diff options
| author | Christian Grothoff <christian@grothoff.org> | 2018-05-20 23:40:20 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2018-05-20 23:40:20 +0200 |
| commit | d080cb1ed80a0e528b2b755ee48ca18cb670175e (patch) | |
| tree | d8c0edab6035e4d38138b303566e972fbf8b8c5f /src/gnsrecord/gnsrecord_crypto.c | |
| parent | 0a8c135eedab5213b31c21b3d4b800e5f0f6041f (diff) | |
| download | gnunet-d080cb1ed80a0e528b2b755ee48ca18cb670175e.tar.gz gnunet-d080cb1ed80a0e528b2b755ee48ca18cb670175e.zip | |
check return values from GNSRECORD_record_serialize/size always
Diffstat (limited to 'src/gnsrecord/gnsrecord_crypto.c')
| -rw-r--r-- | src/gnsrecord/gnsrecord_crypto.c | 83 |
1 files changed, 47 insertions, 36 deletions
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index 6d59a545a..6d3887392 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c | |||
| @@ -87,9 +87,8 @@ block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
| 87 | const struct GNUNET_GNSRECORD_Data *rd, | 87 | const struct GNUNET_GNSRECORD_Data *rd, |
| 88 | unsigned int rd_count) | 88 | unsigned int rd_count) |
| 89 | { | 89 | { |
| 90 | size_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count, | 90 | ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count, |
| 91 | rd); | 91 | rd); |
| 92 | char payload[sizeof (uint32_t) + payload_len]; | ||
| 93 | struct GNUNET_GNSRECORD_Block *block; | 92 | struct GNUNET_GNSRECORD_Block *block; |
| 94 | struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey; | 93 | struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey; |
| 95 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 94 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
| @@ -98,8 +97,16 @@ block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
| 98 | uint32_t rd_count_nbo; | 97 | uint32_t rd_count_nbo; |
| 99 | struct GNUNET_TIME_Absolute now; | 98 | struct GNUNET_TIME_Absolute now; |
| 100 | 99 | ||
| 100 | if (payload_len < 0) | ||
| 101 | { | ||
| 102 | GNUNET_break (0); | ||
| 103 | return NULL; | ||
| 104 | } | ||
| 101 | if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) | 105 | if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) |
| 106 | { | ||
| 107 | GNUNET_break (0); | ||
| 102 | return NULL; | 108 | return NULL; |
| 109 | } | ||
| 103 | /* convert relative to absolute times */ | 110 | /* convert relative to absolute times */ |
| 104 | now = GNUNET_TIME_absolute_get (); | 111 | now = GNUNET_TIME_absolute_get (); |
| 105 | for (unsigned int i=0;i<rd_count;i++) | 112 | for (unsigned int i=0;i<rd_count;i++) |
| @@ -117,39 +124,43 @@ block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
| 117 | } | 124 | } |
| 118 | /* serialize */ | 125 | /* serialize */ |
| 119 | rd_count_nbo = htonl (rd_count); | 126 | rd_count_nbo = htonl (rd_count); |
| 120 | GNUNET_memcpy (payload, | 127 | { |
| 121 | &rd_count_nbo, | 128 | char payload[sizeof (uint32_t) + payload_len]; |
| 122 | sizeof (uint32_t)); | 129 | |
| 123 | GNUNET_assert (payload_len == | 130 | GNUNET_memcpy (payload, |
| 124 | GNUNET_GNSRECORD_records_serialize (rd_count, | 131 | &rd_count_nbo, |
| 125 | rdc, | 132 | sizeof (uint32_t)); |
| 126 | payload_len, | 133 | GNUNET_assert (payload_len == |
| 127 | &payload[sizeof (uint32_t)])); | 134 | GNUNET_GNSRECORD_records_serialize (rd_count, |
| 128 | block = GNUNET_malloc (sizeof (struct GNUNET_GNSRECORD_Block) + | 135 | rdc, |
| 129 | sizeof (uint32_t) + | 136 | payload_len, |
| 130 | payload_len); | 137 | &payload[sizeof (uint32_t)])); |
| 131 | block->purpose.size = htonl (sizeof (uint32_t) + | 138 | block = GNUNET_malloc (sizeof (struct GNUNET_GNSRECORD_Block) + |
| 132 | payload_len + | 139 | sizeof (uint32_t) + |
| 133 | sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + | 140 | payload_len); |
| 134 | sizeof (struct GNUNET_TIME_AbsoluteNBO)); | 141 | block->purpose.size = htonl (sizeof (uint32_t) + |
| 135 | block->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); | 142 | payload_len + |
| 136 | block->expiration_time = GNUNET_TIME_absolute_hton (expire); | 143 | sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + |
| 137 | /* encrypt and sign */ | 144 | sizeof (struct GNUNET_TIME_AbsoluteNBO)); |
| 138 | dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key, | 145 | block->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); |
| 139 | label, | 146 | block->expiration_time = GNUNET_TIME_absolute_hton (expire); |
| 140 | "gns"); | 147 | /* encrypt and sign */ |
| 141 | GNUNET_CRYPTO_ecdsa_key_get_public (dkey, | 148 | dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key, |
| 142 | &block->derived_key); | 149 | label, |
| 143 | derive_block_aes_key (&iv, | 150 | "gns"); |
| 144 | &skey, | 151 | GNUNET_CRYPTO_ecdsa_key_get_public (dkey, |
| 145 | label, | 152 | &block->derived_key); |
| 146 | pkey); | 153 | derive_block_aes_key (&iv, |
| 147 | GNUNET_break (payload_len + sizeof (uint32_t) == | 154 | &skey, |
| 148 | GNUNET_CRYPTO_symmetric_encrypt (payload, | 155 | label, |
| 149 | payload_len + sizeof (uint32_t), | 156 | pkey); |
| 150 | &skey, | 157 | GNUNET_break (payload_len + sizeof (uint32_t) == |
| 151 | &iv, | 158 | GNUNET_CRYPTO_symmetric_encrypt (payload, |
| 152 | &block[1])); | 159 | payload_len + sizeof (uint32_t), |
| 160 | &skey, | ||
| 161 | &iv, | ||
| 162 | &block[1])); | ||
| 163 | } | ||
| 153 | if (GNUNET_OK != | 164 | if (GNUNET_OK != |
| 154 | GNUNET_CRYPTO_ecdsa_sign (dkey, | 165 | GNUNET_CRYPTO_ecdsa_sign (dkey, |
| 155 | &block->purpose, | 166 | &block->purpose, |