-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update secret connection to use a little endian encoded nonce #2264
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lgtm, efficiency loss for not doing this in place should be negligible, since it's int64 parsing.
return | ||
} | ||
} | ||
counter := binary.LittleEndian.Uint64(nonce[4:]) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what about the first 4 bytes?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We do not use them / they will be all zero. We use chacha20poly1305 which expects a 12 byte nonce though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's kind of weird, but only using the last 8 bytes has become the standard for cha cha nonces in stream mode. (This is what is done in noise)
This will be sufficient for our purposes tho, since 2^64 messages will be more than well have. (We can't use random nonces, since that only gave a 2^48 bound, which is in the reachable zone)
p2p/conn/secret_connection.go
Outdated
@@ -334,11 +334,7 @@ func shareAuthSignature(sc *SecretConnection, pubKey crypto.PubKey, signature [] | |||
|
|||
// increment nonce big-endian by 1 with wraparound. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
needs to be updated
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated. Thanks!
@liamsi can you commit a dummy change (add whitespace or something) to restart CircleCI? It looks like they have fixed the above problem. |
Looks like this needs to land first? #2279 |
Looks like there are still some issues with circelci? e.g:
|
You need to rebase your branch against latest develop. https://stackoverflow.com/questions/7244321/how-do-i-update-a-github-forked-repository#7244456 |
Meh, should have done that using the command line :-D One second. |
7660835
to
54f2984
Compare
Thanks @melekes! Rebased (now properly). Should I squash the commit messages, too? |
Codecov Report
@@ Coverage Diff @@
## develop #2264 +/- ##
===========================================
+ Coverage 62.72% 62.79% +0.07%
===========================================
Files 215 215
Lines 17584 17536 -48
===========================================
- Hits 11029 11012 -17
+ Misses 5648 5608 -40
- Partials 907 916 +9
|
This needs to be reflected in changelog (breaking) |
Added. |
Minor change that implements #2263.
Looks like circelci fails because this comes from a fork?