I think everythig is working, including the CLIs. The README should be about up to date, needs a proofread.

Author: mmosko

README.md

@@ -11,18 +11,42 @@
 #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
+import argparse
 import getpass
+import logging
+import uuid
 from typing import Optional
 
 from ccnpy.crypto.AeadKey import AeadKey, AeadGcm, AeadCcm
+from ccnpy.crypto.HpkeKdfIdentifiers import HpkeKdfIdentifiers
 from ccnpy.crypto.InsecureKeystore import InsecureKeystore
 from ccnpy.crypto.RsaKey import RsaKey
 from ccnpy.crypto.RsaSha256 import RsaSha256Signer, RsaSha256Verifier
 from ccnpy.flic.RsaOaepCtx.RsaOaepEncryptor import RsaOaepEncryptor
 from ccnpy.flic.aeadctx.AeadDecryptor import AeadDecryptor
 from ccnpy.flic.aeadctx.AeadEncryptor import AeadEncryptor
+from ccnpy.flic.aeadctx.AeadParameters import AeadParameters
+from ccnpy.flic.tlvs.KdfAlg import KdfAlg
+from ccnpy.flic.tlvs.KdfData import KdfData
+from ccnpy.flic.tlvs.KdfInfo import KdfInfo
+from ccnpy.flic.tlvs.KeyNumber import KeyNumber
 
 
+logger = logging.getLogger(__name__)
+
+
+def _str_to_array(value: str):
+    """
+    Accept a string in the forms "0xabcd..." or "abcd..." (both in hex) and output
+    an array['B', ...]
+    """
+    if value.startswith('0x'):
+        offset=2
+    else:
+        offset=0
+
+    return bytes.fromhex(value[offset:])
+
 def add_encryption_cli_args(parser):
 
     parser.add_argument('-k', dest="key_file", default=None,
@@ -33,35 +57,71 @@ def add_encryption_cli_args(parser):
     parser.add_argument('--wrap-key', dest="wrap_key", default=None, help="Wrapping key for RSA-OAEP mode.")
     parser.add_argument('--wrap-pass', dest="wrap_pass", default=None, help="Wrapping key key password (otherwise will prompt).")
 
-    parser.add_argument('--enc-key', dest="enc_key", default=None, help="AES encryption key (hex string)")
-    parser.add_argument("--aes-mode", dest="aes_mode", default='GCM', choices=['GCM', 'CCM'], help="Encryption algorithm, default GCM")
-    parser.add_argument('--key-num', dest="key_num", type=int, default=None,
+    parser.add_argument('--enc-key', dest="enc_key",
+                        type=_str_to_array,
+                        default=None, help="AES encryption key (hex string)")
+    parser.add_argument("--aes-mode", dest="aes_mode", default='GCM',
+                        type=lambda x: x.upper(),
+                        choices=['GCM', 'CCM'], help="Encryption algorithm, default GCM")
+    parser.add_argument('--key-num', dest="key_num", type=KeyNumber, default=None,
                         help="Key number of pre-shared key (defaults to key hash)")
     parser.add_argument('--salt', dest="salt", type=lambda x: int(x,0), default=None,
                         help="Upto a 4-byte salt to include in the IV with the nonce.")
 
+    parser.add_argument('--kdf', dest="kdf_alg", type=lambda x: HpkeKdfIdentifiers.parse(x),
+                        choices=[HpkeKdfIdentifiers.HKDF_SHA256, HpkeKdfIdentifiers.HKDF_SHA384, HpkeKdfIdentifiers.HKDF_SHA512],
+                        default=None,
+                        help="Use a KDF")
+    parser.add_argument('--kdf-info', dest="kdf_info", type=lambda x: KdfInfo(x),
+                        default=None,
+                        help="KDF INFO string (ascii or 0x hex string)")
+    parser.add_argument('--kdf-uuid', dest="kdf_uuid", default=False, action=argparse.BooleanOptionalAction,
+                        help="Use a Type 1 UUID for the KdfInfo (overrides --kdf-info)")
+    parser.add_argument('--kdf-salt', dest="kdf_salt", type=lambda x: int(x,0), default=None,
+                        help="Upto a 4-byte salt to include in the KDF function (do not use with RSA-OAEP).")
+
+
 def aes_key_from_cli_args(args) -> Optional[AeadKey]:
     if args.enc_key is None:
         return None
 
