diff options
author | Matthias Schiffer <mschiffer@universe-factory.net> | 2013-10-31 04:45:11 +0100 |
---|---|---|
committer | Matthias Schiffer <mschiffer@universe-factory.net> | 2013-10-31 04:45:11 +0100 |
commit | cfc057a7e8ea858ee286d8f49a8899d4e826c779 (patch) | |
tree | 58c972b635e6d39b9f736fcfa53c9aaec83bdde4 /src | |
parent | 738fbdecdccd5667b66fa1f48eeaa1c91dd854da (diff) | |
download | fastd-cfc057a7e8ea858ee286d8f49a8899d4e826c779.tar fastd-cfc057a7e8ea858ee286d8f49a8899d4e826c779.zip |
ec25519-fhmqvc: make the new shared handshake key two hashes long (only the first half is used for now)
Diffstat (limited to 'src')
-rw-r--r-- | src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h | 2 | ||||
-rw-r--r-- | src/protocols/ec25519_fhmqvc/handshake.c | 16 |
2 files changed, 9 insertions, 9 deletions
diff --git a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h index 01903c8..09de925 100644 --- a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h +++ b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h @@ -69,7 +69,7 @@ struct fastd_protocol_peer_state { uint64_t last_handshake_serial; aligned_int256_t peer_handshake_key; aligned_int256_t sigma; - fastd_sha256_t shared_handshake_key; + fastd_sha256_t shared_handshake_key[2]; fastd_sha256_t shared_handshake_key_compat; }; diff --git a/src/protocols/ec25519_fhmqvc/handshake.c b/src/protocols/ec25519_fhmqvc/handshake.c index a981e30..ac676a5 100644 --- a/src/protocols/ec25519_fhmqvc/handshake.c +++ b/src/protocols/ec25519_fhmqvc/handshake.c @@ -204,7 +204,7 @@ static bool update_shared_handshake_key(fastd_context_t *ctx, const fastd_peer_t peer_handshake_key, &handshake_key->key2.public, &peer->protocol_state->sigma, - &peer->protocol_state->shared_handshake_key, + peer->protocol_state->shared_handshake_key, &peer->protocol_state->shared_handshake_key_compat)) return false; @@ -216,7 +216,7 @@ static bool update_shared_handshake_key(fastd_context_t *ctx, const fastd_peer_t static void clear_shared_handshake_key(fastd_context_t *ctx UNUSED, const fastd_peer_t *peer) { memset(&peer->protocol_state->sigma, 0, sizeof(peer->protocol_state->sigma)); - memset(&peer->protocol_state->shared_handshake_key, 0, sizeof(peer->protocol_state->shared_handshake_key)); + memset(peer->protocol_state->shared_handshake_key, 0, sizeof(peer->protocol_state->shared_handshake_key)); memset(&peer->protocol_state->shared_handshake_key_compat, 0, sizeof(peer->protocol_state->shared_handshake_key_compat)); peer->protocol_state->last_handshake_serial = 0; @@ -245,7 +245,7 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock, } uint8_t *mac = fastd_handshake_add_zero(ctx, &buffer, RECORD_TLV_MAC, HASHBYTES); - fastd_hmacsha256(&hmacbuf, peer->protocol_state->shared_handshake_key.w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer)); + fastd_hmacsha256(&hmacbuf, peer->protocol_state->shared_handshake_key[0].w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer)); memcpy(mac, hmacbuf.b, HASHBYTES); fastd_send_handshake(ctx, sock, local_addr, remote_addr, peer, buffer); @@ -256,14 +256,14 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f pr_debug(ctx, "finishing handshake with %P[%I]...", peer, remote_addr); aligned_int256_t sigma; - fastd_sha256_t shared_handshake_key, shared_handshake_key_compat; + fastd_sha256_t shared_handshake_key[2], shared_handshake_key_compat; if (!make_shared_handshake_key(ctx, handshake_key, true, &ctx->conf->protocol_config->key.public, &peer->protocol_config->public_key, &handshake_key->key1.public, peer_handshake_key, &sigma, - &shared_handshake_key, + shared_handshake_key, &shared_handshake_key_compat)) return; @@ -273,7 +273,7 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f memcpy(mac, handshake->records[RECORD_TLV_MAC].data, HASHBYTES); memset(handshake->records[RECORD_TLV_MAC].data, 0, HASHBYTES); - valid = fastd_hmacsha256_verify(mac, shared_handshake_key.w, handshake->tlv_data, handshake->tlv_len); + valid = fastd_hmacsha256_verify(mac, shared_handshake_key[0].w, handshake->tlv_data, handshake->tlv_len); } else { valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key_compat.w, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL); @@ -298,7 +298,7 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f if (secure_handshake(handshake)) { fastd_sha256_t hmacbuf; uint8_t *mac = fastd_handshake_add_zero(ctx, &buffer, RECORD_TLV_MAC, HASHBYTES); - fastd_hmacsha256(&hmacbuf, shared_handshake_key.w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer)); + fastd_hmacsha256(&hmacbuf, shared_handshake_key[0].w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer)); memcpy(mac, hmacbuf.b, HASHBYTES); } else { @@ -324,7 +324,7 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, memcpy(mac, handshake->records[RECORD_TLV_MAC].data, HASHBYTES); memset(handshake->records[RECORD_TLV_MAC].data, 0, HASHBYTES); - valid = fastd_hmacsha256_verify(mac, peer->protocol_state->shared_handshake_key.w, handshake->tlv_data, handshake->tlv_len); + valid = fastd_hmacsha256_verify(mac, peer->protocol_state->shared_handshake_key[2].w, handshake->tlv_data, handshake->tlv_len); } else { valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, peer->protocol_state->shared_handshake_key_compat.w, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL); |