From 3f1c3f77befbcaa59c9061ece45d2262a7bd297a Mon Sep 17 00:00:00 2001 From: samuel-lucas6 <63159663+samuel-lucas6@users.noreply.github.com> Date: Wed, 30 Nov 2022 20:56:17 +0000 Subject: [PATCH] src: Rename several X25519 functions. The original naming was intended to prevent vulnerabilities from failing to include the public keys in key derivation from a shared secret. However, ComputeXCoordinate() sounds horrible, and DeriveSharedSecret() is misleading when it's doing more than that. Given BLAKE2bHashAlgorithm has been removed, it seems appropriate to adjust this now as well. --- src/Geralt.Tests/X25519Tests.cs | 162 +++++++++++++-------------- src/Geralt/Crypto/X25519.cs | 43 +++---- src/Geralt/Interop/Interop.X25519.cs | 1 - 3 files changed, 103 insertions(+), 103 deletions(-) diff --git a/src/Geralt.Tests/X25519Tests.cs b/src/Geralt.Tests/X25519Tests.cs index c9b5471..cf63e6c 100644 --- a/src/Geralt.Tests/X25519Tests.cs +++ b/src/Geralt.Tests/X25519Tests.cs @@ -15,9 +15,9 @@ public class X25519Tests private static readonly byte[] SharedSecret = Convert.FromHexString("4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742"); // Generated using libsodium-core private static readonly byte[] Seed = Convert.FromHexString("b589764bb6395e13788436f93f4eaa4c858900b6a12328e8626ded5b39d2c7e9"); - private static readonly byte[] HashedSharedSecret = Convert.FromHexString("519fb3af2f3f9e310718cf1f8bdec6e26ab64affe730f0f8b43c43b0e8ee52be"); + private static readonly byte[] SharedKey = Convert.FromHexString("519fb3af2f3f9e310718cf1f8bdec6e26ab64affe730f0f8b43c43b0e8ee52be"); private static readonly byte[] PreSharedKey = Convert.FromHexString("5dbbfd1c5549181aa9319cd71b946757e1f4769aee9568bd360b651a86ea29a2"); - private static readonly byte[] KeyedHashSharedSecret = Convert.FromHexString("a91209efc719601f61c54f74d369fe14f997a29a91b174d5771614b6c9407ad1"); + private static readonly byte[] SharedKeyWithPreSharedKey = Convert.FromHexString("a91209efc719601f61c54f74d369fe14f997a29a91b174d5771614b6c9407ad1"); private static readonly byte[] EvePrivateKey = Convert.FromHexString("452e18802da843e0da527dc3f184a1d04aec69d67e53addd2fc3f8f5cb031a8b"); private static readonly byte[] EvePublicKey = Convert.FromHexString("a0a219524fe1f1d496c2642c76c3ca6510e8d2620c1a325f1fdea02c59f25861"); @@ -128,149 +128,149 @@ public void ComputePublicKey_InvalidPrivateKey() } [TestMethod] - public void ComputeXCoordinate_ValidInputs() + public void ComputeSharedSecret_ValidInputs() { - Span aliceXCoordinate = stackalloc byte[X25519.SharedSecretSize]; - X25519.ComputeXCoordinate(aliceXCoordinate, AlicePrivateKey, BobPublicKey); - Assert.IsTrue(aliceXCoordinate.SequenceEqual(SharedSecret)); - Span bobXCoordinate = stackalloc byte[X25519.SharedSecretSize]; - X25519.ComputeXCoordinate(bobXCoordinate, BobPrivateKey, AlicePublicKey); - Assert.IsTrue(bobXCoordinate.SequenceEqual(aliceXCoordinate)); + Span aliceSharedSecret = stackalloc