commit 452aa5391b75ab6637b62398f9b0627593570d5d
parent 69e887bb68064ddf40db83d46ae3333659112db4
Author: Christian Grothoff <grothoff@gnunet.org>
Date: Mon, 28 Mar 2022 13:58:24 +0200
-code cleanup
Diffstat:
1 file changed, 22 insertions(+), 24 deletions(-)
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
@@ -91,28 +91,23 @@ derive_key (const void *key_material,
const char *salt,
struct ANASTASIS_CRYPTO_SymKeyP *key)
{
- if (GNUNET_YES !=
- GNUNET_CRYPTO_kdf (key,
- sizeof (struct ANASTASIS_CRYPTO_SymKeyP),
- /* salt / XTS */
- nonce,
- sizeof (struct ANASTASIS_CRYPTO_NonceP),
- /* ikm */
- key_material,
- key_m_len,
- /* info chunks */
- /* The "salt" passed here is actually not something random,
- but a protocol-specific identifier string. Thus
- we pass it as a context info to the HKDF */
- salt,
- strlen (salt),
- NULL,
- 0))
- {
- // FIXME: Huh?! Why would we continue here?
- GNUNET_break (0);
- return;
- }
+ GNUNET_assert (GNUNET_YES ==
+ GNUNET_CRYPTO_kdf (key,
+ sizeof (*key),
+ /* salt / XTS */
+ nonce,
+ sizeof (*nonce),
+ /* ikm */
+ key_material,
+ key_m_len,
+ /* info chunks */
+ /* The "salt" passed here is actually not something random,
+ but a protocol-specific identifier string. Thus
+ we pass it as a context info to the HKDF */
+ salt,
+ strlen (salt),
+ NULL,
+ 0));
}
@@ -185,8 +180,11 @@ anastasis_decrypt (const void *key,
struct ANASTASIS_CRYPTO_SymKeyP skey;
size_t plaintext_size;
- GNUNET_assert (data_size >= crypto_secretbox_NONCEBYTES
- + crypto_secretbox_MACBYTES);
+ if (data_size < crypto_secretbox_NONCEBYTES + crypto_secretbox_MACBYTES)
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
nonce = data;
derive_key (key,
key_len,
