infiamit
commented
3 years ago If there is no payload, the library hashes the existing hash again which leads to Auth failure issue.
Open infiamit opened 3 years ago
infiamit
commented
3 years ago If there is no payload, the library hashes the existing hash again which leads to Auth failure issue.
samueltangz
commented
3 years ago Hi, is there a reference showing that encryptAndHash only runs when the payload is non-empty?
I did not see a condition from section 5.3 of the Noise Protocol Framework specification saying that the call is skipped.
I also referred to a Python implementation: https://github.com/plizonczyk/noiseprotocol/blob/73375448c55af85df0230841af868b7f31942f0a/noise/state.py#L345 and https://github.com/plizonczyk/noiseprotocol/blob/73375448c55af85df0230841af868b7f31942f0a/noise/state.py#L164 but it doesn't skip the call as well.
infiamit
commented
3 years ago Hi, for the first token which is e, there is no need to do encryptAndHash as e is always plain text. This is the reason i was facing auth failure issue as it was hashing my payload which was non empty.
samueltangz
commented
3 years ago Section 5.2 of the Noise spec stated that:
EncryptAndHash(plaintext): Setsciphertext = EncryptWithAd(h, plaintext), callsMixHash(ciphertext), and returnsciphertext. Note that ifkis empty, theEncryptWithAd()call will setciphertextequal toplaintext.
That said, even if there are no keys, MixHash is still called and the plaintext is mixed in.
I don't see a reason why we need to skip the hash - could you locate it from the spec?
infiamit
commented
3 years ago I am searching for the reference, however my point is that without this, i am facing auth fail errors, I will get back to you, if i found anything related to it.
Fixed unnecessary hash if there is no payload to hash.