ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/global.h
(Generate patch)

Comparing gvpe/src/global.h (file contents):
Revision 1.26 by root, Sat Jul 13 04:10:29 2013 UTC vs.
Revision 1.34 by root, Thu Jan 29 00:21:39 2015 UTC

34 34
35#include "config.h" 35#include "config.h"
36 36
37#include <time.h> 37#include <time.h>
38 38
39#define HASH_BITS(hash) hashbits_ ## hash
40#define HASH_SIZE(hash) (HASH_BITS (hash) >> 3)
41#define hashbits_EVP_ripemd160 160
42#define hashbits_EVP_sha1 160
43#define hashbits_EVP_sha224 224
44#define hashbits_EVP_sha256 256
45#define hashbits_EVP_sha384 384
46#define hashbits_EVP_sha512 512
47#define hashbits_EVP_whirlpool 512
48
49#define KEY_BITS(cipher) keybits_ ## cipher
50#define KEY_SIZE(cipher) (KEY_BITS (cipher) >> 3)
51//#define keybits_EVP_bf_ctr 128 // actually 32-448
52#define keybits_EVP_aes_128_ctr 128
53#define keybits_EVP_aes_192_ctr 192
54#define keybits_EVP_aes_256_ctr 256
55
56#define BLOCK_BITS(cipher) blockbits_ ## cipher
57#define BLOCK_SIZE(cipher) (BLOCK_BITS (cipher) >> 3)
58//#define blockbits_EVP_bf_ctr 64
59#define blockbits_EVP_aes_128_ctr 8
60#define blockbits_EVP_aes_192_ctr 8
61#define blockbits_EVP_aes_256_ctr 8
62
63#define IV_BITS(cipher) ivbits_ ## cipher
64#define IV_SIZE(cipher) (IV_BITS (cipher) >> 3)
65//#define ivbits_EVP_bf_ctr 64
66#define ivbits_EVP_aes_128_ctr 128
67#define ivbits_EVP_aes_192_ctr 128
68#define ivbits_EVP_aes_256_ctr 128
69
39/* Protocol version. Different major versions are incompatible, 70/* Protocol version. Different major versions are incompatible,
40 * different minor versions probably are compatible ;) 71 * different minor versions probably are compatible ;)
41 */ 72 */
42 73
43#define PROTOCOL_MAJOR 0 74#define PROTOCOL_MAJOR 1
44#define PROTOCOL_MINOR 1 75#define PROTOCOL_MINOR 0
76
77#define SERIAL_SIZE 16
45 78
46#define SEED_SIZE 64 // how many octets to seed rng with 79#define SEED_SIZE 64 // how many octets to seed rng with
47 80
48#define RSA_KEYBITS 1280 // must be >= 1280 and divisible by 8 81#define RSA_OAEP_SIZE 41
49#define RSA_KEYLEN ((RSA_KEYBITS) >> 3)
50#define RSA_OVERHEAD (41 + 1) // well, no define for OAEP in openssl
51 82
52#define RSA_HASH EVP_ripemd160 ()// speed don't matter, boy, safety does.. I need sha256 :( 83#define HKDF_XTR_HASH EVP_sha512
53#define RSA_HASHLEN (160 >> 3) 84#define HKDF_PRF_HASH EVP_sha256
54#define RSA_RESLEN RSA_HASHLEN
55 85
56#define RSA_IDLEN 16 // how many bytes are used to identify the challenge 86#define HKDF_SALT 24 // how many bytes for the hkdf salt
57#define RSA_TTL 120 // challenge bytes timeout after n seconds
58 87
88#define RSA_KEYLEN (RSABITS >> 3)
89
90#define AUTH_DIGEST ENABLE_AUTH
91#define AUTH_SIZE (HASH_SIZE (AUTH_DIGEST))
92#define AUTH_TTL 12 // challenge bytes timeout after n seconds of non-use
93
59#define CIPHER ENABLE_CIPHER () 94#define CIPHER ENABLE_CIPHER
60#define CIPHER_KEYLEN (EVP_CIPHER_key_length (CIPHER)) 95#define CIPHER_KEYSIZE (KEY_SIZE (CIPHER))
61#define DIGEST ENABLE_DIGEST () 96#define CIPHER_IKMSIZE (CIPHER_KEYSIZE * 3 / 2) // randomness in rsa challenge
97
98#define MAC_DIGEST ENABLE_HMAC
62#define HMAC_KEYLEN (256 >> 3) // number of bits used for the HMAC key 99#define MAC_KEYSIZE HASH_SIZE (ENABLE_HMAC) // number of bits used for the HMAC key
100#define MAC_IKMSIZE (MAC_KEYSIZE * 3 / 2) // randomness in rsa challenge
63 101
64#define WINDOWSIZE 512 // sliding window size 102#define WINDOWSIZE 512 // sliding window size
65#define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8) 103#define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8)
66 104
67#define CHG_SEQNO 0 // where the seqno starts within the rsa challenge
68#define CHG_CIPHER_KEY (CHG_SEQNO + 4) // where the key starts within the rsa challenge
69//#define CHG_HMAC_KEY (CHG_CIPHER_KEY + CIPHER_KEYLEN) // where the key starts within the rsa challenge
70#define CHG_HMAC_KEY 86 // where the key starts within the rsa challenge
71// 872 rsa bits used
72
73// hdr seq len hmac MAC MAC 105// hdr seq len hmac MAC MAC
74#define VPE_OVERHEAD (4 + 4 + 4 + RAND_SIZE + HMACLENGTH - 6 - 6) 106#define VPE_OVERHEAD (4 + 4 + 4 + HMACLENGTH - 6 - 6)
75#define IP_OVERHEAD 20 // size of a (normal) ip header 107#define IP_OVERHEAD 20 // size of a (normal) ip header
76#define GRE_OVERHEAD (IP_OVERHEAD + 4) 108#define GRE_OVERHEAD (IP_OVERHEAD + 4)
77#define ICMP_OVERHEAD (IP_OVERHEAD + 4) 109#define ICMP_OVERHEAD (IP_OVERHEAD + 4)
78#define UDP_OVERHEAD (IP_OVERHEAD + 20) // size of a (normal) ip + udp header (wrong, but don't care) 110#define UDP_OVERHEAD (IP_OVERHEAD + 20) // size of a (normal) ip + udp header (wrong, but don't care)
79#define TCP_OVERHEAD (IP_OVERHEAD + 22) // size of a (normal) ip + tcp header + packetlength 111#define TCP_OVERHEAD (IP_OVERHEAD + 22) // size of a (normal) ip + tcp header + packetlength
80#define MAX_OVERHEAD UDP_OVERHEAD // the max. overhead of any protocol (ok, tcp doesn't count) 112#define MAX_OVERHEAD UDP_OVERHEAD // the max. overhead of any protocol (ok, tcp doesn't count)
81#define ETH_OVERHEAD 14 // the size of an ethernet header 113#define ETH_OVERHEAD 14 // the size of an ethernet header
82#define MAXSIZE (MAX_MTU + VPE_OVERHEAD) // slightly too large, but who cares 114#define MAXSIZE (MAX_MTU + IP_OVERHEAD) // slightly too large, but who cares
83 115
84#define PKTCACHESIZE 16 // the size of the memory pool for packets 116#define PKTCACHESIZE 16 // the size of the memory pool for packets
85 117
86extern char *confbase; // directory in which all config files are 118extern char *confbase; // directory in which all config files are
87extern char *thisnode; // config for current node (TODO: remove) 119extern char *thisnode; // config for current node (TODO: remove)

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines