* Remove encryted header version
* Return error from DH & Encrypt
* Use slices instead of fixed array for keys
In order to support multiple types of curves, this commits changes the
type of `Key` from `[32]byte` to `[]byte`. This is useful as most of the
eliptic keys have a size of a compressed key of `33 bytes` instead of
`32 bytes`, which the default implemetation uses (curve25519).
We need to wait for messages to be confirmed before we can actually
delete the message key, otherwise if for whatever reason is not
processed we will be unable to receive it again.
The purpose of limiting the number of skipped keys generated is to avoid a dos
attack whereby an attacker would send a large N, forcing the device to
compute all the keys between currentN..N .
Previously the logic for handling skipped keys was:
- If in the current receiving chain there are more than maxSkip keys,
throw an error
This is problematic as in long-lived session dropped/unreceived messages starts
piling up, eventually reaching the threshold (1000 dropped/unreceived
messages).
This logic has been changed to be more inline with signals spec, and now
it is:
- If N is > currentN + maxSkip, throw an error
The purpose of limiting the number of skipped keys stored is to avoid a dos
attack whereby an attacker would force us to store a large number of
keys, filling up our storage.
Previously the logic for handling old keys was:
- Once you have maxKeep ratchet steps, delete any key from
currentRatchet - maxKeep.
This, in combination with the maxSkip implementation, capped the number of stored keys to
maxSkip * maxKeep.
The logic has been changed to:
- Keep a maximum of MaxMessageKeysPerSession
and additionally we delete any key that has a sequence number <
currentSeqNum - maxKeep
1. Renamed state to session, created state and included it in session
2. Removed AssociatedData type
3. Implemented message header encoding and decoding
4. Added a paragraph about header encryption into README.md
5. Added PublicKeyer interface
6. Added chain structs
7. Added NewWithRK constructor
Andrea Maria Piana
Pedro Pombeiro
Ivan Tomilov