summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2015-01-09 16:28:15 +0100
committerMatthias Schiffer <mschiffer@universe-factory.net>2015-01-09 16:28:54 +0100
commit7286aff2c39a52ab9a92a815dd54d21dd7ed6871 (patch)
tree33785f5858daff9b4c5de502058cc4a7c0e87296 /src
parentb3dc95b4bef3bbc106b8812daebe4b980e8908cf (diff)
downloadfastd-7286aff2c39a52ab9a92a815dd54d21dd7ed6871.tar
fastd-7286aff2c39a52ab9a92a815dd54d21dd7ed6871.zip
Move protocol-specific TLV specifications to main handshake record enum
Diffstat (limited to 'src')
-rw-r--r--src/handshake.c10
-rw-r--r--src/handshake.h10
-rw-r--r--src/protocols/ec25519_fhmqvc/handshake.c36
3 files changed, 15 insertions, 41 deletions
diff --git a/src/handshake.c b/src/handshake.c
index 9b2c955..f66282c 100644
--- a/src/handshake.c
+++ b/src/handshake.c
@@ -44,11 +44,11 @@ static const char *const RECORD_TYPES[RECORD_MAX] = {
"flags",
"mode",
"protocol name",
- "(protocol specific 1)",
- "(protocol specific 2)",
- "(protocol specific 3)",
- "(protocol specific 4)",
- "(protocol specific 5)",
+ "sender public key",
+ "recipient public key",
+ "sender ephemeral public key",
+ "recipient ephemeral public key",
+ "compat handshake authentication tag",
"MTU",
"method name",
"version name",
diff --git a/src/handshake.h b/src/handshake.h
index a704782..8d5795c 100644
--- a/src/handshake.h
+++ b/src/handshake.h
@@ -47,11 +47,11 @@ typedef enum fastd_handshake_record_type {
RECORD_FLAGS, /**< The flags field */
RECORD_MODE, /**< The mode field */
RECORD_PROTOCOL_NAME, /**< The handshake protocol */
- RECORD_PROTOCOL1, /**< Protocol-specific value 1 */
- RECORD_PROTOCOL2, /**< Protocol-specific value 2 */
- RECORD_PROTOCOL3, /**< Protocol-specific value 3 */
- RECORD_PROTOCOL4, /**< Protocol-specific value 4 */
- RECORD_PROTOCOL5, /**< Protocol-specific value 5 */
+ RECORD_SENDER_KEY, /**< Sender public key */
+ RECORD_RECIPIENT_KEY, /**< Recipient public key */
+ RECORD_SENDER_HANDSHAKE_KEY, /**< Sender ephemeral public key */
+ RECORD_RECIPIENT_HANDSHAKE_KEY, /**< Recipient ephemeral public key */
+ RECORD_HANDSHAKE_TAG, /**< pre-v11 compat handshake authentication tag */
RECORD_MTU, /**< MTU field */
RECORD_METHOD_NAME, /**< The default/chosen method */
RECORD_VERSION_NAME, /**< The fastd version */
diff --git a/src/protocols/ec25519_fhmqvc/handshake.c b/src/protocols/ec25519_fhmqvc/handshake.c
index 02df2ee..ee93e7a 100644
--- a/src/protocols/ec25519_fhmqvc/handshake.c
+++ b/src/protocols/ec25519_fhmqvc/handshake.c
@@ -49,32 +49,6 @@
#endif
-/** TLV field: sender public key */
-#define RECORD_SENDER_KEY RECORD_PROTOCOL1
-
-/** TLV field: recipient public key */
-#define RECORD_RECIPIENT_KEY RECORD_PROTOCOL2
-
-/** TLV field: sender ephemeral public key */
-#define RECORD_SENDER_HANDSHAKE_KEY RECORD_PROTOCOL3
-
-/** TLV field: recipient ephemeral public key */
-#define RECORD_RECIPIENT_HANDSHAKE_KEY RECORD_PROTOCOL4
-
-/**
- TLV field: pre-v11 compat handshake MAC
-
- The pre-v11 handshake protocol only secured the four key fields
- of the handshake with a MAC, which allowed manipulation of other fields like
- the method list; it was replaced by the RECORD_TLV_MAC field in the new
- handshake protocol.
