1 /* cookie generation/verification routines.
2 * Copyright (C) 1997 Angelos D. Keromytis.
3 * Copyright (C) 1998-2002 D. Hugh Redelmeier.
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * RCSID $Id: cookie.c,v 1.16 2002/01/21 03:14:15 dhr Exp $
20 #include <sys/types.h>
21 #include <sys/socket.h>
22 #include <netinet/in.h>
26 #include "constants.h"
32 const u_char zero_cookie[COOKIE_SIZE]; /* guaranteed 0 */
35 * First argument is true if we're to create an Initiator cookie.
36 * Length SHOULD be a multiple of sizeof(u_int32_t).
39 get_cookie(bool initiator, u_int8_t *cookie, int length, const ip_address *addr)
41 u_char buffer[SHA1_DIGEST_SIZE];
47 get_rnd_bytes(cookie, length);
49 else /* Responder cookie */
51 /* This looks as good as any way */
53 static u_int32_t counter = 0;
54 unsigned char addr_buff[
55 sizeof(union {struct in_addr; struct in6_addr;})];
57 addr_length = addrbytesof(addr, addr_buff, sizeof(addr_buff));
59 SHA1Update(&ctx, addr_buff, addr_length);
60 SHA1Update(&ctx, secret_of_the_day, sizeof(secret_of_the_day));
62 SHA1Update(&ctx, (const void *) &counter, sizeof(counter));
63 SHA1Final(buffer, &ctx);
64 memcpy(cookie, buffer, length);
66 } while (is_zero_cookie(cookie)); /* probably never loops */