Rename fizz::HkdfImpl -> fizz::Hkdf

Summary:
Nothing other than `fizz::HkdfImpl` inherits from `fizz::Hkdf`. (There are
no mocks, etc.) There is no reason to have the separation since the HKDF
algorithm will not change based on Factory implementations, and `fizz::HkdfImpl`
is already written _in terms of_ a hashing primitive that is constructed by the
factory.

Reviewed By: zalecodez

Differential Revision: D62466716

fbshipit-source-id: 9428afbc5874a29df95884a9b5296fcb79f597e3

fizz/backend/openssl/OpenSSL.h

@@ -43,8 +43,8 @@ makeOpenSSLECKeyExchange() {
 }
 
 template <typename Hash>
-HkdfImpl createHkdf() {
-  return HkdfImpl(Hash::HashLen, ::fizz::openssl::makeHasher<Hash>);
+Hkdf createHkdf() {
+  return Hkdf(Hash::HashLen, ::fizz::openssl::makeHasher<Hash>);
 }
 
 } // namespace fizz::openssl

fizz/crypto/Hkdf.cpp

@@ -11,9 +11,8 @@
 
 namespace fizz {
 
-std::vector<uint8_t> HkdfImpl::extract(
-    folly::ByteRange salt,
-    folly::ByteRange ikm) const {
+std::vector<uint8_t> Hkdf::extract(folly::ByteRange salt, folly::ByteRange ikm)
+    const {
   auto zeros = std::vector<uint8_t>(hashLength_, 0);
   // Extraction step HMAC-HASH(salt, IKM)
   std::vector<uint8_t> extractedKey(hashLength_);
@@ -26,7 +25,7 @@ std::vector<uint8_t> HkdfImpl::extract(
   return extractedKey;
 }
 
-std::unique_ptr<folly::IOBuf> HkdfImpl::expand(
+std::unique_ptr<folly::IOBuf> Hkdf::expand(
     folly::ByteRange extractedKey,
     const folly::IOBuf& info,
     size_t outputBytes) const {
@@ -64,7 +63,7 @@ std::unique_ptr<folly::IOBuf> HkdfImpl::expand(
   return expanded;
 }
 
-std::unique_ptr<folly::IOBuf> HkdfImpl::hkdf(
+std::unique_ptr<folly::IOBuf> Hkdf::hkdf(
     folly::ByteRange ikm,
     folly::ByteRange salt,
     const folly::IOBuf& info,

fizz/crypto/Hkdf.h

@@ -23,49 +23,24 @@ namespace fizz {
  */
 class Hkdf {
  public:
-  virtual ~Hkdf() = default;
-
-  virtual std::vector<uint8_t> extract(
-      folly::ByteRange salt,
-      folly::ByteRange ikm) const = 0;
-
-  virtual std::unique_ptr<folly::IOBuf> expand(
-      folly::ByteRange extractedKey,
-      const folly::IOBuf& info,
-      size_t outputBytes) const = 0;
-
-  virtual std::unique_ptr<folly::IOBuf> hkdf(
-      folly::ByteRange ikm,
-      folly::ByteRange salt,
-      const folly::IOBuf& info,
-      size_t outputBytes) const = 0;
-
-  virtual size_t hashLength() const = 0;
-};
-
-/**
- * HKDF implementation.
- */
-class HkdfImpl : public Hkdf {
- public:
-  HkdfImpl(size_t hashLength, HasherFactory makeHasher)
+  Hkdf(size_t hashLength, HasherFactory makeHasher)
       : hashLength_(hashLength), makeHasher_(makeHasher) {}
 
   std::vector<uint8_t> extract(folly::ByteRange salt, folly::ByteRange ikm)
-      const override;
+      const;
 
   std::unique_ptr<folly::IOBuf> expand(
       folly::ByteRange extractedKey,
       const folly::IOBuf& info,
-      size_t outputBytes) const override;
+      size_t outputBytes) const;
 
   std::unique_ptr<folly::IOBuf> hkdf(
       folly::ByteRange ikm,
       folly::ByteRange salt,
       const folly::IOBuf& info,
-      size_t outputBytes) const override;
+      size_t outputBytes) const;
 
