From bb348f392e5b55fee414c11f42252149f9bd3a20 Mon Sep 17 00:00:00 2001
From: Luca Fulchir <luca.fulchir@runesauth.com>
Date: Fri, 17 Feb 2023 23:30:19 +0100
Subject: [PATCH] Connect decrypt to the handshake req

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>
---
 src/enc/sym.rs | 24 ++++++++++++++----------
 src/lib.rs     |  9 ++++++---
 2 files changed, 20 insertions(+), 13 deletions(-)

diff --git a/src/enc/sym.rs b/src/enc/sym.rs
index 55c4a1e..4e819d0 100644
--- a/src/enc/sym.rs
+++ b/src/enc/sym.rs
@@ -98,7 +98,7 @@ impl Cipher {
             }
         }
     }
-    pub fn tag_len(&self) -> usize {
+    fn tag_len(&self) -> usize {
         match self {
             Cipher::XChaCha20Poly1305(_) => {
                 // TODO: how the hell do I take this from ::chacha20poly1305?
@@ -106,23 +106,22 @@ impl Cipher {
             }
         }
     }
-    fn decrypt(
-        &self,
-        nonce: Nonce,
-        aad: AAD,
-        data: &mut [u8],
-    ) -> Result<(), ()> {
+    fn decrypt(&self, aad: AAD, data: &mut [u8]) -> Result<(), ()> {
         match self {
             Cipher::XChaCha20Poly1305(cipher) => {
                 use ::chacha20poly1305::{
                     aead::generic_array::GenericArray, AeadInPlace,
                 };
-                let (data_notag, tag_bytes) = data.split_at_mut(
-                    data.len() + 1 - ::ring::aead::CHACHA20_POLY1305.tag_len(),
+                // FIXME: check min data length
+                let (nonce_bytes, data_and_tag) = data.split_at_mut(13);
+                let (data_notag, tag_bytes) = data_and_tag.split_at_mut(
+                    data_and_tag.len() + 1
+                        - ::ring::aead::CHACHA20_POLY1305.tag_len(),
                 );
+                let nonce = GenericArray::from_slice(nonce_bytes);
                 let tag = GenericArray::from_slice(tag_bytes);
                 let maybe = cipher.cipher.decrypt_in_place_detached(
-                    nonce.as_bytes().into(),
+                    nonce.into(),
                     aad.0,
                     data_notag,
                     tag,
@@ -150,6 +149,11 @@ impl CipherRecv {
     pub fn nonce_len(&self) -> usize {
         self.0.nonce_len()
     }
+    /// Decrypt a paket. Nonce and Tag are taken from the packet,
+    /// while you need to provide AAD (Additional Authenticated Data)
+    pub fn decrypt(&self, aad: AAD, data: &mut [u8]) -> Result<(), ()> {
+        self.0.decrypt(aad, data)
+    }
 }
 
 /// Send only cipher
diff --git a/src/lib.rs b/src/lib.rs
index 4526d2d..c97fc38 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -61,7 +61,7 @@ impl FenrirInner {
         use connection::handshake::{dirsync::DirSync, HandshakeData};
         match handshake.data {
             HandshakeData::DirSync(ds) => match ds {
-                DirSync::Req(req) => {
+                DirSync::Req(mut req) => {
                     let ephemeral_key = {
                         // Keep this block short to avoid contention
                         // on self.keys
@@ -111,8 +111,11 @@ impl FenrirInner {
                         Err(e) => return Err(handshake::Error::Key(e).into()),
                     };
                     let hkdf = HkdfSha3::new(b"fenrir", shared_key);
-                    let secret_in = hkdf.get_secret(b"to_server");
-                    let cipher_in = CipherRecv::new(req.cipher, secret_in);
+                    let secret_recv = hkdf.get_secret(b"to_server");
+                    let cipher_recv = CipherRecv::new(req.cipher, secret_recv);
+                    use crate::enc::sym::AAD;
+                    let aad = AAD(&mut []); // no aad for now
+                    let _ = cipher_recv.decrypt(aad, &mut req.enc);
 
                     todo!();
                 }