static inline bool decryptMessage(struct Wrapper* wrapper,
uint32_t nonce,
struct Message* content,
uint8_t secret[32])
{
if (wrapper->authenticatePackets) {
// Decrypt with authentication and replay prevention.
int ret = decrypt(nonce, content, secret, wrapper->isInitiator, true);
if (ret) {
Log_debug1(wrapper->context->logger,
"Authenticated decryption failed returning %u\n",
ret);
return false;
}
ret = !ReplayProtector_checkNonce(nonce, &wrapper->replayProtector);
if (ret) {
Log_debug(wrapper->context->logger, "Nonce checking failed.\n");
return false;
}
} else {
decrypt(nonce, content, secret, wrapper->isInitiator, false);
}
int ret = callReceivedMessage(wrapper, content);
if (ret) {
Log_debug1(wrapper->context->logger,
"Call received message failed returning %u\n",
ret);
return false;
}
return true;
}
static void testDuplicates(struct Random* rand)
{
uint16_t randomShorts[8192];
uint16_t out[8192];
struct ReplayProtector rp = {.bitfield = 0};
Random_bytes(rand, (uint8_t*)randomShorts, sizeof(randomShorts));
uint32_t outIdx = 0;
for (uint32_t i = 0; i < 1024; i++) {
if (ReplayProtector_checkNonce((randomShorts[i] % (i + 20)), &rp)) {
out[outIdx] = (randomShorts[i] % (i + 20));
outIdx++;
}
}
for (uint32_t i = 0; i < outIdx; i++) {
for (uint32_t j = i + 1; j < outIdx; j++) {
Assert_always(out[i] != out[j]);
}
}
}
int main()
{
struct Allocator* alloc = MallocAllocator_new(4096);
struct Random* rand = Random_new(alloc, NULL, NULL);
for (int i = 0; i < CYCLES; i++) {
testDuplicates(rand);
}
return 0;
}
int main()
{
uint16_t randomShorts[8192];
uint16_t out[8192];
struct ReplayProtector rp = {0,0};
struct Allocator* alloc;
BufferAllocator_STACK(alloc, 1024);
struct Random* rand = Random_new(alloc, NULL, NULL);
Random_bytes(rand, (uint8_t*)randomShorts, sizeof(randomShorts));
uint32_t outIdx = 0;
for (uint32_t i = 0; i < 1024; i++) {
if (ReplayProtector_checkNonce((randomShorts[i] % (i + 20)), &rp)) {
out[outIdx] = (randomShorts[i] % (i + 20));
outIdx++;
}
}
for (uint32_t i = 0; i < outIdx; i++) {
for (uint32_t j = i + 1; j < outIdx; j++) {
Assert_always(out[i] != out[j]);
}
}
return 0;
}
static inline bool decryptMessage(struct CryptoAuth_Wrapper* wrapper,
uint32_t nonce,
struct Message* content,
uint8_t secret[32])
{
// Decrypt with authentication and replay prevention.
if (decrypt(nonce, content, secret, wrapper->isInitiator)) {
cryptoAuthDebug0(wrapper, "DROP authenticated decryption failed");
return false;
}
if (!ReplayProtector_checkNonce(nonce, &wrapper->replayProtector)) {
cryptoAuthDebug(wrapper, "DROP nonce checking failed nonce=[%u]", nonce);
return false;
}
return true;
}
static inline Gcc_USE_RET bool decryptMessage(struct CryptoAuth_Session_pvt* session,
uint32_t nonce,
struct Message* content,
uint8_t secret[32])
{
// Decrypt with authentication and replay prevention.
if (decrypt(nonce, content, secret, session->isInitiator)) {
cryptoAuthDebug0(session, "DROP authenticated decryption failed");
return false;
}
if (!ReplayProtector_checkNonce(nonce, &session->pub.replayProtector)) {
cryptoAuthDebug(session, "DROP nonce checking failed nonce=[%u]", nonce);
return false;
}
return true;
}
static inline bool decryptMessage(struct CryptoAuth_Wrapper* wrapper,
uint32_t nonce,
struct Message* content,
uint8_t secret[32])
{
if (wrapper->authenticatePackets) {
// Decrypt with authentication and replay prevention.
int ret = decrypt(nonce, content, secret, wrapper->isInitiator, true);
if (ret) {
cryptoAuthDebug(wrapper, "Authenticated decryption failed returning %u", ret);
return false;
}
ret = !ReplayProtector_checkNonce(nonce, &wrapper->replayProtector);
if (ret) {
cryptoAuthDebug0(wrapper, "Nonce checking failed");
return false;
}
} else {
decrypt(nonce, content, secret, wrapper->isInitiator, false);
}
return true;
}
