/* Rotate in a new DH public key for our correspondent. Be sure to keep
* the sesskeys array in sync. */
static gcry_error_t rotate_y_keys(ConnContext *context, gcry_mpi_t new_y)
{
gcry_error_t err;
/* Rotate the public key */
gcry_mpi_release(context->their_old_y);
context->their_old_y = context->their_y;
/* Rotate the session keys */
err = reveal_macs(context, &(context->sesskeys[0][1]),
&(context->sesskeys[1][1]));
if (err) return err;
otrl_dh_session_free(&(context->sesskeys[0][1]));
otrl_dh_session_free(&(context->sesskeys[1][1]));
memmove(&(context->sesskeys[0][1]), &(context->sesskeys[0][0]),
sizeof(DH_sesskeys));
memmove(&(context->sesskeys[1][1]), &(context->sesskeys[1][0]),
sizeof(DH_sesskeys));
/* Copy in the new public key */
context->their_y = gcry_mpi_copy(new_y);
context->their_keyid++;
/* Make the session keys */
err = otrl_dh_session(&(context->sesskeys[0][0]),
&(context->our_dh_key), context->their_y);
if (err) return err;
err = otrl_dh_session(&(context->sesskeys[1][0]),
&(context->our_old_dh_key), context->their_y);
if (err) return err;
return gcry_error(GPG_ERR_NO_ERROR);
}
/* Make a new DH key for us, and rotate old old ones. Be sure to keep
* the sesskeys array in sync. */
static gcry_error_t rotate_dh_keys(ConnContext *context)
{
gcry_error_t err;
/* Rotate the keypair */
otrl_dh_keypair_free(&(context->context_priv->our_old_dh_key));
memmove(&(context->context_priv->our_old_dh_key),
&(context->context_priv->our_dh_key),
sizeof(DH_keypair));
/* Rotate the session keys */
err = reveal_macs(context, &(context->context_priv->sesskeys[1][0]),
&(context->context_priv->sesskeys[1][1]));
if (err) return err;
otrl_dh_session_free(&(context->context_priv->sesskeys[1][0]));
otrl_dh_session_free(&(context->context_priv->sesskeys[1][1]));
memmove(&(context->context_priv->sesskeys[1][0]),
&(context->context_priv->sesskeys[0][0]),
sizeof(DH_sesskeys));
memmove(&(context->context_priv->sesskeys[1][1]),
&(context->context_priv->sesskeys[0][1]),
sizeof(DH_sesskeys));
/* Create a new DH key */
otrl_dh_gen_keypair(DH1536_GROUP_ID, &(context->context_priv->our_dh_key));
context->context_priv->our_keyid++;
/* Make the session keys */
if (context->context_priv->their_y) {
err = otrl_dh_session(&(context->context_priv->sesskeys[0][0]),
&(context->context_priv->our_dh_key),
context->context_priv->their_y);
if (err) return err;
} else {
otrl_dh_session_blank(&(context->context_priv->sesskeys[0][0]));
}
if (context->context_priv->their_old_y) {
err = otrl_dh_session(&(context->context_priv->sesskeys[0][1]),
&(context->context_priv->our_dh_key),
context->context_priv->their_old_y);
if (err) return err;
} else {
otrl_dh_session_blank(&(context->context_priv->sesskeys[0][1]));
}
return gcry_error(GPG_ERR_NO_ERROR);
}
