Algorithm not compatible with newest apple version

[MatteoCultrera]

I was testing the repository to check compatibility with the new apple implementation of HPKE but seems is not compatible. When running this MVE

func letsTest() {
     let cypher = HPKE.Ciphersuite(
        kem: .P384_HKDF_SHA384,
        kdf: .HKDF_SHA384,
        aead: .AES_GCM_256
    )
    let cypherLegacy = SwiftHPKE.CipherSuite(
        kem: .P384,
        kdf: .KDF384,
        aead: .AESGCM256
    )
    let privateKey = P384.KeyAgreement.PrivateKey(compactRepresentable: false)
    let bePrivateKey = P384.KeyAgreement.PrivateKey(compactRepresentable: false)
    let privateKeyLegacy = try! PrivateKey(der: Bytes(privateKey.derRepresentation))
    let publicKeyLegacy = try! PublicKey(der: Bytes(privateKey.publicKey.derRepresentation))
    let bePrivateKeyLegacy = try! PrivateKey(der: Bytes(bePrivateKey.derRepresentation))
    let bePublicKeyLegacy = try! PublicKey(der: Bytes(bePrivateKey.publicKey.derRepresentation))

    let message = "Hello World"
    var sender = try! HPKE.Sender(
        recipientKey: privateKey.publicKey,
        ciphersuite: cypher,
        info: "info".data(using: .utf8)!,
        authenticatedBy: bePrivateKey
    )
    let encryptedMessage = try! sender.seal(
        message.data(using: .utf8)!,
        authenticating: "auth".data(using: .utf8)!
    )
    let decrypted = try! cypherLegacy.open(
        privateKey: privateKeyLegacy,
        info: Bytes("info".data(using: .utf8)!),
        authentication: bePublicKeyLegacy,
        ct: Bytes(encryptedMessage),
        aad: Bytes("auth".data(using: .utf8)!),
        encap: Bytes(sender.encapsulatedKey)
    )
    print(String(bytes: decrypted, encoding: .utf8)!)
}

In this example I've created two pair of keys, converted them fo use this library following the documentation and tried to encrypt a simple message with the new Apple API. When decoding it using this library, an error is thrown Thread 1: Fatal error: 'try!' expression unexpectedly raised an error: CryptoKit.CryptoKitError.authenticationFailure

[leif-ibsen]

I'm looking into it. Do you use Swift version 5.10 and did your example work in version 5.9?

[MatteoCultrera]

Currently I'm using version 5.9.2 (also on the example) and it does not work in that version sadly Tried also on swift4 but didn't worked as well

[leif-ibsen]

The CryptoKit Compatibility article in the documentation explains how to convert CryptoKit keys to SwiftHPKE keys and vice versa. This description is valid.

However, I never tried to seal a message with CryptoKit and open it with SwiftHPKE or seal a message with SwiftHPKE and open it with CryptoKit.

We can see that it doesn't work and I can't explain why that is so.

I will try to look further into the matter.

[MatteoCultrera]

Thank you so much. Sadly I don't have a lot of expertise on the topic so I was not able to find the root cause of this. I tried a bunch of things (encoding with SwiftHPKE and decoding with apple library, using keys from one library to another and even not using authenticated mode but sadly the result is the same) I don't know if there could be something happening with the conversione between data and bytes (even though should not be the case) or the fact that I used strings instead of array of UInt8

[leif-ibsen]

I tried to modify your example to use kem: .P256_HKDF_SHA256, kdf: .HKDF_SHA256, aead: .AES_GCM_256 and guess what: It works.

I also tried to use kem: .P521_HKDF_SHA512, kdf: .HKDF_SHA512, aead: .AES_GCM_256 and it also works.

I will try to investigate what's wrong with the 384 version

[leif-ibsen]

I believe I found the error: A stupid copy-paste error somewhere in the code. I will publish a new release next week, where the error is corrected. Thanks, for detecting the error.

[MatteoCultrera]

Thank you for quickly reacting to it 🙏

[leif-ibsen]

Fixed in release 2.5.0

[leif-ibsen]

Fixed in release 2.5.0