Check HMAC before sequence number.

This commit is contained in:
Guus Sliepen 2013-01-14 13:08:35 +01:00
parent 83a94ab08f
commit dd07c9fc1f

View file

@ -439,6 +439,19 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len
return receive_handshake(s, data + 5, len - 5); return receive_handshake(s, data + 5, len - 5);
} }
// Check HMAC.
uint16_t netlen = htons(len - 21);
char buffer[len + 23];
memcpy(buffer, &netlen, 2);
memcpy(buffer + 2, data, len);
memcpy(&seqno, buffer + 2, 4);
if(!digest_verify(&s->indigest, buffer, len - 14, buffer + len - 14))
return error(s, EIO, "Invalid HMAC");
// Replay protection using a sliding window of configurable size. // Replay protection using a sliding window of configurable size.
// s->inseqno is expected sequence number // s->inseqno is expected sequence number
// seqno is received sequence number // seqno is received sequence number
@ -473,19 +486,8 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len
if(seqno > s->inseqno) if(seqno > s->inseqno)
s->inseqno = seqno + 1; s->inseqno = seqno + 1;
uint16_t netlen = htons(len - 21);
char buffer[len + 23];
memcpy(buffer, &netlen, 2);
memcpy(buffer + 2, data, len);
memcpy(&seqno, buffer + 2, 4);
// Check HMAC and decrypt.
if(!digest_verify(&s->indigest, buffer, len - 14, buffer + len - 14))
return error(s, EIO, "Invalid HMAC");
// Decrypt.
cipher_set_counter(&s->incipher, &seqno, sizeof seqno); cipher_set_counter(&s->incipher, &seqno, sizeof seqno);
if(!cipher_counter_xor(&s->incipher, buffer + 6, len - 4, buffer + 6)) if(!cipher_counter_xor(&s->incipher, buffer + 6, len - 4, buffer + 6))
return false; return false;