Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nonce removal from vss/EncryptedDeal struct #524

Merged
merged 2 commits into from
Jun 5, 2024
Merged

Nonce removal from vss/EncryptedDeal struct #524

merged 2 commits into from
Jun 5, 2024

Conversation

matteosz
Copy link
Contributor

This PR resolves #379 by removing the nonce from the Encrypted Deal struct (as it's always 0)

@matteosz matteosz self-assigned this May 23, 2024
@matteosz matteosz changed the base branch from master to drandmerge May 23, 2024 09:58
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented May 23, 2024

Please retry analysis of this Pull-Request directly on SonarCloud

@matteosz matteosz changed the title Nonce removal from rabin/vss/EncryptedDeal struct Nonce removal from vss/EncryptedDeal struct May 23, 2024
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented May 23, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
37.7% Duplication on New Code (required ≤ 10%)

See analysis details on SonarCloud

CluEleSsUK
CluEleSsUK reviewed May 23, 2024
View reviewed changes
share/vss/pedersen/vss.go
@@ -408,7 +405,8 @@ func (v *Verifier) decryptDeal(e *EncryptedDeal) (*Deal, error) {
if err != nil {
return nil, err
}
decrypted, err := gcm.Open(nil, e.Nonce, e.Cipher, v.hkdfContext)
nonce := make([]byte, gcm.NonceSize())
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is it intentional to pass in an empty slice here? it seems like it'd be better to remove it entirely (though this breaks the interface for other users potentially)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure I understood well your point but I'll try to answer anyway.

It's not possible to not pass the nonce, as it's required from the gcm interfact; additionally, if we were to pass nil instead that wouldn't work either, as it has to match the NonceSize(). Also, this is a v4 change, so it's okay to break our interfaces (the encrypted deal in this case).

@AnomalRoil AnomalRoil merged commit 539a917 into drandmerge Jun 5, 2024
9 checks passed
@AnomalRoil AnomalRoil deleted the gcm-nonce-removal branch June 5, 2024 15:08
@pierluca pierluca mentioned this pull request Jul 15, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@CluEleSsUK CluEleSsUK CluEleSsUK left review comments

@AnomalRoil AnomalRoil AnomalRoil approved these changes

Assignees

@matteosz matteosz

Labels
safe PR v4
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

GCM Nonce field can be removed from rabin.vss/EncryptedDeal
3 participants
@matteosz @CluEleSsUK @AnomalRoil