|
|
|
@ -53,7 +53,7 @@ |
|
|
|
#endif |
|
|
|
|
|
|
|
#define CHUNK_SIZE_LEN 2 |
|
|
|
#define CHUNK_SIZE_MASK 0X3FFF |
|
|
|
#define CHUNK_SIZE_MASK 0x3FFF |
|
|
|
|
|
|
|
/* |
|
|
|
* This is SIP004 proposed by @Mygod, the design of TCP chunk is from @breakwa11 and |
|
|
|
@ -489,7 +489,7 @@ aead_chunk_encrypt(cipher_ctx_t *ctx, uint8_t *p, uint8_t *c, uint8_t *n, |
|
|
|
int err; |
|
|
|
size_t clen; |
|
|
|
uint8_t len_buf[CHUNK_SIZE_LEN]; |
|
|
|
uint16_t t = htons((plen + tlen) & CHUNK_SIZE_MASK); |
|
|
|
uint16_t t = htons(plen & CHUNK_SIZE_MASK); |
|
|
|
memcpy(len_buf, &t, CHUNK_SIZE_LEN); |
|
|
|
|
|
|
|
clen = CHUNK_SIZE_LEN + tlen; |
|
|
|
@ -586,18 +586,18 @@ aead_chunk_decrypt(cipher_ctx_t *ctx, uint8_t *p, uint8_t *c, uint8_t *n, |
|
|
|
mlen = ntohs(*(uint16_t *)len_buf); |
|
|
|
mlen = mlen & CHUNK_SIZE_MASK; |
|
|
|
|
|
|
|
size_t chunk_len = tlen + CHUNK_SIZE_LEN + mlen; |
|
|
|
size_t chunk_len = 2 * tlen + CHUNK_SIZE_LEN + mlen; |
|
|
|
|
|
|
|
if (*clen < chunk_len) |
|
|
|
return CRYPTO_NEED_MORE; |
|
|
|
|
|
|
|
sodium_increment(n, nlen); |
|
|
|
|
|
|
|
err = cipher_aead_decrypt(ctx, p, plen, c + CHUNK_SIZE_LEN + tlen, mlen, |
|
|
|
err = cipher_aead_decrypt(ctx, p, plen, c + CHUNK_SIZE_LEN + tlen, mlen + tlen, |
|
|
|
NULL, 0, n, ctx->cipher->key, nlen, tlen); |
|
|
|
if (err) |
|
|
|
return CRYPTO_ERROR; |
|
|
|
assert(*plen == mlen - tlen); |
|
|
|
assert(*plen == mlen); |
|
|
|
|
|
|
|
sodium_increment(n, nlen); |
|
|
|
|
|
|
|
|
Max Lv
7 years ago