privatize message.padding

crypto/CryptoAuth.c

@@ -186,7 +186,7 @@ static inline Gcc_USE_RET int decryptRndNonce(const uint8_t nonce[24],
     if (msg->length < 16) {
         return -1;
     }
-    Assert_true(msg->padding >= 16);
+    Assert_true(Message_getPadding(msg) >= 16);
     uint8_t* startAt = msg->bytes - 16;
     uint8_t paddingSpace[16];
     Bits_memcpy(paddingSpace, startAt, 16);
@@ -216,7 +216,7 @@ static inline void encryptRndNonce(const uint8_t nonce[24],
                                    struct Message* msg,
                                    const uint8_t secret[32])
 {
-    Assert_true(msg->padding >= 32);
+    Assert_true(Message_getPadding(msg) >= 32);
     uint8_t* startAt = msg->bytes - 32;
     // This function trashes 16 bytes of the padding so we will put it back
     uint8_t paddingSpace[16];
@@ -512,7 +512,7 @@ static int encryptPacket(struct CryptoAuth_Session_pvt* session, struct Message*
     }
 
     Assert_true(msg->length > 0 && "Empty packet during handshake");
-    Assert_true(msg->padding >= 36 || !"not enough padding");
+    Assert_true(Message_getPadding(msg) >= 36 || !"not enough padding");
 
     encrypt(session->nextNonce, msg, session->sharedSecret, session->isInitiator);
 
@@ -836,7 +836,7 @@ static enum CryptoAuth_DecryptErr decryptPacket(struct CryptoAuth_Session_pvt* s
         cryptoAuthDebug0(session, "DROP runt");
         return CryptoAuth_DecryptErr_RUNT;
     }
-    Assert_true(msg->padding >= 12 || "need at least 12 bytes of padding in incoming message");
+    Assert_true(Message_getPadding(msg) >= 12 || "need at least 12 bytes of padding in incoming message");
     Assert_true(!((uintptr_t)msg->bytes % 4) || !"alignment fault");
     Assert_true(!(Message_getCapacity(msg) % 4) || !"length fault");
 

crypto/test/CryptoAuth_randnonce_test.c

@@ -32,8 +32,9 @@ static void encryptRndNonceTest()
     uint8_t secret[32];
     Bits_memset(secret, 0, 32);
 
-    struct Message m = { .bytes=&buff[32], .length=HELLOWORLDLEN, .padding=32};
-    CString_strcpy((char*) m.bytes, HELLOWORLDLOWER);
+    struct Message m = Message_foreign(44, buff);
+    Er_assert(Message_epop(&m, NULL, 44));
+    Er_assert(Message_epush(&m, HELLOWORLDLOWER, CString_strlen(HELLOWORLDLOWER)+1));
 
     CryptoAuth_encryptRndNonce(nonce, &m, secret);
 

subnode/LinkState.h

@@ -42,12 +42,12 @@ static inline int LinkState_encode(
     // Only encode the message if there is at least 255 bytes of headspace
     // We can then encode as many as possible and finally pop one which spills over the
     // size limit and then encode it again in the next message.
-    if (msg->padding < 255) { return 1; }
+    if (Message_getPadding(msg) < 255) { return 1; }
 
     struct VarInt_Iter iter = {
         .ptr = msg->bytes,
         .end = msg->bytes,
-        .start = &msg->bytes[-msg->padding]
+        .start = &msg->bytes[-Message_getPadding(msg)]
     };
 
     // Take the newest X entries where X = MIN(ls->samples - lastSamples, LinkState_SLOTS)

test/TestFramework.c

@@ -178,7 +178,7 @@ void TestFramework_assertLastMessageUnaltered(struct TestFramework* tf)
     struct Message* a = tf->lastMsg;
     struct Message* b = tf->lastMsgBackup;
     Assert_true(a->length == b->length);
-    Assert_true(a->padding == b->padding);
+    Assert_true(Message_getPadding(a) == Message_getPadding(b));
     Assert_true(!Bits_memcmp(a->bytes, b->bytes, a->length));
 }
 

wire/Announce.h

@@ -331,7 +331,7 @@ static inline struct Announce_ItemHeader* Announce_ItemHeader_next(struct Messag
 {
     struct Announce_ItemHeader* ih = (struct Announce_ItemHeader*) last;
     if (ih) {
-        Assert_true((uint8_t*)ih > &msg->bytes[-msg->padding]);
+        Assert_true((uint8_t*)ih > &msg->bytes[-Message_getPadding(msg)]);
         Assert_true((uint8_t*)ih < &msg->bytes[msg->length]);
         ih = (struct Announce_ItemHeader*) ( &((uint8_t*) ih)[ih->length] );
     } else {

