Skip to content

Commit beb7020

Browse files
rustyrussellrustyrussell
committed
test_onion: minor protocol change; use single SHA to create both IVs.
Suggested-by: Anthony Towns <aj@erisian.com.au> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
1 parent 0c4eb06 commit beb7020

File tree

2 files changed

+9
-18
lines changed

2 files changed

+9
-18
lines changed

test/test_onion.c

Lines changed: 8 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
#include <err.h>
1313
#include <stdbool.h>
1414
#include <assert.h>
15+
#include <ccan/build_assert/build_assert.h>
1516
#include <ccan/tal/tal.h>
1617
#include <ccan/mem/mem.h>
1718
#include <ccan/crypto/sha256/sha256.h>
@@ -73,22 +74,14 @@ static struct hmackey hmackey_from_secret(const unsigned char secret[32])
7374
}
7475

7576

76-
static struct iv iv_from_secret(const unsigned char secret[32])
77+
static void ivs_from_secret(const unsigned char secret[32],
78+
struct iv *iv, struct iv *pad_iv)
7779
{
78-
struct iv iv;
7980
struct sha256 sha;
8081
sha_with_seed(secret, 2, &sha);
81-
memcpy(iv.iv, sha.u.u8, sizeof(iv.iv));
82-
return iv;
83-
}
84-
85-
static struct iv pad_iv_from_secret(const unsigned char secret[32])
86-
{
87-
struct iv iv;
88-
struct sha256 sha;
89-
sha_with_seed(secret, 3, &sha);
90-
memcpy(iv.iv, sha.u.u8, sizeof(iv.iv));
91-
return iv;
82+
BUILD_ASSERT(sizeof(*iv) + sizeof(*pad_iv) == sizeof(sha));
83+
memcpy(iv->iv, sha.u.u8, sizeof(iv->iv));
84+
memcpy(pad_iv->iv, sha.u.u8 + sizeof(iv->iv), sizeof(pad_iv->iv));
9285
}
9386

9487
/* Not really! */
@@ -411,8 +404,7 @@ bool create_onion(const secp256k1_pubkey pubkey[],
411404

412405
hmackeys[i] = hmackey_from_secret(memcheck(secret, 32));
413406
enckeys[i] = enckey_from_secret(secret);
414-
ivs[i] = iv_from_secret(secret);
415-
pad_ivs[i] = pad_iv_from_secret(secret);
407+
ivs_from_secret(secret, &ivs[i], &pad_ivs[i]);
416408
}
417409

418410
/*
@@ -525,8 +517,7 @@ bool decrypt_onion(const struct seckey *myseckey, struct onion *onion,
525517

526518
hmackey = hmackey_from_secret(secret);
527519
*enckey = enckey_from_secret(secret);
528-
iv = iv_from_secret(secret);
529-
*pad_iv = pad_iv_from_secret(secret);
520+
ivs_from_secret(secret, &iv, pad_iv);
530521

531522
/* Check HMAC. */
532523
#if 0

test/test_onion.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -175,7 +175,7 @@ def get_ecdh_secrets(cls, sec, pkey_x, pkey_y):
175175
enckey = cls.tweak_sha(sec, b'\x00')[:16]
176176
hmac = cls.tweak_sha(sec, b'\x01')
177177
iv = cls.tweak_sha(sec, b'\x02')[:16]
178-
pad_iv = cls.tweak_sha(sec, b'\x03')[:16]
178+
pad_iv = cls.tweak_sha(sec, b'\x02')[16:]
179179

180180
return enckey, hmac, iv, pad_iv
181181

0 commit comments

Comments
 (0)