X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=blobdiff_plain;f=lib%2Fsilcske%2Fsilcske.c;h=4db209868986ccd79ca41180a0d734e9423479e4;hp=69b43607173a3e5f0b190fb72277562370580d78;hb=52e57c880aba9c5e89f59d962eb9af75670b76e0;hpb=ae1482a76c29db9fdcd6ed6cf63d312a37a5cb01 diff --git a/lib/silcske/silcske.c b/lib/silcske/silcske.c index 69b43607..4db20986 100644 --- a/lib/silcske/silcske.c +++ b/lib/silcske/silcske.c @@ -671,19 +671,23 @@ static SilcSKEStatus silc_ske_make_hash(SilcSKE ske, { SilcSKEStatus status = SILC_SKE_STATUS_OK; SilcBuffer buf; - unsigned char *e, *f, *KEY; - SilcUInt32 e_len, f_len, KEY_len; + unsigned char *e, *f, *KEY, *s_data; + SilcUInt32 e_len, f_len, KEY_len, s_len; int ret; SILC_LOG_DEBUG(("Start")); if (initiator == FALSE) { + s_data = (ske->start_payload_copy ? + silc_buffer_data(ske->start_payload_copy) : NULL); + s_len = (ske->start_payload_copy ? + silc_buffer_len(ske->start_payload_copy) : 0); e = silc_mp_mp2bin(&ske->ke1_payload->x, 0, &e_len); f = silc_mp_mp2bin(&ske->ke2_payload->x, 0, &f_len); KEY = silc_mp_mp2bin(ske->KEY, 0, &KEY_len); /* Format the buffer used to compute the hash value */ - buf = silc_buffer_alloc_size(silc_buffer_len(ske->start_payload_copy) + + buf = silc_buffer_alloc_size(s_len + ske->ke2_payload->pk_len + ske->ke1_payload->pk_len + e_len + f_len + KEY_len); @@ -694,28 +698,24 @@ static SilcSKEStatus silc_ske_make_hash(SilcSKE ske, if (!ske->ke1_payload->pk_data) { ret = silc_buffer_format(buf, - SILC_STR_UI_XNSTRING( - ske->start_payload_copy->data, - silc_buffer_len(ske->start_payload_copy)), - SILC_STR_UI_XNSTRING(ske->ke2_payload->pk_data, - ske->ke2_payload->pk_len), - SILC_STR_UI_XNSTRING(e, e_len), - SILC_STR_UI_XNSTRING(f, f_len), - SILC_STR_UI_XNSTRING(KEY, KEY_len), + SILC_STR_DATA(s_data, s_len), + SILC_STR_DATA(ske->ke2_payload->pk_data, + ske->ke2_payload->pk_len), + SILC_STR_DATA(e, e_len), + SILC_STR_DATA(f, f_len), + SILC_STR_DATA(KEY, KEY_len), SILC_STR_END); } else { ret = silc_buffer_format(buf, - SILC_STR_UI_XNSTRING( - ske->start_payload_copy->data, - silc_buffer_len(ske->start_payload_copy)), - SILC_STR_UI_XNSTRING(ske->ke2_payload->pk_data, - ske->ke2_payload->pk_len), - SILC_STR_UI_XNSTRING(ske->ke1_payload->pk_data, - ske->ke1_payload->pk_len), - SILC_STR_UI_XNSTRING(e, e_len), - SILC_STR_UI_XNSTRING(f, f_len), - SILC_STR_UI_XNSTRING(KEY, KEY_len), + SILC_STR_DATA(s_data, s_len), + SILC_STR_DATA(ske->ke2_payload->pk_data, + ske->ke2_payload->pk_len), + SILC_STR_DATA(ske->ke1_payload->pk_data, + ske->ke1_payload->pk_len), + SILC_STR_DATA(e, e_len), + SILC_STR_DATA(f, f_len), + SILC_STR_DATA(KEY, KEY_len), SILC_STR_END); } if (ret == -1) { @@ -736,21 +736,23 @@ static SilcSKEStatus silc_ske_make_hash(SilcSKE ske, silc_free(f); silc_free(KEY); } else { + s_data = (ske->start_payload_copy ? + silc_buffer_data(ske->start_payload_copy) : NULL); + s_len = (ske->start_payload_copy ? + silc_buffer_len(ske->start_payload_copy) : 0); e = silc_mp_mp2bin(&ske->ke1_payload->x, 0, &e_len); - buf = silc_buffer_alloc_size(silc_buffer_len(ske->start_payload_copy) + - ske->ke1_payload->pk_len + e_len); + buf = silc_buffer_alloc_size(s_len + ske->ke1_payload->pk_len + e_len); if (!buf) return SILC_SKE_STATUS_OUT_OF_MEMORY; /* Format the buffer used to compute the hash value */ ret = silc_buffer_format(buf, - SILC_STR_UI_XNSTRING(ske->start_payload_copy->data, - silc_buffer_len(ske->start_payload_copy)), - SILC_STR_UI_XNSTRING(ske->ke1_payload->pk_data, - ske->ke1_payload->pk_len), - SILC_STR_UI_XNSTRING(e, e_len), + SILC_STR_DATA(s_data, s_len), + SILC_STR_DATA(ske->ke1_payload->pk_data, + ske->ke1_payload->pk_len), + SILC_STR_DATA(e, e_len), SILC_STR_END); if (ret == -1) { silc_buffer_free(buf); @@ -1611,14 +1613,16 @@ SILC_FSM_STATE(silc_ske_st_initiator_phase4) payload = ske->ke2_payload; + /* Compute the HASH value */ + SILC_LOG_DEBUG(("Computing HASH value")); + status = silc_ske_make_hash(ske, hash, &hash_len, FALSE); + if (status != SILC_SKE_STATUS_OK) + goto err; + ske->hash = silc_memdup(hash, hash_len); + ske->hash_len = hash_len; + if (ske->prop->public_key) { SILC_LOG_DEBUG(("Public key is authentic")); - - /* Compute the hash value */ - status = silc_ske_make_hash(ske, hash, &hash_len, FALSE); - if (status != SILC_SKE_STATUS_OK) - goto err; - SILC_LOG_DEBUG(("Verifying signature (HASH)")); /* Verify signature */ @@ -1630,9 +1634,6 @@ SILC_FSM_STATE(silc_ske_st_initiator_phase4) } SILC_LOG_DEBUG(("Signature is Ok")); - - ske->hash = silc_memdup(hash, hash_len); - ske->hash_len = hash_len; memset(hash, 'F', hash_len); } @@ -1884,6 +1885,7 @@ SILC_FSM_STATE(silc_ske_st_responder_phase1) SilcSKEStatus status; SilcSKEStartPayload remote_payload = NULL; SilcBuffer packet_buf = &ske->packet->buffer; + SilcID id; SILC_LOG_DEBUG(("Start")); @@ -1898,6 +1900,19 @@ SILC_FSM_STATE(silc_ske_st_responder_phase1) return SILC_FSM_CONTINUE; } + /* Get remote ID and set it to stream */ + if (ske->packet->src_id_len) { + silc_id_str2id(ske->packet->src_id, ske->packet->src_id_len, + ske->packet->src_id_type, + (ske->packet->src_id_type == SILC_ID_SERVER ? + (void *)&id.u.server_id : (void *)&id.u.client_id), + (ske->packet->src_id_type == SILC_ID_SERVER ? + sizeof(id.u.server_id) : sizeof(id.u.client_id))); + silc_packet_set_ids(ske->stream, 0, NULL, ske->packet->src_id_type, + (ske->packet->src_id_type == SILC_ID_SERVER ? + (void *)&id.u.server_id : (void *)&id.u.client_id)); + } + /* Take a copy of the payload buffer for future use. It is used to compute the HASH value. */ ske->start_payload_copy = silc_buffer_copy(packet_buf); @@ -2209,22 +2224,23 @@ SILC_FSM_STATE(silc_ske_st_responder_phase5) } ske->ke2_payload->pk_data = pk; ske->ke2_payload->pk_len = pk_len; + } - SILC_LOG_DEBUG(("Computing HASH value")); - - /* Compute the hash value */ - memset(hash, 0, sizeof(hash)); - status = silc_ske_make_hash(ske, hash, &hash_len, FALSE); - if (status != SILC_SKE_STATUS_OK) { - /** Error computing hash */ - ske->status = status; - silc_fsm_next(fsm, silc_ske_st_responder_error); - return SILC_FSM_CONTINUE; - } + SILC_LOG_DEBUG(("Computing HASH value")); - ske->hash = silc_memdup(hash, hash_len); - ske->hash_len = hash_len; + /* Compute