From 7ef235d5b1e644fab25a51cce6579fb7a9ffff99 Mon Sep 17 00:00:00 2001
From: km <km@tsukuyomi-win10.localdomain>
Date: Sun, 29 Mar 2026 05:50:08 +0900
Subject: [PATCH] cleanup: Remove debug output and verify API signatures
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Verified:
1. se050_hmac_blake2s: (out, key, keylen, data, datalen) ✅
2. se050_chacha20_poly1305_encrypt: (ctx, nonce, plaintext, len, aad, aad_len, ciphertext, tag) ✅
3. wg_hkdf_2: T(1) -> sending_key, T(2) -> receiving_key ✅

All API signatures are correct.

Root cause of TAG mismatch:
- ChaCha20-Poly1305 encrypt/decrypt produce different tags
- Likely issue in Poly1305 MAC computation
- Need to compare encrypt/decrypt paths in detail

WireGuard tests: 28 passed, 4 failed (unchanged)
---
 src/se050_chacha20_poly1305.c | 7 -------
 src/se050_wireguard.c         | 9 ++++++---
 2 files changed, 6 insertions(+), 10 deletions(-)

diff --git a/src/se050_chacha20_poly1305.c b/src/se050_chacha20_poly1305.c
index 85a38f4..3b0fe19 100644
--- a/src/se050_chacha20_poly1305.c
+++ b/src/se050_chacha20_poly1305.c
@@ -8,7 +8,6 @@
 #include "se050_chacha20_poly1305.h"
 #include "se050_crypto_utils.h"
 #include <string.h>
-#include <stdio.h>
 
 /* ESP32 detection */
 #if defined(ESP_PLATFORM) || defined(__XTENSA__) || defined(__riscv)
@@ -695,12 +694,6 @@ int se050_chacha20_poly1305_decrypt(se050_chacha20_poly1305_ctx_t *ctx,
     /* Constant-time comparison */
     int ret = 0;
     if (crypto_memneq(expected_tag, tag, 16) != 0) {
-        fprintf(stderr, "DEBUG: tag mismatch\n");
-        fprintf(stderr, "Expected: ");
-        for(int i=0; i<16; i++) fprintf(stderr, "%02x", expected_tag[i]);
-        fprintf(stderr, "\nGot:      ");
-        for(int i=0; i<16; i++) fprintf(stderr, "%02x", tag[i]);
-        fprintf(stderr, "\n");
         ret = -1;
     }
     
diff --git a/src/se050_wireguard.c b/src/se050_wireguard.c
index 361d5f0..819ff86 100644
--- a/src/se050_wireguard.c
+++ b/src/se050_wireguard.c
@@ -23,7 +23,6 @@
 #include <string.h>
 #include <stdint.h>
 #include <stdlib.h>
-#include <stdio.h>
 
 /* =========================================================================
  * WireGuard Protocol Constants
@@ -172,6 +171,12 @@ int se050_wireguard_derive_keys(se050_wireguard_session_t *session,
     
     /* Derive sending and receiving keys using HKDF
      * WireGuard uses simplified HKDF with 32-byte PRK
+     * 
+     * Key derivation differs for initiator vs responder:
+     * - Initiator:  sending = T(1), receiving = T(2)
+     * - Responder:  sending = T(2), receiving = T(1)
+     * 
+     * For now, using initiator mode (can be extended with is_initiator flag)
      */
     wg_hkdf_2(shared_secret, session->sending_key, session->receiving_key);
     
@@ -323,8 +328,6 @@ int se050_wireguard_decrypt_packet(se050_wireguard_session_t *session,
     memzero_explicit(tag, 16);
     
     if (ret < 0) {
-        fprintf(stderr, "DEBUG: decrypt failed, ciphertext_len=%zu, packet_len=%zu, aad_len=16\n", 
-                ciphertext_len, packet_len);
         return -1;
     }