@ -123,7 +123,7 @@ func (sc *SecretConnection) Write(data []byte) (n int, err error) {
data = nil
data = nil
}
}
chunkLength := len ( chunk )
chunkLength := len ( chunk )
binary . Big Endian. PutUint32 ( frame , uint32 ( chunkLength ) )
binary . Little Endian. PutUint32 ( frame , uint32 ( chunkLength ) )
copy ( frame [ dataLenSize : ] , chunk )
copy ( frame [ dataLenSize : ] , chunk )
aead , err := chacha20poly1305 . New ( sc . sendSecret [ : ] )
aead , err := chacha20poly1305 . New ( sc . sendSecret [ : ] )
@ -172,7 +172,7 @@ func (sc *SecretConnection) Read(data []byte) (n int, err error) {
incrNonce ( sc . recvNonce )
incrNonce ( sc . recvNonce )
// end decryption
// end decryption
var chunkLength = binary . Big Endian. Uint32 ( frame ) // read the first two bytes
var chunkLength = binary . Little Endian. Uint32 ( frame ) // read the first four bytes
if chunkLength > dataMaxSize {
if chunkLength > dataMaxSize {
return 0 , errors . New ( "chunkLength is greater than dataMaxSize" )
return 0 , errors . New ( "chunkLength is greater than dataMaxSize" )
}
}
@ -332,13 +332,12 @@ func shareAuthSignature(sc *SecretConnection, pubKey crypto.PubKey, signature []
//--------------------------------------------------------------------------------
//--------------------------------------------------------------------------------
// increment nonce big-endian by 1 with wraparound.
// Increment nonce little-endian by 1 with wraparound.
// Due to chacha20poly1305 expecting a 12 byte nonce we do not use the first four
// bytes. We only increment a 64 bit unsigned int in the remaining 8 bytes
// (little-endian in nonce[4:]).
func incrNonce ( nonce * [ aeadNonceSize ] byte ) {
func incrNonce ( nonce * [ aeadNonceSize ] byte ) {
for i := aeadNonceSize - 1 ; 0 <= i ; i -- {
nonce [ i ] ++
// if this byte wrapped around to zero, we need to increment the next byte
if nonce [ i ] != 0 {
return
}
}
counter := binary . LittleEndian . Uint64 ( nonce [ 4 : ] )
counter ++
binary . LittleEndian . PutUint64 ( nonce [ 4 : ] , counter )
}
}