ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/global.h
(Generate patch)

Comparing gvpe/src/global.h (file contents):
Revision 1.31 by root, Fri Jul 19 18:18:27 2013 UTC vs.
Revision 1.36 by root, Wed Mar 30 04:02:45 2016 UTC

46#define hashbits_EVP_sha512 512 46#define hashbits_EVP_sha512 512
47#define hashbits_EVP_whirlpool 512 47#define hashbits_EVP_whirlpool 512
48 48
49#define KEY_BITS(cipher) keybits_ ## cipher 49#define KEY_BITS(cipher) keybits_ ## cipher
50#define KEY_SIZE(cipher) (KEY_BITS (cipher) >> 3) 50#define KEY_SIZE(cipher) (KEY_BITS (cipher) >> 3)
51#define keybits_EVP_bf_cbc 128 // actually 32-448 51//#define keybits_EVP_bf_ctr 128 // actually 32-448
52#define keybits_EVP_aes_128_cbc 128 52#define keybits_EVP_aes_128_ctr 128
53#define keybits_EVP_aes_192_cbc 192 53#define keybits_EVP_aes_192_ctr 192
54#define keybits_EVP_aes_256_cbc 256 54#define keybits_EVP_aes_256_ctr 256
55 55
56#define BLOCK_BITS(cipher) blockbits_ ## cipher 56#define BLOCK_BITS(cipher) blockbits_ ## cipher
57#define BLOCK_SIZE(cipher) (BLOCK_BITS (cipher) >> 3) 57#define BLOCK_SIZE(cipher) (BLOCK_BITS (cipher) >> 3)
58#define blockbits_EVP_bf_cbc 64 58//#define blockbits_EVP_bf_ctr 64
59#define blockbits_EVP_aes_128_cbc 128 59#define blockbits_EVP_aes_128_ctr 8
60#define blockbits_EVP_aes_192_cbc 128 60#define blockbits_EVP_aes_192_ctr 8
61#define blockbits_EVP_aes_256_cbc 128 61#define blockbits_EVP_aes_256_ctr 8
62
63#define IV_BITS(cipher) ivbits_ ## cipher
64#define IV_SIZE(cipher) (IV_BITS (cipher) >> 3)
65//#define ivbits_EVP_bf_ctr 64
66#define ivbits_EVP_aes_128_ctr 128
67#define ivbits_EVP_aes_192_ctr 128
68#define ivbits_EVP_aes_256_ctr 128
62 69
63/* Protocol version. Different major versions are incompatible, 70/* Protocol version. Different major versions are incompatible,
64 * different minor versions probably are compatible ;) 71 * different minor versions probably are compatible ;)
65 */ 72 */
66 73
74#define RSA_OAEP_SIZE 41 81#define RSA_OAEP_SIZE 41
75 82
76#define HKDF_XTR_HASH EVP_sha512 83#define HKDF_XTR_HASH EVP_sha512
77#define HKDF_PRF_HASH EVP_sha256 84#define HKDF_PRF_HASH EVP_sha256
78 85
79#define HKDF_SALT 32 // how many bytes for the hkdf salt 86#define HKDF_SALT 24 // how many bytes for the hkdf salt
80 87
81#define RSA_KEYLEN (RSABITS >> 3) 88#define RSA_KEYLEN (RSABITS >> 3)
82 89
83#define AUTH_DIGEST ENABLE_AUTH 90#define AUTH_DIGEST ENABLE_AUTH
84#define AUTH_SIZE (HASH_SIZE (AUTH_DIGEST)) 91#define AUTH_SIZE (HASH_SIZE (AUTH_DIGEST))
85#define AUTH_TTL 12 // challenge bytes timeout after n seconds of non-use 92#define AUTH_TTL 12 // challenge bytes timeout after n seconds of non-use
86 93
87#define CIPHER ENABLE_CIPHER 94#define CIPHER ENABLE_CIPHER
88#define CIPHER_KEYSIZE (KEY_SIZE (CIPHER)) 95#define CIPHER_KEYSIZE (KEY_SIZE (CIPHER))
89#define CIPHER_IKMSIZE CIPHER_KEYSIZE * 2 // randomness in rsa challenge 96#define CIPHER_IKMSIZE (CIPHER_KEYSIZE * 3 / 2) // randomness in rsa challenge
90 97
91#define MAC_DIGEST ENABLE_HMAC 98#define MAC_DIGEST ENABLE_HMAC
92#define MAC_KEYSIZE HASH_SIZE (ENABLE_HMAC) // number of bits used for the HMAC key 99#define MAC_KEYSIZE HASH_SIZE (ENABLE_HMAC) // number of bits used for the HMAC key
93#define MAC_IKMSIZE MAC_KEYSIZE * 2 // randomness in rsa challenge 100#define MAC_IKMSIZE (MAC_KEYSIZE * 3 / 2) // randomness in rsa challenge
94 101
95#define WINDOWSIZE 512 // sliding window size 102#define WINDOWSIZE 65536 // sliding window size
96#define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8) 103#define MAX_SEQNO (0xfffffff0U - WINDOWSIZE * 8)
97 104
98// hdr seq len hmac MAC MAC 105// hdr seq len hmac MAC MAC
99#define VPE_OVERHEAD (4 + 4 + 4 + RAND_SIZE + HMACLENGTH - 6 - 6) 106#define VPE_OVERHEAD (4 + 4 + 4 + HMACLENGTH - 6 - 6)
100#define IP_OVERHEAD 20 // size of a (normal) ip header 107#define IP_OVERHEAD 20 // size of a (normal) ip header
101#define GRE_OVERHEAD (IP_OVERHEAD + 4) 108#define GRE_OVERHEAD (IP_OVERHEAD + 4)
102#define ICMP_OVERHEAD (IP_OVERHEAD + 4) 109#define ICMP_OVERHEAD (IP_OVERHEAD + 4)
103#define UDP_OVERHEAD (IP_OVERHEAD + 20) // size of a (normal) ip + udp header (wrong, but don't care) 110#define UDP_OVERHEAD (IP_OVERHEAD + 20) // size of a (normal) ip + udp header (wrong, but don't care)
104#define TCP_OVERHEAD (IP_OVERHEAD + 22) // size of a (normal) ip + tcp header + packetlength 111#define TCP_OVERHEAD (IP_OVERHEAD + 22) // size of a (normal) ip + tcp header + packetlength
105#define MAX_OVERHEAD UDP_OVERHEAD // the max. overhead of any protocol (ok, tcp doesn't count) 112#define MAX_OVERHEAD UDP_OVERHEAD // the max. overhead of any protocol (ok, tcp doesn't count)
106#define ETH_OVERHEAD 14 // the size of an ethernet header 113#define ETH_OVERHEAD 14 // the size of an ethernet header
107#define MAXSIZE (MAX_MTU + VPE_OVERHEAD) // slightly too large, but who cares 114#define MAXSIZE (MAX_MTU + IP_OVERHEAD) // slightly too large, but who cares
108 115
109#define PKTCACHESIZE 16 // the size of the memory pool for packets 116#define PKTCACHESIZE 128 // the size of the memory pool for packets
110 117
111extern char *confbase; // directory in which all config files are 118extern char *confbase; // directory in which all config files are
112extern char *thisnode; // config for current node (TODO: remove) 119extern char *thisnode; // config for current node (TODO: remove)
113 120
114template<typename T, typename U> static inline T min (T a, U b) { return a < (T)b ? a : (T)b; } 121template<typename T, typename U> static inline T min (T a, U b) { return a < (T)b ? a : (T)b; }

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines