X-Git-Url: https://git.distorted.org.uk/~mdw/secnet/blobdiff_plain/68fd6cd722b62ff32b7f805d49cc9ce08f30f753..refs/heads/mdw/xdh:/transform-cbcmac.c

diff --git a/transform-cbcmac.c b/transform-cbcmac.c
index 7e6a1f7..e7a3ee5 100644
--- a/transform-cbcmac.c
+++ b/transform-cbcmac.c
@@ -101,8 +101,8 @@ static void transform_delkey(void *sst)
     ti->keyed=False;
 }
 
-static uint32_t transform_forward(void *sst, struct buffer_if *buf,
-				  const char **errmsg)
+static transform_apply_return transform_forward(void *sst,
+            struct buffer_if *buf, const char **errmsg)
 {
     struct transform_inst *ti=sst;
     uint8_t *padp;
@@ -172,8 +172,8 @@ static uint32_t transform_forward(void *sst, struct buffer_if *buf,
     return 0;
 }
 
-static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
-				  const char **errmsg)
+static transform_apply_return transform_reverse(void *sst,
+                struct buffer_if *buf, const char **errmsg)
 {
     struct transform_inst *ti=sst;
     uint8_t *padp;
@@ -191,7 +191,7 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
 
     if (buf->size < 4 + 16 + 16) {
 	*errmsg="msg too short";
-	return 1;
+	return transform_apply_err;
     }
 
     /* CBC */
@@ -203,7 +203,7 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
     /* Assert bufsize is multiple of blocksize */
     if (buf->size&0xf) {
 	*errmsg="msg not multiple of cipher blocksize";
-	return 1;
+	return transform_apply_err;
     }
     serpentbe_encrypt(&ti->cryptkey,iv,iv);
     for (n=buf->start; n<buf->start+buf->size; n+=16)
@@ -231,9 +231,9 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
 	serpentbe_encrypt(&ti->mackey,macplain,macacc);
     }
     serpentbe_encrypt(&ti->mackey,macacc,macacc);
-    if (!consttime_memeq(macexpected,macacc,16)!=0) {
+    if (!consttime_memeq(macexpected,macacc,16)) {
 	*errmsg="invalid MAC";
-	return 1;
+	return transform_apply_err;
     }
 
     /* PKCS5, stolen from IWJ */
@@ -242,7 +242,7 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
     padlen=*padp;
     if (!padlen || (padlen > PKCS5_MASK+1)) {
 	*errmsg="pkcs5: invalid length";
-	return 1;
+	return transform_apply_err;
     }
 
     buf_unappend(buf,padlen-1);
@@ -284,9 +284,6 @@ static list_t *transform_apply(closure_t *self, struct cloc loc,
     update_max_start_pad(&transform_max_start_pad, 28);
         /* 4byte seqnum, 16byte pad, 4byte MACIV, 4byte IV */
 
-    /* We need 256*2 bits for serpent keys, 32 bits for CBC-IV and 32 bits
-       for CBCMAC-IV, and 32 bits for init sequence number */
-    st->ops.keylen=REQUIRED_KEYLEN;
     st->ops.create=transform_create;
 
     /* First parameter must be a dict */
@@ -298,7 +295,7 @@ static list_t *transform_apply(closure_t *self, struct cloc loc,
 
     SEQNUM_PARAMS_INIT(dict,&st->p,"serpent-cbc256",loc);
 
-    SET_CAPAB_TRANSFORMNUM(CAPAB_TRANSFORMNUM_SERPENT256CBC);
+    SET_CAPAB_BIT(CAPAB_BIT_SERPENT256CBC);
 
     return new_closure(&st->cl);
 }