- int datasize = bufsize;
- unsigned char *data = alloca(datasize);
- serializer_t srl;
- int tsize;
- unsigned char myhash[HASHSIZE];
- int myhashsize = HASHSIZE;
- unsigned char theirhash[HASHSIZE];
- int theirhashsize = HASHSIZE;
-
- if (decrypt(key, CBLKSIZE, buffer, data, datasize))
- return 1;
- serial_init(&srl, data, datasize);
- tsize = *secsize;
- *secsize = serial_get(&srl, secret, tsize);
- if (*secsize > tsize || *secsize <= 0) return 1;
- tsize = *paysize;
- *paysize = serial_get(&srl, payload, tsize);
- if (*paysize > tsize || *paysize <= 0) return 1;
- if (hash(data, serial_size(&srl), myhash, &myhashsize))
- return 1;
- theirhashsize = serial_get(&srl, theirhash, theirhashsize);
- if (theirhashsize != HASHSIZE) return 1;
- if ((myhashsize != theirhashsize) ||
- memcmp(myhash, theirhash, myhashsize))
- return 1;
- return 0;
+ unsigned long rc;
+ struct _auth_obj ao = {0};
+
+ if (keysize < CBLKSIZE) {
+ ao.err = "parse authobj: key too short";
+ } else if ((ao.buffer = malloc(bufsize)) == NULL) {
+ ao.err = "parse authobj: malloc failed";
+ } else if ((rc = decrypt(key, CBLKSIZE, buffer, ao.buffer, bufsize))) {
+ ao.err = crypto_errstr(rc);
+ } else {
+ serializer_t srl;
+ unsigned char myhash[HASHSIZE];
+ int myhsize = HASHSIZE;
+ unsigned char *theirhash;
+ int theirhsize;
+ unsigned long rc;
+
+ serial_init(&srl, ao.buffer, bufsize);
+ if (serial_get(&srl, (void**)&ao.data, &ao.datasize)) {
+ ao.err = "parse authobj: too long secret";
+ } else if (serial_get(&srl, (void**)&ao.payload, &ao.paylsize)) {
+ ao.err = "parse authobj: too long payload";
+ } else if ((rc = hash(ao.buffer, serial_size(&srl),
+ myhash, &myhsize))) {
+ ao.err = crypto_errstr(rc);
+ } else if (serial_get(&srl, (void**)&theirhash, &theirhsize)) {
+ ao.err = "parse authobj: too long hash";
+ } else if (theirhsize != HASHSIZE) {
+ ao.err = "parse authobj: hash is of wrong size";
+ } else if ((myhsize != theirhsize) ||
+ memcmp(myhash, theirhash, myhsize)) {
+ ao.err = "parse authobj: hash mismatch";
+ }
+ }
+ return ao;