nts: encode key ID in cookie in network order

author Miroslav Lichvar <mlichvar@redhat.com>

Wed, 15 Apr 2020 08:44:20 +0000 (10:44 +0200)

committer Miroslav Lichvar <mlichvar@redhat.com>

Wed, 15 Apr 2020 14:30:54 +0000 (16:30 +0200)
author Miroslav Lichvar <mlichvar@redhat.com>
Wed, 15 Apr 2020 08:44:20 +0000 (10:44 +0200)
committer Miroslav Lichvar <mlichvar@redhat.com>
Wed, 15 Apr 2020 14:30:54 +0000 (16:30 +0200)
diff --git a/nts_ke_server.c b/nts_ke_server.c

index f92bfc6a2c0a02dc72446bd07274b404d756ba64..8cbccdc69141506e821bd428a266cf0e33e5478e 100644 (file)
--- a/nts_ke_server.c
+++ b/nts_ke_server.c
@@ -746,8 +746,7 @@ NKS_GenerateCookie(NKE_Context *context, NKE_Cookie *cookie)
  
    header = (ServerCookieHeader *)cookie->cookie;
  
-  /* Keep the fields in the host byte order */
-  header->key_id = key->id;
+  header->key_id = htonl(key->id);
    UTI_GetRandomBytes(header->nonce, sizeof (header->nonce));
  
    plaintext_length = context->c2s.length + context->s2c.length;
@@ -780,6 +779,7 @@ NKS_DecodeCookie(NKE_Cookie *cookie, NKE_Context *context)
    int ciphertext_length, plaintext_length, tag_length;
    ServerCookieHeader *header;
    ServerKey *key;
+  uint32_t key_id;
  
    if (!initialised) {
      DEBUG_LOG("NTS server disabled");
@@ -795,9 +795,10 @@ NKS_DecodeCookie(NKE_Cookie *cookie, NKE_Context *context)
    ciphertext = cookie->cookie + sizeof (*header);
    ciphertext_length = cookie->length - sizeof (*header);
  
-  key = &server_keys[header->key_id % MAX_SERVER_KEYS];
-  if (header->key_id != key->id) {
-    DEBUG_LOG("Unknown key %"PRIX32, header->key_id);
+  key_id = ntohl(header->key_id);
+  key = &server_keys[key_id % MAX_SERVER_KEYS];
+  if (key_id != key->id) {
+    DEBUG_LOG("Unknown key %"PRIX32, key_id);
      return 0;
    }
author	Miroslav Lichvar <mlichvar@redhat.com>
	Wed, 15 Apr 2020 08:44:20 +0000 (10:44 +0200)
committer	Miroslav Lichvar <mlichvar@redhat.com>
	Wed, 15 Apr 2020 14:30:54 +0000 (16:30 +0200)