From 8f8e104191baee7c36978c53a072054463e2d5f0 Mon Sep 17 00:00:00 2001
From: Yusef Napora <yusef@protocol.ai>
Date: Tue, 3 Mar 2020 12:44:37 -0500
Subject: [PATCH 1/6] remove empty ephemeral key from XX message C

---
 src/encoder.ts      | 18 +++++++++++++++++-
 src/handshake-xx.ts |  6 +++---
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/src/encoder.ts b/src/encoder.ts
index 60eb1c6..fd10fdd 100644
--- a/src/encoder.ts
+++ b/src/encoder.ts
@@ -25,6 +25,10 @@ export function encode1(message: MessageBuffer): bytes {
   return Buffer.concat([message.ne, message.ns, message.ciphertext]);
 }
 
+export function encode2(message: MessageBuffer): bytes {
+  return Buffer.concat([message.ns, message.ciphertext]);
+}
+
 export function decode0(input: bytes): MessageBuffer {
   if (input.length < 32) {
     throw new Error("Cannot decode stage 0 MessageBuffer: length less than 32 bytes.");
@@ -39,7 +43,7 @@ export function decode0(input: bytes): MessageBuffer {
 
 export function decode1(input: bytes): MessageBuffer {
   if (input.length < 80) {
-    throw new Error("Cannot decode stage 0 MessageBuffer: length less than 96 bytes.");
+    throw new Error("Cannot decode stage 1 MessageBuffer: length less than 80 bytes.");
   }
 
   return {
@@ -48,3 +52,15 @@ export function decode1(input: bytes): MessageBuffer {
     ciphertext: input.slice(80, input.length),
   }
 }
+
+export function decode2(input: bytes): MessageBuffer {
+  if (input.length < 48) {
+    throw new Error("Cannot decode stage 2 MessageBuffer: length less than 48 bytes.");
+  }
+
+  return {
+    ne: Buffer.alloc(0),
+    ns: input.slice(0, 48),
+    ciphertext: input.slice(48, input.length),
+  }
+}
diff --git a/src/handshake-xx.ts b/src/handshake-xx.ts
index 2db646b..41360e5 100644
--- a/src/handshake-xx.ts
+++ b/src/handshake-xx.ts
@@ -11,7 +11,7 @@ import {
   verifySignedPayload,
 } from "./utils";
 import { logger } from "./logger";
-import { decode0, decode1, encode0, encode1 } from "./encoder";
+import {decode0, decode1, decode2, encode0, encode1, encode2} from "./encoder";
 import { WrappedConnection } from "./noise";
 import PeerId from "peer-id";
 
@@ -99,11 +99,11 @@ export class XXHandshake implements IHandshake {
     if (this.isInitiator) {
       logger('Stage 2 - Initiator sending third handshake message.');
       const messageBuffer = this.xx.sendMessage(this.session, this.payload);
-      this.connection.writeLP(encode1(messageBuffer));
+      this.connection.writeLP(encode2(messageBuffer));
       logger('Stage 2 - Initiator sent message with signed payload.');
     } else {
       logger('Stage 2 - Responder waiting for third handshake message...');
-      const receivedMessageBuffer = decode1((await this.connection.readLP()).slice());
+      const receivedMessageBuffer = decode2((await this.connection.readLP()).slice());
       const {plaintext, valid} = this.xx.recvMessage(this.session, receivedMessageBuffer);
       if(!valid) {
         throw new Error("xx handshake stage 2 validation fail");

From 409bfd215099705346b20323ad0af57d885ccdf8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marin=20Petruni=C4=87?= <marin.petrunic@gmail.com>
Date: Wed, 4 Mar 2020 08:56:53 +0100
Subject: [PATCH 2/6] fix test

---
 test/noise.test.ts | 17 ++++++-----------
 1 file changed, 6 insertions(+), 11 deletions(-)

diff --git a/test/noise.test.ts b/test/noise.test.ts
index 1fceb50..a22dd0b 100644
--- a/test/noise.test.ts
+++ b/test/noise.test.ts
@@ -1,18 +1,13 @@
-import { expect, assert } from "chai";
+import {assert, expect} from "chai";
 import DuplexPair from 'it-pair/duplex';
-import { Noise } from "../src";
+import {Noise} from "../src";
 import {createPeerIdsFromFixtures} from "./fixtures/peer";
 import Wrap from "it-pb-rpc";
-import { random } from "bcrypto";
+import {random} from "bcrypto";
 import sinon from "sinon";
 import {XXHandshake} from "../src/handshake-xx";
-import {
-  createHandshakePayload,
-  generateKeypair,
-  getHandshakePayload, getPayload,
-  signPayload
-} from "../src/utils";
-import {decode0, decode1, encode1, uint16BEDecode, uint16BEEncode} from "../src/encoder";
+import {createHandshakePayload, generateKeypair, getHandshakePayload, getPayload, signPayload} from "../src/utils";
+import {decode0, decode2, encode1, uint16BEDecode, uint16BEEncode} from "../src/encoder";
 import {XX} from "../src/handshakes/xx";
 import {Buffer} from "buffer";
 import {getKeyPairFromPeerId} from "./utils";
@@ -89,7 +84,7 @@ describe("Noise", () => {
         wrapped.writeLP(encode1(messageBuffer));
 
         // Stage 2 - finish handshake
-        receivedMessageBuffer = decode1((await wrapped.readLP()).slice());
+        receivedMessageBuffer = decode2((await wrapped.readLP()).slice());
         xx.recvMessage(handshake.session, receivedMessageBuffer);
         return {wrapped, handshake};
       })(),

From b1b045fff0b7b9a556a21311d7eedd812ba5bcb9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marin=20Petruni=C4=87?= <marin.petrunic@gmail.com>
Date: Wed, 4 Mar 2020 09:02:59 +0100
Subject: [PATCH 3/6] disable noise pipes

---
 README.md    | 3 +--
 src/noise.ts | 6 +++---
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 3a120f4..e6627fa 100644
--- a/README.md
+++ b/README.md
@@ -25,7 +25,7 @@ import {NOISE, Noise} from "libp2p-noise"
 
 
 //custom noise configuration, pass it instead of NOISE instance
-const noise = new Noise(privateKey, Buffer.alloc(), false);
+const noise = new Noise(privateKey, Buffer.alloc(x));
 
 const libp2p = new Libp2p({
    modules: {
@@ -35,7 +35,6 @@ const libp2p = new Libp2p({
 ```
 
 Where parameters for Noise constructor are:
- - *private key* - required parameter (32 bytes libp2p peer private key)
  - *static Noise key* - (optional) existing private Noise static key
  - *early data* - (optional) an early data payload to be sent in handshake messages
  
diff --git a/src/noise.ts b/src/noise.ts
index 5d25788..3a43cf2 100644
--- a/src/noise.ts
+++ b/src/noise.ts
@@ -42,11 +42,11 @@ export class Noise implements INoiseConnection {
    *
    * @param staticNoiseKey x25519 private key, reuse for faster handshakes
    * @param earlyData
-   * @param useNoisePipes enable IK handshake if initiator static key is known
    */
-  constructor(staticNoiseKey?: bytes, earlyData?: bytes, useNoisePipes = true) {
+  constructor(staticNoiseKey?: bytes, earlyData?: bytes) {
     this.earlyData = earlyData || Buffer.alloc(0);
-    this.useNoisePipes = useNoisePipes;
+    //disabled until properly specked
+    this.useNoisePipes = false;
 
     if (staticNoiseKey) {
       const publicKey = x25519.publicKeyCreate(staticNoiseKey);

From 2bb424a1fae8888267f9e810260f45817b1fa312 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marin=20Petruni=C4=87?= <marin.petrunic@gmail.com>
Date: Wed, 4 Mar 2020 09:06:58 +0100
Subject: [PATCH 4/6] fix tests

---
 test/noise.test.ts | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/test/noise.test.ts b/test/noise.test.ts
index 1fceb50..c9c6c1a 100644
--- a/test/noise.test.ts
+++ b/test/noise.test.ts
@@ -138,7 +138,7 @@ describe("Noise", () => {
     }
   });
 
-  it("should communicate through encrypted streams with noise pipes", async() => {
+  it.skip("should communicate through encrypted streams with noise pipes", async() => {
     try {
       const staticKeysInitiator = generateKeypair();
       const noiseInit = new Noise(staticKeysInitiator.privateKey);
@@ -172,7 +172,7 @@ describe("Noise", () => {
     }
   });
 
-  it("IK -> XX fallback: initiator has invalid remote static key", async() => {
+  it.skip("IK -> XX fallback: initiator has invalid remote static key", async() => {
     try {
       const staticKeysInitiator = generateKeypair();
       const noiseInit = new Noise(staticKeysInitiator.privateKey);
@@ -238,7 +238,7 @@ describe("Noise", () => {
       }
     });
 
-  it("Initiator starts with XX (pipes disabled), responder has enabled noise pipes", async() => {
+  it.skip("Initiator starts with XX (pipes disabled), responder has enabled noise pipes", async() => {
     try {
       const staticKeysInitiator = generateKeypair();
       const noiseInit = new Noise(staticKeysInitiator.privateKey, undefined, false);
@@ -273,7 +273,7 @@ describe("Noise", () => {
     }
   });
 
-  it("IK: responder has no remote static key", async() => {
+  it.skip("IK: responder has no remote static key", async() => {
     try {
       const staticKeysInitiator = generateKeypair();
       const noiseInit = new Noise(staticKeysInitiator.privateKey);

From 0b882f573bbd200e161e8d3564d120050509bf41 Mon Sep 17 00:00:00 2001
From: morrigan <belma.dzi@gmail.com>
Date: Thu, 5 Mar 2020 09:43:37 +0100
Subject: [PATCH 5/6] Release v1.0.0-rc.8

---
 CHANGELOG.md | 10 ++++++++++
 package.json |  2 +-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 166df07..5ed61a0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased] -
 
+## [1.0.0-rc.7] - 2019-03-05
+
+### Breaking changes
+- Disabled noise pipes
+
+### Bugfixes
+- fixed empty ephemeral bug in XX
+- verification of AEAD decryption
+
+
 ## [1.0.0-rc.7] - 2019-02-20
 
 ### Bugfixes
diff --git a/package.json b/package.json
index 5dc8114..5d047df 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "libp2p-noise",
-  "version": "1.0.0-rc.7",
+  "version": "1.0.0-rc.8",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "module": "lib/index.js",