… | |
… | |
74 | #define RSA_OAEP_SIZE 41 |
74 | #define RSA_OAEP_SIZE 41 |
75 | |
75 | |
76 | #define HKDF_XTR_HASH EVP_sha512 |
76 | #define HKDF_XTR_HASH EVP_sha512 |
77 | #define HKDF_PRF_HASH EVP_sha256 |
77 | #define HKDF_PRF_HASH EVP_sha256 |
78 | |
78 | |
79 | #define HKDF_SALT 32 // how many bytes for the hkdf salt |
79 | #define HKDF_SALT 24 // how many bytes for the hkdf salt |
80 | |
80 | |
81 | #define RSA_KEYLEN (RSABITS >> 3) |
81 | #define RSA_KEYLEN (RSABITS >> 3) |
82 | |
82 | |
83 | #define AUTH_DIGEST ENABLE_AUTH |
83 | #define AUTH_DIGEST ENABLE_AUTH |
84 | #define AUTH_SIZE (HASH_SIZE (AUTH_DIGEST)) |
84 | #define AUTH_SIZE (HASH_SIZE (AUTH_DIGEST)) |
85 | #define AUTH_TTL 12 // challenge bytes timeout after n seconds of non-use |
85 | #define AUTH_TTL 12 // challenge bytes timeout after n seconds of non-use |
86 | |
86 | |
87 | #define CIPHER ENABLE_CIPHER |
87 | #define CIPHER ENABLE_CIPHER |
88 | #define CIPHER_KEYSIZE (KEY_SIZE (CIPHER)) |
88 | #define CIPHER_KEYSIZE (KEY_SIZE (CIPHER)) |
89 | #define CIPHER_IKMSIZE CIPHER_KEYSIZE * 2 // randomness in rsa challenge |
89 | #define CIPHER_IKMSIZE (CIPHER_KEYSIZE * 3 / 2) // randomness in rsa challenge |
90 | |
90 | |
91 | #define MAC_DIGEST ENABLE_HMAC |
91 | #define MAC_DIGEST ENABLE_HMAC |
92 | #define MAC_KEYSIZE HASH_SIZE (ENABLE_HMAC) // number of bits used for the HMAC key |
92 | #define MAC_KEYSIZE HASH_SIZE (ENABLE_HMAC) // number of bits used for the HMAC key |
93 | #define MAC_IKMSIZE MAC_KEYSIZE * 2 // randomness in rsa challenge |
93 | #define MAC_IKMSIZE (MAC_KEYSIZE * 3 / 2) // randomness in rsa challenge |
94 | |
94 | |
95 | #define WINDOWSIZE 512 // sliding window size |
95 | #define WINDOWSIZE 512 // sliding window size |
96 | #define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8) |
96 | #define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8) |
97 | |
97 | |
98 | // hdr seq len hmac MAC MAC |
98 | // hdr seq len hmac MAC MAC |
… | |
… | |
102 | #define ICMP_OVERHEAD (IP_OVERHEAD + 4) |
102 | #define ICMP_OVERHEAD (IP_OVERHEAD + 4) |
103 | #define UDP_OVERHEAD (IP_OVERHEAD + 20) // size of a (normal) ip + udp header (wrong, but don't care) |
103 | #define UDP_OVERHEAD (IP_OVERHEAD + 20) // size of a (normal) ip + udp header (wrong, but don't care) |
104 | #define TCP_OVERHEAD (IP_OVERHEAD + 22) // size of a (normal) ip + tcp header + packetlength |
104 | #define TCP_OVERHEAD (IP_OVERHEAD + 22) // size of a (normal) ip + tcp header + packetlength |
105 | #define MAX_OVERHEAD UDP_OVERHEAD // the max. overhead of any protocol (ok, tcp doesn't count) |
105 | #define MAX_OVERHEAD UDP_OVERHEAD // the max. overhead of any protocol (ok, tcp doesn't count) |
106 | #define ETH_OVERHEAD 14 // the size of an ethernet header |
106 | #define ETH_OVERHEAD 14 // the size of an ethernet header |
107 | #define MAXSIZE (MAX_MTU + VPE_OVERHEAD) // slightly too large, but who cares |
107 | #define MAXSIZE (MAX_MTU + IP_OVERHEAD) // slightly too large, but who cares |
108 | |
108 | |
109 | #define PKTCACHESIZE 16 // the size of the memory pool for packets |
109 | #define PKTCACHESIZE 16 // the size of the memory pool for packets |
110 | |
110 | |
111 | extern char *confbase; // directory in which all config files are |
111 | extern char *confbase; // directory in which all config files are |
112 | extern char *thisnode; // config for current node (TODO: remove) |
112 | extern char *thisnode; // config for current node (TODO: remove) |