From e9014b45c3406fb4ea638d094d56558de4045975 Mon Sep 17 00:00:00 2001 From: Henry de Valence Date: Mon, 7 Oct 2019 22:58:38 -0700 Subject: [PATCH] StrobeGo does not support continuation ops Because Strobe encodes the operation, doing two meta-AD operations is different from doing one meta-AD operation with the concatenated data. Other Strobe implementations, such as the one internal to the Merlin implementation in Rust, support a "continuation" flag that indicates that some data is a continuation of a previous operation, rather than a new one. However, StrobeGo does not, so the previous code was doing two separate operations. This code may do more allocations than necessary, as I have never understood the semantics of Go slices. --- merlin.go | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/merlin.go b/merlin.go index 76d6543..6ec5061 100644 --- a/merlin.go +++ b/merlin.go @@ -36,8 +36,11 @@ func (t *Transcript) AppendMessage(label, message []byte) { fmt.Printf("meta-AD : %x || LE32(%d)\t# b\"%s\"\n", label, len(message), label) - t.s.AD(true, label) - t.s.AD(true, sizeBuffer) + // The StrobeGo API does not support continuation operations, + // so we have to pass the label and length as a single buffer. + // Otherwise it will record two meta-AD operations instead of one. + labelSize := append(label, sizeBuffer...) + t.s.AD(true, labelSize) fmt.Printf("AD : %x\t# b\"%s\"\n", message, message) t.s.AD(false, message) @@ -53,8 +56,11 @@ func (t *Transcript) ExtractBytes(label []byte, outLen int) []byte { fmt.Printf("meta-AD : %x || LE32(%d)\t# b\"%s\"\n", label, outLen, label) - t.s.AD(true, label) - t.s.AD(true, sizeBuffer) + // The StrobeGo API does not support continuation operations, + // so we have to pass the label and length as a single buffer. + // Otherwise it will record two meta-AD operations instead of one. + labelSize := append(label, sizeBuffer...) + t.s.AD(true, labelSize) // a PRF call directly to the output buffer would be better return t.s.PRF(outLen)