commit e58a3d2efd5d9147dcd28cf6c9fd6cbf5ca85a1d
parent 12d80dc273f7007be58554e8dc757557ccddedcc
Author: triesap <tyson@radroots.org>
Date: Mon, 22 Jun 2026 23:31:04 +0000
simplex: encode official no-pq ratchet headers
- add DER-wrapped X448 public key and no-PQ MsgHeader codecs
- switch opaque runtime ratchet headers to official header plaintext
- generate runtime ratchet public keys with official X448 key material
- keep PQ MsgHeader encoding gated for the remaining PQ slice
Diffstat:
4 files changed, 244 insertions(+), 145 deletions(-)
diff --git a/crates/simplex_agent_runtime/src/runtime.rs b/crates/simplex_agent_runtime/src/runtime.rs
@@ -24,7 +24,7 @@ use radroots_simplex_smp_crypto::prelude::{
RADROOTS_SIMPLEX_SMP_NONCE_LENGTH, RadrootsSimplexSmpCommandAuthorization,
RadrootsSimplexSmpRatchetState, RadrootsSimplexSmpX25519Keypair, decode_x25519_public_key_x509,
decrypt_padded, derive_shared_secret, encode_ed25519_public_key_x509,
- encode_x25519_public_key_x509, encrypt_padded, random_nonce,
+ encode_x25519_public_key_x509, encrypt_padded, official_x448_keypair_from_seed, random_nonce,
};
use radroots_simplex_smp_proto::prelude::{
RADROOTS_SIMPLEX_SMP_CURRENT_CLIENT_VERSION, RADROOTS_SIMPLEX_SMP_CURRENT_TRANSPORT_VERSION,
@@ -166,14 +166,15 @@ impl RadrootsSimplexAgentRuntime {
invitation_queue.server.server_identity.as_bytes(),
&now.to_be_bytes(),
);
- let local_dh_public_key = derive_material(
+ let local_dh_public_key = official_x448_keypair_from_seed(&derive_material(
b"connection-create-local-dh",
&[
invitation_queue.to_string().as_bytes(),
&e2e_keypair.public_key,
&now.to_be_bytes(),
],
- );
+ ))
+ .public_key;
let ratchet_state = RadrootsSimplexSmpRatchetState::initiator(
local_dh_public_key,
invitation_queue.recipient_dh_public_key.as_bytes().to_vec(),
@@ -252,14 +253,15 @@ impl RadrootsSimplexAgentRuntime {
encode_queue_public_key(&local_e2e_keypair.public_key);
reply_queue.sender_id =
placeholder_sender_id(invitation.connection_id.as_slice(), &now.to_be_bytes());
- let local_dh_public_key = derive_material(
+ let local_dh_public_key = official_x448_keypair_from_seed(&derive_material(
b"connection-join-local-dh",
&[
invitation.connection_id.as_slice(),
reply_queue.to_string().as_bytes(),
&now.to_be_bytes(),
],
- );
+ ))
+ .public_key;
let ratchet_state = RadrootsSimplexSmpRatchetState::responder(
local_dh_public_key,
invitation
diff --git a/crates/simplex_smp_crypto/src/lib.rs b/crates/simplex_smp_crypto/src/lib.rs
@@ -38,17 +38,19 @@ pub mod prelude {
RADROOTS_SIMPLEX_OFFICIAL_X3DH_INFO, RADROOTS_SIMPLEX_OFFICIAL_X448_KEY_LENGTH,
RADROOTS_SIMPLEX_OFFICIAL_X448_SHARED_SECRET_LENGTH, RadrootsSimplexOfficialAesGcmPayload,
RadrootsSimplexOfficialChainKdfOutput, RadrootsSimplexOfficialEncryptedHeader,
- RadrootsSimplexOfficialEncryptedMessage, RadrootsSimplexOfficialRootKdfOutput,
- RadrootsSimplexOfficialSntrup761Keypair, RadrootsSimplexOfficialX448Keypair,
