X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/b4e566689f469cc1cffe99e50e16a346d0f9832d..b5c45da15703d85b506a1ea1eb38c318c3418ed3:/tripe.h diff --git a/tripe.h b/tripe.h index 5138d110..7de033d3 100644 --- a/tripe.h +++ b/tripe.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: tripe.h,v 1.19 2004/04/08 01:36:17 mdw Exp $ + * $Id: tripe.h,v 1.20 2004/04/18 18:08:11 mdw Exp $ * * Main header file for TrIPE * @@ -137,29 +137,21 @@ /*----- Cipher selections -------------------------------------------------*/ -#include -#include -#include -#include -#include +typedef struct algswitch { + const gccipher *c; /* Symmetric encryption scheme */ + const gccipher *mgf; /* Mask-generation function */ + const gchash *h; /* Hash function */ + const gcmac *m; /* Message authentication code */ + size_t hashsz; /* Hash output size */ + size_t tagsz; /* Length to truncate MAC tags */ + size_t cksz, mksz; /* Key lengths for @c@ and @m@ */ +} algswitch; -#define CIPHER (&blowfish_cbc) -#define MAC (&rmd160_hmac) +extern algswitch algs; -#define HASH_CTX rmd160_ctx -#define HASH_INIT rmd160_init -#define HASH rmd160_hash -#define HASH_STRING(c, s) HASH((c), s, sizeof(s)) -#define HASH_DONE rmd160_done -#define HASHSZ RMD160_HASHSZ +#define MAXHASHSZ 64 /* Largest possible hash size */ -#define MGF_CTX blowfish_counterctx -#define MGF_INIT blowfish_counterinit -#define MGF_CRYPT blowfish_counterencrypt - -#define SEQSZ 4 -#define IVSZ BLOWFISH_BLKSZ -#define MACSZ 10 +#define HASH_STRING(h, s) GH_HASH((h), (s), sizeof(s)) /*----- Data structures ---------------------------------------------------*/ @@ -195,6 +187,7 @@ typedef struct keyset { T( unsigned seq; ) /* Sequence number for tracing */ unsigned f; /* Various useful flags */ gcipher *cin, *cout; /* Keyset ciphers for encryption */ + size_t tagsz; /* Length to truncate MAC tags */ gmac *min, *mout; /* Keyset MACs for integrity */ uint32 oseq; /* Outbound sequence number */ uint32 iseq, iwin; /* Inbound sequence number */ @@ -224,12 +217,12 @@ typedef struct kxchal { keyset *ks; /* Pointer to temporary keyset */ unsigned f; /* Various useful flags */ sel_timer t; /* Response timer for challenge */ - octet hc[HASHSZ]; /* Hash of his challenge */ + octet hc[MAXHASHSZ]; /* Hash of his challenge */ mp *ck; /* The check value */ - octet hswrq_in[HASHSZ]; /* Inbound switch request message */ - octet hswok_in[HASHSZ]; /* Inbound switch confirmation */ - octet hswrq_out[HASHSZ]; /* Outbound switch request message */ - octet hswok_out[HASHSZ]; /* Outbound switch confirmation */ + octet hswrq_in[MAXHASHSZ]; /* Inbound switch request message */ + octet hswok_in[MAXHASHSZ]; /* Inbound switch confirmation */ + octet hswrq_out[MAXHASHSZ]; /* Outbound switch request message */ + octet hswok_out[MAXHASHSZ]; /* Outbound switch confirmation */ } kxchal; typedef struct keyexch { @@ -245,7 +238,7 @@ typedef struct keyexch { ge *rx; /* The expected response */ unsigned nr; /* Number of extant responses */ time_t t_valid; /* When this exchange goes bad */ - octet hc[HASHSZ]; /* Hash of my challenge */ + octet hc[MAXHASHSZ]; /* Hash of my challenge */ kxchal *r[KX_NCHAL]; /* Array of challenges */ } keyexch;