byte[X25519.SharedSecretSize]; + X25519.ComputeSharedSecret(aliceSharedSecret, AlicePrivateKey, BobPublicKey); + Assert.IsTrue(aliceSharedSecret.SequenceEqual(SharedSecret)); + Span bobSharedSecret = stackalloc byte[X25519.SharedSecretSize]; + X25519.ComputeSharedSecret(bobSharedSecret, BobPrivateKey, AlicePublicKey); + Assert.IsTrue(bobSharedSecret.SequenceEqual(aliceSharedSecret)); } [TestMethod] - public void ComputeXCoordinate_WeakPublicKey() + public void ComputeSharedSecret_WeakPublicKey() { - var xCoordinate = new byte[X25519.SharedSecretSize]; + var sharedSecret = new byte[X25519.SharedSecretSize]; var publicKey = new byte[X25519.PublicKeySize]; - Assert.ThrowsException(() => X25519.ComputeXCoordinate(xCoordinate, AlicePrivateKey, publicKey)); + Assert.ThrowsException(() => X25519.ComputeSharedSecret(sharedSecret, AlicePrivateKey, publicKey)); } [TestMethod] - public void ComputeXCoordinate_InvalidPublicKey() + public void ComputeSharedSecret_InvalidPublicKey() { - var xCoordinate = new byte[X25519.SharedSecretSize]; + var sharedSecret = new byte[X25519.SharedSecretSize]; var publicKey = new byte[X25519.PublicKeySize - 1]; - Assert.ThrowsException(() => X25519.ComputeXCoordinate(xCoordinate, AlicePrivateKey, publicKey)); + Assert.ThrowsException(() => X25519.ComputeSharedSecret(sharedSecret, AlicePrivateKey, publicKey)); publicKey = new byte[X25519.PublicKeySize + 1]; - Assert.ThrowsException(() => X25519.ComputeXCoordinate(xCoordinate, AlicePrivateKey, publicKey)); + Assert.ThrowsException(() => X25519.ComputeSharedSecret(sharedSecret, AlicePrivateKey, publicKey)); } [TestMethod] - public void ComputeXCoordinate_InvalidPrivateKey() + public void ComputeSharedSecret_InvalidPrivateKey() { - var xCoordinate = new byte[X25519.SharedSecretSize]; + var sharedSecret = new byte[X25519.SharedSecretSize]; var privateKey = new byte[X25519.PrivateKeySize - 1]; - Assert.ThrowsException(() => X25519.ComputeXCoordinate(xCoordinate, privateKey, BobPublicKey)); + Assert.ThrowsException(() => X25519.ComputeSharedSecret(sharedSecret, privateKey, BobPublicKey)); privateKey = new byte[X25519.PrivateKeySize + 1]; - Assert.ThrowsException(() => X25519.ComputeXCoordinate(xCoordinate, privateKey, BobPublicKey)); + Assert.ThrowsException(() => X25519.ComputeSharedSecret(sharedSecret, privateKey, BobPublicKey)); } [TestMethod] - public void DeriveSharedSecret_ValidInputs() + public void DeriveSharedKey_ValidInputs() { - Span aliceSharedSecret = stackalloc byte[X25519.SharedSecretSize]; - X25519.DeriveSenderSharedSecret(aliceSharedSecret, AlicePrivateKey, BobPublicKey); - Assert.IsTrue(aliceSharedSecret.SequenceEqual(HashedSharedSecret)); - Span bobSharedSecret = stackalloc byte[X25519.SharedSecretSize]; - X25519.DeriveRecipientSharedSecret(bobSharedSecret, BobPrivateKey, AlicePublicKey); - Assert.IsTrue(bobSharedSecret.SequenceEqual(aliceSharedSecret)); + Span aliceSharedKey = stackalloc byte[X25519.SharedKeySize]; + X25519.DeriveSenderSharedKey(aliceSharedKey, AlicePrivateKey, BobPublicKey); + Assert.IsTrue(aliceSharedKey.SequenceEqual(SharedKey)); + Span bobSharedKey = stackalloc byte[X25519.SharedKeySize]; + X25519.DeriveRecipientSharedKey(bobSharedKey, BobPrivateKey, AlicePublicKey); + Assert.IsTrue(bobSharedKey.SequenceEqual(aliceSharedKey)); } [TestMethod] - public void DeriveSharedSecretWithPreSharedKey_ValidInputs() + public void DeriveSharedKeyWithPreSharedKey_ValidInputs() { - Span aliceSharedSecret = stackalloc byte[X25519.SharedSecretSize]; - X25519.DeriveSenderSharedSecret(aliceSharedSecret, AlicePrivateKey, BobPublicKey, PreSharedKey); - Assert.IsTrue(aliceSharedSecret.SequenceEqual(KeyedHashSharedSecret)); - Span bobSharedSecret = stackalloc byte[X25519.SharedSecretSize]; - X25519.DeriveRecipientSharedSecret(bobSharedSecret, BobPrivateKey, AlicePublicKey, PreSharedKey); - Assert.IsTrue(bobSharedSecret.SequenceEqual(aliceSharedSecret)); + Span aliceSharedKey = stackalloc byte[X25519.SharedKeySize]; + X25519.DeriveSenderSharedKey(aliceSharedKey, AlicePrivateKey, BobPublicKey, PreSharedKey); + Assert.IsTrue(aliceSharedKey.SequenceEqual(SharedKeyWithPreSharedKey)); + Span bobSharedKey = stackalloc byte[X25519.SharedKeySize]; + X25519.DeriveRecipientSharedKey(bobSharedKey, BobPrivateKey, AlicePublicKey, PreSharedKey); + Assert.IsTrue(bobSharedKey.SequenceEqual(aliceSharedKey)); } [TestMethod] - public void DeriveSharedSecret_DifferentPrivateKeys() + public void DeriveSharedKey_DifferentPrivateKeys() { - Span aliceSharedSecret = stackalloc byte[X25519.SharedSecretSize]; - X25519.DeriveSenderSharedSecret(aliceSharedSecret, AlicePrivateKey, BobPublicKey); - Span eveSharedSecret = stackalloc byte[X25519.SharedSecretSize]; - X25519.DeriveRecipientSharedSecret(eveSharedSecret, EvePrivateKey, AlicePublicKey); - Assert.IsFalse(eveSharedSecret.SequenceEqual(aliceSharedSecret)); + Span aliceSharedKey = stackalloc byte[X25519.SharedKeySize]; + X25519.DeriveSenderSharedKey(aliceSharedKey, AlicePrivateKey, BobPublicKey); + Span eveSharedKey = stackalloc byte[X25519.SharedKeySize]; + X25519.DeriveRecipientSharedKey(eveSharedKey, EvePrivateKey, AlicePublicKey); + Assert.IsFalse(eveSharedKey.SequenceEqual(aliceSharedKey)); } [TestMethod] - public void DeriveSharedSecret_DifferentPublicKeys() + public void DeriveSharedKey_DifferentPublicKeys() { - Span aliceSharedSecret = stackalloc byte[X25519.SharedSecretSize]; - X25519.DeriveSenderSharedSecret(aliceSharedSecret, AlicePrivateKey, BobPublicKey); - Span bobSharedSecret = stackalloc byte[X25519.SharedSecretSize]; - X25519.DeriveRecipientSharedSecret(bobSharedSecret, BobPrivateKey, EvePublicKey); - Assert.IsFalse(bobSharedSecret.SequenceEqual(aliceSharedSecret)); + Span aliceSharedKey = stackalloc byte[X25519.SharedKeySize]; + X25519.DeriveSenderSharedKey(aliceSharedKey, AlicePrivateKey, BobPublicKey); + Span bobSharedKey = stackalloc byte[X25519.SharedKeySize]; + X25519.DeriveRecipientSharedKey(bobSharedKey, BobPrivateKey, EvePublicKey); + Assert.IsFalse(bobSharedKey.SequenceEqual(aliceSharedKey)); } [TestMethod] - public void DeriveSharedSecret_DifferentPreSharedKey() + public void DeriveSharedKey_DifferentPreSharedKey() { - Span aliceSharedSecret = stackalloc byte[X25519.SharedSecretSize]; - X25519.DeriveSenderSharedSecret(aliceSharedSecret, AlicePrivateKey, BobPublicKey, PreSharedKey); - Span bobSharedSecret = stackalloc byte[X25519.SharedSecretSize]; - X25519.DeriveRecipientSharedSecret(bobSharedSecret, BobPrivateKey, AlicePublicKey, SharedSecret); - Assert.IsFalse(bobSharedSecret.SequenceEqual(aliceSharedSecret)); + Span aliceSharedKey = stackalloc byte[X25519.SharedKeySize]; + X25519.DeriveSenderSharedKey(aliceSharedKey, AlicePrivateKey, BobPublicKey, PreSharedKey); + Span bobSharedKey = stackalloc byte[X25519.SharedKeySize]; + X25519.DeriveRecipientSharedKey(bobSharedKey, BobPrivateKey, AlicePublicKey, SharedSecret); + Assert.IsFalse(bobSharedKey.SequenceEqual(aliceSharedKey)); } [TestMethod] - public void DeriveSharedSecret_InvalidSharedSecret() + public void DeriveSharedKey_InvalidSharedKey() { - var sharedSecret = new byte[X25519.SharedSecretSize - 1]; - Assert.ThrowsException(() => X25519.DeriveSenderSharedSecret(sharedSecret, AlicePrivateKey, BobPublicKey)); - Assert.ThrowsException(() => X25519.DeriveRecipientSharedSecret(sharedSecret, BobPrivateKey, AlicePublicKey)); - sharedSecret = new byte[X25519.SharedSecretSize + 1]; - Assert.ThrowsException(() => X25519.DeriveSenderSharedSecret(sharedSecret, AlicePrivateKey, BobPublicKey)); - Assert.ThrowsException(() => X25519.DeriveRecipientSharedSecret(sharedSecret, BobPrivateKey, AlicePublicKey)); + var sharedKey = new byte[X25519.SharedKeySize - 1]; + Assert.ThrowsException(() => X25519.DeriveSenderSharedKey(sharedKey, AlicePrivateKey, BobPublicKey)); + Assert.ThrowsException(() => X25519.DeriveRecipientSharedKey(sharedKey, BobPrivateKey, AlicePublicKey)); + sharedKey = new byte[X25519.SharedKeySize + 1]; + Assert.ThrowsException(() => X25519.DeriveSenderSharedKey(sharedKey, AlicePrivateKey, BobPublicKey)); + Assert.ThrowsException(() => X25519.DeriveRecipientSharedKey(sharedKey, BobPrivateKey, AlicePublicKey)); } [TestMethod] - public void DeriveSharedSecret_InvalidPublicKey() + public void DeriveSharedKey_InvalidPublicKey() { - var sharedSecret = new byte[X25519.SharedSecretSize]; + var sharedKey = new byte[X25519.SharedKeySize]; var publicKey = new byte[X25519.PublicKeySize - 1]; - Assert.ThrowsException(() => X25519.DeriveSenderSharedSecret(sharedSecret, AlicePrivateKey, publicKey)); - Assert.ThrowsException(() => X25519.DeriveRecipientSharedSecret(sharedSecret, BobPrivateKey, publicKey)); + Assert.ThrowsException(() => X25519.DeriveSenderSharedKey(sharedKey, AlicePrivateKey, publicKey)); + Assert.ThrowsException(() => X25519.DeriveRecipientSharedKey(sharedKey, BobPrivateKey, publicKey)); publicKey = new byte[X25519.PublicKeySize + 1]; - Assert.ThrowsException(() => X25519.DeriveSenderSharedSecret(sharedSecret, AlicePrivateKey, publicKey)); - Assert.ThrowsException(() => X25519.DeriveRecipientSharedSecret(sharedSecret, BobPrivateKey, publicKey)); + Assert.ThrowsException(() => X25519.DeriveSenderSharedKey(sharedKey, AlicePrivateKey, publicKey)); + Assert.ThrowsException(() => X25519.DeriveRecipientSharedKey(sharedKey, BobPrivateKey, publicKey)); } [TestMethod] - public void DeriveSharedSecret_WeakPublicKey() + public void DeriveSharedKey_WeakPublicKey() { - var sharedSecret = new byte[X25519.SharedSecretSize]; + var sharedKey = new byte[X25519.SharedKeySize]; var publicKey = new byte[X25519.PublicKeySize]; - Assert.ThrowsException(() => X25519.DeriveSenderSharedSecret(sharedSecret, AlicePrivateKey, publicKey)); - Assert.ThrowsException(() => X25519.DeriveRecipientSharedSecret(sharedSecret, BobPrivateKey, publicKey)); + Assert.ThrowsException(() => X25519.DeriveSenderSharedKey(sharedKey, AlicePrivateKey, publicKey)); + Assert.ThrowsException(() => X25519.DeriveRecipientSharedKey(sharedKey, BobPrivateKey, publicKey)); } [TestMethod] - public void DeriveSharedSecret_InvalidPrivateKey() + public void DeriveSharedKey_InvalidPrivateKey() { - var sharedSecret = new byte[X25519.SharedSecretSize]; + var sharedKey = new byte[X25519.SharedKeySize]; var privateKey = new byte[X25519.PrivateKeySize - 1]; - Assert.ThrowsException(() => X25519.DeriveSenderSharedSecret(sharedSecret, privateKey, BobPublicKey)); - Assert.ThrowsException(() => X25519.DeriveRecipientSharedSecret(sharedSecret, privateKey, AlicePublicKey)); + Assert.ThrowsException(() => X25519.DeriveSenderSharedKey(sharedKey, privateKey, BobPublicKey)); + Assert.ThrowsException(() => X25519.DeriveRecipientSharedKey(sharedKey, privateKey, AlicePublicKey)); privateKey = new byte[X25519.PrivateKeySize + 1]; - Assert.ThrowsException(() => X25519.DeriveSenderSharedSecret(sharedSecret, privateKey, BobPublicKey)); - Assert.ThrowsException(() => X25519.DeriveRecipientSharedSecret(sharedSecret, privateKey, AlicePublicKey)); + Assert.ThrowsException(() => X25519.DeriveSenderSharedKey(sharedKey, privateKey, BobPublicKey)); + Assert.ThrowsException(() => X25519.DeriveRecipientSharedKey(sharedKey, privateKey, AlicePublicKey)); } [TestMethod] - public void DeriveSharedSecret_InvalidPreSharedKey() + public void DeriveSharedKey_InvalidPreSharedKey() { - var sharedSecret = new byte[X25519.SharedSecretSize]; + var sharedKey = new byte[X25519.SharedKeySize]; var preSharedKey = new byte[X25519.MinPreSharedKeySize - 1]; - Assert.ThrowsException(() => X25519.DeriveSenderSharedSecret(sharedSecret, AlicePrivateKey, BobPublicKey, preSharedKey)); - Assert.ThrowsException(() => X25519.DeriveRecipientSharedSecret(sharedSecret, BobPrivateKey, AlicePublicKey, preSharedKey)); + Assert.ThrowsException(() => X25519.DeriveSenderSharedKey(sharedKey, AlicePrivateKey, BobPublicKey, preSharedKey)); + Assert.ThrowsException(() => X25519.DeriveRecipientSharedKey(sharedKey, BobPrivateKey, AlicePublicKey, preSharedKey)); preSharedKey = new byte[X25519.MaxPreSharedKeySize + 