Closed m4dc4p closed 6 years ago
Hello again @m4dc4p
Just had a look and indeed you're correct. I've fixed it in 3.1.0
, I've also added the following functions to Sodium.java
which should make for a more reliable implementation:
public native int crypto_secretstream_xchacha20poly1305_abytes();
public native int crypto_secretstream_xchacha20poly1305_headerbytes();
public native int crypto_secretstream_xchacha20poly1305_keybytes();
public native int crypto_secretstream_xchacha20poly1305_messagebytes_max();
public native byte crypto_secretstream_xchacha20poly1305_tag_message();
public native byte crypto_secretstream_xchacha20poly1305_tag_push();
public native byte crypto_secretstream_xchacha20poly1305_tag_rekey();
public native byte crypto_secretstream_xchacha20poly1305_tag_final();
Should have checked the constants more thoroughly 😞 I'm not sure why my tests did not pick up on this. Will have to investigate further. Thanks for the bug report!
Thanks for the quick response! I missed it for awhile myself. Appreciate you adding those constants as well!
SecretStream.java defines TAG_MESSAGE as:
https://github.com/terl/lazysodium-java/blob/280481f0bbc18853089120bd1045b62dc354585d/src/main/java/com/goterl/lazycode/lazysodium/interfaces/SecretStream.java#L35
but that is clearly not the same as libsodium's definition (https://github.com/jedisct1/libsodium/blob/a161dd9fa10fb316ae27ca62d1da2cf0edd4c5c9/src/libsodium/include/sodium/crypto_secretstream_xchacha20poly1305.h#L37):
In fact, this is a serious bug, as TAG_MESSAGE has the same value as TAG_FINAL (whoops).
Is this just an oversight or is there a reason? In either case, these values should probably use the exported methods (
crypto_secretstream_xchacha20poly1305_tag_message()
, etc.)