chiark / gitweb /
~mdw / tripe / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
server/admin.c: Publish `corked' and `mobile' flags in `peerinfo'.
[tripe] / server / chal.c
CommitLineData
37941236 1/* -*-c-*-
37941236 2 *
3 * Cryptographic challenges
4 *
5 * (c) 2005 Straylight/Edgeware
6 */
7
e04c2d50 8/*----- Licensing notice --------------------------------------------------*
37941236 9 *
10 * This file is part of Trivial IP Encryption (TrIPE).
11 *
11ad66c2
MW		 12 * TrIPE is free software: you can redistribute it and/or modify it under
13 * the terms of the GNU General Public License as published by the Free
14 * Software Foundation; either version 3 of the License, or (at your
15 * option) any later version.
e04c2d50 16 *
11ad66c2
MW		 17 * TrIPE is distributed in the hope that it will be useful, but WITHOUT
18 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
19 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
e04c2d50 21 *
37941236 22 * You should have received a copy of the GNU General Public License
11ad66c2 23 * along with TrIPE. If not, see <https://www.gnu.org/licenses/>.
37941236 24 */
25
26/*----- Header files ------------------------------------------------------*/
27
28#include "tripe.h"
29
30/*----- Static variables --------------------------------------------------*/
31
c70a7c5c 32static bulkchal *bulk;
37941236 33static uint32 oseq;
34static seqwin iseq;
35
36/*----- Main code ---------------------------------------------------------*/
37
38/* --- @c_genkey@ --- *
39 *
40 * Arguments: ---
41 *
42 * Returns: ---
43 *
44 * Use: Generates a new challenge key.
45 */
46
47static void c_genkey(void)
48{
c70a7c5c
MW		 49 if (bulk && bulk->ops == master->algs.bulk->ops && oseq < 0x07ffffff)
50 return;
51 if (bulk) bulk->ops->freechal(bulk);
52 bulk = master->algs.bulk->ops->genchal(master->algs.bulk);
53 bulk->ops = master->algs.bulk->ops;
37941236 54 oseq = 0;
55 seq_reset(&iseq);
37941236 56}
57
58/* --- @c_new@ --- *
59 *
60 * Arguments: @buf *b@ = where to put the challenge
61 *
62 * Returns: Zero if OK, nonzero on error.
63 *
64 * Use: Issues a new challenge.
65 */
66
67int c_new(buf *b)
68{
69 octet *p;
37941236 70
71 c_genkey();
72 p = BCUR(b);
c70a7c5c
MW		 73 if (buf_putu32(b, oseq++) || !buf_get(b, bulk->tagsz)) return (-1);
74 if (bulk->ops->chaltag(bulk, p, 4, p + 4)) return (-1);
37941236 75 IF_TRACING(T_CHAL, {
76 trace(T_CHAL, "chal: issuing challenge %lu", (unsigned long)(oseq - 1));
77 trace_block(T_CRYPTO, "chal: challenge block", p, BCUR(b) - p);
78 })
79 return (0);
80}
81
82/* --- @c_check@ --- *
83 *
84 * Arguments: @buf *b@ = where to find the challenge
85 *
86 * Returns: Zero if OK, nonzero if it didn't work.
87 *
88 * Use: Checks a challenge. On failure, the buffer is broken.
89 */
90
91int c_check(buf *b)
92{
93 const octet *p;
c70a7c5c 94 size_t sz;
37941236 95 uint32 seq;
37941236 96
c70a7c5c
MW		 97 if (!bulk) {
98 a_warn("CHAL", "impossible-challenge", A_END);
99 goto fail;
100 }
101 sz = 4 + bulk->tagsz;
37941236 102 if ((p = buf_get(b, sz)) == 0) {
f43df819 103 a_warn("CHAL", "invalid-challenge", A_END);
37941236 104 goto fail;
105 }
106 IF_TRACING(T_CHAL, trace_block(T_CRYPTO, "chal: check challenge", p, sz); )
c70a7c5c 107 if (bulk->ops->chalvrf(bulk, p, 4, p + 4)) {
f43df819 108 a_warn("CHAL", "incorrect-tag", A_END);
37941236 109 goto fail;
110 }
111 seq = LOAD32(p);
4416b2ef 112 if (seq_check(&iseq, seq, "CHAL"))
f43df819 113 goto fail;
37941236 114 T( trace(T_CHAL, "chal: checked challenge %lu", (unsigned long)seq); )
115 return (0);
116
117fail:
118 buf_break(b);
119 return (-1);
120}
121
122/*----- That's all, folks -------------------------------------------------*/
Trivial IP Encryption: a simple VPN