎README.md
+6-6 b/Diff for: ‎README.md
+6-6
diff --git a/Diff for: ‎benches/crypto.rs
+6 b/Diff for: ‎benches/crypto.rs
+6
diff --git a/Diff for: ‎src/crypto/aead.rs
+99-149 b/Diff for: ‎src/crypto/aead.rs
+99-149
diff --git a/Diff for: ‎src/crypto/cipher_suite.rs
+1-1 b/Diff for: ‎src/crypto/cipher_suite.rs
+1-1
@@ -10,7 +10,7 @@ authors = [
   "Richard Haehne <[email protected]>",
 ]
 
-description = "pure rust implementation of SFrame draft-ietf-sframe-enc-01"
+description = "pure rust implementation of SFrame draft-ietf-sframe-enc-03"
 repository = "https://github.com/goto-opensource/sframe-rs"
 documentation = "https://docs.rs/sframe/"
 readme = "README.md"
@@ -45,6 +45,7 @@ rand = "0.8"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 strum_macros = "0.25"
+test-case = "3.1.0"
 
 [features]
 default = ["ring"]
 
@@ -8,29 +8,29 @@ Secure Frame (SFrame)
 ![maintenance](https://img.shields.io/maintenance/yes/2023)
 
 
-This library is an implementation of [draft-ietf-sframe-enc-latest](https://sframe-wg.github.io/sframe/draft-ietf-sframe-enc.html) and provides and end-to-end encryption mechanism for media frames that is suited for WebRTC conferences.
+This library is an implementation of [draft-ietf-sframe-enc-03](https://datatracker.ietf.org/doc/html/draft-ietf-sframe-enc-03) and provides and end-to-end encryption mechanism for media frames that is suited for WebRTC conferences.
 It is in it's current form a subset of the specification.
 There is an alternative implementation under [goto-opensource/secure-frame-ts](https://github.com/goto-opensource/secure-frame-ts)
 
 ## Differences from the sframe draft
 * ratcheting is not implemented
 * keyIds are used as senderIds
-* no metadata authentication 
+* no metadata authentication
 
 ## Supported crypto libraries
 Currently two crypto libraries are supported:
-- [ring](https://crates.io/crates/ring) 
+- [ring](https://crates.io/crates/ring)
     - is enabled per default with the feature `ring`
     - supports compilation to Wasm32
     - Aes-CTR mode ciphers are not supported
 - [openssl](https://crates.io/crates/openssl)
     - is enabled with the feature `openssl`
         - To build e.g. use `cargo build --features openssl --no-default-features`
     - uses rust bindings to OpenSSL.
-    - Per default the OpenSSL library is locally compiled and then statically linked. The build process requires a C compiler, `perl` (and `perl-core`), and `make`. For further options see the [openssl crate documentation](https://docs.rs/openssl/0.10.55/openssl/). 
+    - Per default the OpenSSL library is locally compiled and then statically linked. The build process requires a C compiler, `perl` (and `perl-core`), and `make`. For further options see the [openssl crate documentation](https://docs.rs/openssl/0.10.55/openssl/).
     - Compilation to Wasm32 is [not yet supported](https://github.com/sfackler/rust-openssl/issues/1016)
 
-Both cannot be enabled at the same time, thus on conflict `sframe` issues a compiler error. 
+Both cannot be enabled at the same time, thus on conflict `sframe` issues a compiler error.
 ## License
 Licensed under either of Apache License, Version 2.0 or MIT license at your option.
 
@@ -39,4 +39,4 @@ Unless you explicitly state otherwise, any contribution intentionally submitted
 ## Contribution
 Any help in form of descriptive and friendly issues or comprehensive pull requests are welcome!
 