- decapsulate_official_sntrup761, decode_official_encrypted_header,
- decode_official_encrypted_message, derive_official_x448_shared_secret,
- encapsulate_official_sntrup761, encode_official_encrypted_header,
- encode_official_encrypted_message, generate_official_sntrup761_keypair,
- generate_official_x448_keypair, official_aes_gcm_decrypt_padded,
- official_aes_gcm_encrypt_padded, official_chain_kdf, official_encoded_encrypted_header_len,
- official_encoded_encrypted_message_len, official_full_header_len,
- official_ratchet_header_len, official_root_kdf, official_sntrup761_keypair_from_seed,
- official_x448_keypair_from_seed,
+ RadrootsSimplexOfficialEncryptedMessage, RadrootsSimplexOfficialMsgHeader,
+ RadrootsSimplexOfficialRootKdfOutput, RadrootsSimplexOfficialSntrup761Keypair,
+ RadrootsSimplexOfficialX448Keypair, decapsulate_official_sntrup761,
+ decode_official_encrypted_header, decode_official_encrypted_message,
+ decode_official_msg_header, decode_official_x448_public_key_der,
+ derive_official_x448_shared_secret, encapsulate_official_sntrup761,
+ encode_official_encrypted_header, encode_official_encrypted_message,
+ encode_official_msg_header, encode_official_x448_public_key_der,
+ generate_official_sntrup761_keypair, generate_official_x448_keypair,
+ official_aes_gcm_decrypt_padded, official_aes_gcm_encrypt_padded, official_chain_kdf,
+ official_encoded_encrypted_header_len, official_encoded_encrypted_message_len,
+ official_full_header_len, official_ratchet_header_len, official_root_kdf,
+ official_sntrup761_keypair_from_seed, official_x448_keypair_from_seed,
};
pub use crate::ratchet::{
RadrootsSimplexSmpRatchetHeader, RadrootsSimplexSmpRatchetRole,
diff --git a/crates/simplex_smp_crypto/src/official_ratchet.rs b/crates/simplex_smp_crypto/src/official_ratchet.rs
@@ -29,6 +29,9 @@ pub const RADROOTS_SIMPLEX_OFFICIAL_X3DH_INFO: &[u8] = b"SimpleXX3DH";
const RADROOTS_SIMPLEX_OFFICIAL_HKDF3_OUTPUT_LENGTH: usize =
RADROOTS_SIMPLEX_OFFICIAL_AES_KEY_LENGTH * 3;
const RADROOTS_SIMPLEX_OFFICIAL_PADDING_LENGTH_BYTES: usize = 2;
+const RADROOTS_SIMPLEX_OFFICIAL_X448_DER_PUBLIC_KEY_PREFIX: [u8; 12] = [
+ 0x30, 0x42, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x6f, 0x03, 0x39, 0x00,
+];
type RadrootsSimplexOfficialAes256Gcm = AesGcm<Aes256, U16>;
#[derive(Debug, Clone, PartialEq, Eq)]
@@ -65,6 +68,16 @@ pub struct RadrootsSimplexOfficialEncryptedMessage {
}
#[derive(Debug, Clone, PartialEq, Eq)]
+pub struct RadrootsSimplexOfficialMsgHeader {
+ pub max_version: u16,
+ pub dh_public_key: Vec<u8>,
+ pub pq_public_key: Option<Vec<u8>>,
+ pub pq_ciphertext: Option<Vec<u8>>,
+ pub previous_sending_chain_length: u32,
+ pub message_number: u32,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq)]
pub struct RadrootsSimplexOfficialRootKdfOutput {
pub root_key: Vec<u8>,
pub chain_key: Vec<u8>,
@@ -157,6 +170,37 @@ pub fn derive_official_x448_shared_secret(
