<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: cipe-l,AT,inka,DOT,de
Subject: CIPE-Win32: communication breakdown
From: Christof Meerwald <cmeerw,AT,web,DOT,de>
Date: Fri, 6 Jun 2003 18:24:11 +0200

Hi,

I experienced some random communication breakdowns when using a CIPE link
between CIPE-Win32 and (Linux)-CIPE. I finally tracked it down to a bug in
CIPE-Win32 where it doesn't correctly implement the CIPE protocol.

  "The key negotiation procedure normally runs as follows: The sender sends
  a NK_IND with the new key, then invalidates its own sending key."

But CIPE-Win32 doesn't invalidate the sending key, instead it keeps using
the previous sending key until it receives an NK_ACK. So in case the NK_ACK
is lost, CIPE-Win32 still encrypts using the previous sending key, but the
remote end already expects the new key.

A simple fix is to add the following statement to
CipeBlowfishEncryptor::GenerateDynamicKeyData(CipeEncryptionKeyType
p_KeyType):

    m_HaveKey [p_KeyType] = FALSE;

bye, Christof

-- 
http://cmeerw.org                                 JID: cmeerw,AT,jabber,DOT,at
mailto cmeerw at web.de


<< | Thread Index | >> ]    [ << | Date Index | >> ]