-  size_t hashLength() const override {
+  size_t hashLength() const {
     return hashLength_;
   }
 

fizz/crypto/KeyDerivation.cpp

@@ -12,7 +12,7 @@ namespace fizz {
 
 KeyDerivationImpl::KeyDerivationImpl(
     size_t hashLength,
-    HkdfImpl hkdf,
+    Hkdf hkdf,
     folly::ByteRange blankHash)
     : hashLength_(hashLength), hkdf_(hkdf), blankHash_(blankHash) {}
 

fizz/crypto/KeyDerivation.h

@@ -55,10 +55,7 @@ class KeyDerivation {
 
 class KeyDerivationImpl : public KeyDerivation {
  public:
-  KeyDerivationImpl(
-      size_t hashLength,
-      HkdfImpl hkdf,
-      folly::ByteRange blankHash);
+  KeyDerivationImpl(size_t hashLength, Hkdf hkdf, folly::ByteRange blankHash);
 
   size_t hashLength() const override {
     return hashLength_;
@@ -95,7 +92,7 @@ class KeyDerivationImpl : public KeyDerivation {
 
  private:
   size_t hashLength_;
-  HkdfImpl hkdf_;
+  Hkdf hkdf_;
   folly::ByteRange blankHash_;
 };
 } // namespace fizz

fizz/crypto/hpke/BUCK

@@ -83,11 +83,10 @@ cpp_library(
         ":utils",
     ],
     exported_deps = [
-        ":hkdf",
-        ":types",
-        "//fizz/crypto:crypto",
-        "//fizz/crypto/aead:aead",
-        "//fizz/protocol:types",
+        "fbcode//fizz/crypto/aead:aead",
+        "fbcode//fizz/crypto/hpke:hkdf",
+        "fbcode//fizz/crypto/hpke:types",
+        "fbcode//fizz/protocol:types",
     ],
 )
 

fizz/crypto/hpke/Utils.cpp

@@ -141,25 +141,25 @@ CipherSuite getCipherSuite(AeadId aeadId) {
   }
 }
 
-std::unique_ptr<Hkdf> makeHpkeHkdf(
+std::unique_ptr<::fizz::hpke::Hkdf> makeHpkeHkdf(
     std::unique_ptr<folly::IOBuf> prefix,
     KDFId kdfId) {
   switch (kdfId) {
     case KDFId::Sha256:
-      return std::make_unique<Hkdf>(
+      return std::make_unique<::fizz::hpke::Hkdf>(
           std::move(prefix),
-          std::make_unique<HkdfImpl>(
-              HkdfImpl(Sha256::HashLen, openssl::makeHasher<Sha256>)));
+          std::make_unique<::fizz::Hkdf>(
+              Sha256::HashLen, openssl::makeHasher<Sha256>));
     case KDFId::Sha384:
-      return std::make_unique<Hkdf>(
+      return std::make_unique<::fizz::hpke::Hkdf>(
           std::move(prefix),
-          std::make_unique<HkdfImpl>(
-              HkdfImpl(Sha384::HashLen, openssl::makeHasher<Sha384>)));
+          std::make_unique<::fizz::Hkdf>(
+              Sha384::HashLen, openssl::makeHasher<Sha384>));
     case KDFId::Sha512:
-      return std::make_unique<Hkdf>(
+      return std::make_unique<::fizz::hpke::Hkdf>(
           std::move(prefix),
-          std::make_unique<HkdfImpl>(
-              HkdfImpl(Sha512::HashLen, openssl::makeHasher<Sha512>)));
+          std::make_unique<::fizz::Hkdf>(
+              Sha512::HashLen, openssl::makeHasher<Sha512>));
     default:
       throw std::runtime_error("hkdf: not implemented");
   }

