chiark / gitweb /
site: Make return value of transforms be an enum
authorIan Jackson <ijackson@chiark.greenend.org.uk>
Tue, 14 May 2019 23:23:47 +0000 (00:23 +0100)
committerIan Jackson <ijackson@chiark.greenend.org.uk>
Sat, 18 May 2019 01:16:37 +0000 (02:16 +0100)
We are going to need to distinguish more cases.  It was always bad to
have these hardcoded values.

transform_apply_seqrange is, right now, returned even when the problem
is that the packet is recent but is a duplicate.  This is wrong.

No functional change.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
secnet.h
site.c
transform-cbcmac.c
transform-common.h
transform-eax.c

index fe1f484..361c49e 100644 (file)
--- a/secnet.h
+++ b/secnet.h
@@ -543,13 +543,16 @@ typedef bool_t transform_setkey_fn(void *st, uint8_t *key, int32_t keylen,
 typedef bool_t transform_valid_fn(void *st); /* 0: no key; 1: ok */
 typedef void transform_delkey_fn(void *st);
 typedef void transform_destroyinstance_fn(void *st);
-/* Returns:
- *   0: all is well
- *   1: for any other problem
- *   2: message decrypted but sequence number was out of range
- */
-typedef uint32_t transform_apply_fn(void *st, struct buffer_if *buf,
-                                   const char **errmsg);
+
+typedef enum {
+    transform_apply_ok       = 0, /* all is well (everyone may assume==0) */
+    transform_apply_err      = 1, /* any other problem */
+    transform_apply_seqrange = 2,
+        /* message decrypted but sequence number was out of range */
+} transform_apply_return;
+
+typedef transform_apply_return transform_apply_fn(void *st,
+        struct buffer_if *buf, const char **errmsg);
 
 struct transform_inst_if {
     void *st;
diff --git a/site.c b/site.c
index db14523..0db109f 100644 (file)
--- a/site.c
+++ b/site.c
@@ -470,14 +470,15 @@ static bool_t current_valid(struct site *st)
 }
 
 #define DEFINE_CALL_TRANSFORM(fwdrev)                                  \
-static int call_transform_##fwdrev(struct site *st,                    \
+static transform_apply_return                                           \
+call_transform_##fwdrev(struct site *st,                               \
                                   struct transform_inst_if *transform, \
                                   struct buffer_if *buf,               \
                                   const char **errmsg)                 \
 {                                                                      \
     if (!is_transform_valid(transform)) {                              \
        *errmsg="transform not set up";                                 \
-       return 1;                                                       \
+       return transform_apply_err;                                     \
     }                                                                  \
     return transform->fwdrev(transform->st,buf,errmsg);                        \
 }
@@ -1029,8 +1030,9 @@ static void create_msg6(struct site *st, struct transform_inst_if *transform,
     /* Give the netlink code an opportunity to put its own stuff in the
        message (configuration information, etc.) */
     buf_prepend_uint32(&st->buffer,LABEL_MSG6);
-    int problem = call_transform_forwards(st,transform,
-                                         &st->buffer,&transform_err);
+    transform_apply_return problem =
+       call_transform_forwards(st,transform,
+                               &st->buffer,&transform_err);
     assert(!problem);
     buf_prepend_uint32(&st->buffer,LABEL_MSG6);
     buf_prepend_uint32(&st->buffer,st->index);
@@ -1075,7 +1077,7 @@ static bool_t decrypt_msg0(struct site *st, struct buffer_if *msg0,
 {
     cstring_t transform_err, auxkey_err, newkey_err="n/a";
     struct msg0 m;
-    uint32_t problem;
+    transform_apply_return problem;
 
     if (!unpick_msg0(st,msg0,&m)) return False;
 
@@ -1090,13 +1092,13 @@ static bool_t decrypt_msg0(struct site *st, struct buffer_if *msg0,
                           "peer has used new key","auxiliary key",LOG_SEC);
        return True;
     }
-    if (problem==2)
+    if (problem==transform_apply_seqrange)
        goto skew;
 
     buffer_copy(msg0, &st->scratch);
     problem = call_transform_reverse(st,st->auxiliary_key.transform,
                                     msg0,&auxkey_err);
-    if (problem==0) {
+    if (!problem) {
        slog(st,LOG_DROP,"processing packet which uses auxiliary key");
        if (st->auxiliary_is_new) {
            /* We previously timed out in state SENTMSG5 but it turns
@@ -1115,7 +1117,7 @@ static bool_t decrypt_msg0(struct site *st, struct buffer_if *msg0,
        }
        return True;
     }
-    if (problem==2)
+    if (problem==transform_apply_seqrange)
        goto skew;
 
     if (st->state==SITE_SENTMSG5) {
@@ -1131,7 +1133,7 @@ static bool_t decrypt_msg0(struct site *st, struct buffer_if *msg0,
            activate_new_key(st);
            return True; /* do process the data in this packet */
        }
-       if (problem==2)
+       if (problem==transform_apply_seqrange)
            goto skew;
     }
 
index 7e6a1f7..5e59e21 100644 (file)
@@ -101,8 +101,8 @@ static void transform_delkey(void *sst)
     ti->keyed=False;
 }
 
