đ
Original date posted:2015-10-27
đ Original message:
A few more remarks:
> 2) ECDH is used to derive a shared secret. From this we generate
> the following transmission encoding parameters for each side:
> Session AES-128 key: SHA256(shared-secret || my-sessionpubkey || 0)
> Session HMAC key: SHA256(shared-secret || my-sessionpubkey || 1)
> IV for AES: SHA256(shared-secret || my-sessionpubkey || 2)
I suppose we use only the first 16 bytes for aes_key and aes_iv ?
> 3) All packets from then on are encrypted of form:
> /* HMAC, covering totlen and data */
> struct sha256 hmac;
> /* Total data transmitted (including this). */
> le64 totlen;
> /* Encrypted contents, rounded up to 16 byte boundary. */
> u8 data[];
Looking at your code it seems totlen is actually the size of the
unencrypted serialized protobuf message, not the total data
transmitted right ? If so, the comment is a bit misleading, and why
make totlen include the length of itself since it doesn't define the
encrypted message boundaries anyway ?
Also, why encode the length on 64 bits rather than 32 bits ?
Cheers,
Pierre
Pierre [ARCHIVE] /
npub1yzâŚy4pdt
2023-06-09 12:44:57
in reply to nevent1qâŚwpqx
Author Public Key
npub1yz88535e0ydqye9q9x8l5cz9d3g6ervfjgyk5xm88zvktmxvstlsuy4pdtPublished at
2023-06-09 12:44:57Event JSON
{
"id": "3f72ce47c3aa7eda2b4a4062ba901d9c1b19c48d87753437e00b7af4929f26f9",
"pubkey": "208e7a4699791a0264a0298ffa60456c51ac8d8992096a1b67389965eccc82ff",
"created_at": 1686314697,
"kind": 1,
"tags": [
[
"e",
"8f7f2db21682c914495fbd222b86e1fdad7235916c75551e48ed09d538570897",
"",
"root"
],
[
"e",
"2470cbfa4ea7e29e31f38697c79e678618b24642750c1425442dc715187b9076",
"",
"reply"
],
[
"p",
"13bd8c1c5e3b3508a07c92598647160b11ab0deef4c452098e223e443c1ca425"
]
],
"content": "đ
Original date posted:2015-10-27\nđ Original message:\nA few more remarks:\n\n\u003e 2) ECDH is used to derive a shared secret. From this we generate\n\u003e the following transmission encoding parameters for each side:\n\u003e Session AES-128 key: SHA256(shared-secret || my-sessionpubkey || 0)\n\u003e Session HMAC key: SHA256(shared-secret || my-sessionpubkey || 1)\n\u003e IV for AES: SHA256(shared-secret || my-sessionpubkey || 2)\nI suppose we use only the first 16 bytes for aes_key and aes_iv ?\n\n\u003e 3) All packets from then on are encrypted of form:\n\u003e /* HMAC, covering totlen and data */\n\u003e struct sha256 hmac;\n\u003e /* Total data transmitted (including this). */\n\u003e le64 totlen;\n\u003e /* Encrypted contents, rounded up to 16 byte boundary. */\n\u003e u8 data[];\nLooking at your code it seems totlen is actually the size of the\nunencrypted serialized protobuf message, not the total data\ntransmitted right ? If so, the comment is a bit misleading, and why\nmake totlen include the length of itself since it doesn't define the\nencrypted message boundaries anyway ?\nAlso, why encode the length on 64 bits rather than 32 bits ?\n\nCheers,\n\nPierre",
"sig": "8ff7efc2c974dc1d9a1351dac655e4e9ed278f688e9a2677a7523cd8322b6b00e95c17e6c21ae75765a2703993ad2deb7248b32c06eeb3c3fd32d247e6c2570e"
}