cossacklabs / themis / #7639
88%
master: 83%

LAST BUILD BRANCH: release/0.15.0
DEFAULT BRANCH: master
Ran
Jobs 1
Files 73
Run time 7s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 87.761% (+0.05%) from 87.707%
#7639

push

travis-ci

web-flow 
Apply Soter KDF after PBKDF2 for passphrases (#640)

* Reusable internal API for Secure Cell's Soter KDF

Export a bunch of functions from sym_enc_message.c which are used by the
symmetric key API to perform ZRTP-style Soter KDF based on Secure Cell
message length and user-provided associated context.

This API is not very convenient due to compatibility reasons,
but it's okay for an internal API to force its users to deal
with themis_auth_sym_kdf_context() and its friends.

Note that secure_cell_seal_passphrase.c already has a function named
themis_auth_sym_derive_encryption_key() which has a similar goal, but
uses passphrase-based derivation algorithm. Rename it with a customary
"passphrase" suffix to avoid ambiguity and naming conflicts.

* Always derive 32-byte (pre)keys from passphrases

Since we are going to use passphrase to derive a prekey, we should not
depend on the default encryption algorithm choice. Instead, always
derive full 32-byte prekey from passphrase with PBKDF2. After that
we will use Soter KDF to truncate the key to the length suitable for
the AES flavor in use. soter_alg_key_length() verification will also
be performed at that point to ensure that Secure Cell header is not
corrupted.

* Apply Soter KDF after PBKDF2 for passphrases

Instead of using PBKDF2 output directly, pass the resulting prekey
through an additional round of Soter KDF to associate the encryption key
with user-provided associated context as well as the encrypted message
length, similar to how symmetric key API does this.

This changes the encryption algorith, but it's fine to do this before
public relese. This is the only chance we have to do this update without
it becoming a massive backward-compatibility pain.

The change slightly improves security of the encryption and makes the
algorithms a bit more compatible and similar in structure. However,
this does not change the API or data format in the slightest.

* Update t... (continued)

3779 of 4306 relevant lines covered (87.76%)

19263.6 hits per line

Jobs
ID Job ID Ran Files Coverage
1 #7639.1 0
87.76
Source Files on build #7639
Detailed source file information is not available for this build.