cmd/client/audio.go | 2 +- cmd/client/gui.go | 2 +- cmd/client/main.go | 6 +++--- cmd/client/stats.go | 2 +- cmd/keygen/main.go | 4 ++-- cmd/server/main.go | 6 +++--- cmd/server/peer.go | 2 +- cmd/server/room.go | 2 +- cmd/vad/main.go | 2 +- doc/PQHS | 44 +++++++++++++++++++++++++------------------- doc/Protocol | 4 +--- go.mod | 2 +- internal/var.go | 2 +- internal/version.go | 2 +- pqhs/client.go | 8 ++++---- pqhs/const.go | 12 +++++++----- pqhs/hs_test.go | 2 +- pqhs/key.go | 2 +- pqhs/mceliece6960119/fft.go | 2 +- pqhs/mceliece6960119/internal/fft_const.go | 4 ++-- pqhs/mceliece6960119/internal/powers.go | 4 ++-- pqhs/mceliece6960119/mceliece.go | 4 ++-- pqhs/mceliece6960119/pk_gen.go | 2 +- pqhs/server.go | 8 ++++---- pqhs/sntrup761/kem/ntruprime/sntrup761/ntruprime.go | 8 ++++---- pqhs/sntrup761/pke/ntruprime/kem/kem.go | 2 +- pqhs/sntrup761/pke/ntruprime/kem/schemes/sntrup/schemes.go | 4 ++-- pqhs/state.go | 10 +++++++--- diff --git a/cmd/client/audio.go b/cmd/client/audio.go index 57b3a9c03643a5764a1180b8f6519ad6d9fdcc037314c4738fff119836902589..d77c712a197017d6686b288f95106feeaad5f6b0de01f443abe77fcf3e7af693 100644 --- a/cmd/client/audio.go +++ b/cmd/client/audio.go @@ -19,7 +19,7 @@ import ( "log" "go.stargrave.org/opus/v2" - vors "go.stargrave.org/vors/v5/internal" + vors "go.stargrave.org/vors/v6/internal" ) func newOpusEnc() *opus.Encoder { diff --git a/cmd/client/gui.go b/cmd/client/gui.go index cc7a25330c46b3ea44e2be0f6fa6454d2f9cd3f0756ea60defccbaee6d89b608..e70216db87095577becdb89071739050a1909c56f11e2f18230955461c2b3de1 100644 --- a/cmd/client/gui.go +++ b/cmd/client/gui.go @@ -21,7 +21,7 @@ "log" "sort" "github.com/jroimartin/gocui" - vors "go.stargrave.org/vors/v5/internal" + vors "go.stargrave.org/vors/v6/internal" ) var ( diff --git a/cmd/client/main.go b/cmd/client/main.go index 56ca2406f321393d99d04ae998b135bf21ab0f067ac2d659febdffd5acbe05b1..0844a6503826e3afe3a7c0a09bf47267394a881ccfbd6e5f2ab1a73040fbeb63 100644 --- a/cmd/client/main.go +++ b/cmd/client/main.go @@ -37,8 +37,8 @@ "github.com/aead/chacha20" "github.com/dchest/siphash" "github.com/jroimartin/gocui" "go.stargrave.org/opus/v2" - vors "go.stargrave.org/vors/v5/internal" - "go.stargrave.org/vors/v5/pqhs" + vors "go.stargrave.org/vors/v6/internal" + "go.stargrave.org/vors/v6/pqhs" "golang.org/x/crypto/chacha20poly1305" ) @@ -209,7 +209,7 @@ } var txKey, rxKey, keyCiphOur, keyMACOur []byte var txAEAD, rxAEAD cipher.AEAD - keys := hs.Binding(3*chacha20poly1305.KeySize + vors.SipHash24KeySize) + keys := hs.Keymat(3*chacha20poly1305.KeySize + vors.SipHash24KeySize) txKey, keys = keys[:chacha20poly1305.KeySize], keys[chacha20poly1305.KeySize:] rxKey, keys = keys[:chacha20poly1305.KeySize], keys[chacha20poly1305.KeySize:] keyCiphOur, keyMACOur = keys[:vors.ChaCha20KeySize], keys[vors.ChaCha20KeySize:] diff --git a/cmd/client/stats.go b/cmd/client/stats.go index