-static uint32_t transform_forward(void *sst, struct buffer_if *buf,
-                                 const char **errmsg)
+static transform_apply_return transform_forward(void *sst,
+            struct buffer_if *buf, const char **errmsg)
 {
     struct transform_inst *ti=sst;
     uint8_t *padp;
@@ -172,8 +172,8 @@ static uint32_t transform_forward(void *sst, struct buffer_if *buf,
     return 0;
 }
 
-static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
-                                 const char **errmsg)
+static transform_apply_return transform_reverse(void *sst,
+                struct buffer_if *buf, const char **errmsg)
 {
     struct transform_inst *ti=sst;
     uint8_t *padp;
@@ -191,7 +191,7 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
 
     if (buf->size < 4 + 16 + 16) {
        *errmsg="msg too short";
-       return 1;
+       return transform_apply_err;
     }
 
     /* CBC */
@@ -203,7 +203,7 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
     /* Assert bufsize is multiple of blocksize */
     if (buf->size&0xf) {
        *errmsg="msg not multiple of cipher blocksize";
-       return 1;
+       return transform_apply_err;
     }
     serpentbe_encrypt(&ti->cryptkey,iv,iv);
     for (n=buf->start; n<buf->start+buf->size; n+=16)
@@ -233,7 +233,7 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
     serpentbe_encrypt(&ti->mackey,macacc,macacc);
     if (!consttime_memeq(macexpected,macacc,16)!=0) {
        *errmsg="invalid MAC";
-       return 1;
+       return transform_apply_err;
     }
 
     /* PKCS5, stolen from IWJ */
@@ -242,7 +242,7 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
     padlen=*padp;
     if (!padlen || (padlen > PKCS5_MASK+1)) {
        *errmsg="pkcs5: invalid length";
-       return 1;
+       return transform_apply_err;
     }
 
     buf_unappend(buf,padlen-1);
index f35b5f6..2e78833 100644 (file)
@@ -25,7 +25,7 @@
 #define KEYED_CHECK do{                                \
        if (!ti->keyed) {                       \
            *errmsg="transform unkeyed";        \
-           return 1;                           \
+           return transform_apply_err;         \
        }                                       \
     }while(0)
 
@@ -47,13 +47,13 @@ typedef uint32_t recvbitmap_type;
        } else {                                                \
            /* Too much skew */                                 \
            *errmsg="seqnum: too much skew";                    \
-           return 2;                                           \
+           return transform_apply_seqrange;                    \
        }                                                       \
        if ((p)->dedupe) {                                      \
            recvbitmap_type recvbit=(uint32_t)1 << skew;        \
            if (ti->recvbitmap & recvbit) {                     \
                *errmsg="seqnum: duplicate";                    \
-               return 2;                                       \
+               return transform_apply_seqrange;                \
            }                                                   \
            ti->recvbitmap |= recvbit;                          \
        }                                                       \
index 78f53ff..c6da1d3 100644 (file)
@@ -167,8 +167,8 @@ static void transform_delkey(void *sst)
     ti->keyed=False;
 }
 
-static uint32_t transform_forward(void *sst, struct buffer_if *buf,
-                                 const char **errmsg)
+static transform_apply_return transform_forward(void *sst,
+        struct buffer_if *buf, const char **errmsg)
 {
     struct transform_inst *ti=sst;
 
@@ -205,8 +205,8 @@ static uint32_t transform_forward(void *sst, struct buffer_if *buf,
     return 0;
 }
 
-static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
-                                 const char **errmsg)
+static transform_apply_return transform_reverse(void *sst,
+        struct buffer_if *buf, const char **errmsg)
 {
     struct transform_inst *ti=sst;
 
@@ -233,7 +233,7 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
     if (!ok) {
        TEAX_DEBUG(0,0);
        *errmsg="EAX decryption failed";
-       return 1;
+       return transform_apply_err;
     }
     assert(buf->size >= (int)ti->p.tag_length);
     buf->size -= ti->p.tag_length;
@@ -256,7 +256,7 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
 
  too_short:
     *errmsg="ciphertext or plaintext too short";
-    return 1;
+    return transform_apply_err;
 }
 
 static struct transform_inst_if *transform_create(void *sst)