Hello,
Not sure how to reach to the authors/contributors involved in ChaChaPoly
implementation. So, sending this here. Please redirect as appopriate.
I am implementing "GO" utility (using gopacket) for decrypting
IPsec ESP tunnel packets that are encrypted using ChachPoly. For my
testing, I used the RFC7634 (Appendix A) example. I believe my code is
correct, and still I continue to get "message authentication failed"
error message.
I am dumping everything on screen and validated (manually) that the
information (key, nonce, AAD and ciphertext) is correct (or rather as
expected for RFC7634 ESP example)
Who do you think can help me with this?
Here is the relevant code snippet -
key = append(key, 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92,
0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d,
0x9e, 0x9f)
/* nonce is 32 bit salt and 64 bit IV */
nonce = append(nonce, 0xa0, 0xa1, 0xa2, 0xa3)
nonce = append(nonce, esp.Encrypted[0],
esp.Encrypted[1],esp.Encrypted[2],esp.Encrypted[3])
nonce = append(nonce, esp.Encrypted[4],
esp.Encrypted[5],esp.Encrypted[6],esp.Encrypted[7])
aead, err := chacha20poly1305.New(key[:])
binary.BigEndian.PutUint32(aad, esp.SPI)
binary.BigEndian.PutUint32(aad[4:], esp.Seq)
plainText, err = aead.Open(nil, nonce, esp.Encrypted, aad)
Really appreciate any help on this.
Thanks,
Deepak.
--
You received this message because you are subscribed to the Google Groups
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/golang-nuts/4d162641-a39e-4578-ba1b-f2bcccc45e01n%40googlegroups.com.