Ok(private.diffie_hellman(&public_key).as_bytes().to_vec())
}
+pub fn encode_official_x448_public_key_der(
+ public_key: &[u8],
+) -> Result<Vec<u8>, RadrootsSimplexSmpCryptoError> {
+ if public_key.len() != RADROOTS_SIMPLEX_OFFICIAL_X448_KEY_LENGTH {
+ return Err(RadrootsSimplexSmpCryptoError::InvalidPublicKeyLength(
+ public_key.len(),
+ ));
+ }
+ let mut encoded = Vec::with_capacity(
+ RADROOTS_SIMPLEX_OFFICIAL_X448_DER_PUBLIC_KEY_PREFIX.len() + public_key.len(),
+ );
+ encoded.extend_from_slice(&RADROOTS_SIMPLEX_OFFICIAL_X448_DER_PUBLIC_KEY_PREFIX);
+ encoded.extend_from_slice(public_key);
+ Ok(encoded)
+}
+
+pub fn decode_official_x448_public_key_der(
+ encoded: &[u8],
+) -> Result<Vec<u8>, RadrootsSimplexSmpCryptoError> {
+ let expected_len = RADROOTS_SIMPLEX_OFFICIAL_X448_DER_PUBLIC_KEY_PREFIX.len()
+ + RADROOTS_SIMPLEX_OFFICIAL_X448_KEY_LENGTH;
+ if encoded.len() != expected_len
+ || !encoded.starts_with(&RADROOTS_SIMPLEX_OFFICIAL_X448_DER_PUBLIC_KEY_PREFIX)
+ {
+ return Err(RadrootsSimplexSmpCryptoError::InvalidPublicKeyLength(
+ encoded.len(),
+ ));
+ }
+ Ok(encoded[RADROOTS_SIMPLEX_OFFICIAL_X448_DER_PUBLIC_KEY_PREFIX.len()..].to_vec())
+}
+
pub fn official_sntrup761_keypair_from_seed(
seed: &[u8],
) -> RadrootsSimplexOfficialSntrup761Keypair {
@@ -273,6 +317,60 @@ pub fn official_aes_gcm_encrypt_padded(
split_official_aes_gcm_payload(&encrypted)
}
+pub fn encode_official_msg_header(
+ version: u16,
+ header: &RadrootsSimplexOfficialMsgHeader,
+) -> Result<Vec<u8>, RadrootsSimplexSmpCryptoError> {
+ validate_official_version(version)?;
+ validate_official_version(header.max_version)?;
+ if header.pq_public_key.is_some() || header.pq_ciphertext.is_some() {
+ return Err(RadrootsSimplexSmpCryptoError::IncompletePqHeader);
+ }
+ let public_key = encode_official_x448_public_key_der(&header.dh_public_key)?;
+ let mut buffer = Vec::with_capacity(2 + 1 + public_key.len() + 1 + 4 + 4);
+ buffer.extend_from_slice(&header.max_version.to_be_bytes());
+ push_official_short_bytes(&mut buffer, &public_key)?;
+ if version >= RADROOTS_SIMPLEX_OFFICIAL_E2E_PQ_VERSION {
+ buffer.push(b'0');
+ }
+ buffer.extend_from_slice(&header.previous_sending_chain_length.to_be_bytes());
+ buffer.extend_from_slice(&header.message_number.to_be_bytes());
+ Ok(buffer)
+}
+
+pub fn decode_official_msg_header(
+ version: u16,
+ bytes: &[u8],
+) -> Result<RadrootsSimplexOfficialMsgHeader, RadrootsSimplexSmpCryptoError> {
+ validate_official_version(version)?;
+ let mut cursor = OfficialCursor::new(bytes);
+ let max_version = cursor.read_u16()?;
+ validate_official_version(max_version)?;
+ let dh_public_key = decode_official_x448_public_key_der(cursor.read_short_bytes()?)?;
+ if version >= RADROOTS_SIMPLEX_OFFICIAL_E2E_PQ_VERSION {
+ match cursor.read_byte()? {
+ b'0' => {}
+ b'1' => return Err(RadrootsSimplexSmpCryptoError::IncompletePqHeader),
