-TODO/bugs in Irssi SILC client
+TODO for 1.2 And Beyond
+=======================
+
+NOTE: Any item that doesn't have (***DONE) in it, isn't done yet. The
+(***TESTING NEEDED) means that the item has been done but not yet properly
+tested.
+
+NOTE: A TODO entry does not mean that it is ever going to be done. Some
+of the entries may be just ideas, good, bad or ugly. If you want to work
+on some of the TODO entries simply let us know about it by dropping a note
+to silc-devel mailing list or appear on 'silc' channel on SILCNet.
+
+
+Crypto Library, lib/silccrypt/
==============================
- o Rewrite the notify handling in the new Irssi SILC client.
+ o Add fingerprint to SilcSILCPublicKey and retrieval to silcpk.h, and
+ possibly to silcpkcs.h.
+
+ /* Return fingerprint of the `public_key'. Returns also the algorithm
+ that has been used to make the fingerprint. */
+ const unsigned char *
+ silc_pkcs_get_fingerprint(SilcPublicKey public_key,
+ const char **hash_algorithm,
+ SilcUInt32 *fingerprint_len);
+
+ o Add CMAC and maybe others. Change needs rewrite of the internals of
+ the SILC Mac API, currently it's suitable only for HMACs.
+
+ o Global RNG must be changed to use SILC Global API.
+
+ o Global cipher, hash, mac, and pkcs tables must use SILC Global API.
+
+ o Add FIPS compliant RNG.
+
+ o Implement the defined SilcDH API. The definition is in
+ lib/silccrypt/silcdh.h. Make sure it is asynchronous so that it can
+ be accelerated. Also take into account that it could use elliptic
+ curves.
+
+ o Add Elgamal.
+
+ o Add ECDSA support.
+
+ o Add ECDH support.
+
+ o Add PKCS#1 RSAES-OAEP and RSASSA-PSS.
+
+ o Add GCM mode.
+
+ o Do GCC vs ICC benchmarks of all key algorithms.
+
+ o Add DSA support to SILC public key.
+
+ o The asynchronous functions to perhaps to _async to preserve backwards
+ compatibility with synchronous versions, and make easier to migrate
+ from 1.1 to 1.2. (***DONE)
- o /cumode for unknown nick does not give any error message.
+ o AES CBC is missing proper alignment code. (***DONE)
- o Add local command to switch the channel's private key when channel has
- several private keys. Currently sending channel messages with many
- keys is not possible because changing the key is not possible by the
- user.
+ o silc_pkcs_public_key_alloc should accept also SILC_PKCS_ANY as argument
+ and try all supported PKCS until one succeeds. (***DONE)
- o JOINing to +a (requires passphrase to JOIN) does not work on autojoin.
- Seems the passwords in the .silc/config has no effect.
+ o Associate a default hash function with all PKCS algorithms. User can
+ override it in silc_pkcs_sign. DSA with FIPS186-3 determines the
+ hash algorithm by the key length. (***DONE)
- o Add local commands to list the current server and client public keys
- that the user has. And a local command to dump the contents of the
- public key to the screen. Something like LISTKEYS, SHOWKEY...
+ o Document all cipher names, hash names, mac names, pkcs names. (***DONE)
- o Extend the /HELP command to support sub commands or something. So
- that user can say /help set mutual_authentication they would get
- help of the mutual_authentication setting.
+ o SilcHmac must be replaced with generic SilcMac so that we can add
+ others than just HMAC algorithms. Backwards support (via #define's)
+ must be preserved. (***DONE)
+ o Change the DSA implementation to support FIPS186-3. This means that
+ the q length is determined by the key length. (***DONE)
-TODO/bugs In SILC Client Library
-================================
+ o Add silc_crypto_init and silc_crypto_uninit. The _init should take
+ SilcStack that will act as global memory pool for all of crypto
+ library. It should not be necessary anymore to separately register
+ default ciphers, HMACs, etc, the _init would do that. However, if
+ user after _init calls silc_pkcs_register, for example, it would take
+ preference over the default once, ie. user can always dictate the
+ order of algorithms. (***DONE)
- o The PRIVATE_MESSAGE_KEY packet is not handled (it is implemented
- though). This should be added and perhaps new client operation
- should be added to notify application that it was received and
- set the key only if application wishes to set (accept the key) it.