-    key_bytes = bytearray.fromhex(args.enc_key)
     if args.aes_mode == 'GCM':
-        return AeadGcm(key=key_bytes)
+        return AeadGcm(key=args.enc_key)
     elif args.aes_mode == 'CCM':
-        return AeadCcm(key=key_bytes)
+        return AeadCcm(key=args.enc_key)
     else:
         raise ValueError(f'aes_mode must be GCM or CCM, got {args.aes_mode}.')
 
-def aead_encryptor_from_cli_args(args):
+def kdf_data_from_cli(args) -> Optional[KdfData]:
+    if args.kdf_uuid:
+        args.kdf_info = KdfInfo(uuid.uuid1())
+
+    if args.kdf_alg is not None:
+        return KdfData(KdfAlg(args.kdf_alg), args.kdf_info)
+    else:
+        return None
+
+def aead_parameters_from_cli(args):
+    key = aes_key_from_cli_args(args)
+    params = AeadParameters(
+        key=key,
+        key_number=args.key_num,
+        aead_salt=args.salt,
+        kdf_data=kdf_data_from_cli(args),
+        kdf_salt=args.kdf_salt)
+
+    logger.debug(params)
+
+    return params
+
+def aead_encryptor_from_cli_args(args) -> Optional[AeadEncryptor]:
     if args.enc_key is not None:
-        key = aes_key_from_cli_args(args)
-        return AeadEncryptor(key=key, key_number=args.key_num, salt=args.salt)
+        return AeadEncryptor(aead_parameters_from_cli(args))
     return None
 
-def aead_decryptor_from_cli_args(args):
+def aead_decryptor_from_cli_args(args) -> Optional[AeadDecryptor]:
     if args.enc_key is not None:
-        key = aes_key_from_cli_args(args)
-        return AeadDecryptor(key=key, key_number=args.key_num, salt=args.salt)
+        return AeadDecryptor(aead_parameters_from_cli(args))
     return None
 
 def rsa_oaep_encryptor_from_cli_args(args):
@@ -70,10 +130,11 @@ def rsa_oaep_encryptor_from_cli_args(args):
 
     wrapping_key = RsaKey.load_pem_key(args.wrap_key, args.wrap_pass)
     if args.enc_key is None:
-        return RsaOaepEncryptor.create_with_new_content_key(wrapping_key)
-
-    key = aes_key_from_cli_args(args)
-    return RsaOaepEncryptor(wrapping_key=wrapping_key, key=key, key_number=args.key_num)
+        encryptor = RsaOaepEncryptor.create_with_new_content_key(wrapping_key=wrapping_key, kdf_data=kdf_data_from_cli(args))
+    else:
+        encryptor = RsaOaepEncryptor(wrapping_key=wrapping_key, params=aead_parameters_from_cli(args))
+    logger.debug(encryptor)
+    return encryptor
 
 def encryptor_from_cli_args(args):
     if args.wrap_key is None:
@@ -108,9 +169,9 @@ def fixup_key_password(args, ask_for_pass: bool = True):
 
 def create_keystore(args):
     keystore = InsecureKeystore()
-    aes_key = aes_key_from_cli_args(args)
-    if aes_key is not None:
-        keystore.add_aes_key(args.key_num, aes_key, args.salt)
+    aead_params = aead_parameters_from_cli(args)
+    if aead_params.key is not None:
+        keystore.add_aes_key(aead_params)
 
     if args.key_file is not None:
         keystore.add_rsa_key(name='default', key=RsaKey.load_pem_key(args.key_file, args.key_pass))

ccnpy/apps/cli_utils.py

@@ -13,6 +13,7 @@
 #  limitations under the License.
 
