if(s->outstate) {
// If first handshake has finished, encrypt and HMAC
- cipher_set_counter(s->outcipher, &seqno, sizeof seqno);
+ if(!cipher_set_counter(s->outcipher, &seqno, sizeof seqno))
+ return false;
+
if(!cipher_counter_xor(s->outcipher, buffer + 6, len + 1UL, buffer + 6))
return false;
char shared[ECDH_SHARED_SIZE];
if(!ecdh_compute_shared(s->ecdh, s->hiskex + 1 + 32, shared))
return false;
+ s->ecdh = NULL;
// Generate key material from shared secret.
if(!generate_key_material(s, shared, sizeof shared))
return true;
// TODO: split ACK into a VERify and ACK?
default:
- return error(s, EIO, "Invalid session state");
+ return error(s, EIO, "Invalid session state %d", s->state);
}
}
// Decrypt.
memcpy(&seqno, buffer + 2, 4);
- cipher_set_counter(s->incipher, &seqno, sizeof seqno);
+ if(!cipher_set_counter(s->incipher, &seqno, sizeof seqno))
+ return false;
if(!cipher_counter_xor(s->incipher, buffer + 6, len - 4, buffer + 6))
return false;
if(!receive_handshake(s, buffer + 7, len - 21))
return false;
} else {
- return error(s, EIO, "Invalid record type");
+ return error(s, EIO, "Invalid record type %d", type);
}
return true;
// Receive incoming data. Check if it contains a complete record, if so, handle it.
bool sptps_receive_data(sptps_t *s, const char *data, size_t len) {
+ if(!s->state)
+ return error(s, EIO, "Invalid session state zero");
+
if(s->datagram)
return sptps_receive_data_datagram(s, data, len);
if(!receive_handshake(s, s->inbuf + 7, s->reclen))
return false;
} else {
- return error(s, EIO, "Invalid record type");
+ return error(s, EIO, "Invalid record type %d", type);
}
s->buflen = 4;