fizz/crypto/hpke/test/ContextTest.cpp

@@ -55,8 +55,8 @@ TEST_P(HpkeContextTest, TestContext) {
       toIOBuf(kExportSecret),
       std::make_unique<fizz::hpke::Hkdf>(
           kPrefix->clone(),
-          std::make_unique<HkdfImpl>(
-              HkdfImpl(Sha256::HashLen, &openssl::makeHasher<Sha256>))),
+          std::make_unique<::fizz::Hkdf>(
+              Sha256::HashLen, &openssl::makeHasher<Sha256>)),
       suiteId->clone(),
       fizz::hpke::HpkeContext::Role::Sender);
   auto gotCiphertext = encryptContext.seal(
@@ -72,8 +72,8 @@ TEST_P(HpkeContextTest, TestContext) {
       toIOBuf(kExportSecret),
       std::make_unique<fizz::hpke::Hkdf>(
           kPrefix->clone(),
-          std::make_unique<HkdfImpl>(
-              HkdfImpl(Sha256::HashLen, &openssl::makeHasher<Sha256>))),
+          std::make_unique<::fizz::Hkdf>(
+              Sha256::HashLen, &openssl::makeHasher<Sha256>)),
       std::move(suiteId),
       fizz::hpke::HpkeContext::Role::Receiver);
   auto gotPlaintext = decryptContext.open(
@@ -96,8 +96,8 @@ TEST_P(HpkeContextTest, TestContextRoles) {
       toIOBuf(kExportSecret),
       std::make_unique<fizz::hpke::Hkdf>(
           kPrefix->clone(),
-          std::make_unique<HkdfImpl>(
-              HkdfImpl(Sha256::HashLen, &openssl::makeHasher<Sha256>))),
+          std::make_unique<::fizz::Hkdf>(
+              Sha256::HashLen, &openssl::makeHasher<Sha256>)),
       suiteId->clone(),
       fizz::hpke::HpkeContext::Role::Sender);
 
@@ -109,8 +109,8 @@ TEST_P(HpkeContextTest, TestContextRoles) {
       toIOBuf(kExportSecret),
       std::make_unique<fizz::hpke::Hkdf>(
           kPrefix->clone(),
-          std::make_unique<HkdfImpl>(
-              HkdfImpl(Sha256::HashLen, &openssl::makeHasher<Sha256>))),
+          std::make_unique<::fizz::Hkdf>(
+              Sha256::HashLen, &openssl::makeHasher<Sha256>)),
       std::move(suiteId),
       fizz::hpke::HpkeContext::Role::Receiver);
 
@@ -143,8 +143,8 @@ TEST_P(HpkeContextTest, TestExportSecret) {
         toIOBuf(testParam.exporterSecret),
         std::make_unique<fizz::hpke::Hkdf>(
             kPrefix->clone(),
-            std::make_unique<HkdfImpl>(
-                HkdfImpl(Sha256::HashLen, &openssl::makeHasher<Sha256>))),
+            std::make_unique<::fizz::Hkdf>(
+                Sha256::HashLen, &openssl::makeHasher<Sha256>)),
         std::move(suiteId),
         role);
     auto secret = context.exportSecret(std::move(exporterContext), 32);
@@ -172,8 +172,8 @@ TEST_P(HpkeContextTest, TestExportSecretThrow) {
         toIOBuf(testParam.exporterSecret),
         std::make_unique<fizz::hpke::Hkdf>(
             kPrefix->clone(),
-            std::make_unique<HkdfImpl>(
-                HkdfImpl(Sha256::HashLen, &openssl::makeHasher<Sha256>))),
+            std::make_unique<::fizz::Hkdf>(
+                Sha256::HashLen, &openssl::makeHasher<Sha256>)),
         std::move(suiteId),
         role);
 

fizz/crypto/hpke/test/DHKEMTest.cpp

@@ -64,8 +64,8 @@ DHKEM getDHKEM(std::unique_ptr<KeyExchange> actualKex, NamedGroup group) {
   auto prefix = "HPKE-v1";
   auto hkdf = std::make_unique<fizz::hpke::Hkdf>(
       folly::IOBuf::copyBuffer(prefix),
-      std::make_unique<HkdfImpl>(
-          HkdfImpl(Sha256::HashLen, openssl::makeHasher<Sha256>)));
+      std::make_unique<Hkdf>(
+          Hkdf(Sha256::HashLen, openssl::makeHasher<Sha256>)));
   return DHKEM(
       std::make_unique<MockKeyExchange>(std::move(actualKex)),
       group,

