static inline bool decryptMessage(struct Wrapper* wrapper, uint32_t nonce, struct Message* content, uint8_t secret[32]) { if (wrapper->authenticatePackets) { // Decrypt with authentication and replay prevention. int ret = decrypt(nonce, content, secret, wrapper->isInitiator, true); if (ret) { Log_debug1(wrapper->context->logger, "Authenticated decryption failed returning %u\n", ret); return false; } ret = !ReplayProtector_checkNonce(nonce, &wrapper->replayProtector); if (ret) { Log_debug(wrapper->context->logger, "Nonce checking failed.\n"); return false; } } else { decrypt(nonce, content, secret, wrapper->isInitiator, false); } int ret = callReceivedMessage(wrapper, content); if (ret) { Log_debug1(wrapper->context->logger, "Call received message failed returning %u\n", ret); return false; } return true; }
static void testDuplicates(struct Random* rand) { uint16_t randomShorts[8192]; uint16_t out[8192]; struct ReplayProtector rp = {.bitfield = 0}; Random_bytes(rand, (uint8_t*)randomShorts, sizeof(randomShorts)); uint32_t outIdx = 0; for (uint32_t i = 0; i < 1024; i++) { if (ReplayProtector_checkNonce((randomShorts[i] % (i + 20)), &rp)) { out[outIdx] = (randomShorts[i] % (i + 20)); outIdx++; } } for (uint32_t i = 0; i < outIdx; i++) { for (uint32_t j = i + 1; j < outIdx; j++) { Assert_always(out[i] != out[j]); } } } int main() { struct Allocator* alloc = MallocAllocator_new(4096); struct Random* rand = Random_new(alloc, NULL, NULL); for (int i = 0; i < CYCLES; i++) { testDuplicates(rand); } return 0; }
int main() { uint16_t randomShorts[8192]; uint16_t out[8192]; struct ReplayProtector rp = {0,0}; struct Allocator* alloc; BufferAllocator_STACK(alloc, 1024); struct Random* rand = Random_new(alloc, NULL, NULL); Random_bytes(rand, (uint8_t*)randomShorts, sizeof(randomShorts)); uint32_t outIdx = 0; for (uint32_t i = 0; i < 1024; i++) { if (ReplayProtector_checkNonce((randomShorts[i] % (i + 20)), &rp)) { out[outIdx] = (randomShorts[i] % (i + 20)); outIdx++; } } for (uint32_t i = 0; i < outIdx; i++) { for (uint32_t j = i + 1; j < outIdx; j++) { Assert_always(out[i] != out[j]); } } return 0; }
static inline bool decryptMessage(struct CryptoAuth_Wrapper* wrapper, uint32_t nonce, struct Message* content, uint8_t secret[32]) { // Decrypt with authentication and replay prevention. if (decrypt(nonce, content, secret, wrapper->isInitiator)) { cryptoAuthDebug0(wrapper, "DROP authenticated decryption failed"); return false; } if (!ReplayProtector_checkNonce(nonce, &wrapper->replayProtector)) { cryptoAuthDebug(wrapper, "DROP nonce checking failed nonce=[%u]", nonce); return false; } return true; }
static inline Gcc_USE_RET bool decryptMessage(struct CryptoAuth_Session_pvt* session, uint32_t nonce, struct Message* content, uint8_t secret[32]) { // Decrypt with authentication and replay prevention. if (decrypt(nonce, content, secret, session->isInitiator)) { cryptoAuthDebug0(session, "DROP authenticated decryption failed"); return false; } if (!ReplayProtector_checkNonce(nonce, &session->pub.replayProtector)) { cryptoAuthDebug(session, "DROP nonce checking failed nonce=[%u]", nonce); return false; } return true; }
static inline bool decryptMessage(struct CryptoAuth_Wrapper* wrapper, uint32_t nonce, struct Message* content, uint8_t secret[32]) { if (wrapper->authenticatePackets) { // Decrypt with authentication and replay prevention. int ret = decrypt(nonce, content, secret, wrapper->isInitiator, true); if (ret) { cryptoAuthDebug(wrapper, "Authenticated decryption failed returning %u", ret); return false; } ret = !ReplayProtector_checkNonce(nonce, &wrapper->replayProtector); if (ret) { cryptoAuthDebug0(wrapper, "Nonce checking failed"); return false; } } else { decrypt(nonce, content, secret, wrapper->isInitiator, false); } return true; }