/* Parse the payload */
ret = silc_buffer_unformat(buffer,
SILC_STR_UI_SHORT(&new->len),
- SILC_STR_UI_CHAR(&new->auth_method),
+ SILC_STR_UI_SHORT(&new->auth_method),
SILC_STR_UI16_NSTRING_ALLOC(&new->random_data,
&new->random_len),
SILC_STR_UI16_NSTRING_ALLOC(&new->auth_data,
dictates. */
static unsigned char *
-silc_auth_public_key_encode(SilcPKCS pkcs, unsigned char *random,
- unsigned int random_len, unsigned int *ret_len)
+silc_auth_public_key_encode_data(SilcPKCS pkcs, unsigned char *random,
+ unsigned int random_len, void *id,
+ SilcIdType type, unsigned int *ret_len)
{
SilcBuffer buf;
- unsigned char *pk, *ret;
- unsigned int pk_len;
+ unsigned char *pk, *id_data, *ret;
+ unsigned int pk_len, id_len;
pk = silc_pkcs_get_public_key(pkcs, &pk_len);
if (!pk)
return NULL;
+ id_data = silc_id_id2str(id, type);
+ if (!id_data) {
+ silc_free(pk);
+ return NULL;
+ }
+ id_len = silc_id_get_len(type);
+
buf = silc_buffer_alloc(random_len + pk_len);
silc_buffer_pull_tail(buf, SILC_BUFFER_END(buf));
silc_buffer_format(buf,
SILC_STR_UI_XNSTRING(random, random_len),
+ SILC_STR_UI_XNSTRING(id_data, id_len),
SILC_STR_UI_XNSTRING(pk, pk_len),
SILC_STR_END);
*ret_len = buf->len;
silc_buffer_free(buf);
+ silc_free(id_data);
silc_free(pk);
return ret;
and the actual authentication data. Returns NULL on error. */
SilcBuffer silc_auth_public_key_auth_generate(SilcPKCS pkcs,
- SilcHash hash)
+ SilcHash hash,
+ void *id, SilcIdType type)
{
unsigned char *random;
unsigned char auth_data[32];
return NULL;
/* Encode the auth data */
- tmp = silc_auth_public_key_encode(pkcs, random, 256, &tmp_len);
+ tmp = silc_auth_public_key_encode_data(pkcs, random, 256, id, type,
+ &tmp_len);
if (!tmp)
return NULL;
successfull. */
int silc_auth_public_key_auth_verify(SilcAuthPayload payload,
- SilcPKCS pkcs, SilcHash hash)
+ SilcPKCS pkcs, SilcHash hash,
+ void *id, SilcIdType type)
{
unsigned char *tmp;
unsigned int tmp_len;
SILC_LOG_DEBUG(("Verifying authentication data"));
/* Encode auth data */
- tmp = silc_auth_public_key_encode(pkcs, payload->random_data,
- payload->random_len, &tmp_len);
+ tmp = silc_auth_public_key_encode_data(pkcs, payload->random_data,
+ payload->random_len,
+ id, type, &tmp_len);
if (!tmp) {
SILC_LOG_DEBUG(("Authentication failed"));
return FALSE;
}
- /* Verify the authencation data */
+ /* Verify the authentication data */
if (!silc_pkcs_verify_with_hash(pkcs, hash, payload->auth_data,
payload->auth_len, tmp, tmp_len)) {
/* Same as above but the payload is not parsed yet. This will parse it. */
int silc_auth_public_key_auth_verify_data(SilcBuffer payload,
- SilcPKCS pkcs, SilcHash hash)
+ SilcPKCS pkcs, SilcHash hash,
+ void *id, SilcIdType type)
{
SilcAuthPayload auth_payload;
int ret;
return FALSE;
}
- ret = silc_auth_public_key_auth_verify(auth_payload, pkcs, hash);
+ ret = silc_auth_public_key_auth_verify(auth_payload, pkcs, hash,
+ id, type);
silc_auth_payload_free(auth_payload);
return ret;
}
+
+/******************************************************************************
+
+ Key Agreement Payload
+
+******************************************************************************/
+
+/* The Key Agreement protocol structure */
+struct SilcKeyAgreementPayloadStruct {
+ unsigned short hostname_len;
+ unsigned char *hostname;
+ unsigned int port;
+};
+
+/* Parses and returns an allocated Key Agreement payload. */
+
+SilcKeyAgreementPayload silc_key_agreement_payload_parse(SilcBuffer buffer)
+{
+ SilcKeyAgreementPayload new;
+ int ret;
+
+ SILC_LOG_DEBUG(("Parsing Key Agreement Payload"));
+
+ new = silc_calloc(1, sizeof(*new));
+
+ /* Parse the payload */
+ ret = silc_buffer_unformat(buffer,
+ SILC_STR_UI16_NSTRING_ALLOC(&new->hostname,
+ &new->hostname_len),
+ SILC_STR_UI_INT(&new->port),
+ SILC_STR_END);
+ if (ret == -1) {
+ silc_free(new);
+ return NULL;
+ }
+
+ return new;
+}
+
+/* Encodes the Key Agreement protocol and returns the encoded buffer */
+
+SilcBuffer silc_key_agreement_payload_encode(char *hostname,
+ unsigned int port)
+{
+ SilcBuffer buffer;
+ unsigned int len = strlen(hostname);
+
+ SILC_LOG_DEBUG(("Encoding Key Agreement Payload"));
+
+ buffer = silc_buffer_alloc(2 + len + 4);
+ silc_buffer_pull_tail(buffer, SILC_BUFFER_END(buffer));
+ silc_buffer_format(buffer,
+ SILC_STR_UI_SHORT(len),
+ SILC_STR_UI_XNSTRING(hostname, len),
+ SILC_STR_UI_INT(port),
+ SILC_STR_END);
+
+ return buffer;
+}
+
+/* Frees the Key Agreement protocol */
+
+void silc_key_agreement_payload_free(SilcKeyAgreementPayload payload)
+{
+ if (payload) {
+ silc_free(payload->hostname);
+ silc_free(payload);
+ }
+}
+
+/* Returns the hostname in the payload */
+
+char *silc_key_agreement_get_hostname(SilcKeyAgreementPayload payload)
+{
+ return payload->hostname;
+}
+
+/* Returns the port in the payload */
+
+unsigned int silc_key_agreement_get_port(SilcKeyAgreementPayload payload)
+{
+ return payload->port;
+}