ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/global.h
(Generate patch)

Comparing gvpe/src/global.h (file contents):
Revision 1.26 by root, Sat Jul 13 04:10:29 2013 UTC vs.
Revision 1.29 by root, Thu Jul 18 13:35:16 2013 UTC

34 34
35#include "config.h" 35#include "config.h"
36 36
37#include <time.h> 37#include <time.h>
38 38
39#define HASH_BITS(hash) hashbits_ ## hash
40#define HASH_SIZE(hash) (HASH_BITS (hash) >> 3)
41#define hashbits_EVP_ripemd160 160
42#define hashbits_EVP_sha1 160
43#define hashbits_EVP_sha224 224
44#define hashbits_EVP_sha256 256
45#define hashbits_EVP_sha384 384
46#define hashbits_EVP_sha512 512
47#define hashbits_EVP_whirlpool 512
48
49#define KEY_BITS(cipher) keybits_ ## cipher
50#define KEY_SIZE(cipher) (KEY_BITS (cipher) >> 3)
51#define keybits_EVP_bf_cbc 128 // actually 32-448
52#define keybits_EVP_aes_128_cbc 128
53#define keybits_EVP_aes_192_cbc 192
54#define keybits_EVP_aes_256_cbc 256
55
56#define BLOCK_BITS(cipher) blockbits_ ## cipher
57#define BLOCK_SIZE(cipher) (BLOCK_BITS (cipher) >> 3)
58#define blockbits_EVP_bf_cbc 64
59#define blockbits_EVP_aes_128_cbc 128
60#define blockbits_EVP_aes_192_cbc 128
61#define blockbits_EVP_aes_256_cbc 128
62
39/* Protocol version. Different major versions are incompatible, 63/* Protocol version. Different major versions are incompatible,
40 * different minor versions probably are compatible ;) 64 * different minor versions probably are compatible ;)
41 */ 65 */
42 66
43#define PROTOCOL_MAJOR 0 67#define PROTOCOL_MAJOR 1
44#define PROTOCOL_MINOR 1 68#define PROTOCOL_MINOR 0
45 69
46#define SEED_SIZE 64 // how many octets to seed rng with 70#define SEED_SIZE 64 // how many octets to seed rng with
47 71
48#define RSA_KEYBITS 1280 // must be >= 1280 and divisible by 8 72#define HKDF_XTR_HASH EVP_sha512
49#define RSA_KEYLEN ((RSA_KEYBITS) >> 3) 73#define HKDF_PRF_HASH EVP_sha256
50#define RSA_OVERHEAD (41 + 1) // well, no define for OAEP in openssl
51 74
52#define RSA_HASH EVP_ripemd160 ()// speed don't matter, boy, safety does.. I need sha256 :( 75#define HKDF_SALT 32
53#define RSA_HASHLEN (160 >> 3)
54#define RSA_RESLEN RSA_HASHLEN
55 76
56#define RSA_IDLEN 16 // how many bytes are used to identify the challenge 77#define RSA_KEYLEN (RSABITS >> 3)
57#define RSA_TTL 120 // challenge bytes timeout after n seconds
58 78
79#define AUTH_DIGEST ENABLE_AUTH
80#define AUTH_SIZE (HASH_SIZE (AUTH_DIGEST))
81#define AUTH_TTL 12 // challenge bytes timeout after n seconds of non-use
82
59#define CIPHER ENABLE_CIPHER () 83#define CIPHER ENABLE_CIPHER
60#define CIPHER_KEYLEN (EVP_CIPHER_key_length (CIPHER)) 84#define CIPHER_KEYSIZE (KEY_SIZE (CIPHER))
61#define DIGEST ENABLE_DIGEST () 85
86#define MAC_DIGEST ENABLE_HMAC
62#define HMAC_KEYLEN (256 >> 3) // number of bits used for the HMAC key 87#define MAC_KEYSIZE HASH_SIZE (ENABLE_HMAC) // number of bits used for the HMAC key
63 88
64#define WINDOWSIZE 512 // sliding window size 89#define WINDOWSIZE 512 // sliding window size
65#define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8) 90#define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8)
66
67#define CHG_SEQNO 0 // where the seqno starts within the rsa challenge
68#define CHG_CIPHER_KEY (CHG_SEQNO + 4) // where the key starts within the rsa challenge
69//#define CHG_HMAC_KEY (CHG_CIPHER_KEY + CIPHER_KEYLEN) // where the key starts within the rsa challenge
70#define CHG_HMAC_KEY 86 // where the key starts within the rsa challenge
71// 872 rsa bits used
72 91
73// hdr seq len hmac MAC MAC 92// hdr seq len hmac MAC MAC
74#define VPE_OVERHEAD (4 + 4 + 4 + RAND_SIZE + HMACLENGTH - 6 - 6) 93#define VPE_OVERHEAD (4 + 4 + 4 + RAND_SIZE + HMACLENGTH - 6 - 6)
75#define IP_OVERHEAD 20 // size of a (normal) ip header 94#define IP_OVERHEAD 20 // size of a (normal) ip header
76#define GRE_OVERHEAD (IP_OVERHEAD + 4) 95#define GRE_OVERHEAD (IP_OVERHEAD + 4)

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines