From: Pekka Riikonen Date: Mon, 29 Apr 2002 17:30:48 +0000 (+0000) Subject: updates. X-Git-Tag: 1.2.beta1~1386 X-Git-Url: http://git.silcnet.org/gitweb/?p=crypto.git;a=commitdiff_plain;h=ae13c2505a3c2ea067af59abc822345dbe54a943 updates. --- diff --git a/CHANGES b/CHANGES index a04b9bab..f147c67d 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,11 @@ +Mon Apr 29 20:10:42 EEST 2002 Pekka Riikonen + + * Added `Compressed' packet flag to indicate that the packet + payload is compressed by the sender. Updated the protocol + specs and the core library. The compression still is not + implemented in the sources. Affected file is + lib/silccore/silcpacket.h. + Mon Apr 29 09:48:12 CEST 2002 Pekka Riikonen * Remove pending command callbacks also if the connection diff --git a/TODO b/TODO index 2d228658..6440e218 100644 --- a/TODO +++ b/TODO @@ -14,8 +14,6 @@ TODO/bugs In SILC Client Library set the key only if application wishes to set (accept the key) it (Do this to 1.0). - o Remove conn->current_channel. - o Additions to do after protocol version 1.1: o Add support for list of errors in command replies. Protocol diff --git a/doc/draft-riikonen-presence-attrs-00.nroff b/doc/draft-riikonen-presence-attrs-00.nroff index 079ad522..22d439ca 100644 --- a/doc/draft-riikonen-presence-attrs-00.nroff +++ b/doc/draft-riikonen-presence-attrs-00.nroff @@ -169,8 +169,8 @@ multiple same attributes in the packet. This attribute includes general information about the user, their name and contact information. The content of this attribute is - a VCard version 3.0 as defined in RFC 2425 [RFC2425] and RFC 2426 - [RFC2426]. Note that some of the information that VCard provides + a VCard version 3.0 as defined in RFC 2426 [RFC2426] and RFC 2425 + [RFC2425]. Note that some of the information that VCard provides can be also provided in the means of providing other attributes. The rationale for this is that the VCard does not provide all the information, or with the required precision that may be desired in @@ -274,7 +274,7 @@ x ATTRIBUTE_EXTENSION This attribute indicates that the attribute value is vendor, application or service specific attribute extension. This field - MUST include MIME object, which is the extension value. This + MUST include a MIME object, which is the extension value. This document does not specify any explicit MIME objects for this attribute. @@ -310,11 +310,9 @@ x ATTRIBUTE_USER_PUBLIC_KEY x509v3-sign-rsa X.509 Version 3 RSA certificate [RFC2459] x509v3-sign-dss X.509 Version 3 DSS certificate [RFC2459] - These public key/certificate types are equivalent to the types - specified for SSH protocol [SSH-TRANS] and are expected to be - officially assigned by IANA. The silc-rsa and silc-dss are not - currently specified in SSH, however they are considered to be - IANA assigned later anyway. + Most of these public key/certificate types are equivalent to + the types specified for SSH protocol [SSH-TRANS] and are expected + to be officially assigned by IANA. The encoding of the public key/certificate data in the attribute is done in the manner defined in their respective definitions. @@ -322,8 +320,8 @@ x ATTRIBUTE_USER_PUBLIC_KEY Note that these public keys are intended for signing. Some certificates may have a key usage restrictions and same key cannot be used for both encryption and signing. Therefore, the name - of the certificate type indicates that they are intended for - signing. + of the certificate type indicates if they are intended for + signing only. x ATTRIBUTE_SERVER_PUBLIC_KEY @@ -386,6 +384,33 @@ x ATTRIBUTE_SERVER_DIGITAL_SIGNATURE .ti 0 5 References +[RFC2119] Bradner, S., "Key Words for use in RFCs to Indicate + Requirement Levels", BCP 14, RFC 2119, March 1997. + +[RFC2279] Yergeau, F., "UTF-8, a transformation format of ISO + 10646", RFC 2279, January 1998. + +[RFC2425] Howes, T., et al, "A MIME Content-Type for Directory + Information", RFC 2425, September 1998. + +[RFC2426] Dawson, F., et al, "vCard MIME Directory Profile", + RFC 2426, September 1998. + +[SILC1] Riikonen, P., "Secure Internet Live Conferencing (SILC), + Protocol Specification", Internet Draft, April 2001. + +[RFC2440] Callas, J., et al, "OpenPGP Message Format", RFC 2440, + November 1998. + +[RFC2459] Housley, R., et al, "Internet X.509 Public Key + Infrastructure, Certificate and CRL Profile", RFC 2459, + January 1999. + +[SSH-TRANS] Ylonen, T., et al, "SSH Transport Layer Protocol", + Internet Draft. + +[PKCS7] Kalinski, B., "PKCS #7: Cryptographic Message Syntax, + Version 1.5", RFC 2315, March 1998. .ti 0 diff --git a/doc/draft-riikonen-silc-commands-03.nroff b/doc/draft-riikonen-silc-commands-03.nroff index bde979a3..2552fed9 100644 --- a/doc/draft-riikonen-silc-commands-03.nroff +++ b/doc/draft-riikonen-silc-commands-03.nroff @@ -1324,25 +1324,31 @@ List of all defined commands in SILC follows. Channel founder may set this mode to be able to regain channel founder rights even if the client leaves the channel. The is the Authentication Payload - consisting of the authentication method and authentication - data to be used in the authentication. The