X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=blobdiff_plain;f=lib%2Fsilcske%2Fsilcske.c;h=7331e23513c5c61d82c250bd35ab6bcb475b587d;hp=6583562882a527511507da098aab92db0367338d;hb=1ea936cbf1bb3b19bd55839b904ef59ada84b8b5;hpb=d4698528ed84c05aad3be8c2b18a343d2dc2b521 diff --git a/lib/silcske/silcske.c b/lib/silcske/silcske.c index 65835628..7331e235 100644 --- a/lib/silcske/silcske.c +++ b/lib/silcske/silcske.c @@ -1506,9 +1506,9 @@ SILC_FSM_STATE(silc_ske_st_initiator_phase2) /* Sign the hash value */ SILC_FSM_CALL(ske->key_op = - silc_pkcs_sign(ske->private_key, hash, hash_len, FALSE, - ske->prop->hash, ske->rng, - silc_ske_initiator_sign_cb, ske)); + silc_pkcs_sign_async(ske->private_key, hash, hash_len, FALSE, + ske->prop->hash, ske->rng, + silc_ske_initiator_sign_cb, ske)); /* NOT REACHED */ } @@ -1715,9 +1715,11 @@ SILC_FSM_STATE(silc_ske_st_initiator_phase4) /* Verify signature */ SILC_FSM_CALL(ske->key_op = - silc_pkcs_verify(ske->prop->public_key, payload->sign_data, - payload->sign_len, hash, hash_len, NULL, - silc_ske_verify_cb, ske)); + silc_pkcs_verify_async(ske->prop->public_key, + payload->sign_data, + payload->sign_len, hash, + hash_len, FALSE, NULL, + silc_ske_verify_cb, ske)); /* NOT REACHED */ } @@ -2245,11 +2247,11 @@ SILC_FSM_STATE(silc_ske_st_responder_phase4) /* Verify signature */ SILC_FSM_CALL(ske->key_op = - silc_pkcs_verify(ske->prop->public_key, - recv_payload->sign_data, - recv_payload->sign_len, - hash, hash_len, NULL, - silc_ske_verify_cb, ske)); + silc_pkcs_verify_async(ske->prop->public_key, + recv_payload->sign_data, + recv_payload->sign_len, + hash, hash_len, FALSE, NULL, + silc_ske_verify_cb, ske)); /* NOT REACHED */ } @@ -2343,9 +2345,9 @@ SILC_FSM_STATE(silc_ske_st_responder_phase5) /* Sign the hash value */ SILC_FSM_CALL(ske->key_op = - silc_pkcs_sign(ske->private_key, hash, hash_len, FALSE, - ske->prop->hash, ske->rng, - silc_ske_responder_sign_cb, ske)); + silc_pkcs_sign_async(ske->private_key, hash, hash_len, FALSE, + ske->prop->hash, ske->rng, + silc_ske_responder_sign_cb, ske)); /* NOT REACHED */ } @@ -3391,7 +3393,7 @@ SilcBool silc_ske_set_keys(SilcSKE ske, SilcHmac *ret_hmac_receive, SilcHash *ret_hash) { - unsigned char iv[32]; + unsigned char iv[SILC_HASH_MAXLEN]; SilcBool iv_included = (prop->flags & SILC_SKE_SP_FLAG_IV_INCLUDED); /* Allocate ciphers to be used in the communication */ @@ -3443,6 +3445,8 @@ SilcBool silc_ske_set_keys(SilcSKE ske, silc_hash_make(prop->hash, keymat->receive_iv, 8, iv); if (!iv_included) memcpy(iv + 4, keymat->receive_iv, 8); + else + memset(iv + 4, 0, 12); } silc_cipher_set_iv(*ret_send_key, iv); @@ -3467,6 +3471,8 @@ SilcBool silc_ske_set_keys(SilcSKE ske, silc_hash_make(prop->hash, keymat->send_iv, 8, iv); if (!iv_included) memcpy(iv + 4, keymat->send_iv, 8); + else + memset(iv + 4, 0, 12); } silc_cipher_set_iv(*ret_receive_key, iv); @@ -3498,6 +3504,8 @@ SilcBool silc_ske_set_keys(SilcSKE ske, silc_hash_make(prop->hash, keymat->send_iv, 8, iv); if (!iv_included) memcpy(iv + 4, keymat->send_iv, 8); + else + memset(iv + 4, 0, 12); } silc_cipher_set_iv(*ret_send_key, iv); @@ -3523,6 +3531,8 @@ SilcBool silc_ske_set_keys(SilcSKE ske, silc_hash_make(prop->hash, keymat->receive_iv, 8, iv); if (!iv_included) memcpy(iv + 4, keymat->receive_iv, 8); + else + memset(iv + 4, 0, 12); } silc_cipher_set_iv(*ret_receive_key, iv);