 import argparse
+import logging
 import sys
 from abc import ABC, abstractmethod
 
@@ -72,7 +73,6 @@ def __init__(self, args, keystore: InsecureKeystore):
         self._root_hash = args.hash_restriction
         self._dir = args.in_dir
         self._keystore = keystore
-        self._decryptors = {}
         self._reader = TreeIO.PacketDirectoryReader(self._dir)
         self._writer = self._create_writer(args)
         self.debug = False
@@ -102,8 +102,7 @@ def read(self):
         with self._writer:
             traverser = Traversal(packet_input=self._reader,
                                   data_writer=self._writer,
-                                  keystore=self._keystore,
-                                  debug=self.debug)
+                                  keystore=self._keystore)
             # this will walk the manifest tree and write the app data to `data_writer`.
             traverser.traverse(root_name=self._root_name, hash_restriction=self._root_hash)
 
@@ -113,6 +112,11 @@ def read(self):
 
 
 def run():
+    logging.basicConfig(level=logging.INFO)
+    logging.getLogger('ccnpy.flic.tree.Traversal').setLevel(logging.DEBUG)
+    logging.getLogger('ccnpy.flic.RsaOaepCtx.RsaOaepImpl').setLevel(logging.DEBUG)
+    logging.getLogger('ccnpy.crypto.InsecureKeystore').setLevel(logging.DEBUG)
+
     parser = argparse.ArgumentParser()
 
     parser.add_argument('--name', dest="name", default=None, help='CCNx URI for root manifest', required=True)

ccnpy/apps/manifest_reader.py

@@ -14,6 +14,7 @@
 
 
 import argparse
+import logging
 from datetime import datetime
 
 from ccnpy.core.ExpiryTime import ExpiryTime
@@ -106,6 +107,9 @@ def _create_manifest_tree(self) -> Packet:
 
 
 def run():
+    logging.basicConfig(level=logging.INFO)
+    # logging.getLogger('ccnpy.apps.cli_utils').setLevel(logging.DEBUG)
+
     max_size = 1500
 
     parser = argparse.ArgumentParser()

ccnpy/apps/manifest_writer.py

@@ -13,6 +13,7 @@
 #  limitations under the License.
 
 import argparse
+import logging
 from pathlib import PurePath
 
 from ccnpy.apps.packet_utils import validate_packet, decrypt_manifest
@@ -68,6 +69,10 @@ def read(self):
 
 
 def run():
+    logging.basicConfig(level=logging.INFO)
+    # logging.getLogger('ccnpy.crypto.InsecureKeystore').setLevel(logging.DEBUG)
+    logging.getLogger('ccnpy.apps.cli_utils').setLevel(logging.DEBUG)
+
     parser = argparse.ArgumentParser()
     parser.add_argument('-i', dest="in_dir", default='.', help="input directory (default=%r)" % '.')
 

ccnpy/apps/packet_reader.py

@@ -14,11 +14,13 @@
 from ccnpy.core.ValidationAlg import ValidationAlg_Crc32c, ValidationAlg_RsaSha256
 from ccnpy.crypto.Crc32c import Crc32cVerifier
 from ccnpy.crypto.DecryptionError import DecryptionError
-from ccnpy.crypto.InsecureKeystore import InsecureKeystore
+from ccnpy.crypto.InsecureKeystore import InsecureKeystore, KeyIdNotFoundError, KeyNumberNotFoundError
 from ccnpy.crypto.RsaSha256 import RsaSha256Verifier
+from ccnpy.flic.RsaOaepCtx.RsaOaepDecryptor import RsaOaepDecryptor
 from ccnpy.flic.aeadctx.AeadDecryptor import AeadDecryptor
 from ccnpy.flic.tlvs.AeadCtx import AeadCtx
 from ccnpy.flic.tlvs.Manifest import Manifest
+from ccnpy.flic.tlvs.RsaOaepCtx import RsaOaepCtx
 
