rust-hpke icon indicating copy to clipboard operation
rust-hpke copied to clipboard
verified publisher icon rozbb

User managed secret-memory

Open koraa opened this issue 2 years ago • 1 comments

One of the goals in Rosenpass was to allow using custom allocators for secret memory. Right now we are using sodium_malloc/sodium_free for instance.

Due to the reliance on a C library (libsodium) this is not a perfect choice, but allowing user-managed memory is still useful to comprehensively support features like zeroization.

In Rosenpass we opt for a low-level solution, passing all memory as slices:

pub trait KEM {
    const SK_LEN: usize;
    const PK_LEN: usize;
    const CT_LEN: usize;
    const SHK_LEN: usize;

    fn keygen(sk: &mut [u8], pk: &mut [u8]) -> Result<(), RosenpassError>;
    fn encaps(shk: &mut [u8], ct: &mut [u8], pk: &[u8]) -> Result<(), RosenpassError>;
    fn decaps(shk: &mut [u8], sk: &[u8], ct: &[u8]) -> Result<(), RosenpassError>;
}

A more comprehensive solution might involve the use of a custom allocation.

We should figure out a way to enable user-controlled secret allocation in HPKE!

koraa avatar Aug 13 '23 11:08 koraa

This is a great point, thank you. I think a reasonable way to go about this is to change the KEM API to take mutable refs to the output slice, as you suggest. It's not as clean, but I don't see a better way at the moment

rozbb avatar Aug 21 '23 07:08 rozbb