#include "prf.h"
#include "sptps.h"
-unsigned int sptps_replaywin = 32;
-
/*
Nonce MUST be exchanged first (done)
Signatures MUST be done over both nonces, to guarantee the signature is fresh
(void)s_errno;
(void)format;
(void)ap;
+
+ assert(format);
}
void sptps_log_stderr(sptps_t *s, int s_errno, const char *format, va_list ap) {
(void)s;
(void)s_errno;
+
+ assert(format);
+
vfprintf(stderr, format, ap);
fputc('\n', stderr);
}
-void (*sptps_log)(sptps_t *s, int s_errno, const char *format, va_list ap) = sptps_log_stderr;
+void (*sptps_log)(sptps_t *s, int s_errno, const char *format, va_list ap) = sptps_log_quiet;
// Log an error message.
static bool error(sptps_t *s, int s_errno, const char *format, ...) {
+ assert(s_errno);
+ assert(format);
+
if(format) {
va_list ap;
va_start(ap, format);
}
static void warning(sptps_t *s, const char *format, ...) {
+ assert(format);
+
va_list ap;
va_start(ap, format);
sptps_log(s, 0, format, ap);
// Send an application record.
bool sptps_send_record(sptps_t *s, uint8_t type, const void *data, uint16_t len) {
+ assert(!len || data);
+
// Sanity checks: application cannot send data before handshake is finished,
// and only record types 0..127 are allowed.
if(!s->outstate) {
// Generate key material from the shared secret created from the ECDHE key exchange.
static bool generate_key_material(sptps_t *s, const char *shared, size_t len) {
+ assert(shared);
+ assert(len);
+
// Initialise cipher and digest structures if necessary
if(!s->outstate) {
s->incipher = chacha_poly1305_init();
seqno = ntohl(seqno);
// TODO: check whether seqno makes sense, to avoid CPU intensive decrypt
- char buffer[len];
- size_t outlen;
- return chacha_poly1305_decrypt(s->incipher, seqno, data + 4, len - 4, buffer, &outlen);
+ return chacha_poly1305_verify(s->incipher, seqno, (const char *)data + 4, len - 4);
}
// Receive incoming data, datagram version.
// Decrypt
- char buffer[len];
+ if(len > s->decrypted_buffer_len) {
+ s->decrypted_buffer_len *= 2;
+ char *new_buffer = realloc(s->decrypted_buffer, s->decrypted_buffer_len);
+
+ if(!new_buffer) {
+ return error(s, errno, strerror(errno));
+ }
+
+ s->decrypted_buffer = new_buffer;
+ }
size_t outlen;
- if(!chacha_poly1305_decrypt(s->incipher, seqno, data + 4, len - 4, buffer, &outlen)) {
+ if(!chacha_poly1305_decrypt(s->incipher, seqno, data + 4, len - 4, s->decrypted_buffer, &outlen)) {
return error(s, EIO, "Failed to decrypt and verify packet");
}
}
// Append a NULL byte for safety.
- buffer[len - 20] = 0;
+ s->decrypted_buffer[len - 20] = 0;
- uint8_t type = buffer[0];
+ uint8_t type = s->decrypted_buffer[0];
if(type < SPTPS_HANDSHAKE) {
if(!s->instate) {
return error(s, EIO, "Application record received before handshake finished");
}
- if(!s->receive_record(s->handle, type, buffer + 1, len - 21)) {
+ if(!s->receive_record(s->handle, type, s->decrypted_buffer + 1, len - 21)) {
abort();
}
} else if(type == SPTPS_HANDSHAKE) {
- if(!receive_handshake(s, buffer + 1, len - 21)) {
+ if(!receive_handshake(s, s->decrypted_buffer + 1, len - 21)) {
abort();
}
} else {
return sptps_receive_data_datagram(s, data, len);
}
+ const char *ptr = data;
+
while(len) {
// First read the 2 length bytes.
if(s->buflen < 2) {
toread = len;
}
- memcpy(s->inbuf + s->buflen, data, toread);
+ memcpy(s->inbuf + s->buflen, ptr, toread);
s->buflen += toread;
len -= toread;
- data += toread;
+ ptr += toread;
// Exit early if we don't have the full length.
if(s->buflen < 2) {
toread = len;
}
- memcpy(s->inbuf + s->buflen, data, toread);
+ memcpy(s->inbuf + s->buflen, ptr, toread);
s->buflen += toread;
len -= toread;
- data += toread;
+ ptr += toread;
// If we don't have a whole record, exit.
if(s->buflen < s->reclen + (s->instate ? 19UL : 3UL)) {
s->datagram = datagram;
s->mykey = mykey;
s->hiskey = hiskey;
- s->replaywin = sptps_replaywin;
+ s->replaywin = 32;
+ s->decrypted_buffer_len = 1024;
+ s->decrypted_buffer = malloc(s->decrypted_buffer_len);
+
+ if(!s->decrypted_buffer) {
+ return error(s, errno, strerror(errno));
+ }
if(s->replaywin) {
s->late = malloc(s->replaywin);
free(s->key);
free(s->label);
free(s->late);
+ memset(s->decrypted_buffer, 0, s->decrypted_buffer_len);
+ free(s->decrypted_buffer);
memset(s, 0, sizeof(*s));
return true;
}