From 194fa5ada0cee1f6cd9b697b2e6c616304f66664 Mon Sep 17 00:00:00 2001 From: Udara Pathum <46132469+hwupathum@users.noreply.github.com> Date: Thu, 21 Mar 2024 10:40:23 +0530 Subject: [PATCH] Apply suggestions from code review Co-authored-by: MohamedSabthar Co-authored-by: Bhashinee --- ballerina/hpke.bal | 3 +-- ballerina/tests/private_public_key_test.bal | 20 +++++++++---------- ballerina/tests/sign_verify_test.bal | 2 +- .../ballerina/stdlib/crypto/CryptoUtils.java | 4 ++-- .../stdlib/crypto/nativeimpl/Kem.java | 2 -- 5 files changed, 14 insertions(+), 17 deletions(-) diff --git a/ballerina/hpke.bal b/ballerina/hpke.bal index d0adb8c8..0880996d 100644 --- a/ballerina/hpke.bal +++ b/ballerina/hpke.bal @@ -102,10 +102,9 @@ public isolated function decryptMlKem768Hpke(byte[] input, byte[] encapsulatedKe public isolated function encryptRsaMlKem768Hpke(byte[] input, PublicKey rsaPublicKey, PublicKey mlkemPublicKey, AesKeySize symmetricKeySize = 32) returns HybridEncryptionResult|Error { EncapsulationResult hybridEncapsulationResult = check encapsulateRsaKemMlKem768(rsaPublicKey, mlkemPublicKey); byte[] sharedSecret = check hkdfSha256(hybridEncapsulationResult.sharedSecret, symmetricKeySize); - byte[] encapsulatedSecret = hybridEncapsulationResult.encapsulatedSecret; byte[] ciphertext = check encryptAesEcb(input, sharedSecret); return { - encapsulatedSecret: encapsulatedSecret, + encapsulatedSecret: hybridEncapsulationResult.encapsulatedSecret, cipherText: ciphertext }; } diff --git a/ballerina/tests/private_public_key_test.bal b/ballerina/tests/private_public_key_test.bal index 0bdfe833..1f6ebdeb 100644 --- a/ballerina/tests/private_public_key_test.bal +++ b/ballerina/tests/private_public_key_test.bal @@ -356,12 +356,12 @@ isolated function testParseMlDsa65PublicKeyFromX509CertFile() returns Error? { test:assertEquals(publicKey.algorithm, "DILITHIUM3"); Certificate certificate = publicKey.certificate; - string serial = (certificate.serial).toString(); - string issuer = certificate.issuer; - string subject = certificate.subject; - string signingAlgorithm = certificate.signingAlgorithm; + int serial = certificate.serial; + string issuer = certificate.issuer; + string subject = certificate.subject; + string signingAlgorithm = certificate.signingAlgorithm; - test:assertEquals(serial, "1023822328749742100"); + test:assertEquals(serial, 1023822328749742100); test:assertEquals(issuer, "CN=localhost,OU=WSO2,O=WSO2,L=Mountain View,ST=CA,C=US"); test:assertEquals(subject, "CN=localhost,OU=WSO2,O=WSO2,L=Mountain View,ST=CA,C=US"); test:assertEquals(signingAlgorithm, "DILITHIUM3"); @@ -373,12 +373,12 @@ isolated function testParseMlKem768PublicKeyFromX509CertFile() returns Error? { test:assertEquals(publicKey.algorithm, "KYBER768"); Certificate certificate = publicKey.certificate; - string serial = (certificate.serial).toString(); - string issuer = certificate.issuer; - string subject = certificate.subject; - string signingAlgorithm = certificate.signingAlgorithm; + int serial = certificate.serial; + string issuer = certificate.issuer; + string subject = certificate.subject; + string signingAlgorithm = certificate.signingAlgorithm; - test:assertEquals(serial, "749281432"); + test:assertEquals(serial, 749281432); test:assertEquals(issuer, "C=US,ST=CA,L=Mountain View,O=WSO2,OU=WSO2,CN=localhost"); test:assertEquals(subject, "C=US,ST=CA,L=Mountain View,O=WSO2,OU=WSO2,CN=localhost"); test:assertEquals(signingAlgorithm, "SHA256withRSA"); diff --git a/ballerina/tests/sign_verify_test.bal b/ballerina/tests/sign_verify_test.bal index 32b14b7b..ae0bb2ae 100644 --- a/ballerina/tests/sign_verify_test.bal +++ b/ballerina/tests/sign_verify_test.bal @@ -264,7 +264,7 @@ isolated function testSignRsaSha512WithInvalidKey() { @test:Config {} isolated function testSignMlDsa65WithInvalidKey() { byte[] payload = "Ballerina test".toBytes(); - PrivateKey privateKey = {algorithm:"DILITHIUM3"}; + PrivateKey privateKey = {algorithm: "DILITHIUM3"}; byte[]|Error result = signMlDsa65(payload, privateKey); if result is Error { test:assertTrue(result.message().includes("Uninitialized private key:")); diff --git a/native/src/main/java/io/ballerina/stdlib/crypto/CryptoUtils.java b/native/src/main/java/io/ballerina/stdlib/crypto/CryptoUtils.java index 24af4f65..28a39f8b 100644 --- a/native/src/main/java/io/ballerina/stdlib/crypto/CryptoUtils.java +++ b/native/src/main/java/io/ballerina/stdlib/crypto/CryptoUtils.java @@ -206,7 +206,7 @@ public static Object generateRsaEncapsulated(PublicKey publicKey) { RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey; RSAKEMGenerator keyGenerator = new RSAKEMGenerator( 32, new KDF2BytesGenerator(new SHA256Digest()), new SecureRandom()); - RSAKeyParameters rsaKeyParams = new RSAKeyParameters( + RSAKeyParameters rsaKeyParams = new RSAKeyParameters( false, rsaPublicKey.getModulus(), rsaPublicKey.getPublicExponent()); SecretWithEncapsulation secretWithEncapsulation = keyGenerator.generateEncapsulated(rsaKeyParams); SecretKey secretKey = new SecretKeySpec(secretWithEncapsulation.getSecret(), Constants.RSA_ALGORITHM); @@ -230,7 +230,7 @@ public static Object extractSecret(byte[] encapsulation, String algorithm, Priva public static Object extractRsaSecret(byte[] encapsulation, PrivateKey privateKey) { RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) privateKey; - RSAKeyParameters rsaKeyParameters = new RSAKeyParameters( + RSAKeyParameters rsaKeyParameters = new RSAKeyParameters( true, rsaPrivateKey.getModulus(), rsaPrivateKey.getPrivateExponent()); RSAKEMExtractor keyExtractor = new RSAKEMExtractor( rsaKeyParameters, 32, new KDF2BytesGenerator(new SHA256Digest())); diff --git a/native/src/main/java/io/ballerina/stdlib/crypto/nativeimpl/Kem.java b/native/src/main/java/io/ballerina/stdlib/crypto/nativeimpl/Kem.java index d1a3c671..2732634e 100644 --- a/native/src/main/java/io/ballerina/stdlib/crypto/nativeimpl/Kem.java +++ b/native/src/main/java/io/ballerina/stdlib/crypto/nativeimpl/Kem.java @@ -83,6 +83,4 @@ public static Object decapsulateRsaKem(BArray inputValue, BMap privateKey) PrivateKey key = (PrivateKey) privateKey.getNativeData(Constants.NATIVE_DATA_PRIVATE_KEY); return CryptoUtils.extractRsaSecret(input, key); } - - }