diff options
author | Martin Schanzenbach <mschanzenbach@posteo.de> | 2021-05-03 20:46:46 +0200 |
---|---|---|
committer | Martin Schanzenbach <mschanzenbach@posteo.de> | 2021-05-03 20:46:46 +0200 |
commit | 35fb28b9bc616b638d9a8de31633e2d68dca26d0 (patch) | |
tree | 8266e59cc97822b9aca25c8082460d14fa1d8190 /src | |
parent | d552acf5e7114f92d8251276ef76827a9db92257 (diff) | |
download | gnunet-35fb28b9bc616b638d9a8de31633e2d68dca26d0.tar.gz gnunet-35fb28b9bc616b638d9a8de31633e2d68dca26d0.zip |
-fix actually follow spec for Salsa encryption
Diffstat (limited to 'src')
-rw-r--r-- | src/gnsrecord/gnsrecord_crypto.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index 7fe0c6953..feb60ade9 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c | |||
@@ -99,7 +99,14 @@ eddsa_symmetric_decrypt ( | |||
99 | const unsigned char *nonce, | 99 | const unsigned char *nonce, |
100 | void *result) | 100 | void *result) |
101 | { | 101 | { |
102 | if (0 != crypto_secretbox_open_easy (result, block, size, nonce, key)) | 102 | ssize_t ctlen = size - crypto_secretbox_MACBYTES; |
103 | if (ctlen < 0) | ||
104 | return GNUNET_SYSERR; | ||
105 | if (0 != crypto_secretbox_open_detached (result, | ||
106 | block, // Ciphertext | ||
107 | ((unsigned char*)block) + ctlen, // TAG | ||
108 | ctlen, | ||
109 | nonce, key)) | ||
103 | { | 110 | { |
104 | return GNUNET_SYSERR; | 111 | return GNUNET_SYSERR; |
105 | } | 112 | } |
@@ -115,7 +122,11 @@ eddsa_symmetric_encrypt ( | |||
115 | const unsigned char *nonce, | 122 | const unsigned char *nonce, |
116 | void *result) | 123 | void *result) |
117 | { | 124 | { |
118 | crypto_secretbox_easy (result, block, size, nonce, key); | 125 | if (size > crypto_secretbox_MESSAGEBYTES_MAX) |
126 | return GNUNET_SYSERR; | ||
127 | crypto_secretbox_detached (result, // Ciphertext | ||
128 | result + size, // TAG | ||
129 | block, size, nonce, key); | ||
119 | return GNUNET_OK; | 130 | return GNUNET_OK; |
120 | } | 131 | } |
121 | 132 | ||