15 年前 · 0b5077ef78
--- a/flow/SPProtoDecoder.c
+++ b/flow/SPProtoDecoder.c
@@ -42,28 +42,34 @@ static int decode_packet (SPProtoDecoder *o, uint8_t *in, int in_len, uint8_t **
 
															         plaintext = in;
														
 
															         plaintext_len = in_len;
														
 
															     } else {
														
 
															-        // check length
														
 
															+        // input must be a multiple of blocks size
														
 
															         if (in_len % o->enc_block_size != 0) {
														
 
															             DEBUG("packet size not a multiple of block size");
														
 
															             return 0;
														
 
															         }
														
 
															+        
														
 
															+        // input must have an IV block
														
 
															         if (in_len < o->enc_block_size) {
														
 
															             DEBUG("packet does not have an IV");
														
 
															             return 0;
														
 
															         }
														
 
															+        
														
 
															         // check if we have encryption key
														
 
															         if (!o->have_encryption_key) {
														
 
															             DEBUG("have no encryption key");
														
 
															             return 0;
														
 
															         }
														
 
															+        
														
 
															         // copy IV as BEncryption_Decrypt changes the IV
														
 
															         uint8_t iv[o->enc_block_size];
														
 
															         memcpy(iv, in, o->enc_block_size);
														
 
															+        
														
 
															         // decrypt
														
 
															         uint8_t *ciphertext = in + o->enc_block_size;
														
 
															         int ciphertext_len = in_len - o->enc_block_size;
														
 
															         plaintext = o->buf;
														
 
															         BEncryption_Decrypt(&o->encryptor, ciphertext, plaintext, ciphertext_len, iv);
														
 
															+        
														
 
															         // read padding
														
 
															         if (ciphertext_len < o->enc_block_size) {
														
 
															             DEBUG("packet does not have a padding block");
														
--- a/flow/SPProtoEncoder.c
+++ b/flow/SPProtoEncoder.c
@@ -84,16 +84,20 @@ static int encode_packet (SPProtoEncoder *o)
 
															     if (SPPROTO_HAVE_ENCRYPTION(o->sp_params)) {
														
 
															         // encrypting pad(header + payload)
														
 
															         int cyphertext_len = BALIGN_UP_N((plaintext_len + 1), o->enc_block_size);
														
 
															+        
														
 
															         // write padding
														
 
															         plaintext[plaintext_len] = 1;
														
 
															         for (int i = plaintext_len + 1; i < cyphertext_len; i++) {
														
 
															             plaintext[i] = 0;
														
 
															         }
														
 
															+        
														
 
															         // generate IV
														
 
															         BRandom_randomize(o->out, o->enc_block_size);
														
 
															+        
														
 
															         // copy IV because BEncryption_Encrypt changes the IV
														
 
															         uint8_t iv[o->enc_block_size];
														
 
															         memcpy(iv, o->out, o->enc_block_size);
														
 
															+        
														
 
															         // encrypt
														
 
															         BEncryption_Encrypt(&o->encryptor, plaintext, o->out + o->enc_block_size, cyphertext_len, iv);
														
 
															         out_len = o->enc_block_size + cyphertext_len;