mirror
/
go-ethereum
mirror of https://github.com/ethereum/go-ethereum
2
0
Fork 1
Code Issues Releases Wiki Activity

[release/1.3.4] crypto/ecies: make authenticated shared data work

Browse Source 
The s2 parameter was not actually written to the MAC.
pull/2258/head
Felix Lange 9 years ago committed by Jeffrey Wilcke
parent c541b38fb3
commit 8cb69b9e9b
2 changed files with 36 additions and 6 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 12
      crypto/ecies/ecies.go
  2. 30
      crypto/ecies/ecies_test.go

12
crypto/ecies/ecies.go
Unescape View File

@ -191,11 +191,9 @@ func concatKDF(hash hash.Hash, z, s1 []byte, kdLen int) (k []byte, err error) {
// messageTag computes the MAC of a message (called the tag) as per // messageTag computes the MAC of a message (called the tag) as per
// SEC 1, 3.5. // SEC 1, 3.5.
func messageTag(hash func() hash.Hash, km, msg, shared []byte) []byte { func messageTag(hash func() hash.Hash, km, msg, shared []byte) []byte {
if shared == nil {
shared = make([]byte, 0)
}
mac := hmac.New(hash, km) mac := hmac.New(hash, km)
mac.Write(msg) mac.Write(msg)
mac.Write(shared)
tag := mac.Sum(nil) tag := mac.Sum(nil)
return tag return tag
} }
@ -242,9 +240,11 @@ func symDecrypt(rand io.Reader, params *ECIESParams, key, ct []byte) (m []byte,
return return
} }
// Encrypt encrypts a message using ECIES as specified in SEC 1, 5.1. If // Encrypt encrypts a message using ECIES as specified in SEC 1, 5.1.
// the shared information parameters aren't being used, they should be //
// nil. // s1 and s2 contain shared information that is not part of the resulting
// ciphertext. s1 is fed into key derivation, s2 is fed into the MAC. If the
// shared information parameters aren't being used, they should be nil.
func Encrypt(rand io.Reader, pub *PublicKey, m, s1, s2 []byte) (ct []byte, err error) { func Encrypt(rand io.Reader, pub *PublicKey, m, s1, s2 []byte) (ct []byte, err error) {
params := pub.Params params := pub.Params
if params == nil { if params == nil {

30
crypto/ecies/ecies_test.go
Unescape View File

@ -353,6 +353,36 @@ func TestEncryptDecrypt(t *testing.T) {
} }
} }
func TestDecryptShared2(t *testing.T) {
prv, err := GenerateKey(rand.Reader, DefaultCurve, nil)
if err != nil {
t.Fatal(err)
}
message := []byte("Hello, world.")
shared2 := []byte("shared data 2")
ct, err := Encrypt(rand.Reader, &prv.PublicKey, message, nil, shared2)
if err != nil {
t.Fatal(err)
}
// Check that decrypting with correct shared data works.
pt, err := prv.Decrypt(rand.Reader, ct, nil, shared2)
if err != nil {
t.Fatal(err)
}
if !bytes.Equal(pt, message) {
t.Fatal("ecies: plaintext doesn't match message")
}
// Decrypting without shared data or incorrect shared data fails.
if _, err = prv.Decrypt(rand.Reader, ct, nil, nil); err == nil {
t.Fatal("ecies: decrypting without shared data didn't fail")
}
if _, err = prv.Decrypt(rand.Reader, ct, nil, []byte("garbage")); err == nil {
t.Fatal("ecies: decrypting with incorrect shared data didn't fail")
}
}
// TestMarshalEncryption validates the encode/decode produces a valid // TestMarshalEncryption validates the encode/decode produces a valid
// ECIES encryption key. // ECIES encryption key.
func TestMarshalEncryption(t *testing.T) { func TestMarshalEncryption(t *testing.T) {

Write Preview
Loading…
Cancel
Save