crypto: remove ciphersuite ID

crates/aranya-crypto/examples/hsm/main.rs

@@ -59,8 +59,6 @@ impl Csprng for HsmEngine {
 }
 
 impl CipherSuite for HsmEngine {
-    const ID: Id = Id::default();
-
     type Aead = rust::Aes256Gcm;
     type Hash = rust::Sha512;
     type Kdf = rust::HkdfSha512;

crates/aranya-crypto/src/afc/bidi.rs

@@ -185,7 +185,6 @@ impl<CS: CipherSuite> BidiChannel<'_, CS> {
         tuple_hash::<CS::Hash, _>([
             Self::LABEL,
             &SuiteIds::from_suite::<CS>().into_bytes(),
-            CS::ID.as_bytes(),
             self.parent_cmd_id.as_bytes(),
             self.our_id.as_bytes(),
             self.their_id.as_bytes(),
@@ -201,7 +200,6 @@ impl<CS: CipherSuite> BidiChannel<'_, CS> {
         tuple_hash::<CS::Hash, _>([
             Self::LABEL,
             &SuiteIds::from_suite::<CS>().into_bytes(),
-            CS::ID.as_bytes(),
             self.parent_cmd_id.as_bytes(),
             self.their_id.as_bytes(),
             self.our_id.as_bytes(),

crates/aranya-crypto/src/afc/uni.rs

@@ -172,7 +172,6 @@ impl<CS: CipherSuite> UniChannel<'_, CS> {
         tuple_hash::<CS::Hash, _>([
             "AfcUnidirectionalKey".as_bytes(),
             &SuiteIds::from_suite::<CS>().into_bytes(),
-            CS::ID.as_bytes(),
             self.parent_cmd_id.as_bytes(),
             self.seal_id.as_bytes(),
             self.open_id.as_bytes(),

crates/aranya-crypto/src/aranya.rs

@@ -415,7 +415,6 @@ impl<CS: CipherSuite> EncryptionKey<CS> {
         let info = tuple_hash::<CS::Hash, _>([
             "GroupKey".as_bytes(),
             &SuiteIds::from_suite::<CS>().into_bytes(),
-            CS::ID.as_bytes(),
             group.as_bytes(),
         ]);
         let mut ctx =
@@ -454,7 +453,6 @@ impl<CS: CipherSuite> EncryptionPublicKey<CS> {
         let info = tuple_hash::<CS::Hash, _>([
             "GroupKey".as_bytes(),
             &SuiteIds::from_suite::<CS>().into_bytes(),
-            CS::ID.as_bytes(),
             group.as_bytes(),
         ]);
         let (enc, mut ctx) =

crates/aranya-crypto/src/ciphersuite.rs

@@ -29,7 +29,6 @@ use crate::{
     mac::{Mac, MacId},
     signer::{Signer, SignerId},
     typenum::U64,
-    Id,
 };
 
 /// The cryptographic primitives used by the cryptography engine.
@@ -52,9 +51,6 @@ use crate::{
 /// Additionally, please test your implementation using the
 /// `test_util` module.
 pub trait CipherSuite {
-    /// Uniquely identifies the [`CipherSuite`].
-    const ID: Id;
-
     /// See [`Aead`] for more information.
     type Aead: Aead + IndCca2;
     /// See [`Hash`] for more information.

crates/aranya-crypto/src/default.rs

@@ -37,8 +37,6 @@ use crate::{
 pub struct DefaultCipherSuite;
 
 impl CipherSuite for DefaultCipherSuite {
-    const ID: Id = Id::default();
-
     type Aead = crate::rust::Aes256Gcm;
     type Hash = crate::rust::Sha512;
     type Kdf = crate::rust::HkdfSha512;
@@ -47,14 +45,7 @@ impl CipherSuite for DefaultCipherSuite {
     type Signer = crate::ed25519::Ed25519;
 }
 
