highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-11-11 22:50:59 +01:00
Code Issues Packages Projects Releases Wiki Activity

tests: add decryption test to bip324_tests

Browse Source
This commit is contained in:
Pieter Wuille
2023-07-10 10:58:20 -04:00
parent 990f0f8da9
commit 1c7582ead6
3 changed files with 79 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/bip324.cpp
View File

@@ -33,7 +33,7 @@ BIP324Cipher::BIP324Cipher(const CKey& key, Span<const std::byte> ent32) noexcep
BIP324Cipher::BIP324Cipher(const CKey& key, const EllSwiftPubKey& pubkey) noexcept :
m_key(key), m_our_pubkey(pubkey) {}
void BIP324Cipher::Initialize(const EllSwiftPubKey& their_pubkey, bool initiator) noexcept
void BIP324Cipher::Initialize(const EllSwiftPubKey& their_pubkey, bool initiator, bool self_decrypt) noexcept
{
// Determine salt (fixed string + network magic bytes)
const auto& message_header = Params().MessageStart();
@@ -43,16 +43,17 @@ void BIP324Cipher::Initialize(const EllSwiftPubKey& their_pubkey, bool initiator
ECDHSecret ecdh_secret = m_key.ComputeBIP324ECDHSecret(their_pubkey, m_our_pubkey, initiator);
// Derive encryption keys from shared secret, and initialize stream ciphers and AEADs.
bool side = (initiator != self_decrypt);
CHKDF_HMAC_SHA256_L32 hkdf(UCharCast(ecdh_secret.data()), ecdh_secret.size(), salt);
std::array<std::byte, 32> hkdf_32_okm;
hkdf.Expand32("initiator_L", UCharCast(hkdf_32_okm.data()));
(initiator ? m_send_l_cipher : m_recv_l_cipher).emplace(hkdf_32_okm, REKEY_INTERVAL);
(side ? m_send_l_cipher : m_recv_l_cipher).emplace(hkdf_32_okm, REKEY_INTERVAL);
hkdf.Expand32("initiator_P", UCharCast(hkdf_32_okm.data()));
(initiator ? m_send_p_cipher : m_recv_p_cipher).emplace(hkdf_32_okm, REKEY_INTERVAL);
(side ? m_send_p_cipher : m_recv_p_cipher).emplace(hkdf_32_okm, REKEY_INTERVAL);
hkdf.Expand32("responder_L", UCharCast(hkdf_32_okm.data()));
(initiator ? m_recv_l_cipher : m_send_l_cipher).emplace(hkdf_32_okm, REKEY_INTERVAL);
(side ? m_recv_l_cipher : m_send_l_cipher).emplace(hkdf_32_okm, REKEY_INTERVAL);
hkdf.Expand32("responder_P", UCharCast(hkdf_32_okm.data()));
(initiator ? m_recv_p_cipher : m_send_p_cipher).emplace(hkdf_32_okm, REKEY_INTERVAL);
(side ? m_recv_p_cipher : m_send_p_cipher).emplace(hkdf_32_okm, REKEY_INTERVAL);
// Derive garbage terminators from shared secret.
hkdf.Expand32("garbage_terminators", UCharCast(hkdf_32_okm.data()));