- o Diffie-Hellman acceleration
-
- (o Symmetric key cryptosystem acceleration? They are always sycnhronouos
- even with hardware acceleration so the crypto API shouldn't require
- changes.) maybe
-
-
-lib/silcmath
-============
-
- o Import TFM. We want TFM's speed but its memory requirements are
- just too much. By default it uses large pre-allocated tables which
- will eat memory when there are thousands of public keys in system.
- We probably want to change TFM's fp_int dynamic so that a specific
- size can be allocated for the int. We could have two new functions:
-
- SilcBool silc_mp_init_size(SilcMPInt *mp, SilcUInt32 bit_size);
- SilcBool silc_mp_sinit_size(SilcStack stack, SilcMPInt *mp,
- SilcUInt32 bit_size);
-
- Which by default allocates `bit_size' bits instead of some default
- value. silc_mp_init would allocate the default FP_SIZE with TFM
- and do normal init with TMA and GMP. _init_size with TMA and GMP
- would be same as _init.
-
- o Add AND, OR and XOR support to TFM or ask Tom to do it.
-
- o The SILC MP API function must start returning indication of success
- and failure of the operation.
-
- o Do SilcStack support for silc_mp_init, silc_mp_init_size and other
- any other MP function (including utility ones) that may allocate
- memory.
-
- o All utility functions should be made non-allocating ones.
-
-
-SILC XML Library, lib/silcxml/
-==============================
-
- o SILC XML API (wrapper to expat). Look at the expat API and simplify
- it. The SILC XML API should have at most 8-10 API functions. It should
- be possible to create full XML parser with only one function. And, it
- should be possible to have a function that is able to parse an entire
- XML document. It should also have a parser function to be able to
- parse a stream of XML data (SilcStream). It MUST NOT have operations
- that require multiple function calls to be able to execute that one
- operation (like creating parser).
-
-
-lib/silcske/silcske.[ch]
-========================
-
- o Ratelimit to UDP/IP transport for incoming packets.
-
-
-lib/silcasn1
-============
-
- o Negative integer encoding is missing, add it.
-
- o SILC_ASN1_CHOICE should perhaps return an index what choice in the
- choice list was found. Currently it is left for caller to figure out
- which choice was found. (***DONE)
-
- o SILC_ASN1_NULL in decoding should return SilcBool whether or not
- the NULL was present. It's important when it's SILC_ASN1_OPTIONAL
- and we need to know whether it was present or not. (***DONE)
-
-
-lib/silcpgp
-===========
-
- o OpenPGP certificate support, allowing the use of PGP public keys.
-
-
-lib/silcssh
-===========
-
- o SSH2 public key/private key support, allowing the use of SSH2 keys.
- RFC 4716. (***DONE)
-
-
-lib/silcpkix
-============
-
- o PKIX implementation
-
-
-apps/silcd
-==========
-
- o Deprecate the old server. Write interface for the new lib/silcserver
- server library. The interface should work on Unix/Linux systems.
-
- o Consider deprecating also the old config file format and use XML
- istead. This should require SILC XML API implementation first.
-
- o The configuration must support dynamic router and server connections.
- The silcd must work without specifying any servers or routers to
- connect to.
-
- o The configuration must support specifying whether the server is
- SILC Server or SILC Router. This should not be deduced from the
- configuration as it was in < 1.2.
-
- o The configuration must support specifying the ciphers and hmacs and
- their order so that user can specify which algorithms take preference.
-
-
-lib/silcserver
-==============
-
- o Rewrite the entire server. Deprecate apps/silcd as the main server
- implementation and create lib/silcserver/. It is a platform
- independent server library. The apps/silcd will merely provide a
- a simple interface for the library.
-
- o Write the SILC Server library extensively using SILC FSM.
-
- o Server library must support multiple networks. This means that one
- server must be able to create multiple connections that each reach
- different SILC network. This means also that all cache's etc. must
- be either connection-specific or network-specific.
-
- o Library must support dynamic router and server connections. This means
- that connections are create only when they are needed, like when someone
- says JOIN foo@foo.bar.com or WHOIS foobar@silcnet.org.