+ o Change SILC PKCS API to asynchronous, so that accelerators can be used.
+ All PKCS routines should now take callbacks as argument and they should
+ be delivered to SilcPKCSObject and SilcPKCSAlgorithm too. (***DONE)
- o Additions to do after protocol version 1.1:
+ o Change PKCS Algorithm API to take SilcPKCSAlgorithm as argument to
+ encrypt, decrypt, sign and verify functions. We may need to for exmaple
+ check the alg->hash, supported hash functions. Maybe deliver it also
+ to all other functions in SilcPKCSAlgorithm to be consistent. (***DONE)
- o Fix the NICK_CHANGE notify handling not to create new entry
- for the changed client, but take the nickname from the notify
- (removes need for resolving as well). Protocol TODO entry 3.
+ o Add DSS support. (***DONE)
- o Add support for list of errors in command replies. Protocol
- TODO entry 1.
+ o All cipher, hash, hmac etc. allocation routines should take their name
+ in as const char * not const unsigned char *. (***DONE)
-TODO/bugs In SILC Server
+SKR Library, lib/silcskr/
+=========================
+
+ o Add fingerprint as search constraint.
+
+ o Add SSH support. (***DONE, TESTING NEEDED)
+
+ o Add OpenPGP support. Adding, removing, fetching PGP keys. (Keyring
+ support?)
+
+ o Add support for importing public keys from a directory and/or from a
+ file. Add support for exporting the repository (different formats for
+ different key types?).
+
+ o Add find rule AND and OR. The default is always AND. Add
+ silc_skr_find_set_rule.
+
+ o Add silc_skr_find_add_search_file that can be used to add a file to
+ search for the public keys. More than one can be set. Add support
+ for searching keys from file.
+
+ o Add silc_skr_find_add_search_dir that can be used to add a directory to
+ search for the public keys. More than one can be set. Add support
+ for seraching keys from directory.
+
+ o SilcStack to SKR API.
+
+
+SILC Accelerator Library
========================
- o Assure that server is allowed to connect only once to router. Meaning
- if server connection is established already, same connection cannot be
- established again.
+ o Diffie-Hellman acceleration to SILC Accelerator API.
- o If server send CUMODE_CHANGE notify (like setting founder) to router
- and router does not have founder on channel (founder is left or there's
- no founder on channel at all), the router will accept the server's
- founder mode change, even though it perhaps should not do that.
+ o Diffie-Hellman software acceleration.
- o Make the normal server save user counts with LIST command reply.
+ o Hardware acceleration through OCF (OCF-Linux,
+ http://ocf-linux.sourceforge.net).
- o Add hashed passwords to silcd.conf file.
+ o VIA Padlock support. See http://www.logix.cz/michal/devel/padlock/ and
+ Gladman's code.
- o The router should check for validity of received notify packets from
- servers (after all buggy servers may send notify that is actually
- something that should have not been sent).
+ o Implement GCM software acceleration.
- o Add a timeout to handling incoming JOIN commands. It should be
- enforced that JOIN command is executed only once in a second or two
- seconds. Now it is possible to accept n incoming JOIN commands
- and process them without any timeouts. THis must be employed because
- each JOIN command will create and distribute the new channel key
- to everybody on the channel.
+ o Add hash function acceleration to SILC Accelerator API.
- o Backup router related issues
+ o SILC Accelerator API. Provides generic way to use different kind of
+ accelerators. Basically implements SILC PKCS API so that SilcPublicKey
+ and SilcPrivateKey can be used but they call the accelerators.
+ (***DONE)
- o Channel user mode changes are notified unnecessarely when
- switching to backup router on router crash.
+ o Implement software accelerator. It is a thread pool system where the
+ public key and private key operations are executed in threads.
+ (***DONE)
- o New configuration file format must be added. The following
- tasks relates closely to this as well and must be done at the same time
- when adding the new config file format:
+ o Add SilcCipher support to SilcAccelerator and software accelerator.
+ Accelerate at least ciphers using CTR mode which can be done in
+ parallel. Do it in producer/consumer fashion where threads generate
+ key stream and other thread(s) encrypt using the key stream. (***DONE)
- o Server says that it is able to listen on multiple ports but
- currently that is bogus. It can, but internals are for single
- server.
