diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2017-03-30 15:33:07 +0200 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2017-03-30 18:14:39 +0200 |
| commit | 8c124ca0b9ffc961a6140f3b2e90830d9adbb291 (patch) | |
| tree | 32edfe342c99122cd464777ee9ee3a291a2e5f53 /src/noise.c | |
| parent | curve25519: protect against potential invalid point attacks (diff) | |
| download | wireguard-monolithic-historical-8c124ca0b9ffc961a6140f3b2e90830d9adbb291.tar.xz wireguard-monolithic-historical-8c124ca0b9ffc961a6140f3b2e90830d9adbb291.zip | |
chacha20poly1305: enforce authtag checking with compiler
Diffstat (limited to 'src/noise.c')
| -rw-r--r-- | src/noise.c | 15 |
1 files changed, 5 insertions, 10 deletions
diff --git a/src/noise.c b/src/noise.c index 608a175..52a9be3 100644 --- a/src/noise.c +++ b/src/noise.c @@ -298,12 +298,10 @@ static void handshake_init(u8 key[NOISE_SYMMETRIC_KEY_LEN], u8 chaining_key[NOIS mix_hash(hash, remote_static, NOISE_PUBLIC_KEY_LEN); } -static bool handshake_encrypt(u8 *dst_ciphertext, const u8 *src_plaintext, size_t src_len, u8 key[NOISE_SYMMETRIC_KEY_LEN], u8 hash[NOISE_HASH_LEN]) +static void handshake_encrypt(u8 *dst_ciphertext, const u8 *src_plaintext, size_t src_len, u8 key[NOISE_SYMMETRIC_KEY_LEN], u8 hash[NOISE_HASH_LEN]) { - if (!chacha20poly1305_encrypt(dst_ciphertext, src_plaintext, src_len, hash, NOISE_HASH_LEN, 0 /* Always zero for Noise_IK */, key)) - return false; + chacha20poly1305_encrypt(dst_ciphertext, src_plaintext, src_len, hash, NOISE_HASH_LEN, 0 /* Always zero for Noise_IK */, key); mix_hash(hash, dst_ciphertext, noise_encrypted_len(src_len)); - return true; } static bool handshake_decrypt(u8 *dst_plaintext, const u8 *src_ciphertext, size_t src_len, u8 key[NOISE_SYMMETRIC_KEY_LEN], u8 hash[NOISE_HASH_LEN]) @@ -358,8 +356,7 @@ bool noise_handshake_create_initiation(struct message_handshake_initiation *dst, goto out; /* s */ - if (!handshake_encrypt(dst->encrypted_static, handshake->static_identity->static_public, NOISE_PUBLIC_KEY_LEN, handshake->key, handshake->hash)) - goto out; + handshake_encrypt(dst->encrypted_static, handshake->static_identity->static_public, NOISE_PUBLIC_KEY_LEN, handshake->key, handshake->hash); /* ss */ if (!mix_dh(handshake->key, handshake->chaining_key, handshake->static_identity->static_private, handshake->remote_static)) @@ -367,8 +364,7 @@ bool noise_handshake_create_initiation(struct message_handshake_initiation *dst, /* t */ tai64n_now(timestamp); - if (!handshake_encrypt(dst->encrypted_timestamp, timestamp, NOISE_TIMESTAMP_LEN, handshake->key, handshake->hash)) - goto out; + handshake_encrypt(dst->encrypted_timestamp, timestamp, NOISE_TIMESTAMP_LEN, handshake->key, handshake->hash); dst->sender_index = index_hashtable_insert(&handshake->entry.peer->device->index_hashtable, &handshake->entry); @@ -484,8 +480,7 @@ bool noise_handshake_create_response(struct message_handshake_response *dst, str if (!mix_dh(handshake->key, handshake->chaining_key, handshake->ephemeral_private, handshake->remote_static)) goto out; - if (!handshake_encrypt(dst->encrypted_nothing, NULL, 0, handshake->key, handshake->hash)) - goto out; + handshake_encrypt(dst->encrypted_nothing, NULL, 0, handshake->key, handshake->hash); dst->sender_index = index_hashtable_insert(&handshake->entry.peer->device->index_hashtable, &handshake->entry); |