mirror of
https://github.com/logos-messaging/noise.git
synced 2026-01-12 11:03:07 +00:00
Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
4fcac0b407 | ||
|
|
d794400c8f |
@ -28,9 +28,6 @@ type DHFunc interface {
|
||||
// entropy.
|
||||
GenerateKeypair(random io.Reader) (DHKey, error)
|
||||
|
||||
// GenerateKeypairFromPrivateKEy generates a keypair from a private key
|
||||
GenerateKeyPairFromPrivateKey(privkey []byte) (DHKey, error)
|
||||
|
||||
// DH performs a Diffie-Hellman calculation between the provided private and
|
||||
// public keys and returns the result.
|
||||
DH(privkey, pubkey []byte) ([]byte, error)
|
||||
@ -107,7 +104,7 @@ var DH25519 DHFunc = dh25519{}
|
||||
|
||||
type dh25519 struct{}
|
||||
|
||||
func (d dh25519) GenerateKeypair(rng io.Reader) (DHKey, error) {
|
||||
func (dh25519) GenerateKeypair(rng io.Reader) (DHKey, error) {
|
||||
privkey := make([]byte, 32)
|
||||
if rng == nil {
|
||||
rng = rand.Reader
|
||||
@ -115,11 +112,6 @@ func (d dh25519) GenerateKeypair(rng io.Reader) (DHKey, error) {
|
||||
if _, err := io.ReadFull(rng, privkey); err != nil {
|
||||
return DHKey{}, err
|
||||
}
|
||||
|
||||
return d.GenerateKeyPairFromPrivateKey(privkey)
|
||||
}
|
||||
|
||||
func (d dh25519) GenerateKeyPairFromPrivateKey(privkey []byte) (DHKey, error) {
|
||||
pubkey, err := curve25519.X25519(privkey, curve25519.Basepoint)
|
||||
if err != nil {
|
||||
return DHKey{}, err
|
||||
|
||||
2
go.mod
2
go.mod
@ -1,4 +1,4 @@
|
||||
module github.com/waku-org/noise
|
||||
module github.com/status-im/noise
|
||||
|
||||
go 1.17
|
||||
|
||||
|
||||
40
state.go
40
state.go
@ -10,7 +10,6 @@ import (
|
||||
"crypto/rand"
|
||||
"errors"
|
||||
"fmt"
|
||||
"hash"
|
||||
"io"
|
||||
"math"
|
||||
)
|
||||
@ -150,16 +149,12 @@ func (s *symmetricState) MixKeyAndHash(data []byte) {
|
||||
s.hasK = true
|
||||
}
|
||||
|
||||
// Note that by setting extraAd, it is possible to pass extra additional data that will be concatenated to the ad specified by Noise (can be used to authenticate messageNametag)
|
||||
func (s *symmetricState) EncryptAndHash(out, plaintext []byte, extraAd ...byte) ([]byte, error) {
|
||||
func (s *symmetricState) EncryptAndHash(out, plaintext []byte) ([]byte, error) {
|
||||
if !s.hasK {
|
||||
s.MixHash(plaintext)
|
||||
return append(out, plaintext...), nil
|
||||
}
|
||||
|
||||
ad := append([]byte(nil), s.h...)
|
||||
ad = append(ad, extraAd...)
|
||||
ciphertext, err := s.Encrypt(out, ad, plaintext)
|
||||
ciphertext, err := s.Encrypt(out, s.h, plaintext)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -167,15 +162,12 @@ func (s *symmetricState) EncryptAndHash(out, plaintext []byte, extraAd ...byte)
|
||||
return ciphertext, nil
|
||||
}
|
||||
|
||||
func (s *symmetricState) DecryptAndHash(out, data []byte, extraAd ...byte) ([]byte, error) {
|
||||
func (s *symmetricState) DecryptAndHash(out, data []byte) ([]byte, error) {
|
||||
if !s.hasK {
|
||||
s.MixHash(data)
|
||||
return append(out, data...), nil
|
||||
}
|
||||
|
||||
ad := append([]byte(nil), s.h...)
|
||||
ad = append(ad, extraAd...)
|
||||
plaintext, err := s.Decrypt(out, ad, data)
|
||||
plaintext, err := s.Decrypt(out, s.h, data)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -363,22 +355,14 @@ func NewHandshakeState(c Config) (*HandshakeState, error) {
|
||||
return hs, nil
|
||||
}
|
||||
|
||||
func (s *HandshakeState) H() []byte {
|
||||
return append([]byte(nil), s.ss.h...)
|
||||
}
|
||||
|
||||
func (s *HandshakeState) RS() []byte {
|
||||
return append([]byte(nil), s.rs...)
|
||||
}
|
||||
|
||||
// WriteMessage appends a handshake message to out. The message will include the
|
||||
// optional payload if provided. If the handshake is completed by the call, two
|
||||
// CipherStates will be returned, one is used for encryption of messages to the
|
||||
// remote peer, the other is used for decryption of messages from the remote
|
||||
// peer. It is an error to call this method out of sync with the handshake
|
||||
// pattern.
|
||||
func (s *HandshakeState) WriteMessage(out, payload []byte, extraAd ...byte) ([]byte, *CipherState, *CipherState, error) {
|
||||
out, _, cs1, cs2, err := s.WriteMessageAndGetPK(out, [][]byte{}, payload, extraAd)
|
||||
func (s *HandshakeState) WriteMessage(out, payload []byte) ([]byte, *CipherState, *CipherState, error) {
|
||||
out, _, cs1, cs2, err := s.WriteMessageAndGetPK(out, [][]byte{}, payload)
|
||||
return out, cs1, cs2, err
|
||||
}
|
||||
|
||||
@ -388,7 +372,7 @@ func (s *HandshakeState) WriteMessage(out, payload []byte, extraAd ...byte) ([]b
|
||||
// one is used for encryption of messages to the remote peer, the other is used
|
||||
// for decryption of messages from the remote peer. It is an error to call this
|
||||
// method out of sync with the handshake pattern.
|
||||
func (s *HandshakeState) WriteMessageAndGetPK(out []byte, outPK [][]byte, payload []byte, extraAd []byte) ([]byte, [][]byte, *CipherState, *CipherState, error) {
|
||||
func (s *HandshakeState) WriteMessageAndGetPK(out []byte, outPK [][]byte, payload []byte) ([]byte, [][]byte, *CipherState, *CipherState, error) {
|
||||
if !s.shouldWrite {
|
||||
return nil, nil, nil, nil, errors.New("noise: unexpected call to WriteMessage should be ReadMessage")
|
||||
}
|
||||
@ -471,7 +455,7 @@ func (s *HandshakeState) WriteMessageAndGetPK(out []byte, outPK [][]byte, payloa
|
||||
}
|
||||
s.shouldWrite = false
|
||||
s.msgIdx++
|
||||
out, err = s.ss.EncryptAndHash(out, payload, extraAd...)
|
||||
out, err = s.ss.EncryptAndHash(out, payload)
|
||||
if err != nil {
|
||||
return nil, nil, nil, nil, err
|
||||
}
|
||||
@ -484,10 +468,6 @@ func (s *HandshakeState) WriteMessageAndGetPK(out []byte, outPK [][]byte, payloa
|
||||
return out, outPK, nil, nil, nil
|
||||
}
|
||||
|
||||
func (s *HandshakeState) Hash() hash.Hash {
|
||||
return s.ss.cs.Hash()
|
||||
}
|
||||
|
||||
// ErrShortMessage is returned by ReadMessage if a message is not as long as it should be.
|
||||
var ErrShortMessage = errors.New("noise: message is too short")
|
||||
|
||||
@ -496,7 +476,7 @@ var ErrShortMessage = errors.New("noise: message is too short")
|
||||
// will be returned, one is used for encryption of messages to the remote peer,
|
||||
// the other is used for decryption of messages from the remote peer. It is an
|
||||
// error to call this method out of sync with the handshake pattern.
|
||||
func (s *HandshakeState) ReadMessage(out, message []byte, extraAd ...byte) ([]byte, *CipherState, *CipherState, error) {
|
||||
func (s *HandshakeState) ReadMessage(out, message []byte) ([]byte, *CipherState, *CipherState, error) {
|
||||
if s.shouldWrite {
|
||||
return nil, nil, nil, errors.New("noise: unexpected call to ReadMessage should be WriteMessage")
|
||||
}
|
||||
@ -588,7 +568,7 @@ func (s *HandshakeState) ReadMessage(out, message []byte, extraAd ...byte) ([]by
|
||||
s.ss.MixKeyAndHash(s.psk)
|
||||
}
|
||||
}
|
||||
out, err = s.ss.DecryptAndHash(out, message, extraAd...)
|
||||
out, err = s.ss.DecryptAndHash(out, message)
|
||||
if err != nil {
|
||||
s.ss.Rollback()
|
||||
if rsSet {
|
||||
|
||||
@ -7,7 +7,7 @@ import (
|
||||
"io"
|
||||
"os"
|
||||
|
||||
. "github.com/waku-org/noise"
|
||||
. "github.com/flynn/noise"
|
||||
)
|
||||
|
||||
func main() {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user