- o Protocol execution timeouts are hard coded, should be
- configurable.
+lib/silcmath
+============
- o IP address fields in configuration file should accept mask
- format as well, IP/MASK, and not just plain IP.
+ o Prime generation progress using callback instead of printing to
+ stdout.
- o Lots of statistics updating is missing around the server.
+ o All utility functions should be made non-allocating ones.
- o If client's public key is saved in the server (and doing public key
- authentication) then the hostname and the username information could
- be taken from the public key. Should be a configuration option!
+ o Import TFM. We want TFM's speed but its memory requirements are
+ just too much. By default it uses large pre-allocated tables which
+ will eat memory when there are thousands of public keys in system.
+ We probably want to change TFM. (***DONE)
+ o Add AND, OR and XOR support to TFM. (***DONE)
-TODO/bugs In SILC Libraries
-===========================
+ o The SILC MP API function must start returning indication of success
+ and failure of the operation. (***DONE)
- o WIN32 silc_net_create_connection_async does not work the same way
- than on Unix. Do it with threads on WIN32. The function works but
- is not actually async currently.
+ o Do SilcStack support for silc_mp_init and other MP function
+ (including utility ones) that may allocate memory. (***DONE)
- o Rewrite the lib/silcsim/silcsim.h. The SilcSimContext should be
- private and silc_sim_alloc should take necessary arguments.
- o lib/silcsftp/sftp_fs_memory.c use directly open(), close() etc.
- routines. Change to use silc_file_* routines.
-
- o SILC RNG does not implement random seed files, and they should be
- implemented.
+lib/silcasn1
+============
+ o Negative integer encoding is missing, add it.
-TODO in Toolkit Documentation
-=============================
+ o SILC_ASN1_CHOICE should perhaps return an index what choice in the
+ choice list was found. Currently it is left for caller to figure out
+ which choice was found. (***DONE)
-Stuff that needs to be done in order to complete the Tooolkit Reference
-Manual.
+ o SILC_ASN1_NULL in decoding should return SilcBool whether or not
+ the NULL was present. It's important when it's SILC_ASN1_OPTIONAL
+ and we need to know whether it was present or not. (***DONE)
- o Lots of ROBOdoc header formatting is undone in lib/silcske,
- lib/silcutil, and lib/silccrypt.
- o Write "Programming with Toolkit" document, describing how to build
- Toolkit, how the build system works, where is everything, how
- new (external) projects can be glued into Toolkit (use irssi as an
- example), and how external projects can use Toolkit without gluing into
- it (how to link etc).
+lib/silcpgp
+===========
- o Write "Programming conventions" document to describe the coding
- and naming conventions used in the Toolkit (should not be
- actually the CodingStyle document, but something more general).
+ o OpenPGP certificate support, allowing the use of PGP public keys and
+ private keys.
- o Move the lib/silccrypt/silcrng.h's "how the RNG works" documentation
- to its own html file and link it to the reference manual.
+ o Signatures for data, public keys and private keys (Signature packet).
+ o Signature verification from public keys, private keys and other signed
+ data (Signature packet).
-TODO in SILC Protocol
-=====================
+ o Encryption and decryption support (Packet tags 8 and 18 most likely).
-Current protocol version is 1.0. However, it is far from being perfect,
-and needs to include additional features. Following protocol TODO entries
-describe new stuff to be added to protocol versions 1.x.
+ o Retrieval of User ID from public key and private key (Used ID packet
+ and User Attribute packet).
- 1. Re-define the Status Payload: it is now 16 bits, split it into two
- 8 bits fields. First field includes status types from 0 - 9 and
- 10 - n *if* it is not an list of errors. If it is list of errors then
- the first field includes 1, 2 and/or 3, and the second field includes
- the error status 10 - n. This way it is possible to send multiple
- errors (list of errors) and we have a way to tell the receiver that
- there will be other errors as well. The second field is used only
- if there is list of errors. If normal status, or normal (single)
- error status the second field is set to zero, and must be ignored.
- Hence, the status works same way as now except for list of errors.
- To be included in protocol version 1.1.
+ o Creation of OpenPGP key pairs.
- 2. Define that WHOIS and IDENTIFY commands must send list of errors
- if multiple Client ID (or Channel ID and Server ID for IDENTIFY) was
- requested and was not found. Each unfound entry must cause an error
- command reply to the sender. Also define that errors must be sent
- *after* sending successfully found entries (this way receiver may
- ignore them). To be included in protocol version 1.1.
