From d55812cb97e464f972c25d92282788370782438d Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Sat, 19 Nov 2022 20:54:43 +0800
Subject: [PATCH] Add sanity check against cleartext messages

---
 src/encrypt.rs |  5 +++++
 src/traffic.rs | 10 ++++++++++
 2 files changed, 15 insertions(+)

diff --git a/src/encrypt.rs b/src/encrypt.rs
index d108cf3..eba4f4b 100644
--- a/src/encrypt.rs
+++ b/src/encrypt.rs
@@ -59,6 +59,11 @@ impl KeyState {
         }
     }
 
+    pub fn is_cleartext(&self) -> bool {
+        matches!(self.keys.enc, EncKey::NoCipher)
+            || matches!(self.keys.dec, DecKey::NoCipher)
+    }
+
     /// Updates with new keys, keeping the same sequence numbers
     pub fn rekey(&mut self, keys: Keys) {
         self.keys = keys
diff --git a/src/traffic.rs b/src/traffic.rs
index f480b80..ec6f93c 100644
--- a/src/traffic.rs
+++ b/src/traffic.rs
@@ -290,6 +290,16 @@ impl<'a> TrafOut<'a> {
             TxState::Write { idx, len } => (idx, len),
         };
 
+        // Sanity check
+        match p.category() {
+            packets::Category::All | packets::Category::Kex => (), // OK cleartext
+            _ => {
+                if keys.is_cleartext() {
+                    return Error::bug_msg("send cleartext")
+                }
+            }
+        }
+
         // Use the remainder of our buffer to write the packet. Payload starts
         // after the length and padding bytes which get filled by encrypt()
         let wbuf = &mut self.buf[len..];
-- 
GitLab