// Check datagram for valid HMAC
bool sptps_verify_datagram(sptps_t *s, const void *data, size_t len) {
- if(!s->instate || len < 21)
- return error(s, EIO, "Received short packet");
+ if (!s->instate)
+ return error(s, EIO, "SPTPS state not ready to verify this datagram");
- // TODO: just decrypt without updating the replay window
+ if(len < 21)
+ return error(s, EIO, "Received short packet in sptps_verify_datagram");
- return true;
+ uint32_t seqno;
+ memcpy(&seqno, data, 4);
+ seqno = ntohl(seqno);
+ // TODO: check whether seqno makes sense, to avoid CPU intensive decrypt
+
+ char buffer[len];
+ size_t outlen;
+ return chacha_poly1305_decrypt(s->incipher, seqno, data + 4, len - 4, buffer, &outlen);
}
// Receive incoming data, datagram version.
const char *data = vdata;
if(len < (s->instate ? 21 : 5))
- return error(s, EIO, "Received short packet");
+ return error(s, EIO, "Received short packet in sptps_receive_data_datagram");
uint32_t seqno;
memcpy(&seqno, data, 4);
// Start a SPTPS session.
bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_t *mykey, ecdsa_t *hiskey, const char *label, size_t labellen, send_data_t send_data, receive_record_t receive_record) {
+ if(!s || !mykey || !hiskey || !label || !labellen || !send_data || !receive_record)
+ return error(s, EINVAL, "Invalid argument to sptps_start()");
+
// Initialise struct sptps
memset(s, 0, sizeof *s);