payload_check *payload_struc;
int encrypted;
int decrypted;
int payload_size;
bool v5;
int v6;
unsigned int v7;
int i;
int v9;
int v10;
unsigned int v11;
int v12;
signed int return_value;
payload_struc = this;
return_value = 0;
if ( payload_struc )
{
encrypted = payload_struc->payload_encrypted;
decrypted = payload_struc->payload_decrypted;
payload_size = payload_struc->size;
if ( encrypted & decrypted & payload_struc->size > 832u)
{
v7 = (unsigned int)payload_size >> 2;
memcpy((void *)decrypted, (const void *)encrypted, 4 * v7);
memcpy((void *)(decrypted + 4 * v7), (const void *)(encrypted + 4 * v7),
payload_struc->size & 3);
/* decrypt encrypted payload */
v5 = rsa_validation_rc4_decryption(
Modulus_,
Exponent,
payload_struc->payload_decrypted + payload_struc->size - 512,
payload_struc->payload_decrypted,
payload_struc->size - 512);
if (v5 ) {
/* succesful signature validation */
memset((void *)(payload_struc->size + payload_struc->payload_decrypted
- 512), 0, 0x200u);
/* copy the first 64 bytes (size of the payload header) of the decrypted
payload */
memcpy(payload_struc->decrypted_header, (const void *)
payload_struc->payload_decrypted,
sizeof(payload_struc->decrypted_header));
return_value = 1;
}
else /* signature validation check fails*/
{
v10 = payload_struc->size;
v11 = (unsigned int)payload_struc->size >> 2;
v12 = payload_struc->payload_decrypted;
memset((void *)v12, 0, 4 * v11); /* zero out decrypted content */
v9 = v12 + 4 * v11;
for ( i = v10 & 3; i; --i )
*(_BYTE *)v9++ = v5;
}
}
}
return return_value;
}
SOURCE
LISTING 16: TCP payload check and header