+ value => {
+ return Err(RadrootsSimplexSmpCryptoError::InvalidCiphertextLength(
+ value as usize,
+ ));
+ }
+ }
+ }
+ let previous_sending_chain_length = cursor.read_u32()?;
+ let message_number = cursor.read_u32()?;
+ cursor.finish()?;
+ Ok(RadrootsSimplexOfficialMsgHeader {
+ max_version,
+ dh_public_key,
+ pq_public_key: None,
+ pq_ciphertext: None,
+ previous_sending_chain_length,
+ message_number,
+ })
+}
+
pub fn encode_official_encrypted_header(
header: &RadrootsSimplexOfficialEncryptedHeader,
) -> Result<Vec<u8>, RadrootsSimplexSmpCryptoError> {
@@ -529,6 +627,20 @@ fn push_official_large_by_version(
Ok(())
}
+fn push_official_short_bytes(
+ buffer: &mut Vec<u8>,
+ value: &[u8],
+) -> Result<(), RadrootsSimplexSmpCryptoError> {
+ if value.len() > u8::MAX as usize {
+ return Err(RadrootsSimplexSmpCryptoError::InvalidShortFieldLength(
+ value.len(),
+ ));
+ }
+ buffer.push(value.len() as u8);
+ buffer.extend_from_slice(value);
+ Ok(())
+}
+
struct OfficialCursor<'a> {
bytes: &'a [u8],
position: usize,
@@ -554,6 +666,24 @@ impl<'a> OfficialCursor<'a> {
Ok(u16::from_be_bytes([bytes[0], bytes[1]]))
}
+ fn read_u32(&mut self) -> Result<u32, RadrootsSimplexSmpCryptoError> {
+ let bytes = self.read_slice(4)?;
+ Ok(u32::from_be_bytes([bytes[0], bytes[1], bytes[2], bytes[3]]))
+ }
+
+ fn read_byte(&mut self) -> Result<u8, RadrootsSimplexSmpCryptoError> {
+ let Some(value) = self.bytes.get(self.position) else {
+ return Err(RadrootsSimplexSmpCryptoError::InvalidCiphertextLength(0));
+ };
+ self.position += 1;
+ Ok(*value)
+ }
+
+ fn read_short_bytes(&mut self) -> Result<&'a [u8], RadrootsSimplexSmpCryptoError> {
+ let length = self.read_byte()? as usize;
+ self.read_slice(length)
+ }
+
fn read_array<const N: usize>(&mut self) -> Result<[u8; N], RadrootsSimplexSmpCryptoError> {
let bytes = self.read_slice(N)?;
let mut value = [0_u8; N];
@@ -654,6 +784,39 @@ mod tests {
}
#[test]
+ fn official_x448_der_public_key_roundtrips() {
+ let keypair = official_x448_keypair_from_seed(b"rr-synth-official-der-x448");
+ let encoded = encode_official_x448_public_key_der(&keypair.public_key).unwrap();
+ assert_eq!(encoded.len(), 68);
+ assert_eq!(
+ decode_official_x448_public_key_der(&encoded).unwrap(),
+ keypair.public_key
+ );
+ }
+
+ #[test]
+ fn official_no_pq_msg_header_roundtrips() {
+ let keypair = official_x448_keypair_from_seed(b"rr-synth-official-header-x448");
+ let header = RadrootsSimplexOfficialMsgHeader {
+ max_version: RADROOTS_SIMPLEX_OFFICIAL_E2E_CURRENT_VERSION,
+ dh_public_key: keypair.public_key,
+ pq_public_key: None,
+ pq_ciphertext: None,
+ previous_sending_chain_length: 5,
+ message_number: 8,
+ };
+ let encoded =
+ encode_official_msg_header(RADROOTS_SIMPLEX_OFFICIAL_E2E_CURRENT_VERSION, &header)
+ .unwrap();
+ assert_eq!(encoded.len(), 80);
+ assert_eq!(
+ decode_official_msg_header(RADROOTS_SIMPLEX_OFFICIAL_E2E_CURRENT_VERSION, &encoded)
