2.3.2 Generic payloads .................................... 16
2.3.2.1 ID Payload .................................. 16
2.3.2.2 Argument Payload ............................ 16
+ 2.3.2.3 Channel Payload ............................. XXX
2.3.3 Disconnect Payload .................................. 17
2.3.4 Success Payload ..................................... 18
2.3.5 Failure Payload ..................................... 18
2.3.17 New Client Payload ................................. 31
2.3.18 New Server Payload ................................. 32
2.3.19 New Channel Payload ................................ 33
+ 2.3.20 Key Agreement Payload .............................. XXX
2.4 SILC ID Types ............................................. 39
2.5 Packet Encryption And Decryption .......................... 39
2.5.1 Normal Packet Encryption And Decryption ............. 39
Figure 2: SILC Packet Header
Figure 3: ID Payload
Figure 4: Argument Payload
-Figure 5: Disconnect Payload
-Figure 6: Success Payload
-Figure 7: Failure Payload
-Figure 8: Reject Payload
-Figure 9: Notify Payload
-Figure 10: Error Payload
-Figure 11: Channel Message Payload
-Figure 12: Channel Key Payload
-Figure 13: Private Message Payload
-Figure 14: Private Message Key Payload
-Figure 15: Command Payload
-Figure 16: Connection Auth Request Payload
-Figure 17: New Client Payload
-Figure 18: New Server Payload
-Figure 19: New Channel Payload
+Figure 5: Channel Payload
+Figure 6: Disconnect Payload
+Figure 7: Success Payload
+Figure 8: Failure Payload
+Figure 9: Reject Payload
+Figure 10: Notify Payload
+Figure 11: Error Payload
+Figure 12: Channel Message Payload
+Figure 13: Channel Key Payload
+Figure 14: Private Message Payload
+Figure 15: Private Message Key Payload
+Figure 16: Command Payload
+Figure 17: Connection Auth Request Payload
+Figure 18: New Client Payload
+Figure 19: New Server Payload
+Figure 20: Key Agreement Payload
+Figure 21: Cell Routers Payload
.ti 0
This packet must not be sent as list and the List flag must
not be set.
- Payload of the packet: See section 2.3.19 New Client Payload
+ Payload of the packet: See section 2.3.17 New Client Payload
20 SILC_PACKET_NEW_SERVER
This packet must not be sent as list and the List flag must
not be set.
- Payload of the packet: See section 2.3.20 New Server Payload
+ Payload of the packet: See section 2.3.18 New Server Payload
21 SILC_PACKET_NEW_CHANNEL
packet. This packet maybe sent to entity that is indirectly
connected to the sender.
- Payload of the packet: See section 2.3.21 New Channel Payload
+ Payload of the packet: See section 2.3.19 New Channel Payload
22 SILC_PACKET_REKEY
not be set.
- 25 - 199
+ 25 SILC_PACKET_KEY_AGREEMENT
+
+ This packet is used by clients to request key negotiation
+ between another client in the SILC network. If the negotiation
+ is started it is performed using the SKE protocol. The result of
+ the negotiation, the secret key material, can be used for
+ example as private message key. The server and router must not
+ send this packet.
+
+ Payload of the packet: See section 2.3.20 Key Agreement Payload
+
+
+ 26 SILC_PACKET_CELL_ROUTERS
+
+ This packet is used by primary router in the cell to notify its
+ primary router what other routers (backup routers) exist in the
+ cell. In case of failure of the primary router in the cell the
+ first router in the list will act as primary router of the cell.
+ This packet may be sent at anytime after connection has been
+ registered to the primary router. The client must not send this
+ packet.
+
+ Payload of the packet: See section 2.3.21 Cell Routers Payload
+
+
+ 27 - 199
Currently undefined commands.
payloads must cause rejection of the packet. The following diagram represents
the Argument Payload.
+The following diagram represents the Argument Payload.
.in 5
.nf
.in 3
+.ti 0
+2.3.2.3 Channel Payload
+
+Generic Channel Payload may be used information about channel, its name,
+the Channel ID and a mode.
+
+The following diagram represents the Channel Payload Payload.
+
+
+.in 5
+.nf
+ 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+| Channel Name Length | |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
+| |
+~ Channel Name ~
+| |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+| Channel ID Length | |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
+| |
+~ Channel ID ~
+| |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+| Mode Mask |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+.in 3
+
+.ce
+Figure 5: New Channel Payload
+
+
+.in 6
+o Channel Name Length (2 bytes) - Length of the channel name
+ field.
+
+o Channel Name (variable length) - The name of the channel.
+
+o Channel ID Length (2 bytes) - Length of the Channel ID field.
+
+o Channel ID (variable length) - The Channel ID.
+
+o Mode Mask (4 bytes) - A mode. This can be the mode of the
+ channel but it can also be the mode of the client on the
+ channel. The contents of this field is dependent of the
+ usage of this payload. The usage is defined separately
+ when this payload is used. This is a 32 bit MSB first value.
+.in 3
+
+
.ti 0
2.3.3 Disconnect Payload
.in 3
.ce
-Figure 5: Disconnect Payload
+Figure 6: Disconnect Payload
.in 3
.ce
-Figure 6: Success Payload
+Figure 7: Success Payload
.in 6
.in 3
.ce
-Figure 7: Failure Payload
+Figure 8: Failure Payload
.in 6
.in 3
.ce
-Figure 8: Reject Payload
+Figure 9: Reject Payload
.in 6
.in 3
.ce
-Figure 9: Notify Payload
+Figure 10: Notify Payload
.in 6
1 SILC_NOTIFY_TYPE_INVITE
- Sent when receiver has been invited to a channel. This type must be
- sent directly to the invited client.
+ Sent when an client is invited to a channel. This is also sent
+ when the invite list of the channel is changed. This notify type
+ is sent between routers and if the <Client ID> is argument is
+ provided to the client as well.
- Max Arguments: 2
- Arguments: (1) <Client ID> (2) <Channel ID>
+ Max Arguments: 4
+ Arguments: (1) [<Client ID>] (2) <Channel ID>
+ (3) [<adding client>] (4) [<removing client>]
- The <Client ID> is the client who invites the receiver of this type
- to channel indicated by <Channel ID>.
+ The <Client ID> is the client which was invited to the channel.
+ The <Channel ID> is the channel. The <adding client> and the
+ <removing client> indicates the added or removed client from the
+ channel's invite list. The format of the <adding client and the
+ <removing client> is defined in the [SILC1] with SILC_COMMAND_INVITE
+ command.
+
+ The <adding client> and <removing client> is never sent to the
+ client indicated by the <Client ID>. Also note that the lists
+ include the <Client ID> already.
2 SILC_NOTIFY_TYPE_JOIN
broadcast it to the network.
Max Arguments: 2
- Arguments: (1) <Client ID> (2) <Channel ID>
+ Arguments: (1) [<Client ID>] (2) <Channel ID>
The <Client ID> is the client that joined to the channel indicated
- by the <Channel ID>.
+ by the <Channel ID>. The <adding client> and <removing client>
+ indicates the added or removed client in the current invite list.
+ The format of the <adding client> and the <removing client> is
+ defined in the [SILC1] with SILC_COMMAND_INVITE command. If the
+ <Client ID> is not provided then this
3 SILC_NOTIFY_TYPE_LEAVE
The kicker may have set the <comment> to indicate the reason for
the kicking.
+
+13 SILC_NOTIFY_TYPE_KILLED
+
+ Sent when a client has been killed from the network. This is sent
+ also to the client who was killed from the network. The client
+ who was killed from the network must be removed from the network.
+ This notify type is destined directly to the client who was killed
+ and to channel if the client is on any channel. The router or
+ server receiving the packet distributes this type to the local
+ clients on the channel and broadcast it to the network.
+
+ Max Arguments: 2
+ Arguments: (1) <Client ID> (2) [<comment>]
+
+ The <Client ID> is the client who was killed from the network.
+ The killer may have set the <comment> to indicate the reason for
+ the killing.
+
+
+14 SILC_NOTIFY_TYPE_UMODE_CHANGE
+
+ Sent when user's mode in the SILC changes. This type is sent only
+ between routers as broadcast packet.
+
+ Max Arguments: 2
+ Arguments: (1) <Client ID> (2) <mode mask>
+
+ The <Client ID> is the client which mode was changed. The <mode mask>
+ is the new mode mask.
+
+
+15 SILC_NOTIFY_TYPE_BAN
+
+ Sent when the ban list of the channel is changed. This type is sent
+ only between routers as broadcast packet.
