Symmetric keygen: high-level wrappers #561
Conversation
ilammy
added
W-PHPThemis 🐘
C++ provides both convenient and in-place key generation routines. In-place key generation may be useful for C++03 code that does not want to have an extra copy of std::vector when it's being returned. ThemisPP does not provide separate types for keys, it works with plain std::vector.
Straightforward implementation. The only interestring thing is that size_t is mapped to i32 with Emscripten, as noted in all other APIs.
Straightforward implementation. GoThemis provides wrapper types for private and public keys so we add another one with the same interface for symmetric keys. Currently GoThemis does not return Themis error codes to Go, so CGo code returns "bool" for simplicity and consistency.
Straightforward implementation. Objective-C function is automatically bridged to Swift, we don't have to do anything for that. Keypair generation API for ObjCThemis does not report exact errors to the user and simply returns "nil", We do the same for symmetric key generation for consistency.
Straightforward implementation. PHPThemis exports its functionality as PHP functions so just add a new one. Byte arrays are returned as simply strings, no new types here. Just don't forget that we have to support both PHP 5 and PHP 7 wrappers.
Straightforward implementation. string_at() returns "str" with Python 2 and "bytes" with Python 3.
Straightforward implementation. Probably the most concise one :)
Straigtforward implementation (albeit verbose). RustThemis has a relatively high bar for API documentation quality. Don't let it drop and provide detailed descriptions. themis_gen_sym_key() is added to libthemis-sys by bindgen automatically, we don't have to remember to do that manually.
ilammy
force-pushed
the
themis_gen_sym_key/wrappers
branch
from
0c9e696
to
a00dbf0
Compare
|
I’ve rebased the changeset onto master which now has proper Core support. I’ve also added some updates in tests based on feedback in other PRs. This one is ready for review. |
JavaScript vOv
Resolve a warning about "this function declaration is not a prototype". Objective-C is still C, not C++, so if a function does not take any arguments then it should have "(void)" argument list, not "()". Latter is considered to take any number of any arguments (for legacy reasons).
| key = [NSMutableData dataWithLength:keyLength]; | ||
|
|
||
| result = (TSErrorType) themis_gen_sym_key(key.mutableBytes, &keyLength); | ||
| if (result != TSErrorTypeSuccess) { |
There was a problem hiding this comment.
| if (result != TSErrorTypeSuccess) { | |
| if (result != TSErrorTypeSuccess) { | |
| [key resetBytesInRange:NSMakeRange(0, [key length])]; |
There was a problem hiding this comment.
Also, let's add tests here: https://github.com/cossacklabs/themis/tree/master/tests/objcthemis/objthemis
Found tests :)
There was a problem hiding this comment.
[key resetBytesInRange:NSMakeRange(0, [key length])];
I'd think this will be excessive when these suggestion is implemented in Themis Core. It will ensure that if themis_gen_sym_key() fails then output buffer does not contain anything useful or sensitive. That way we will not need to add additional wiping to every single wrapper individually.
There was a problem hiding this comment.
agree.
another reason I suggested it for iOS only – I don't know how to zeroing bytes in every other language :D
|
That's a lot of going on here! |
I have a faint feeling that this PR should have been nine separate PRs... Also, @vixentael, by chance, do you have a guess why Bitrise build keeps failing? Because it's certainly fine on the master branch, the changes do not seem to have anything to do with OpenSSL includes, not to say that the framework and tests build fine on my machine. |
| public function testKeyGeneration() { | ||
| $defaultLength = 32; | ||
| $key = phpthemis_gen_sym_key(); | ||
| $this->assertEquals(strlen($key), $defaultLength); |
There was a problem hiding this comment.
Will be better if for php we will have more checks, like in themis core, where we check that several calls of function return different keys. because php has a more complicated wrapper and own memory management.
Just like with JsThemis that has nontrivial wrapper, let's make sure that key generation returns distinct objects for every call and we don't do anything silly in the implementation.
I have a guess: themis/tests/objcthemis/Podfile Lines 24 to 25 in 5f886e1 This pulls in ObjCThemis code from master branch, not from a pull request, that's probably why the tests don't see the new API, and... that causes an error about For local testing I have always been using an edited Podfile that refers to this branch. However, if I use it without changes then the errors are different, like more appropriate:
|
|
Oh, I get it now. Carthage build fails because I’ve tweaked Bitrise build steps to avoid these issues:
Let’s see if this is all we need. |
|
Looks like you fixed a problem with Bitrise |
Implement symmetric key generation utilities described in RFC 1 (not available publicly at the moment). This is new API introduced in #560, now distributed to high-level wrappers.
This PR contains ‘easy’ wrappers that do not require anything special and with more or less straightforward and compact implementation. I placed them in one PR in order to have fewer merge conflicts in the changelog later.
Node.js (JsThemis) and Java (Android) are hard. They will be added in their own PRs.
Language API
With exception of C++ there is only one entry point for key generation. High-level wrappers generally do not allow the user to customize key length and generate default keys (32 bytes).
Where applicable, new types are introduced along with conversion API.
C++
Go
JavaScript (WebAssembly)
Objective-C
PHP
Python
Ruby
Rust
Swift
Checklist
Benchmark results are attached(not interesting)Example projects and code samples are updated(later)