Incorrect value for TAG_MESSAGE (SecretStream)

[m4dc4p]

SecretStream.java defines TAG_MESSAGE as:

https://github.com/terl/lazysodium-java/blob/280481f0bbc18853089120bd1045b62dc354585d/src/main/java/com/goterl/lazycode/lazysodium/interfaces/SecretStream.java#L35

but that is clearly not the same as libsodium's definition (https://github.com/jedisct1/libsodium/blob/a161dd9fa10fb316ae27ca62d1da2cf0edd4c5c9/src/libsodium/include/sodium/crypto_secretstream_xchacha20poly1305.h#L37):

#define crypto_secretstream_xchacha20poly1305_TAG_MESSAGE 0x00

In fact, this is a serious bug, as TAG_MESSAGE has the same value as TAG_FINAL (whoops).

Is this just an oversight or is there a reason? In either case, these values should probably use the exported methods (crypto_secretstream_xchacha20poly1305_tag_message(), etc.)

[gurpreet-]

Hello again @m4dc4p

Just had a look and indeed you're correct. I've fixed it in 3.1.0, I've also added the following functions to Sodium.java which should make for a more reliable implementation:

public native int crypto_secretstream_xchacha20poly1305_abytes();
public native int crypto_secretstream_xchacha20poly1305_headerbytes();
public native int crypto_secretstream_xchacha20poly1305_keybytes();
public native int crypto_secretstream_xchacha20poly1305_messagebytes_max();

public native byte crypto_secretstream_xchacha20poly1305_tag_message();
public native byte crypto_secretstream_xchacha20poly1305_tag_push();
public native byte crypto_secretstream_xchacha20poly1305_tag_rekey();
public native byte crypto_secretstream_xchacha20poly1305_tag_final();

Should have checked the constants more thoroughly 😞 I'm not sure why my tests did not pick up on this. Will have to investigate further. Thanks for the bug report!

[m4dc4p]

Thanks for the quick response! I missed it for awhile myself. Appreciate you adding those constants as well!