+/****d* silcske/SilcSKEAPI/SilcSKEStatus
+ *
+ * NAME
+ *
+ * typedef enum { ... } SilcSKEStatus;
+ *
+ * DESCRIPTION
+ *
+ * Status types returned in SKE callbacks. This tell the status of
+ * the SKE session, and if an error occurred. Application can map the
+ * status to human readable string with silc_ske_map_status function.
+ *
+ * SOURCE
+ */
+typedef enum {
+ /* These are defined by the protocol */
+ SILC_SKE_STATUS_OK = 0, /* No error */
+ SILC_SKE_STATUS_ERROR = 1, /* Unknown error */
+ SILC_SKE_STATUS_BAD_PAYLOAD = 2, /* Malformed payload */
+ SILC_SKE_STATUS_UNKNOWN_GROUP = 3, /* Unsupported DH group */
+ SILC_SKE_STATUS_UNKNOWN_CIPHER = 4, /* Unsupported cipher */
+ SILC_SKE_STATUS_UNKNOWN_PKCS = 5, /* Unsupported PKCS algorithm */
+ SILC_SKE_STATUS_UNKNOWN_HASH_FUNCTION = 6, /* Unsupported hash function */
+ SILC_SKE_STATUS_UNKNOWN_HMAC = 7, /* Unsupported HMAC */
+ SILC_SKE_STATUS_UNSUPPORTED_PUBLIC_KEY = 8, /* Unsupported/not trusted PK */
+ SILC_SKE_STATUS_INCORRECT_SIGNATURE = 9, /* Incorrect signature */
+ SILC_SKE_STATUS_BAD_VERSION = 10, /* Unsupported version */
+ SILC_SKE_STATUS_INVALID_COOKIE = 11, /* Cookie was modified */
+
+ /* Implementation specific status types */
+ SILC_SKE_STATUS_PUBLIC_KEY_NOT_PROVIDED, /* Remote did not send PK */
+ SILC_SKE_STATUS_BAD_RESERVED_FIELD, /* Reserved field was not 0 */
+ SILC_SKE_STATUS_BAD_PAYLOAD_LENGTH, /* Payload includes garbage */
+ SILC_SKE_STATUS_SIGNATURE_ERROR, /* Error computing signature */
+ SILC_SKE_STATUS_OUT_OF_MEMORY, /* System out of memory */
+} SilcSKEStatus;
+/***/
+
+#include "silcske_groups.h"
+#include "silcske_payload.h"
+
+/****d* silcske/SilcSKEAPI/SilcSKESecurityPropertyFlag
+ *
+ * NAME
+ *
+ * typedef enum { ... } SilcSKESecurityPropertyFlag
+ *
+ * DESCRIPTION
+ *
+ * SKE security property flags as defined by the SK protocol.
+ *
+ * SOURCE
+ */
+typedef enum {
+ SILC_SKE_SP_FLAG_NONE = 0x00, /* No flags */
+ SILC_SKE_SP_FLAG_IV_INCLUDED = 0x01, /* IV included in packet */
+ SILC_SKE_SP_FLAG_PFS = 0x02, /* Perfect Forward Secrecy */
+ SILC_SKE_SP_FLAG_MUTUAL = 0x04, /* Mutual authentication */
+} SilcSKESecurityPropertyFlag;
+/***/
+
+/****s* silcske/SilcSKEAPI/SilcSKESecurityProperties
+ *
+ * NAME
+ *
+ * typedef struct { ... } *SilcSKESecurityProperties;
+ *
+ * DESCRIPTION
+ *
+ * Security Properties negotiated between key exchange parties. This
+ * structure is filled from the Key Exchange Start Payload which is used
+ * to negotiate what security properties must be used in the
+ * communication.
+ *
+ * SOURCE
+ */
+typedef struct {
+ SilcSKESecurityPropertyFlag flags; /* Flags */
+ SilcSKEDiffieHellmanGroup group; /* Selected Diffie Hellman group */
+ SilcCipher cipher; /* Selected cipher */
+ SilcHmac hmac; /* Selected HMAC */
+ SilcHash hash; /* Selected hash algorithm */
+ SilcPKCS pkcs; /* Selected PKCS and remote's
+ public key/certificate */
+} *SilcSKESecurityProperties;
+/***/
+
+/****s* silcske/SilcSKEAPI/SilcSKEKeyMaterial
+ *
+ * NAME
+ *
+ * typedef struct { ... } *SilcSKEKeyMaterial;
+ *
+ * DESCRIPTION
+ *
+ * This is the key material structure, and is passed as argument by the
+ * application to silc_ske_process_key_material* functions. It includes
+ * the processed key material which can be used as SILC session keys.
+ *
+ * SOURCE
+ */
+typedef struct {
+ unsigned char *send_iv;
+ unsigned char *receive_iv;
+ SilcUInt32 iv_len;
+ unsigned char *send_enc_key;
+ unsigned char *receive_enc_key;
+ SilcUInt32 enc_key_len;
+ unsigned char *send_hmac_key;
+ unsigned char *receive_hmac_key;
+ SilcUInt32 hmac_key_len;
+} *SilcSKEKeyMaterial;
+/***/
+
+/****s* silcske/SilcSKEAPI/SilcSKERekeyMaterial
+ *
+ * NAME
+ *
+ * typedef struct { ... } *SilcSKERekeyMaterial;
+ *
+ * DESCRIPTION
+ *
+ * This context is returned after key exchange protocol to application
+ * in the completion callback. Application may save it and use it later
+ * to perform the rekey with silc_ske_rekey_initiator_start and/or
+ * silc_ske_rekey_responder_start functions. If application does not
+ * need the context, it may free it with silc_free function.
+ *
+ * Application may save application specific data to `user_context'.
+ *
+ * SOURCE
+ */
+typedef struct {
+ void *user_context; /* Application specific data */
+ unsigned char *send_enc_key;
+ unsigned int enc_key_len : 23;
+ unsigned int ske_group : 8;
+ unsigned int pfs : 1;
+} *SilcSKERekeyMaterial;
+/***/
+
+/****d* silcske/SilcSKEAPI/SilcSKEPKType
+ *
+ * NAME
+ *
+ * typedef enum { ... } SilcSKEPKType;
+ *
+ * DESCRIPTION
+ *
+ * Public key and certificate types defined by the SKE protocol.
+ *
+ * SOURCE
+ */