handshake.go

@@ -284,22 +284,6 @@ func (h *Handshake) FinalizeHandshake() (*HandshakeResult, error) {
 }
 
 // HandshakeComplete indicates whether the handshake process is complete or not
-func (h *Handshake) IsComplete() bool {
-	return h.hsResult != nil
-}
-
-func (h *Handshake) LocalEphemeralKeypair() Keypair {
-	return h.hs.e
-}
-
-func (h *Handshake) RemoteStaticPublicKey() []byte {
-	return h.hs.rs
-}
-
-func (h *Handshake) RemoteEphemeralPublicKey() []byte {
-	return h.hs.re
-}
-
-func (h *Handshake) H() []byte {
-	return h.hs.ss.h
+func (hs *Handshake) IsComplete() bool {
+	return hs.hsResult != nil
 }

noise.go

@@ -67,10 +67,8 @@ func (c *CipherState) hasKey() bool {
 }
 
 func (cs *CipherState) nonce() []byte {
-	// RFC7539 specifies 12 bytes for nonce.
-	// TODO: extract this to function setup when creating handshake pattern
-	var nonceBytes [12]byte
-	binary.LittleEndian.PutUint64(nonceBytes[4:], cs.n)
+	var nonceBytes [12]byte // RFC7539 specifies 12 bytes for nonce.
+	binary.BigEndian.PutUint64(nonceBytes[4:], cs.n)
 	return nonceBytes[:]
 }
 

noise_test.go

@@ -126,13 +126,7 @@ func handshakeTest(t *testing.T, hsAlice *Handshake, hsBob *Handshake) {
 		encryptedPayload, err := aliceHSResult.WriteMessage(message, defaultMessageNametagBuffer)
 		require.NoError(t, err)
 
-		serializedPayload, err := encryptedPayload.Serialize()
-		require.NoError(t, err)
-
-		deserializedPayload, err := DeserializePayloadV2(serializedPayload)
-		require.NoError(t, err)
-
-		plaintext, err := bobHSResult.ReadMessage(deserializedPayload, defaultMessageNametagBuffer)
+		plaintext, err := bobHSResult.ReadMessage(encryptedPayload, defaultMessageNametagBuffer)
 		require.NoError(t, err)
 
 		require.Equal(t, message, plaintext)
@@ -143,13 +137,7 @@ func handshakeTest(t *testing.T, hsAlice *Handshake, hsBob *Handshake) {
 		encryptedPayload, err = bobHSResult.WriteMessage(message, defaultMessageNametagBuffer)
 		require.NoError(t, err)
 
-		serializedPayload, err = encryptedPayload.Serialize()
-		require.NoError(t, err)
-
-		deserializedPayload, err = DeserializePayloadV2(serializedPayload)
-		require.NoError(t, err)
-
-		plaintext, err = aliceHSResult.ReadMessage(deserializedPayload, defaultMessageNametagBuffer)
+		plaintext, err = aliceHSResult.ReadMessage(encryptedPayload, defaultMessageNametagBuffer)
 		require.NoError(t, err)
 
 		require.Equal(t, message, plaintext)

patterns.go

@@ -104,17 +104,15 @@ type HandshakePattern struct {
 	messagePatterns    []MessagePattern
 	hashFn             func() hash.Hash
 	cipherFn           func([]byte) (cipher.AEAD, error)
-	tagSize            int
 	dhKey              DHKey
 }
 
