control/noise: stop using poly1305 package constants.

Signed-off-by: David Anderson <danderson@tailscale.com>
pull/3293/head
David Anderson 3 years ago committed by Dave Anderson
parent 293431aaea
commit 4004b22fe5

@ -19,7 +19,6 @@ import (
"golang.org/x/crypto/blake2s"
chp "golang.org/x/crypto/chacha20poly1305"
"golang.org/x/crypto/poly1305"
"tailscale.com/types/key"
)
@ -32,7 +31,7 @@ const (
maxCiphertextSize = maxMessageSize - headerLen
// maxPlaintextSize is the maximum amount of plaintext bytes that
// one protocol frame can carry, after encryption and framing.
maxPlaintextSize = maxCiphertextSize - poly1305.TagSize
maxPlaintextSize = maxCiphertextSize - chp.Overhead
)
// A Conn is a secured Noise connection. It implements the net.Conn
@ -157,7 +156,7 @@ func (c *Conn) encryptLocked(plaintext []byte) ([]byte, error) {
return nil, errCipherExhausted{}
}
setHeader(c.tx.buf[:headerLen], protocolVersion, msgTypeRecord, len(plaintext)+poly1305.TagSize)
setHeader(c.tx.buf[:headerLen], protocolVersion, msgTypeRecord, len(plaintext)+chp.Overhead)
ret := c.tx.cipher.Seal(c.tx.buf[:headerLen], c.tx.nonce[:], plaintext, nil)
// Safe to increment the nonce here, because we checked for nonce

@ -19,7 +19,6 @@ import (
chp "golang.org/x/crypto/chacha20poly1305"
"golang.org/x/crypto/curve25519"
"golang.org/x/crypto/hkdf"
"golang.org/x/crypto/poly1305"
"tailscale.com/types/key"
)
@ -339,7 +338,7 @@ func (s *symmetricState) MixDH(priv key.MachinePrivate, pub key.MachinePublic) (
// mixes the ciphertext into s.h, and returns the ciphertext.
func (s *symmetricState) EncryptAndHash(cipher *singleUseCHP, ciphertext, plaintext []byte) {
s.checkFinished()
if len(ciphertext) != len(plaintext)+poly1305.TagSize {
if len(ciphertext) != len(plaintext)+chp.Overhead {
panic("ciphertext is wrong size for given plaintext")
}
ret := cipher.Seal(ciphertext[:0], plaintext, s.h[:])
@ -352,7 +351,7 @@ func (s *symmetricState) EncryptAndHash(cipher *singleUseCHP, ciphertext, plaint
// s.h.
func (s *symmetricState) DecryptAndHash(cipher *singleUseCHP, plaintext, ciphertext []byte) error {
s.checkFinished()
if len(ciphertext) != len(plaintext)+poly1305.TagSize {
if len(ciphertext) != len(plaintext)+chp.Overhead {
panic("plaintext is wrong size for given ciphertext")
}
if _, err := cipher.Open(plaintext[:0], ciphertext, s.h[:]); err != nil {

@ -115,7 +115,7 @@ func TestNoReuse(t *testing.T) {
hashes[client.HandshakeHash()] = true
// Sending 14 bytes turns into 32 bytes on the wire (+16 for
// the poly1305 tag, +2 length header)
// the chacha20poly1305 overhead, +2 length header)
if _, err := io.WriteString(client, strings.Repeat("a", 14)); err != nil {
t.Fatalf("client>server write failed: %v", err)
}

Loading…
Cancel
Save