+ .unwrap(),
+ header
+ );
+ }
+
+ #[test]
fn sntrup761_encapsulation_roundtrips() {
let recipient = official_sntrup761_keypair_from_seed(b"rr-synth-official-pq-recipient");
let (ciphertext, sender_secret) =
diff --git a/crates/simplex_smp_crypto/src/ratchet.rs b/crates/simplex_smp_crypto/src/ratchet.rs
@@ -7,10 +7,11 @@ use crate::official_ratchet::{
RADROOTS_SIMPLEX_OFFICIAL_AES_KEY_LENGTH, RADROOTS_SIMPLEX_OFFICIAL_E2E_CURRENT_VERSION,
RadrootsSimplexOfficialAesGcmPayload, RadrootsSimplexOfficialChainKdfOutput,
RadrootsSimplexOfficialEncryptedHeader, RadrootsSimplexOfficialEncryptedMessage,
- decode_official_encrypted_header, decode_official_encrypted_message,
+ RadrootsSimplexOfficialMsgHeader, decode_official_encrypted_header,
+ decode_official_encrypted_message, decode_official_msg_header,
encode_official_encrypted_header, encode_official_encrypted_message,
- official_aes_gcm_decrypt_padded, official_aes_gcm_encrypt_padded, official_chain_kdf,
- official_ratchet_header_len,
+ encode_official_msg_header, official_aes_gcm_decrypt_padded, official_aes_gcm_encrypt_padded,
+ official_chain_kdf, official_ratchet_header_len,
};
use alloc::vec::Vec;
use hkdf::Hkdf;
@@ -256,7 +257,10 @@ impl RadrootsSimplexSmpRatchetState {
) -> Result<Vec<u8>, RadrootsSimplexSmpCryptoError> {
let message_number = self.sending_chain_length;
let header = self.next_outbound_header()?;
- let header_plaintext = ratchet_header_associated_data(&header)?;
+ let header_plaintext = encode_official_msg_header(
+ RADROOTS_SIMPLEX_OFFICIAL_E2E_CURRENT_VERSION,
+ &official_msg_header_from_ratchet_header(&header),
+ )?;
let official = derive_official_payload_keys(
shared_secret,
self.current_pq_shared_secret.as_deref(),
@@ -320,7 +324,10 @@ impl RadrootsSimplexSmpRatchetState {
},
&ratchet_ad,
)?;
- let ratchet_header = decode_ratchet_header_associated_data(&header_plaintext)?;
+ let ratchet_header = ratchet_header_from_official_msg_header(decode_official_msg_header(
+ header.version,
+ &header_plaintext,
+ )?);
if ratchet_header.message_number < self.receiving_chain_length {
return Err(RadrootsSimplexSmpCryptoError::RatchetMessageRegression {
received: ratchet_header.message_number,
@@ -442,6 +449,31 @@ fn official_message_associated_data(ratchet_ad: &[u8], encrypted_header: &[u8])
associated_data
}
+fn official_msg_header_from_ratchet_header(
+ header: &RadrootsSimplexSmpRatchetHeader,
+) -> RadrootsSimplexOfficialMsgHeader {
+ RadrootsSimplexOfficialMsgHeader {
+ max_version: RADROOTS_SIMPLEX_OFFICIAL_E2E_CURRENT_VERSION,
+ dh_public_key: header.dh_public_key.clone(),
+ pq_public_key: header.pq_public_key.clone(),
+ pq_ciphertext: header.pq_ciphertext.clone(),
+ previous_sending_chain_length: header.previous_sending_chain_length,
+ message_number: header.message_number,
+ }
+}
+
+fn ratchet_header_from_official_msg_header(
+ header: RadrootsSimplexOfficialMsgHeader,