fizz/crypto/test/HkdfTest.cpp

@@ -34,7 +34,7 @@ TEST_P(HkdfTest, TestHkdfSha256Expand) {
   CHECK_EQ(outputBytes, expectedOkm->length());
 
   auto actualOkm =
-      HkdfImpl(Sha256::HashLen, openssl::makeHasher<fizz::Sha256>)
+      Hkdf(Sha256::HashLen, openssl::makeHasher<fizz::Sha256>)
           .hkdf(ikm->coalesce(), salt->coalesce(), *info, outputBytes);
   EXPECT_FALSE(actualOkm->isChained());
   EXPECT_EQ(outputBytes, actualOkm->length());

fizz/crypto/test/KeyDerivationTest.cpp

@@ -29,7 +29,7 @@ template <typename Hash>
 inline KeyDerivationImpl createKeyDerivationImpl() {
   return KeyDerivationImpl(
       Hash::HashLen,
-      HkdfImpl(Hash::HashLen, openssl::makeHasher<Hash>),
+      Hkdf(Hash::HashLen, openssl::makeHasher<Hash>),
       Hash::BlankHash);
 }
 

fizz/protocol/HandshakeContext.cpp

@@ -31,7 +31,7 @@ Buf HandshakeContextImpl::getFinishedData(folly::ByteRange baseKey) const {
   auto context = getHandshakeContext();
   size_t hashLen = hashState_->getHashLen();
   auto finishedKey =
-      KeyDerivationImpl(hashLen, HkdfImpl(hashLen, makeHasher_), blankHash_)
+      KeyDerivationImpl(hashLen, Hkdf(hashLen, makeHasher_), blankHash_)
           .expandLabel(baseKey, "finished", folly::IOBuf::create(0), hashLen);
   auto data = folly::IOBuf::create(hashLen);
   data->append(hashLen);

fizz/protocol/MultiBackendFactory.cpp

@@ -89,7 +89,7 @@ template <typename Hash>
 inline std::unique_ptr<KeyDerivation> makeKeyDerivationPtr() {
   return std::unique_ptr<KeyDerivationImpl>(new KeyDerivationImpl(
       Hash::HashLen,
-      HkdfImpl(Hash::HashLen, ::fizz::openssl::makeHasher<Hash>),
+      Hkdf(Hash::HashLen, ::fizz::openssl::makeHasher<Hash>),
       Hash::BlankHash));
 }
 } // namespace detail

fizz/server/AeadTokenCipher.cpp

@@ -51,7 +51,7 @@ bool Aead128GCMTokenCipher::setSecrets(
     Secret extracted(tokenSecret.begin(), tokenSecret.end());
     for (const auto& contextString : contextStrings_) {
       extracted =
-          HkdfImpl(HashType::HashLen, openssl::makeHasher<HashType>)
+          Hkdf(HashType::HashLen, openssl::makeHasher<HashType>)
               .extract(folly::range(contextString), folly::range(extracted));
     }
     secrets_.push_back(std::move(extracted));
@@ -112,7 +112,7 @@ std::unique_ptr<Aead> Aead128GCMTokenCipher::createAead(
     folly::ByteRange salt) const {
   auto aead = AeadType::makeCipher<CipherType>();
   std::unique_ptr<folly::IOBuf> info = folly::IOBuf::wrapBuffer(salt);
-  auto keys = HkdfImpl(HashType::HashLen, openssl::makeHasher<HashType>)
+  auto keys = Hkdf(HashType::HashLen, openssl::makeHasher<HashType>)
                   .expand(secret, *info, aead->keyLength() + aead->ivLength());
   folly::io::Cursor cursor(keys.get());
   TrafficKey key;