static void c_genkey(void)
{
- if (bchal && bchal->ops == master->algs.bulk->ops && oseq < 0x07ffffff)
- return;
+ bulkalgs *bulk = master->algs.bulk;
+ if (bchal && bchal->ops == bulk->ops && oseq < 0x07ffffff) return;
if (bchal) bchal->ops->freechal(bchal);
- bchal = master->algs.bulk->ops->genchal(master->algs.bulk);
- bchal->ops = master->algs.bulk->ops;
+ bchal = bulk->ops->genchal(bulk);
+ bchal->ops = bulk->ops;
oseq = 0;
seq_reset(&iseq);
}
/* --- @c_new@ --- *
*
- * Arguments: @buf *b@ = where to put the challenge
+ * Arguments: @const void *m@ = pointer to associated message, or null
+ * @size_t msz@ = length of associated message
+ * @buf *b@ = where to put the challenge
*
* Returns: Zero if OK, nonzero on error.
*
* Use: Issues a new challenge.
*/
-int c_new(buf *b)
+int c_new(const void *m, size_t msz, buf *b)
{
- octet *p;
+ const octet *p;
+ octet *t;
+ int rc;
c_genkey();
p = BCUR(b);
- if (buf_putu32(b, oseq++) || !buf_get(b, bchal->tagsz)) return (-1);
- if (bchal->ops->chaltag(bchal, p, 4, p + 4)) return (-1);
+ if (buf_putu32(b, oseq) || (t = buf_get(b, bchal->tagsz)) == 0)
+ { rc = -1; goto done; }
+ if (bchal->ops->chaltag(bchal, m, msz, oseq, t)) { rc = -1; goto done; }
IF_TRACING(T_CHAL, {
- trace(T_CHAL, "chal: issuing challenge %lu", (unsigned long)(oseq - 1));
+ trace(T_CHAL, "chal: issuing challenge %lu", (unsigned long)oseq);
+ if (msz) trace_block(T_CRYPTO, "chal: message block", m, msz);
trace_block(T_CRYPTO, "chal: challenge block", p, BCUR(b) - p);
})
- return (0);
+ rc = 0;
+done:
+ oseq++;
+ return (rc);
}
/* --- @c_check@ --- *
*
- * Arguments: @buf *b@ = where to find the challenge
+ * Arguments: @const void *m@ = pointer to associated message, or null
+ * @size_t msz@ = length of associated message
+ * @buf *b@ = where to find the challenge
*
* Returns: Zero if OK, nonzero if it didn't work.
*
* Use: Checks a challenge. On failure, the buffer is broken.
*/
-int c_check(buf *b)
+int c_check(const void *m, size_t msz, buf *b)
{
- const octet *p;
- size_t sz;
+ const octet *p, *t;
uint32 seq;
if (!bchal) {
a_warn("CHAL", "impossible-challenge", A_END);
goto fail;
}
- sz = 4 + bchal->tagsz;
- if ((p = buf_get(b, sz)) == 0) {
+ p = BCUR(b);
+ if (buf_getu32(b, &seq) || (t = buf_get(b, bchal->tagsz)) == 0) {
a_warn("CHAL", "invalid-challenge", A_END);
goto fail;
}
- IF_TRACING(T_CHAL, trace_block(T_CRYPTO, "chal: check challenge", p, sz); )
- if (bchal->ops->chalvrf(bchal, p, 4, p + 4)) {
+ IF_TRACING(T_CHAL, {
+ trace(T_CHAL, "chal: checking challenge, seq = %lu", (unsigned long)seq);
+ if (msz) trace_block(T_CRYPTO, "chal: message block", m, msz);
+ trace_block(T_CRYPTO, "chal: check challenge", p, BCUR(b) - p);
+ })
+ if (bchal->ops->chalvrf(bchal, m, msz, seq, t)) {
a_warn("CHAL", "incorrect-tag", A_END);
goto fail;
}
- seq = LOAD32(p);
- if (seq_check(&iseq, seq, "CHAL"))
- goto fail;
- T( trace(T_CHAL, "chal: checked challenge %lu", (unsigned long)seq); )
+ if (seq_check(&iseq, seq, "CHAL")) goto fail;
+ T( trace(T_CHAL, "chal: challenge ok"); )
return (0);
fail: