/*
- payload.c
+ payload.c
Author: Pekka Riikonen <priikone@silcnet.org>
- Copyright (C) 2000 - 2001 Pekka Riikonen
+ Copyright (C) 2000 - 2002 Pekka Riikonen
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
+ the Free Software Foundation; version 2 of the License.
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
if (!payload)
return SILC_SKE_STATUS_ERROR;
- buf = silc_buffer_alloc(payload->len);
+ buf = silc_buffer_alloc_size(payload->len);
if (!buf)
return SILC_SKE_STATUS_OUT_OF_MEMORY;
- silc_buffer_pull_tail(buf, SILC_BUFFER_END(buf));
/* Encode the payload */
ret = silc_buffer_format(buf,
}
if (tmp != 0) {
- SILC_LOG_DEBUG(("Bad reserved field"));
SILC_LOG_ERROR(("Bad RESERVED field in KE Start Payload"));
status = SILC_SKE_STATUS_BAD_RESERVED_FIELD;
goto err;
goto err;
}
+ /* Check for mandatory fields */
+ if (!payload->cookie || !payload->version_len ||
+ !payload->ke_grp_len || !payload->pkcs_alg_len ||
+ !payload->enc_alg_len || !payload->hash_alg_len ||
+ !payload->hmac_alg_len) {
+ SILC_LOG_ERROR(("KE Start Payload is missing mandatory fields"));
+ status = SILC_SKE_STATUS_BAD_PAYLOAD;
+ goto err;
+ }
+
/* Return the payload */
*return_payload = payload;
/* Allocate channel payload buffer. The length of the buffer
is 4 + public key + 2 + x + 2 + signature. */
- buf = silc_buffer_alloc(4 + payload->pk_len + 2 + x_len +
- 2 + payload->sign_len);
+ buf = silc_buffer_alloc_size(4 + payload->pk_len + 2 + x_len +
+ 2 + payload->sign_len);
if (!buf)
return SILC_SKE_STATUS_OUT_OF_MEMORY;
- silc_buffer_pull_tail(buf, SILC_BUFFER_END(buf));
/* Encode the payload */
ret = silc_buffer_format(buf,
goto err;
}
- if (ske->start_payload &&
- (payload->pk_type < SILC_SKE_PK_TYPE_SILC ||
- payload->pk_type > SILC_SKE_PK_TYPE_SPKI)) {
+ if (ske->start_payload &&
+ ((payload->pk_type < SILC_SKE_PK_TYPE_SILC ||
+ payload->pk_type > SILC_SKE_PK_TYPE_SPKI) || !payload->pk_len)) {
SILC_LOG_ERROR(("Malformed public key in KE payload"));
status = SILC_SKE_STATUS_BAD_PAYLOAD;
goto err;
tot_len += x_len + 2;
tot_len += payload->sign_len + 2;
- if (x_len < 3) {
- SILC_LOG_ERROR(("Too short signature in KE Payload"));
+ if (x_len < 16) {
+ SILC_LOG_ERROR(("Too short DH value in KE Payload"));
status = SILC_SKE_STATUS_BAD_PAYLOAD;
goto err;
}