the hash value */ + memset(hash, 0, sizeof(hash)); + status = silc_ske_make_hash(ske, hash, &hash_len, FALSE); + if (status != SILC_SKE_STATUS_OK) { + /** Error computing hash */ + ske->status = status; + silc_fsm_next(fsm, silc_ske_st_responder_error); + return SILC_FSM_CONTINUE; + } + ske->hash = silc_memdup(hash, hash_len); + ske->hash_len = hash_len; + if (ske->public_key && ske->private_key) { SILC_LOG_DEBUG(("Signing HASH value")); /* Sign the hash value */ @@ -2262,7 +2278,7 @@ SILC_FSM_STATE(silc_ske_st_responder_phase5) silc_buffer_free(payload_buf); - /* In case we are doing rekey move to finish it. */ + /* In case we are doing rekey move to finish it. */ if (ske->rekey) { /** Finish rekey */ silc_fsm_next(fsm, silc_ske_st_rekey_responder_done); @@ -2461,6 +2477,13 @@ SILC_FSM_STATE(silc_ske_st_rekey_initiator_start) return SILC_FSM_CONTINUE; } + if (!silc_hash_alloc(ske->rekey->hash, &ske->prop->hash)) { + /** Cannot allocate hash */ + ske->status = SILC_SKE_STATUS_OUT_OF_MEMORY; + silc_fsm_next(fsm, silc_ske_st_initiator_error); + return SILC_FSM_CONTINUE; + } + /* Send REKEY packet to start rekey protocol */ if (!silc_ske_packet_send(ske, SILC_PACKET_REKEY, 0, NULL, 0)) { /** Error sending packet */ @@ -2506,13 +2529,7 @@ SILC_FSM_STATE(silc_ske_st_rekey_initiator_done) silc_packet_get_keys(ske->stream, &send_key, NULL, &hmac_send, NULL); key_len = silc_cipher_get_key_len(send_key); block_len = silc_cipher_get_block_len(send_key); - - if (!silc_hash_alloc(ske->rekey->hash, &hash)) { - /** Cannot allocate hash */ - ske->status = SILC_SKE_STATUS_OUT_OF_MEMORY; - silc_fsm_next(fsm, silc_ske_st_initiator_error); - return SILC_FSM_CONTINUE; - } + hash = ske->prop->hash; hash_len = silc_hash_len(hash); /* Process key material */ @@ -2543,17 +2560,21 @@ SILC_FSM_STATE(silc_ske_st_rekey_initiator_done) ske->prop->cipher = send_key; ske->prop->hmac = hmac_send; - ske->prop->hash = hash; /* Get sending keys */ if (!silc_ske_set_keys(ske, ske->keymat, ske->prop, &send_key, NULL, &hmac_send, NULL, NULL)) { /** Cannot get keys */ ske->status = SILC_SKE_STATUS_ERROR; + ske->prop->cipher = NULL; + ske->prop->hmac = NULL; silc_fsm_next(fsm, silc_ske_st_initiator_error); return SILC_FSM_CONTINUE; } + ske->prop->cipher = NULL; + ske->prop->hmac = NULL; + /* Set the new keys into use. This will also send REKEY_DONE packet. Any packet sent after this call will be protected with the new keys. */ if (!silc_packet_set_keys(ske->stream, send_key, NULL, hmac_send, NULL, @@ -2561,6 +2582,8 @@ SILC_FSM_STATE(silc_ske_st_rekey_initiator_done) /** Cannot set keys */ SILC_LOG_DEBUG(("Cannot set new keys, error sending REKEY_DONE")); ske->status = SILC_SKE_STATUS_ERROR; + silc_cipher_free(send_key); + silc_hmac_free(hmac_send); silc_fsm_next(fsm, silc_ske_st_initiator_error); return SILC_FSM_CONTINUE; } @@ -2597,6 +2620,8 @@ SILC_FSM_STATE(silc_ske_st_rekey_initiator_end) NULL, &hmac_receive, NULL)) { /** Cannot get keys */ ske->status = SILC_SKE_STATUS_ERROR; + ske->prop->cipher = NULL; + ske->prop->hmac = NULL; silc_fsm_next(fsm, silc_ske_st_initiator_error); return