haskell/cryptonite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[chachapoly1305] properly handle the decryption, and change combine to encrypt.

Browse Source
This commit is contained in:
Vincent Hanquez 2015-07-29 07:24:46 +01:00
parent 169570c963
commit e064af5cba
2 changed files with 23 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
Crypto/Cipher/ChaChaPoly1305.hs
View File

@ -17,7 +17,8 @@ module Crypto.Cipher.ChaChaPoly1305
, initialize , initialize
, appendAAD , appendAAD
, finalizeAAD , finalizeAAD
, combine , encrypt
, decrypt
, finalize , finalize
) where ) where
@ -96,14 +97,22 @@ finalizeAAD (State encState macState aadLength plainLength) =
where where
newMacState = Poly1305.update macState $ pad16 aadLength newMacState = Poly1305.update macState $ pad16 aadLength
combine :: ByteArray ba => ba -> State -> (ba, State) encrypt :: ByteArray ba => ba -> State -> (ba, State)
combine input (State encState macState aadLength plainLength) = encrypt input (State encState macState aadLength plainLength) =
(output, State newEncState newMacState aadLength newPlainLength) (output, State newEncState newMacState aadLength newPlainLength)
where where
(output, newEncState) = ChaCha.combine encState input (output, newEncState) = ChaCha.combine encState input
newMacState = Poly1305.update macState output newMacState = Poly1305.update macState output
newPlainLength = plainLength + fromIntegral (B.length input) newPlainLength = plainLength + fromIntegral (B.length input)
decrypt :: ByteArray ba => ba -> State -> (ba, State)
decrypt input (State encState macState aadLength plainLength) =
(output, State newEncState newMacState aadLength newPlainLength)
where
(output, newEncState) = ChaCha.combine encState input
newMacState = Poly1305.update macState input
newPlainLength = plainLength + fromIntegral (B.length input)
finalize :: State -> Poly1305.Auth finalize :: State -> Poly1305.Auth
finalize (State _ macState aadLength plainLength) = finalize (State _ macState aadLength plainLength) =
Poly1305.finalize $ Poly1305.updates macState Poly1305.finalize $ Poly1305.updates macState

12
tests/ChaChaPoly1305.hs
View File

@ -20,12 +20,22 @@ tag = "\x1a\xe1\x0b\x59\x4f\x09\xe2\x6a\x7e\x90\x2e\xcb\xd0\x60\x06\x91"
tests = testGroup "ChaChaPoly1305" tests = testGroup "ChaChaPoly1305"
[ testCase "V1" runEncrypt [ testCase "V1" runEncrypt
, testCase "V1-decrypt" runDecrypt
] ]
where runEncrypt = where runEncrypt =
let ini = throwCryptoError $ AEAD.initialize key (throwCryptoError $ AEAD.nonce8 constant iv) let ini = throwCryptoError $ AEAD.initialize key (throwCryptoError $ AEAD.nonce8 constant iv)
afterAAD = AEAD.finalizeAAD (AEAD.appendAAD aad ini) afterAAD = AEAD.finalizeAAD (AEAD.appendAAD aad ini)
(out, afterEncrypt) = AEAD.combine plaintext afterAAD (out, afterEncrypt) = AEAD.encrypt plaintext afterAAD
outtag = AEAD.finalize afterEncrypt outtag = AEAD.finalize afterEncrypt
in propertyHoldCase [ eqTest "ciphertext" ciphertext out in propertyHoldCase [ eqTest "ciphertext" ciphertext out
, eqTest "tag" tag (B.convert outtag) , eqTest "tag" tag (B.convert outtag)
] ]
runDecrypt =
let ini = throwCryptoError $ AEAD.initialize key (throwCryptoError $ AEAD.nonce8 constant iv)
afterAAD = AEAD.finalizeAAD (AEAD.appendAAD aad ini)
(out, afterDecrypt) = AEAD.decrypt ciphertext afterAAD
outtag = AEAD.finalize afterDecrypt
in propertyHoldCase [ eqTest "plaintext" plaintext out
, eqTest "tag" tag (B.convert outtag)
]