summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2013-10-31 04:45:11 +0100
committerMatthias Schiffer <mschiffer@universe-factory.net>2013-10-31 04:45:11 +0100
commitcfc057a7e8ea858ee286d8f49a8899d4e826c779 (patch)
tree58c972b635e6d39b9f736fcfa53c9aaec83bdde4 /src
parent738fbdecdccd5667b66fa1f48eeaa1c91dd854da (diff)
downloadfastd-cfc057a7e8ea858ee286d8f49a8899d4e826c779.tar
fastd-cfc057a7e8ea858ee286d8f49a8899d4e826c779.zip
ec25519-fhmqvc: make the new shared handshake key two hashes long (only the first half is used for now)
Diffstat (limited to 'src')
-rw-r--r--src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h2
-rw-r--r--src/protocols/ec25519_fhmqvc/handshake.c16
2 files changed, 9 insertions, 9 deletions
diff --git a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h
index 01903c8..09de925 100644
--- a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h
+++ b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h
@@ -69,7 +69,7 @@ struct fastd_protocol_peer_state {
uint64_t last_handshake_serial;
aligned_int256_t peer_handshake_key;
aligned_int256_t sigma;
- fastd_sha256_t shared_handshake_key;
+ fastd_sha256_t shared_handshake_key[2];
fastd_sha256_t shared_handshake_key_compat;
};
diff --git a/src/protocols/ec25519_fhmqvc/handshake.c b/src/protocols/ec25519_fhmqvc/handshake.c
index a981e30..ac676a5 100644
--- a/src/protocols/ec25519_fhmqvc/handshake.c
+++ b/src/protocols/ec25519_fhmqvc/handshake.c
@@ -204,7 +204,7 @@ static bool update_shared_handshake_key(fastd_context_t *ctx, const fastd_peer_t
peer_handshake_key,
&handshake_key->key2.public,
&peer->protocol_state->sigma,
- &peer->protocol_state->shared_handshake_key,
+ peer->protocol_state->shared_handshake_key,
&peer->protocol_state->shared_handshake_key_compat))
return false;
@@ -216,7 +216,7 @@ static bool update_shared_handshake_key(fastd_context_t *ctx, const fastd_peer_t
static void clear_shared_handshake_key(fastd_context_t *ctx UNUSED, const fastd_peer_t *peer) {
memset(&peer->protocol_state->sigma, 0, sizeof(peer->protocol_state->sigma));
- memset(&peer->protocol_state->shared_handshake_key, 0, sizeof(peer->protocol_state->shared_handshake_key));
+ memset(peer->protocol_state->shared_handshake_key, 0, sizeof(peer->protocol_state->shared_handshake_key));
memset(&peer->protocol_state->shared_handshake_key_compat, 0, sizeof(peer->protocol_state->shared_handshake_key_compat));
peer->protocol_state->last_handshake_serial = 0;
@@ -245,7 +245,7 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock,
}
uint8_t *mac = fastd_handshake_add_zero(ctx, &buffer, RECORD_TLV_MAC, HASHBYTES);
- fastd_hmacsha256(&hmacbuf, peer->protocol_state->shared_handshake_key.w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer));
+ fastd_hmacsha256(&hmacbuf, peer->protocol_state->shared_handshake_key[0].w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer));
memcpy(mac, hmacbuf.b, HASHBYTES);
fastd_send_handshake(ctx, sock, local_addr, remote_addr, peer, buffer);
@@ -256,14 +256,14 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f
pr_debug(ctx, "finishing handshake with %P[%I]...", peer, remote_addr);
aligned_int256_t sigma;
- fastd_sha256_t shared_handshake_key, shared_handshake_key_compat;
+ fastd_sha256_t shared_handshake_key[2], shared_handshake_key_compat;
if (!make_shared_handshake_key(ctx, handshake_key, true,
&ctx->conf->protocol_config->key.public,
&peer->protocol_config->public_key,
&handshake_key->key1.public,
peer_handshake_key,
&sigma,
- &shared_handshake_key,
+ shared_handshake_key,
&shared_handshake_key_compat))
return;
@@ -273,7 +273,7 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f
memcpy(mac, handshake->records[RECORD_TLV_MAC].data, HASHBYTES);
memset(handshake->records[RECORD_TLV_MAC].data, 0, HASHBYTES);
- valid = fastd_hmacsha256_verify(mac, shared_handshake_key.w, handshake->tlv_data, handshake->tlv_len);
+ valid = fastd_hmacsha256_verify(mac, shared_handshake_key[0].w, handshake->tlv_data, handshake->tlv_len);
}
else {
valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key_compat.w, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL);
@@ -298,7 +298,7 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f
if (secure_handshake(handshake)) {
fastd_sha256_t hmacbuf;
uint8_t *mac = fastd_handshake_add_zero(ctx, &buffer, RECORD_TLV_MAC, HASHBYTES);
- fastd_hmacsha256(&hmacbuf, shared_handshake_key.w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer));
+ fastd_hmacsha256(&hmacbuf, shared_handshake_key[0].w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer));
memcpy(mac, hmacbuf.b, HASHBYTES);
}
else {
@@ -324,7 +324,7 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock,
memcpy(mac, handshake->records[RECORD_TLV_MAC].data, HASHBYTES);
memset(handshake->records[RECORD_TLV_MAC].data, 0, HASHBYTES);
- valid = fastd_hmacsha256_verify(mac, peer->protocol_state->shared_handshake_key.w, handshake->tlv_data, handshake->tlv_len);
+ valid = fastd_hmacsha256_verify(mac, peer->protocol_state->shared_handshake_key[2].w, handshake->tlv_data, handshake->tlv_len);
}
else {
valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, peer->protocol_state->shared_handshake_key_compat.w, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL);