.ds RF FORMFEED[Page %]
.ds CF
.ds LH Internet Draft
-.ds RH XXX
+.ds RH 13 November 2001
.ds CH
.na
.hy 0
.in 0
.nf
-Network Working Group P. Riikonen
+Network Working Group P. Riikonen
Internet-Draft
-draft-riikonen-silc-pp-04.txt XXX
-Expires: XXX
+draft-riikonen-silc-pp-04.txt 13 November 2001
+Expires: 13 May 2002
.in 3
-
.ti 0
Table of Contents
2.3 SILC Packet Types ......................................... 7
2.3.1 SILC Packet Payloads ................................ 16
2.3.2 Generic payloads .................................... 16
- 2.3.2.1 ID Payload .................................. 16
- 2.3.2.2 Argument Payload ............................ 17
+ 2.3.2.1 ID Payload .................................. 17
+ 2.3.2.2 Argument Payload ............................ 18
2.3.2.3 Channel Payload ............................. 18
2.3.2.4 Public Key Payload .......................... 19
- 2.3.3 Disconnect Payload .................................. 19
- 2.3.4 Success Payload ..................................... 19
- 2.3.5 Failure Payload ..................................... 20
- 2.3.6 Reject Payload ...................................... 21
+ 2.3.3 Disconnect Payload .................................. 20
+ 2.3.4 Success Payload ..................................... 21
+ 2.3.5 Failure Payload ..................................... 21
+ 2.3.6 Reject Payload ...................................... 22
2.3.7 Notify Payload ...................................... 22
- 2.3.8 Error Payload ....................................... 21
- 2.3.9 Channel Message Payload ............................. 28
- 2.3.10 Channel Key Payload ................................ 31
- 2.3.11 Private Message Payload ............................ 33
- 2.3.12 Private Message Key Payload ........................ 34
- 2.3.13 Command Payload .................................... 36
- 2.3.14 Command Reply Payload .............................. 37
- 2.3.15 Connection Auth Request Payload .................... 37
- 2.3.16 New ID Payload ..................................... 38
- 2.3.17 New Client Payload ................................. 39
- 2.3.18 New Server Payload ................................. 40
- 2.3.19 New Channel Payload ................................ 41
- 2.3.20 Key Agreement Payload .............................. 42
- 2.3.21 Resume Router Payload .............................. 43
- 2.3.22 File Transfer Payload .............................. 43
- 2.4 SILC ID Types ............................................. 44
- 2.5 Packet Encryption And Decryption .......................... 44
- 2.5.1 Normal Packet Encryption And Decryption ............. 45
- 2.5.2 Channel Message Encryption And Decryption ........... 45
- 2.5.3 Private Message Encryption And Decryption ........... 46
- 2.6 Packet MAC Generation ..................................... 47
- 2.7 Packet Padding Generation ................................. 47
- 2.8 Packet Compression ........................................ 48
- 2.9 Packet Sending ............................................ 48
- 2.10 Packet Reception ......................................... 49
- 2.11 Packet Routing ........................................... 49
- 2.12 Packet Broadcasting ...................................... 50
-3 Security Considerations ....................................... 50
-4 References .................................................... 50
-5 Author's Address .............................................. 52
+ 2.3.8 Error Payload ....................................... 28
+ 2.3.9 Channel Message Payload ............................. 29
+ 2.3.10 Channel Key Payload ................................ 32
+ 2.3.11 Private Message Payload ............................ 34
+ 2.3.12 Private Message Key Payload ........................ 35
+ 2.3.13 Command Payload .................................... 37
+ 2.3.14 Command Reply Payload .............................. 38
+ 2.3.15 Connection Auth Request Payload .................... 38
+ 2.3.16 New ID Payload ..................................... 39
+ 2.3.17 New Client Payload ................................. 40
+ 2.3.18 New Server Payload ................................. 41
+ 2.3.19 New Channel Payload ................................ 42
+ 2.3.20 Key Agreement Payload .............................. 43
+ 2.3.21 Resume Router Payload .............................. 44
+ 2.3.22 File Transfer Payload .............................. 44
+ 2.4 SILC ID Types ............................................. 46
+ 2.5 Packet Encryption And Decryption .......................... 46
+ 2.5.1 Normal Packet Encryption And Decryption ............. 46
+ 2.5.2 Channel Message Encryption And Decryption ........... 47
+ 2.5.3 Private Message Encryption And Decryption ........... 48
+ 2.6 Packet MAC Generation ..................................... 48
+ 2.7 Packet Padding Generation ................................. 49
+ 2.8 Packet Compression ........................................ 50
+ 2.9 Packet Sending ............................................ 50
+ 2.10 Packet Reception ......................................... 51
+ 2.11 Packet Routing ........................................... 51
+ 2.12 Packet Broadcasting ...................................... 52
+3 Security Considerations ....................................... 53
+4 References .................................................... 53
+5 Author's Address .............................................. 54
.ti 0
List of Figures
Padding follows the packet header. The purpose of the padding is to
make the packet multiple by eight (8) or by the block size of the
cipher used in the encryption, which ever is larger. The maximum
-length of padding is currently 16 bytes. The padding is always
-encrypted. See the section 2.7 Padding Generation for more detailed
-information.
