Use upstream's xchacha20poly1305

author: Jason A. Donenfeld <Jason@zx2c4.com> 2018-12-10 04:23:17 +0100
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2018-12-10 04:23:17 +0100
commit: 5ace0fdfe237b2062c060fbe30d6fb40965fb1b9 (patch)
tree: 4b0a333a1b85a10021b147a1ebf164c391a6dbae /cookie.go
parent: 849fa400e915ece69c4fbaed0f261b9b4efcb565 (diff)
1 files changed, 4 insertions, 15 deletions
diff --git a/cookie.go b/cookie.go
index e7c926a..8226ef0 100644
--- a/cookie.go
+++ b/cookie.go
@@ -8,7 +8,6 @@ package main
 import (
 	"crypto/hmac"
 	"crypto/rand"
-	"git.zx2c4.com/wireguard-go/xchacha20poly1305"
 	"golang.org/x/crypto/blake2s"
 	"golang.org/x/crypto/chacha20poly1305"
 	"sync"
@@ -163,13 +162,8 @@ func (st *CookieChecker) CreateReply(
 		return nil, err
 	}
 
-	xchacha20poly1305.Encrypt(
-		reply.Cookie[:0],
-		&reply.Nonce,
-		cookie[:],
-		msg[smac1:smac2],
-		&st.mac2.encryptionKey,
-	)
+	xchapoly, _ := chacha20poly1305.NewX(st.mac2.encryptionKey[:])
+	xchapoly.Seal(reply.Cookie[:0], reply.Nonce[:], cookie[:], msg[smac1:smac2])
 
 	st.mutex.RUnlock()
 
@@ -207,13 +201,8 @@ func (st *CookieGenerator) ConsumeReply(msg *MessageCookieReply) bool {
 
 	var cookie [blake2s.Size128]byte
 
-	_, err := xchacha20poly1305.Decrypt(
-		cookie[:0],
-		&msg.Nonce,
-		msg.Cookie[:],
-		st.mac2.lastMAC1[:],
-		&st.mac2.encryptionKey,
-	)
+	xchapoly, _ := chacha20poly1305.NewX(st.mac2.encryptionKey[:])
+	_, err := xchapoly.Open(cookie[:0], msg.Nonce[:], msg.Cookie[:], st.mac2.lastMAC1[:])
 
 	if err != nil {
 		return false
author	Jason A. Donenfeld <Jason@zx2c4.com>	2018-12-10 04:23:17 +0100
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2018-12-10 04:23:17 +0100
commit	5ace0fdfe237b2062c060fbe30d6fb40965fb1b9 (patch)
tree	4b0a333a1b85a10021b147a1ebf164c391a6dbae /cookie.go
parent	849fa400e915ece69c4fbaed0f261b9b4efcb565 (diff)