cba958a6889447f4827fed3f539b1bc1b4019e589bc112d0bdcd66393bcf474b..44786d81a65c265d62970a01dac726759f455a27f06d716eb191c9bf74c538c0 100644 --- a/cmd/client/stats.go +++ b/cmd/client/stats.go @@ -24,7 +24,7 @@ "time" "github.com/dustin/go-humanize" "github.com/jroimartin/gocui" - vors "go.stargrave.org/vors/v5/internal" + vors "go.stargrave.org/vors/v6/internal" ) type Stats struct { diff --git a/cmd/keygen/main.go b/cmd/keygen/main.go index ea611f01a977c9dd5c8d5c6a89491836ca6d9dd11944b14100ed5525ab4c579c..ef98a95f6458ed2f6bd7e79b696dfd148ccb8b40da7c31983e63f66c03d45c25 100644 --- a/cmd/keygen/main.go +++ b/cmd/keygen/main.go @@ -8,8 +8,8 @@ "io" "log" "os" - vors "go.stargrave.org/vors/v5/internal" - "go.stargrave.org/vors/v5/pqhs" + vors "go.stargrave.org/vors/v6/internal" + "go.stargrave.org/vors/v6/pqhs" ) func usage() { diff --git a/cmd/server/main.go b/cmd/server/main.go index 2087dd5a397d2ddaac01220fd14835837ca6615927beb011d1e434c8f0b97571..ac4cbb8ef01a515308bcfc104e82f2192f63dbb55eaa811f5c6084adc95172fe 100644 --- a/cmd/server/main.go +++ b/cmd/server/main.go @@ -33,8 +33,8 @@ "time" "github.com/dchest/siphash" "github.com/jroimartin/gocui" - vors "go.stargrave.org/vors/v5/internal" - "go.stargrave.org/vors/v5/pqhs" + vors "go.stargrave.org/vors/v6/internal" + "go.stargrave.org/vors/v6/pqhs" "golang.org/x/crypto/chacha20poly1305" ) @@ -94,7 +94,7 @@ alive: make(chan struct{}), } { var rxKey, txKey []byte - keys := hs.Binding(3*chacha20poly1305.KeySize + vors.SipHash24KeySize) + keys := hs.Keymat(3*chacha20poly1305.KeySize + vors.SipHash24KeySize) rxKey, keys = keys[:chacha20poly1305.KeySize], keys[chacha20poly1305.KeySize:] txKey, peer.key = keys[:chacha20poly1305.KeySize], keys[chacha20poly1305.KeySize:] peer.mac = siphash.New(peer.key[vors.ChaCha20KeySize:]) diff --git a/cmd/server/peer.go b/cmd/server/peer.go index dbb554231cde2fb0bbf4e87b8dfbf721170680d0971329aeef29fcead51b2778..d37ed55474bfcf392b8360f3b0a09125b3f88d864277e45effb0d7b69db5f2e3 100644 --- a/cmd/server/peer.go +++ b/cmd/server/peer.go @@ -8,7 +8,7 @@ "net" "sync" "time" - vors "go.stargrave.org/vors/v5/internal" + vors "go.stargrave.org/vors/v6/internal" ) var ( diff --git a/cmd/server/room.go b/cmd/server/room.go index f55e596a1181fd9e476d1feb710cfb3597c44b2d545fba95d99b4618c241f8ce..4ec1132d1186bc4d6a7bf0b4b29875be5baed6979f5b6a5704b2e292a3d9676c 100644 --- a/cmd/server/room.go +++ b/cmd/server/room.go @@ -8,7 +8,7 @@ "sync" "time" "github.com/dustin/go-humanize" - vors "go.stargrave.org/vors/v5/internal" + vors "go.stargrave.org/vors/v6/internal" ) var ( diff --git a/cmd/vad/main.go b/cmd/vad/main.go index b1ae1461e5e766c916b9a407d145325a48e38e35f154ecd67657fa33379c1a47..c1c29cf2cdc75a9e0dc2f3509a8e6ccc80586c4c1122ed8b336b1e0beb9b9fa6 100644 --- a/cmd/vad/main.go +++ b/cmd/vad/main.go @@ -23,7 +23,7 @@ "log" "os" "strconv" - vors "go.stargrave.org/vors/v5/internal" + vors "go.stargrave.org/vors/v6/internal" ) func