… | |
… | |
69 | |
69 | |
70 | #define SERIAL_SIZE 16 |
70 | #define SERIAL_SIZE 16 |
71 | |
71 | |
72 | #define SEED_SIZE 64 // how many octets to seed rng with |
72 | #define SEED_SIZE 64 // how many octets to seed rng with |
73 | |
73 | |
|
|
74 | #define RSA_OAEP_SIZE 41 |
|
|
75 | |
74 | #define HKDF_XTR_HASH EVP_sha512 |
76 | #define HKDF_XTR_HASH EVP_sha512 |
75 | #define HKDF_PRF_HASH EVP_sha256 |
77 | #define HKDF_PRF_HASH EVP_sha256 |
76 | |
78 | |
77 | #define HKDF_SALT 32 |
79 | #define HKDF_SALT 24 // how many bytes for the hkdf salt |
78 | |
80 | |
79 | #define RSA_KEYLEN (RSABITS >> 3) |
81 | #define RSA_KEYLEN (RSABITS >> 3) |
80 | |
82 | |
81 | #define AUTH_DIGEST ENABLE_AUTH |
83 | #define AUTH_DIGEST ENABLE_AUTH |
82 | #define AUTH_SIZE (HASH_SIZE (AUTH_DIGEST)) |
84 | #define AUTH_SIZE (HASH_SIZE (AUTH_DIGEST)) |
83 | #define AUTH_TTL 12 // challenge bytes timeout after n seconds of non-use |
85 | #define AUTH_TTL 12 // challenge bytes timeout after n seconds of non-use |
84 | |
86 | |
85 | #define CIPHER ENABLE_CIPHER |
87 | #define CIPHER ENABLE_CIPHER |
86 | #define CIPHER_KEYSIZE (KEY_SIZE (CIPHER)) |
88 | #define CIPHER_KEYSIZE (KEY_SIZE (CIPHER)) |
|
|
89 | #define CIPHER_IKMSIZE (CIPHER_KEYSIZE * 3 / 2) // randomness in rsa challenge |
87 | |
90 | |
88 | #define MAC_DIGEST ENABLE_HMAC |
91 | #define MAC_DIGEST ENABLE_HMAC |
89 | #define MAC_KEYSIZE HASH_SIZE (ENABLE_HMAC) // number of bits used for the HMAC key |
92 | #define MAC_KEYSIZE HASH_SIZE (ENABLE_HMAC) // number of bits used for the HMAC key |
|
|
93 | #define MAC_IKMSIZE (MAC_KEYSIZE * 3 / 2) // randomness in rsa challenge |
90 | |
94 | |
91 | #define WINDOWSIZE 512 // sliding window size |
95 | #define WINDOWSIZE 512 // sliding window size |
92 | #define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8) |
96 | #define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8) |
93 | |
97 | |
94 | // hdr seq len hmac MAC MAC |
98 | // hdr seq len hmac MAC MAC |