-SilcSKEStatus silc_ske_initiator_start(SilcSKE ske, SilcRng rng,
- SilcSocketConnection sock,
- SilcSKEStartPayload *start_payload,
- SilcSKESendPacketCb send_packet,
- void *context);
-SilcSKEStatus silc_ske_initiator_phase_1(SilcSKE ske,
- SilcBuffer start_payload,
- SilcSKECb callback,
- void *context);
-SilcSKEStatus silc_ske_initiator_phase_2(SilcSKE ske,
- SilcPublicKey public_key,
- SilcSKESendPacketCb send_packet,
- void *context);
-SilcSKEStatus silc_ske_initiator_finish(SilcSKE ske,
- SilcBuffer ke2_payload,
- SilcSKEVerifyCb verify_key,
- void *verify_context,
- SilcSKECb callback,
- void *context);
-SilcSKEStatus silc_ske_responder_start(SilcSKE ske, SilcRng rng,
- SilcSocketConnection sock,
- char *version,
- SilcBuffer start_payload,
- SilcSKECb callback,
- void *context);
-SilcSKEStatus silc_ske_responder_phase_1(SilcSKE ske,
- SilcSKEStartPayload *start_payload,
- SilcSKESendPacketCb send_packet,
- void *context);
-SilcSKEStatus silc_ske_responder_phase_2(SilcSKE ske,
- SilcBuffer ke1_payload,
- SilcSKECb callback,
- void *context);
-SilcSKEStatus silc_ske_responder_finish(SilcSKE ske,
- SilcPublicKey public_key,
- SilcPrivateKey private_key,
- SilcSKEPKType pk_type,
- SilcSKESendPacketCb send_packet,
- void *context);
-SilcSKEStatus silc_ske_end(SilcSKE ske,
- SilcSKESendPacketCb send_packet,
- void *context);
-SilcSKEStatus silc_ske_abort(SilcSKE ske, SilcSKEStatus status,
- SilcSKESendPacketCb send_packet,
- void *context);
-SilcSKEStatus
+
+/****f* silcske/SilcSKEAPI/silc_ske_get_context
+ *
+ * SYNOPSIS
+ *
+ * void *silc_ske_get_context(SilcSKE ske);
+ *
+ * DESCRIPTION
+ *
+ * Returns the context that was given as argument to silc_ske_alloc.
+ *
+ ***/
+void *silc_ske_get_context(SilcSKE ske);
+
+/****f* silcske/SilcSKEAPI/silc_ske_set_callbacks
+ *
+ * SYNOPSIS
+ *
+ * void silc_ske_set_callbacks(SilcSKE ske,
+ * SilcSKEVerifyCb verify_key,
+ * SilcSKECompletion completed,
+ * void *context);
+ *
+ * DESCRIPTION
+ *
+ * Sets the callback functions for the SKE session.
+ *
+ * The `verify_key' callback is called to verify the received public key
+ * or certificate. The verification process is most likely asynchronous.
+ * That is why the application must call the completion callback when the
+ * verification process has been completed. If this SKE session context
+ * is used to perform rekey, this callback usually is not provided as
+ * argument since sending public key in rekey is not mandatory. Setting
+ * this callback implies that remote end MUST send its public key.
+ *
+ * The `completed' callback will be called once the protocol has completed,
+ * either successfully or with an error. The status of the protocol is
+ * delivered to application with the callback.
+ *
+ * The `context' is passed as argument to all of the above callback
+ * functions.
+ *
+ ***/
+void silc_ske_set_callbacks(SilcSKE ske,
+ SilcSKEVerifyCb verify_key,
+ SilcSKECompletionCb completed,
+ void *context);
+
+/****f* silcske/SilcSKEAPI/silc_ske_initiator_start
+ *
+ * SYNOPSIS
+ *
+ * SilcAsyncOperation
+ * silc_ske_initiator_start(SilcSKE ske,
+ * SilcPacketStream stream,
+ * SilcSKEStartPayload start_payload);
+ *
+ * DESCRIPTION
+ *
+ * Starts the SILC Key Exchange protocol as initiator. The completion
+ * callback that was set in silc_ske_set_callbacks will be called once
+ * the protocol has completed.
