--- gvpe/src/global.h 2008/08/07 17:54:27 1.24 +++ gvpe/src/global.h 2013/07/16 16:44:36 1.27 @@ -1,6 +1,6 @@ /* global.h -- global variables and constants - Copyright (C) 2003-2008 Marc Lehmann + Copyright (C) 2003-2013 Marc Lehmann This file is part of GVPE. @@ -36,36 +36,57 @@ #include +#define HASH_BITS(hash) hashbits_ ## hash +#define HASH_SIZE(hash) (HASH_BITS (hash) >> 3) +#define hashbits_EVP_ripemd160 160 +#define hashbits_EVP_sha1 160 +#define hashbits_EVP_sha224 224 +#define hashbits_EVP_sha256 256 +#define hashbits_EVP_sha384 384 +#define hashbits_EVP_sha512 512 +#define hashbits_EVP_whirlpool 512 + +#define KEY_BITS(cipher) keybits_ ## cipher +#define KEY_SIZE(cipher) (KEY_BITS (cipher) >> 3) +#define keybits_EVP_bf_cbc 128 // actually 32-448 +#define keybits_EVP_aes_128_cbc 128 +#define keybits_EVP_aes_192_cbc 192 +#define keybits_EVP_aes_256_cbc 256 + +#define BLOCK_BITS(cipher) blockbits_ ## cipher +#define BLOCK_SIZE(cipher) (BLOCK_BITS (cipher) >> 3) +#define blockbits_EVP_bf_cbc 64 +#define blockbits_EVP_aes_128_cbc 128 +#define blockbits_EVP_aes_192_cbc 128 +#define blockbits_EVP_aes_256_cbc 128 + /* Protocol version. Different major versions are incompatible, * different minor versions probably are compatible ;) */ -#define PROTOCOL_MAJOR 0 -#define PROTOCOL_MINOR 1 +#define PROTOCOL_MAJOR 1 +#define PROTOCOL_MINOR 0 + +#define SEED_SIZE 64 // how many octets to seed rng with + +#define HKDF_SALT 32 +#define IKM_SIZE 32 + +#define RSA_KEYLEN (RSABITS >> 3) + +#define AUTH_DIGEST ENABLE_AUTH +#define AUTH_SIZE (HASH_SIZE (AUTH_DIGEST)) +#define AUTH_TTL 12 // challenge bytes timeout after n seconds of non-use -#define RSA_KEYBITS 1280 // must be >= 1280 and divisible by 8 -#define RSA_KEYLEN ((RSA_KEYBITS) >> 3) -#define RSA_OVERHEAD (41 + 1) // well, no define for OAEP in openssl - -#define RSA_HASH EVP_ripemd160 ()// speed don't matter, boy, safety does.. I need sha256 :( -#define RSA_HASHLEN (160 >> 3) -#define RSA_RESLEN RSA_HASHLEN - -#define RSA_IDLEN 16 // how many bytes are used to identify the challenge -#define RSA_TTL 120 // challenge bytes timeout after n seconds - -#define CIPHER ENABLE_CIPHER () -#define CIPHER_KEYLEN (EVP_CIPHER_key_length (CIPHER)) -#define DIGEST ENABLE_DIGEST () -#define HMAC_KEYLEN (256 >> 3) // number of bits used for the HMAC key (also change CHG_HMAC_KEY) +#define CIPHER ENABLE_CIPHER +#define CIPHER_KEYSIZE (KEY_SIZE (CIPHER)) + +#define MAC_DIGEST ENABLE_DIGEST +#define MAC_KEYSIZE HASH_SIZE (ENABLE_DIGEST) // number of bits used for the HMAC key #define WINDOWSIZE 512 // sliding window size #define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8) -#define CHG_SEQNO 0 // where the seqno starts within the rsa challenge -#define CHG_CIPHER_KEY 4 // where the key starts within the rsa challenge -#define CHG_HMAC_KEY 86 // where the key starts within the rsa challenge (256 bits at the end!) - // hdr seq len hmac MAC MAC #define VPE_OVERHEAD (4 + 4 + 4 + RAND_SIZE + HMACLENGTH - 6 - 6) #define IP_OVERHEAD 20 // size of a (normal) ip header @@ -82,5 +103,14 @@ extern char *confbase; // directory in which all config files are extern char *thisnode; // config for current node (TODO: remove) +template static inline T min (T a, U b) { return a < (T)b ? a : (T)b; } +template static inline void min_it (T &a, U b) { a = a < (T)b ? a : (T)b; } +template static inline T max (T a, U b) { return a > (T)b ? a : (T)b; } +template static inline void max_it (T &a, U b) { a = a > (T)b ? a : (T)b; } + +template static inline T clamp (T v, U a, V b) { return v < (T)a ? a : v >(T)b ? b : v; } + +template static inline void swap (T& a, U& b) { T t=a; a=(T)b; b=(U)t; } + #endif