X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/c70a7c5cedab62209640b76f03d97c1876e38dc6..HEAD:/server/chal.c

diff --git a/server/chal.c b/server/chal.c
index 71fde49c..68d7f048 100644
--- a/server/chal.c
+++ b/server/chal.c
@@ -9,19 +9,18 @@
  *
  * This file is part of Trivial IP Encryption (TrIPE).
  *
- * TrIPE is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
+ * TrIPE is free software: you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 3 of the License, or (at your
+ * option) any later version.
  *
- * TrIPE is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
+ * TrIPE is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
  *
  * You should have received a copy of the GNU General Public License
- * along with TrIPE; if not, write to the Free Software Foundation,
- * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ * along with TrIPE.  If not, see <https://www.gnu.org/licenses/>.
  */
 
 /*----- Header files ------------------------------------------------------*/
@@ -30,11 +29,11 @@
 
 /*----- Static variables --------------------------------------------------*/
 
-static bulkchal *bulk;
+static bulkchal *bchal;
 static uint32 oseq;
 static seqwin iseq;
 
-/*----- Main code ---------------------------------------------------------*/
+/*----- Challenges --------------------------------------------------------*/
 
 /* --- @c_genkey@ --- *
  *
@@ -47,72 +46,84 @@ static seqwin iseq;
 
 static void c_genkey(void)
 {
-  if (bulk && bulk->ops == master->algs.bulk->ops && oseq < 0x07ffffff)
-    return;
-  if (bulk) bulk->ops->freechal(bulk);
-  bulk = master->algs.bulk->ops->genchal(master->algs.bulk);
-  bulk->ops = master->algs.bulk->ops;
+  bulkalgs *bulk = master->algs.bulk;
+  if (bchal && bchal->ops == bulk->ops && oseq < 0x07ffffff) return;
+  if (bchal) bchal->ops->freechal(bchal);
+  bchal = bulk->ops->genchal(bulk);
+  bchal->ops = bulk->ops;
   oseq = 0;
   seq_reset(&iseq);
 }
 
 /* --- @c_new@ --- *
  *
- * Arguments:	@buf *b@ = where to put the challenge
+ * Arguments:	@const void *m@ = pointer to associated message, or null
+ *		@size_t msz@ = length of associated message
+ *		@buf *b@ = where to put the challenge
  *
  * Returns:	Zero if OK, nonzero on error.
  *
  * Use:		Issues a new challenge.
  */
 
-int c_new(buf *b)
+int c_new(const void *m, size_t msz, buf *b)
 {
-  octet *p;
+  const octet *p;
+  octet *t;
+  int rc;
 
   c_genkey();
   p = BCUR(b);
-  if (buf_putu32(b, oseq++) || !buf_get(b, bulk->tagsz)) return (-1);
-  if (bulk->ops->chaltag(bulk, p, 4, p + 4)) return (-1);
+  if (buf_putu32(b, oseq) || (t = buf_get(b, bchal->tagsz)) == 0)
+    { rc = -1; goto done; }
+  if (bchal->ops->chaltag(bchal, m, msz, oseq, t)) { rc = -1; goto done; }
   IF_TRACING(T_CHAL, {
-    trace(T_CHAL, "chal: issuing challenge %lu", (unsigned long)(oseq - 1));
+    trace(T_CHAL, "chal: issuing challenge %lu", (unsigned long)oseq);
+    if (msz) trace_block(T_CRYPTO, "chal: message block", m, msz);
     trace_block(T_CRYPTO, "chal: challenge block", p, BCUR(b) - p);
   })
-  return (0);
+  rc = 0;
+done:
+  oseq++;
+  return (rc);
 }
 
 /* --- @c_check@ --- *
  *
- * Arguments:	@buf *b@ = where to find the challenge
+ * Arguments:	@const void *m@ = pointer to associated message, or null
+ *		@size_t msz@ = length of associated message
+ *		@buf *b@ = where to find the challenge
  *
  * Returns:	Zero if OK, nonzero if it didn't work.
  *
  * Use:		Checks a challenge.  On failure, the buffer is broken.
  */
 
-int c_check(buf *b)
+int c_check(const void *m, size_t msz, buf *b)
 {
-  const octet *p;
-  size_t sz;
+  const octet *p, *t;
   uint32 seq;
 
-  if (!bulk) {
+  if (!bchal) {
     a_warn("CHAL", "impossible-challenge", A_END);
     goto fail;
   }
-  sz = 4 + bulk->tagsz;
-  if ((p = buf_get(b, sz)) == 0) {
+  p = BCUR(b);
+  if (buf_getu32(b, &seq) || (t = buf_get(b, bchal->tagsz)) == 0) {
     a_warn("CHAL", "invalid-challenge", A_END);
     goto fail;
   }
-  IF_TRACING(T_CHAL, trace_block(T_CRYPTO, "chal: check challenge", p, sz); )
-  if (bulk->ops->chalvrf(bulk, p, 4, p + 4)) {
+  IF_TRACING(T_CHAL, {
+    trace(T_CHAL, "chal: checking challenge, seq = %lu", (unsigned long)seq);
+    if (msz) trace_block(T_CRYPTO, "chal: message block", m, msz);
+    trace_block(T_CRYPTO, "chal: check challenge", p, BCUR(b) - p);
+  })
+  if (bchal->ops->chalvrf(bchal, m, msz, seq, t)) {
     a_warn("CHAL", "incorrect-tag", A_END);
     goto fail;
   }
-  seq = LOAD32(p);
-  if (seq_check(&iseq, seq, "CHAL"))
-    goto fail;
-  T( trace(T_CHAL, "chal: checked challenge %lu", (unsigned long)seq); )
+  if (seq_check(&iseq, seq, "CHAL")) goto fail;
+  T( trace(T_CHAL, "chal: challenge ok"); )
   return (0);
 
 fail: