fluencelabs/tendermint
1
0
Fork 0
mirror of https://github.com/fluencelabs/tendermint synced 2025-04-25 14:52:17 +00:00
Code Issues Projects Releases Wiki Activity

(squash this) change adr number, remove redundancy in function names

Browse Source
This commit is contained in:
ValarDragon 2018-08-02 10:43:47 -07:00
parent ce9ddc7cd7
commit a040c36dfb
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/architecture/adr-015-symmetric-crypto.md → docs/architecture/adr-013-symmetric-crypto.md
View File

@ -1,4 +1,4 @@
# ADR 015: Need for symmetric cryptography # ADR 013: Need for symmetric cryptography
## Context ## Context
@ -31,9 +31,9 @@ Consequently decryption with multiple algoritms is sub-optimal.
We should create the following two methods in a new `crypto/encoding/symmetric` package: We should create the following two methods in a new `crypto/encoding/symmetric` package:
```golang ```golang
func EncryptSymmetric(aead cipher.AEAD, plaintext []byte) (ciphertext []byte, err error) func Encrypt(aead cipher.AEAD, plaintext []byte) (ciphertext []byte, err error)
func DecryptSymmetric(key []byte, ciphertext []byte) (plaintext []byte, err error) func Decrypt(key []byte, ciphertext []byte) (plaintext []byte, err error)
func RegisterSymmetric(aead cipher.AEAD, algo_name string, NewAead func(key []byte) (cipher.Aead, error)) error func Register(aead cipher.AEAD, algo_name string, NewAead func(key []byte) (cipher.Aead, error)) error
``` ```
This allows you to specify the algorithm in encryption, but not have to specify This allows you to specify the algorithm in encryption, but not have to specify
@ -43,7 +43,7 @@ looking at the file directly.
One downside is that for the encrypt function you must have already initialized an AEAD, One downside is that for the encrypt function you must have already initialized an AEAD,
but I don't really see this as an issue. but I don't really see this as an issue.
If there is no error in encryption, EncryptSymmetric will return `algo_name || nonce || aead_ciphertext`. If there is no error in encryption, Encrypt will return `algo_name || nonce || aead_ciphertext`.
`algo_name` should be length prefixed, using standard varuint encoding. `algo_name` should be length prefixed, using standard varuint encoding.
This will be binary data, but thats not a problem considering the nonce and ciphertext are also binary. This will be binary data, but thats not a problem considering the nonce and ciphertext are also binary.
@ -63,7 +63,7 @@ Then we maintain a map from the name returned from `getType(aead)` to `algo_name
In decryption, we read the `algo_name`, and then instantiate a new AEAD with the key. In decryption, we read the `algo_name`, and then instantiate a new AEAD with the key.
Then we call the AEAD's decrypt method on the provided nonce/ciphertext. Then we call the AEAD's decrypt method on the provided nonce/ciphertext.
`RegisterSymmetric` allows a downstream user to add their own desired AEAD to the symmetric package. `Register` allows a downstream user to add their own desired AEAD to the symmetric package.
It will error if the AEAD name is already registered. It will error if the AEAD name is already registered.
This prevents a malicious import from modifying / nullifying an AEAD at runtime. This prevents a malicious import from modifying / nullifying an AEAD at runtime.