crypto: Endianess of nonce in secret connection

[liamsi]

Currently, the nonces used in secret connection are 12 bytes / 96 bits and basically a big endian encoded counter:

tendermint/p2p/conn/secret_connection.go

Lines 335 to 344 in 013b9ce

	// increment nonce big-endian by 1 with wraparound.
	func incrNonce(nonce *[aeadNonceSize]byte) {
	for i := aeadNonceSize - 1; 0 <= i; i-- {
	nonce[i]++
	// if this byte wrapped around to zero, we need to increment the next byte
	if nonce[i] != 0 {
	return
	}
	}
	}

For the sake of consistency (ChaCha20 is all little endian) it would be great to change the nonce encoding to little endian, too.

Additionally to that, a counter using a simple 64-bit (unsigned) integer should be sufficiently large. It will not overflow in practice and we should have rekeyed long before it happens.

We should then also encode the chunk size here using little endian, too.

Related discussion: tendermint/tmkms#38 (comment)

cc @tarcieri @ValarDragon

[melekes]

This is not done, right? "We should then also encode the chunk size here using little endian, too."

[liamsi]

It actually is: https://github.com/tendermint/tendermint/pull/2264/files#diff-86a753d5ca0a72f329d3e0f4c7ac2895R126
I think this can be closed now.