Enforce ChaChaPoly tag size in Request and Response types

eclipse-heimlig · Aug 28, 2023 · e62f76c · e62f76c
1 parent 5393b28
commit e62f76c
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 9 deletions.
diff --git a/heimlig/src/common/jobs.rs b/heimlig/src/common/jobs.rs
@@ -1,6 +1,8 @@
 use crate::hsm::keystore;
 use crate::hsm::keystore::Id;
 
+use crate::crypto::chacha20poly1305::TAG_SIZE;
+
 #[derive(Clone, Eq, PartialEq, Debug)]
 pub enum Error {
     /// The amount of requested data was too large.
@@ -26,21 +28,21 @@ pub enum Request<'a> {
         nonce: &'a [u8],
         aad: Option<&'a [u8]>,
         plaintext: &'a mut [u8],
-        tag: &'a mut [u8],
+        tag: &'a mut [u8; TAG_SIZE],
     },
     EncryptChaChaPolyExternalKey {
         key: &'a [u8],
         nonce: &'a [u8],
         aad: Option<&'a [u8]>,
         plaintext: &'a mut [u8],
-        tag: &'a mut [u8],
+        tag: &'a mut [u8; TAG_SIZE],
     },
     DecryptChaChaPoly {
         key_id: Id,
         nonce: &'a [u8],
         aad: Option<&'a [u8]>,
         ciphertext: &'a mut [u8],
-        tag: &'a [u8],
+        tag: &'a [u8; TAG_SIZE],
     },
     DecryptChaChaPolyExternalKey {
         key: &'a [u8],
@@ -61,7 +63,7 @@ pub enum Response<'a> {
     },
     EncryptChaChaPoly {
         ciphertext: &'a mut [u8],
-        tag: &'a mut [u8],
+        tag: &'a mut [u8; TAG_SIZE],
     },
     DecryptChaChaPoly {
         plaintext: &'a mut [u8],

diff --git a/heimlig/src/hsm/scheduler/tests.rs b/heimlig/src/hsm/scheduler/tests.rs
@@ -87,9 +87,11 @@ fn get_random_request_too_large() {
 
 const PLAINTEXT_SIZE: usize = 36;
 const AAD_SIZE: usize = 33;
-const TAG_SIZE: usize = 16;
+const TAG_SIZE: usize = crate::crypto::chacha20poly1305::TAG_SIZE;
 
-fn alloc_chachapoly_vars(buffer: &mut [u8]) -> (&[u8], &[u8], &[u8], &mut [u8], &mut [u8]) {
+fn alloc_chachapoly_vars(
+    buffer: &mut [u8],
+) -> (&[u8], &[u8], &[u8], &mut [u8], &mut [u8; TAG_SIZE]) {
     const KEY: &[u8; KEY_SIZE] = b"Fortuna Major or Oddsbodikins???";
     const NONCE: &[u8; NONCE_SIZE] = &[1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12];
     const PLAINTEXT: &[u8; PLAINTEXT_SIZE] = b"I solemnly swear I am up to no good!";
@@ -103,7 +105,7 @@ fn alloc_chachapoly_vars(buffer: &mut [u8]) -> (&[u8], &[u8], &[u8], &mut [u8],
     let (plaintext, buffer) = buffer.split_at_mut(PLAINTEXT.len());
     plaintext.copy_from_slice(PLAINTEXT);
     let (tag, _buffer) = buffer.split_at_mut(TAG_SIZE);
-    (key, nonce, aad, plaintext, tag)
+    (key, nonce, aad, plaintext, tag.try_into().unwrap())
 }
 
 #[test]

diff --git a/heimlig/src/hsm/workers/chachapoly_worker.rs b/heimlig/src/hsm/workers/chachapoly_worker.rs
@@ -9,7 +9,7 @@ impl ChachaPolyWorker {
         nonce: &[u8],
         aad: Option<&[u8]>,
         ciphertext: &'a mut [u8],
-        tag: &'a mut [u8],
+        tag: &'a mut [u8; crate::crypto::chacha20poly1305::TAG_SIZE],
     ) -> Response<'a> {
         self.encrypt(key, nonce, aad, ciphertext, tag)
     }
@@ -20,7 +20,7 @@ impl ChachaPolyWorker {
         nonce: &[u8],
         aad: Option<&[u8]>,
         ciphertext: &'a mut [u8],
-        tag: &'a mut [u8],
+        tag: &'a mut [u8; crate::crypto::chacha20poly1305::TAG_SIZE],
     ) -> Response<'a> {
         match crate::crypto::chacha20poly1305::encrypt_in_place_detached(
             key,