+length of padding is currently 128 bytes. The padding is always
+encrypted. The padding is applied always, even if the packet is
+not encrypted. See the section 2.7 Padding Generation for more
+detailed information.
Data payload area follows padding and it is the actual data of the
packet. The packet data is the packet payloads defined in this
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Payload Length | Flags | Packet Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-| Source ID Length | Destination ID Length |
+| Pad Length | RESERVED | Source ID Len | Dest ID Len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Src ID Type | |
+-+-+-+-+-+-+-+-+ +
uses this field to parse the packet. See section 2.3
SILC Packets for list of defined packet types.
-o Source ID Length (2 bytes) - Indicates the length of the
+o Pad Length (1 byte) - Indicates the length of the padding
+ applied after the SILC Packet header. Maximum length for
+ padding is 128 bytes.
+
+o RESERVED (1 byte) - Reserved field and must include a
+ zero (0) value.
+
+o Source ID Length (1 byte) - Indicates the length of the
Source ID field in the header, not including this or any
other fields.
-o Destination ID Length (2 bytes) - Indicates the length of the
+o Destination ID Length (1 byte) - Indicates the length of the
Destination ID field in the header, not including this or
any other fields.
ID that indicates which is the end receiver of the packet.
+
.ti 0
2.3 SILC Packet Types
Payload
+
+
13 SILC_PACKET_KEY_EXCHANGE
This packet is used to start SILC Key Exchange Protocol,
This payload can be used to send an ID. ID's are variable in length
thus this payload provides a way to send variable length ID's.
-
-
-
-
-
-
-
-
-
-
-
The following diagram represents the ID Payload.
.in 5
the packet payload needing the arguments. Incorrect amount of argument
payloads MUST cause rejection of the packet.
+
+
+
+
+
+
The following diagram represents the Argument Payload.
.in 5
The following diagram represents the Channel Payload.
+
+
+
+
+
+
+
+
+
+
.in 5
.nf
1 2 3
The following diagram represents the Public Key Payload.
+
+
+
.in 5
.nf
1 2 3
not be sent in any other packet type. The following diagram represents
the Notify Payload.
+
+
+
.in 5
.nf
1 2 3
server that are on channels must be removed from the channel.
Max Arguments: 2000
- Arguments: (1) <Server ID> (n) [<Client ID> [...]
+ Arguments: (1) <Server ID> (n) [<Client ID>] [...]
The <Server ID> is the server's ID. The rest of the arguments
are the Client ID's of the client's which are coming from this
maximum number of arguments are reached another
SILC_NOTIFY_TYPE_SERVER_SIGNOFF notify packet MUST be sent.
When this notify packet is sent between routers the Client ID's
- MAY be omitted.
+ MAY be omitted. Server receiving the Client ID's in the payload
+ may use them directly to remove the client.
12 SILC_NOTIFY_TYPE_KICKED
diagram represents the Private Message Payload.
+
+
+
+
+
+
.in 5
.nf
1 2 3
.in 3
+
+
.ti 0
2.4 SILC ID Types
this ID in [SILC1].
.in 3
+When encoding different IDs into the ID Payload, all fields are always
+in MSB first order. The IP address, port, and/or the random number
+are encoded in the MSB first order.
+
.ti 0
2.5 Packet Encryption And Decryption
For normal packets the padding is added after the SILC Packet Header
and between the Data Payload area. The padding for normal packets
-are calculated as follows:
+may be calculated as follows:
.in 6
padding length = 16 - (packet_length mod block_size)
.in 3
The `block_size' is the block size of the cipher. The maximum padding
-length is 16 bytes, and minimum is 1 byte. The above algorithm calculates
+length is 128 bytes, and minimum is 1 byte. The above algorithm calculates
the padding to the next block size, and always returns the padding
-length between 1 - 16 bytes.
+length between 1 - 16 bytes. However, implementations may add padding
+up to 128 bytes. For example packets that include a passphrase or a
+password for authentication purposes SHOULD pad the packet up to the
+maximum padding length.
For special packets the padding calculation is different as special
packets may be encrypted differently. In these cases the encrypted
[RFC2119] Bradner, S., "Key Words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
+[SFTP] Ylonen T., and Lehtinen S., "Secure Shell File Transfer
+ Protocol", Internet Draft, March 2001.
.ti 0
5 Author's Address
EMail: priikone@silcnet.org
-This Internet-Draft expires XXX
+This Internet-Draft expires 13 May 2002
projects / crypto.git / blobdiff