usage() { diff --git a/doc/PQHS b/doc/PQHS index 128147cdf0f84a7f57bc39ee934623b0634bedd045c7e6f9e27bd79cfe3ab5f6..245de87cc19394dae201c19b78bc7e20da6c3908cb736ca2bed573ba9b6990d6 100644 --- a/doc/PQHS +++ b/doc/PQHS @@ -1,51 +1,57 @@ Server has a long-term static Classic McEliece 6960-119 and X25519 keypairs. They are transferred to client outside the connection. +hash = SHAKE256 + Client: * has: serverStaticPubMcEliece, serverStaticPubX25519 * clientEphPrvX25519, clientEphPubX25519 = Generate() * ctMcElice, ssMcEliece = Encapsulate(serverStaticPubMcEliece) - * H = SHAKE256("VoRS v5") - * H = SHAKE256(H || serverStaticPubMcEliece || serverStaticPubX25519) - * H = SHAKE256(H || ctMcElice) - * CK = HKDF-Extract(SHAKE256, ikm=ssMcEliece, salt="") - * k = HKDF-Expand(SHAKE256, prk=CK, info="VoRS v5 client x25519") + * H = hash("VoRS v6") + * H = hash(H || serverStaticPubMcEliece || serverStaticPubX25519) + * H = hash(H || ctMcElice) + * CK = HKDF-Expand(prk=HKDF-Extract(salt="", ikm=ssMcEliece), + info="VoRS v6 ck") + * k = HKDF-Expand(prk=CK, info="VoRS v6 client x25519") * ctX25519 = ChaCha20-Poly1305(k, nonce=0, ad=H, pt=clientEphPubX25519) - * H = SHAKE256(H || ctX25519) + * H = hash(H || ctX25519) * ssX25519 = X25519(clientEphPrvX25519, serverStaticPubX25519) - * CK = HKDF-Extract(SHAKE256, ikm=ssX25519, salt=CK) + * CK = HKDF-Expand(prk=HKDF-Extract(salt=CK, ikm=ssX25519), + info="VoRS v6 ck") * sends: ctMcElice || ctX25519 Server: * ... * serverEphPrvX25519, serverEphPubX25519 = Generate() - * k = HKDF-Expand(SHAKE256, prk=CK, info="VoRS v5 server x25519") + * k = HKDF-Expand(prk=CK, info="VoRS v6 server x25519") * ctX25519 = ChaCha20-Poly1305(k, nonce=0, ad=H, pt=serverEphPubX25519) - * H = SHAKE256(H || ctX25519) + * H = hash(H || ctX25519) * ssX25519 = X25519(serverEphPrvX25519, clientEphPubX25519) - * CK = HKDF-Extract(SHAKE256, ikm=ssX25519, salt=CK) + * CK = HKDF-Expand(prk=HKDF-Extract(salt=CK, ikm=ssX25519), + info="VoRS v6 ck") * serverEphPrvSNTRUP761, serverEphPubSNTRUP761 = Generate() - * k = HKDF-Expand(SHAKE256, prk=CK, info="VoRS v5 server sntrup761") + * k = HKDF-Expand(prk=CK, info="VoRS v6 server sntrup761") * ctSNTRUP = ChaCha20-Poly1305(k, nonce=0, ad=H, pt=serverEphPubSNTRUP761) - * H = SHAKE256(H || ctSNTRUP) + * H = hash(H || ctSNTRUP) * sends: ctX25519 || ctSNTRUP Client: * has: prefinish message payload * ... * ctSNTRUP, ssSNTRUP = Encapsulate(serverEphPubSNTRUP761) - * k = HKDF-Expand(SHAKE256, prk=CK, info="VoRS v5 client sntrup761") + * k = HKDF-Expand(prk=CK, info="VoRS v6 client sntrup761") * ctSNTRUP = ChaCha20-Poly1305(k, nonce=0, ad=H, pt=ctSNTRUP) - * H = SHAKE256(H || ctSNTRUP) - * CK = HKDF-Extract(SHAKE256, ikm=ssSNTRUP, salt=CK) - * k = HKDF-Expand(SHAKE256, prk=CK, info="VoRS v5 client prefinish") + * H = hash(H || ctSNTRUP) + * CK = HKDF-Expand(prk=HKDF-Extract(salt=CK, ikm=ssSNTRUP), + info="VoRS v6 ck") + * k = HKDF-Expand(prk=CK, info="VoRS v6 client prefinish") * ctPrefinish = ChaCha20-Poly1305(k, nonce=0, ad=H, pt=prefinish) - * H = SHAKE256(H || ctPrefinish) + * H = hash(H || ctPrefinish) * sends: ctPrefinish Server: * ... Both: - clientChaPolyKey, serverChaPolyKey, VoIPKey = - HKDF-Expand(SHAKE256, ikm=CK, salt=H) + clientChaPolyKey, serverChaPolyKey, VoIPKey = HKDF-Expand( + prk=CK, info="VoRS v6 keymat") diff --git a/doc/Protocol b/doc/Protocol index 25374872391ed5ef558ec313e6b0845c0c2254ef443384f023a201abab7bd080..a3ca416800ec342d1055c7c0140080a6a97700add2a09d4c50c98e0c789b7e96 100644 --- a/doc/Protocol +++ b/doc/Protocol @@ -40,7 +40,7 @@ netstring encoded sequence of netstrings if multiple values are expected: NS(NS(arg0) || NS(arg1) || ...) => http://cr.yp.to/proto/netstrings.txt Netstring -* Client sends NS("VoRS v5") to the socket. Just a magic number. +* Client sends NS("VoRS v6") to the socket. Just a magic number. * Then it performs [PQHS]. @@ -66,8 +66,6 @@ differ from known to client one) * Server replies with ["SID", SID], where SID is single byte stream number client must use. - -TODO * ["PING"] and ["PONG"] messages are then sent every ten seconds as a heartbeat. diff --git a/go.mod b/go.mod index 20341b5cb8d6b7e40baf374a31e36da01dd3c354d713ab9933ae5d29f3878437..89befde7a1f63d763c789ea499d6f6735fe70fa6bad1f5cf90b6789c07bbbdad 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module go.stargrave.org/vors/v5 +module go.stargrave.org/vors/v6 go 1.24.0 diff --git a/internal/var.go b/internal/var.go index cd354241d4abbd9dcc9c1cf36b278ceea40d030ff02178e5b09fe8fbb1627a31..25630cd576494c605012681dd031ed6dba92f9efec8730266791fceaa14f55b5 100644 --- a/internal/var.go +++ b/internal/var.go @@ -6,7 +6,7 @@ "time" ) const ( - Magic = "VoRS v5" + Magic = "VoRS v6" CmdErr = "ERR" CmdCookie = "COOKIE" CmdSID = "SID" diff --git a/internal/version.go b/internal/version.go index a31d3e50a1cb12c72d1795a60c5865a11c04bb8989928847463fb25c95b9752e..acea42bd181801efffa042169a25566f4f2aa327dfe6ab61d710038a4aae4547 100644 --- a/internal/version.go +++ b/internal/version.go @@ -3,7 +3,7 @@ import "runtime" const ( - Version = "4.0.0" + Version = "6.0.0" Warranty = `Copyright (C) 2024-2025 Sergey Matveev This program is free software: you can redistribute it and/or modify diff --git a/pqhs/client.go b/pqhs/client.go index 1c4dd1620e9e1a51f46d2ce2d5b649334c85e1d03dde5ce594325b6a52ec96f2..b76a8cb0685ada9deec64c8e6983fc68f7de9b5b9aefdc2a0326c86347feb8ec 100644 --- a/pqhs/client.go +++ b/pqhs/client.go @@ -5,10 +5,10 @@ "crypto/ecdh" "crypto/rand" "crypto/sha3" - vors "go.stargrave.org/vors/v5/internal" - "go.stargrave.org/vors/v5/pqhs/mceliece6960119" - sntrup761kem "go.stargrave.org/vors/v5/pqhs/sntrup761/kem" - sntrup761 "go.stargrave.org/vors/v5/pqhs/sntrup761/kem/ntruprime/sntrup761" + vors "go.stargrave.org/vors/v6/internal" + "go.stargrave.org/vors/v6/pqhs/mceliece6960119" + sntrup761kem "go.stargrave.org/vors/v6/pqhs/sntrup761/kem" + sntrup761 "go.stargrave.org/vors/v6/pqhs/sntrup761/kem/ntruprime/sntrup761" "golang.org/x/crypto/chacha20poly1305" ) diff --git a/pqhs/const.go b/pqhs/const.go index c5df1e265fc580e0c3d139108024ee3b4511adf2e9fcf94fc648dea5bbba0a25..94b60f4fb1f3b616cfc7120b05d2e9b3d7670f0533be0d2127316eeaf265db1d 100644 --- a/pqhs/const.go +++ b/pqhs/const.go @@ -1,9 +1,11 @@ package pqhs const ( - CtxClientX25519 = "VoRS v5 client x25519" - CtxServerX25519 = "VoRS v5 server x25519" - CtxServerSNTRUP761 = "VoRS v5 server sntrup761" - CtxClientSNTRUP761 = "VoRS v5 client sntrup761" - CtxClientPrefinish = "VoRS v5 client prefinish" + CtxClientX25519 = "VoRS v6 client x25519" + CtxServerX25519 = "VoRS v6 server x25519" + CtxServerSNTRUP761 = "VoRS v6 server sntrup761" + CtxClientSNTRUP761 = "VoRS v6 client sntrup761" + CtxClientPrefinish = "VoRS v6 client prefinish" + CtxCK = "VoRS v6 ck" + CtxKeymat = "VoRS v6 keymat" ) diff --git a/pqhs/hs_test.go b/pqhs/hs_test.go index c26e8dea41d169eb70351a2c6d50679303755ea6272e6cf41567fa5180fb7118..e42fe111731dafc6a9458f37aabf4d1fb3e028513c4454287499f16feb3e67a0 100644 --- a/pqhs/hs_test.go +++ b/pqhs/hs_test.go @@ -38,7 +38,7 @@ } if string(prefinish) != "whatever" { t.Fatal("prefinish differs") } - if !bytes.Equal(c.Binding(1234), s.Binding(1234)) { + if !bytes.Equal(c.Keymat(1234), s.Keymat(1234)) { t.Fatal("bindings differs") } } diff --git a/pqhs/key.go b/pqhs/key.go index 5a6003e9a9724a28760c34bf0c78ce9bfde5bd9889813b6e4d52021ca3c17fd9..0beff66b64c3868f0ac05037fcc41d28e648f02eeed565d499adf32f96045c3a 100644 --- a/pqhs/key.go +++ b/pqhs/key.go @@ -4,7 +4,7 @@ import ( "crypto/ecdh" "crypto/rand" - "go.stargrave.org/vors/v5/pqhs/mceliece6960119" + "go.stargrave.org/vors/v6/pqhs/mceliece6960119" ) func KeyGen() ( diff --git a/pqhs/mceliece6960119/fft.go b/pqhs/mceliece6960119/fft.go index 1d117deed2b299baf6a9e52f22a3eb43d550b77247688e744087405491bbb84c..0c29b5dc8d86418e06502029888c5f0a5de6db698a2c31dad9db9eb2fee8bc69 100644 --- a/pqhs/mceliece6960119/fft.go +++ b/pqhs/mceliece6960119/fft.go @@ -5,7 +5,7 @@ // from the NIST round 4 submission package. package mceliece6960119 -import "go.stargrave.org/vors/v5/pqhs/mceliece6960119/internal" +import "go.stargrave.org/vors/v6/pqhs/mceliece6960119/internal" func fft(out *[exponent][gfBits]uint64, in *[2][gfBits]uint64) { radixConversions(in) diff --git a/pqhs/mceliece6960119/internal/fft_const.go b/pqhs/mceliece6960119/internal/fft_const.go index 476eb3f333fefe4924aea41b3d1cc6a5fce9164d54e3f01512f89a038055c5b5..69ae78dba3e26e18bae10ac170a3dcba9e8f34114c1cf663952658923d29a5ce 100644 --- a/pqhs/mceliece6960119/internal/fft_const.go +++ b/pqhs/mceliece6960119/internal/fft_const.go @@ -1,8 +1,8 @@ package internal import ( - "go.stargrave.org/vors/v5/pqhs/mceliece6960119/math/gf2e12" - "go.stargrave.org/vors/v5/pqhs/mceliece6960119/math/gf2e13" + "go.stargrave.org/vors/v6/pqhs/mceliece6960119/math/gf2e12" + "go.stargrave.org/vors/v6/pqhs/mceliece6960119/math/gf2e13" ) var ButterfliesReversal4096 = [64]byte{ diff --git a/pqhs/mceliece6960119/internal/powers.go b/pqhs/mceliece6960119/internal/powers.go index 2d4c3918f008f543f8c4167a759048be93d876e523e2a04030f8211c64c971c1..19a545551bed555f3110fff24ff4dcd501e7ea727075ec764703096b57ad7205 100644 --- a/pqhs/mceliece6960119/internal/powers.go +++ b/pqhs/mceliece6960119/internal/powers.go @@ -1,8 +1,8 @@ package internal import ( - "go.stargrave.org/vors/v5/pqhs/mceliece6960119/math/gf2e12" - "go.stargrave.org/vors/v5/pqhs/mceliece6960119/math/gf2e13" + "go.stargrave.org/vors/v6/pqhs/mceliece6960119/math/gf2e12" + "go.stargrave.org/vors/v6/pqhs/mceliece6960119/math/gf2e13" ) var Powers4096 = [64][gf2e12.Bits]uint64{ diff --git a/pqhs/mceliece6960119/mceliece.go b/pqhs/mceliece6960119/mceliece.go index eba3b3433d094f39d1f3ea0c0badde20f90a86d0249f5f9598fd5cb7f7d31f1e..37bc9a155096ac0af80e8d14263074573624866e71533bdf6388d0403006d49c 100644 --- a/pqhs/mceliece6960119/mceliece.go +++ b/pqhs/mceliece6960119/mceliece.go @@ -20,8 +20,8 @@ "errors" "fmt" "io" - "go.stargrave.org/vors/v5/pqhs/mceliece6960119/internal" - "go.stargrave.org/vors/v5/pqhs/mceliece6960119/math/gf2e13" + "go.stargrave.org/vors/v6/pqhs/mceliece6960119/internal" + "go.stargrave.org/vors/v6/pqhs/mceliece6960119/math/gf2e13" ) const ( diff --git a/pqhs/mceliece6960119/pk_gen.go b/pqhs/mceliece6960119/pk_gen.go index a505a8ac9a9a58b6f18a655416f4201753a6c2717d87bce33fabef156043c6ba..15b96269943e636274b2ca455ff199813bcd6051ccdb2f77306a6521f26aa2a8 100644 --- a/pqhs/mceliece6960119/pk_gen.go +++ b/pqhs/mceliece6960119/pk_gen.go @@ -5,7 +5,7 @@ // from the NIST round 4 submission package. package mceliece6960119 -import "go.stargrave.org/vors/v5/pqhs/mceliece6960119/internal" +import "go.stargrave.org/vors/v6/pqhs/mceliece6960119/internal" const exponent = 128 diff --git a/pqhs/server.go b/pqhs/server.go index 2c165065cb8b05eb10dd48f7dca81c8eb13215afce0c2c4bc83ee64ca24eb522..c4eb390f0142983d1d5e64f894c02218c8973e6557f08caeace8981eda66644c 100644 --- a/pqhs/server.go +++ b/pqhs/server.go @@ -4,10 +4,10 @@ import ( "crypto/ecdh" "crypto/rand" - vors "go.stargrave.org/vors/v5/internal" - "go.stargrave.org/vors/v5/pqhs/mceliece6960119" - sntrup761kem "go.stargrave.org/vors/v5/pqhs/sntrup761/kem" - sntrup761 "go.stargrave.org/vors/v5/pqhs/sntrup761/kem/ntruprime/sntrup761" + vors "go.stargrave.org/vors/v6/internal" + "go.stargrave.org/vors/v6/pqhs/mceliece6960119" + sntrup761kem "go.stargrave.org/vors/v6/pqhs/sntrup761/kem" + sntrup761 "go.stargrave.org/vors/v6/pqhs/sntrup761/kem/ntruprime/sntrup761" "golang.org/x/crypto/chacha20poly1305" ) diff --git a/pqhs/sntrup761/kem/ntruprime/sntrup761/ntruprime.go b/pqhs/sntrup761/kem/ntruprime/sntrup761/ntruprime.go index