mirror of
https://github.com/nostr-protocol/nips.git
synced 2025-01-18 12:11:33 +00:00
Merge pull request #946 from jiftechnify/patch-nip44
Fix typos of NIP-44
This commit is contained in:
commit
98d7f1cd9c
10
44.md
10
44.md
@ -80,7 +80,7 @@ NIP-44 version 2 has the following design characteristics:
|
||||
but won't leak the long-term key
|
||||
3. Calculate message keys
|
||||
- The keys are generated from `conversation_key` and `nonce`. Validate that both are 32 bytes long
|
||||
- Use HKDF-expand, with sha256, `OKM=conversation_key`, `info=nonce` and `L=76`
|
||||
- Use HKDF-expand, with sha256, `PRK=conversation_key`, `info=nonce` and `L=76`
|
||||
- Slice 76-byte HKDF output into: `chacha_key` (bytes 0..32), `chacha_nonce` (bytes 32..44), `hmac_key` (bytes 44..76)
|
||||
4. Add padding
|
||||
- Content must be encoded from UTF-8 into byte array
|
||||
@ -115,9 +115,9 @@ validation rules, refer to BIP-340.
|
||||
- Validate length of base64 message to prevent DoS on base64 decoder: it can be in range from 132 to 87472 chars
|
||||
- Validate length of decoded message to verify output of the decoder: it can be in range from 99 to 65603 bytes
|
||||
3. Calculate conversation key
|
||||
- See step 1 of (encryption)[#Encryption]
|
||||
- See step 1 of [encryption](#Encryption)
|
||||
4. Calculate message keys
|
||||
- See step 3 of (encryption)[#Encryption]
|
||||
- See step 3 of [encryption](#Encryption)
|
||||
5. Calculate MAC (message authentication code) with AAD and compare
|
||||
- Stop and throw an error if MAC doesn't match the decoded one from step 2
|
||||
- Use constant-time comparison algorithm
|
||||
@ -126,7 +126,7 @@ validation rules, refer to BIP-340.
|
||||
7. Remove padding
|
||||
- Read the first two BE bytes of plaintext that correspond to plaintext length
|
||||
- Verify that the length of sliced plaintext matches the value of the two BE bytes
|
||||
- Verify that calculated padding from step 3 of the (encryption)[#Encryption] process matches the actual padding
|
||||
- Verify that calculated padding from step 3 of the [encryption](#Encryption) process matches the actual padding
|
||||
|
||||
### Details
|
||||
|
||||
@ -291,5 +291,5 @@ The file also contains intermediate values. A quick guidance with regards to its
|
||||
- `valid.encrypt_decrypt`: emulate real conversation. Calculate pub2 from sec2, verify conversation_key from (sec1, pub2), encrypt, verify payload, then calculate pub1 from sec1, verify conversation_key from (sec2, pub1), decrypt, verify plaintext.
|
||||
- `valid.encrypt_decrypt_long_msg`: same as previous step, but instead of a full plaintext and payload, their checksum is provided.
|
||||
- `invalid.encrypt_msg_lengths`
|
||||
- `invalid.get_conversation_key`: calculating converastion_key must throw an error
|
||||
- `invalid.get_conversation_key`: calculating conversation_key must throw an error
|
||||
- `invalid.decrypt`: decrypting message content must throw an error
|
||||
|
Loading…
Reference in New Issue
Block a user