Update message and signature key types

comms/dht/src/dht.rs

@@ -620,7 +620,7 @@ mod test {
         let ecdh_key = CommsDHKE::new(node_identity2.secret_key(), node_identity2.public_key());
         let key_message = crypt::generate_key_message(&ecdh_key);
         let mut encrypted_bytes = msg.encode_into_bytes_mut();
-        crypt::encrypt(&key_message, &mut encrypted_bytes).unwrap();
+        crypt::encrypt_message(&key_message, &mut encrypted_bytes).unwrap();
         let dht_envelope = make_dht_envelope(
             &node_identity2,
             &encrypted_bytes.to_vec(),

comms/dht/src/inbound/decryption.rs

@@ -390,8 +390,8 @@ where S: Service<DecryptedDhtMessage, Response = (), Error = PipelineError>
             .ok_or( DecryptionError::MessageSignatureNotProvidedForEncryptedMessage)?;
 
         // obtain key signature for authenticated decrypt signature
-        let key_signature = crypt::generate_key_signature_for_authenticated_encryption(shared_secret);
-        let decrypted_bytes = crypt::decrypt_with_chacha20_poly1305(&key_signature, encrypted_message_signature)
+        let key_signature = crypt::generate_key_signature(shared_secret);
+        let decrypted_bytes = crypt::decrypt_signature(&key_signature, encrypted_message_signature)
             .map_err(|_| DecryptionError::MessageSignatureDecryptedFailed)?;
         let message_signature = ProtoMessageSignature::decode(decrypted_bytes.as_slice())
             .map_err(|_| DecryptionError::MessageSignatureDeserializedFailed)?;
@@ -408,7 +408,8 @@ where S: Service<DecryptedDhtMessage, Response = (), Error = PipelineError>
     ) -> Result<EnvelopeBody, DecryptionError> {
         let key_message = crypt::generate_key_message(shared_secret);
         let mut decrypted = BytesMut::from(message_body);
-        crypt::decrypt(&key_message, &mut decrypted).map_err(DecryptionError::DecryptionFailedMalformedCipher)?;
+        crypt::decrypt_message(&key_message, &mut decrypted)
+            .map_err(DecryptionError::DecryptionFailedMalformedCipher)?;
         // Deserialization into an EnvelopeBody is done here to determine if the
         // decryption produced valid bytes or not.
         EnvelopeBody::decode(decrypted.freeze())
@@ -643,7 +644,7 @@ mod test {
         let msg_tag = MessageTag::new();
 
         let mut message = plain_text_msg.clone();
-        crypt::encrypt(&key_message, &mut message).unwrap();
+        crypt::encrypt_message(&key_message, &mut message).unwrap();
         let message = message.freeze();
         let header = make_dht_header(
             &node_identity,
@@ -668,10 +669,9 @@ mod test {
         // Sign invalid data. Other peers cannot validate this while propagating, but this should not cause them to be
         // banned.
         let signature = make_valid_message_signature(&node_identity, b"sign invalid data");
-        let key_signature = crypt::generate_key_signature_for_authenticated_encryption(&shared_secret);
+        let key_signature = crypt::generate_key_signature(&shared_secret);
 
-        inbound_msg.dht_header.message_signature =
-            crypt::encrypt_with_chacha20_poly1305(&key_signature, &signature).unwrap();
+        inbound_msg.dht_header.message_signature = crypt::encrypt_signature(&key_signature, &signature).unwrap();
 
         let err = service.call(inbound_msg).await.unwrap_err();
         let err = err.downcast::<DecryptionError>().unwrap();
@@ -706,7 +706,7 @@ mod test {
         let msg_tag = MessageTag::new();
 
         let mut message = plain_text_msg.clone();
-        crypt::encrypt(&key_message, &mut message).unwrap();
+        crypt::encrypt_message(&key_message, &mut message).unwrap();
         let message = message.freeze();
         let header = make_dht_header(
             &node_identity,

comms/dht/src/outbound/broadcast.rs

@@ -498,7 +498,7 @@ where S: Service<DhtOutboundMessage, Response = (), Error = PipelineError>
                 // Generate key message for encryption of message
                 let key_message = crypt::generate_key_message(&shared_ephemeral_secret);
                 // Encrypt the message with the body with key message above
-                crypt::encrypt(&key_message, &mut body)?;
+                crypt::encrypt_message(&key_message, &mut body)?;
                 let encrypted_body = body.freeze();
 
                 // Produce domain separated signature signature
@@ -513,16 +513,15 @@ where S: Service<DhtOutboundMessage, Response = (), Error = PipelineError>
                 );
 
                 // Generate key signature for encryption of signature
-                let key_signature =
-                    crypt::generate_key_signature_for_authenticated_encryption(&shared_ephemeral_secret);
+                let key_signature = crypt::generate_key_signature(&shared_ephemeral_secret);
 
                 // Sign the encrypted message
                 let signature =
                     MessageSignature::new_signed(self.node_identity.secret_key().clone(), &mac_signature).to_proto();
 
                 // Perform authenticated encryption with ChaCha20-Poly1305 and set the origin field
                 let encrypted_message_signature =
-                    crypt::encrypt_with_chacha20_poly1305(&key_signature, &signature.to_encoded_bytes())?;
+                    crypt::encrypt_signature(&key_signature, &signature.to_encoded_bytes())?;
 
                 Ok((
                     Some(Arc::new(e_public_key)),

comms/dht/src/store_forward/saf_handler/task.rs

@@ -558,8 +558,8 @@ where S: Service<DecryptedDhtMessage, Response = (), Error = PipelineError>
                 header.message_signature.len()
             );
             let shared_secret = CommsDHKE::new(node_identity.secret_key(), ephemeral_public_key);
-            let key_signature = crypt::generate_key_signature_for_authenticated_encryption(&shared_secret);
-            let decrypted = crypt::decrypt_with_chacha20_poly1305(&key_signature, &header.message_signature)?;
+            let key_signature = crypt::generate_key_signature(&shared_secret);
+            let decrypted = crypt::decrypt_signature(&key_signature, &header.message_signature)?;
             let authenticated_pk = Self::authenticate_message(&decrypted, header, body)?;
 
             trace!(
@@ -570,7 +570,7 @@ where S: Service<DecryptedDhtMessage, Response = (), Error = PipelineError>
 
             let key_message = crypt::generate_key_message(&shared_secret);
             let mut decrypted_bytes = BytesMut::from(body);
-            crypt::decrypt(&key_message, &mut decrypted_bytes)?;
+            crypt::decrypt_message(&key_message, &mut decrypted_bytes)?;
             let envelope_body =
                 EnvelopeBody::decode(decrypted_bytes.freeze()).map_err(|_| StoreAndForwardError::DecryptionFailed)?;
             if envelope_body.is_empty() {

comms/dht/src/test_utils/makers.rs

@@ -98,8 +98,8 @@ pub fn make_dht_header(
         let signature = make_valid_message_signature(node_identity, &binding_message_representation);
         if flags.is_encrypted() {
             let shared_secret = CommsDHKE::new(e_secret_key, node_identity.public_key());
-            let key_signature = crypt::generate_key_signature_for_authenticated_encryption(&shared_secret);
-            message_signature = crypt::encrypt_with_chacha20_poly1305(&key_signature, &signature)?;
+            let key_signature = crypt::generate_key_signature(&shared_secret);
+            message_signature = crypt::encrypt_signature(&key_signature, &signature)?;
         }
     }
     Ok(DhtMessageHeader {
@@ -203,7 +203,7 @@ pub fn make_dht_envelope<T: prost::Message>(
         let shared_secret = CommsDHKE::new(&e_secret_key, node_identity.public_key());
         let key_message = crypt::generate_key_message(&shared_secret);
         let mut message = prepare_message(true, message);
-        crypt::encrypt(&key_message, &mut message).unwrap();
+        crypt::encrypt_message(&key_message, &mut message).unwrap();
         message.freeze()
     } else {
         prepare_message(false, message).freeze()