b03c7446de0d29d440fcb2b23ecaf4223b6fde690975929d6622a3f109bada60..1c2625d0238264cce9d659b9c2676a3123cb9a4a3474e1509bc846808f85d9e9 100644 --- a/pqhs/sntrup761/kem/ntruprime/sntrup761/ntruprime.go +++ b/pqhs/sntrup761/kem/ntruprime/sntrup761/ntruprime.go @@ -13,10 +13,10 @@ cryptoRand "crypto/rand" "crypto/sha512" "io" - "go.stargrave.org/vors/v5/pqhs/sntrup761/kem" - "go.stargrave.org/vors/v5/pqhs/sntrup761/kem/ntruprime/internal" - sntrupKem "go.stargrave.org/vors/v5/pqhs/sntrup761/pke/ntruprime/kem" - ntrup "go.stargrave.org/vors/v5/pqhs/sntrup761/pke/ntruprime/sntrup761" + "go.stargrave.org/vors/v6/pqhs/sntrup761/kem" + "go.stargrave.org/vors/v6/pqhs/sntrup761/kem/ntruprime/internal" + sntrupKem "go.stargrave.org/vors/v6/pqhs/sntrup761/pke/ntruprime/kem" + ntrup "go.stargrave.org/vors/v6/pqhs/sntrup761/pke/ntruprime/sntrup761" ) type ( diff --git a/pqhs/sntrup761/pke/ntruprime/kem/kem.go b/pqhs/sntrup761/pke/ntruprime/kem/kem.go index 2b6309ac0f1f5fe4529fe53b4306f579cb217a320bc264d457831c3ee73e2001..297f756a8d8b0d6d1adac9c0f57a38d45d68b7e22dcf51adaa8dd03898da8429 100644 --- a/pqhs/sntrup761/pke/ntruprime/kem/kem.go +++ b/pqhs/sntrup761/pke/ntruprime/kem/kem.go @@ -4,7 +4,7 @@ import ( "io" - "go.stargrave.org/vors/v5/pqhs/sntrup761/kem" + "go.stargrave.org/vors/v6/pqhs/sntrup761/kem" ) // A Scheme represents a specific instance of a NTRU PRIME KEM. diff --git a/pqhs/sntrup761/pke/ntruprime/kem/schemes/sntrup/schemes.go b/pqhs/sntrup761/pke/ntruprime/kem/schemes/sntrup/schemes.go index b0b411a71629cdd2a05b3d7afe0ec0a38cc2ee5d673aedbebea28382009f7008..38fa338c45193588a4ecb2991027dfe6d64d9074437e03cff4172057cbf69985 100644 --- a/pqhs/sntrup761/pke/ntruprime/kem/schemes/sntrup/schemes.go +++ b/pqhs/sntrup761/pke/ntruprime/kem/schemes/sntrup/schemes.go @@ -10,8 +10,8 @@ import ( "strings" - "go.stargrave.org/vors/v5/pqhs/sntrup761/kem/ntruprime/sntrup761" - "go.stargrave.org/vors/v5/pqhs/sntrup761/pke/ntruprime/kem" + "go.stargrave.org/vors/v6/pqhs/sntrup761/kem/ntruprime/sntrup761" + "go.stargrave.org/vors/v6/pqhs/sntrup761/pke/ntruprime/kem" ) var allSchemes = [...]kem.Scheme{ diff --git a/pqhs/state.go b/pqhs/state.go index 35cbe654651f7f229060f1e1b72adc6f8a864f54ffd1ef4c0ad785abcaf7d9db..bfc2353034c00743f175935d4f0e77272821db535932403bea211f93c00acdf4 100644 --- a/pqhs/state.go +++ b/pqhs/state.go @@ -30,6 +30,10 @@ state.ck, err = hkdf.Extract(NewSHAKE256, key, state.ck) if err != nil { panic(err) } + state.ck, err = hkdf.Expand(NewSHAKE256, state.ck, CtxCK, 64) + if err != nil { + panic(err) + } } func (state *SymmetricState) Seal(ctx string, data []byte) []byte { @@ -55,10 +59,10 @@ } return } -func (state *SymmetricState) Binding(l int) []byte { - binding, err := hkdf.Expand(NewSHAKE256, state.ck, string(state.h), l) +func (state *SymmetricState) Keymat(l int) []byte { + keymat, err := hkdf.Expand(NewSHAKE256, state.ck, CtxKeymat, l) if err != nil { panic(err) } - return binding + return keymat }