-
- In pre-v11 compat mode fastd ("secure handshakes no") will include both the old and the new
- record in the handshake.
-*/
-#define RECORD_T RECORD_PROTOCOL5
-
-
/** Derives a key of arbitraty length from the shared key material after a handshake using the HKDF algorithm */
static void derive_key(fastd_sha256_t *out, size_t blocks, const uint32_t *salt, const char *method_name,
const aligned_int256_t *A, const aligned_int256_t *B, const aligned_int256_t *X, const aligned_int256_t *Y,
@@ -331,7 +305,7 @@ static void respond_handshake(const fastd_socket_t *sock, const fastd_peer_addre
if (!conf.secure_handshakes) {
fastd_hmacsha256_blocks(&hmacbuf, peer->protocol_state->shared_handshake_key_compat.w, conf.protocol_config->key.public.u32, handshake_key->key.public.u32, NULL);
- fastd_handshake_add(&buffer, RECORD_T, HASHBYTES, hmacbuf.b);
+ fastd_handshake_add(&buffer, RECORD_HANDSHAKE_TAG, HASHBYTES, hmacbuf.b);
}
uint8_t *mac = fastd_handshake_add_zero(&buffer, RECORD_TLV_MAC, HASHBYTES);
@@ -367,7 +341,7 @@ static void finish_handshake(fastd_socket_t *sock, const fastd_peer_address_t *l
valid = fastd_hmacsha256_verify(mac, shared_handshake_key.w, handshake->tlv_data, handshake->tlv_len);
}
else {
- valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key_compat.w, peer->key->key.u32, peer_handshake_key->u32, NULL);
+ valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_HANDSHAKE_TAG].data, shared_handshake_key_compat.w, peer->key->key.u32, peer_handshake_key->u32, NULL);
}
if (!valid) {
@@ -395,7 +369,7 @@ static void finish_handshake(fastd_socket_t *sock, const fastd_peer_address_t *l
else {
fastd_sha256_t hmacbuf;
fastd_hmacsha256_blocks(&hmacbuf, shared_handshake_key_compat.w, conf.protocol_config->key.public.u32, handshake_key->key.public.u32, NULL);
- fastd_handshake_add(&buffer, RECORD_T, HASHBYTES, hmacbuf.b);
+ fastd_handshake_add(&buffer, RECORD_HANDSHAKE_TAG, HASHBYTES, hmacbuf.b);
}
fastd_send_handshake(sock, local_addr, remote_addr, peer, buffer.buffer);
@@ -421,7 +395,7 @@ static void handle_finish_handshake(fastd_socket_t *sock, const fastd_peer_addre
valid = fastd_hmacsha256_verify(mac, peer->protocol_state->shared_handshake_key.w, handshake->tlv_data, handshake->tlv_len);
}
else {
- valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, peer->protocol_state->shared_handshake_key_compat.w, peer->key->key.u32, peer_handshake_key->u32, NULL);
+ valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_HANDSHAKE_TAG].data, peer->protocol_state->shared_handshake_key_compat.w, peer->key->key.u32, peer_handshake_key->u32, NULL);
}
if (!valid) {
@@ -726,7 +700,7 @@ void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_socket_t *sock, const
}
if (!secure_handshake(handshake)) {
- if (conf.secure_handshakes || !has_field(handshake, RECORD_T, HASHBYTES)) {
+ if (conf.secure_handshakes || !has_field(handshake, RECORD_HANDSHAKE_TAG, HASHBYTES)) {
pr_debug("received handshake reply without HMAC from %P[%I]", peer, remote_addr);
return;
}