X-Git-Url: http://git.meshlink.io/?a=blobdiff_plain;f=src%2Fsptps.c;h=2e9ac6fe63331917c320805fdac592fea91753f7;hb=fe1a9111456a73a6e690927e90d8bfa1e1d0ad22;hp=e03b18a8b12e498182ee16b04deb37f337d90be1;hpb=2cfd1205dc9c6e9d42cc569f415afe13f52357ec;p=meshlink diff --git a/src/sptps.c b/src/sptps.c index e03b18a8..2e9ac6fe 100644 --- a/src/sptps.c +++ b/src/sptps.c @@ -371,12 +371,20 @@ static bool receive_handshake(sptps_t *s, const char *data, uint16_t len) { // Check datagram for valid HMAC bool sptps_verify_datagram(sptps_t *s, const void *data, size_t len) { - if(!s->instate || len < 21) - return error(s, EIO, "Received short packet"); + if (!s->instate) + return error(s, EIO, "SPTPS state not ready to verify this datagram"); - // TODO: just decrypt without updating the replay window + if(len < 21) + return error(s, EIO, "Received short packet in sptps_verify_datagram"); - return true; + uint32_t seqno; + memcpy(&seqno, data, 4); + seqno = ntohl(seqno); + // TODO: check whether seqno makes sense, to avoid CPU intensive decrypt + + char buffer[len]; + size_t outlen; + return chacha_poly1305_decrypt(s->incipher, seqno, data + 4, len - 4, buffer, &outlen); } // Receive incoming data, datagram version. @@ -384,7 +392,7 @@ static bool sptps_receive_data_datagram(sptps_t *s, const void *vdata, size_t le const char *data = vdata; if(len < (s->instate ? 21 : 5)) - return error(s, EIO, "Received short packet"); + return error(s, EIO, "Received short packet in sptps_receive_data_datagram"); uint32_t seqno; memcpy(&seqno, data, 4); @@ -557,6 +565,9 @@ bool sptps_receive_data(sptps_t *s, const void *data, size_t len) { // Start a SPTPS session. bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_t *mykey, ecdsa_t *hiskey, const char *label, size_t labellen, send_data_t send_data, receive_record_t receive_record) { + if(!s || !mykey || !hiskey || !label || !labellen || !send_data || !receive_record) + return error(s, EINVAL, "Invalid argument to sptps_start()"); + // Initialise struct sptps memset(s, 0, sizeof *s);