Skip to content

Commit

Permalink
Speed up AEAD on wrong prekey (#1369)
Browse files Browse the repository at this point in the history
  • Loading branch information
@AaronFeickert
AaronFeickert authored Dec 21, 2023
1 parent 243e6d0 commit 4f68008
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions src/libspark/aead.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,15 +48,15 @@ AEADEncryptedData AEAD::encrypt(const GroupElement& prekey, const std::string ad
// NOTE: This uses a fixed zero nonce, which is safe when used in Spark as directed
// It is NOT safe in general to do this!
CDataStream AEAD::decrypt_and_verify(const GroupElement& prekey, const std::string additional_data, AEADEncryptedData& data) {
// Derive the key and commitment
std::vector<unsigned char> key = SparkUtils::kdf_aead(prekey);
std::vector<unsigned char> key_commitment = SparkUtils::commit_aead(prekey);

// Assert that the key commitment is valid
std::vector<unsigned char> key_commitment = SparkUtils::commit_aead(prekey);
if (key_commitment != data.key_commitment) {
throw std::runtime_error("Bad AEAD key commitment");
}

// Derive the key
std::vector<unsigned char> key = SparkUtils::kdf_aead(prekey);

// Set up the result
CDataStream result(SER_NETWORK, PROTOCOL_VERSION);

Expand Down

0 comments on commit 4f68008

Please sign in to comment.