1
0
mirror of https://github.com/taigrr/arduinolibs synced 2025-01-18 04:33:12 -08:00

Test cases for the transport phase of Noise sessions

This commit is contained in:
Rhys Weatherley
2018-06-18 05:24:27 +10:00
parent e04733b8a5
commit 5db9e834f2
7 changed files with 42 additions and 62 deletions

View File

@@ -77,11 +77,11 @@ int NoiseCipherState_AESGCM::decryptPacket
return -1;
uint8_t iv[12];
noiseAESGCMFormatIV(iv, n);
cipher.setIV((const uint8_t *)&iv, sizeof(iv));
cipher.decrypt((uint8_t *)output, (const uint8_t *)input, outputSize);
if (cipher.checkTag(((const uint8_t *)input) + outputSize, 16)) {
cipher.setIV(iv, sizeof(iv));
cipher.decrypt((uint8_t *)output, (const uint8_t *)input, inputSize - 16);
if (cipher.checkTag(((const uint8_t *)input) + inputSize - 16, 16)) {
++n;
return outputSize;
return inputSize - 16;
}
memset(output, 0, outputSize); // Destroy the output if the tag is invalid.
return -1;

View File

@@ -73,12 +73,11 @@ int NoiseCipherState_ChaChaPoly::decryptPacket
if (inputSize < 16 || outputSize < (inputSize - 16))
return -1;
uint64_t iv = htole64(n);
outputSize = inputSize - 16;
cipher.setIV((const uint8_t *)&iv, sizeof(iv));
cipher.decrypt((uint8_t *)output, (const uint8_t *)input, outputSize);
if (cipher.checkTag(((const uint8_t *)input) + outputSize, 16)) {
cipher.decrypt((uint8_t *)output, (const uint8_t *)input, inputSize - 16);
if (cipher.checkTag(((const uint8_t *)input) + inputSize - 16, 16)) {
++n;
return outputSize;
return inputSize - 16;
}
memset(output, 0, outputSize); // Destroy the output if the tag is invalid.
return -1;

View File

@@ -353,7 +353,7 @@ int NoiseHandshakeState::read
* \return Returns true if the cipher objects were split out, or false if
* state() is not NoiseHandshakeState::Split.
*
* If \a tx or \a rx are NULL, the the respective cipher object will not
* If \a tx or \a rx are NULL, then the respective cipher object will not
* be created. This is useful for one-way patterns.
*
* The application is responsible for destroying the \a tx and \a rx

View File

@@ -174,16 +174,15 @@ int NoiseSymmetricState_AESGCM_SHA256::decryptAndHash
if (st.hasKey) {
if (inputSize < 16 || outputSize < (inputSize - 16))
return -1;
outputSize = inputSize - 16;
uint8_t iv[12];
noiseAESGCMFormatIV(iv, st.n);
cipher.setIV(iv, sizeof(iv));
cipher.addAuthData(st.h, sizeof(st.h));
mixHash(input, inputSize);
cipher.decrypt(output, input, outputSize);
if (cipher.checkTag(input + outputSize, 16)) {
cipher.decrypt(output, input, inputSize -16);
if (cipher.checkTag(input + inputSize - 16, 16)) {
++st.n;
return outputSize;
return inputSize -16;
}
memset(output, 0, outputSize); // Destroy output if tag is incorrect.
return -1;

View File

@@ -148,17 +148,16 @@ int NoiseSymmetricState_ChaChaPoly_BLAKE2s::decryptAndHash
if (st.hasKey) {
if (inputSize < 16 || outputSize < (inputSize - 16))
return -1;
outputSize = inputSize - 16;
ChaChaPoly cipher;
uint64_t iv = htole64(st.n);
cipher.setKey(st.key, 32);
cipher.setIV((const uint8_t *)&iv, sizeof(iv));
cipher.addAuthData(st.h, sizeof(st.h));
mixHash(input, inputSize);
cipher.decrypt(output, input, outputSize);
if (cipher.checkTag(input + outputSize, 16)) {
cipher.decrypt(output, input, inputSize - 16);
if (cipher.checkTag(input + inputSize - 16, 16)) {
++st.n;
return outputSize;
return inputSize - 16;
}
memset(output, 0, outputSize); // Destroy output if tag is incorrect.
return -1;

View File

@@ -148,17 +148,16 @@ int NoiseSymmetricState_ChaChaPoly_SHA256::decryptAndHash
if (st.hasKey) {
if (inputSize < 16 || outputSize < (inputSize - 16))
return -1;
outputSize = inputSize - 16;
ChaChaPoly cipher;
uint64_t iv = htole64(st.n);
cipher.setKey(st.key, 32);
cipher.setIV((const uint8_t *)&iv, sizeof(iv));
cipher.addAuthData(st.h, sizeof(st.h));
mixHash(input, inputSize);
cipher.decrypt(output, input, outputSize);
if (cipher.checkTag(input + outputSize, 16)) {
cipher.decrypt(output, input, inputSize - 16);
if (cipher.checkTag(input + inputSize - 16, 16)) {
++st.n;
return outputSize;
return inputSize - 16;
}
memset(output, 0, outputSize); // Destroy output if tag is incorrect.
return -1;