-/// A basic [`Engine`] implementation that wraps keys with
-/// its [`Aead`].
-///
-/// # Notes
-///
-/// It's mostly useful for tests as its [`CipherSuite::ID`]
-/// constant is all zeros and the user must store the root
-/// encryption key somewhere.
+/// A basic [`Engine`] implementation that wraps keys with its [`Aead`].
 pub struct DefaultEngine<R: Csprng = Rng, S: CipherSuite = DefaultCipherSuite> {
     aead: S::Aead,
     rng: R,
@@ -101,8 +92,6 @@ impl<R: Csprng, S: CipherSuite> Csprng for DefaultEngine<R, S> {
 // has to be a fixed size so that we can use `heapless`.
 #[derive(Serialize, MaxSize)]
 struct AuthData {
-    /// `Engine::Id`.
-    eng_id: Id,
     /// `Unwrapped::ID`.
     alg_id: AlgId,
     /// `<Unwrapped as Identified>::id`.
@@ -130,7 +119,6 @@ impl<R: Csprng, S: CipherSuite> RawSecretWrap<Self> for DefaultEngine<R, S> {
         // repeat nonces.
         let nonce = Nonce::<_>::random(&mut self.rng);
         let ad = postcard::to_vec::<_, { AuthData::POSTCARD_MAX_SIZE }>(&AuthData {
-            eng_id: S::ID,
             alg_id: T::ID,
             key_id: id,
         })
@@ -165,7 +153,6 @@ impl<R: Csprng, S: CipherSuite> RawSecretWrap<Self> for DefaultEngine<R, S> {
     {
         let mut data = key.ciphertext.clone();
         let ad = postcard::to_vec::<_, { AuthData::POSTCARD_MAX_SIZE }>(&AuthData {
-            eng_id: S::ID,
             alg_id: T::ID,
             key_id: key.id,
         })

crates/aranya-crypto/src/id.rs

@@ -39,10 +39,9 @@ pub struct Id([u8; 64]);
 impl Id {
     /// Derives an [`Id`] from the hash of some data.
     pub fn new<CS: CipherSuite>(data: &[u8], tag: &[u8]) -> Id {
-        // id = H("ID-v1" || eng_id || suites || data || tag)
+        // id = H("ID-v1" || suites || data || tag)
         tuple_hash::<CS::Hash, _>([
             "ID-v1".as_bytes(),
-            CS::ID.as_bytes(),
             &SuiteIds::from_suite::<CS>().into_bytes(),
             data,
             tag,

crates/aranya-crypto/src/misc.rs

@@ -7,7 +7,6 @@ use serde::{de, Deserialize, Deserializer, Serialize, Serializer};
 
 use crate::{
     ciphersuite::{CipherSuite, SuiteIds},
-    id::Id,
     keys::PublicKey,
     signer::{Signature, Signer},
 };
@@ -405,8 +404,6 @@ pub(crate) enum ExportedDataType {
 #[derive(Serialize, Deserialize, MaxSize)]
 #[serde(deny_unknown_fields)]
 pub(crate) struct ExportedData<T> {
-    /// Uniquely identifies the [`Engine`].
-    eng_id: Id,
     /// Uniquely idenitifies the chosen algorithms.
     suite_id: SuiteIds,
     /// Uniquely idenitifes the type of data.
@@ -417,14 +414,13 @@ pub(crate) struct ExportedData<T> {
 
 impl<T> ExportedData<T> {
     pub(crate) fn valid_context<CS: CipherSuite>(&self, name: ExportedDataType) -> bool {
-        self.eng_id == CS::ID && self.suite_id == SuiteIds::from_suite::<CS>() && self.name == name
+        self.suite_id == SuiteIds::from_suite::<CS>() && self.name == name
     }
 }
 
 impl<'a, K: PublicKey> ExportedData<SerdeBorrowedKey<'a, K>> {
     pub(crate) fn from_key<CS: CipherSuite>(pk: &'a K, name: ExportedDataType) -> Self {
         Self {
-            eng_id: CS::ID,
             suite_id: SuiteIds::from_suite::<CS>(),
             name,
             data: SerdeBorrowedKey(pk),

crates/aranya-crypto/src/test_util/mod.rs

@@ -44,7 +44,6 @@ use crate::{
     subtle::{Choice, ConstantTimeEq},
     typenum::U64,
     zeroize::ZeroizeOnDrop,
-    Id,
 };
 
 #[macro_export]
@@ -350,7 +349,6 @@ where
     M: Mac<KeySize = U64, TagSize = U64>,
     S: Signer,
 {
-    const ID: Id = Id::default();
     type Aead = A;
     type Hash = H;
     type Kdf = F;

crates/aranya-idam-ffi/src/ffi.rs

@@ -297,7 +297,7 @@ function compute_change_id(
         new_cmd_id: Id,
         current_change_id: Id,
     ) -> Result<Id, Error> {
-        // ChangeID = H("ID-v1" || eng_id || suites || data || tag)
+        // ChangeID = H("ID-v1" || suites || data || tag)
         Ok(Id::new::<E::CS>(
             current_change_id.as_bytes(),
             new_cmd_id.as_bytes(),