X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fsptps.c;h=a0483c34db9e9a4dc94327edc235d69b38cc6d3f;hb=0fe69908838248c28624beb540257892db6bdcbd;hp=6ad1c8d6f8d947309aba8e8f9fce6b6031eccf3c;hpb=4214794ce68b9456146a5bf35db9e58da836b728;p=tinc diff --git a/src/sptps.c b/src/sptps.c index 6ad1c8d6..a0483c34 100644 --- a/src/sptps.c +++ b/src/sptps.c @@ -21,12 +21,12 @@ #include "system.h" #include "chacha-poly1305/chacha-poly1305.h" -#include "crypto.h" #include "ecdh.h" #include "ecdsa.h" #include "logger.h" #include "prf.h" #include "sptps.h" +#include "random.h" unsigned int sptps_replaywin = 16; @@ -92,7 +92,7 @@ static void warning(sptps_t *s, const char *format, ...) { // Send a record (datagram version, accepts all record types, handles encryption and authentication). static bool send_record_priv_datagram(sptps_t *s, uint8_t type, const void *data, uint16_t len) { - uint8_t buffer[len + 21UL]; + uint8_t *buffer = alloca(len + 21UL); // Create header with sequence number, length and record type uint32_t seqno = s->outseqno++; @@ -117,7 +117,7 @@ static bool send_record_priv(sptps_t *s, uint8_t type, const void *data, uint16_ return send_record_priv_datagram(s, type, data, len); } - uint8_t buffer[len + 19UL]; + uint8_t *buffer = alloca(len + 19UL); // Create header with sequence number, length and record type uint32_t seqno = s->outseqno++; @@ -187,8 +187,9 @@ static bool send_sig(sptps_t *s) { size_t siglen = ecdsa_size(s->mykey); // Concatenate both KEX messages, plus tag indicating if it is from the connection originator, plus label - uint8_t msg[(1 + 32 + keylen) * 2 + 1 + s->labellen]; - uint8_t sig[siglen]; + const size_t msglen = (1 + 32 + keylen) * 2 + 1 + s->labellen; + uint8_t *msg = alloca(msglen); + uint8_t *sig = alloca(siglen); msg[0] = s->initiator; memcpy(msg + 1, s->mykex, 1 + 32 + keylen); @@ -196,16 +197,16 @@ static bool send_sig(sptps_t *s) { memcpy(msg + 1 + 2 * (33 + keylen), s->label, s->labellen); // Sign the result. - if(!ecdsa_sign(s->mykey, msg, sizeof(msg), sig)) { + if(!ecdsa_sign(s->mykey, msg, msglen, sig)) { return error(s, EINVAL, "Failed to sign SIG record"); } // Send the SIG exchange record. - return send_record_priv(s, SPTPS_HANDSHAKE, sig, sizeof(sig)); + return send_record_priv(s, SPTPS_HANDSHAKE, sig, siglen); } // Generate key material from the shared secret created from the ECDHE key exchange. -static bool generate_key_material(sptps_t *s, const char *shared, size_t len) { +static bool generate_key_material(sptps_t *s, const uint8_t *shared, size_t len) { // Initialise cipher and digest structures if necessary if(!s->outstate) { s->incipher = chacha_poly1305_init(); @@ -226,7 +227,7 @@ static bool generate_key_material(sptps_t *s, const char *shared, size_t len) { } // Create the HMAC seed, which is "key expansion" + session label + server nonce + client nonce - char seed[s->labellen + 64 + 13]; + uint8_t *seed = alloca(s->labellen + 64 + 13); memcpy(seed, "key expansion", 13); if(s->initiator) { @@ -317,7 +318,8 @@ static bool receive_sig(sptps_t *s, const uint8_t *data, uint16_t len) { } // Concatenate both KEX messages, plus tag indicating if it is from the connection originator - uint8_t msg[(1 + 32 + keylen) * 2 + 1 + s->labellen]; + const size_t msglen = (1 + 32 + keylen) * 2 + 1 + s->labellen; + uint8_t *msg = alloca(msglen); msg[0] = !s->initiator; memcpy(msg + 1, s->hiskex, 1 + 32 + keylen); @@ -325,12 +327,12 @@ static bool receive_sig(sptps_t *s, const uint8_t *data, uint16_t len) { memcpy(msg + 1 + 2 * (33 + keylen), s->label, s->labellen); // Verify signature. - if(!ecdsa_verify(s->hiskey, msg, sizeof(msg), data)) { + if(!ecdsa_verify(s->hiskey, msg, msglen, data)) { return error(s, EIO, "Failed to verify SIG record"); } // Compute shared secret. - char shared[ECDH_SHARED_SIZE]; + uint8_t shared[ECDH_SHARED_SIZE]; if(!ecdh_compute_shared(s->ecdh, s->hiskex + 1 + 32, shared)) { return error(s, EINVAL, "Failed to compute ECDH shared secret"); @@ -513,7 +515,7 @@ bool sptps_verify_datagram(sptps_t *s, const void *vdata, size_t len) { return error(s, EIO, "Received short packet"); } - const char *data = vdata; + const uint8_t *data = vdata; uint32_t seqno; memcpy(&seqno, data, 4); seqno = ntohl(seqno); @@ -522,7 +524,7 @@ bool sptps_verify_datagram(sptps_t *s, const void *vdata, size_t len) { return false; } - char buffer[len]; + uint8_t *buffer = alloca(len); size_t outlen; return chacha_poly1305_decrypt(s->incipher, seqno, data + 4, len - 4, buffer, &outlen); } @@ -558,7 +560,7 @@ static bool sptps_receive_data_datagram(sptps_t *s, const uint8_t *data, size_t // Decrypt - uint8_t buffer[len]; + uint8_t *buffer = alloca(len); size_t outlen; if(!chacha_poly1305_decrypt(s->incipher, seqno, data, len, buffer, &outlen)) {