summaryrefslogtreecommitdiffstats
path: root/src/method_xsalsa20_poly1305.c
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2012-06-05 18:10:11 +0200
committerMatthias Schiffer <mschiffer@universe-factory.net>2012-06-05 18:10:11 +0200
commit0f14f5562917c85cbe35eb8eeed6ab1e27922af3 (patch)
tree5c53a7fa1b583c8d44f250addb25284e0bb1e7cd /src/method_xsalsa20_poly1305.c
parent227af67a3cbf665f46c172dfd5147065c9ae95aa (diff)
downloadfastd-0f14f5562917c85cbe35eb8eeed6ab1e27922af3.tar
fastd-0f14f5562917c85cbe35eb8eeed6ab1e27922af3.zip
Fix possible duplicate session establishment
This is causing duplicate nonces in the worst case.
Diffstat (limited to 'src/method_xsalsa20_poly1305.c')
-rw-r--r--src/method_xsalsa20_poly1305.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/src/method_xsalsa20_poly1305.c b/src/method_xsalsa20_poly1305.c
index 95fbfa2..ca928c5 100644
--- a/src/method_xsalsa20_poly1305.c
+++ b/src/method_xsalsa20_poly1305.c
@@ -86,11 +86,14 @@ static size_t method_min_decrypt_head_space(fastd_context *ctx) {
return (crypto_secretbox_xsalsa20poly1305_BOXZEROBYTES - NONCEBYTES);
}
-static fastd_method_session_state* method_session_init(fastd_context *ctx, uint8_t *secret, size_t length, bool initiator) {
+static fastd_method_session_state* method_session_init(fastd_context *ctx, uint8_t *secret, size_t length, bool initiator, fastd_method_session_state *old_session) {
int i;
if (length < crypto_secretbox_xsalsa20poly1305_KEYBYTES)
exit_bug(ctx, "xsalsa20-poly1305: tried to init with short secret");
+
+ if (old_session && memcmp(secret, old_session->key, crypto_secretbox_xsalsa20poly1305_KEYBYTES) == 0)
+ return NULL;
fastd_method_session_state *session = malloc(sizeof(fastd_method_session_state));