Use the correct direction flag when setting cipher keys.
The flag was set incorrectly, but for most ciphers this does not have any effect. AES in any of the block modes is picky about it though.
This commit is contained in:
Guus Sliepen
parent
303dd1e702
commit
2ba61742d4
2 changed files with 6 additions and 6 deletions
|
|
@ -285,10 +285,10 @@ static bool metakey_ec_h(connection_t *c, const char *request) {
|
||||||
|
|
||||||
free(seed);
|
free(seed);
|
||||||
|
|
||||||
cipher_set_key(&c->incipher, mykey, true);
|
cipher_set_key(&c->incipher, mykey, false);
|
||||||
digest_set_key(&c->indigest, mykey + mykeylen, mykeylen);
|
digest_set_key(&c->indigest, mykey + mykeylen, mykeylen);
|
||||||
|
|
||||||
cipher_set_key(&c->outcipher, hiskey, false);
|
cipher_set_key(&c->outcipher, hiskey, true);
|
||||||
digest_set_key(&c->outdigest, hiskey + hiskeylen, hiskeylen);
|
digest_set_key(&c->outdigest, hiskey + hiskeylen, hiskeylen);
|
||||||
|
|
||||||
c->status.decryptin = true;
|
c->status.decryptin = true;
|
||||||
|
|
|
||||||
|
|
@ -171,7 +171,7 @@ bool send_ans_key(node_t *to) {
|
||||||
to->incompression = myself->incompression;
|
to->incompression = myself->incompression;
|
||||||
|
|
||||||
randomize(key, keylen);
|
randomize(key, keylen);
|
||||||
cipher_set_key(&to->incipher, key, true);
|
cipher_set_key(&to->incipher, key, false);
|
||||||
digest_set_key(&to->indigest, key, keylen);
|
digest_set_key(&to->indigest, key, keylen);
|
||||||
|
|
||||||
bin2hex(key, key, keylen);
|
bin2hex(key, key, keylen);
|
||||||
|
|
@ -330,10 +330,10 @@ bool ans_key_h(connection_t *c, char *request) {
|
||||||
digest_open_by_nid(&from->indigest, digest_get_nid(&myself->indigest), digest_length(&myself->indigest));
|
digest_open_by_nid(&from->indigest, digest_get_nid(&myself->indigest), digest_length(&myself->indigest));
|
||||||
from->incompression = myself->incompression;
|
from->incompression = myself->incompression;
|
||||||
|
|
||||||
cipher_set_key(&from->incipher, mykey, true);
|
cipher_set_key(&from->incipher, mykey, false);
|
||||||
digest_set_key(&from->indigest, mykey + mykeylen, mykeylen);
|
digest_set_key(&from->indigest, mykey + mykeylen, mykeylen);
|
||||||
|
|
||||||
cipher_set_key(&from->outcipher, hiskey, false);
|
cipher_set_key(&from->outcipher, hiskey, true);
|
||||||
digest_set_key(&from->outdigest, hiskey + hiskeylen, hiskeylen);
|
digest_set_key(&from->outdigest, hiskey + hiskeylen, hiskeylen);
|
||||||
|
|
||||||
// Reset sequence number and late packet window
|
// Reset sequence number and late packet window
|
||||||
|
|
@ -354,7 +354,7 @@ bool ans_key_h(connection_t *c, char *request) {
|
||||||
|
|
||||||
/* Update our copy of the origin's packet key */
|
/* Update our copy of the origin's packet key */
|
||||||
|
|
||||||
cipher_set_key(&from->outcipher, key, false);
|
cipher_set_key(&from->outcipher, key, true);
|
||||||
digest_set_key(&from->outdigest, key, keylen);
|
digest_set_key(&from->outdigest, key, keylen);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue