#define SILC_PROTOCOL_CLIENT_NONE 0
#define SILC_PROTOCOL_CLIENT_CONNECTION_AUTH 1
#define SILC_PROTOCOL_CLIENT_KEY_EXCHANGE 2
+#define SILC_PROTOCOL_CLIENT_REKEY 3
/* #define SILC_PROTOCOL_CLIENT_MAX 255 */
/* Internal context for key exchange protocol */
SilcPacketContext *packet;
SilcSKESendPacketCb send_packet; /* SKE's packet sending callback */
+ SilcSKEVerifyCb verify; /* SKE's key verify callback */
SilcSKE ske; /* The SKE object */
SilcSKEKeyMaterial *keymat; /* The negotiated key material */
void *context; /* Internal context */
starting the protocol if we know the authentication data. Otherwise
these are and remain NULL. */
unsigned char *auth_data;
- unsigned int auth_data_len;
+ uint32 auth_data_len;
SilcTask timeout_task;
} SilcClientConnAuthInternalContext;
+/* Internal context for the rekey protocol */
+typedef struct {
+ void *client;
+ void *context;
+ SilcSocketConnection sock;
+ bool responder; /* TRUE if we are receiving party */
+ bool pfs; /* TRUE if PFS is to be used */
+ SilcSKE ske; /* Defined if PFS is used */
+ SilcPacketContext *packet;
+} SilcClientRekeyInternalContext;
+
/* Prototypes */
void silc_client_protocols_register(void);
void silc_client_protocols_unregister(void);
SilcBuffer packet,
SilcPacketType type,
void *context);
+SilcSKEStatus silc_client_protocol_ke_verify_key(SilcSKE ske,
+ unsigned char *pk_data,
+ uint32 pk_len,
+ SilcSKEPKType pk_type,
+ void *context);
void silc_client_protocol_ke_set_keys(SilcSKE ske,
SilcSocketConnection sock,
SilcSKEKeyMaterial *keymat,
SilcCipher cipher,
SilcPKCS pkcs,
SilcHash hash,
- SilcHmac hmac);
+ SilcHmac hmac,
+ SilcSKEDiffieHellmanGroup group);
+void silc_client_protocol_rekey_generate(SilcClient client,
+ SilcClientRekeyInternalContext *ctx);
+void
+silc_client_protocol_rekey_generate_pfs(SilcClient client,
+ SilcClientRekeyInternalContext *ctx);
#endif
projects / silc.git / blobdiff