diff options
author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2015-02-07 16:37:19 +0000 |
---|---|---|
committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2015-02-07 16:37:19 +0000 |
commit | e4a1bd5b031e418a3c593c25cda5dc7996564ee7 (patch) | |
tree | f3323fd8056519b14676d5498c0c3f43f8f0d596 | |
parent | 088a15bf1d41164dc90794764422c96c6b0d9578 (diff) | |
download | rspamd-e4a1bd5b031e418a3c593c25cda5dc7996564ee7.tar.gz rspamd-e4a1bd5b031e418a3c593c25cda5dc7996564ee7.zip |
Fix cryptobox logic.
-rw-r--r-- | src/libcryptobox/chacha20/chacha.c | 2 | ||||
-rw-r--r-- | src/libcryptobox/cryptobox.c | 14 | ||||
-rw-r--r-- | src/libutil/http.c | 4 |
3 files changed, 14 insertions, 6 deletions
diff --git a/src/libcryptobox/chacha20/chacha.c b/src/libcryptobox/chacha20/chacha.c index caeba8edc..a165bea63 100644 --- a/src/libcryptobox/chacha20/chacha.c +++ b/src/libcryptobox/chacha20/chacha.c @@ -170,7 +170,7 @@ chacha_update (chacha_state *S, const unsigned char *in, unsigned char *out, size_t bytes; /* enough for at least one block? */ - if ((state->leftover + inlen) >= CHACHA_BLOCKBYTES) { + while ((state->leftover + inlen) >= CHACHA_BLOCKBYTES) { /* handle the previous data */ if (state->leftover) { bytes = (CHACHA_BLOCKBYTES - state->leftover); diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c index b2ec6aec8..49364d096 100644 --- a/src/libcryptobox/cryptobox.c +++ b/src/libcryptobox/cryptobox.c @@ -121,9 +121,17 @@ void rspamd_cryptobox_nm (rspamd_nm_t nm, const rspamd_pk_t pk, const rspamd_sk_t sk) { guchar s[rspamd_cryptobox_PKBYTES]; + guchar e[rspamd_cryptobox_SKBYTES]; - curve25519 (s, sk, pk); + memcpy (e, sk, rspamd_cryptobox_SKBYTES); + e[0] &= 248; + e[31] &= 127; + e[31] |= 64; + + curve25519 (s, e, pk); hchacha (s, n0, nm, 20); + + rspamd_explicit_memzero (e, rspamd_cryptobox_SKBYTES); } void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len, @@ -131,7 +139,7 @@ void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len, const rspamd_nm_t nm, rspamd_sig_t sig) { poly1305_context mac_ctx; - guchar subkey[32]; + guchar subkey[CHACHA_BLOCKBYTES]; chacha_state s; gsize r; @@ -155,7 +163,7 @@ rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, const rspamd_nm_t nm, const rspamd_sig_t sig) { poly1305_context mac_ctx; - guchar subkey[32]; + guchar subkey[CHACHA_BLOCKBYTES]; rspamd_sig_t mac; chacha_state s; gsize r; diff --git a/src/libutil/http.c b/src/libutil/http.c index 8f9d42c2a..d66511fd5 100644 --- a/src/libutil/http.c +++ b/src/libutil/http.c @@ -617,14 +617,14 @@ rspamd_http_on_message_complete (http_parser * parser) peer_key = (struct rspamd_http_keypair *)priv->msg->peer_key; if (conn->cache) { - if (rspamd_cryptobox_decrypt_nm_inplace (m, dec_len, nonce, + if (!rspamd_cryptobox_decrypt_nm_inplace (m, dec_len, nonce, peer_key->nm, m - rspamd_cryptobox_MACBYTES) != 0) { msg_err ("cannot verify encrypted message"); return -1; } } else { - if (rspamd_cryptobox_decrypt_inplace (m, dec_len, nonce, + if (!rspamd_cryptobox_decrypt_inplace (m, dec_len, nonce, peer_key->pk, priv->local_key->sk, m - rspamd_cryptobox_MACBYTES) != 0) { msg_err ("cannot verify encrypted message"); |