mirror of
https://github.com/mikedilger/nip44.git
synced 2026-07-04 05:57:29 +00:00
HMAC over the (nonce||message) not just the message
This commit is contained in:
@@ -127,6 +127,7 @@ fn encrypt_inner(
|
||||
let mut cipher = ChaCha20::new(&keys.encryption().into(), &keys.nonce().into());
|
||||
cipher.apply_keystream(&mut buffer);
|
||||
let mut mac = Hmac::<Sha256>::new_from_slice(&keys.auth())?;
|
||||
mac.update(&nonce);
|
||||
mac.update(&buffer);
|
||||
let mac_bytes = mac.finalize().into_bytes();
|
||||
|
||||
@@ -155,6 +156,7 @@ pub fn decrypt(conversation_key: &[u8; 32], base64_ciphertext: &str) -> Result<S
|
||||
let mac = &binary_ciphertext[dlen - 32..dlen];
|
||||
let keys = get_message_keys(conversation_key, &nonce.try_into().unwrap())?;
|
||||
let mut calculated_mac = Hmac::<Sha256>::new_from_slice(&keys.auth())?;
|
||||
calculated_mac.update(&nonce);
|
||||
calculated_mac.update(&buffer);
|
||||
let calculated_mac_bytes = calculated_mac.finalize().into_bytes();
|
||||
if !constant_time_eq::constant_time_eq(mac, calculated_mac_bytes.as_slice()) {
|
||||
|
||||
Reference in New Issue
Block a user