+ *
+ * The `stream' is the network connection to the remote host. Note that
+ * SKE library will take over the packet stream `stream' while the
+ * protocol is in process. The application will not receive any packets
+ * for `stream' after this function is called. The `stream' is turned
+ * over to application once the completion callback is called.
+ *
+ * The `start_payload' includes all configured security properties that
+ * will be sent to the responder. The `start_payload' must be provided.
+ * It can be created by calling silc_ske_assemble_security_properties
+ * function. The caller must not free the payload once it has been
+ * given as argument to this function.
+ *
+ * This function returns SilcAsyncOperation operation context which can
+ * be used to control the protocol from the application. Application may
+ * for example safely abort the protocol at any point, if needed. Returns
+ * NULL on error.
+ *
+ ***/
+SilcAsyncOperation
+silc_ske_initiator(SilcSKE ske,
+ SilcPacketStream stream,
+ SilcSKEStartPayload start_payload);
+
+/****f* silcske/SilcSKEAPI/silc_ske_responder_start
+ *
+ * SYNOPSIS
+ *
+ * SilcAsyncOperation
+ * silc_ske_responder_start(SilcSKE ske,
+ * SilcPacketStream stream,
+ * const char *version,
+ * SilcBuffer start_payload,
+ * SilcSKESecurityPropertyFlag flags);
+ *
+ * DESCRIPTION
+ *
+ * Starts SILC Key Exchange protocol as responder. The completion
+ * callback that was set in silc_ske_set_callbacks will be called once
+ * the protocol has completed.
+ *
+ * The `stream' is the network connection to the remote host. Note that
+ * SKE library will take over the packet stream `stream' while the
+ * protocol is in process. The application will not receive any packets
+ * for `stream' after this function is called. The `stream' is turned
+ * over to application once the completion callback is called.
+ *
+ * The `version' is the responder's SILC protocol version that will be
+ * sent in reply to the initiator. The `flags' indicates the
+ * SilcSKESecurityPropertyFlag flags that responder supports and enforces
+ * for the initiator. Responder may, for example, enforce that the PFS
+ * will be performed in rekey.
+ *
+ * This function returns SilcAsyncOperation operation context which can
+ * be used to control the protocol from the application. Application may
+ * for example safely abort the protocol at any point, if needed. Returns
+ * NULL on error.
+ *
+ ***/
+SilcAsyncOperation
+silc_ske_responder(SilcSKE ske,
+ SilcPacketStream stream,
+ const char *version,
+ SilcSKESecurityPropertyFlag flags);
+
+SilcAsyncOperation
+silc_ske_rekey_initiator(SilcSKE ske,
+ SilcPacketStream stream,
+ SilcSKERekeyMaterial rekey);
+
+SilcAsyncOperation
+silc_ske_rekey_responder(SilcSKE ske,
+ SilcPacketStream stream,
+ SilcBuffer ke_payload,
+ SilcSKERekeyMaterial rekey);
+
+/****f* silcske/SilcSKEAPI/silc_ske_assemble_security_properties
+ *
+ * SYNOPSIS
+ *
+ * SilcSKEStartPayload
+ * silc_ske_assemble_security_properties(SilcSKE ske,
+ * SilcSKESecurityPropertyFlag flags,
+ * const char *version);
+ *
+ * DESCRIPTION
+ *
+ * Assembles security properties to Key Exchange Start Payload to be
+ * sent to the remote end. This checks system wide (SILC system, that is)
+ * settings and chooses from those. However, if other properties
+ * should be used this function is easy to replace by another function.
+ * Returns NULL on error. This is an utility function. This is used
+ * by the initiator of the protocol. The `version' is the local SILC
+ * protocol version string.
+ *
+ ***/
+SilcSKEStartPayload