The SecretBox algorithm in pinenacl-dart is different from TweetNaCl and libsodium

Question

Closed this issue 3 years ago · 4 comments

When encrypting a payload with a size of more than 16 KB using the same key and nonce, TweetNaCl (https://www.npmjs.com/package/tweetnacl) and libsodium (https://pub.dev/packages/sodium) generate exactly the same ciphertext (as expected).

But when trying the same with this library:

the first 16 bytes are completely different
the ciphertext until about 16 KB is correct (same output as TweetNaCl and libsodium)
everything after 16 KB is different from TweetNaCl and libsodium

It would be great if the output of pinenacl-dart would be compatible the same algorithm in other crypto libraries, thanks!

Answer 1 · 2021-07-18T21:50:54.000Z

Hi,

Can you pls provide some test vector to check?

Cheers,

Pal

Answer 2 · 2021-07-18T22:08:05.000Z

Here you go: https://github.com/redsolver/pinenacl-bug-demo
There is the input file, the output files, the code and the diff command I used.

Answer 3 · 2021-07-19T01:43:52.000Z

Thank you very much, it will be fixed soon.
I have found the root cause of the issue. It is some sign issues.

I meant it's fixed, but want to check other part of the package.

Thx.

Answer 4 · 2021-07-19T22:41:25.000Z

Please use the latest package the v0.3.2 or v0.3.3

Cheers,

Pal