-func NewHandshakePattern(protocolID byte, name string, hashFn func() hash.Hash, cipherFn func([]byte) (cipher.AEAD, error), tagSize int, dhKey DHKey, preMessagePatterns []PreMessagePattern, messagePatterns []MessagePattern) HandshakePattern {
+func NewHandshakePattern(protocolID byte, name string, hashFn func() hash.Hash, cipherFn func([]byte) (cipher.AEAD, error), dhKey DHKey, preMessagePatterns []PreMessagePattern, messagePatterns []MessagePattern) HandshakePattern {
 	return HandshakePattern{
 		protocolID:         protocolID,
 		name:               name,
 		hashFn:             hashFn,
 		cipherFn:           cipherFn,
-		tagSize:            tagSize,
 		dhKey:              dhKey,
 		premessagePatterns: preMessagePatterns,
 		messagePatterns:    messagePatterns,
@@ -155,7 +153,6 @@ var K1K1 = NewHandshakePattern(
 	"Noise_K1K1_25519_ChaChaPoly_SHA256",
 	sha256.New,
 	chacha20poly1305.New,
-	16,
 	DH25519,
 	[]PreMessagePattern{
 		NewPreMessagePattern(Right, []NoiseTokens{S}),
@@ -173,7 +170,6 @@ var XK1 = NewHandshakePattern(
 	"Noise_XK1_25519_ChaChaPoly_SHA256",
 	sha256.New,
 	chacha20poly1305.New,
-	16,
 	DH25519,
 	[]PreMessagePattern{
 		NewPreMessagePattern(Left, []NoiseTokens{S}),
@@ -190,7 +186,6 @@ var XX = NewHandshakePattern(
 	"Noise_XX_25519_ChaChaPoly_SHA256",
 	sha256.New,
 	chacha20poly1305.New,
-	16,
 	DH25519,
 	EmptyPreMessage,
 	[]MessagePattern{
@@ -205,7 +200,6 @@ var XXpsk0 = NewHandshakePattern(
 	"Noise_XXpsk0_25519_ChaChaPoly_SHA256",
 	sha256.New,
 	chacha20poly1305.New,
-	16,
 	DH25519,
 	EmptyPreMessage,
 	[]MessagePattern{
@@ -220,7 +214,6 @@ var WakuPairing = NewHandshakePattern(
 	"Noise_WakuPairing_25519_ChaChaPoly_SHA256",
 	sha256.New,
 	chacha20poly1305.New,
-	16,
 	DH25519,
 	[]PreMessagePattern{
 		NewPreMessagePattern(Left, []NoiseTokens{E}),

payload.go

@@ -2,6 +2,7 @@ package noise
 
 import (
 	"bytes"
+	"crypto/ed25519"
 	"encoding/binary"
 	"errors"
 )
@@ -105,6 +106,8 @@ func (p *PayloadV2) Serialize() ([]byte, error) {
 	return payloadBuf.Bytes(), nil
 }
 
+const ChaChaPolyTagSize = byte(16)
+
 // Deserializes a byte sequence to a PayloadV2 object according to https://rfc.vac.dev/spec/35/.
 // The input serialized payload concatenates the output PayloadV2 object fields as
 // payload = ( protocolId || serializedHandshakeMessageLen || serializedHandshakeMessage || transportMessageLen || transportMessage)
@@ -123,14 +126,8 @@ func DeserializePayloadV2(payload []byte) (*PayloadV2, error) {
 		return nil, err
 	}
 
-	var pattern HandshakePattern
-	var err error
-
-	if result.ProtocolId != None {
-		pattern, err = GetHandshakePattern(result.ProtocolId)
-		if err != nil {
-			return nil, err
-		}
+	if !IsProtocolIDSupported(result.ProtocolId) {
+		return nil, errors.New("unsupported protocol")
 	}
 
 	// We read the Handshake Message length (1 byte)
@@ -153,13 +150,13 @@ func DeserializePayloadV2(payload []byte) (*PayloadV2, error) {
 
 		if flag == 0 {
 			// If the key is unencrypted, we only read the X coordinate of the EC public key and we deserialize into a Noise Public Key
-			pkLen := pattern.dhKey.DHLen()
+			pkLen := ed25519.PublicKeySize
 			var pkBytes SerializedNoisePublicKey = make([]byte, pkLen)
 			if err := binary.Read(payloadBuf, binary.BigEndian, &pkBytes); err != nil {
 				return nil, err
 			}
 
-			serializedPK := SerializedNoisePublicKey(make([]byte, pkLen+1))
+			serializedPK := SerializedNoisePublicKey(make([]byte, ed25519.PublicKeySize+1))
 			serializedPK[0] = flag
 			copy(serializedPK[1:], pkBytes)
 
@@ -172,7 +169,7 @@ func DeserializePayloadV2(payload []byte) (*PayloadV2, error) {
 			written += uint8(1 + pkLen)
 		} else if flag == 1 {
 			// If the key is encrypted, we only read the encrypted X coordinate and the authorization tag, and we deserialize into a Noise Public Key
-			pkLen := pattern.dhKey.DHLen() + pattern.tagSize
+			pkLen := ed25519.PublicKeySize + ChaChaPolyTagSize
 			// TODO: duplicated code: ==============
 
 			var pkBytes SerializedNoisePublicKey = make([]byte, pkLen)
@@ -180,7 +177,7 @@ func DeserializePayloadV2(payload []byte) (*PayloadV2, error) {
 				return nil, err
 			}
 
-			serializedPK := SerializedNoisePublicKey(make([]byte, pkLen+1))
+			serializedPK := SerializedNoisePublicKey(make([]byte, ed25519.PublicKeySize+1))
 			serializedPK[0] = flag
 			copy(serializedPK[1:], pkBytes)