mirror of
https://github.com/status-im/whisper.git
synced 2025-01-20 07:39:00 +00:00
whisper: sym encryption message padding includes salt (#15631)
Now that the AES salt has been moved to the payload, padding must be adjusted to hide it, lest an attacker guesses that the packet uses symmetric encryption.
This commit is contained in:
parent
21084335dd
commit
7538b633f5
@ -124,6 +124,10 @@ func (msg *sentMessage) appendPadding(params *MessageParams) error {
|
||||
if params.Src != nil {
|
||||
rawSize += signatureLength
|
||||
}
|
||||
|
||||
if params.KeySym != nil {
|
||||
rawSize += AESNonceLength
|
||||
}
|
||||
odd := rawSize % padSizeLimit
|
||||
|
||||
if len(params.Padding) != 0 {
|
||||
|
@ -416,3 +416,59 @@ func TestPadding(t *testing.T) {
|
||||
singlePaddingTest(t, n)
|
||||
}
|
||||
}
|
||||
|
||||
func TestPaddingAppendedToSymMessages(t *testing.T) {
|
||||
params := &MessageParams{
|
||||
Payload: make([]byte, 246),
|
||||
KeySym: make([]byte, aesKeyLength),
|
||||
}
|
||||
|
||||
// Simulate a message with a payload just under 256 so that
|
||||
// payload + flag + aesnonce > 256. Check that the result
|
||||
// is padded on the next 256 boundary.
|
||||
msg := sentMessage{}
|
||||
msg.Raw = make([]byte, len(params.Payload)+1+AESNonceLength)
|
||||
|
||||
err := msg.appendPadding(params)
|
||||
|
||||
if err != nil {
|
||||
t.Fatalf("Error appending padding to message %v", err)
|
||||
return
|
||||
}
|
||||
|
||||
if len(msg.Raw) != 512 {
|
||||
t.Errorf("Invalid size %d != 512", len(msg.Raw))
|
||||
}
|
||||
}
|
||||
|
||||
func TestPaddingAppendedToSymMessagesWithSignature(t *testing.T) {
|
||||
params := &MessageParams{
|
||||
Payload: make([]byte, 246),
|
||||
KeySym: make([]byte, aesKeyLength),
|
||||
}
|
||||
|
||||
pSrc, err := crypto.GenerateKey()
|
||||
|
||||
if err != nil {
|
||||
t.Fatalf("Error creating the signature key %v", err)
|
||||
return
|
||||
}
|
||||
params.Src = pSrc
|
||||
|
||||
// Simulate a message with a payload just under 256 so that
|
||||
// payload + flag + aesnonce > 256. Check that the result
|
||||
// is padded on the next 256 boundary.
|
||||
msg := sentMessage{}
|
||||
msg.Raw = make([]byte, len(params.Payload)+1+AESNonceLength+signatureLength)
|
||||
|
||||
err = msg.appendPadding(params)
|
||||
|
||||
if err != nil {
|
||||
t.Fatalf("Error appending padding to message %v", err)
|
||||
return
|
||||
}
|
||||
|
||||
if len(msg.Raw) != 512 {
|
||||
t.Errorf("Invalid size %d != 512", len(msg.Raw))
|
||||
}
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user