X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/56516aeb66062dd8dd5b4225a67e24096cf3fe3f..61682d3405e6b7c72ec8295fec1467333e336b65:/server/keyexch.c diff --git a/server/keyexch.c b/server/keyexch.c index 6490dd73..4280f86e 100644 --- a/server/keyexch.c +++ b/server/keyexch.c @@ -133,14 +133,14 @@ static octet *mpmask(buf *b, mp *x, size_t n, const octet *k, size_t ksz) return (0); mgf = GC_INIT(algs.mgf, k, ksz); IF_TRACING(T_KEYEXCH, IF_TRACING(T_CRYPTO, { - trace(T_CRYPTO, "masking index = %s", mpstr(x)); - trace_block(T_CRYPTO, "masking key", k, ksz); + trace(T_CRYPTO, "crypto: masking index = %s", mpstr(x)); + trace_block(T_CRYPTO, "crypto: masking key", k, ksz); })) mp_storeb(x, buf_t, n); GC_ENCRYPT(mgf, buf_t, p, n); IF_TRACING(T_KEYEXCH, IF_TRACING(T_CRYPTO, { - trace_block(T_CRYPTO, "index plaintext", buf_t, n); - trace_block(T_CRYPTO, "masked ciphertext", p, n); + trace_block(T_CRYPTO, "crypto: index plaintext", buf_t, n); + trace_block(T_CRYPTO, "crypto: masked ciphertext", p, n); })) GC_DESTROY(mgf); return (p); @@ -166,14 +166,14 @@ static mp *mpunmask(mp *d, const octet *p, size_t n, mgf = GC_INIT(algs.mgf, k, ksz); IF_TRACING(T_KEYEXCH, IF_TRACING(T_CRYPTO, { - trace_block(T_CRYPTO, "unmasking key", k, ksz); - trace_block(T_CRYPTO, "masked ciphertext", p, n); + trace_block(T_CRYPTO, "crypto: unmasking key", k, ksz); + trace_block(T_CRYPTO, "crypto: masked ciphertext", p, n); })) GC_DECRYPT(mgf, p, buf_t, n); d = mp_loadb(d, buf_t, n); IF_TRACING(T_KEYEXCH, IF_TRACING(T_CRYPTO, { - trace_block(T_CRYPTO, "index plaintext", buf_t, n); - trace(T_CRYPTO, "unmasked index = %s", mpstr(d)); + trace_block(T_CRYPTO, "crypto: index plaintext", buf_t, n); + trace(T_CRYPTO, "crypto: unmasked index = %s", mpstr(d)); })) GC_DESTROY(mgf); return (d); @@ -209,12 +209,12 @@ static const octet *hashcheck(ge *kpub, ge *cc, ge *c, ge *y) hashge(h, y); GH_DONE(h, buf_t); IF_TRACING(T_KEYEXCH, IF_TRACING(T_CRYPTO, { - trace(T_CRYPTO, "computing challenge check hash"); - trace(T_CRYPTO, "public key = %s", gestr(gg, kpub)); - trace(T_CRYPTO, "receiver challenge = %s", gestr(gg, cc)); - trace(T_CRYPTO, "sender challenge = %s", gestr(gg, c)); - trace(T_CRYPTO, "sender reply = %s", gestr(gg, y)); - trace_block(T_CRYPTO, "hash output", buf_t, algs.hashsz); + trace(T_CRYPTO, "crypto: computing challenge check hash"); + trace(T_CRYPTO, "crypto: public key = %s", gestr(gg, kpub)); + trace(T_CRYPTO, "crypto: receiver challenge = %s", gestr(gg, cc)); + trace(T_CRYPTO, "crypto: sender challenge = %s", gestr(gg, c)); + trace(T_CRYPTO, "crypto: sender reply = %s", gestr(gg, y)); + trace_block(T_CRYPTO, "crypto: hash output", buf_t, algs.hashsz); })) GH_DESTROY(h); return (buf_t); @@ -792,6 +792,7 @@ static int decryptrest(keyexch *kx, kxchal *kxc, unsigned msg, buf *b) a_warn("KX", "?PEER", kx->p, "decrypt-failed", "%s", pkname[msg], A_END); return (-1); } + if (!BOK(&bb)) return (-1); buf_init(b, BBASE(&bb), BLEN(&bb)); return (0); } @@ -1235,7 +1236,7 @@ void kx_free(keyexch *kx) void kx_newkeys(keyexch *kx) { - if (km_getpubkey(p_name(kx->p), kx->kpub, &kx->texp_kpub)) + if (km_getpubkey(p_tag(kx->p), kx->kpub, &kx->texp_kpub)) return; kx->f |= KXF_PUBKEY; if ((kx->f & KXF_DEAD) || kx->s != KXS_SWITCH) { @@ -1266,7 +1267,7 @@ int kx_init(keyexch *kx, peer *p, keyset **ks, unsigned f) kx->ks = ks; kx->p = p; kx->kpub = G_CREATE(gg); - if (km_getpubkey(p_name(p), kx->kpub, &kx->texp_kpub)) { + if (km_getpubkey(p_tag(p), kx->kpub, &kx->texp_kpub)) { G_DESTROY(gg, kx->kpub); return (-1); }