SILC_FSM_CONTINUE; } @@ -2608,6 +2633,8 @@ SILC_FSM_STATE(silc_ske_st_rekey_initiator_end) /** Cannot set keys */ SILC_LOG_DEBUG(("Cannot set new keys")); ske->status = SILC_SKE_STATUS_ERROR; + silc_cipher_free(receive_key); + silc_hmac_free(hmac_receive); silc_fsm_next(fsm, silc_ske_st_initiator_error); return SILC_FSM_CONTINUE; } @@ -2619,6 +2646,8 @@ SILC_FSM_STATE(silc_ske_st_rekey_initiator_end) if (!rekey) { /** No memory */ ske->status = SILC_SKE_STATUS_OUT_OF_MEMORY; + ske->prop->cipher = NULL; + ske->prop->hmac = NULL; silc_fsm_next(fsm, silc_ske_st_initiator_error); return SILC_FSM_CONTINUE; } @@ -2647,8 +2676,11 @@ silc_ske_rekey_initiator(SilcSKE ske, { SILC_LOG_DEBUG(("Start SKE rekey as initator")); - if (!ske || !stream || !rekey) + if (!ske || !stream || !rekey) { + SILC_LOG_ERROR(("Missing arguments to silc_ske_rekey_initiator")); + SILC_ASSERT(rekey); return NULL; + } if (!silc_async_init(&ske->op, silc_ske_abort, NULL, ske)) return NULL; @@ -2696,7 +2728,6 @@ SILC_FSM_STATE(silc_ske_st_rekey_responder_wait) silc_schedule_task_add_timeout(ske->schedule, silc_ske_timeout, ske, 30, 0); - silc_fsm_next(fsm, silc_ske_st_rekey_responder_start); /* If REKEY packet already received process it directly */ @@ -2732,6 +2763,13 @@ SILC_FSM_STATE(silc_ske_st_rekey_responder_start) return SILC_FSM_CONTINUE; } + if (!silc_hash_alloc(ske->rekey->hash, &ske->prop->hash)) { + /** Cannot allocate hash */ + ske->status = SILC_SKE_STATUS_OUT_OF_MEMORY; + silc_fsm_next(fsm, silc_ske_st_responder_error); + return SILC_FSM_CONTINUE; + } + /* If doing rekey without PFS, move directly to the end of the protocol. */ if (!ske->rekey->pfs) { /** Rekey without PFS */ @@ -2768,13 +2806,7 @@ SILC_FSM_STATE(silc_ske_st_rekey_responder_done) silc_packet_get_keys(ske->stream, &send_key, NULL, &hmac_send, NULL); key_len = silc_cipher_get_key_len(send_key); block_len = silc_cipher_get_block_len(send_key); - - if (!silc_hash_alloc(ske->rekey->hash, &hash)) { - /** Cannot allocate hash */ - ske->status = SILC_SKE_STATUS_OUT_OF_MEMORY; - silc_fsm_next(fsm, silc_ske_st_responder_error); - return SILC_FSM_CONTINUE; - } + hash = ske->prop->hash; hash_len = silc_hash_len(hash); /* Process key material */ @@ -2805,17 +2837,21 @@ SILC_FSM_STATE(silc_ske_st_rekey_responder_done) ske->prop->cipher = send_key; ske->prop->hmac = hmac_send; - ske->prop->hash = hash; /* Get sending keys */ if (!silc_ske_set_keys(ske, ske->keymat, ske->prop, &send_key, NULL, &hmac_send, NULL, NULL)) { /** Cannot get keys */ ske->status = SILC_SKE_STATUS_ERROR; + ske->prop->cipher = NULL; + ske->prop->hmac = NULL; silc_fsm_next(fsm, silc_ske_st_responder_error); return SILC_FSM_CONTINUE; } + ske->prop->cipher = NULL; + ske->prop->hmac = NULL; + /* Set the new keys into use. This will also send REKEY_DONE packet. Any packet sent after this call will be protected with the new keys. */ if (!silc_packet_set_keys(ske->stream, send_key, NULL, hmac_send, NULL, @@ -2823,6 +2859,8 @@ SILC_FSM_STATE(silc_ske_st_rekey_responder_done) /** Cannot set keys */ SILC_LOG_DEBUG(("Cannot set new keys, error sending