nts: fix number of extension fields after failed encryption

If the authenticator SIV encryption fails (e.g. due to wrong nonce
length), decrement the number of extension fields to keep the packet
info consistent.

diff --git a/nts_ntp_auth.c b/nts_ntp_auth.c
index 2f502bb5327548aadf2e2a76e74ba72313a0960c..b92c406b2a9c062c4446ebe915a4022ff5d40009 100644 (file)
--- a/nts_ntp_auth.c
+++ b/nts_ntp_auth.c
@@ -115,6 +115,7 @@ NNA_GenerateAuthEF(NTP_Packet *packet, NTP_PacketInfo *info, SIV_Instance siv,
                    plaintext, plaintext_length, ciphertext, ciphertext_length)) {
     DEBUG_LOG("SIV encrypt failed");
     info->length = assoc_length;
+    info->ext_fields--;
     return 0;
   }
 

diff --git a/test/unit/nts_ntp_auth.c b/test/unit/nts_ntp_auth.c
index 207ebeb5a0459f24f723dbbbbdd5d0059b3c6f2b..c3a743228cb531adeaf94c2cf289b2fe660ea9e8 100644 (file)
--- a/test/unit/nts_ntp_auth.c
+++ b/test/unit/nts_ntp_auth.c
@@ -87,11 +87,13 @@ test_unit(void)
         r = NNA_GenerateAuthEF(&packet, &info, siv, nonce, SIV_GetMinNonceLength(siv) - 1,
                                plaintext, plaintext_length, 0);
         TEST_CHECK(!r);
+        TEST_CHECK(info.ext_fields == 0);
       }
       if (SIV_GetMaxNonceLength(siv) <= sizeof (nonce)) {
         r = NNA_GenerateAuthEF(&packet, &info, siv, nonce, SIV_GetMaxNonceLength(siv) - 1,
                                plaintext, plaintext_length, 0);
         TEST_CHECK(!r);
+        TEST_CHECK(info.ext_fields == 0);
       }
       r = NNA_GenerateAuthEF(&packet, &info, siv, nonce, nonce_length, plaintext,
                              plaintext_length, sizeof (packet) - info.length + 1);