server MUST - NOT accept NONE authentication method. Also, if the - method is public key authentication the server MUST NOT - save the authentication data from the payload as the - data is different on all authentications. In this case the - server only saves the authentication method. However, - server MUST verify the sent authentication payload and - set the mode only if the verification was successful. - - Note that this mode is effective only in the current server. - The client MUST connect to the same server later to be able - to regain the channel founder rights. The server MUST save - the public key of the channel founder and use that to identify - the client which is claiming the channel founder rights. - The rights may be claimed by the SILC_CUMODE_FOUNDER - channel user mode using SILC_COMMAND_CUMODE command. The - set authentication data remains valid as long as the channel - exists or until the founder unsets this mode. + consisting of the public key authentication method and the + authentication data for that method. The passphrase + method cannot be used with this mode. The server MUST NOT + accept NONE authentication method. The server does not + save but MUST verify it. The public key + used to verify the payload is the public key of the + client sending this command. The mode may be set only + if the was verified successfully. The + server also MUST save the founder's public key. + + The public key of the founder is sent in the + SILC_NOTIFY_TYPE_CMODE_CHANGE notify type so that other + routers and servers in the network may save the public key. + This way the founder can reclaim the founder rights back + to the channel from any server in the network. The founder + rights can be regained by the SILC_CUMODE_FOUNDER channel + user mode, or during joining procedure with the command + SILC_COMMAND_JOIN. + + When this channel mode is set the channel also becomes + permanent. If all clients leave the channel while this + mode is set the channel MUST NOT be destroyed. The founder + can reclaim the founder mode back on these empty channels + at any time. Implementations MAY limit the number of how + many channels a user can own. Typical implementation would use [+|-]f on user interface to set/unset this mode. @@ -1440,7 +1446,7 @@ List of all defined commands in SILC follows. been set, the client can claim channel founder privileges by providing the that the server will use to authenticate the client. The public key that server will - use to verify the must the same public key + use to verify the MUST the same public key that was saved when the SILC_CMODE_FOUNDER_AUTH channel mode was set. The client MAY remove this mode at any time. diff --git a/doc/draft-riikonen-silc-pp-05.nroff b/doc/draft-riikonen-silc-pp-05.nroff index 60a8469e..db9cbb00 100644 --- a/doc/draft-riikonen-silc-pp-05.nroff +++ b/doc/draft-riikonen-silc-pp-05.nroff @@ -158,7 +158,11 @@ Conferencing, Protocol Specification Internet Draft [SILC1]. This protocol describes the packet types and packet payloads which defines the contents of the packets. The protocol provides secure binary packet protocol that assures that the contents of the packets are secured and -authenticated. +authenticated. The packet protocol is designed to be compact to avoid +unnecessary overhead as much as possible. This makes the SILC suitable +also in environment of low bandwith requirements such as mobile networks. +All packet payloads can also be compressed to further reduce the size +of the packets. The basis of SILC protocol relies in the SILC packets and it is with out a doubt the most important part of the protocol. It is also probably @@ -325,6 +329,16 @@ o Flags (1 byte) - Indicates flags to be used in packet section 2.12 Packet Broadcasting for description of packet broadcasting. + + Compressed 0x08 + + Marks that the payload of the packet is compressed. + The sender of the packet marks this flag when it + compresses the payload, and any server or router + en route to the receipient MUST NOT unset this flag. + See section 2.8 Packet Compression for description of + packet compressing. + .in 3 @@ -1334,10 +1348,10 @@ UTF-8 [RFC2279] encoded. to the clients which is joined on the channel which mode was changed. - Max Arguments: 5 + Max Arguments: 6 Arguments: (1) (2) (3) [] (4) <[hmac>] - (5) [] + (5) [] (6) [] The is the ID (usually Client ID but it can be Server ID as well when the router is enforcing channel mode @@ -1347,7 +1361,12 @@ UTF-8 [RFC2279] encoded. packet will force the new channel key change anyway. The argument is important since the client is responsible of setting the new HMAC and the hmac key into use. The is - the passphrase of the channel, if it was now set. + the passphrase of the channel, if it was now set. The argument is sent when the founder mode on the + channel was set. All routers and servers that receive the packet + MUST save the founder's public key so that the founder can + reclaim the channel founder rights back for the channel on any + server in the network. 