REKEY_DONE")); ske->status = SILC_SKE_STATUS_ERROR; + silc_cipher_free(send_key); + silc_hmac_free(hmac_send); silc_fsm_next(fsm, silc_ske_st_responder_error); return SILC_FSM_CONTINUE; } @@ -2859,6 +2897,8 @@ SILC_FSM_STATE(silc_ske_st_rekey_responder_end) NULL, &hmac_receive, NULL)) { /** Cannot get keys */ ske->status = SILC_SKE_STATUS_ERROR; + ske->prop->cipher = NULL; + ske->prop->hmac = NULL; silc_fsm_next(fsm, silc_ske_st_responder_error); return SILC_FSM_CONTINUE; } @@ -2870,6 +2910,10 @@ SILC_FSM_STATE(silc_ske_st_rekey_responder_end) /** Cannot set keys */ SILC_LOG_DEBUG(("Cannot set new keys")); ske->status = SILC_SKE_STATUS_ERROR; + ske->prop->cipher = NULL; + ske->prop->hmac = NULL; + silc_cipher_free(receive_key); + silc_hmac_free(hmac_receive); silc_fsm_next(fsm, silc_ske_st_responder_error); return SILC_FSM_CONTINUE; } @@ -2881,6 +2925,8 @@ SILC_FSM_STATE(silc_ske_st_rekey_responder_end) if (!rekey) { /** No memory */ ske->status = SILC_SKE_STATUS_OUT_OF_MEMORY; + ske->prop->cipher = NULL; + ske->prop->hmac = NULL; silc_fsm_next(fsm, silc_ske_st_responder_error); return SILC_FSM_CONTINUE; } @@ -2971,7 +3017,7 @@ silc_ske_process_key_material_data(unsigned char *data, return NULL; silc_buffer_format(buf, SILC_STR_UI_CHAR(0), - SILC_STR_UI_XNSTRING(data, data_len), + SILC_STR_DATA(data, data_len), SILC_STR_END); /* Take IVs */ @@ -3010,8 +3056,8 @@ silc_ske_process_key_material_data(unsigned char *data, if (!dist) return NULL; silc_buffer_format(dist, - SILC_STR_UI_XNSTRING(data, data_len), - SILC_STR_UI_XNSTRING(k1, hash_len), + SILC_STR_DATA(data, data_len), + SILC_STR_DATA(k1, hash_len), SILC_STR_END); memset(k2, 0, sizeof(k2)); silc_hash_make(hash, dist->data, silc_buffer_len(dist), k2); @@ -3021,7 +3067,7 @@ silc_ske_process_key_material_data(unsigned char *data, silc_buffer_pull_tail(dist, hash_len); silc_buffer_pull(dist, data_len + hash_len); silc_buffer_format(dist, - SILC_STR_UI_XNSTRING(k2, hash_len), + SILC_STR_DATA(k2, hash_len), SILC_STR_END); silc_buffer_push(dist, data_len + hash_len); memset(k3, 0, sizeof(k3)); @@ -3073,8 +3119,8 @@ silc_ske_process_key_material_data(unsigned char *data, if (!dist) return NULL; silc_buffer_format(dist, - SILC_STR_UI_XNSTRING(data, data_len), - SILC_STR_UI_XNSTRING(k1, hash_len), + SILC_STR_DATA(data, data_len), + SILC_STR_DATA(k1, hash_len), SILC_STR_END); memset(k2, 0, sizeof(k2)); silc_hash_make(hash, dist->data, silc_buffer_len(dist), k2); @@ -3084,7 +3130,7 @@ silc_ske_process_key_material_data(unsigned char *data, silc_buffer_pull_tail(dist, hash_len); silc_buffer_pull(dist, data_len + hash_len); silc_buffer_format(dist, - SILC_STR_UI_XNSTRING(k2, hash_len), + SILC_STR_DATA(k2, hash_len), SILC_STR_END); silc_buffer_push(dist, data_len + hash_len); memset(k3, 0, sizeof(k3)); @@ -3160,8 +3206,8 @@ silc_ske_process_key_material(SilcSKE ske, if (!buf) return NULL; silc_buffer_format(buf, - SILC_STR_UI_XNSTRING(tmpbuf, klen), - SILC_STR_UI_XNSTRING(ske->hash, ske->hash_len), + SILC_STR_DATA(tmpbuf, klen), + SILC_STR_DATA(ske->hash, ske->hash_len), SILC_STR_END); /* Process the key material */