+ o Trust packet handling (GNU PG compatible) from public and private keys.
- 3. Define the NICK_CHANGE notify to send the changed nickname as a new
- third argument. This will make the NICK_CHANGE notify handling easier
- in the receiver's end (client primarily) since it removes the
- requirement that receiver must resolve (using IDENTIFY or WHOIS) the
- new Client ID received in the notify (because of the new nickname is
- unknown). To be included in protocol version 1.1.
+ o Add option that the signature format doesn't use the OpenPGP format
+ but whatever is the default in SILC crypto library.
- 4. Add "request parameters" or similar to the WHOIS command, which can
- be used to request various parameters (something not returned by
- standard WHOIS command) about clients (info that could be fetched
- even from clients). Additional specification (or appendix) should
- be done to define the payload and the parameters. It could be used
- to make the WHOIS command support various search conditions as well.
- This would be the way to extend the WHOIS command to support various
- new features without always making the command incompatible to previous
- version. To be included in protocol version 1.1.
- 5. Inviting and banning by public key should be made possible. To be
- included in protocol version 1.x.
+lib/silcssh
+===========
- 6. Add perhaps SILENCE_USERS, SILENCE_OPERS channel user modes which
- can be used to silence (moderate) normal users and opers (this set
- only by founder). To be included in protocol version 1.1.
+ o Add option that the signature format doesn't use the SSH2 protocol
+ but whatever is the default in SILC crypto library;
+ silc_ssh_private_key_set_signature_type, or something.
- 7. Channel Message Payload needs slight redesining to include the IV
- field to the MAC generation of the payload. It is authenticated
- by the packet's MAC but not by the payload's MAC. Since the IV
- belongs to the payload, its integrity should be protected by the
- payload MAC and not alone by packet MAC. To be included in protocol
- version 1.1.
-
- 8. Remove the administrative commands from the protocol all together.
- It does not make sense for the protocol to define how a server is
- reconnected or shutdown, since they are implementation and
- configuration issues. Besides protocol provides only limited set of
- administrative commands and cannot define all that one could imagine.
- To be included in protocol version 1.1.
-
- 9. Add SILC_MESAGE_FLAG_REPLY for being other side to the
- SILC_MESSAGE_FLAG_REQUEST. Add generic SILC_MESSAGE_FLAG_DATA, which
- can include generic payload, which can include generic data. The
- payload definition is left out for now. To be included in protocol
- version 1.1.
-
- 10. Check command reply error status types in various commands,
- specifically NO_FOPRIV is missing from many commands. To be
- included in protocol version 1.1.
-
-
-TODO After 1.0
-==============
-
-A rough list of stuff that is going to be done to SILC after 1.0 or at
-least could be done.
+ o SSH2 public key/private key support, allowing the use of SSH2 keys.
+ RFC 4716. (***DONE)
- o Implement the defined SilcDH API. The definition is in
- lib/silccrypt/silcdh.h.
-
- o X.509 certificate support. SILC protocol supports certificates and
- it would be great to have support for them. This is a big task as
- support has to be made for ASN.1 as well. I've looked into OpenSSL
- package as it has X.509 certificate support (and ASN.1 as well).
- The code does not look very good to my eye but it has some potentials.
- This should be looked at more closely.
-
- Naturally own SILC Certificate API has to be defined regardles what
- the actual X.509 library is (OpenSSL X.509 or something else). Other
- choice is to write own X.509 library but I'm not going to do it -
- I can help to migrate the OpenSSL X.509 into SILC and I can help if
- someone would like to write the X.509 library - but I'm not going
- to start writing one myself. Anyhow, the OpenSSL X.509 lib should
- be checked.
-
- Other package that should be checked is the NSS's X509 library,
- which I like more over OpenSSL package.
-
- o SSH2 public keys support, allowing the use of SSH2 public keys in
- SILC.
-
- o OpenPGP certificate support, allowing the use of PGP public keys
- in SILC.
-
- o Compression routines are missing. The protocol supports packet
- compression thus it must be implemented. SILC Zip API must be
- defined.
