From 658c83870a254340a777f8ebca48c87dd98c73d6 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Wed, 30 Oct 2013 22:35:17 +0100 Subject: ec25519-fhmqvc: add secure_handshake helper function --- src/protocols/ec25519_fhmqvc/handshake.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/protocols/ec25519_fhmqvc/handshake.c b/src/protocols/ec25519_fhmqvc/handshake.c index 80be735..d1592d6 100644 --- a/src/protocols/ec25519_fhmqvc/handshake.c +++ b/src/protocols/ec25519_fhmqvc/handshake.c @@ -236,6 +236,10 @@ static inline bool has_field(const fastd_handshake_t *handshake, uint8_t type, s return (handshake->records[type].length == length); } +static inline bool secure_handshake(const fastd_handshake_t *handshake) { + return has_field(handshake, RECORD_TLV_MAC, HASHBYTES); +} + static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, fastd_peer_t *peer, const handshake_key_t *handshake_key, const aligned_int256_t *peer_handshake_key, const fastd_handshake_t *handshake, const char *method) { pr_debug(ctx, "finishing handshake with %P[%I]...", peer, remote_addr); @@ -290,7 +294,7 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f NULL); bool valid; - if (has_field(handshake, RECORD_TLV_MAC, HASHBYTES)) { + if (secure_handshake(handshake)) { uint8_t mac[HASHBYTES]; memcpy(mac, handshake->records[RECORD_TLV_MAC].data, HASHBYTES); memset(handshake->records[RECORD_TLV_MAC].data, 0, HASHBYTES); @@ -341,7 +345,7 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, return; bool valid; - if (has_field(handshake, RECORD_TLV_MAC, HASHBYTES)) { + if (secure_handshake(handshake)) { uint8_t mac[HASHBYTES]; memcpy(mac, handshake->records[RECORD_TLV_MAC].data, HASHBYTES); memset(handshake->records[RECORD_TLV_MAC].data, 0, HASHBYTES); @@ -578,7 +582,7 @@ void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_context_t *ctx, fastd_ return; } - if (!has_field(handshake, RECORD_TLV_MAC, HASHBYTES)) { + if (!secure_handshake(handshake)) { if (ctx->conf->secure_handshakes || !has_field(handshake, RECORD_T, HASHBYTES)) { pr_debug(ctx, "received handshake reply without HMAC from %P[%I]", peer, remote_addr); return; -- cgit v1.2.3