Commit 69209051 authored by Yawning Angel 's avatar Yawning Angel

Make MaxMsgLen into a configurable parameter.

 * Yes, this violates the spec.  The limitation is arbitrary and
   lifiting it allows us to skip a lot of complexity in our use of the
   protocol.

 * Yes, the upstream code only enforces this for handshake messages, so
   I could have skipped doing this, but I may as well be explicit in
   what I'm doing.  Ideally CipherState.Encrypt()/Decrypt() will enforce
   this as well, but it's not my library and I see myself rewriting it
   at some point anyway.
parent 01638cb5
......@@ -196,9 +196,9 @@ const (
MessagePatternPSK
)
// MaxMsgLen is the maximum number of bytes that can be sent in a single Noise
// message.
const MaxMsgLen = 65535
// DefaultMaxMsgLen is the default maximum number of bytes that can be sent in
// a single Noise message.
const DefaultMaxMsgLen = 65535
// A HandshakeState tracks the state of a Noise handshake. It may be discarded
// after the handshake is complete.
......@@ -214,6 +214,7 @@ type HandshakeState struct {
initiator bool
msgIdx int
rng io.Reader
maxMsgLen int
}
// A Config provides the details necessary to process a Noise handshake. It is
......@@ -259,6 +260,10 @@ type Config struct {
// PeerEphemeral is the ephemeral public key of the remote peer that was
// provided as a pre-message in the handshake.
PeerEphemeral []byte
// MaxMsgLen is the maximum number of bytes that can be sent in a single
// Noise message.
MaxMsgLen int
}
// NewHandshakeState starts a new handshake using the provided configuration.
......@@ -272,6 +277,7 @@ func NewHandshakeState(c Config) (*HandshakeState, error) {
shouldWrite: c.Initiator,
initiator: c.Initiator,
rng: c.Random,
maxMsgLen: c.MaxMsgLen,
}
if hs.rng == nil {
hs.rng = rand.Reader
......@@ -280,6 +286,9 @@ func NewHandshakeState(c Config) (*HandshakeState, error) {
hs.re = make([]byte, len(c.PeerEphemeral))
copy(hs.re, c.PeerEphemeral)
}
if c.MaxMsgLen <= 0 {
hs.maxMsgLen = DefaultMaxMsgLen
}
hs.ss.cs = c.CipherSuite
pskModifier := ""
if len(hs.psk) > 0 {
......@@ -336,7 +345,7 @@ func (s *HandshakeState) WriteMessage(out, payload []byte) ([]byte, *CipherState
if s.msgIdx > len(s.messagePatterns)-1 {
return nil, nil, nil, errors.New("noise: no handshake messages left")
}
if len(payload) > MaxMsgLen {
if len(payload) > s.maxMsgLen {
return nil, nil, nil, errors.New("noise: message is too long")
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment