Merge pull request #35 from trombik/bugfix-upstream

bugfix: merge fixes in upstream
trombik · Nov 13, 2022 · 0687400 · 0687400
2 parents b3d4493 + 3cd8506
commit 0687400
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/src/wireguard.c b/src/wireguard.c
@@ -35,6 +35,7 @@
 #include <stdbool.h>
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h>
 
 #include "crypto.h"
 #include <esp_log.h>
@@ -322,7 +323,10 @@ bool wireguard_check_replay(struct wireguard_keypair *keypair, uint64_t seq) {
 	// Adapted from code in Appendix C at https://tools.ietf.org/html/rfc2401
 	uint32_t diff;
 	bool result = false;
-	size_t ReplayWindowSize = sizeof(keypair->replay_bitmap); // 32 bits
+	size_t ReplayWindowSize = sizeof(keypair->replay_bitmap) * CHAR_BIT; // 32 bits
+
+	// WireGuard data packet counter starts from 0 but algorithm expects packet numbers to start from 1
+	seq++;
 
 	if (seq != 0) {
 		if (seq > keypair->replay_counter) {