X-Git-Url: http://git.silcnet.org/gitweb/?a=blobdiff_plain;f=lib%2Fsilcske%2Fsilcske.h;h=9c637de61942b32f1654f903312ed80bea8529c5;hb=52e57c880aba9c5e89f59d962eb9af75670b76e0;hp=e468cd0eab45ded473d232c70ab55b2ce4f2f513;hpb=22f8d37a64e22f8fbeb58d4f5a61321ef067d7a4;p=silc.git

diff --git a/lib/silcske/silcske.h b/lib/silcske/silcske.h
index e468cd0e..9c637de6 100644
--- a/lib/silcske/silcske.h
+++ b/lib/silcske/silcske.h
@@ -116,7 +116,7 @@ typedef enum {
  *
  * SOURCE
  */
-typedef struct {
+typedef struct SilcSKESecurityPropertiesStruct {
   SilcSKESecurityPropertyFlag flags;	 /* Flags */
   SilcSKEDiffieHellmanGroup group;	 /* Selected Diffie Hellman group */
   SilcCipher cipher;			 /* Selected cipher */
@@ -142,16 +142,16 @@ typedef struct {
  *
  * SOURCE
  */
-typedef struct {
+typedef struct SilcSKEKeyMaterialStruct {
   unsigned char *send_iv;
   unsigned char *receive_iv;
   SilcUInt32 iv_len;
   unsigned char *send_enc_key;
   unsigned char *receive_enc_key;
-  SilcUInt32 enc_key_len;
+  SilcUInt32 enc_key_len;	       /* Key length in bits */
   unsigned char *send_hmac_key;
   unsigned char *receive_hmac_key;
-  SilcUInt32 hmac_key_len;
+  SilcUInt32 hmac_key_len;	       /* Key length in bytes */
 } *SilcSKEKeyMaterial;
 /***/
 
@@ -171,7 +171,7 @@ typedef struct {
  *    function.
  *
  ***/
-typedef struct {
+typedef struct SilcSKERekeyMaterialStruct {
   unsigned char *send_enc_key;
   char *hash;
   unsigned int enc_key_len  : 23;
@@ -192,7 +192,7 @@ typedef struct {
  *
  * SOURCE
  */
-typedef struct {
+typedef struct SilcSKEParamsObject {
   /* The SKE version string that is sent to the remote end.  This field
      must be set.  Caller must free the pointer. */
   char *version;
@@ -352,6 +352,10 @@ typedef void (*SilcSKECompletionCb)(SilcSKE ske,
  *    SILC_SKE_SP_FLAG_MUTUAL is not set and you are initiator.  For
  *    responder both `public_key' and `private_key' must be set.
  *
+ *    When allocating SKE session for rekey, the `repository' and `private_key'
+ *    pointers must be NULL and the SilcSKEVerifyCb callback must not be
+ *    set with silc_ske_set_callbacks.
+ *
  * EXMPALE
  *
  *    // Initiator example
@@ -443,8 +447,9 @@ void silc_ske_set_callbacks(SilcSKE ske,
  *    the protocol has completed.  The `stream' is the network connection
  *    to the remote host.  The SKE library will handle all key exchange
  *    packets sent and received in the `stream' connection.  The library will
- *    also set the remote host's ID automatically to the `stream'.  The
- *    `params' include SKE parameters, and it must be provided.
+ *    also set the remote host's ID automatically to the `stream' if it is
+ *    present in the exchanged packets.  The `params' include SKE parameters,
+ *    and it must be provided.
  *
  *    If the `start_payload' is NULL the library will generate it
  *    automatically.  Caller may provide it if it wants to send its own
@@ -478,8 +483,10 @@ SilcAsyncOperation silc_ske_initiator(SilcSKE ske,
  *    callback that was set in silc_ske_set_callbacks will be called once
  *    the protocol has completed.  The `stream' is the network connection
  *    to the remote host.  The SKE library will handle all key exchange
- *    packets sent and received in the `stream' connection.  The `params'
- *    include SKE parameters, and must be provided.
+ *    packets sent and received in the `stream' connection.  The library will
+ *    also set the remote hosts's ID automatically to the `stream' if it is
+ *    present in the exchanged packets.  The `params' include SKE parameters,
+ *    and must be provided.
  *
  *    This function returns SilcAsyncOperation operation context which can
  *    be used to control the protocol from the application.  Application may
@@ -527,7 +534,8 @@ SilcAsyncOperation silc_ske_rekey_initiator(SilcSKE ske,
  *    SilcAsyncOperation
  *    silc_ske_rekey_responder(SilcSKE ske,
  *                             SilcPacketStream stream,
- *                             SilcSKERekeyMaterial rekey);
+ *                             SilcSKERekeyMaterial rekey,
+ *                             SilcPacket packet);
  *
  * DESCRIPTION
  *
@@ -539,6 +547,10 @@ SilcAsyncOperation silc_ske_rekey_initiator(SilcSKE ske,
  *    the new keys into `stream'.  The completion callback is called after
  *    the new keys has been taken into use.
  *
+ *    The `packet' is the SILC_PACKET_REKEY received to start the rekey
+ *    protocol.  If `packet' is NULL it is assumed that the packet will be
+ *    received from the `stream'.
+ *
  *    This function returns SilcAsyncOperation operation context which can
  *    be used to control the protocol from the application.  Application may
  *    for example safely abort the protocol at any point, if needed.  Returns
@@ -547,7 +559,8 @@ SilcAsyncOperation silc_ske_rekey_initiator(SilcSKE ske,
  ***/
 SilcAsyncOperation silc_ske_rekey_responder(SilcSKE ske,
 					    SilcPacketStream stream,
-					    SilcSKERekeyMaterial rekey);
+					    SilcSKERekeyMaterial rekey,
+					    SilcPacket packet);
 
 /****f* silcske/SilcSKEAPI/silc_ske_set_keys
  *