update secret connection to use a little endian encoded nonce (#2264)
* update secret connection to use a little endian encoded nonce * update encoding of chunk length to be little endian, too * update comment * Change comment slightly to trigger circelci
This commit is contained in:
parent
b1bc3e4f89
commit
9d06d7e306
|
@ -123,7 +123,7 @@ func (sc *SecretConnection) Write(data []byte) (n int, err error) {
|
||||||
data = nil
|
data = nil
|
||||||
}
|
}
|
||||||
chunkLength := len(chunk)
|
chunkLength := len(chunk)
|
||||||
binary.BigEndian.PutUint32(frame, uint32(chunkLength))
|
binary.LittleEndian.PutUint32(frame, uint32(chunkLength))
|
||||||
copy(frame[dataLenSize:], chunk)
|
copy(frame[dataLenSize:], chunk)
|
||||||
|
|
||||||
aead, err := chacha20poly1305.New(sc.sendSecret[:])
|
aead, err := chacha20poly1305.New(sc.sendSecret[:])
|
||||||
|
@ -172,7 +172,7 @@ func (sc *SecretConnection) Read(data []byte) (n int, err error) {
|
||||||
incrNonce(sc.recvNonce)
|
incrNonce(sc.recvNonce)
|
||||||
// end decryption
|
// end decryption
|
||||||
|
|
||||||
var chunkLength = binary.BigEndian.Uint32(frame) // read the first two bytes
|
var chunkLength = binary.LittleEndian.Uint32(frame) // read the first four bytes
|
||||||
if chunkLength > dataMaxSize {
|
if chunkLength > dataMaxSize {
|
||||||
return 0, errors.New("chunkLength is greater than dataMaxSize")
|
return 0, errors.New("chunkLength is greater than dataMaxSize")
|
||||||
}
|
}
|
||||||
|
@ -332,13 +332,12 @@ func shareAuthSignature(sc *SecretConnection, pubKey crypto.PubKey, signature []
|
||||||
|
|
||||||
//--------------------------------------------------------------------------------
|
//--------------------------------------------------------------------------------
|
||||||
|
|
||||||
// increment nonce big-endian by 1 with wraparound.
|
// Increment nonce little-endian by 1 with wraparound.
|
||||||
|
// Due to chacha20poly1305 expecting a 12 byte nonce we do not use the first four
|
||||||
|
// bytes. We only increment a 64 bit unsigned int in the remaining 8 bytes
|
||||||
|
// (little-endian in nonce[4:]).
|
||||||
func incrNonce(nonce *[aeadNonceSize]byte) {
|
func incrNonce(nonce *[aeadNonceSize]byte) {
|
||||||
for i := aeadNonceSize - 1; 0 <= i; i-- {
|
counter := binary.LittleEndian.Uint64(nonce[4:])
|
||||||
nonce[i]++
|
counter++
|
||||||
// if this byte wrapped around to zero, we need to increment the next byte
|
binary.LittleEndian.PutUint64(nonce[4:], counter)
|
||||||
if nonce[i] != 0 {
|
|
||||||
return
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue