kmwebnet/se050-wireguard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Poly1305 MAC accumulation bug

Browse Source 
- Fixed ChaCha20-Poly1305 to properly accumulate data across multiple calls
- Changed from repeated se050_poly1305_mac() calls to poly1305_init/update/final
- Now correctly detects ciphertext tampering and AAD mismatches
- WireGuard packet encryption/decryption tests still failing - further investigation needed

Test results: 28 passed, 4 failed (improved from 12 failed)
This commit is contained in:
km
2026-03-28 20:34:57 +09:00
parent 999e7a6e19
commit 0210082b8c
2 changed files with 45 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/se050_wireguard.c
+2 -2
View File
@@ -315,7 +315,7 @@ int se050_wireguard_decrypt_packet(se050_wireguard_session_t *session,
memset(nonce_buf, 0, 4);
memcpy(nonce_buf + 4, packet + 8, 8);
size_t ciphertext_len = packet_len - 16 - 16; /* Total - header - tag */
size_t ciphertext_len = plaintext_len = packet_len - 16 - 16; /* Total - header - tag */
uint8_t tag[16];
memcpy(tag, packet + 16 + ciphertext_len, 16);
@@ -337,7 +337,7 @@ int se050_wireguard_decrypt_packet(se050_wireguard_session_t *session,
return -1;
}
/* Update nonce */
/* Update plaintext length and nonce */
*plaintext_len = ciphertext_len;
session->receiving_nonce = nonce;