mdw@git.distorted.org.uk Git - tripe/blob - server/chal.c

   1 /* -*-c-*-
   2  *
   3  * Cryptographic challenges
   4  *
   5  * (c) 2005 Straylight/Edgeware
   6  */
   7
   8 /*----- Licensing notice --------------------------------------------------*
   9  *
  10  * This file is part of Trivial IP Encryption (TrIPE).
  11  *
  12  * TrIPE is free software; you can redistribute it and/or modify
  13  * it under the terms of the GNU General Public License as published by
  14  * the Free Software Foundation; either version 2 of the License, or
  15  * (at your option) any later version.
  16  *
  17  * TrIPE is distributed in the hope that it will be useful,
  18  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  20  * GNU General Public License for more details.
  21  *
  22  * You should have received a copy of the GNU General Public License
  23  * along with TrIPE; if not, write to the Free Software Foundation,
  24  * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  25  */
  26
  27 /*----- Header files ------------------------------------------------------*/
  28
  29 #include "tripe.h"
  30
  31 /*----- Static variables --------------------------------------------------*/
  32
  33 static bulkchal *bulk;
  34 static uint32 oseq;
  35 static seqwin iseq;
  36
  37 /*----- Main code ---------------------------------------------------------*/
  38
  39 /* --- @c_genkey@ --- *
  40  *
  41  * Arguments:   ---
  42  *
  43  * Returns:     ---
  44  *
  45  * Use:         Generates a new challenge key.
  46  */
  47
  48 static void c_genkey(void)
  49 {
  50   if (bulk && bulk->ops == master->algs.bulk->ops && oseq < 0x07ffffff)
  51     return;
  52   if (bulk) bulk->ops->freechal(bulk);
  53   bulk = master->algs.bulk->ops->genchal(master->algs.bulk);
  54   bulk->ops = master->algs.bulk->ops;
  55   oseq = 0;
  56   seq_reset(&iseq);
  57 }
  58
  59 /* --- @c_new@ --- *
  60  *
  61  * Arguments:   @buf *b@ = where to put the challenge
  62  *
  63  * Returns:     Zero if OK, nonzero on error.
  64  *
  65  * Use:         Issues a new challenge.
  66  */
  67
  68 int c_new(buf *b)
  69 {
  70   octet *p;
  71
  72   c_genkey();
  73   p = BCUR(b);
  74   if (buf_putu32(b, oseq++) || !buf_get(b, bulk->tagsz)) return (-1);
  75   if (bulk->ops->chaltag(bulk, p, 4, p + 4)) return (-1);
  76   IF_TRACING(T_CHAL, {
  77     trace(T_CHAL, "chal: issuing challenge %lu", (unsigned long)(oseq - 1));
  78     trace_block(T_CRYPTO, "chal: challenge block", p, BCUR(b) - p);
  79   })
  80   return (0);
  81 }
  82
  83 /* --- @c_check@ --- *
  84  *
  85  * Arguments:   @buf *b@ = where to find the challenge
  86  *
  87  * Returns:     Zero if OK, nonzero if it didn't work.
  88  *
  89  * Use:         Checks a challenge.  On failure, the buffer is broken.
  90  */
  91
  92 int c_check(buf *b)
  93 {
  94   const octet *p;
  95   size_t sz;
  96   uint32 seq;
  97
  98   if (!bulk) {
  99     a_warn("CHAL", "impossible-challenge", A_END);
 100     goto fail;
 101   }
 102   sz = 4 + bulk->tagsz;
 103   if ((p = buf_get(b, sz)) == 0) {
 104     a_warn("CHAL", "invalid-challenge", A_END);
 105     goto fail;
 106   }
 107   IF_TRACING(T_CHAL, trace_block(T_CRYPTO, "chal: check challenge", p, sz); )
 108   if (bulk->ops->chalvrf(bulk, p, 4, p + 4)) {
 109     a_warn("CHAL", "incorrect-tag", A_END);
 110     goto fail;
 111   }
 112   seq = LOAD32(p);
 113   if (seq_check(&iseq, seq, "CHAL"))
 114     goto fail;
 115   T( trace(T_CHAL, "chal: checked challenge %lu", (unsigned long)seq); )
 116   return (0);
 117
 118 fail:
 119   buf_break(b);
 120   return (-1);
 121 }
 122
 123 /*----- That's all, folks -------------------------------------------------*/