/*
- silcauth.h
-
+ silcauth.h
+
Author: Pekka Riikonen <priikone@silcnet.org>
-
- Copyright (C) 2001 Pekka Riikonen
-
+
+ Copyright (C) 2001 - 2002 Pekka Riikonen
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
+ the Free Software Foundation; version 2 of the License.
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#ifndef SILCAUTH_H
#define SILCAUTH_H
-/****s* silccore/SilcAuthAPI/SilcAuthPayload
- *
- * NAME
- *
- * typedef struct SilcAuthPayloadStruct *SilcAuthPayload;
- *
- *
- * DESCRIPTION
- *
- * This context is the actual Authentication Payload and is allocated
- * by silc_auth_payload_parse and given as argument usually to all
- * silc_auth_payload_* functions. It is freed by silc_auth_payload_free
- * function.
- *
- ***/
-typedef struct SilcAuthPayloadStruct *SilcAuthPayload;
-
-/****s* silccore/SilcAuthAPI/SilcKeyAgreementPayload
- *
- * NAME
- *
- * typedef struct SilcKeyAgreementPayloadStruct *SilcKeyAgreementPayload;
- *
- * DESCRIPTION
- *
- * This context is the actual Key Agreement Payload and is allocated
- * by silc_key_agreement_payload_parse and given as argument usually to all
- * silc_key_agreement_* functions. It is freed by the function
- * silc_key_agreement_payload_free.
- *
- ***/
-typedef struct SilcKeyAgreementPayloadStruct *SilcKeyAgreementPayload;
-
/****d* silccore/SilcAuthAPI/SilcAuthMethod
*
* NAME
#define SILC_AUTH_FAILED 1
/***/
-/* Prototypes */
+/****s* silccore/SilcAuthAPI/SilcAuthPayload
+ *
+ * NAME
+ *
+ * typedef struct SilcAuthPayloadStruct *SilcAuthPayload;
+ *
+ *
+ * DESCRIPTION
+ *
+ * This context is the actual Authentication Payload and is allocated
+ * by silc_auth_payload_parse and given as argument usually to all
+ * silc_auth_payload_* functions. It is freed by silc_auth_payload_free
+ * function.
+ *
+ ***/
+typedef struct SilcAuthPayloadStruct *SilcAuthPayload;
/****f* silccore/SilcAuthAPI/silc_auth_payload_parse
*
*
* Encodes authentication payload into buffer and returns it.
* The `random_data' is provided only if doing public key authentication.
- * The `auth_data' is the actual authentication data.
+ * The `auth_data' is the actual authentication data. If the
+ * `method' is SILC_AUTH_PASSWORD the passphase in `auth_data' sent as
+ * argument SHOULD be UTF-8 encoded, if not library will attempt to
+ * encode it.
*
***/
SilcBuffer silc_auth_payload_encode(SilcAuthMethod method,
*
* DESCRIPTION
*
- * Get the authentication data. The caller must not free the data.
+ * Get the authentication data. The caller must not free the data. If
+ * the authentication method is passphrase, then the returned string
+ * is UTF-8 encoded passphrase.
*
***/
unsigned char *silc_auth_get_data(SilcAuthPayload payload,
*
* SilcBuffer silc_auth_public_key_auth_generate(SilcPublicKey public_key,
* SilcPrivateKey private_key,
+ * SilcRng rng,
* SilcHash hash,
* const void *id,
* SilcIdType type);
* and the actual authentication data. Returns NULL on error and the
* encoded Authentication Payload on success.
*
+ * The `private_key' is used to sign the payload. The `public_key', the
+ * and the `id' is encoded in the payload and signed. If the `rng' is
+ * NULL then global RNG is used, if non-NULL then `rng' is used as
+ * random number generator. Also random number is encoded in the
+ * payload before signing it with `private_key'.
+ *
***/
SilcBuffer silc_auth_public_key_auth_generate(SilcPublicKey public_key,
SilcPrivateKey private_key,
- SilcHash hash,
+ SilcRng rng, SilcHash hash,
const void *id, SilcIdType type);
/****f* silccore/SilcAuthAPI/silc_auth_public_key_auth_verify
* Verifies the authentication data directly from the Authentication
* Payload. Supports all authentication methods. If the authentication
* method is passphrase based then the `auth_data' and `auth_data_len'
- * are the passphrase and its length. If the method is public key
- * authentication then the `auth_data' is the SilcPublicKey and the
- * `auth_data_len' is ignored.
+ * are the passphrase and its length. The passphrase MUST be UTF-8
+ * encoded. If the method is public key authentication then the
+ * `auth_data' is the SilcPublicKey and the `auth_data_len' is ignored.
*
***/
bool silc_auth_verify(SilcAuthPayload payload, SilcAuthMethod auth_method,
* Verifies the authentication data directly from the Authentication
* Payload. Supports all authentication methods. If the authentication
* method is passphrase based then the `auth_data' and `auth_data_len'
- * are the passphrase and its length. If the method is public key
- * authentication then the `auth_data' is the SilcPublicKey and the
- * `auth_data_len' is ignored.
+ * are the passphrase and its length. The passphrase MUST be UTF-8
+ * encoded. If the method is public key authentication then the
+ * `auth_data' is the SilcPublicKey and the `auth_data_len' is ignored.
*
***/
-bool silc_auth_verify_data(const unsigned char *payload, SilcUInt32 payload_len,
+bool silc_auth_verify_data(const unsigned char *payload,
+ SilcUInt32 payload_len,
SilcAuthMethod auth_method, const void *auth_data,
SilcUInt32 auth_data_len, SilcHash hash,
const void *id, SilcIdType type);
+/****s* silccore/SilcAuthAPI/SilcKeyAgreementPayload
+ *
+ * NAME
+ *
+ * typedef struct SilcKeyAgreementPayloadStruct *SilcKeyAgreementPayload;
+ *
+ * DESCRIPTION
+ *
+ * This context is the actual Key Agreement Payload and is allocated
+ * by silc_key_agreement_payload_parse and given as argument usually to all
+ * silc_key_agreement_* functions. It is freed by the function
+ * silc_key_agreement_payload_free.
+ *
+ ***/
+typedef struct SilcKeyAgreementPayloadStruct *SilcKeyAgreementPayload;
+
/****f* silccore/SilcAuthAPI/silc_key_agreement_payload_parse
*
* SYNOPSIS
projects / silc.git / blobdiff