Remove ec::AgreementAlgorithmImpl.

This level of indirection isn't useful anymore since the relevant parts of the `ring::ec` private API are already available to `ring::agreement`.
2018-12-12 15:31:10 -10:00 · 2018-12-12 15:31:10 -10:00 · bc01d93c43
commit bc01d93c43
parent 0cf87e48c7
4 changed files with 21 additions and 35 deletions
--- a/src/agreement.rs
+++ b/src/agreement.rs
@ -81,12 +81,21 @@ pub use crate::ec::{
 };

 /// A key agreement algorithm.
-#[derive(Eq, PartialEq)]
 pub struct Algorithm {
-    pub(crate) i: ec::AgreementAlgorithmImpl,
+    pub(crate) curve: &'static ec::Curve,
+    pub(crate) ecdh: fn(
+        out: &mut [u8],
+        private_key: &ec::PrivateKey,
+        peer_public_key: untrusted::Input,
+    ) -> Result<(), error::Unspecified>,
 }

-derive_debug_via_self!(Algorithm, self.i);
+derive_debug_via_self!(Algorithm, self.curve);
+
+impl Eq for Algorithm {}
+impl PartialEq for Algorithm {
+    fn eq(&self, other: &Algorithm) -> bool { self.curve.id == other.curve.id }
+}

 /// An ephemeral private key for use (only) with `agree_ephemeral`. The
 /// signature of `agree_ephemeral` ensures that an `EphemeralPrivateKey` can be
@ -107,7 +116,7 @@ impl<'a> EphemeralPrivateKey {
        //
        // This only handles the key generation part of step 1. The rest of
        // step one is done by `compute_public_key()`.
-        let private_key = ec::PrivateKey::generate(&alg.i.curve, rng)?;
+        let private_key = ec::PrivateKey::generate(&alg.curve, rng)?;
        Ok(EphemeralPrivateKey { private_key, alg })
    }

@ -117,7 +126,7 @@ impl<'a> EphemeralPrivateKey {

    /// The size in bytes of the encoded public key.
    #[inline(always)]
-    pub fn public_key_len(&self) -> usize { self.alg.i.curve.public_key_len }
+    pub fn public_key_len(&self) -> usize { self.alg.curve.public_key_len }

    /// Computes the public key from the private key's value and fills `out`
    /// with the public point encoded in the standard form for the algorithm.
@ -130,7 +139,7 @@ impl<'a> EphemeralPrivateKey {
        // Obviously, this only handles the part of Step 1 between the private
        // key generation and the sending of the public key to the peer. `out`
        // is what should be sent to the peer.
-        self.private_key.compute_public_key(&self.alg.i.curve, out)
+        self.private_key.compute_public_key(&self.alg.curve, out)
    }

    #[cfg(test)]
@ -174,11 +183,11 @@ where
    // The domain parameters are hard-coded. This check verifies that the
    // peer's public key's domain parameters match the domain parameters of
    // this private key.
-    if peer_public_key_alg.i.curve.id != my_private_key.alg.i.curve.id {
+    if peer_public_key_alg.curve.id != my_private_key.alg.curve.id {
        return Err(error_value);
    }

-    let alg = &my_private_key.alg.i;
+    let alg = &my_private_key.alg;

    // NSA Guide Prerequisite 2, regarding which KDFs are allowed, is delegated
    // to the caller.
--- a/src/ec.rs
+++ b/src/ec.rs
@ -15,25 +15,6 @@
 use crate::{cpu, error, rand};
 use untrusted;

-/// A key agreement algorithm.
-// XXX: This doesn't seem like the best place for this.
-pub struct AgreementAlgorithmImpl {
-    pub curve: &'static Curve,
-    pub ecdh: fn(
-        out: &mut [u8],
-        private_key: &PrivateKey,
-        peer_public_key: untrusted::Input,
-    ) -> Result<(), error::Unspecified>,
-}
-
-derive_debug_via_self!(AgreementAlgorithmImpl, self.curve);
-
-impl PartialEq for AgreementAlgorithmImpl {
-    fn eq(&self, other: &Self) -> bool { self.curve.id == other.curve.id }
-}
-
-impl Eq for AgreementAlgorithmImpl {}
-
 pub struct Curve {
    pub public_key_len: usize,
    pub elem_and_scalar_len: usize,
--- a/src/ec/curve25519/x25519.rs
+++ b/src/ec/curve25519/x25519.rs
@ -36,10 +36,8 @@ static CURVE25519: ec::Curve = ec::Curve {
 /// [RFC 7748]: https://tools.ietf.org/html/rfc7748
 /// [RFC 7748 section 6.1]: https://tools.ietf.org/html/rfc7748#section-6.1
 pub static X25519: agreement::Algorithm = agreement::Algorithm {
-    i: ec::AgreementAlgorithmImpl {
-        curve: &CURVE25519,
-        ecdh: x25519_ecdh,
-    },
+    curve: &CURVE25519,
+    ecdh: x25519_ecdh,
 };

 fn x25519_check_private_key_bytes(bytes: &[u8]) -> Result<(), error::Unspecified> {
--- a/src/ec/suite_b/ecdh.rs
+++ b/src/ec/suite_b/ecdh.rs
@ -40,10 +40,8 @@ macro_rules! ecdh {
        /// [Suite B Implementer's Guide to NIST SP 800-56A]:
        ///     https://github.com/briansmith/ring/blob/master/doc/ecdh.pdf
        pub static $NAME: agreement::Algorithm = agreement::Algorithm {
-            i: ec::AgreementAlgorithmImpl {
-                curve: $curve,
-                ecdh: $ecdh,
-            },
+            curve: $curve,
+            ecdh: $ecdh,
        };

        fn $ecdh(