From 0c9ef6122ec3e5acc524e10d67f4c2bd881bc359 Mon Sep 17 00:00:00 2001
From: tsousa111 <tiagao2001@hotmail.com>
Date: Mon, 22 Apr 2024 19:30:43 +0100
Subject: [PATCH] [PD1] changed the order of signature and content

---
 Projs/PD1/internal/utils/cryptoUtils/cryptoUtils.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/Projs/PD1/internal/utils/cryptoUtils/cryptoUtils.go b/Projs/PD1/internal/utils/cryptoUtils/cryptoUtils.go
index 86b147c..c3e0eb4 100644
--- a/Projs/PD1/internal/utils/cryptoUtils/cryptoUtils.go
+++ b/Projs/PD1/internal/utils/cryptoUtils/cryptoUtils.go
@@ -160,11 +160,13 @@ func (k KeyStore) EncryptMessageContent(receiverCert *x509.Certificate, content
 
 	// sign the message and append the signature
 	hashedContent := sha256.Sum256(content)
+    // NOTE: in this case the sign then encrypt method is used
+    // but should it be used over the encrypt then sign method?
 	signature, err := rsa.SignPKCS1v15(nil, k.privKey, crypto.SHA256, hashedContent[:])
 	if err != nil {
 		log.Panicln("Could not create content signature: ", err)
 	}
-	content = pair(content, signature)
+	content = pair(signature, content)
 	ciphertext := cipher.Seal(nonce, nonce, content, nil)
 
 	// crypto/rand.Reader is a good source of entropy for randomizing the
@@ -196,7 +198,7 @@ func (k KeyStore) DecryptMessageContent(senderCert *x509.Certificate, cipherCont
 		log.Panicln("Could not decrypt ciphertext: ", err)
 	}
 	// check signature with sender public key
-	content, signature := unPair(contentAndSig)
+	signature, content:= unPair(contentAndSig)
 	hashedContent := sha256.Sum256(content)
 	senderKey := senderCert.PublicKey.(*rsa.PublicKey)
 	if err := rsa.VerifyPKCS1v15(senderKey, crypto.SHA256, hashedContent[:], signature); err != nil {