X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/e9fac70c8cff251871c8177e7578f8ed055b7fc7..04ed79b8ad88991517755598c5e8872380ec3dde:/server/keyset.c

diff --git a/server/keyset.c b/server/keyset.c
index 3053ca8e..66a59618 100644
--- a/server/keyset.c
+++ b/server/keyset.c
@@ -201,7 +201,7 @@ static int dodecrypt(keyset *ks, unsigned ty, buf *b, buf *bb, uint32 *seq)
     GH_HASH(h, t, sizeof(t));
     GH_HASH(h, pseq, SEQSZ + ivsz + sz);
     mac = GH_DONE(h, 0);
-    eq = !memcmp(mac, pmac, tagsz);
+    eq = ct_memeq(mac, pmac, tagsz);
     IF_TRACING(T_KEYSET, {
       trace_block(T_CRYPTO, "crypto: computed MAC", mac, tagsz);
     })
@@ -288,6 +288,7 @@ keyset *ks_gen(const void *k, size_t x, size_t y, size_t z, peer *p)
   keyset *ks = CREATE(keyset);
   time_t now = time(0);
   const octet *pp = k;
+  const algswitch *algs = &p->kx.kpriv->algs;
   T( static unsigned seq = 0; )
 
   T( trace(T_KEYSET, "keyset: adding new keyset %u", seq); )
@@ -303,21 +304,21 @@ keyset *ks_gen(const void *k, size_t x, size_t y, size_t z, peer *p)
 
 #define HASH_in MINE; YOURS; OURS
 #define HASH_out YOURS; MINE; OURS
-#define INIT_c(k) GC_INIT(algs.c, (k), algs.cksz)
-#define INIT_m(k) GM_KEY(algs.m, (k), algs.mksz)
+#define INIT_c(k) GC_INIT(algs->c, (k), algs->cksz)
+#define INIT_m(k) GM_KEY(algs->m, (k), algs->mksz)
 #define STR_c "encryption"
 #define STR_m "integrity"
 #define STR_in "incoming"
 #define STR_out "outgoing"
 
 #define SETKEY(a, dir) do {						\
-  h = GH_INIT(algs.h);							\
+  h = GH_INIT(algs->h);							\
   HASH_STRING(h, "tripe-" STR_##a);					\
   HASH_##dir;								\
   hh = GH_DONE(h, 0);							\
   IF_TRACING(T_KEYSET, {						\
     trace_block(T_CRYPTO, "crypto: " STR_##dir " key " STR_##a,		\
-		hh, algs.a##ksz);					\
+		hh, algs->a##ksz);					\
   })									\
   ks->a##dir = INIT_##a(hh);						\
   GH_DESTROY(h);							\
@@ -342,26 +343,17 @@ keyset *ks_gen(const void *k, size_t x, size_t y, size_t z, peer *p)
   T( ks->seq = seq++; )
   ks->ref = 1;
   ks->t_exp = now + T_EXP;
-  ks->sz_exp = algs.expsz;
-  ks->sz_regen = algs.expsz/2;
+  ks->sz_exp = algs->expsz;
+  ks->sz_regen = algs->expsz/2;
   ks->oseq = 0;
   seq_reset(&ks->iseq);
   ks->next = 0;
   ks->p = p;
   ks->f = KSF_LISTEN;
-  ks->tagsz = algs.tagsz;
+  ks->tagsz = algs->tagsz;
   return (ks);
 }
 
-/* --- @ks_tregen@ --- *
- *
- * Arguments:	@keyset *ks@ = pointer to a keyset
- *
- * Returns:	The time at which moves ought to be made to replace this key.
- */
-
-time_t ks_tregen(keyset *ks) { return (ks->t_exp - T_EXP + T_REGEN); }
-
 /* --- @ks_activate@ --- *
  *
  * Arguments:	@keyset *ks@ = pointer to a keyset