 __static_crc32c_verifier = Crc32cVerifier()
 
@@ -34,11 +36,8 @@ def validate_packet(keystore: InsecureKeystore, packet):
     elif isinstance(alg, ValidationAlg_RsaSha256):
         try:
             rsa_pub_key = keystore.get_rsa(alg.keyid())
-        except KeyError:
-            raise KeyError(f'Could not find RSA key in keystore with keyid {alg.keyid()}')
-
-        if rsa_pub_key is None:
-            print(f"Packet requires RsaSha256 verifier, but no key matching keyid {alg.keyid} found.")
+        except KeyIdNotFoundError:
+            print(f'Signature not validated, could not find RSA key in keystore with keyid {alg.keyid()}')
             return
 
         # TODO: we should cache these
@@ -53,19 +52,35 @@ def validate_packet(keystore: InsecureKeystore, packet):
     print(f"Packet validation success with {verifier}")
     return
 
+
+def _get_aead_decryptor(keystore: InsecureKeystore, security_ctx: AeadCtx):
+    try:
+        params = keystore.get_aes_key(security_ctx.key_number())
+    except KeyNumberNotFoundError:
+        print(f'Manifest not decrypted, could not find AES key in keystore with {security_ctx.key_number()}')
+        return None
+
+    return AeadDecryptor(params)
+
+
+def _get_oaep_decryptor(keystore, security_ctx):
+    return RsaOaepDecryptor(keystore)
+
+
 def decrypt_manifest(keystore: InsecureKeystore, manifest: Manifest) -> Manifest:
     if not manifest.is_encrypted():
         return manifest
 
     security_ctx = manifest.security_ctx()
     if isinstance(security_ctx, AeadCtx):
-        key = keystore.get_aes_key(security_ctx.key_number())
-        salt = keystore.get_aes_salt(security_ctx.key_number())
-        decryptor = AeadDecryptor(key=key, key_number=security_ctx.key_number(), salt=salt)
-
-        try:
-            return decryptor.decrypt_manifest(manifest)
-        except DecryptionError as e:
-            print(f"Failed decryption: {e}")
+        decryptor = _get_aead_decryptor(keystore, security_ctx)
+    elif isinstance(security_ctx, RsaOaepCtx):
+        decryptor = _get_oaep_decryptor(keystore, security_ctx)
     else:
         print(f"Unsupported encryption mode: {security_ctx}")
+        return None
+
+    try:
+        return decryptor.decrypt_manifest(manifest)
+    except DecryptionError as e:
+        print(f"Failed decryption: {e}")

ccnpy/apps/packet_utils.py

@@ -23,7 +23,7 @@ class DisplayFormatter:
     def hexlify(cls, value):
         if value is None:
             return "None"
-        return str(binascii.hexlify(value), 'utf-8')
+        return f'0x{str(binascii.hexlify(value), 'utf-8')}'
 
     @classmethod
     def prettify(cls, value):

ccnpy/core/DisplayFormatter.py

@@ -46,6 +46,9 @@ def __eq__(self, other):
             return False
         return self._tlv == other._tlv
 
+    def __hash__(self):
+        return hash(self._tlv)
+    
     @classmethod
     def parse(cls, tlv):
         if tlv.type() != cls.class_type():

ccnpy/core/HashTlvType.py

@@ -23,4 +23,4 @@ def class_type(cls):
         return cls.__T_KEYID
 
     def __repr__(self):
-        return "LeafDigest(%r)" % self._digest
+        return "KeyId(%r)" % self._digest

ccnpy/core/KeyId.py

@@ -101,6 +101,9 @@ def __eq__(self, other):
 
         return result
 
+    def __hash__(self):
+        return hash(self._wire_format.tobytes())
+
     @classmethod
     def deserialize(cls, buffer):
         if len(buffer) < 4: