From 693fbd414983fdc87a34786093e0dbfab4542f6a Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Fri, 8 Aug 2014 11:52:13 +0200 Subject: [PATCH] Actually implement sptps_verify_datagram(), so try_mac() works. --- src/sptps.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/sptps.c b/src/sptps.c index e03b18a8..917b1e20 100644 --- a/src/sptps.c +++ b/src/sptps.c @@ -374,9 +374,14 @@ bool sptps_verify_datagram(sptps_t *s, const void *data, size_t len) { if(!s->instate || len < 21) return error(s, EIO, "Received short packet"); - // TODO: just decrypt without updating the replay window + uint32_t seqno; + memcpy(&seqno, data, 4); + seqno = ntohl(seqno); + // TODO: check whether seqno makes sense, to avoid CPU intensive decrypt - return true; + char buffer[len]; + size_t outlen; + return chacha_poly1305_decrypt(s->incipher, seqno, data + 4, len - 4, buffer, &outlen); } // Receive incoming data, datagram version. -- 2.39.5