1]; - Assert.ThrowsException(() => X25519.DeriveSenderSharedSecret(sharedSecret, AlicePrivateKey, BobPublicKey, preSharedKey)); - Assert.ThrowsException(() => X25519.DeriveRecipientSharedSecret(sharedSecret, BobPrivateKey, AlicePublicKey, preSharedKey)); + Assert.ThrowsException(() => X25519.DeriveSenderSharedKey(sharedKey, AlicePrivateKey, BobPublicKey, preSharedKey)); + Assert.ThrowsException(() => X25519.DeriveRecipientSharedKey(sharedKey, BobPrivateKey, AlicePublicKey, preSharedKey)); } } \ No newline at end of file diff --git a/src/Geralt/Crypto/X25519.cs b/src/Geralt/Crypto/X25519.cs index 4b79029..283e9a4 100644 --- a/src/Geralt/Crypto/X25519.cs +++ b/src/Geralt/Crypto/X25519.cs @@ -8,9 +8,10 @@ public static class X25519 public const int PublicKeySize = crypto_kx_PUBLICKEYBYTES; public const int PrivateKeySize = crypto_kx_SECRETKEYBYTES; public const int SeedSize = crypto_kx_SEEDBYTES; - public const int SharedSecretSize = crypto_kx_SESSIONKEYBYTES; + public const int SharedSecretSize = crypto_scalarmult_BYTES; + public const int SharedKeySize = crypto_kx_SESSIONKEYBYTES; public const int PreSharedKeySize = BLAKE2b.KeySize; - public const int MinPreSharedKeySize = BLAKE2b.KeySize; + public const int MinPreSharedKeySize = BLAKE2b.MinKeySize; public const int MaxPreSharedKeySize = BLAKE2b.MaxKeySize; public static unsafe void GenerateKeyPair(Span publicKey, Span privateKey) @@ -50,49 +51,49 @@ public static unsafe void ComputePublicKey(Span publicKey, ReadOnlySpan sharedSecret, ReadOnlySpan senderPrivateKey, ReadOnlySpan recipientPublicKey, ReadOnlySpan preSharedKey = default) + public static unsafe void DeriveSenderSharedKey(Span sharedKey, ReadOnlySpan senderPrivateKey, ReadOnlySpan recipientPublicKey, ReadOnlySpan preSharedKey = default) { - Validation.EqualToSize(nameof(sharedSecret), sharedSecret.Length, SharedSecretSize); + Validation.EqualToSize(nameof(sharedKey), sharedKey.Length, SharedKeySize); Validation.EqualToSize(nameof(senderPrivateKey), senderPrivateKey.Length, PrivateKeySize); Validation.EqualToSize(nameof(recipientPublicKey), recipientPublicKey.Length, PublicKeySize); if (preSharedKey != default) { Validation.SizeBetween(nameof(preSharedKey), preSharedKey.Length, MinPreSharedKeySize, MaxPreSharedKeySize); } - Span xCoordinate = stackalloc byte[SharedSecretSize]; - ComputeXCoordinate(xCoordinate, senderPrivateKey, recipientPublicKey); + Span sharedSecret = stackalloc byte[SharedSecretSize]; + ComputeSharedSecret(sharedSecret, senderPrivateKey, recipientPublicKey); Span senderPublicKey = stackalloc byte[PublicKeySize]; ComputePublicKey(senderPublicKey, senderPrivateKey); - using var blake2b = new IncrementalBLAKE2b(sharedSecret.Length, preSharedKey); - blake2b.Update(xCoordinate); + using var blake2b = new IncrementalBLAKE2b(sharedKey.Length, preSharedKey); + blake2b.Update(sharedSecret); blake2b.Update(senderPublicKey); blake2b.Update(recipientPublicKey); - blake2b.Finalize(sharedSecret); - CryptographicOperations.ZeroMemory(xCoordinate); + blake2b.Finalize(sharedKey); + CryptographicOperations.ZeroMemory(sharedSecret); } - public static unsafe void DeriveRecipientSharedSecret(Span sharedSecret, ReadOnlySpan recipientPrivateKey, ReadOnlySpan