Merge pull request #13 from aeternity/prepare_1.2.0

Bump version to 1.2.0
2021-10-28 15:46:01 +02:00 · 2021-10-28 15:35:00 +02:00 · 2021-10-28 15:05:56 +02:00 · 2021-10-28 15:00:58 +02:00 · 2021-10-28 14:54:41 +02:00 · 2021-04-27 15:40:58 +01:00
6 changed files with 30 additions and 9 deletions
@@ -9,12 +9,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Changed
 ### Removed

-## [4.3.1] - 2020-04-21
+## [1.2.0] - 2021-10-28
 ### Added
 ### Changed
- Fixed included compiler binary file, which was broken due to incorrect local system dependencies.
-  Because the aesophia version hasn't changed, the compiler in this release
-  continues to report as `v4.3.0`.
+- Use the new AEAD crypto interface introduced in OTP 22. This makes `enoise` OPT 24 compatible
+  but it also means it no longer works on OTP 21 and earlier. You can't win them all.
+- Fixed ChaChaPoly20 rekey
 ### Removed

 ## [1.1.0] - 2020-09-24
@@ -41,7 +41,8 @@ Initial version the following map describe what is supported:
 , dh         => [dh25519] }
 ```

-[Unreleased]: https://github.com/aeternity/aesophia_cli/compare/v1.1.0...HEAD
+[Unreleased]: https://github.com/aeternity/aesophia_cli/compare/v1.2.0...HEAD
+[1.2.0]: https://github.com/aeternity/aesophia_cli/compare/v1.1.0...v1.2.0
 [1.1.0]: https://github.com/aeternity/aesophia_cli/compare/v1.0.1...v1.1.0
 [1.0.1]: https://github.com/aeternity/aesophia_cli/compare/v1.0.0...v1.0.1
 [1.0.0]: https://github.com/aeternity/enoise/releases/tag/v1.0.0
@@ -1,4 +1,4 @@
-{"1.1.0",
+{"1.2.0",
 [{<<"enacl">>,{pkg,<<"enacl">>,<<"1.1.1">>},0}]}.
 [
 {pkg_hash,[
@@ -1,6 +1,6 @@
 {application, enoise,
 [{description, "An Erlang implementation of the Noise protocol"},
-  {vsn, "1.1.0"},
+  {vsn, "1.2.0"},
  {registered, []},
  {applications,
   [kernel,
@@ -56,6 +56,10 @@ hkdf(Hash, Key, Data) ->

 -spec rekey(Cipher :: enoise_cipher_state:noise_cipher(),
            Key :: binary()) -> binary() | {error, term()}.
+rekey('ChaChaPoly', K0) ->
+    KLen = enacl:aead_chacha20poly1305_ietf_KEYBYTES(),
+    <<K:KLen/binary, _/binary>> = encrypt('ChaChaPoly', K0, ?MAX_NONCE, <<>>, <<0:(32*8)>>),
+    K;
 rekey(Cipher, K) ->
    encrypt(Cipher, K, ?MAX_NONCE, <<>>, <<0:(32*8)>>).

@@ -68,7 +72,7 @@ encrypt('ChaChaPoly', K, N, Ad, PlainText) ->
    enacl:aead_chacha20poly1305_ietf_encrypt(PlainText, Ad, Nonce, K);
 encrypt('AESGCM', K, N, Ad, PlainText) ->
    Nonce = <<0:32, N:64>>,
-    {CipherText, CipherTag} = crypto:block_encrypt(aes_gcm, K, Nonce, {Ad, PlainText}),
+    {CipherText, CipherTag} = crypto:crypto_one_time_aead(aes_256_gcm, K, Nonce, PlainText, Ad, true),
    <<CipherText/binary, CipherTag/binary>>.

 -spec decrypt(Cipher ::enoise_cipher_state:noise_cipher(),
@@ -82,7 +86,7 @@ decrypt('AESGCM', K, N, Ad, CipherText0) ->
    CTLen = byte_size(CipherText0) - ?MAC_LEN,
    <<CipherText:CTLen/binary, MAC:?MAC_LEN/binary>> = CipherText0,
    Nonce = <<0:32, N:64>>,
-    case crypto:block_decrypt(aes_gcm, K, Nonce, {Ad, CipherText, MAC}) of
+    case crypto:crypto_one_time_aead(aes_256_gcm, K, Nonce, CipherText, Ad, MAC, false) of
        error -> {error, decrypt_failed};
        Data  -> Data
    end.
@@ -26,5 +26,14 @@ chachapoly_test() ->
        enoise_cipher_state:decrypt_with_ad(CS1, AD, <<CipherText/binary, MAC/binary>>),

    ?assertMatch(PlainText, PlainText0),
+
+    % rekey test
+    CS4 = enoise_cipher_state:rekey(CS1),
+    {ok, _CS5, <<CipherText1:CTLen/binary, MAC1:MACLen/binary>>} =
+        enoise_cipher_state:encrypt_with_ad(CS4, AD, PlainText),
+    {ok, _CS6, <<PlainText1:PTLen/binary>>} =
+        enoise_cipher_state:decrypt_with_ad(CS4, AD, <<CipherText1/binary, MAC1/binary>>),
+    ?assertMatch(PlainText, PlainText1),
+
    ok.

@@ -44,6 +44,13 @@ chachapoly_test() ->
        enoise_crypto:decrypt('ChaChaPoly', Key, Nonce, AD, <<CipherText/binary, MAC/binary>>),

    ?assertMatch(PlainText, PlainText0),
+
+    Key1 = enoise_crypto:rekey('ChaChaPoly', Key),
+    <<CipherText1:CTLen/binary, MAC1:MACLen/binary>> =
+        enoise_crypto:encrypt('ChaChaPoly', Key1, Nonce, AD, PlainText),
+    <<PlainText1:PTLen/binary>> =
+        enoise_crypto:decrypt('ChaChaPoly', Key1, Nonce, AD, <<CipherText1/binary, MAC1/binary>>),
+    ?assertMatch(PlainText, PlainText1),
    ok.

 blake2b_test() ->
Author	SHA1	Message	Date
Hans Svensson	8acbce9269	Merge pull request #13 from aeternity/prepare_1.2.0 Bump version to 1.2.0	2021-10-28 15:46:01 +02:00
Hans Svensson	be39bbc464	Bump version to 1.2.0	2021-10-28 15:35:00 +02:00
Hans Svensson	dd94b371e6	Merge pull request #12 from aeternity/support-otp-24 Use new crypto:block_encrypt api	2021-10-28 15:05:56 +02:00
Hans Svensson	11ca32c72f	Merge pull request #11 from lrascao/fix-rekey Fix rekey, improve coverage	2021-10-28 15:00:58 +02:00
Sean Hinde	71300ba5b6	Use new crypto:block_encrypt api	2021-10-28 14:54:41 +02:00
Luis Rascao	ffde489e53	Fix rekey, improve coverage ChaChaPoly key is expected to be 256 bits long. It's safe to disregard the MAC portion.	2021-04-27 15:40:58 +01:00