X-Git-Url: http://git.silcnet.org/gitweb/?a=blobdiff_plain;f=lib%2Fsilccore%2Fsilcauth.h;h=29101966d7ce6208f7b79055477b6ca1a66cd64d;hb=413da0f8686910f5e627393157566ae729ca99c4;hp=be30c1a6a03ab2a3426e7290c363992dcb19cde2;hpb=cdedc07c65bab8467f6f5b1ef4b38982c2c77571;p=silc.git diff --git a/lib/silccore/silcauth.h b/lib/silccore/silcauth.h index be30c1a6..29101966 100644 --- a/lib/silccore/silcauth.h +++ b/lib/silccore/silcauth.h @@ -1,10 +1,10 @@ /* - silcauth.h + silcauth.h Author: Pekka Riikonen - Copyright (C) 2001 - 2002 Pekka Riikonen + Copyright (C) 2001 - 2003 Pekka Riikonen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -22,8 +22,8 @@ * DESCRIPTION * * Implementations of the SILC Authentication Payload and authentication - * routines. The SILC Authentication Payload is used to deliver - * authentication data usually from client to server in purpose of + * routines. The SILC Authentication Payload is used to deliver + * authentication data usually from client to server in purpose of * gaining access to some service. The Payload and the authentication * routines supports both passphrase and public key (signature) based * authentication. @@ -32,11 +32,6 @@ * used by client to agree on key material usually with another client * in the network. * - * This interface defines also the SILC_MESSAGE_FLAG_SIGNED Payload, - * which defines how channel messages and private messages can be digitally - * signed. This interface provides the payload parsing, encoding, - * signature computing and signature verification routines. - * ***/ #ifndef SILCAUTH_H @@ -45,7 +40,7 @@ /****d* silccore/SilcAuthAPI/SilcAuthMethod * * NAME - * + * * typedef SilcUInt16 SilcAuthMethod; * * DESCRIPTION @@ -71,8 +66,8 @@ typedef SilcUInt16 SilcAuthMethod; /****s* silccore/SilcAuthAPI/SilcAuthPayload * * NAME - * - * typedef struct SilcAuthPayloadStruct *SilcAuthPayload; + * + * typedef struct SilcAuthPayloadStruct *SilcAuthPayload; * * * DESCRIPTION @@ -153,6 +148,22 @@ void silc_auth_payload_free(SilcAuthPayload payload); ***/ SilcAuthMethod silc_auth_get_method(SilcAuthPayload payload); +/****f* silccore/SilcAuthAPI/silc_auth_get_public_data + * + * SYNOPSIS + * + * unsigned char *silc_auth_get_public_data(SilcAuthPayload payload, + * SilcUInt32 *pubdata_len); + * + * DESCRIPTION + * + * Returns the public data (usually random data) from the payload. + * Caller must not free the returned data. + * + ***/ +unsigned char *silc_auth_get_public_data(SilcAuthPayload payload, + SilcUInt32 *pubdata_len); + /****f* silccore/SilcAuthAPI/silc_auth_get_data * * SYNOPSIS @@ -178,7 +189,7 @@ unsigned char *silc_auth_get_data(SilcAuthPayload payload, * SilcPrivateKey private_key, * SilcRng rng, * SilcHash hash, - * const void *id, + * const void *id, * SilcIdType type); * * DESCRIPTION @@ -200,12 +211,41 @@ SilcBuffer silc_auth_public_key_auth_generate(SilcPublicKey public_key, SilcRng rng, SilcHash hash, const void *id, SilcIdType type); +/****f* silccore/SilcAuthAPI/silc_auth_public_key_auth_generate_wpub + * + * SYNOPSIS + * + * SilcBuffer + * silc_auth_public_key_auth_generate_wpub(SilcPublicKey public_key, + * SilcPrivateKey private_key, + * const unsigned char *pubdata, + * SilcUInt32 pubdata_len, + * SilcHash hash, + * const void *id, + * SilcIdType type); + * + * DESCRIPTION + * + * Same as silc_auth_public_key_auth_generate but takes the public data + * (usually random data) as argument. This function can be used when + * the public data must be something else than purely random or its + * structure mut be set before signing. + * + ***/ +SilcBuffer +silc_auth_public_key_auth_generate_wpub(SilcPublicKey public_key, + SilcPrivateKey private_key, + const unsigned char *pubdata, + SilcUInt32 pubdata_len, + SilcHash hash, + const void *id, SilcIdType type); + /****f* silccore/SilcAuthAPI/silc_auth_public_key_auth_verify * * SYNOPSIS * * bool silc_auth_public_key_auth_verify(SilcAuthPayload payload, - * SilcPublicKey