/* Fill nonce */
ottery_rand_bytes (nonce, sizeof (guint64) + sizeof (guint32));
ts = (guint32)rspamd_get_calendar_ticks ();
+ ts = GUINT32_TO_LE (ts);
memcpy (nonce + sizeof (guint64) + sizeof (guint32), &ts, sizeof (ts));
/* Prepare padded cookie */
* ```
* @param {string} secret_key secret key as a hex string (must be 16 bytes in raw or 32 in hex)
* @param {string} encrypted_cookie encrypted cookie as a base64 encoded string
- * @return {string} decrypted value of the cookie
+ * @return {string+number} decrypted value of the cookie and the cookie timestamp
*/
static gint
lua_cryptobox_decrypt_cookie (lua_State *L)
guchar nonce[RSPAMD_CRYPTOBOX_AES_BLOCKSIZE];
guchar aes_key[RSPAMD_CRYPTOBOX_AES_KEYSIZE];
guchar *src;
+ guint32 ts;
const gchar *sk, *cookie;
gsize sklen, cookie_len;
EVP_EncryptInit_ex (ctx, EVP_aes_128_ecb (), NULL, aes_key, NULL);
EVP_CIPHER_CTX_set_padding (ctx, 0);
+ /* Copy time */
+ memcpy (&ts, nonce + sizeof (guint64) + sizeof (guint32), sizeof (ts));
+ ts = GUINT32_FROM_LE (ts);
bklen = sizeof (nonce);
blk = nonce;
g_assert (EVP_EncryptUpdate (ctx, blk, &bklen, src,
if (src[RSPAMD_CRYPTOBOX_AES_BLOCKSIZE * 2 - 1] != '\0') {
/* Bad cookie */
lua_pushnil (L);
+ lua_pushnil (L);
}
else {
lua_pushstring (L, src + sizeof (nonce));
+ lua_pushnumber (L, ts);
}
rspamd_explicit_memzero (src, RSPAMD_CRYPTOBOX_AES_BLOCKSIZE * 2);
return luaL_error (L, "invalid arguments");
}
- return 1;
+ return 2;
}
static gint
projects / thirdparty / rspamd.git / commitdiff
