… | |
… | |
74 | #define RSA_OAEP_SIZE 41 |
74 | #define RSA_OAEP_SIZE 41 |
75 | |
75 | |
76 | #define HKDF_XTR_HASH EVP_sha512 |
76 | #define HKDF_XTR_HASH EVP_sha512 |
77 | #define HKDF_PRF_HASH EVP_sha256 |
77 | #define HKDF_PRF_HASH EVP_sha256 |
78 | |
78 | |
79 | #define HKDF_SALT 32 // how many bytes for the hkdf salt |
79 | #define HKDF_SALT 24 // how many bytes for the hkdf salt |
80 | |
80 | |
81 | #define RSA_KEYLEN (RSABITS >> 3) |
81 | #define RSA_KEYLEN (RSABITS >> 3) |
82 | |
82 | |
83 | #define AUTH_DIGEST ENABLE_AUTH |
83 | #define AUTH_DIGEST ENABLE_AUTH |
84 | #define AUTH_SIZE (HASH_SIZE (AUTH_DIGEST)) |
84 | #define AUTH_SIZE (HASH_SIZE (AUTH_DIGEST)) |
85 | #define AUTH_TTL 12 // challenge bytes timeout after n seconds of non-use |
85 | #define AUTH_TTL 12 // challenge bytes timeout after n seconds of non-use |
86 | |
86 | |
87 | #define CIPHER ENABLE_CIPHER |
87 | #define CIPHER ENABLE_CIPHER |
88 | #define CIPHER_KEYSIZE (KEY_SIZE (CIPHER)) |
88 | #define CIPHER_KEYSIZE (KEY_SIZE (CIPHER)) |
89 | #define CIPHER_IKMSIZE CIPHER_KEYSIZE * 2 // randomness in rsa challenge |
89 | #define CIPHER_IKMSIZE (CIPHER_KEYSIZE * 3 / 2) // randomness in rsa challenge |
90 | |
90 | |
91 | #define MAC_DIGEST ENABLE_HMAC |
91 | #define MAC_DIGEST ENABLE_HMAC |
92 | #define MAC_KEYSIZE HASH_SIZE (ENABLE_HMAC) // number of bits used for the HMAC key |
92 | #define MAC_KEYSIZE HASH_SIZE (ENABLE_HMAC) // number of bits used for the HMAC key |
93 | #define MAC_IKMSIZE MAC_KEYSIZE * 2 // randomness in rsa challenge |
93 | #define MAC_IKMSIZE (MAC_KEYSIZE * 3 / 2) // randomness in rsa challenge |
94 | |
94 | |
95 | #define WINDOWSIZE 512 // sliding window size |
95 | #define WINDOWSIZE 512 // sliding window size |
96 | #define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8) |
96 | #define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8) |
97 | |
97 | |
98 | // hdr seq len hmac MAC MAC |
98 | // hdr seq len hmac MAC MAC |