hammer2 - error out on enc/dec errors
authorAlex Hornung <ahornung@gmail.com>
Thu, 9 Aug 2012 19:31:53 +0000 (20:31 +0100)
committerAlex Hornung <ahornung@gmail.com>
Thu, 9 Aug 2012 19:32:28 +0000 (20:32 +0100)
sbin/hammer2/crypto.c
sbin/hammer2/msg.c
sbin/hammer2/network.h

index ea2ec1c..79463e8 100644 (file)
@@ -175,7 +175,7 @@ _gcm_iv_increment(char *iv)
         * Detect wrap-around, which means it is time to renegotiate
         * the session to get a new key and/or fixed field.
         */
         * Detect wrap-around, which means it is time to renegotiate
         * the session to get a new key and/or fixed field.
         */
-       return (c == 0) ? -1 : 0;
+       return (c == 0) ? 0 : 1;
 }
 
 static
 }
 
 static
@@ -233,13 +233,19 @@ hammer2_crypto_encrypt_chunk(hammer2_ioq_t *ioq, char *ct, char *pt,
        printf("\n");
 #endif
 
        printf("\n");
 #endif
 
-       _gcm_iv_increment(ioq->iv);
+       ok = _gcm_iv_increment(ioq->iv);
+       if (!ok) {
+               ioq->error = HAMMER2_IOQ_ERROR_IVWRAP;
+               goto fail_out;
+       }
 
        *out_size = u_len + f_len + HAMMER2_CRYPTO_TAG_SIZE;
 
        return 0;
 
 fail:
 
        *out_size = u_len + f_len + HAMMER2_CRYPTO_TAG_SIZE;
 
        return 0;
 
 fail:
+       ioq->error = HAMMER2_IOQ_ERROR_ALGO;
+fail_out:
        if (DebugOpt)
                fprintf(stderr, "error during encrypt_chunk\n");
        return -1;
        if (DebugOpt)
                fprintf(stderr, "error during encrypt_chunk\n");
        return -1;
@@ -260,8 +266,10 @@ hammer2_crypto_decrypt_chunk(hammer2_ioq_t *ioq, char *ct, char *pt,
 
        /* Re-initialize with new IV (but without redoing the key schedule) */
        ok = EVP_DecryptInit_ex(&ioq->ctx, NULL, NULL, NULL, ioq->iv);
 
        /* Re-initialize with new IV (but without redoing the key schedule) */
        ok = EVP_DecryptInit_ex(&ioq->ctx, NULL, NULL, NULL, ioq->iv);
-       if (!ok)
-               goto fail;
+       if (!ok) {
+               ioq->error = HAMMER2_IOQ_ERROR_ALGO;
+               goto fail_out;
+       }
 
 #ifdef CRYPTO_DEBUG
        printf("dec_chunk iv: ");
 
 #ifdef CRYPTO_DEBUG
        printf("dec_chunk iv: ");
@@ -283,8 +291,10 @@ hammer2_crypto_decrypt_chunk(hammer2_ioq_t *ioq, char *ct, char *pt,
        ok = EVP_CIPHER_CTX_ctrl(&ioq->ctx, EVP_CTRL_GCM_SET_TAG,
                                 HAMMER2_CRYPTO_TAG_SIZE,
                                 ct + out_size);
        ok = EVP_CIPHER_CTX_ctrl(&ioq->ctx, EVP_CTRL_GCM_SET_TAG,
                                 HAMMER2_CRYPTO_TAG_SIZE,
                                 ct + out_size);
-       if (!ok)
-               goto fail;
+       if (!ok) {
+               ioq->error = HAMMER2_IOQ_ERROR_ALGO;
+               goto fail_out;
+       }
 
        ok = EVP_DecryptUpdate(&ioq->ctx, pt, &u_len, ct, out_size);
        if (!ok)
 
        ok = EVP_DecryptUpdate(&ioq->ctx, pt, &u_len, ct, out_size);
        if (!ok)
@@ -294,7 +304,11 @@ hammer2_crypto_decrypt_chunk(hammer2_ioq_t *ioq, char *ct, char *pt,
        if (!ok)
                goto fail;
 
        if (!ok)
                goto fail;
 
-       _gcm_iv_increment(ioq->iv);
+       ok = _gcm_iv_increment(ioq->iv);
+       if (!ok) {
+               ioq->error = HAMMER2_IOQ_ERROR_IVWRAP;
+               goto fail_out;
+       }
 
        *consume_size = u_len + f_len + HAMMER2_CRYPTO_TAG_SIZE;
 
 
        *consume_size = u_len + f_len + HAMMER2_CRYPTO_TAG_SIZE;
 
@@ -308,6 +322,8 @@ hammer2_crypto_decrypt_chunk(hammer2_ioq_t *ioq, char *ct, char *pt,
        return 0;
 
 fail:
        return 0;
 
 fail:
+       ioq->error = HAMMER2_IOQ_ERROR_MACFAIL;
+fail_out:
        if (DebugOpt)
                fprintf(stderr, "error during decrypt_chunk (likely authentication error)\n");
        return -1;
        if (DebugOpt)
                fprintf(stderr, "error during decrypt_chunk (likely authentication error)\n");
        return -1;
index a47d811..e080598 100644 (file)
@@ -2058,6 +2058,15 @@ hammer2_msg_str(hammer2_msg_t *msg)
        case HAMMER2_IOQ_ERROR_TRANS:
                errstr = "err=IOQ:BADTRANS";
                break;
        case HAMMER2_IOQ_ERROR_TRANS:
                errstr = "err=IOQ:BADTRANS";
                break;
+       case HAMMER2_IOQ_ERROR_IVWRAP:
+               errstr = "err=IOQ:IVWRAP";
+               break;
+       case HAMMER2_IOQ_ERROR_MACFAIL:
+               errstr = "err=IOQ:MACFAIL";
+               break;
+       case HAMMER2_IOQ_ERROR_ALGO:
+               errstr = "err=IOQ:ALGOFAIL";
+               break;
        case HAMMER2_MSG_ERR_NOSUPP:
                errstr = "err=NOSUPPORT";
                break;
        case HAMMER2_MSG_ERR_NOSUPP:
                errstr = "err=NOSUPPORT";
                break;
index 194e44e..7e86481 100644 (file)
@@ -228,6 +228,9 @@ typedef struct hammer2_ioq hammer2_ioq_t;
 #define HAMMER2_IOQ_ERROR_MSGSEQ       15      /* message sequence error */
 #define HAMMER2_IOQ_ERROR_EALREADY     16      /* ignore this message */
 #define HAMMER2_IOQ_ERROR_TRANS                17      /* state transaction issue */
 #define HAMMER2_IOQ_ERROR_MSGSEQ       15      /* message sequence error */
 #define HAMMER2_IOQ_ERROR_EALREADY     16      /* ignore this message */
 #define HAMMER2_IOQ_ERROR_TRANS                17      /* state transaction issue */
+#define HAMMER2_IOQ_ERROR_IVWRAP       18      /* IVs exhaused */
+#define HAMMER2_IOQ_ERROR_MACFAIL      19      /* MAC of encryption algorithm failed */
+#define HAMMER2_IOQ_ERROR_ALGO         20      /* Misc. encryption algorithm error */
 
 #define HAMMER2_IOQ_MAXIOVEC    16
 
 
 #define HAMMER2_IOQ_MAXIOVEC    16