diff --git a/accounts/src/key_management/ephemeral_key_holder.rs b/accounts/src/key_management/ephemeral_key_holder.rs index 9e3a9b1..ecfb09e 100644 --- a/accounts/src/key_management/ephemeral_key_holder.rs +++ b/accounts/src/key_management/ephemeral_key_holder.rs @@ -1,4 +1,5 @@ -use aes_gcm::{aead::Aead, AeadCore, Aes256Gcm, Key, KeyInit}; +use aes_gcm::{aead::Aead, AeadCore, Aes256Gcm, KeyInit}; +use elliptic_curve::point::AffineCoordinates; use elliptic_curve::PrimeField; use k256::{AffinePoint, FieldBytes, Scalar}; use log::info; @@ -39,14 +40,8 @@ impl EphemeralKeyHolder { viewing_public_key_receiver: AffinePoint, data: &[u8], ) -> (CipherText, Nonce) { - let key_point = self.calculate_shared_secret_sender(viewing_public_key_receiver); - let binding = serde_json::to_vec(&key_point).unwrap(); - let key_raw = &binding.as_slice()[..32]; - let key_raw_adjust: [u8; 32] = key_raw.try_into().unwrap(); - - let key: Key = key_raw_adjust.into(); - - let cipher = Aes256Gcm::new(&key); + let shared_secret = self.calculate_shared_secret_sender(viewing_public_key_receiver); + let cipher = Aes256Gcm::new(&shared_secret.x()); let nonce = Aes256Gcm::generate_nonce(&mut OsRng); (cipher.encrypt(&nonce, data).unwrap(), nonce) diff --git a/accounts/src/key_management/mod.rs b/accounts/src/key_management/mod.rs index 25673f6..474bd99 100644 --- a/accounts/src/key_management/mod.rs +++ b/accounts/src/key_management/mod.rs @@ -1,6 +1,7 @@ -use aes_gcm::{aead::Aead, Aes256Gcm, Key, KeyInit}; +use aes_gcm::{aead::Aead, Aes256Gcm, KeyInit}; use common::merkle_tree_public::TreeHashType; use constants_types::{CipherText, Nonce}; +use elliptic_curve::point::AffineCoordinates; use ephemeral_key_holder::EphemeralKeyHolder; use k256::AffinePoint; use log::info; @@ -63,14 +64,8 @@ impl AddressKeyHolder { ciphertext: CipherText, nonce: Nonce, ) -> Result, aes_gcm::Error> { - let key_point = self.calculate_shared_secret_receiver(ephemeral_public_key_sender); - let binding = serde_json::to_vec(&key_point).unwrap(); - let key_raw = &binding.as_slice()[..32]; - let key_raw_adjust: [u8; 32] = key_raw.try_into().unwrap(); - - let key: Key = key_raw_adjust.into(); - - let cipher = Aes256Gcm::new(&key); + let shared_secret = self.calculate_shared_secret_receiver(ephemeral_public_key_sender); + let cipher = Aes256Gcm::new(&shared_secret.x()); cipher.decrypt(&nonce, ciphertext.as_slice()) } @@ -115,6 +110,7 @@ mod tests { use constants_types::{NULLIFIER_SECRET_CONST, VIEWING_SECRET_CONST}; use elliptic_curve::ff::Field; use elliptic_curve::group::prime::PrimeCurveAffine; + use elliptic_curve::point::AffineCoordinates; use k256::{AffinePoint, ProjectivePoint, Scalar}; use super::*; @@ -154,22 +150,14 @@ mod tests { let address_key_holder = AddressKeyHolder::new_os_random(); // Generate an ephemeral key and shared secret - let scalar = Scalar::random(OsRng); let ephemeral_public_key_sender = address_key_holder .produce_ephemeral_key_holder() .generate_ephemeral_public_key(); let shared_secret = address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); - // Prepare the encryption key from shared secret - let key_raw = serde_json::to_vec(&shared_secret).unwrap(); - let key_raw_adjust_pre = &key_raw.as_slice()[..32]; - let key_raw_adjust: [u8; 32] = key_raw_adjust_pre.try_into().unwrap(); - let key: Key = key_raw_adjust.into(); - - let cipher = Aes256Gcm::new(&key); - // Encrypt sample data + let cipher = Aes256Gcm::new(&shared_secret.x()); let nonce = Nonce::from_slice(b"unique nonce"); let plaintext = b"Sensitive data"; let ciphertext = cipher @@ -225,19 +213,12 @@ mod tests { // Generate ephemeral public key and shared secret let scalar = Scalar::random(OsRng); - let ephemeral_public_key_sender = (ProjectivePoint::generator() * scalar).to_affine(); + let ephemeral_public_key_sender = (ProjectivePoint::GENERATOR * scalar).to_affine(); let shared_secret = address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); - // Prepare the encryption key from shared secret - let key_raw = serde_json::to_vec(&shared_secret).unwrap(); - let key_raw_adjust_pre = &key_raw.as_slice()[..32]; - let key_raw_adjust: [u8; 32] = key_raw_adjust_pre.try_into().unwrap(); - let key: Key = key_raw_adjust.into(); - - let cipher = Aes256Gcm::new(&key); - // Encrypt sample data with a specific nonce + let cipher = Aes256Gcm::new(&shared_secret.x()); let nonce = Nonce::from_slice(b"unique nonce"); let plaintext = b"Sensitive data"; let ciphertext = cipher @@ -265,19 +246,12 @@ mod tests { // Generate ephemeral public key and shared secret let scalar = Scalar::random(OsRng); - let ephemeral_public_key_sender = (ProjectivePoint::generator() * scalar).to_affine(); + let ephemeral_public_key_sender = (ProjectivePoint::GENERATOR * scalar).to_affine(); let shared_secret = address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); - // Prepare the encryption key from shared secret - let key_raw = serde_json::to_vec(&shared_secret).unwrap(); - let key_raw_adjust_pre = &key_raw.as_slice()[..32]; - let key_raw_adjust: [u8; 32] = key_raw_adjust_pre.try_into().unwrap(); - let key: Key = key_raw_adjust.into(); - - let cipher = Aes256Gcm::new(&key); - // Encrypt sample data + let cipher = Aes256Gcm::new(&shared_secret.x()); let nonce = Nonce::from_slice(b"unique nonce"); let plaintext = b"Sensitive data"; let ciphertext = cipher @@ -307,7 +281,7 @@ mod tests { // Generate ephemeral key and shared secret let scalar = Scalar::random(OsRng); - let ephemeral_public_key_sender = (ProjectivePoint::generator() * scalar).to_affine(); + let ephemeral_public_key_sender = (ProjectivePoint::GENERATOR * scalar).to_affine(); // Encrypt sample data let plaintext = b"Round-trip test data"; @@ -315,12 +289,7 @@ mod tests { let shared_secret = address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); - // Prepare the encryption key from shared secret - let key_raw = serde_json::to_vec(&shared_secret).unwrap(); - let key_raw_adjust_pre = &key_raw.as_slice()[..32]; - let key_raw_adjust: [u8; 32] = key_raw_adjust_pre.try_into().unwrap(); - let key: Key = key_raw_adjust.into(); - let cipher = Aes256Gcm::new(&key); + let cipher = Aes256Gcm::new(&shared_secret.x()); let ciphertext = cipher .encrypt(nonce, plaintext.as_ref())