/kem/*/auth instead of zero-filled /kem/*/from

author Sergey Matveev <stargrave@stargrave.org>

Sun, 30 Nov 2025 08:11:45 +0000 (11:11 +0300)

committer Sergey Matveev <stargrave@stargrave.org>

Sun, 30 Nov 2025 08:11:45 +0000 (11:11 +0300)
author Sergey Matveev <stargrave@stargrave.org>
Sun, 30 Nov 2025 08:11:45 +0000 (11:11 +0300)
committer Sergey Matveev <stargrave@stargrave.org>
Sun, 30 Nov 2025 08:11:45 +0000 (11:11 +0300)
diff --git a/go/cm/cmd/cmenctool/main.go b/go/cm/cmd/cmenctool/main.go

index ebde3eae596d298107968d265aaf36ab4c18aebb047302484a859cc2a0c588a3..f3fadc0f1588e0cb555a2421de58191247680f21d581cc8910dd0469bfb97343 100644 (file)
--- a/go/cm/cmd/cmenctool/main.go
+++ b/go/cm/cmd/cmenctool/main.go
@@ -332,8 +332,8 @@ func main() {
                                         log.Fatalln("invalid private keys len")
                                 }
                                 var from *sign.PubData
                                         log.Fatalln("invalid private keys len")
                                 }
                                 var from *sign.PubData
-                               if kem.From != nil {
-                                       if bytes.Equal(kem.From, bytes.Repeat([]byte{0}, 32)) {
+                               if kem.Auth != nil && *kem.Auth {
+                                       if kem.From == nil {
                                                 kem.From = assumeFrom
                                         }
                                         var signed *sign.Signed
                                                 kem.From = assumeFrom
                                         }
                                         var signed *sign.Signed
@@ -481,8 +481,8 @@ func main() {
                                         log.Fatalln("invalid private keys len")
                                 }
                                 var from *sign.PubData
                                         log.Fatalln("invalid private keys len")
                                 }
                                 var from *sign.PubData
-                               if kem.From != nil {
-                                       if bytes.Equal(kem.From, bytes.Repeat([]byte{0}, 32)) {
+                               if kem.Auth != nil && *kem.Auth {
+                                       if kem.From == nil {
                                                 kem.From = assumeFrom
                                         }
                                         var signed *sign.Signed
                                                 kem.From = assumeFrom
                                         }
                                         var signed *sign.Signed
@@ -794,9 +794,11 @@ func main() {
                                                 if err != nil {
                                                         log.Fatal(err)
                                                 }
                                                 if err != nil {
                                                         log.Fatal(err)
                                                 }
-                                               if *noFrom {
-                                                       kem.From = bytes.Repeat([]byte{0}, 32)
-                                               } else {
+                                               {
+                                                       t := true
+                                                       kem.Auth = &t
+                                               }
+                                               if !*noFrom {
                                                         kem.From = fromId
                                                 }
                                         }
                                                         kem.From = fromId
                                                 }
                                         }
@@ -923,9 +925,11 @@ func main() {
                                                 if err != nil {
                                                         log.Fatal(err)
                                                 }
                                                 if err != nil {
                                                         log.Fatal(err)
                                                 }
-                                               if *noFrom {
-                                                       kem.From = bytes.Repeat([]byte{0}, 32)
-                                               } else {
+                                               {
+                                                       t := true
+                                                       kem.Auth = &t
+                                               }
+                                               if !*noFrom {
                                                         kem.From = fromId
                                                 }
                                         }
                                                         kem.From = fromId
                                                 }
                                         }
diff --git a/go/cm/enc/kem.go b/go/cm/enc/kem.go

index 1a421451e1564d08c2afb55ef927cc1ed09ada95d446a11bc4e2fde87dd7a0e7..ee7d37e4dc97eebdf0b6d6d03da5fe8c7d5e34e6b52e79e2f34319151b32b50e 100644 (file)
--- a/go/cm/enc/kem.go
+++ b/go/cm/enc/kem.go
@@ -17,6 +17,7 @@ type KEM struct {
         A    string `keks:"a"`
         CEK  []byte `keks:"cek"`
         To   []byte `keks:"to,omitempty"`
         A    string `keks:"a"`
         CEK  []byte `keks:"cek"`
         To   []byte `keks:"to,omitempty"`
+       Auth *bool  `keks:"auth,omitempty"`
         From []byte `keks:"from,omitempty"`
  