+
+ Max Arguments: 3
+ Arguments: (1) <Channel ID> (2) [<adding client>]
+ (3) [<removing client>]
+
+ The <Channel ID> is the channel which ban list was changed. The
+ <adding client> is used to indicate the a ban was added and the
+ <removing client> is used to indicate that a ban was removed from
+ the ban list. The format of the <adding client> and the
+ <removing client> is defined in the [SILC1] with SILC_COMMAND_BAN
+ command.
+
.in 3
Notify types starting from 16384 are reserved for private notify
.in 3
.ce
-Figure 10: Error Payload
+Figure 11: Error Payload
.in 6
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+~ MAC ~
+| |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+| |
~ Initial Vector * ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
.in 3
.ce
-Figure 11: Channel Message Payload
+Figure 12: Channel Message Payload
.in 6
applied because this payload is encrypted separately from
other parts of the packet.
+o MAC (variable legnth) - The MAC computed from the
+ Message Length, Message Data, Padding Length and Padding
+ fields. This protects the integrity of the plaintext
+ channel message. The receiver can verify from the MAC
+ whether the message decrypted correctly. Also, if more than
+ one private key has been set for the channel, the receiver
+ can verify which of the keys decrypted the message
+ correctly. Note that, this field is encrypted and must
+ be added to the padding calculation.
+
o Initial Vector (variable length) - The initial vector
that has been used in packet encryption. It needs to be
used in the packet decryption as well. What this field
.in 3
.ce
-Figure 12: Channel Key Payload
+Figure 13: Channel Key Payload
.in 3
.ce
-Figure 13: Private Message Payload
+Figure 14: Private Message Payload
.in 6
~ Private Message Key ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+| Cipher Name Length | |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
+| |
+~ Cipher Name ~
+| |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
.in 3
.ce
-Figure 14: Private Message Key Payload
+Figure 15: Private Message Key Payload
any other field.
o Private Message Key (variable length) - The actual private
- message key material. This key is used as such as key material
- for encryption function.
+ message key material.
+
+o Cipher Name Length (2 bytes) - Indicates the length of the
+ Cipher Name field in the payload, not including any other
+ field.
+
+o Cipher Name (variable length) - Name of the cipher to use
+ in the private message encryption. If this field does not
+ exist then the default cipher of the SILC protocol is used.
+ See the [SILC1] for defined ciphers.
.in 3
+
.ti 0
2.3.13 Command Payload
.in 3
.ce
-Figure 15: Command Payload
+Figure 16: Command Payload
.in 6
.in 3
.ce
-Figure 16: Connection Auth Request Payload
+Figure 17: Connection Auth Request Payload
.in 6
.ti 0
-2.3.18 New Client Payload
+2.3.17 New Client Payload
When client is connected to the server, keys has been exchanged and
connection has been authenticated client must register itself to the
client ID.
The payload may only be sent with SILC_PACKET_NEW_CLIENT packet. It
-must not be sent in any other packet type. The following diagram represents
-the New Client Payload.
+must not be sent in any other packet type. The following diagram
+represents the New Client Payload.
.in 3
.ce
-Figure 17: New Client Payload
+Figure 18: New Client Payload
.in 6
.ti 0
-2.3.19 New Server Payload
+2.3.18 New Server Payload
This payload is sent by server when it has completed successfully both
key exchange and connection authentication protocols. The server
.in 3
.ce
-Figure 18: New Server Payload
+Figure 19: New Server Payload
.in 6
.ti 0
-2.3.20 New Channel Payload
+2.3.19 New Channel Payload
Information about newly created channel is broadcasted to all routers
in the SILC network by sending this packet payload. Channels are
then processes the command and creates the channel. Client never sends
this packet.
-The payload may only be sent with SILC_PACKET_NEW_CHANNEL packet.
+The packet uses generic Channel Payload as New Channel Payload. See
+section 2.3.2.3 for generic Channel Payload. The Mode Mask field in the
+Channel Payload is the mode of the channel.
+
+
+.ti 0
+2.3.20 Key Agreement Payload
+
+This payload is used by clients to request key negotiation between
+another client in the SILC Network. The key agreement protocol used
+is the SKE protocol. The result of the protocol, the secret key
+material, can be used for example as private message key between the
+two clients. This significantly adds security as the key agreement
+is performed outside the SILC network. The server and router must not
+send this payload.
