ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
(Generate patch)

Comparing gvpe/src/connection.C (file contents):
Revision 1.98 by root, Tue Jul 16 16:44:36 2013 UTC vs.
Revision 1.99 by root, Wed Jul 17 04:36:03 2013 UTC

118 118
119 { 119 {
120 u8 mac_key[MAC_KEYSIZE]; 120 u8 mac_key[MAC_KEYSIZE];
121 static const unsigned char mac_info[] = "gvpe mac key"; 121 static const unsigned char mac_info[] = "gvpe mac key";
122 122
123 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt)); 123 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt), HKDF_XTR_HASH ());
124 kdf.extract (auth2.rsa.ikm, sizeof (auth2.rsa.ikm)); 124 kdf.extract (auth2.rsa.ikm, sizeof (auth2.rsa.ikm));
125 kdf.extract (auth1.rsa.mac_key, sizeof (auth1.rsa.mac_key)); 125 kdf.extract (auth1.rsa.mac_key, sizeof (auth1.rsa.mac_key));
126 kdf.extract (s, sizeof (s)); 126 kdf.extract (s, sizeof (s));
127 kdf.extract_done (); 127 kdf.extract_done (HKDF_PRF_HASH ());
128 kdf.expand (mac_key, sizeof (mac_key), mac_info, sizeof (mac_info)); 128 kdf.expand (mac_key, sizeof (mac_key), mac_info, sizeof (mac_info));
129 129
130 HMAC_CTX_init (&hctx); 130 HMAC_CTX_init (&hctx);
131 require (HMAC_Init_ex (&hctx, mac_key, MAC_KEYSIZE, MAC_DIGEST (), 0)); 131 require (HMAC_Init_ex (&hctx, mac_key, MAC_KEYSIZE, MAC_DIGEST (), 0));
132 } 132 }
133 133
134 { 134 {
135 u8 cipher_key[CIPHER_KEYSIZE]; 135 u8 cipher_key[CIPHER_KEYSIZE];
136 static const unsigned char cipher_info[] = "gvpe cipher key"; 136 static const unsigned char cipher_info[] = "gvpe cipher key";
137 137
138 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt)); 138 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt), HKDF_XTR_HASH ());
139 kdf.extract (auth2.rsa.ikm, sizeof (auth2.rsa.ikm)); 139 kdf.extract (auth2.rsa.ikm, sizeof (auth2.rsa.ikm));
140 kdf.extract (auth1.rsa.cipher_key, sizeof (auth1.rsa.cipher_key)); 140 kdf.extract (auth1.rsa.cipher_key, sizeof (auth1.rsa.cipher_key));
141 kdf.extract (s, sizeof (s)); 141 kdf.extract (s, sizeof (s));
142 kdf.extract_done (); 142 kdf.extract_done (HKDF_PRF_HASH ());
143 kdf.expand (cipher_key, sizeof (cipher_key), cipher_info, sizeof (cipher_info)); 143 kdf.expand (cipher_key, sizeof (cipher_key), cipher_info, sizeof (cipher_info));
144 144
145 EVP_CIPHER_CTX_init (&cctx); 145 EVP_CIPHER_CTX_init (&cctx);
146 require (EVP_CipherInit_ex (&cctx, CIPHER (), 0, cipher_key, 0, enc)); 146 require (EVP_CipherInit_ex (&cctx, CIPHER (), 0, cipher_key, 0, enc));
147 } 147 }
193connection::generate_auth_data () 193connection::generate_auth_data ()
194{ 194{
195 if (auth_expire < ev_now ()) 195 if (auth_expire < ev_now ())
196 { 196 {
197 // request data 197 // request data
198 RAND_pseudo_bytes ((unsigned char *)&snd_auth.rsa, sizeof snd_auth.rsa); 198 RAND_bytes ((unsigned char *)&snd_auth.rsa, sizeof snd_auth.rsa);
199 curve25519_generate (snd_ecdh_a, snd_auth.ecdh); 199 curve25519_generate (snd_ecdh_a, snd_auth.ecdh);
200 auth_hash (snd_auth, snd_auth_mac); 200 auth_hash (snd_auth, snd_auth_mac);
201 201
202 // eventual response data 202 // eventual response data
203 curve25519_generate (rcv_ecdh_a, rcv_ecdh_b); 203 curve25519_generate (rcv_ecdh_a, rcv_ecdh_b);
458 u32 seqno; 458 u32 seqno;
459 } datahdr; 459 } datahdr;
460 460
461 datahdr.seqno = ntohl (seqno); 461 datahdr.seqno = ntohl (seqno);
462#if RAND_SIZE 462#if RAND_SIZE
463 RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE); 463 RAND_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE);
464#endif 464#endif
465 465
466 require (EVP_EncryptUpdate (cctx, 466 require (EVP_EncryptUpdate (cctx,
467 (unsigned char *) data + outl, &outl2, 467 (unsigned char *) data + outl, &outl2,
468 (unsigned char *) &datahdr, DATAHDR)); 468 (unsigned char *) &datahdr, DATAHDR));

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines