TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-01-08 09:07:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

control/noise: don't panic when handling ciphertext.

Browse Source 
Signed-off-by: David Anderson <danderson@tailscale.com>
This commit is contained in:
David Anderson 2021-10-25 16:45:38 -07:00 committed by Dave Anderson
parent 4004b22fe5
commit a63c4ab378
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
control/noise/handshake.go
View File

@ -7,6 +7,7 @@
import ( import (
"context" "context"
"crypto/cipher" "crypto/cipher"
"errors"
"fmt" "fmt"
"hash" "hash"
"io" "io"
@ -282,7 +283,7 @@ type symmetricState struct {
ck [blake2s.Size]byte // chaining key used to construct session keys at the end of the handshake ck [blake2s.Size]byte // chaining key used to construct session keys at the end of the handshake
} }
func (s *symmetricState) checkFinished() { func (s *symmetricState) checkFinished() error {
if s.finished { if s.finished {
panic("attempted to use symmetricState after Split was called") panic("attempted to use symmetricState after Split was called")
} }
@ -352,7 +353,7 @@ func (s *symmetricState) EncryptAndHash(cipher *singleUseCHP, ciphertext, plaint
func (s *symmetricState) DecryptAndHash(cipher *singleUseCHP, plaintext, ciphertext []byte) error { func (s *symmetricState) DecryptAndHash(cipher *singleUseCHP, plaintext, ciphertext []byte) error {
s.checkFinished() s.checkFinished()
if len(ciphertext) != len(plaintext)+chp.Overhead { if len(ciphertext) != len(plaintext)+chp.Overhead {
panic("plaintext is wrong size for given ciphertext") return errors.New("plaintext is wrong size for given ciphertext")
} }
if _, err := cipher.Open(plaintext[:0], ciphertext, s.h[:]); err != nil { if _, err := cipher.Open(plaintext[:0], ciphertext, s.h[:]); err != nil {
return err return err