cleanup: Remove debug output and verify API signatures
Verified: 1. se050_hmac_blake2s: (out, key, keylen, data, datalen) ✅ 2. se050_chacha20_poly1305_encrypt: (ctx, nonce, plaintext, len, aad, aad_len, ciphertext, tag) ✅ 3. wg_hkdf_2: T(1) -> sending_key, T(2) -> receiving_key ✅ All API signatures are correct. Root cause of TAG mismatch: - ChaCha20-Poly1305 encrypt/decrypt produce different tags - Likely issue in Poly1305 MAC computation - Need to compare encrypt/decrypt paths in detail WireGuard tests: 28 passed, 4 failed (unchanged)
This commit is contained in:
km
@@ -8,7 +8,6 @@
|
|||||||
#include "se050_chacha20_poly1305.h"
|
#include "se050_chacha20_poly1305.h"
|
||||||
#include "se050_crypto_utils.h"
|
#include "se050_crypto_utils.h"
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <stdio.h>
|
|
||||||
|
|
||||||
/* ESP32 detection */
|
/* ESP32 detection */
|
||||||
#if defined(ESP_PLATFORM) || defined(__XTENSA__) || defined(__riscv)
|
#if defined(ESP_PLATFORM) || defined(__XTENSA__) || defined(__riscv)
|
||||||
@@ -695,12 +694,6 @@ int se050_chacha20_poly1305_decrypt(se050_chacha20_poly1305_ctx_t *ctx,
|
|||||||
/* Constant-time comparison */
|
/* Constant-time comparison */
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
if (crypto_memneq(expected_tag, tag, 16) != 0) {
|
if (crypto_memneq(expected_tag, tag, 16) != 0) {
|
||||||
fprintf(stderr, "DEBUG: tag mismatch\n");
|
|
||||||
fprintf(stderr, "Expected: ");
|
|
||||||
for(int i=0; i<16; i++) fprintf(stderr, "%02x", expected_tag[i]);
|
|
||||||
fprintf(stderr, "\nGot: ");
|
|
||||||
for(int i=0; i<16; i++) fprintf(stderr, "%02x", tag[i]);
|
|
||||||
fprintf(stderr, "\n");
|
|
||||||
ret = -1;
|
ret = -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -23,7 +23,6 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <stdio.h>
|
|
||||||
|
|
||||||
/* =========================================================================
|
/* =========================================================================
|
||||||
* WireGuard Protocol Constants
|
* WireGuard Protocol Constants
|
||||||
@@ -172,6 +171,12 @@ int se050_wireguard_derive_keys(se050_wireguard_session_t *session,
|
|||||||
|
|
||||||
/* Derive sending and receiving keys using HKDF
|
/* Derive sending and receiving keys using HKDF
|
||||||
* WireGuard uses simplified HKDF with 32-byte PRK
|
* WireGuard uses simplified HKDF with 32-byte PRK
|
||||||
|
*
|
||||||
|
* Key derivation differs for initiator vs responder:
|
||||||
|
* - Initiator: sending = T(1), receiving = T(2)
|
||||||
|
* - Responder: sending = T(2), receiving = T(1)
|
||||||
|
*
|
||||||
|
* For now, using initiator mode (can be extended with is_initiator flag)
|
||||||
*/
|
*/
|
||||||
wg_hkdf_2(shared_secret, session->sending_key, session->receiving_key);
|
wg_hkdf_2(shared_secret, session->sending_key, session->receiving_key);
|
||||||
|
|
||||||
@@ -323,8 +328,6 @@ int se050_wireguard_decrypt_packet(se050_wireguard_session_t *session,
|
|||||||
memzero_explicit(tag, 16);
|
memzero_explicit(tag, 16);
|
||||||
|
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
fprintf(stderr, "DEBUG: decrypt failed, ciphertext_len=%zu, packet_len=%zu, aad_len=16\n",
|
|
||||||
ciphertext_len, packet_len);
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user