public_key, + * SilcPublicKey public_key, * SilcHash hash, * const void *id, SilcIdType type); * @@ -225,9 +265,9 @@ bool silc_auth_public_key_auth_verify(SilcAuthPayload payload, * * bool silc_auth_public_key_auth_verify_data(const unsigned char *payload, * SilcUInt32 payload_len, - * SilcPublicKey public_key, + * SilcPublicKey public_key, * SilcHash hash, - * const void *id, + * const void *id, * SilcIdType type); * * DESCRIPTION @@ -239,7 +279,7 @@ bool silc_auth_public_key_auth_verify(SilcAuthPayload payload, ***/ bool silc_auth_public_key_auth_verify_data(const unsigned char *payload, SilcUInt32 payload_len, - SilcPublicKey public_key, + SilcPublicKey public_key, SilcHash hash, const void *id, SilcIdType type); @@ -247,14 +287,14 @@ bool silc_auth_public_key_auth_verify_data(const unsigned char *payload, * * SYNOPSIS * - * bool silc_auth_verify(SilcAuthPayload payload, + * bool silc_auth_verify(SilcAuthPayload payload, * SilcAuthMethod auth_method, - * const void *auth_data, SilcUInt32 auth_data_len, + * const void *auth_data, SilcUInt32 auth_data_len, * SilcHash hash, const void *id, SilcIdType type); * * DESCRIPTION * - * Verifies the authentication data directly from the Authentication + * Verifies the authentication data directly from the Authentication * Payload. Supports all authentication methods. If the authentication * method is passphrase based then the `auth_data' and `auth_data_len' * are the passphrase and its length. The passphrase MUST be UTF-8 @@ -263,24 +303,24 @@ bool silc_auth_public_key_auth_verify_data(const unsigned char *payload, * ***/ bool silc_auth_verify(SilcAuthPayload payload, SilcAuthMethod auth_method, - const void *auth_data, SilcUInt32 auth_data_len, + const void *auth_data, SilcUInt32 auth_data_len, SilcHash hash, const void *id, SilcIdType type); /****f* silccore/SilcAuthAPI/silc_auth_verify_data * * SYNOPSIS * - * bool silc_auth_verify_data(const unsigned char *payload, + * bool silc_auth_verify_data(const unsigned char *payload, * SilcUInt32 payload_len, - * SilcAuthMethod auth_method, + * SilcAuthMethod auth_method, * const void *auth_data, - * SilcUInt32 auth_data_len, SilcHash hash, + * SilcUInt32 auth_data_len, SilcHash hash, * const void *id, SilcIdType type); - * + * * DESCRIPTION * * Same as silc_auth_verify but the payload has not been parsed yet. - * Verifies the authentication data directly from the Authentication + * Verifies the authentication data directly from the Authentication * Payload. Supports all authentication methods. If the authentication * method is passphrase based then the `auth_data' and `auth_data_len' * are the passphrase and its length. The passphrase MUST be UTF-8 @@ -288,16 +328,16 @@ bool silc_auth_verify(SilcAuthPayload payload, SilcAuthMethod auth_method, * `auth_data' is the SilcPublicKey and the `auth_data_len' is ignored. * ***/ -bool silc_auth_verify_data(const unsigned char *payload, +bool silc_auth_verify_data(const unsigned char *payload, SilcUInt32 payload_len, SilcAuthMethod auth_method, const void *auth_data, - SilcUInt32 auth_data_len, SilcHash hash, + SilcUInt32 auth_data_len, SilcHash hash, const void *id, SilcIdType type); /****s* silccore/SilcAuthAPI/SilcKeyAgreementPayload * * NAME - * + * * typedef struct SilcKeyAgreementPayloadStruct *SilcKeyAgreementPayload; * * DESCRIPTION @@ -314,7 +354,7 @@ typedef struct SilcKeyAgreementPayloadStruct *SilcKeyAgreementPayload; * * SYNOPSIS * - * SilcKeyAgreementPayload + * SilcKeyAgreementPayload * silc_key_agreement_payload_parse(const unsigned char *payload, * SilcUInt32 payload_len); * @@ -323,7 +363,7 @@ typedef struct SilcKeyAgreementPayloadStruct *SilcKeyAgreementPayload; * Parses and returns an allocated Key Agreement payload. * ***/ -SilcKeyAgreementPayload +SilcKeyAgreementPayload silc_key_agreement_payload_parse(const unsigned char *payload, SilcUInt32 payload_len); @@ -385,126 +425,4 @@ char *silc_key_agreement_get_hostname(SilcKeyAgreementPayload