Only increment nonce on successful decryption

rweather / noise-c

Noise-C, a plain C implementation of the Noise protocol

MIT License

306 stars 86 forks source link

Only increment nonce on successful decryption #29

Closed nazar-pc closed 6 years ago

nazar-pc commented 6 years ago

As per spec:

DecryptWithAd(ad, ciphertext): If k is non-empty returns DECRYPT(k, n++, ad, ciphertext). Otherwise returns ciphertext. If an authentication failure occurs in DECRYPT() then n is not incremented and an error is signaled to the caller.

In current implementation nonce is incremented independently from decryption result, which is incorrect.

rweather commented 6 years ago

Looks ok, but you may need to fix the unit tests under "tests/unit" as well to account for the change in the increment's location. Use "make check" to run the tests.

nazar-pc commented 6 years ago

I found only one test failing and changed it accordingly. All of the tests executed by make check are fine now.