mirror of
https://gogs.blitter.com/RLabs/xs
synced 2024-08-14 10:26:42 +00:00
Fixed error in processing of allowed HMAC algs.
xsd: allowed algs default to none if unspecified.
This commit is contained in:
Russ Magee
parent
129dce4b08
commit
cfc9ab8590
2 changed files with 254 additions and 231 deletions
19
xsnet/net.go
19
xsnet/net.go
|
|
@ -25,6 +25,7 @@ package xsnet
|
|||
import (
|
||||
"bytes"
|
||||
"crypto/cipher"
|
||||
crand "crypto/rand"
|
||||
"encoding/binary"
|
||||
"encoding/hex"
|
||||
"errors"
|
||||
|
|
@ -39,7 +40,6 @@ import (
|
|||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
crand "crypto/rand"
|
||||
|
||||
hkex "blitter.com/go/herradurakex"
|
||||
"blitter.com/go/kyber"
|
||||
|
|
@ -169,11 +169,11 @@ func (hc *Conn) HAlg() CSHmacAlg {
|
|||
}
|
||||
|
||||
func (h *CSHmacAlg) String() string {
|
||||
switch (*h >> 8) & 0x0FF {
|
||||
switch *h & 0x0FF {
|
||||
case HmacSHA256:
|
||||
return "H_SHA256"
|
||||
case HmacSHA512:
|
||||
return "C_SHA512"
|
||||
return "H_SHA512"
|
||||
default:
|
||||
return "H_ERR_UNK"
|
||||
}
|
||||
|
|
@ -296,7 +296,7 @@ func _new(kexAlg KEXAlg, conn *net.Conn) (hc *Conn, e error) {
|
|||
case KEX_FRODOKEM_976AES:
|
||||
fallthrough
|
||||
case KEX_FRODOKEM_976SHAKE:
|
||||
log.Printf("[KEx alg %d accepted]\n", kexAlg)
|
||||
//log.Printf("[KEx alg %d is valid]\n", kexAlg)
|
||||
default:
|
||||
// UNREACHABLE: _getkexalgnum() guarantees a valid KEX value
|
||||
hc.kex = KEX_HERRADURA512
|
||||
|
|
@ -517,7 +517,7 @@ func NewHopeDialSetup(c io.ReadWriter, hc *Conn) (err error) {
|
|||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
|
||||
hc.r, hc.rm, err = hc.getStream(aliceSharedSecret)
|
||||
hc.w, hc.wm, err = hc.getStream(aliceSharedSecret)
|
||||
return
|
||||
|
|
@ -559,7 +559,7 @@ func NewHopeSimpleDialSetup(c io.ReadWriter, hc *Conn) (err error) {
|
|||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
|
||||
hc.r, hc.rm, err = hc.getStream(aliceSharedSecret)
|
||||
hc.w, hc.wm, err = hc.getStream(aliceSharedSecret)
|
||||
return
|
||||
|
|
@ -672,7 +672,6 @@ func FrodoKEMAcceptSetup(c *net.Conn, hc *Conn) (err error) {
|
|||
}
|
||||
pubB, secB := kem.Keygen()
|
||||
|
||||
|
||||
// [Alice sends use a public key (na, ea)
|
||||
pubA_bigint := big.NewInt(0)
|
||||
_, err = fmt.Fscanf(*c, "0x%x\n", pubA_bigint)
|
||||
|
|
@ -696,7 +695,7 @@ func FrodoKEMAcceptSetup(c *net.Conn, hc *Conn) (err error) {
|
|||
|
||||
// (... and send cipher, connection opts)
|
||||
fmt.Fprintf(*c, "0x%x:0x%x\n", hc.cipheropts, hc.opts)
|
||||
|
||||
|
||||
// Bob, step 3: Create ctBtoA, shareB
|
||||
ctBtoA, shareB, err := kem.Encapsulate(pubA)
|
||||
if err != nil {
|
||||
|
|
@ -1173,10 +1172,8 @@ func (hl *HKExListener) Accept() (hc Conn, err error) {
|
|||
return Conn{}, err
|
||||
}
|
||||
|
||||
// Finally, ensure alg proposed by client is allowed by server config
|
||||
//if hc.kex.String() {
|
||||
log.Println("[hc.Accept successful]")
|
||||
return
|
||||
return hc, err
|
||||
}
|
||||
|
||||
/*---------------------------------------------------------------------*/
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue