highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-11-12 23:18:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge bitcoin/bitcoin#23271: crypto: Fix K1/K2 use in the comments in ChaCha20-Poly1305 AEAD

Browse Source 
be7f4130f9 Fix K1/K2 use in the comments in ChaCha20-Poly1305 AEAD (=)

Pull request description:

  As per [#22331](https://github.com/bitcoin/bitcoin/pull/22331) and the [Detailed Construction of the ChaCha20Forward4064-Poly1305@Bitcoin cipher suite](https://gist.github.com/jonasschnelli/c530ea8421b8d0e80c51486325587c52#detailed-construction) mentioned in BIP 324, K1 is used for encrypting the associated data(message length) and instantiating the Poly1305 MAC while K2 is used for encrypting the payload. This PR fixes the comments which need to be updated in:

  1. The test vector in `src/test/crypto_tests.cpp`
  2. In `src/crypto/chacha_poly_aead.h`,  `m_chacha_main` is a K2 ChaCha20 cipher instance and should be used for encrypting the payload. Also,  `m_chacha_header` is a K1 ChaCha20 cipher instance and is used for encrypting the length and instantiating the Poly1305 MAC.

ACKs for top commit:
  siv2r:
    ACK be7f413
  jonatack:
    ACK be7f4130f9
  Zero-1729:
    ACK be7f413
  shaavan:
    reACK be7f4130f9

Tree-SHA512: 9d3d0f45cf95d0a87b9f04c26f04b9ea78b2f2fa578d3722146a79dd0d377b9867532fc62e02b8e1487420df7702a1f033d15db562327535940c2049cbde401f
This commit is contained in:
W. J. van der Laan
2021-10-21 19:21:29 +02:00
parent ee1294f155 be7f4130f9
commit f41aa81c99
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/test/crypto_tests.cpp
View File

@@ -694,8 +694,8 @@ BOOST_AUTO_TEST_CASE(chacha20_poly1305_aead_testvector)
TestChaCha20Poly1305AEAD(true, 0,
/* m */ "0000000000000000000000000000000000000000000000000000000000000000",
/* k1 (payload) */ "0000000000000000000000000000000000000000000000000000000000000000",
/* k2 (AAD) */ "0000000000000000000000000000000000000000000000000000000000000000",
/* k1 (AAD) */ "0000000000000000000000000000000000000000000000000000000000000000",
/* k2 (payload) */ "0000000000000000000000000000000000000000000000000000000000000000",
/* AAD keystream */ "76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586",
/* encrypted message & MAC */ "76b8e09f07e7be5551387a98ba977c732d080dcb0f29a048e3656912c6533e32d2fc11829c1b6c1df1f551cd6131ff08",
/* encrypted message & MAC at sequence 999 */ "b0a03d5bd2855d60699e7d3a3133fa47be740fe4e4c1f967555e2d9271f31c3aaa7aa16ec62c5e24f040c08bb20c3598");