-
- o Rewrite the lib/silcutil/silcprotocol.[ch] not to have [un]register
- functions, but to make it context based all the way. The alloc should
- take as argument the protocol type and its callback (not only
- final callback). It is not good that we have now global list of
- registered protocols.
-
- o Optimizations in Libraries
-
- o There is currently three (3) allocations per packet in the
- silc_packet_receive_process, which is used to process and
- dispatch all packets in the packet queue to the parser callback
- function. First allocation is for parse_ctx, second for the
- SilcPacketContext, and third for packet->buffer where the actual
- data is saved.
-
- The parse_ctx allocation can be removed by adding it as a
- structure to the SilcPacketContext. When the SilcPacketContext
- is allocated there is space for the parse context already.
-
- The silc_packet_context_alloc could have a free list of
- packet contexts. If free packet context is found from the list
- it is returned instead of allocating a new one. The library
- could at first allocate them and save them to the free list
- until enough contexts for smooth processing exists in the list.
- This would remove a big allocation since the structure is
- quite big, and even bigger if it would include the parse_ctx.
-
- The packet->buffer can be optimized too if the SilcBuffer
- interface would support free lists as well. Maybe such could
- be done in the same way as for SilcPacketContext. The
- silc_buffer_alloc would check free list before actually
- allocating new memory. Since the packets in the SILC protocol
- usually are about the same size (due to padding) it would be
- easy to find suitable size buffer from the free list very
- quickly.
-
- These naturally cause the overal memory consumption to grow
- but would take away many allocations that can be done several
- times in a second.
-
- o Move the actual file descriptor task callback (the callback that
- handles the incoming data, outgoing data etc, that is implemnted
- in server and client separately (silc_server_packet_process and
- silc_client_packet_proces)) to the low level socket connection
- handling routines, and create an interface where the application
- can register a callbacks for incoming data, outoing data and EOF
- receiving, which the library will call when necessary. This way
- we can move the data handling in one place.
-
- o Add silc_id_str2id to accept the destination buffer as argument
- and thus not require any memory allocation. Same will happen
- with silc_id_payload_* functions.
-
- o Remove the `truelen' field from SilcBuffer as it is entirely
- redundant since we can get the true length of the buffer by
- doing buffer->end - buffer->header. Add SILC_BUFFER_TRUELEN
- macro instead. Consider also removing `len' field too since
- it effectively is buffer->tail - buffer->data, and adding
- SILC_BUFFER_LEN macro can do the same. These would save
- totally 8 bytes of memory per buffer.
-
- Add also perhaps function silc_buffer_alloc_size that would
- effectively do:
-
- return silc_buffer_pull_tail(silc_buffer_alloc(size),
- size);
-
- to not require the user to give the pull_tail anymore.
-
- o Optimizations in Server
-
- o Remove the big switch statement from the function
- silc_server_packet_parse_type and replace it with predefined
- table of function pointers where each of the slot in table
- represents the packet type value.
-
- Same could be done with notify packets which has big switch
- statement too. Same kind of table of notify callbacks could be
- done as well.
-
- o The parser callback in the server will add a timeout task for
- all packets. It will require registering and allocating a
- new task to the SilcSchedule. Maybe, at least, for server
- and router packets the parser would be called immediately
- instead of adding it to the scheduler with 0 timeout. It
- should be analyzed too how slow the task registering process
- actually is, and find out ways to optimize it.
-
- o The SERVER_SIGNOFF notify handing is not optimal, because it'll
- cause sending of multiple SIGNOFF notify's instead of the one
- SERVER_SIGNOFF notify that the server received. This should be
- optimized so that the only SERVER_SIGNOFF is sent and not
- SIGNOFF of notify at all (using SIGNOFF takes the idea about
- SERVER_SIGNOFF away entirely).
-
- o Add SilcAsyncOperation to utility library. Any function that takes
- callback as an argument must return SilcAsyncOperation.
-
- o Add DSS support.
-
- o Cipher optimizations (asm, that this) at least for i386 would be nice.
-
- o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least.
- SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled
- in separately.
+
+lib/silcpkix
+============
+
+ o PKIX implementation
+
+
+lib/silccms
+===========
+
+ o Cryptographic Message Syntax (RFC 3852), the former PKCS #7
+
+
+lib/silcsmime
+=============
+
+ o S/MIME (RFC 3851)
projects / crypto.git / blobdiff