+
+The sender may tell the receiver of this payload the hostname and the
+port where the SKE protocol is running in the sender's end. The
+receiver may then initiate the SKE negotiation with the sender. The
+sender may also optionally not to include the hostname and the port
+of its SKE protocol. In this case the receiver may reply to the
+request by sending the same payload filled with the receiver's hostname
+and the port where the SKE protocol is running. The sender may then
+initiate the SKE negotiation with the receiver.
+
+The payload may only be sent with SILC_PACKET_KEY_AGREEMENT packet.
It must not be sent in any other packet type. The following diagram
-represents the New Channel Payload.
+represents the Key Agreement Payload.
+.in 5
+.nf
+ 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+| Hostname Length | |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
+| |
+~ Hostname ~
+| |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+| Port |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+.in 3
+
+.ce
+Figure 20: Key Agreement Payload
+
+
+.in 6
+o Hostname Length (2 bytes) - Indicates the length of the Hostname
+ field.
+
+o Hostname (variable length) - The hostname or IP address where
+ the SKE protocol is running. The sender may fill this field
+ when sending the payload. If the receiver sends this payload
+ as reply to the request it must fill this field.
+
+o Port (4 bytes) - The port where the SKE protocol is bound.
+ The sender may fill this field when sending the payload. If
+ the receiver sends this payload as reply to the request it
+ must fill this field. This is a 32 bit MSB first order value.
+.in 3
+After the key material has been received from the SKE protocol it is
+processed as the [SILC3] describes. If the key material is used as
+channel private key then the Sending Encryption Key, as defined in
+[SILC3] is used as the channel private key. Other key material must
+be discarded. The [SILC1] defines the way to use the key material if
+it is intended to be used as private message keys. Any other use for
+the key material is undefined.
+
+
+.ti 0
+2.3.21 Cell Routers Payload
+
+Cell Routers payload is used by router to notify its primary router what
+other routers exist in the cell. The other routers are considered to be
+backup routers and one of them will come active only in the case of
+failure of the primary router. Normal server can send this packet if it
+is acting as backup router. Client must not send this packet. To send
+more than one backup router set the List flag and assemble the payloads
+as list.
+
+The payload may only be sent with SILC_PACKET_CELL_ROUTERS packet. It
+must not be sent in any other packet type. The Following diagram
+represents the Cell Routers Payload.
+
+
.in 5
.nf
1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-| Channel Name Length | |
+| Hostname Length | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
| |
-~ Channel Name ~
+~ Hostname ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-| Channel ID Length | |
+| Port |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+| Server ID Length | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
| |
-~ Channel ID ~
+~ Server ID ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
.in 3
.ce
-Figure 19: New Channel Payload
-
+Figure 21: Cell Routers Payload
.in 6
-o Channel Name Length (2 bytes) - Length of the channel name.
+o Hostname Length (2 bytes) - Indicates the length of the Hostname
+ field.
+
+o Hostname (variable length) - The hostname or IP address of
+ the backup router.
-o Channel Name (variable length) - The name of the created
- channel.
+o Port (4 bytes) - The port of the backup router it currently uses.
+ This is a 32 bit MSB first order value.
-o Channel ID Length (2 bytes) - Length of the Channel ID.
+o Server ID Length (2 bytes) - Indicates the length of the Server
+ ID field.
-o Channel ID (variable length) - The created Channel ID.
+o Server ID (variable length) - Consists of the Server ID of the
+ backup router.
.in 3
packet processing is special. Rest of the SILC Packet header is
decrypted with the same session key along with the padding of the
packet. After that the packet is protected with the channel specific
-key and hence can be decrypted only if the receiver is the client on
+key and thus can be decrypted only if the receiver is the client on
the channel. See section 2.7 Packet Padding Generation for more
information about padding on special packets.
cell to another must be protected as it would be any normal SILC
packet.
+If the SILC_CMODE_PRIVKEY channel mode has been set for the channel
+then the router cannot decrypt the packet as it does not know the
+private key. In this case the entire packet is encrypted with the
+session key and sent to the router. The router receiving the packet
+must check the channel mode and decrypt the packet accordingly.
+
.ti 0
2.5.3 Private Message Encryption And Decryption
projects / silc.git / blobdiff