SilcMessageFlags flags;
SilcPublicKey public_key;
SilcPrivateKey private_key;
+ SilcRng rng;
SilcHash hash;
SilcCipher cipher;
SilcHmac hmac;
SilcUInt32 pk_len = 0;
SilcUInt16 pk_type;
SilcStack stack = e->stack;
+ SilcRng rng = e->rng;
SilcHash hash = e->hash;
SilcPublicKey public_key = e->public_key;
SilcPrivateKey private_key = e->private_key;
}
/* Compute signature */
- op = silc_pkcs_sign(private_key, sign->data, silc_buffer_len(sign),
- TRUE, hash, silc_message_signed_payload_encode_cb, e);
+ op = silc_pkcs_sign_async(private_key, sign->data, silc_buffer_len(sign),
+ TRUE, hash, rng,
+ silc_message_signed_payload_encode_cb, e);
return op;
}
silc_hmac_update(hmac, receiver_id, receiver_id_len);
silc_hmac_final(hmac, mac, &mac_len);
if (silc_unlikely(memcmp(data + (data_len - mac_len), mac, mac_len))) {
- SILC_LOG_DEBUG(("Message MAC does not match"));
- return FALSE;
+ /* Check for old style (version 1.2) message MAC. Remove this check
+ at some point. */
+ silc_hmac_init(hmac);
+ silc_hmac_update(hmac, data, data_len - mac_len);
+ silc_hmac_final(hmac, mac, &mac_len);
+ if (silc_unlikely(memcmp(data + (data_len - mac_len), mac, mac_len))) {
+ SILC_LOG_DEBUG(("Message MAC does not match"));
+ return FALSE;
+ }
}
SILC_LOG_DEBUG(("MAC is Ok"));
}
/* Encrypt message payload */
-static int silc_message_payload_encode_encrypt(SilcBuffer buffer,
+static int silc_message_payload_encode_encrypt(SilcStack stack,
+ SilcBuffer buffer,
void *value, void *context)
{
SilcMessageEncode *e = context;
/* Encrypt */
if (silc_buffer_format(buffer,
- SILC_STR_DATA(silc_buffer_data(signature),
- silc_buffer_len(signature)),
+ SILC_STR_DATA(signature ?
+ silc_buffer_data(signature) : NULL,
+ signature ?
+ silc_buffer_len(signature) : 0),
SILC_STR_DATA(iv, iv_len),
SILC_STR_FUNC(silc_message_payload_encode_encrypt,
NULL, &e),
e->flags = flags;
e->public_key = public_key;
e->private_key = private_key;
+ e->rng = rng;
e->hash = hash;
e->cipher = cipher;
e->hmac = hmac;
e->iv = iv_len ? iv : NULL;
e->iv_len = iv_len;
e->payload_len = 6 + data_len + pad_len;
+ e->encoded = encoded;
+ e->context = context;
/* Compute signature */
return silc_message_signed_payload_encode(buffer, e);
}
/* Verify the authentication data */
- op = silc_pkcs_verify(remote_public_key, sig->sign_data, sig->sign_len,
- silc_buffer_data(sign), silc_buffer_len(sign), hash,
- result, context);
+ op = silc_pkcs_verify_async(remote_public_key, sig->sign_data,
+ sig->sign_len,
+ silc_buffer_data(sign), silc_buffer_len(sign),
+ TRUE, hash, result, context);
silc_buffer_clear(sign);
silc_buffer_sfree(stack, sign);
projects / silc.git / blobdiff