-The Changelog of this library is generated from its commit log, there any commit message must conform with https://www.conventionalcommits.org/en/v1.0.0/. For simplicity you could make your commits with convco.
+The Changelog of this library is generated from its commit log, there any commit message must conform with https://www.conventionalcommits.org/en/v1.0.0/. For simplicity you could make your commits with convco.
@@ -108,6 +108,12 @@ fn crypto_benches(c: &mut Criterion) {
     for variant in [
         CipherSuiteVariant::AesGcm128Sha256,
         CipherSuiteVariant::AesGcm256Sha512,
+        #[cfg(feature = "openssl")]
+        CipherSuiteVariant::AesCtr128HmacSha256_80,
+        #[cfg(feature = "openssl")]
+        CipherSuiteVariant::AesCtr128HmacSha256_64,
+        #[cfg(feature = "openssl")]
+        CipherSuiteVariant::AesCtr128HmacSha256_32,
     ] {
         let mut ctx = CryptoBenches::from(variant);
         ctx.run_benches(c);
 
@@ -34,167 +34,117 @@ pub trait AeadDecrypt {
 #[cfg(test)]
 mod test {
 
-    mod aes_gcm {
-        use crate::{
-            crypto::{
-                aead::AeadEncrypt,
-                cipher_suite::{CipherSuite, CipherSuiteVariant},
-                key_expansion::KeyExpansion,
-                secret::Secret,
-            },
-            header::{Header, HeaderFields},
-        };
-        use rand::{thread_rng, Rng};
-        const KEY_MATERIAL: &str = "THIS_IS_RANDOM";
-
-        #[test]
-        fn encrypt_random_frame() {
-            let mut data = vec![0u8; 1024];
-            thread_rng().fill(data.as_mut_slice());
-            let header = Header::default();
-            let cipher_suite = CipherSuite::from(CipherSuiteVariant::AesGcm256Sha512);
-            let secret = Secret::expand_from(&cipher_suite, KEY_MATERIAL.as_bytes()).unwrap();
-
-            let _tag = cipher_suite
-                .encrypt(
-                    &mut data,
-                    &secret,
-                    &Vec::from(&header),
-                    header.frame_count(),
-                )
-                .unwrap();
-        }
+    use crate::crypto::key_derivation::KeyDerivation;
+    use crate::header::{FrameCount, KeyId};
+    use crate::test_vectors::{get_sframe_test_vector, SframeTest};
+    use crate::util::test::assert_bytes_eq;
+    use crate::{
+        crypto::{
+            aead::AeadDecrypt,
+            aead::AeadEncrypt,
+            cipher_suite::{CipherSuite, CipherSuiteVariant},
+            secret::Secret,
+        },
+        header::{Header, HeaderFields},
+    };
+
+    use test_case::test_case;
+
+    use rand::{thread_rng, Rng};
+
+    const KEY_MATERIAL: &str = "THIS_IS_RANDOM";
+
+    #[test]
+    fn encrypt_random_frame() {
+        let mut data = vec![0u8; 1024];
+        thread_rng().fill(data.as_mut_slice());
+        let header = Header::default();
+        let cipher_suite = CipherSuite::from(CipherSuiteVariant::AesGcm256Sha512);
+        let secret =
+            Secret::expand_from(&cipher_suite, KEY_MATERIAL.as_bytes(), KeyId::default()).unwrap();
+
+        let _tag = cipher_suite
+            .encrypt(
+                &mut data,
+                &secret,
+                &Vec::from(&header),
+                header.frame_count(),
+            )
+            .unwrap();
+    }
 
-        mod test_vectors {
-
-            use crate::crypto::key_expansion::KeyExpansion;
-            use crate::test_vectors::{get_test_vector, TestVector};
-
-            use crate::{
-                crypto::{
-                    aead::{AeadDecrypt, AeadEncrypt},
-                    cipher_suite::{CipherSuite, CipherSuiteVariant},
-                    secret::Secret,
-                },
-                header::{FrameCount, Header, HeaderFields, KeyId},
-                util::test::assert_bytes_eq,
-            };
-
-            fn encrypt_test_vector(variant: CipherSuiteVariant) {
-                let test_vector = get_test_vector(&variant.to_string());
-                let cipher_suite = CipherSuite::from(variant);
-
-                let secret = prepare_secret(&cipher_suite, test_vector);
-
-                for enc in &test_vector.encryptions {
-                    let mut data = test_vector.plain_text.clone();
-                    let header = Header::with_frame_count(
-                        KeyId::from(enc.key_id),
-                        FrameCount::from(enc.frame_count),
-                    );
-                    let header_buffer = Vec::from(&header);
-                    let tag = cipher_suite
-                        .encrypt(&mut data, &secret, &header_buffer, header.frame_count())
-                        .unwrap();
-                    let full_frame: Vec<u8> = header_buffer
-                        .into_iter()
-                        .chain(data.into_iter())
-                        .chain(tag.as_ref().iter().cloned())
-                        .collect();
-
-                    assert_bytes_eq(&full_frame, &enc.cipher_text);
-                }
-            }
+    #[test_case(CipherSuiteVariant::AesGcm128Sha256; "AesGcm128Sha256")]
+    #[test_case(CipherSuiteVariant::AesGcm256Sha512; "AesGcm256Sha512")]
+    #[cfg_attr(feature = "openssl", test_case(CipherSuiteVariant::AesCtr128HmacSha256_80; "AesCtr128HmacSha256_80"))]
+    #[cfg_attr(feature = "openssl", test_case(CipherSuiteVariant::AesCtr128HmacSha256_64; "AesCtr128HmacSha256_64"))]
+    #[cfg_attr(feature = "openssl", test_case(CipherSuiteVariant::AesCtr128HmacSha256_32; "AesCtr128HmacSha256_32"))]
+    fn encrypt_test_vector(variant: CipherSuiteVariant) {
+        let test_vec = get_sframe_test_vector(&variant.to_string());
+        let cipher_suite = CipherSuite::from(variant);
 
-            fn decrypt_test_vector(variant: CipherSuiteVariant) {
-                let test_vector = get_test_vector(&variant.to_string());
-                let cipher_suite = CipherSuite::from(variant);
+        let secret = prepare_secret(&cipher_suite, test_vec);
 
-                let secret = prepare_secret(&cipher_suite, test_vector);
+        let mut data_buffer = test_vec.plain_text.clone();
 
-                for enc in &test_vector.encryptions {
-                    let header = Header::with_frame_count(
-                        KeyId::from(enc.key_id),
-                        FrameCount::from(enc.frame_count),
-                    );
-                    let header_buffer = Vec::from(&header);
-                    let mut data = Vec::from(&enc.cipher_text[header.size()..]);
+        let header = Header::with_frame_count(
+            KeyId::from(test_vec.key_id),
+            FrameCount::from(test_vec.frame_count),
+        );
+        let header_buffer = Vec::from(&header);
 
-                    let decrypted = cipher_suite
-                        .decrypt(&mut data, &secret, &header_buffer, header.frame_count())
-                        .unwrap();
+        let aad_buffer = [header_buffer.as_slice(), test_vec.metadata.as_slice()].concat();
 
-                    assert_bytes_eq(decrypted, &test_vector.plain_text);
-                }
-            }
+        let tag = cipher_suite
+            .encrypt(&mut data_buffer, &secret, &aad_buffer, header.frame_count())
+            .unwrap();
 
-            fn prepare_secret(cipher_suite: &CipherSuite, test_vector: &TestVector) -> Secret {
-                if cipher_suite.is_ctr_mode() {
-                    Secret::expand_from(cipher_suite, &test_vector.key_material).unwrap()
-                } else {
-                    Secret::from_test_vector(test_vector)
-                }
-            }
+        let full_frame: Vec<u8> = header_buffer
+            .into_iter()
+            .chain(data_buffer)
+            .chain(tag.as_ref().iter().cloned())
+            .collect();
 
-            #[test]
-            fn encrypt_test_vector_aes_gcm_128_sha256() {
-                encrypt_test_vector(CipherSuiteVariant::AesGcm128Sha256);
-            }
+        assert_bytes_eq(&aad_buffer, &test_vec.aad);
+        assert_bytes_eq(&full_frame, &test_vec.cipher_text);
+    }
 
-            #[test]
-            fn should_decrypt_test_vector_aes_gcm_128_sha256() {
-                decrypt_test_vector(CipherSuiteVariant::AesGcm128Sha256);
-            }
+    #[test_case(CipherSuiteVariant::AesGcm128Sha256; "AesGcm128Sha256")]
+    #[test_case(CipherSuiteVariant::AesGcm256Sha512; "AesGcm256Sha512")]
+    #[cfg_attr(feature = "openssl", test_case(CipherSuiteVariant::AesCtr128HmacSha256_80; "AesCtr128HmacSha256_80"))]
+    #[cfg_attr(feature = "openssl", test_case(CipherSuiteVariant::AesCtr128HmacSha256_64; "AesCtr128HmacSha256_64"))]
+    #[cfg_attr(feature = "openssl", test_case(CipherSuiteVariant::AesCtr128HmacSha256_32; "AesCtr128HmacSha256_32"))]
+    fn decrypt_test_vector(variant: CipherSuiteVariant) {
+        let test_vec = get_sframe_test_vector(&variant.to_string());
+        let cipher_suite = CipherSuite::from(variant);
 
-            #[test]
-            fn encrypt_test_vectors_aes_gcm_256_sha512() {
-                encrypt_test_vector(CipherSuiteVariant::AesGcm256Sha512);
-            }
+        let secret = prepare_secret(&cipher_suite, test_vec);
+        let header = Header::with_frame_count(
+            KeyId::from(test_vec.key_id),
+            FrameCount::from(test_vec.frame_count),
+        );
+        let header_buffer = Vec::from(&header);
 
-            #[test]
-            fn should_decrypt_test_vectors_aes_gcm_256_sha512() {
-                decrypt_test_vector(CipherSuiteVariant::AesGcm256Sha512);
-            }
+        let aad_buffer = [header_buffer.as_slice(), test_vec.metadata.as_slice()].concat();
+        assert_bytes_eq(&aad_buffer, &test_vec.aad);
+
+        let mut data = Vec::from(&test_vec.cipher_text[header.size()..]);
+
+        let decrypted = cipher_suite
+            .decrypt(&mut data, &secret, &aad_buffer, header.frame_count())
+            .unwrap();
+
+        assert_bytes_eq(decrypted, &test_vec.plain_text);
+    }
 
-            #[cfg(feature = "openssl")]
-            mod aes_ctr {
-                use crate::CipherSuiteVariant;
-
-                use super::{decrypt_test_vector, encrypt_test_vector};
-
-                #[test]
-                fn should_encrypt_test_vectors_aes_ctr_64_hmac_sha256_64() {
-                    encrypt_test_vector(CipherSuiteVariant::AesCtr128HmacSha256_64);
-                }
-
-                #[test]
-                fn should_decrypt_test_vectors_aes_ctr_64_hmac_sha256_64() {
-                    decrypt_test_vector(CipherSuiteVariant::AesCtr128HmacSha256_64);
-                }
-
-                #[test]
-                fn should_encrypt_test_vectors_aes_ctr_64_hmac_sha256_32() {
-                    encrypt_test_vector(CipherSuiteVariant::AesCtr128HmacSha256_32);
-                }
-
-                #[test]
-                fn should_decrypt_test_vectors_aes_ctr_64_hmac_sha256_32() {
-                    decrypt_test_vector(CipherSuiteVariant::AesCtr128HmacSha256_32);
-                }
-
-                #[test]
-                // AesCtr128HmacSha256_80 is not available in the test vectors
-                #[ignore]
-                fn should_encrypt_test_vectors_aes_ctr_64_hmac_sha256_80() {
-                    encrypt_test_vector(CipherSuiteVariant::AesCtr128HmacSha256_32);
-                }
-
-                #[test]
-                // AesCtr128HmacSha256_80 is not available in the test vectors
-                #[ignore]
-                fn should_decrypt_test_vectors_aes_ctr_64_hmac_sha256_80() {
-                    decrypt_test_vector(CipherSuiteVariant::AesCtr128HmacSha256_32);
-                }
+    fn prepare_secret(cipher_suite: &CipherSuite, test_vec: &SframeTest) -> Secret {
+        if cipher_suite.is_ctr_mode() {
+            // the test vectors do not provide the auth key, so we have to expand here
+            Secret::expand_from(cipher_suite, &test_vec.key_material, test_vec.key_id).unwrap()
+        } else {
+            Secret {
+                key: test_vec.sframe_key.clone(),
+                salt: test_vec.sframe_salt.clone(),
+                auth: None,
             }
         }
     }
 
@@ -3,7 +3,7 @@
 
 /// Depicts which AEAD algorithm is used for encryption
 /// and which hashing function is used for the key expansion,
-/// see [sframe draft 00 4.4](https://datatracker.ietf.org/doc/html/draft-ietf-sframe-enc-01#name-ciphersuites)
+/// see [sframe draft 03 4.4](https://datatracker.ietf.org/doc/html/draft-ietf-sframe-enc-03#name-cipher-suites)
 #[derive(Debug, PartialEq, Eq, Clone, Copy)]
 #[cfg_attr(test, derive(strum_macros::Display))]
 pub enum CipherSuiteVariant {