warp-vpn

point to point VPN implementation
git clone git://git.2f30.org/warp-vpn
Log | Files | Refs | README

commit 955660f7641a787e8267d1c10a3c7bf8dde8a376
parent 3a4abce01b6b65c517445f8d1baa5a2e5e19bf66
Author: sin <sin@2f30.org>
Date:   Thu, 14 Apr 2016 00:17:41 +0100

don't overload crypto init with cipher selection and key derivation

Diffstat:
Mcrypto.c | 8+++-----
Mstun.c | 4+++-
Mstun.h | 4+++-
3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/crypto.c b/crypto.c @@ -8,7 +8,7 @@ static EVP_AEAD_CTX ectx, dctx; static const EVP_AEAD *aead; static unsigned char key[EVP_MAX_KEY_LENGTH]; -static void +void setcipher(char *name) { struct { @@ -33,7 +33,7 @@ setcipher(char *name) logerr("unknown cipher: %s", name); } -static void +void derivekey(char *pw) { if (!PKCS5_PBKDF2_HMAC_SHA1(pw, strlen(pw), NULL, 0, NROUNDS, @@ -42,10 +42,8 @@ derivekey(char *pw) } void -cryptoinit(char *cipher, char *pw) +cryptoinit(void) { - setcipher(cipher); - derivekey(pw); if (!EVP_AEAD_CTX_init(&ectx, aead, key, EVP_AEAD_key_length(aead), EVP_AEAD_DEFAULT_TAG_LENGTH, NULL) || !EVP_AEAD_CTX_init(&dctx, aead, key, EVP_AEAD_key_length(aead), diff --git a/stun.c b/stun.c @@ -127,7 +127,9 @@ main(int argc, char *argv[]) /* initialize crypto engine */ if (!(pw = getenv("STUNPW"))) logerr("STUNPW is not set"); - cryptoinit(cipher, pw); + setcipher(cipher); + derivekey(pw); + cryptoinit(); memset(pw, 0, strlen(pw)); /* initialize networking engine */ diff --git a/stun.h b/stun.h @@ -35,7 +35,9 @@ int response(int); int clientconnect(char *, char *); /* crypto.c */ -void cryptoinit(char *, char *); +void setcipher(char *); +void derivekey(char *); +void cryptoinit(void); size_t cryptononcelen(void); size_t cryptotaglen(void); int cryptoseal(unsigned char *, size_t *, size_t, const unsigned char *,