Author: Pekka Riikonen <priikone@poseidon.pspt.fi>
- Copyright (C) 1997 - 2000 Pekka Riikonen
+ Copyright (C) 1997 - 2001 Pekka Riikonen
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
cannot be used. */
void silc_packet_encrypt(SilcCipher cipher, SilcHmac hmac,
- SilcBuffer buffer, unsigned int len)
+ SilcBuffer buffer, uint32 len)
{
unsigned char mac[32];
+ uint32 mac_len;
/* Compute HMAC. This assumes that HMAC is created from the entire
data area thus this uses the length found in buffer, not the length
sent as argument. */
if (hmac) {
- silc_hmac_make(hmac, buffer->data, buffer->len, mac);
- silc_buffer_put_tail(buffer, mac, hmac->hash->hash->hash_len);
+ silc_hmac_make(hmac, buffer->data, buffer->len, mac, &mac_len);
+ silc_buffer_put_tail(buffer, mac, mac_len);
memset(mac, 0, sizeof(mac));
}
/* Pull the HMAC into the visible data area in the buffer */
if (hmac)
- silc_buffer_pull_tail(buffer, hmac->hash->hash->hash_len);
+ silc_buffer_pull_tail(buffer, mac_len);
}
/* Assembles a new packet to be ready for send out. The buffer sent as
/* Get random padding */
#if 1
- for (i = 0; i < ctx->padlen; i++) tmppad[i] = silc_rng_get_byte(ctx->rng);
+ for (i = 0; i < ctx->padlen; i++) tmppad[i] = silc_rng_global_get_byte();
#else
/* XXX: For testing - to be removed */
memset(tmppad, 65, sizeof(tmppad));
outgoing buffer in SilcSocketConnection object. */
void silc_packet_send_prepare(SilcSocketConnection sock,
- unsigned int header_len,
- unsigned int padlen,
- unsigned int data_len)
+ uint32 header_len,
+ uint32 padlen,
+ uint32 data_len)
{
int totlen, oldlen;
SILC_LOG_DEBUG(("Could not read immediately, will do it later"));
return -2;
}
- SILC_LOG_ERROR(("Cannot read from socket: %d", strerror(errno)));
+ SILC_LOG_ERROR(("Cannot read from socket: %d:%s", sock, strerror(errno)));
return -1;
}
return;
if (hmac)
- mac_len = hmac->hash->hash->hash_len;
+ mac_len = hmac->hmac->len;
/* Parse the packets from the data */
count = 0;
if (packetlen < SILC_PACKET_MIN_LEN) {
SILC_LOG_DEBUG(("Received invalid packet, dropped"));
+ silc_buffer_clear(sock->inbuf);
return;
}
silc_buffer_pull(sock->inbuf, mac_len);
}
+ SILC_LOG_DEBUG(("Clearing inbound buffer"));
silc_buffer_clear(sock->inbuf);
}
/* Check MAC */
if (hmac) {
unsigned char mac[32];
+ uint32 mac_len;
SILC_LOG_DEBUG(("Verifying MAC"));
/* Compute HMAC of packet */
memset(mac, 0, sizeof(mac));
- silc_hmac_make(hmac, buffer->data, buffer->len, mac);
+ silc_hmac_make(hmac, buffer->data, buffer->len, mac, &mac_len);
/* Compare the HMAC's (buffer->tail has the packet's HMAC) */
- if (memcmp(mac, buffer->tail, hmac->hash->hash->hash_len)) {
+ if (memcmp(mac, buffer->tail, mac_len)) {
SILC_LOG_DEBUG(("MAC failed"));
return FALSE;
}
/* Pull MAC from packet before decryption */
if (hmac) {
- if ((buffer->len - hmac->hash->hash->hash_len) > SILC_PACKET_MIN_LEN) {
- silc_buffer_push_tail(buffer, hmac->hash->hash->hash_len);
+ if ((buffer->len - hmac->hmac->len) > SILC_PACKET_MIN_LEN) {
+ silc_buffer_push_tail(buffer, hmac->hmac->len);
} else {
SILC_LOG_DEBUG(("Bad MAC length in packet, packet dropped"));
return FALSE;
{
/* Decrypt rest of the header plus padding */
if (cipher) {
- unsigned short truelen, len1, len2, padlen;
+ uint16 truelen, len1, len2, padlen;
/* Pull MAC from packet before decryption */
if (hmac) {
- if ((buffer->len - hmac->hash->hash->hash_len) > SILC_PACKET_MIN_LEN) {
- silc_buffer_push_tail(buffer, hmac->hash->hash->hash_len);
+ if ((buffer->len - hmac->hmac->len) > SILC_PACKET_MIN_LEN) {
+ silc_buffer_push_tail(buffer, hmac->hmac->len);
} else {
SILC_LOG_DEBUG(("Bad MAC length in packet, packet dropped"));
return FALSE;
the HMAC of the packet. If any other special or customized decryption
processing is required this function cannot be used. This returns
-1 on error, 0 when packet is normal packet and 1 when the packet
- is special and requires special processing. */
+ is special and requires special processing.
+
+ The `check_packet' is a callback funtion that this function will
+ call. The callback relates to the checking whether the packet is
+ normal packet or special packet and how it should be processed. If
+ the callback return TRUE the packet is normal and FALSE if the packet
+ is special and requires special procesing. */
int silc_packet_decrypt(SilcCipher cipher, SilcHmac hmac,
- SilcBuffer buffer, SilcPacketContext *packet)
+ SilcBuffer buffer, SilcPacketContext *packet,
+ SilcPacketCheckDecrypt check_packet,
+ void *context)
{
+ int check;
/* Decrypt start of the packet header */
if (cipher)
- cipher->cipher->decrypt(cipher->context, buffer->data + 2,
- buffer->data + 2, SILC_PACKET_MIN_HEADER_LEN - 2,
- cipher->iv);
+ silc_cipher_decrypt(cipher, buffer->data + 2, buffer->data + 2,
+ SILC_PACKET_MIN_HEADER_LEN - 2, cipher->iv);
+
+ /* Do packet checking, whether the packet is normal or special */
+ check = check_packet((SilcPacketType)buffer->data[3], buffer,
+ packet, context);
/* If the packet type is not any special type lets decrypt rest
of the packet here. */
- if ((buffer->data[3] == SILC_PACKET_PRIVATE_MESSAGE &&
- !(buffer->data[2] & SILC_PACKET_FLAG_PRIVMSG_KEY)) ||
- buffer->data[3] != SILC_PACKET_CHANNEL_MESSAGE) {
-
+ if (check == TRUE) {
/* Normal packet, decrypt rest of the packet */
if (!silc_packet_decrypt_rest(cipher, hmac, buffer))
return -1;
projects / silc.git / blobdiff