From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Fri, 6 Feb 2015 23:04:33 +0000 (+0000)
Subject: Fix beforenm part.
X-Git-Tag: 0.9.0~752
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=ca93090f76b1c4b5536489d6c42fc983802b4c49;p=rspamd.git

Fix beforenm part.
---

diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c
index 972f341be..62ba3a907 100644
--- a/src/libcryptobox/cryptobox.c
+++ b/src/libcryptobox/cryptobox.c
@@ -26,14 +26,11 @@
 #include "chacha20/chacha.h"
 #include "poly1305/poly1305-donna.h"
 #include "curve25519/curve25519.h"
+#include "ottery.h"
 
 unsigned long cpu_config = 0;
 
 static const guchar n0[16] = {0};
-static const unsigned char sigma[16] = {
-		'e', 'x', 'p', 'a', 'n', 'd', ' ', '3', '2',
-		'-', 'b', 'y', 't', 'e', ' ', 'k'
-};
 
 #ifdef HAVE_WEAK_SYMBOLS
 __attribute__((weak)) void
@@ -121,7 +118,7 @@ rspamd_cryptobox_keypair (rspamd_pk_t pk, rspamd_sk_t sk)
 }
 
 void
-rspamd_cryptobox_nm (rspamd_nm_t nm, rspamd_pk_t pk, rspamd_sk_t sk)
+rspamd_cryptobox_nm (rspamd_nm_t nm, const rspamd_pk_t pk, const rspamd_sk_t sk)
 {
 	guchar s[rspamd_cryptobox_PKBYTES];
 
@@ -183,3 +180,31 @@ rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len,
 
 	return ret;
 }
+
+gboolean
+rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len,
+		const rspamd_nonce_t nonce,
+		const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_sig_t sig)
+{
+	guchar nm[rspamd_cryptobox_NMBYTES];
+	gboolean ret;
+
+	rspamd_cryptobox_nm (nm, pk, sk);
+	ret = rspamd_cryptobox_decrypt_nm_inplace (data, len, nonce, nm, sig);
+
+	rspamd_explicit_memzero (nm, sizeof (nm));
+
+	return ret;
+}
+
+void
+rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len,
+		const rspamd_nonce_t nonce,
+		const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_sig_t sig)
+{
+	guchar nm[rspamd_cryptobox_NMBYTES];
+
+	rspamd_cryptobox_nm (nm, pk, sk);
+	rspamd_cryptobox_encrypt_nm_inplace (data, len, nonce, nm, sig);
+	rspamd_explicit_memzero (nm, sizeof (nm));
+}
diff --git a/src/libcryptobox/cryptobox.h b/src/libcryptobox/cryptobox.h
index f0df9a188..0a689d7de 100644
--- a/src/libcryptobox/cryptobox.h
+++ b/src/libcryptobox/cryptobox.h
@@ -107,7 +107,7 @@ gboolean rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len,
  * @param pk remote pubkey
  * @param sk local privkey
  */
-void rspamd_cryptobox_nm (rspamd_nm_t nm, rspamd_pk_t pk, rspamd_sk_t sk);
+void rspamd_cryptobox_nm (rspamd_nm_t nm, const rspamd_pk_t pk, const rspamd_sk_t sk);
 
 /**
  * Securely clear the buffer specified