mirror of
https://github.com/nostr-protocol/nips.git
synced 2024-12-22 16:35:52 -05:00
Merge pull request #946 from jiftechnify/patch-nip44
Fix typos of NIP-44
This commit is contained in:
commit
98d7f1cd9c
10
44.md
10
44.md
|
@ -80,7 +80,7 @@ NIP-44 version 2 has the following design characteristics:
|
||||||
but won't leak the long-term key
|
but won't leak the long-term key
|
||||||
3. Calculate message keys
|
3. Calculate message keys
|
||||||
- The keys are generated from `conversation_key` and `nonce`. Validate that both are 32 bytes long
|
- The keys are generated from `conversation_key` and `nonce`. Validate that both are 32 bytes long
|
||||||
- Use HKDF-expand, with sha256, `OKM=conversation_key`, `info=nonce` and `L=76`
|
- Use HKDF-expand, with sha256, `PRK=conversation_key`, `info=nonce` and `L=76`
|
||||||
- Slice 76-byte HKDF output into: `chacha_key` (bytes 0..32), `chacha_nonce` (bytes 32..44), `hmac_key` (bytes 44..76)
|
- Slice 76-byte HKDF output into: `chacha_key` (bytes 0..32), `chacha_nonce` (bytes 32..44), `hmac_key` (bytes 44..76)
|
||||||
4. Add padding
|
4. Add padding
|
||||||
- Content must be encoded from UTF-8 into byte array
|
- Content must be encoded from UTF-8 into byte array
|
||||||
|
@ -115,9 +115,9 @@ validation rules, refer to BIP-340.
|
||||||
- Validate length of base64 message to prevent DoS on base64 decoder: it can be in range from 132 to 87472 chars
|
- Validate length of base64 message to prevent DoS on base64 decoder: it can be in range from 132 to 87472 chars
|
||||||
- Validate length of decoded message to verify output of the decoder: it can be in range from 99 to 65603 bytes
|
- Validate length of decoded message to verify output of the decoder: it can be in range from 99 to 65603 bytes
|
||||||
3. Calculate conversation key
|
3. Calculate conversation key
|
||||||
- See step 1 of (encryption)[#Encryption]
|
- See step 1 of [encryption](#Encryption)
|
||||||
4. Calculate message keys
|
4. Calculate message keys
|
||||||
- See step 3 of (encryption)[#Encryption]
|
- See step 3 of [encryption](#Encryption)
|
||||||
5. Calculate MAC (message authentication code) with AAD and compare
|
5. Calculate MAC (message authentication code) with AAD and compare
|
||||||
- Stop and throw an error if MAC doesn't match the decoded one from step 2
|
- Stop and throw an error if MAC doesn't match the decoded one from step 2
|
||||||
- Use constant-time comparison algorithm
|
- Use constant-time comparison algorithm
|
||||||
|
@ -126,7 +126,7 @@ validation rules, refer to BIP-340.
|
||||||
7. Remove padding
|
7. Remove padding
|
||||||
- Read the first two BE bytes of plaintext that correspond to plaintext length
|
- Read the first two BE bytes of plaintext that correspond to plaintext length
|
||||||
- Verify that the length of sliced plaintext matches the value of the two BE bytes
|
- Verify that the length of sliced plaintext matches the value of the two BE bytes
|
||||||
- Verify that calculated padding from step 3 of the (encryption)[#Encryption] process matches the actual padding
|
- Verify that calculated padding from step 3 of the [encryption](#Encryption) process matches the actual padding
|
||||||
|
|
||||||
### Details
|
### Details
|
||||||
|
|
||||||
|
@ -291,5 +291,5 @@ The file also contains intermediate values. A quick guidance with regards to its
|
||||||
- `valid.encrypt_decrypt`: emulate real conversation. Calculate pub2 from sec2, verify conversation_key from (sec1, pub2), encrypt, verify payload, then calculate pub1 from sec1, verify conversation_key from (sec2, pub1), decrypt, verify plaintext.
|
- `valid.encrypt_decrypt`: emulate real conversation. Calculate pub2 from sec2, verify conversation_key from (sec1, pub2), encrypt, verify payload, then calculate pub1 from sec1, verify conversation_key from (sec2, pub1), decrypt, verify plaintext.
|
||||||
- `valid.encrypt_decrypt_long_msg`: same as previous step, but instead of a full plaintext and payload, their checksum is provided.
|
- `valid.encrypt_decrypt_long_msg`: same as previous step, but instead of a full plaintext and payload, their checksum is provided.
|
||||||
- `invalid.encrypt_msg_lengths`
|
- `invalid.encrypt_msg_lengths`
|
||||||
- `invalid.get_conversation_key`: calculating converastion_key must throw an error
|
- `invalid.get_conversation_key`: calculating conversation_key must throw an error
|
||||||
- `invalid.decrypt`: decrypting message content must throw an error
|
- `invalid.decrypt`: decrypting message content must throw an error
|
||||||
|
|
Loading…
Reference in New Issue
Block a user