1 | /* |
1 | /* |
2 | global.h -- global variables and constants |
2 | global.h -- global variables and constants |
3 | Copyright (C) 2003-2008 Marc Lehmann <gvpe@schmorp.de> |
3 | Copyright (C) 2003-2013 Marc Lehmann <gvpe@schmorp.de> |
4 | |
4 | |
5 | This file is part of GVPE. |
5 | This file is part of GVPE. |
6 | |
6 | |
7 | GVPE is free software; you can redistribute it and/or modify it |
7 | GVPE is free software; you can redistribute it and/or modify it |
8 | under the terms of the GNU General Public License as published by the |
8 | under the terms of the GNU General Public License as published by the |
… | |
… | |
41 | */ |
41 | */ |
42 | |
42 | |
43 | #define PROTOCOL_MAJOR 0 |
43 | #define PROTOCOL_MAJOR 0 |
44 | #define PROTOCOL_MINOR 1 |
44 | #define PROTOCOL_MINOR 1 |
45 | |
45 | |
|
|
46 | #define SEED_SIZE 64 // how many octets to seed rng with |
|
|
47 | |
46 | #define RSA_KEYBITS 1280 // must be >= 1280 and divisible by 8 |
48 | #define RSA_KEYBITS 1280 // must be >= 1280 and divisible by 8 |
47 | #define RSA_KEYLEN ((RSA_KEYBITS) >> 3) |
49 | #define RSA_KEYLEN ((RSA_KEYBITS) >> 3) |
48 | #define RSA_OVERHEAD (41 + 1) // well, no define for OAEP in openssl |
50 | #define RSA_OVERHEAD (41 + 1) // well, no define for OAEP in openssl |
49 | |
51 | |
50 | #define RSA_HASH EVP_ripemd160 ()// speed don't matter, boy, safety does.. I need sha256 :( |
52 | #define RSA_HASH EVP_ripemd160 ()// speed don't matter, boy, safety does.. I need sha256 :( |
… | |
… | |
55 | #define RSA_TTL 120 // challenge bytes timeout after n seconds |
57 | #define RSA_TTL 120 // challenge bytes timeout after n seconds |
56 | |
58 | |
57 | #define CIPHER ENABLE_CIPHER () |
59 | #define CIPHER ENABLE_CIPHER () |
58 | #define CIPHER_KEYLEN (EVP_CIPHER_key_length (CIPHER)) |
60 | #define CIPHER_KEYLEN (EVP_CIPHER_key_length (CIPHER)) |
59 | #define DIGEST ENABLE_DIGEST () |
61 | #define DIGEST ENABLE_DIGEST () |
60 | #define HMAC_KEYLEN (256 >> 3) // number of bits used for the HMAC key (also change CHG_HMAC_KEY) |
62 | #define HMAC_KEYLEN (256 >> 3) // number of bits used for the HMAC key |
61 | |
63 | |
62 | #define WINDOWSIZE 512 // sliding window size |
64 | #define WINDOWSIZE 512 // sliding window size |
63 | #define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8) |
65 | #define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8) |
64 | |
66 | |
65 | #define CHG_SEQNO 0 // where the seqno starts within the rsa challenge |
67 | #define CHG_SEQNO 0 // where the seqno starts within the rsa challenge |
66 | #define CHG_CIPHER_KEY 4 // where the key starts within the rsa challenge |
68 | #define CHG_CIPHER_KEY (CHG_SEQNO + 4) // where the key starts within the rsa challenge |
|
|
69 | //#define CHG_HMAC_KEY (CHG_CIPHER_KEY + CIPHER_KEYLEN) // where the key starts within the rsa challenge |
67 | #define CHG_HMAC_KEY 86 // where the key starts within the rsa challenge (256 bits at the end!) |
70 | #define CHG_HMAC_KEY 86 // where the key starts within the rsa challenge |
|
|
71 | // 872 rsa bits used |
68 | |
72 | |
69 | // hdr seq len hmac MAC MAC |
73 | // hdr seq len hmac MAC MAC |
70 | #define VPE_OVERHEAD (4 + 4 + 4 + RAND_SIZE + HMACLENGTH - 6 - 6) |
74 | #define VPE_OVERHEAD (4 + 4 + 4 + RAND_SIZE + HMACLENGTH - 6 - 6) |
71 | #define IP_OVERHEAD 20 // size of a (normal) ip header |
75 | #define IP_OVERHEAD 20 // size of a (normal) ip header |
72 | #define GRE_OVERHEAD (IP_OVERHEAD + 4) |
76 | #define GRE_OVERHEAD (IP_OVERHEAD + 4) |