+) -> RadrootsSimplexSmpRatchetHeader {
+ RadrootsSimplexSmpRatchetHeader {
+ previous_sending_chain_length: header.previous_sending_chain_length,
+ message_number: header.message_number,
+ dh_public_key: header.dh_public_key,
+ pq_public_key: header.pq_public_key,
+ pq_ciphertext: header.pq_ciphertext,
+ }
+}
+
fn ratchet_header_associated_data(
header: &RadrootsSimplexSmpRatchetHeader,
) -> Result<Vec<u8>, RadrootsSimplexSmpCryptoError> {
@@ -454,22 +486,6 @@ fn ratchet_header_associated_data(
Ok(buffer)
}
-fn decode_ratchet_header_associated_data(
- bytes: &[u8],
-) -> Result<RadrootsSimplexSmpRatchetHeader, RadrootsSimplexSmpCryptoError> {
- let mut cursor = RatchetHeaderCursor::new(bytes);
- let header = RadrootsSimplexSmpRatchetHeader {
- previous_sending_chain_length: cursor.read_u32()?,
- message_number: cursor.read_u32()?,
- dh_public_key: cursor.read_large_bytes()?,
- pq_public_key: cursor.read_maybe_large_bytes()?,
- pq_ciphertext: cursor.read_maybe_large_bytes()?,
- };
- cursor.finish()?;
- header.validate()?;
- Ok(header)
-}
-
fn push_maybe_large_bytes(
buffer: &mut Vec<u8>,
value: Option<&[u8]>,
@@ -501,66 +517,6 @@ fn push_large_bytes(
Ok(())
}
-struct RatchetHeaderCursor<'a> {
- bytes: &'a [u8],
- position: usize,
-}
-
-impl<'a> RatchetHeaderCursor<'a> {
- const fn new(bytes: &'a [u8]) -> Self {
- Self { bytes, position: 0 }
- }
-
- fn finish(&self) -> Result<(), RadrootsSimplexSmpCryptoError> {
- if self.position == self.bytes.len() {
- Ok(())
- } else {
- Err(RadrootsSimplexSmpCryptoError::InvalidCiphertextLength(
- self.bytes.len() - self.position,
- ))
- }
- }
-
- fn read_u32(&mut self) -> Result<u32, RadrootsSimplexSmpCryptoError> {
- let bytes = self.read_slice(4)?;
- Ok(u32::from_be_bytes([bytes[0], bytes[1], bytes[2], bytes[3]]))
- }
-
- fn read_byte(&mut self) -> Result<u8, RadrootsSimplexSmpCryptoError> {
- let Some(value) = self.bytes.get(self.position) else {
- return Err(RadrootsSimplexSmpCryptoError::InvalidCiphertextLength(0));
- };
- self.position += 1;
- Ok(*value)
- }
-
- fn read_large_bytes(&mut self) -> Result<Vec<u8>, RadrootsSimplexSmpCryptoError> {
- let bytes = self.read_slice(2)?;
- let length = u16::from_be_bytes([bytes[0], bytes[1]]) as usize;
- Ok(self.read_slice(length)?.to_vec())
- }
-
- fn read_maybe_large_bytes(&mut self) -> Result<Option<Vec<u8>>, RadrootsSimplexSmpCryptoError> {
- match self.read_byte()? {
- 0 => Ok(None),
- 1 => self.read_large_bytes().map(Some),
- value => Err(RadrootsSimplexSmpCryptoError::InvalidCiphertextLength(
- value as usize,
- )),
- }
- }
-
- fn read_slice(&mut self, len: usize) -> Result<&'a [u8], RadrootsSimplexSmpCryptoError> {
- let Some(bytes) = self.bytes.get(self.position..self.position + len) else {
- return Err(RadrootsSimplexSmpCryptoError::InvalidCiphertextLength(
- self.bytes.len().saturating_sub(self.position),
- ));
- };
- self.position += len;
- Ok(bytes)
- }
-}
-
#[cfg(test)]