         // balloon-blake2b-hkdf related
         From []byte `keks:"from,omitempty"`
  
         // balloon-blake2b-hkdf related
diff --git a/spec/cm/encrypted/authcrypt b/spec/cm/encrypted/authcrypt

index b7d7ceb9f5b47ee53ea45f81eee408bb85712334e6573c75e31ffafdb938ce67..e10ff4b42b986cc28d74d064639b3c491c96542bbfc54e99f4409686b3465a4e 100644 (file)
--- a/spec/cm/encrypted/authcrypt
+++ b/spec/cm/encrypted/authcrypt
@@ -1,10 +1,9 @@
-Public-key based [cm/kem/]s provides sender authentication
-*only* if "/kem/*/from" field is specified. It should contain public
-key's "/data/id", but may be equal to 256-bit zeros, to explicitly
-specify that sender's public key is used, but it is anonymous and
-hidden. It is not specified how recipient should find corresponding
-sender's key that way -- implementation/protocol specific.
+Public-key based [cm/kem/]s provides sender authentication *only* if
+"/kem/*/auth" field is set. "/kem/*/from" field may contain public
+key's "/data/id", otherwise sender is hidden. It is not specified
+how recipient should find corresponding sender's key that way --
+implementation/protocol specific.
  
  Optional "/pubs" is a list public keys, which may be used to supply
  
  Optional "/pubs" is a list public keys, which may be used to supply
-sender's public key(s). Public keys may be encrypted, to hide the actual
-deanonymisation contents.
+sender's public key(s). Public keys may be encrypted, to hide the
+actual deanonymisation contents.
diff --git a/tcl/schemas/kem-gost3410-hkdf.tcl b/tcl/schemas/kem-gost3410-hkdf.tcl

index 59a6e3d17c9b657e8569a314d4f53ca3527d55ffbb15cef37c5a20a2baeae76c..91e352c3d3fe5e84ee24a9b4cdb729e1bd320cf6de4466fbcd393bafa2083202 100644 (file)
--- a/tcl/schemas/kem-gost3410-hkdf.tcl
+++ b/tcl/schemas/kem-gost3410-hkdf.tcl
@@ -5,5 +5,6 @@ kem-gost3410-hkdf {
      {field ukm {bin} len=16} {# additional keying material}
      {field pub {bin} >0} {# sender's ephemeral public key}
      {field to {with fpr} optional} {# recipient's public key}
      {field ukm {bin} len=16} {# additional keying material}
      {field pub {bin} >0} {# sender's ephemeral public key}
      {field to {with fpr} optional} {# recipient's public key}
+    {field auth {bool} optional}
      {field from {with fpr} optional} {# sender's public key}
  }
      {field from {with fpr} optional} {# sender's public key}
  }
diff --git a/tcl/schemas/kem-with-encap.tcl b/tcl/schemas/kem-with-encap.tcl

index 0db2b689eb418b2657268c340f8733c4cfce0be3969837ce430018bd469ca8f1..48c8750bb313c1d407868e9e13bd536ef2096d1cca985bbde8de90f1c5191080 100644 (file)
--- a/tcl/schemas/kem-with-encap.tcl
+++ b/tcl/schemas/kem-with-encap.tcl
@@ -5,5 +5,6 @@ kem-with-encap {
      {field cek {bin} >0} {# wrapped CEK}
      {field encap {bin} >0}
      {field to {with fpr} optional} {# recipient's public key}
      {field cek {bin} >0} {# wrapped CEK}
      {field encap {bin} >0}
      {field to {with fpr} optional} {# recipient's public key}
+    {field auth {bool} optional}
      {field from {with fpr} optional} {# sender's public key}
  }
      {field from {with fpr} optional} {# sender's public key}
  }
author	Sergey Matveev <stargrave@stargrave.org>
	Sun, 30 Nov 2025 08:11:45 +0000 (11:11 +0300)
committer	Sergey Matveev <stargrave@stargrave.org>
	Sun, 30 Nov 2025 08:11:45 +0000 (11:11 +0300)
go/cm/cmd/cmenctool/main.go		patch \| blob \| history
go/cm/enc/kem.go		patch \| blob \| history
spec/cm/encrypted/authcrypt		patch \| blob \| history
tcl/schemas/kem-gost3410-hkdf.tcl		patch \| blob \| history
tcl/schemas/kem-with-encap.tcl		patch \| blob \| history