senderPublicKey, ReadOnlySpan preSharedKey = default) + public static unsafe void DeriveRecipientSharedKey(Span sharedKey, ReadOnlySpan recipientPrivateKey, ReadOnlySpan senderPublicKey, ReadOnlySpan preSharedKey = default) { - Validation.EqualToSize(nameof(sharedSecret), sharedSecret.Length, SharedSecretSize); + Validation.EqualToSize(nameof(sharedKey), sharedKey.Length, SharedKeySize); Validation.EqualToSize(nameof(recipientPrivateKey), recipientPrivateKey.Length, PrivateKeySize); Validation.EqualToSize(nameof(senderPublicKey), senderPublicKey.Length, PublicKeySize); if (preSharedKey != default) { Validation.SizeBetween(nameof(preSharedKey), preSharedKey.Length, MinPreSharedKeySize, MaxPreSharedKeySize); } - Span xCoordinate = stackalloc byte[SharedSecretSize]; - ComputeXCoordinate(xCoordinate, recipientPrivateKey, senderPublicKey); + Span sharedSecret = stackalloc byte[SharedSecretSize]; + ComputeSharedSecret(sharedSecret, recipientPrivateKey, senderPublicKey); Span recipientPublicKey = stackalloc byte[PublicKeySize]; ComputePublicKey(recipientPublicKey, recipientPrivateKey); - using var blake2b = new IncrementalBLAKE2b(sharedSecret.Length, preSharedKey); - blake2b.Update(xCoordinate); + using var blake2b = new IncrementalBLAKE2b(sharedKey.Length, preSharedKey); + blake2b.Update(sharedSecret); blake2b.Update(senderPublicKey); blake2b.Update(recipientPublicKey); - blake2b.Finalize(sharedSecret); - CryptographicOperations.ZeroMemory(xCoordinate); + blake2b.Finalize(sharedKey); + CryptographicOperations.ZeroMemory(sharedSecret); } - public static unsafe void ComputeXCoordinate(Span xCoordinate, ReadOnlySpan senderPrivateKey, ReadOnlySpan recipientPublicKey) + public static unsafe void ComputeSharedSecret(Span sharedSecret, ReadOnlySpan senderPrivateKey, ReadOnlySpan recipientPublicKey) { - Validation.EqualToSize(nameof(xCoordinate), xCoordinate.Length, SharedSecretSize); + Validation.EqualToSize(nameof(sharedSecret), sharedSecret.Length, SharedSecretSize); Validation.EqualToSize(nameof(senderPrivateKey), senderPrivateKey.Length, PrivateKeySize); Validation.EqualToSize(nameof(recipientPublicKey), recipientPublicKey.Length, PublicKeySize); Sodium.Initialise(); - fixed (byte* x = xCoordinate, s = senderPrivateKey, p = recipientPublicKey) + fixed (byte* x = sharedSecret, s = senderPrivateKey, p = recipientPublicKey) { int ret = crypto_scalarmult(x, s, p); if (ret != 0) { throw new CryptographicException("Invalid public key."); } diff --git a/src/Geralt/Interop/Interop.X25519.cs b/src/Geralt/Interop/Interop.X25519.cs index d1f58dc..e53f146 100644 --- a/src/Geralt/Interop/Interop.X25519.cs +++ b/src/Geralt/Interop/Interop.X25519.cs @@ -8,7 +8,6 @@ internal static partial class Libsodium internal const int crypto_kx_SECRETKEYBYTES = 32; internal const int crypto_kx_SEEDBYTES = 32; internal const int crypto_kx_SESSIONKEYBYTES = 32; - internal const int crypto_scalarmult_SCALARBYTES = 32; internal const int crypto_scalarmult_BYTES = 32; [DllImport(DllName, CallingConvention = Convention)]