payload); ***/ SilcUInt32 silc_key_agreement_get_port(SilcKeyAgreementPayload payload); -/****s* silccore/SilcAuthAPI/SilcSignedPayload - * - * NAME - * - * typedef struct SilcSignedPayloadStruct *SilcSignedPayload; - * - * - * DESCRIPTION - * - * This context represents the SILC_MESSAGE_FLAG_SIGNED Payload which - * is used with channel messages and private messages to indicate that - * the message is digitally signed. This payload may include the - * message sender's public key and it includes the digital signature. - * This payload MUST NOT be used in any other context except with - * channel and private message sending and reception. - * - ***/ -typedef struct SilcSignedPayloadStruct *SilcSignedPayload; - -/****f* silccore/SilcAuthAPI/silc_signed_payload_parse - * - * SYNOPSIS - * - * SilcSignedPayload silc_signed_payload_parse(const unsigned char *data, - * SilcUInt32 data_len); - * - * DESCRIPTION - * - * Parses the SILC_MESSAGE_FLAG_SIGNED Payload from the `data' of - * length of `data_len' bytes. The `data' must be payload without - * the actual message payload. Returns the parsed payload or NULL - * on error. Caller must free the returned payload. - * - ***/ -SilcSignedPayload silc_signed_payload_parse(const unsigned char *data, - SilcUInt32 data_len); - -/****f* silccore/SilcAuthAPI/silc_signed_payload_encode - * - * SYNOPSIS - * - * SilcBuffer - * silc_signed_payload_encode(const unsigned char *message_payload, - * SilcUInt32 message_payload_len, - * SilcPublicKey public_key, - * SilcPrivateKey private_key, - * bool include_public_key); - * - * DESCRIPTION - * - * Encodes the SILC_MESSAGE_FLAG_SIGNED Payload and computes the - * digital signature. The `message_payload' is the message data that - * is used in the signature computation. The encoding of the buffer - * is specified in the SILC protocol. If `include_public_key' is - * TRUE then the public key included in the payload. The `private_key' - * is used to produce the signature. This function returns the encoded - * payload with the signature or NULL on error. Caller must free the - * returned buffer. - * - ***/ -SilcBuffer silc_signed_payload_encode(const unsigned char *message_payload, - SilcUInt32 message_payload_len, - SilcPublicKey public_key, - SilcPrivateKey private_key, - SilcHash hash, - bool include_public_key); - -/****f* silccore/SilcAuthAPI/silc_signed_payload_free - * - * SYNOPSIS - * - * void silc_signed_payload_free(SilcSignedPayload sig); - * - * DESCRIPTION - * - * Frees the SILC_MESSAGE_FLAG_SIGNED Payload. - * - ***/ -void silc_signed_payload_free(SilcSignedPayload sig); - -/****f* silccore/SilcAuthAPI/silc_signed_payload_verify - * - * SYNOPSIS - * - * int silc_signed_payload_verify(SilcSignedPayload sig, - * bool channel_message, - * void *message_payload, - * SilcPublicKey remote_public_key, - * SilcHash hash); - * - * DESCRIPTION - * - * This routine can be used to verify the signature found in - * SILC_MESSAGE_FLAG_SIGNED Payload. The `remote_public_key' is the - * sender's public key and is used in the verification. If the - * `channel_message' is TRUE then `message_payload' must include the - * SilcChannelMessagePayload. If it is FALSE then it must include - * SilcPrivateMessagePayload. This returns SILC_AUTH_OK if the - * signature verification was successful. - * - ***/ -int silc_signed_payload_verify(SilcSignedPayload sig, - bool channel_message, - void *message_payload, - SilcPublicKey remote_public_key, - SilcHash hash); - -/****f* silccore/SilcAuthAPI/silc_signed_payload_get_public_key - * - * SYNOPSIS - * - * SilcPublicKey silc_signed_payload_get_public_key(SilcSignedPayload sig); - * - * DESCRIPTION - * - * Returns the public key from the SILC_MESSAGE_FLAG_SIGNED Payload - * or NULL if it does not include public key. The caller must free - * the returned public key. - * - ***/ -SilcPublicKey silc_signed_payload_get_public_key(SilcSignedPayload sig); - #endif