Add signing and verification to encrypt_message/decrypt_message #59
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This redoes how we encode the result of encrypt_message to add sender
identify and verification (entirely contained within libsession). These
functions now produce/consume:
encrypted(
padded(
bt-encoded(
possibly-compressed-data,
sender-ed25519-pubkey,
ed25519-signature
)
)
)
with signature verification on decryption.
The decryption function thus now returns a pair instead of an optional
value: the session id, and the original value, assuming that value was
signed by the session id. Upon failure for any reason, an exception is
thrown (rather than, previously, returning a nullopt without any way to
get an informative reason for the failure for diagnostics).
Merged
frtget
reviewed
Sep 22, 2023
| /// - tagged with the user's underlying session Ed25519 pubkey (from which the session id can be | ||
| /// computed). | ||
| /// - all of the above encoded into a bt-encoded dict | ||
| /// - suffix-padded with null bytes so that the final output value will be a multiple of 256 |
There was a problem hiding this comment.
are you using different padding methods for config messages and regular messages on purpose ?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This redoes how we encode the result of encrypt_message to add sender identify and verification (entirely contained within libsession). These functions now produce/consume:
with signature verification on decryption.
The decryption function thus now returns a pair instead of an optional value: the session id, and the original value, assuming that value was signed by the session id. Upon failure for any reason, an exception is thrown (rather than, previously, returning a nullopt without any way to get an informative reason for the failure for diagnostics).