Skip to content

Differential tests #43

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
lonerapier merged 44 commits into from
Nov 12, 2025
Merged

Differential tests #43

lonerapier merged 44 commits into from
Nov 12, 2025

Conversation

@lonerapier
Copy link
Collaborator

@lonerapier lonerapier commented Oct 30, 2025
edited
Loading

Changes needed to test this repository with MFKDF reference implementation.

Other PR/packages

Changes

  • differential-test feature flag
  • det_rng module for deterministic rng
    • replace OsRng with GlobalRng throughout factor construction, derived key features, shamir shares
  • real entropy from u32 -> f64
  • removed salt from MFDKF2Factor
  • hotp: create target before padded secret
  • integrity: sort policy factor params by key
  • PolicyFactor: skip field serialization if empty
  • ooba:
    • replace String params and keys to Value or concrete Jwk type
    • remove code from params, and add uppercase.
  • question: answer normalisation
  • Policy: deterministic id generation by hashing all factor ids
  • reconstitution: use BTreeMap instead of HashMap for ordered keys in factor, outputs
  • TS api facade: nested parsing and stringification.
    • Needed due to read and write to internal state of the key.

Note

  • ooba derived key is modified by hardcoding:
    • next param: can't be same because node's native rsa encrypt uses internal rng
    • ext: node's native Jwk struct adds ext for browser support. Not mentioned in RFC
    • hmac: can't be same due to above fields.
  • Skipping derived key output check for stack factor

Base automatically changed from complete-features to main November 3, 2025 16:19
@lonerapier
add derived key features
5c32c23
@lonerapier
add persisted and passkey factor tests
c31990d
@lonerapier
add security tests
462ee7b
@lonerapier
clippy fixes
fe002f4
@lonerapier
add totp oracle security tests
439a5e6
@lonerapier
add output tests, remove duplicate tests
ce146d7
@lonerapier
add all tests
983f0a7
@lonerapier
make modules public and remove some todos
12e3df0
@lonerapier
remove duplicate tests
1469df0
@lonerapier
update gf256sss fork
d156dbf
@lonerapier
revert rand upgrade
4ba8d66
@lonerapier
use ssskit
c762a46
@lonerapier
add deterministic rng
4867dee
@lonerapier
refactor: factor specfic salt generation in setup/derive
5024ce0
@lonerapier
use btreemap during reconstitution
6923a71
@lonerapier
fix real entropy calc
641fa08
@lonerapier
deep clone policy on unwrap
484b300
@lonerapier
add derive tests
127950c
@lonerapier
hotp: rearrange setup
322b175 
* generate target before padded secret
* reduce target range by 1
@lonerapier
totp: rearrange setup
ec4a50e 
* compute target before secret padding
* reduce target modulus by one
@lonerapier
add more tests
a59fec9
@lonerapier
fix entropy tests
eb938a3
@lonerapier
fix hmacsha1 private data method
368d439
@lonerapier
skip serializing for empty fields
04c5580
@lonerapier
add more factor tests
a802371
@lonerapier
ooba: modify fields and replace types.
400b00f 
  - skip field serialization if empty
  - replace `String` params and keys to `Value` or concrete `Jwk` type
  - remove `code` from params.
@lonerapier
add ooba test
65f35fa
@lonerapier
question: fix answer normalisation
9becfe1
@lonerapier lonerapier marked this pull request as ready for review November 4, 2025 11:19
lonerapier
lonerapier commented Nov 4, 2025
View reviewed changes
mfkdf2-web/src/api.ts Outdated
return value;
}

function stringifyFactorParams(value: any): any {
Copy link
Collaborator Author

@lonerapier lonerapier Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TODO: This can definitely be simplified a lot, maybe removed altogether.

stringification is needed due to nested parsing done in differential test. the derived key similarity validation reads the internal state of the key.

Autoparallel
Autoparallel reviewed Nov 4, 2025
View reviewed changes
mfkdf2/src/rng.rs
Comment on lines +9 to +11
thread_local! {
static RNG: RefCell<ChaCha20Rng> = RefCell::new(ChaCha20Rng::from_seed(DEFAULT_SEED));
}
Copy link
Contributor

@Autoparallel Autoparallel Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is cursed rust.

Can you use a OnceCell or whatever here to create a static?

This clearly works but I've never seen it done this way.

Copy link
Collaborator Author

@lonerapier lonerapier Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OnceCell can't work due to no mutable reference in static.
Other options would be a lazylock, but that would require a mutex. I used this to prevent any locks.

Copy link
Contributor

@Autoparallel Autoparallel Nov 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Really? I see.

The thread_local! is also bizarre.

Anyway, not a big deal especially if it works because this is really just for differential testing.

Copy link
Collaborator Author

@lonerapier lonerapier Nov 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://docs.rs/rand/latest/src/rand/rngs/thread.rs.html#118-127

that's how rust rand do it as well.

@Autoparallel
Copy link
Contributor

Autoparallel commented Nov 4, 2025

Let me go review the related PRs

lonerapier
lonerapier commented Nov 5, 2025
View reviewed changes
mfkdf2-web/test/differential/derive.test.ts
], { id: 'key1' })
const setup2Clone = JSON.parse(JSON.stringify(setup2))

// purposely modify the setup2Clone to make it similar to the setup
Copy link
Collaborator Author

@lonerapier lonerapier Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ooba derived key is modified by hardcoding:

  • next param: can't be same because node's native rsa encrypt uses internal rng
  • ext: node's native Jwk struct adds ext for browser support. Not mentioned in RFC
  • hmac: can't be same due to above fields.

@Autoparallel
Copy link
Contributor

Autoparallel commented Nov 8, 2025

This is looking good! Almost there. Resolved many comments. Left up relevant ones.

Let's get all of your documentation and the differential tests nicely displayed on the github pages so we can easily point to this for further security work.

Again, awesome job! <3

@lonerapier
Copy link
Collaborator Author

lonerapier commented Nov 10, 2025

@Autoparallel this seems good to merge. I've opened another PR for mdbook and documentation detailing steps to setup, reproduce the bindings and differential testing.

@lonerapier
update to latest mfkdf fork
fe07b84
@lonerapier
feat: mdbook (#47)
a1b5fda 
* add mdbook

* publish book

* add roadmap and fix readme

* add toc, fix justfile commands
@lonerapier lonerapier merged commit 27ae6e8 into main Nov 12, 2025
10 checks passed
@lonerapier lonerapier deleted the differential-tests branch November 12, 2025 05:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@Autoparallel Autoparallel Autoparallel left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lonerapier @Autoparallel