wire/Message.c

@@ -25,7 +25,7 @@ struct Message* Message_new(uint32_t messageLength,
     out->_adLen = 0;
     out->bytes = &buff[amountOfPadding];
     out->length = out->_capacity = messageLength;
-    out->padding = amountOfPadding;
+    out->_padding = amountOfPadding;
     out->_alloc = alloc;
     return out;
 }
@@ -55,16 +55,16 @@ int Message_getAssociatedFd(struct Message* msg)
 struct Message* Message_clone(struct Message* toClone, struct Allocator* alloc)
 {
     Assert_true(toClone->_capacity >= toClone->length);
-    int32_t len = toClone->_capacity + toClone->padding + toClone->_adLen;
+    int32_t len = toClone->_capacity + toClone->_padding + toClone->_adLen;
     uint8_t* allocation = Allocator_malloc(alloc, len + 8);
-    while (((uintptr_t)allocation % 8) != (((uintptr_t)toClone->bytes - toClone->padding - toClone->_adLen) % 8)) {
+    while (((uintptr_t)allocation % 8) != (((uintptr_t)toClone->bytes - toClone->_padding - toClone->_adLen) % 8)) {
         allocation++;
     }
-    Bits_memcpy(allocation, toClone->bytes - toClone->padding - toClone->_adLen, len);
+    Bits_memcpy(allocation, toClone->bytes - toClone->_padding - toClone->_adLen, len);
     return Allocator_clone(alloc, (&(struct Message) {
         .length = toClone->length,
-        .padding = toClone->padding,
-        .bytes = allocation + toClone->_adLen + toClone->padding,
+        ._padding = toClone->_padding,
+        .bytes = allocation + toClone->_adLen + toClone->_padding,
         ._ad = allocation + toClone->_adLen,
         ._adLen = toClone->_adLen,
         ._capacity = toClone->_capacity,

wire/Message.h

@@ -30,7 +30,7 @@ typedef struct Message
     int32_t length;
 
     /** The number of bytes of padding BEFORE where bytes begins. */
-    int32_t padding;
+    int32_t _padding;
 
     /** The content. */
     uint8_t* bytes;
@@ -65,6 +65,11 @@ static inline struct Allocator* Message_getAlloc(struct Message* msg)
     return msg->_alloc;
 }
 
+static inline uint32_t Message_getPadding(struct Message* msg)
+{
+    return msg->_padding;
+}
+
 static inline uint32_t Message_getCapacity(struct Message* msg)
 {
     return msg->_capacity;
@@ -96,7 +101,7 @@ struct Message* Message_clone(struct Message* toClone, struct Allocator* alloc);
  */
 static inline Er_DEFUN(void Message_eshift(struct Message* toShift, int32_t amount))
 {
-    if (amount > 0 && toShift->padding < amount) {
+    if (amount > 0 && toShift->_padding < amount) {
         Er_raise(toShift->_alloc, "buffer overflow adding %d to length %d",
             amount, toShift->length);
     } else if (toShift->length < (-amount)) {
@@ -106,7 +111,7 @@ static inline Er_DEFUN(void Message_eshift(struct Message* toShift, int32_t amou
     toShift->length += amount;
     toShift->_capacity += amount;
     toShift->bytes -= amount;
-    toShift->padding -= amount;
+    toShift->_padding -= amount;
 
     Er_ret();
 }
@@ -115,7 +120,7 @@ static inline Er_DEFUN(void Message_epushAd(struct Message* restrict msg,
                                             const void* restrict object,
                                             size_t size))
 {
-    if (msg->padding < (int)size) {
+    if (msg->_padding < (int)size) {
         Er_raise(msg->_alloc, "not enough padding to push ad");
     }
     if (object) {
@@ -124,7 +129,7 @@ static inline Er_DEFUN(void Message_epushAd(struct Message* restrict msg,
         Bits_memset(msg->_ad, 0x00, size);
     }
     msg->_adLen += size;
-    msg->padding -= size;
+    msg->_padding -= size;
     msg->_ad = &msg->_ad[size];
     Er_ret();
 }
@@ -137,7 +142,7 @@ static inline Er_DEFUN(void Message_epopAd(struct Message* restrict msg,
         Er_raise(msg->_alloc, "underflow, cannot pop ad");
     }
     msg->_adLen -= size;
-    msg->padding += size;
+    msg->_padding += size;
     msg->_ad = &msg->_ad[-((int)size)];
     if (object) {
         Bits_memcpy(object, msg->_ad, size);