mirror of https://gogs.blitter.com/RLabs/xs
Fixed IV feed into initial HMAC during chan setup
This commit is contained in:
parent
02e379e50d
commit
4168b5038b
2
Makefile
2
Makefile
|
@ -1,4 +1,4 @@
|
||||||
VERSION := 0.9.3
|
VERSION := 0.9.4
|
||||||
.PHONY: lint vis clean common client server passwd subpkgs install uninstall reinstall
|
.PHONY: lint vis clean common client server passwd subpkgs install uninstall reinstall
|
||||||
|
|
||||||
## Tag version of binaries with build info wrt.
|
## Tag version of binaries with build info wrt.
|
||||||
|
|
|
@ -105,9 +105,11 @@ func (hc *Conn) getStream(keymat []byte) (rc cipher.Stream, mc hash.Hash, err er
|
||||||
log.Printf("[cipher BLOWFISH_64 (%d)]\n", copts)
|
log.Printf("[cipher BLOWFISH_64 (%d)]\n", copts)
|
||||||
case CAlgCryptMT1:
|
case CAlgCryptMT1:
|
||||||
rc = cryptmt.New(nil, nil, keymat)
|
rc = cryptmt.New(nil, nil, keymat)
|
||||||
|
//NOTE: this alg is not based on block cipher, no IV
|
||||||
log.Printf("[cipher CRYPTMT1 (%d)]\n", copts)
|
log.Printf("[cipher CRYPTMT1 (%d)]\n", copts)
|
||||||
case CAlgHopscotch:
|
case CAlgHopscotch:
|
||||||
rc = hopscotch.New(nil, nil, 4, keymat)
|
rc = hopscotch.New(nil, nil, 4, keymat)
|
||||||
|
//NOTE: this alg is not based on block cipher, no IV
|
||||||
log.Printf("[cipher HOPSCOTCH (%d)]\n", copts)
|
log.Printf("[cipher HOPSCOTCH (%d)]\n", copts)
|
||||||
case CAlgChaCha20_12:
|
case CAlgChaCha20_12:
|
||||||
keymat = expandKeyMat(keymat, chacha.KeySize)
|
keymat = expandKeyMat(keymat, chacha.KeySize)
|
||||||
|
@ -152,7 +154,7 @@ func (hc *Conn) getStream(keymat []byte) (rc cipher.Stream, mc hash.Hash, err er
|
||||||
//os.Exit(1)
|
//os.Exit(1)
|
||||||
}
|
}
|
||||||
|
|
||||||
if err != nil {
|
if err == nil && ivlen > 0 {
|
||||||
// Feed the IV into the hmac: all traffic in the connection must
|
// Feed the IV into the hmac: all traffic in the connection must
|
||||||
// feed its data into the hmac afterwards, so both ends can xor
|
// feed its data into the hmac afterwards, so both ends can xor
|
||||||
// that with the stream to detect corruption.
|
// that with the stream to detect corruption.
|
||||||
|
|
Loading…
Reference in New Issue