aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2015-02-07 16:37:19 +0000
committerVsevolod Stakhov <vsevolod@highsecure.ru>2015-02-07 16:37:19 +0000
commite4a1bd5b031e418a3c593c25cda5dc7996564ee7 (patch)
treef3323fd8056519b14676d5498c0c3f43f8f0d596 /src
parent088a15bf1d41164dc90794764422c96c6b0d9578 (diff)
downloadrspamd-e4a1bd5b031e418a3c593c25cda5dc7996564ee7.tar.gz
rspamd-e4a1bd5b031e418a3c593c25cda5dc7996564ee7.zip
Fix cryptobox logic.
Diffstat (limited to 'src')
-rw-r--r--src/libcryptobox/chacha20/chacha.c2
-rw-r--r--src/libcryptobox/cryptobox.c14
-rw-r--r--src/libutil/http.c4
3 files changed, 14 insertions, 6 deletions
diff --git a/src/libcryptobox/chacha20/chacha.c b/src/libcryptobox/chacha20/chacha.c
index caeba8edc..a165bea63 100644
--- a/src/libcryptobox/chacha20/chacha.c
+++ b/src/libcryptobox/chacha20/chacha.c
@@ -170,7 +170,7 @@ chacha_update (chacha_state *S, const unsigned char *in, unsigned char *out,
size_t bytes;
/* enough for at least one block? */
- if ((state->leftover + inlen) >= CHACHA_BLOCKBYTES) {
+ while ((state->leftover + inlen) >= CHACHA_BLOCKBYTES) {
/* handle the previous data */
if (state->leftover) {
bytes = (CHACHA_BLOCKBYTES - state->leftover);
diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c
index b2ec6aec8..49364d096 100644
--- a/src/libcryptobox/cryptobox.c
+++ b/src/libcryptobox/cryptobox.c
@@ -121,9 +121,17 @@ void
rspamd_cryptobox_nm (rspamd_nm_t nm, const rspamd_pk_t pk, const rspamd_sk_t sk)
{
guchar s[rspamd_cryptobox_PKBYTES];
+ guchar e[rspamd_cryptobox_SKBYTES];
- curve25519 (s, sk, pk);
+ memcpy (e, sk, rspamd_cryptobox_SKBYTES);
+ e[0] &= 248;
+ e[31] &= 127;
+ e[31] |= 64;
+
+ curve25519 (s, e, pk);
hchacha (s, n0, nm, 20);
+
+ rspamd_explicit_memzero (e, rspamd_cryptobox_SKBYTES);
}
void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len,
@@ -131,7 +139,7 @@ void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len,
const rspamd_nm_t nm, rspamd_sig_t sig)
{
poly1305_context mac_ctx;
- guchar subkey[32];
+ guchar subkey[CHACHA_BLOCKBYTES];
chacha_state s;
gsize r;
@@ -155,7 +163,7 @@ rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len,
const rspamd_nonce_t nonce, const rspamd_nm_t nm, const rspamd_sig_t sig)
{
poly1305_context mac_ctx;
- guchar subkey[32];
+ guchar subkey[CHACHA_BLOCKBYTES];
rspamd_sig_t mac;
chacha_state s;
gsize r;
diff --git a/src/libutil/http.c b/src/libutil/http.c
index 8f9d42c2a..d66511fd5 100644
--- a/src/libutil/http.c
+++ b/src/libutil/http.c
@@ -617,14 +617,14 @@ rspamd_http_on_message_complete (http_parser * parser)
peer_key = (struct rspamd_http_keypair *)priv->msg->peer_key;
if (conn->cache) {
- if (rspamd_cryptobox_decrypt_nm_inplace (m, dec_len, nonce,
+ if (!rspamd_cryptobox_decrypt_nm_inplace (m, dec_len, nonce,
peer_key->nm, m - rspamd_cryptobox_MACBYTES) != 0) {
msg_err ("cannot verify encrypted message");
return -1;
}
}
else {
- if (rspamd_cryptobox_decrypt_inplace (m, dec_len, nonce,
+ if (!rspamd_cryptobox_decrypt_inplace (m, dec_len, nonce,
peer_key->pk, priv->local_key->sk,
m - rspamd_cryptobox_MACBYTES) != 0) {
msg_err ("cannot verify encrypted message");