From 0504f57c91eb7dd2ac4adfc6906e006f775a76e4 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Fri, 15 Nov 2013 05:44:02 +0100
Subject: methods/common: decrease nonce length to 6, add flags byte

---
 src/methods/generic_gcm/generic_gcm.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

(limited to 'src/methods/generic_gcm/generic_gcm.c')

diff --git a/src/methods/generic_gcm/generic_gcm.c b/src/methods/generic_gcm/generic_gcm.c
index 8ae9dbe..5d6c45a 100644
--- a/src/methods/generic_gcm/generic_gcm.c
+++ b/src/methods/generic_gcm/generic_gcm.c
@@ -73,7 +73,7 @@ static bool method_provides(const char *name) {
 }
 
 static size_t method_max_packet_size(fastd_context_t *ctx) {
-	return (fastd_max_packet_size(ctx) + COMMON_NONCEBYTES + sizeof(fastd_block128_t));
+	return (fastd_max_packet_size(ctx) + COMMON_HEADBYTES + sizeof(fastd_block128_t));
 }
 
 
@@ -181,7 +181,7 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast
 	memset(in.data, 0, sizeof(fastd_block128_t));
 
 	size_t tail_len = alignto(in.len, sizeof(fastd_block128_t))-in.len;
-	*out = fastd_buffer_alloc(ctx, in.len, alignto(COMMON_NONCEBYTES, 16), sizeof(fastd_block128_t)+tail_len);
+	*out = fastd_buffer_alloc(ctx, in.len, alignto(COMMON_HEADBYTES, 16), sizeof(fastd_block128_t)+tail_len);
 
 	if (tail_len)
 		memset(in.data+in.len, 0, tail_len);
@@ -219,20 +219,26 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast
 
 	fastd_buffer_free(in);
 
-	fastd_buffer_pull_head(ctx, out, COMMON_NONCEBYTES);
+	fastd_buffer_pull_head(ctx, out, COMMON_HEADBYTES);
+
 	memcpy(out->data, session->common.send_nonce, COMMON_NONCEBYTES);
 	fastd_method_increment_nonce(&session->common);
 
+	((uint8_t*)out->data)[COMMON_NONCEBYTES] = 0; /* flags */
+
 	return true;
 }
 
 static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_method_session_state_t *session, fastd_buffer_t *out, fastd_buffer_t in) {
-	if (in.len < COMMON_NONCEBYTES+sizeof(fastd_block128_t))
+	if (in.len < COMMON_HEADBYTES+sizeof(fastd_block128_t))
 		return false;
 
 	if (!method_session_is_valid(ctx, session))
 		return false;
 
+	if (((const uint8_t*)in.data)[COMMON_NONCEBYTES]) /* flags */
+		return false;
+
 	uint8_t nonce[session->ivlen];
 	memset(nonce, 0, session->ivlen);
 	memcpy(nonce, in.data, COMMON_NONCEBYTES);
@@ -242,7 +248,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho
 	if (!fastd_method_is_nonce_valid(ctx, &session->common, nonce, &age))
 		return false;
 
-	fastd_buffer_push_head(ctx, &in, COMMON_NONCEBYTES);
+	fastd_buffer_push_head(ctx, &in, COMMON_HEADBYTES);
 
 	size_t tail_len = alignto(in.len, sizeof(fastd_block128_t))-in.len;
 	*out = fastd_buffer_alloc(ctx, in.len, 0, tail_len);
-- 
cgit v1.2.3