… | |
… | |
48 | #include "hkdf.h" |
48 | #include "hkdf.h" |
49 | |
49 | |
50 | #include "netcompat.h" |
50 | #include "netcompat.h" |
51 | |
51 | |
52 | #define MAGIC "gvpe\xbd\xc6\xdb\x82" // 8 bytes of magic |
52 | #define MAGIC "gvpe\xbd\xc6\xdb\x82" // 8 bytes of magic |
|
|
53 | #define MAGIC "PORN\xbd\xc6\xdb\x82" // 8 bytes of magic//D |
53 | |
54 | |
54 | #define ULTRA_FAST 1 |
55 | #define ULTRA_FAST 1 |
55 | #define HLOG 15 |
56 | #define HLOG 15 |
56 | #include "lzf/lzf.h" |
57 | #include "lzf/lzf.h" |
57 | #include "lzf/lzf_c.c" |
58 | #include "lzf/lzf_c.c" |
… | |
… | |
196 | connection::generate_auth_data () |
197 | connection::generate_auth_data () |
197 | { |
198 | { |
198 | if (auth_expire < ev_now ()) |
199 | if (auth_expire < ev_now ()) |
199 | { |
200 | { |
200 | // request data |
201 | // request data |
201 | RAND_bytes ((unsigned char *)&snd_auth.rsa, sizeof snd_auth.rsa); |
202 | rand_fill (snd_auth.rsa); |
202 | curve25519_generate (snd_ecdh_a, snd_auth.ecdh); |
203 | curve25519_generate (snd_ecdh_a, snd_auth.ecdh); |
203 | auth_hash (snd_auth, snd_auth_mac); |
204 | auth_hash (snd_auth, snd_auth_mac); |
204 | |
205 | |
205 | // eventual response data |
206 | // eventual response data |
206 | curve25519_generate (rcv_ecdh_a, rcv_ecdh_b); |
207 | curve25519_generate (rcv_ecdh_a, rcv_ecdh_b); |
… | |
… | |
461 | u32 seqno; |
462 | u32 seqno; |
462 | } datahdr; |
463 | } datahdr; |
463 | |
464 | |
464 | datahdr.seqno = ntohl (seqno); |
465 | datahdr.seqno = ntohl (seqno); |
465 | #if RAND_SIZE |
466 | #if RAND_SIZE |
466 | RAND_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE); |
467 | require (RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE) >= 0); |
467 | #endif |
468 | #endif |
468 | |
469 | |
469 | require (EVP_EncryptUpdate (cctx, |
470 | require (EVP_EncryptUpdate (cctx, |
470 | (unsigned char *) data + outl, &outl2, |
471 | (unsigned char *) data + outl, &outl2, |
471 | (unsigned char *) &datahdr, DATAHDR)); |
472 | (unsigned char *) &datahdr, DATAHDR)); |
… | |
… | |
502 | |
503 | |
503 | if (type == PT_DATA_COMPRESSED) |
504 | if (type == PT_DATA_COMPRESSED) |
504 | d = cdata; |
505 | d = cdata; |
505 | else |
506 | else |
506 | #endif |
507 | #endif |
507 | d = &(*p)[6 + 6 - DATAHDR]; |
508 | d = &(*p)[6 + 6] - DATAHDR; |
508 | |
509 | |
509 | /* this overwrites part of the src mac, but we fix that later */ |
510 | // we play do evil games with the struct layout atm. |
|
|
511 | // pending better solutions, we at least do some verification. |
|
|
512 | // this is fine, as we left ISO territory long ago. |
|
|
513 | require (DATAHDR <= 16); |
|
|
514 | require ((u8 *)(&p->len + 1) == &(*p)[0]); |
|
|
515 | |
|
|
516 | // this can overwrite the len/dst/src fields |
510 | require (EVP_DecryptUpdate (cctx, |
517 | require (EVP_DecryptUpdate (cctx, |
511 | d, &outl2, |
518 | d, &outl2, |
512 | (unsigned char *)&data, len - data_hdr_size ())); |
519 | (unsigned char *)&data, len - data_hdr_size ())); |
513 | outl += outl2; |
520 | outl += outl2; |
514 | |
521 | |