summaryrefslogtreecommitdiffstats
path: root/src/plugins/wireguard/wireguard_noise.c
diff options
context:
space:
mode:
authorNeale Ranns <nranns@cisco.com>2020-09-10 08:49:10 +0000
committerDamjan Marion <dmarion@me.com>2020-09-12 08:20:59 +0000
commitd75a2d12c431fcffba2a2b4d59f18c9cec483ed9 (patch)
treeac99425efe96e7a6a88e9cc25c7479e64e4c5ea1 /src/plugins/wireguard/wireguard_noise.c
parent8c6ba2957c985a1670e9fca6bc869008e6722364 (diff)
wireguard: Fix for tunnel encap
Type: fix add UT for sneding handshale init and transport packets Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Iab1ed8864c666d5a0ae0b2364a9ca4de3c8770dc
Diffstat (limited to 'src/plugins/wireguard/wireguard_noise.c')
-rwxr-xr-xsrc/plugins/wireguard/wireguard_noise.c16
1 files changed, 10 insertions, 6 deletions
diff --git a/src/plugins/wireguard/wireguard_noise.c b/src/plugins/wireguard/wireguard_noise.c
index dc7d5060fe5..b47bb5747b9 100755
--- a/src/plugins/wireguard/wireguard_noise.c
+++ b/src/plugins/wireguard/wireguard_noise.c
@@ -536,7 +536,7 @@ noise_remote_ready (noise_remote_t * r)
return ret;
}
-static void
+static bool
chacha20poly1305_calc (vlib_main_t * vm,
u8 * src,
u32 src_len,
@@ -580,6 +580,8 @@ chacha20poly1305_calc (vlib_main_t * vm,
{
clib_memcpy (dst + src_len, op->tag, NOISE_AUTHTAG_LEN);
}
+
+ return (op->status == VNET_CRYPTO_OP_STATUS_COMPLETED);
}
enum noise_state_crypt
@@ -668,9 +670,10 @@ noise_remote_decrypt (vlib_main_t * vm, noise_remote_t * r, uint32_t r_idx,
/* Decrypt, then validate the counter. We don't want to validate the
* counter before decrypting as we do not know the message is authentic
* prior to decryption. */
- chacha20poly1305_calc (vm, src, srclen, dst, NULL, 0, nonce,
- VNET_CRYPTO_OP_CHACHA20_POLY1305_DEC,
- kp->kp_recv_index);
+ if (!chacha20poly1305_calc (vm, src, srclen, dst, NULL, 0, nonce,
+ VNET_CRYPTO_OP_CHACHA20_POLY1305_DEC,
+ kp->kp_recv_index))
+ goto error;
if (!noise_counter_recv (&kp->kp_ctr, nonce))
goto error;
@@ -936,8 +939,9 @@ noise_msg_decrypt (vlib_main_t * vm, uint8_t * dst, uint8_t * src,
uint8_t hash[NOISE_HASH_LEN])
{
/* Nonce always zero for Noise_IK */
- chacha20poly1305_calc (vm, src, src_len, dst, hash, NOISE_HASH_LEN, 0,
- VNET_CRYPTO_OP_CHACHA20_POLY1305_DEC, key_idx);
+ if (!chacha20poly1305_calc (vm, src, src_len, dst, hash, NOISE_HASH_LEN, 0,
+ VNET_CRYPTO_OP_CHACHA20_POLY1305_DEC, key_idx))
+ return false;
noise_mix_hash (hash, src, src_len);
return true;
}