/* -*-c-*-
- *
- * $Id$
*
* Key exchange protocol
*
* (c) 2001 Straylight/Edgeware
*/
-/*----- Licensing notice --------------------------------------------------*
+/*----- Licensing notice --------------------------------------------------*
*
* This file is part of Trivial IP Encryption (TrIPE).
*
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
- *
+ *
* TrIPE is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with TrIPE; if not, write to the Free Software Foundation,
* Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
* %$r_A = g^{\rho_A}$% Alice's challenge
* %$c_A = H(\cookie{cookie}, r_A)$% Alice's cookie
* %$v_A = \rho_A \xor H(\cookie{expected-reply}, a, r_A, r_B, b^{\rho_A})$%
- * Alice's challenge check value
+ * Alice's challenge check value
* %$r_B^\alpha = a^{\rho_B}$% Alice's reply
* %$K = r_B^{\rho_A} = r_B^{\rho_A} = g^{\rho_A\rho_B}$%
- * Alice and Bob's shared secret key
+ * Alice and Bob's shared secret key
* %$w_A = H(\cookie{switch-request}, c_A, c_B)$%
- * Alice's switch request value
+ * Alice's switch request value
* %$u_A = H(\cookie{switch-confirm}, c_A, c_B)$%
- * Alice's switch confirm value
+ * Alice's switch confirm value
*
* The messages are then:
*
*
* %$\cookie{kx-switch-ok}, E_K(u_A))$%
* Switch received. Committed; send data; move to @KXS_SWITCH@.
- */
+ */
/*----- Tunable parameters ------------------------------------------------*/
/* --- Discard a packet with an invalid cookie --- */
if (hc && memcmp(hc, kx->hc, algs.hashsz) != 0) {
- a_warn("KX", "?PEER", "incorrect", "cookie", A_END);
+ a_warn("KX", "?PEER", kx->p, "incorrect", "cookie", A_END);
goto bad;
}
goto badcheck;
/* --- Fill in a new challenge block --- */
-
+
kxc = kxc_new(kx);
G_COPY(gg, kxc->c, c);
G_COPY(gg, kxc->r, r);
G_DESTROY(gg, cc);
G_DESTROY(gg, r);
mp_drop(cv);
- return (0);
+ return (0);
}
/* --- @dochallenge@ --- *
kx->r[0] = kxc;
kx->nr = 1;
kxc_stoptimer(kxc);
- ksl_link(kx->ks, kxc->ks);
+ ksl_link(kx->ks, kxc->ks);
}
/* --- @doreply@ --- *
if (BLEFT(b)) {
a_warn("KX", "?PEER", kx->p, "invalid", "reply", A_END);
goto bad;
- }
+ }
if (kx->s == KXS_CHAL) {
commit(kx, kxc);
kx->s = KXS_COMMIT;
checkresponse(kx, KX_SWITCH, b))
goto bad;
if ((hswrq = buf_get(b, algs.hashsz)) == 0 || BLEFT(b)) {
- a_warn("KX", "?PEER", "invalid", "switch-rq", A_END);
+ a_warn("KX", "?PEER", kx->p, "invalid", "switch-rq", A_END);
goto bad;
}
IF_TRACING(T_KEYEXCH, {
if (decryptrest(kx, kxc, KX_SWITCHOK, b))
goto bad;
if ((hswok = buf_get(b, algs.hashsz)) == 0 || BLEFT(b)) {
- a_warn("KX", "?PEER", "invalid", "switch-ok", A_END);
+ a_warn("KX", "?PEER", kx->p, "invalid", "switch-ok", A_END);
goto bad;
}
IF_TRACING(T_KEYEXCH, {
return (0);
bad:
- return (-1);
+ return (-1);
}
/*----- Main code ---------------------------------------------------------*/