Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: add documentation to externs #590

Merged
merged 3 commits into from
Aug 13, 2024
Merged

chore: add documentation to externs #590

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
1c49960
chore: add documentation to externs
ajewellamz Aug 13, 2024
af054ed
Apply suggestions from code review
ajewellamz Aug 13, 2024
b79ba96
Merge branch 'main' into ajewell/docs
ajewellamz Aug 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 3 additions & 4 deletions AwsCryptographyPrimitives/src/Digest.dfy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,9 @@ module Digest {
function method Length(digestAlgorithm: Types.DigestAlgorithm): nat
{
match digestAlgorithm
case SHA_512 => 64
case SHA_384 => 48
case SHA_256 => 32
case SHA_1 => 20
josecorella marked this conversation as resolved.
Show resolved Hide resolved
case SHA_512() => 64
case SHA_384() => 48
case SHA_256() => 32
}

method Digest(input: Types.DigestInput)
Expand Down
17 changes: 17 additions & 0 deletions AwsCryptographyPrimitives/src/ECDH.dfy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,37 +107,54 @@ module {:extern "ECDH"} ECDH {
));
}

// Generate an ECDH key pair
// Return the private key as UTF8 PEM-encoded Rfc5915 format,
// Return the public key as DER-encoded X.509 SubjectPublicKeyInfo bytes
method {:extern "ECDH.KeyGeneration", "GenerateKeyPair"} ExternEccKeyGen(
s: Types.ECDHCurveSpec
) returns (res: Result<EccKeyPair, Types.Error>)
ensures res.Success? ==> 1 < |res.value.publicKey| <= 8192

// Given a private key, return the associated public key
// Input private key is in PEM format
// Output public key is DER-encoded X.509 SubjectPublicKeyInfo
method {:extern "ECDH.ECCUtils", "GetPublicKey"} ExternGetPublicKeyFromPrivate(
curveAlgorithm: Types.ECDHCurveSpec,
privateKey: Types.ECCPrivateKey
) returns (res: Result<seq<uint8>, Types.Error>)

// Ensure that this public key follows 5.6.2.3.3 ECC Full Public-Key Validation Routine from
// https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf#page=55
// Input public key is DER-encoded X.509 SubjectPublicKeyInfo bytes
// Result is never Success(false), it's either Success(true) or Failure()
method {:extern "ECDH.ECCUtils", "ValidatePublicKey"} ExternValidatePublicKey(
curveAlgorithm: Types.ECDHCurveSpec,
publicKey: seq<uint8>
) returns (res: Result<bool, Types.Error>)

// Calculate a shared secret from the keys
// Private key is PEM formatted UTF8
// Input public key is DER-encoded X.509 SubjectPublicKeyInfo bytes
method {:extern "ECDH.DeriveSharedSecret", "CalculateSharedSecret"} ExternDeriveSharedSecret(
curveAlgorithm: Types.ECDHCurveSpec,
privateKey: Types.ECCPrivateKey,
publicKey: Types.ECCPublicKey
) returns (res: Result<seq<uint8>, Types.Error>)

// Convert DER-encoded X.509 SubjectPublicKeyInfo public key bytes to compressed X9.62 format
method {:extern "ECDH.ECCUtils", "CompressPublicKey"} ExternCompressPublicKey(
publicKey: seq<uint8>,
curveAlgorithm: Types.ECDHCurveSpec
) returns (res: Result<seq<uint8>, Types.Error>)

// Convert X9.62 encoded public key bytes to DER-encoded X.509 SubjectPublicKeyInfo format
// input is not PEM-encoded
method {:extern "ECDH.ECCUtils", "DecompressPublicKey"} ExternDecompressPublicKey(
publicKey: seq<uint8>,
curveAlgorithm: Types.ECDHCurveSpec
) returns (res: Result<seq<uint8>, Types.Error>)

// Ensure that this public key is DER-encoded X.509 SubjectPublicKeyInfo format
method {:extern "ECDH.ECCUtils", "ParsePublicKey"} ExternParsePublicKey(
publicKey: seq<uint8>
) returns (res: Result<seq<uint8>, Types.Error>)
Expand Down
8 changes: 8 additions & 0 deletions AwsCryptographyPrimitives/src/Signature.dfy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,18 +55,26 @@ module {:extern "Signature"} Signature {
));
}

// Generate an ECDSA key pair
// Verification key, a.k.a public key, is in X9.62 compressed format
// Signing Key, a.k.a private key, is in DER-encoded
method {:extern "Signature.ECDSA", "ExternKeyGen"} ExternKeyGen(
s: Types.ECDSASignatureAlgorithm
) returns (res: Result<SignatureKeyPair, Types.Error>)
ensures res.Success? ==> IsValidSignatureKeyPair(res.value)

// sign the message with the private key
// private signing key is DER-encoded
method {:extern "Signature.ECDSA", "Sign"} Sign(
s: Types.ECDSASignatureAlgorithm,
key: seq<uint8>,
msg: seq<uint8>
) returns (sig: Result<seq<uint8>, Types.Error>)
ensures sig.Success? ==> IsSigned(key, msg, sig.value)

// Verify that these bytes created this signature
// Public verification key is DER-encoded X9.62 format
// If signature does not match Success(false) is returned
// This is a valid function
// because the same inputs will result in the same outputs.
function method {:extern "Signature.ECDSA", "Verify"} Verify(
Expand Down
Loading