mod tests {
use super::*;
@@ -647,18 +603,12 @@ mod tests {
#[test]
fn encrypts_payload_and_advances_receive_state() {
- let mut sender = RadrootsSimplexSmpRatchetState::initiator(
- b"alice-dh".to_vec(),
- b"bob-dh".to_vec(),
- None,
- )
- .unwrap();
- let mut receiver = RadrootsSimplexSmpRatchetState::responder(
- b"bob-dh".to_vec(),
- b"alice-dh".to_vec(),
- None,
- )
- .unwrap();
+ let mut sender =
+ RadrootsSimplexSmpRatchetState::initiator(vec![1_u8; 56], vec![2_u8; 56], None)
+ .unwrap();
+ let mut receiver =
+ RadrootsSimplexSmpRatchetState::responder(vec![2_u8; 56], vec![1_u8; 56], None)
+ .unwrap();
let shared_secret = [7_u8; RADROOTS_SIMPLEX_SMP_SHARED_SECRET_LENGTH];
let (header, ciphertext) = sender
@@ -675,18 +625,12 @@ mod tests {
#[test]
fn rejects_tampered_ratchet_header() {
- let mut sender = RadrootsSimplexSmpRatchetState::initiator(
- b"alice-dh".to_vec(),
- b"bob-dh".to_vec(),
- None,
- )
- .unwrap();
- let mut receiver = RadrootsSimplexSmpRatchetState::responder(
- b"bob-dh".to_vec(),
- b"alice-dh".to_vec(),
- None,
- )
- .unwrap();
+ let mut sender =
+ RadrootsSimplexSmpRatchetState::initiator(vec![1_u8; 56], vec![2_u8; 56], None)
+ .unwrap();
+ let mut receiver =
+ RadrootsSimplexSmpRatchetState::responder(vec![2_u8; 56], vec![1_u8; 56], None)
+ .unwrap();
let shared_secret = [9_u8; RADROOTS_SIMPLEX_SMP_SHARED_SECRET_LENGTH];
let (mut header, ciphertext) = sender
.encrypt_payload(&shared_secret, b"agent body", 64)
@@ -722,18 +666,12 @@ mod tests {
#[test]
fn encrypts_official_payload_as_opaque_message() {
- let mut sender = RadrootsSimplexSmpRatchetState::initiator(
- b"alice-dh".to_vec(),
- b"bob-dh".to_vec(),
- None,
- )
- .unwrap();
- let mut receiver = RadrootsSimplexSmpRatchetState::responder(
- b"bob-dh".to_vec(),
- b"alice-dh".to_vec(),
- None,
- )
- .unwrap();
+ let mut sender =
+ RadrootsSimplexSmpRatchetState::initiator(vec![1_u8; 56], vec![2_u8; 56], None)
+ .unwrap();
+ let mut receiver =
+ RadrootsSimplexSmpRatchetState::responder(vec![2_u8; 56], vec![1_u8; 56], None)
+ .unwrap();
let shared_secret = [11_u8; RADROOTS_SIMPLEX_SMP_SHARED_SECRET_LENGTH];
let encrypted = sender
@@ -751,18 +689,12 @@ mod tests {
#[test]
fn rejects_tampered_official_payload_body() {
- let mut sender = RadrootsSimplexSmpRatchetState::initiator(
- b"alice-dh".to_vec(),
- b"bob-dh".to_vec(),
- None,
- )
- .unwrap();
- let mut receiver = RadrootsSimplexSmpRatchetState::responder(
- b"bob-dh".to_vec(),
- b"alice-dh".to_vec(),
- None,
- )
- .unwrap();
+ let mut sender =
+ RadrootsSimplexSmpRatchetState::initiator(vec![1_u8; 56], vec![2_u8; 56], None)
+ .unwrap();
+ let mut receiver =
+ RadrootsSimplexSmpRatchetState::responder(vec![2_u8; 56], vec![1_u8; 56], None)
+ .unwrap();
let shared_secret = [12_u8; RADROOTS_SIMPLEX_SMP_SHARED_SECRET_LENGTH];
let mut encrypted = sender
.encrypt_official_payload(&shared_secret, b"official agent body", 96)
