From 448abc56cda93e6d424e042b245cb712b6d14938 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Thu, 31 Oct 2013 04:53:19 +0100 Subject: Revert "ec25519-fhmqvc: make the new shared handshake key two hashes long (only the first half is used for now)" This reverts commit cfc057a7e8ea858ee286d8f49a8899d4e826c779. --- src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h | 2 +- src/protocols/ec25519_fhmqvc/handshake.c | 16 ++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) (limited to 'src') diff --git a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h index 09de925..01903c8 100644 --- a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h +++ b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h @@ -69,7 +69,7 @@ struct fastd_protocol_peer_state { uint64_t last_handshake_serial; aligned_int256_t peer_handshake_key; aligned_int256_t sigma; - fastd_sha256_t shared_handshake_key[2]; + fastd_sha256_t shared_handshake_key; fastd_sha256_t shared_handshake_key_compat; }; diff --git a/src/protocols/ec25519_fhmqvc/handshake.c b/src/protocols/ec25519_fhmqvc/handshake.c index ac676a5..a981e30 100644 --- a/src/protocols/ec25519_fhmqvc/handshake.c +++ b/src/protocols/ec25519_fhmqvc/handshake.c @@ -204,7 +204,7 @@ static bool update_shared_handshake_key(fastd_context_t *ctx, const fastd_peer_t peer_handshake_key, &handshake_key->key2.public, &peer->protocol_state->sigma, - peer->protocol_state->shared_handshake_key, + &peer->protocol_state->shared_handshake_key, &peer->protocol_state->shared_handshake_key_compat)) return false; @@ -216,7 +216,7 @@ static bool update_shared_handshake_key(fastd_context_t *ctx, const fastd_peer_t static void clear_shared_handshake_key(fastd_context_t *ctx UNUSED, const fastd_peer_t *peer) { memset(&peer->protocol_state->sigma, 0, sizeof(peer->protocol_state->sigma)); - memset(peer->protocol_state->shared_handshake_key, 0, sizeof(peer->protocol_state->shared_handshake_key)); + memset(&peer->protocol_state->shared_handshake_key, 0, sizeof(peer->protocol_state->shared_handshake_key)); memset(&peer->protocol_state->shared_handshake_key_compat, 0, sizeof(peer->protocol_state->shared_handshake_key_compat)); peer->protocol_state->last_handshake_serial = 0; @@ -245,7 +245,7 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock, } uint8_t *mac = fastd_handshake_add_zero(ctx, &buffer, RECORD_TLV_MAC, HASHBYTES); - fastd_hmacsha256(&hmacbuf, peer->protocol_state->shared_handshake_key[0].w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer)); + fastd_hmacsha256(&hmacbuf, peer->protocol_state->shared_handshake_key.w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer)); memcpy(mac, hmacbuf.b, HASHBYTES); fastd_send_handshake(ctx, sock, local_addr, remote_addr, peer, buffer); @@ -256,14 +256,14 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f pr_debug(ctx, "finishing handshake with %P[%I]...", peer, remote_addr); aligned_int256_t sigma; - fastd_sha256_t shared_handshake_key[2], shared_handshake_key_compat; + fastd_sha256_t shared_handshake_key, shared_handshake_key_compat; if (!make_shared_handshake_key(ctx, handshake_key, true, &ctx->conf->protocol_config->key.public, &peer->protocol_config->public_key, &handshake_key->key1.public, peer_handshake_key, &sigma, - shared_handshake_key, + &shared_handshake_key, &shared_handshake_key_compat)) return; @@ -273,7 +273,7 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f memcpy(mac, handshake->records[RECORD_TLV_MAC].data, HASHBYTES); memset(handshake->records[RECORD_TLV_MAC].data, 0, HASHBYTES); - valid = fastd_hmacsha256_verify(mac, shared_handshake_key[0].w, handshake->tlv_data, handshake->tlv_len); + valid = fastd_hmacsha256_verify(mac, shared_handshake_key.w, handshake->tlv_data, handshake->tlv_len); } else { valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key_compat.w, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL); @@ -298,7 +298,7 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f if (secure_handshake(handshake)) { fastd_sha256_t hmacbuf; uint8_t *mac = fastd_handshake_add_zero(ctx, &buffer, RECORD_TLV_MAC, HASHBYTES); - fastd_hmacsha256(&hmacbuf, shared_handshake_key[0].w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer)); + fastd_hmacsha256(&hmacbuf, shared_handshake_key.w, fastd_handshake_tlv_data(&buffer), fastd_handshake_tlv_len(&buffer)); memcpy(mac, hmacbuf.b, HASHBYTES); } else { @@ -324,7 +324,7 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, memcpy(mac, handshake->records[RECORD_TLV_MAC].data, HASHBYTES); memset(handshake->records[RECORD_TLV_MAC].data, 0, HASHBYTES); - valid = fastd_hmacsha256_verify(mac, peer->protocol_state->shared_handshake_key[2].w, handshake->tlv_data, handshake->tlv_len); + valid = fastd_hmacsha256_verify(mac, peer->protocol_state->shared_handshake_key.w, handshake->tlv_data, handshake->tlv_len); } else { valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, peer->protocol_state->shared_handshake_key_compat.w, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL); -- cgit v1.2.3