SilcHmac hmac;
unsigned char *iv;
SilcUInt16 payload_len;
+ SilcID *sid;
+ SilcID *rid;
} SilcMessageEncode;
SilcBool static_key,
SilcCipher cipher,
SilcHmac hmac,
+ unsigned char *sender_id,
+ SilcUInt32 sender_id_len,
+ unsigned char *receiver_id,
+ SilcUInt32 receiver_id_len,
SilcBool check_mac)
{
SilcUInt32 mac_len, iv_len = 0, block_len;
SILC_LOG_DEBUG(("Checking message MAC"));
silc_hmac_init(hmac);
silc_hmac_update(hmac, data, data_len - mac_len);
+ silc_hmac_update(hmac, sender_id, sender_id_len);
+ silc_hmac_update(hmac, receiver_id, receiver_id_len);
silc_hmac_final(hmac, mac, &mac_len);
if (silc_unlikely(memcmp(data + (data_len - mac_len), mac, mac_len))) {
+#if 0
SILC_LOG_DEBUG(("Message MAC does not match"));
return FALSE;
+#else
+ /* Check for old style message MAC. Remove this check at some point. */
+ silc_hmac_init(hmac);
+ silc_hmac_update(hmac, data, data_len - mac_len);
+ silc_hmac_final(hmac, mac, &mac_len);
+ if (silc_unlikely(memcmp(data + (data_len - mac_len), mac, mac_len))) {
+ SILC_LOG_DEBUG(("Message MAC does not match"));
+#endif
+ return FALSE;
+ }
}
SILC_LOG_DEBUG(("MAC is Ok"));
}
SilcBool static_key,
SilcCipher cipher,
SilcHmac hmac,
+ unsigned char *sender_id,
+ SilcUInt32 sender_id_len,
+ unsigned char *receiver_id,
+ SilcUInt32 receiver_id_len,
SilcStack stack,
SilcBool no_allocation,
SilcMessagePayload message)
if (silc_likely(cipher)) {
ret = silc_message_payload_decrypt(buffer.data, silc_buffer_len(&buffer),
private_message, static_key,
- cipher, hmac, TRUE);
+ cipher, hmac, sender_id,
+ sender_id_len, receiver_id,
+ receiver_id_len, TRUE);
if (silc_unlikely(ret == FALSE))
return NULL;
}
SilcUInt32 data_len,
SilcUInt32 true_len,
unsigned char *iv,
+ SilcID *sender_id,
+ SilcID *receiver_id,
SilcCipher cipher,
SilcHmac hmac)
{
+#if 0
+ unsigned char sid[32], rid[32];
+ SilcUInt32 sid_len = 0, rid_len = 0;
+#endif /* 0 */
+
/* Encrypt payload of the packet */
if (silc_unlikely(!silc_cipher_encrypt(cipher, data, data, data_len, iv)))
return FALSE;
+#if 0 /* For now this is disabled. Enable at 1.1.x or 1.2 at the latest. */
+ /* Encode IDs */
+ silc_id_id2str(&sender_id->u.client_id, SILC_ID_CLIENT, sid, sizeof(sid),
+ &sid_len);
+ if (receiver_id->type == SILC_ID_CLIENT)
+ silc_id_id2str(&receiver_id->u.client_id, SILC_ID_CLIENT, rid,
+ sizeof(rid), &rid_len);
+ else if (receiver_id->type == SILC_ID_CHANNEL)
+ silc_id_id2str(&receiver_id->u.channel_id, SILC_ID_CHANNEL, rid,
+ sizeof(rid), &rid_len);
+#endif /* 0 */
+
/* Compute the MAC of the encrypted message data */
silc_hmac_init(hmac);
silc_hmac_update(hmac, data, true_len);
+#if 0
+ silc_hmac_update(hmac, sid, sid_len);
+ silc_hmac_update(hmac, rid, rid_len);
+#endif /* 0 */
silc_hmac_final(hmac, data + true_len, NULL);
return TRUE;
if (silc_unlikely(!silc_message_payload_encrypt(buffer->head,
e->payload_len,
silc_buffer_headlen(buffer),
- e->iv, e->cipher, e->hmac)))
+ e->iv, e->sid, e->rid,
+ e->cipher, e->hmac)))
return -1;
return mac_len;
SilcPublicKey public_key,
SilcPrivateKey private_key,
SilcHash hash,
+ SilcID *sender_id,
+ SilcID *receiver_id,
SilcBuffer buffer)
{
SilcUInt32 pad_len = 0, mac_len = 0, iv_len = 0;
e.hash = hash;
e.cipher = cipher;
e.hmac = hmac;
+ e.sid = sender_id;
+ e.rid = receiver_id;
e.iv = iv_len ? iv : NULL;
e.payload_len = 6 + data_len + pad_len;
void silc_message_payload_free(SilcMessagePayload payload)
{
+ silc_message_signed_payload_free(&payload->sig);
if (payload->data) {
memset(payload->data, 0, payload->data_len);
if (payload->allocated)
silc_free(payload->pad);
silc_free(payload);
}
- silc_message_signed_payload_free(&payload->sig);
}
/* Return flags */