X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=blobdiff_plain;f=transform.c;h=289b02e57e899611d0fc96880dfad435b36fc5be;hp=8fdf9fd80a350b254bb4e2d7380a31a9babc77f9;hb=19e9a588dc058584fbda9d31080a2581c3fd5269;hpb=076bb54e68477f883033bee696c9c5f801ece2f2

diff --git a/transform.c b/transform.c
index 8fdf9fd..289b02e 100644
--- a/transform.c
+++ b/transform.c
@@ -68,6 +68,13 @@ static bool_t transform_setkey(void *sst, uint8_t *key, int32_t keylen)
     return True;
 }
 
+static bool_t transform_valid(void *sst)
+{
+    struct transform_inst *ti=sst;
+
+    return ti->keyed;
+}
+
 static void transform_delkey(void *sst)
 {
     struct transform_inst *ti=sst;
@@ -171,6 +178,10 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
 	return 1;
     }
 
+    if (buf->size < 4 + 16 + 16) {
+	*errmsg="msg too short";
+	return 1;
+    }
 
     /* CBC */
     memset(iv,0,16);
@@ -181,6 +192,7 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
     /* Assert bufsize is multiple of blocksize */
     if (buf->size&0xf) {
 	*errmsg="msg not multiple of cipher blocksize";
+	return 1;
     }
     serpent_encrypt(&ti->cryptkey,iv,iv);
     for (n=buf->start; n<buf->start+buf->size; n+=16)
@@ -242,7 +254,7 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
     } else {
 	/* Too much skew */
 	*errmsg="seqnum: too much skew";
-	return 1;
+	return 2;
     }
     
     return 0;
@@ -266,6 +278,7 @@ static struct transform_inst_if *transform_create(void *sst)
 
     ti->ops.st=ti;
     ti->ops.setkey=transform_setkey;
+    ti->ops.valid=transform_valid;
     ti->ops.delkey=transform_delkey;
     ti->ops.forwards=transform_forward;
     ti->ops.reverse=transform_reverse;