chiark
/
gitweb
/
~ian
/
secnet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
site: transport peers: fix incorrect stride when debug output enabled
[secnet.git]
/
transform.c
diff --git
a/transform.c
b/transform.c
index dc6ac3ea097ab2e6815d3ccdf10dd9e2ce1e37d6..f55aa447dfd41c1c64c3dfc6b658010057b77d55 100644
(file)
--- a/
transform.c
+++ b/
transform.c
@@
-19,7
+19,6
@@
struct transform {
closure_t cl;
struct transform {
closure_t cl;
- uint32_t line;
struct transform_if ops;
uint32_t max_seq_skew;
};
struct transform_if ops;
uint32_t max_seq_skew;
};
@@
-38,7
+37,7
@@
struct transform_inst {
#define PKCS5_MASK 15
#define PKCS5_MASK 15
-static bool_t transform_setkey(void *sst, uint8_t *key,
u
int32_t keylen)
+static bool_t transform_setkey(void *sst, uint8_t *key, int32_t keylen)
{
struct transform_inst *ti=sst;
{
struct transform_inst *ti=sst;
@@
-73,8
+72,8
@@
static void transform_delkey(void *sst)
{
struct transform_inst *ti=sst;
{
struct transform_inst *ti=sst;
-
memset(&ti->cryptkey,0,sizeof(ti->cryptkey)
);
-
memset(&ti->mackey,0,sizeof(ti->mackey)
);
+
FILLZERO(ti->cryptkey
);
+
FILLZERO(ti->mackey
);
ti->keyed=False;
}
ti->keyed=False;
}
@@
-157,7
+156,7
@@
static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
{
struct transform_inst *ti=sst;
uint8_t *padp;
{
struct transform_inst *ti=sst;
uint8_t *padp;
-
unsigned
padlen;
+
int
padlen;
int i;
uint32_t seqnum, skew;
uint8_t iv[16];
int i;
uint32_t seqnum, skew;
uint8_t iv[16];
@@
-172,6
+171,10
@@
static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
return 1;
}
return 1;
}
+ if (buf->size < 4 + 16 + 16) {
+ *errmsg="msg too short";
+ return 1;
+ }
/* CBC */
memset(iv,0,16);
/* CBC */
memset(iv,0,16);
@@
-182,6
+185,7
@@
static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
/* Assert bufsize is multiple of blocksize */
if (buf->size&0xf) {
*errmsg="msg not multiple of cipher blocksize";
/* Assert bufsize is multiple of blocksize */
if (buf->size&0xf) {
*errmsg="msg not multiple of cipher blocksize";
+ return 1;
}
serpent_encrypt(&ti->cryptkey,iv,iv);
for (n=buf->start; n<buf->start+buf->size; n+=16)
}
serpent_encrypt(&ti->cryptkey,iv,iv);
for (n=buf->start; n<buf->start+buf->size; n+=16)
@@
-253,7
+257,7
@@
static void transform_destroy(void *sst)
{
struct transform_inst *st=sst;
{
struct transform_inst *st=sst;
-
memset(st,0,sizeof(*st)
); /* Destroy key material */
+
FILLZERO(*st
); /* Destroy key material */
free(st);
}
free(st);
}
@@
-311,7
+315,6
@@
static list_t *transform_apply(closure_t *self, struct cloc loc,
return new_closure(&st->cl);
}
return new_closure(&st->cl);
}
-init_module transform_module;
void transform_module(dict_t *dict)
{
struct keyInstance k;
void transform_module(dict_t *dict)
{
struct keyInstance k;