From a8121fc8add20f4f63ba6ba598e4adbe25c52605 Mon Sep 17 00:00:00 2001 From: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com> Date: Sun, 19 Feb 2023 12:14:48 +0000 Subject: [PATCH 1/2] add unpadded AES encryption --- src/Simplex/Messaging/Crypto.hs | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/Simplex/Messaging/Crypto.hs b/src/Simplex/Messaging/Crypto.hs index e536ba035..90d297d7c 100644 --- a/src/Simplex/Messaging/Crypto.hs +++ b/src/Simplex/Messaging/Crypto.hs @@ -96,6 +96,8 @@ module Simplex.Messaging.Crypto decryptAES, encryptAEAD, decryptAEAD, + encryptAESNoPad, + decryptAESNoPad, authTagSize, randomAesKey, randomIV, @@ -804,6 +806,14 @@ encryptAEAD aesKey ivBytes paddedLen ad msg = do msg' <- liftEither $ pad msg paddedLen pure . first AuthTag $ AES.aeadSimpleEncrypt aead ad msg' authTagSize +encryptAESNoPad :: Key -> IV -> ByteString -> ExceptT CryptoError IO (AuthTag, ByteString) +encryptAESNoPad key iv = encryptAEADNoPad key iv "" + +encryptAEADNoPad :: Key -> IV -> ByteString -> ByteString -> ExceptT CryptoError IO (AuthTag, ByteString) +encryptAEADNoPad aesKey ivBytes ad msg = do + aead <- initAEAD @AES256 aesKey ivBytes + pure . first AuthTag $ AES.aeadSimpleEncrypt aead ad msg authTagSize + -- | AEAD-GCM decryption with empty associated data. -- -- Used as part of hybrid E2E encryption scheme and for SMP transport blocks decryption. @@ -818,6 +828,14 @@ decryptAEAD aesKey ivBytes ad msg (AuthTag authTag) = do aead <- initAEAD @AES256 aesKey ivBytes liftEither . unPad =<< maybeError AESDecryptError (AES.aeadSimpleDecrypt aead ad msg authTag) +decryptAESNoPad :: Key -> IV -> ByteString -> AuthTag -> ExceptT CryptoError IO ByteString +decryptAESNoPad key iv = decryptAEADNoPad key iv "" + +decryptAEADNoPad :: Key -> IV -> ByteString -> ByteString -> AuthTag -> ExceptT CryptoError IO ByteString +decryptAEADNoPad aesKey ivBytes ad msg (AuthTag authTag) = do + aead <- initAEAD @AES256 aesKey ivBytes + maybeError AESDecryptError (AES.aeadSimpleDecrypt aead ad msg authTag) + maxMsgLen :: Int maxMsgLen = 2 ^ (16 :: Int) - 3 From 733c9374bff4fca9598bb7d74c458c8fe7e0d482 Mon Sep 17 00:00:00 2001 From: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com> Date: Mon, 20 Feb 2023 11:35:01 +0400 Subject: [PATCH 2/2] fix comment (#645) --- src/Simplex/Messaging/Agent/Store/SQLite.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Simplex/Messaging/Agent/Store/SQLite.hs b/src/Simplex/Messaging/Agent/Store/SQLite.hs index b0edd2a0a..85b5d3fc7 100644 --- a/src/Simplex/Messaging/Agent/Store/SQLite.hs +++ b/src/Simplex/Messaging/Agent/Store/SQLite.hs @@ -1338,7 +1338,7 @@ createServer_ db newSrv@ProtocolServer {host, port, keyHash} = insertNewServer_ = DB.execute db "INSERT INTO servers (host, port, key_hash) VALUES (?,?,?)" (host, port, keyHash) --- | Returns the stored server key hash if it is different from the passed one, or the error if the server does not exist. +-- | Returns the passed server key hash if it is different from the stored one, or the error if the server does not exist. getServerKeyHash_ :: DB.Connection -> SMPServer -> IO (Either StoreError (Maybe C.KeyHash)) getServerKeyHash_ db ProtocolServer {host, port, keyHash} = do firstRow useKeyHash SEServerNotFound $