summaryrefslogtreecommitdiffstats
path: root/src/protocols/ec25519_fhmqvc
diff options
context:
space:
mode:
Diffstat (limited to 'src/protocols/ec25519_fhmqvc')
-rw-r--r--src/protocols/ec25519_fhmqvc/handshake.c19
1 files changed, 10 insertions, 9 deletions
diff --git a/src/protocols/ec25519_fhmqvc/handshake.c b/src/protocols/ec25519_fhmqvc/handshake.c
index 742e310..9e62deb 100644
--- a/src/protocols/ec25519_fhmqvc/handshake.c
+++ b/src/protocols/ec25519_fhmqvc/handshake.c
@@ -160,9 +160,9 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock,
fastd_handshake_add(ctx, &buffer, RECORD_T, HASHBYTES, hmacbuf.b);
}
- uint8_t *hmac = fastd_handshake_add_zero(ctx, &buffer, RECORD_TLV_MAC, HASHBYTES);
+ uint8_t *mac = fastd_handshake_add_zero(ctx, &buffer, RECORD_TLV_MAC, HASHBYTES);
fastd_hmacsha256(&hmacbuf, peer->protocol_state->shared_handshake_key.w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer));
- memcpy(hmac, hmacbuf.b, HASHBYTES);
+ memcpy(mac, hmacbuf.b, HASHBYTES);
fastd_send_handshake(ctx, sock, local_addr, remote_addr, peer, buffer);
}
@@ -320,17 +320,18 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f
fastd_handshake_add(ctx, &buffer, RECORD_SENDER_HANDSHAKE_KEY, PUBLICKEYBYTES, handshake_key->key1.public.p);
fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_HANDSHAKE_KEY, PUBLICKEYBYTES, peer_handshake_key->p);
- fastd_sha256_t hmacbuf;
-
- if (!ctx->conf->secure_handshakes) {
+ if (secure_handshake(handshake)) {
+ fastd_sha256_t hmacbuf;
+ uint8_t *mac = fastd_handshake_add_zero(ctx, &buffer, RECORD_TLV_MAC, HASHBYTES);
+ fastd_hmacsha256(&hmacbuf, shared_handshake_key.w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer));
+ memcpy(mac, hmacbuf.b, HASHBYTES);
+ }
+ else {
+ fastd_sha256_t hmacbuf;
fastd_hmacsha256_blocks(&hmacbuf, shared_handshake_key.w, ctx->conf->protocol_config->key.public.p, handshake_key->key1.public.p, NULL);
fastd_handshake_add(ctx, &buffer, RECORD_T, HASHBYTES, hmacbuf.b);
}
- uint8_t *hmac = fastd_handshake_add_zero(ctx, &buffer, RECORD_TLV_MAC, HASHBYTES);
- fastd_hmacsha256(&hmacbuf, shared_handshake_key.w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer));
- memcpy(hmac, hmacbuf.b, HASHBYTES);
-
fastd_send_handshake(ctx, sock, local_addr, remote_addr, peer, buffer);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 20:46:10 +0200