8 SILC_NOTIFY_TYPE_CUMODE_CHANGE @@ -1723,20 +1742,21 @@ o Padding (variable length) - The padding that MUST be other parts of the packet. o MAC (variable length) - The MAC computed from the - Message Length, Message Data, Padding Length, Padding and - Initial Vector fields. This protects the integrity of the - plaintext channel message. The receiver can verify from - the MAC whether the message decrypted correctly. Also, if - more than one private key has been set for the channel, the - receiver can verify which of the keys decrypted the message - correctly. Note that, this field is encrypted and MUST - be added to the padding calculation. + Message Flags, Message Length, Message Data, Padding Length, + Padding and Initial Vector fields in that order. This + protects the integrity of the plaintext channel message. + The receiver can verify from the MAC whether the message + decrypted correctly. Also, if more than one private key + has been set for the channel, the receiver can verify which + of the keys decrypted the message correctly. Note that, + this field is encrypted and MUST be added to the padding + calculation. o Initial Vector (variable length) - The initial vector that has been used in packet encryption. It needs to be used in the packet decryption as well. What this field includes is implementation issue. However, it is - RECOMMENDED that it would be random data or, perhaps, + RECOMMENDED that it would be random data, or perhaps a timestamp. It is NOT RECOMMENDED to use zero (0) as an initial vector. This field is not encrypted. This field is not included into the padding calculation. Length @@ -2758,7 +2778,7 @@ The compression MUST always be applied before encryption. When the packet is received and decrypted the data area MUST be decompressed. Note that the true sender of the packet MUST apply the compression and the true receiver of the packet MUST apply the decompression. Any -server or router en route MUST NOT decompress the packet. +server or router en route SHOULD NOT decompress the packet. .ti 0 diff --git a/doc/draft-riikonen-silc-spec-05.nroff b/doc/draft-riikonen-silc-spec-05.nroff index 4c284f12..9bcdb4a4 100644 --- a/doc/draft-riikonen-silc-spec-05.nroff +++ b/doc/draft-riikonen-silc-spec-05.nroff @@ -149,7 +149,11 @@ Figure 5: SILC Public Key This document describes a Secure Internet Live Conferencing (SILC) protocol which provides secure conferencing services over insecure network channel. SILC is IRC [IRC] like protocol, however, it is -not equivalent to IRC and does not support IRC. +not equivalent to IRC and does not support IRC. Some of the SILC's +features are not found in IRC but in traditional Instant Message (IM) +protocols. SILC combines features from both of these chat protocol +styles, and SILC can be implemeneted as either IRC-like system or +IM-like system. Strong cryptographic methods are used to protect SILC packets inside the SILC network. Three other Internet Drafts relates very closely @@ -160,7 +164,11 @@ The protocol uses extensively packets as conferencing protocol requires message and command sending. The SILC Packet Protocol is described in [SILC2] and should be read to fully comprehend this document and protocol. [SILC2] also describes the packet encryption -and decryption in detail. +and decryption in detail. The SILC Packet Protocol provides secured +and authenticated packets, and the protocol is designed to be compact. +This makes SILC also suitable in environment of low bandwith +requirements such as mobile networks. All packet payloads in SILC +can be also compressed. The security of SILC protocol, and for any security protocol for that matter, is based on strong and secure key exchange protocol. The SILC @@ -734,14 +742,19 @@ A channel is a named group of one or more clients which will all receive messages addressed to that channel. The channel is created when first client requests JOIN command to the channel, and the channel ceases to exist when the last client has left it. When channel exists, any client -can reference it using the name of the channel. +can reference it using the name of the channel. If the channel has +a founder mode set and last client leaves the channel the channel does +not cease to exist. The founder mode can be used to make permanent +channels in the network. The founder of the channel can regain the +channel founder privileges on the channel later when he joins the +channel. Channel names are unique although the real uniqueness comes from 64 bit Channel ID. However, channel names are still unique and no two global -channels with same name may exist. The Channel name is a string of +channels with same name may exist. The channel name is a string of maximum length of 256 bytes. Channel names MUST NOT contain any -spaces (` '), any non-printable ASCII characters, commas (`,') and -wildcard characters. +whitespaces (` '), any non-printable ASCII characters, commas (`,') +and wildcard characters. Channels can have operators that can administrate the channel and operate all of its modes. The following operators on channel exist on @@ -1232,6 +1245,16 @@ is always in PKCS #1 version 1.5 format. Additional public key algorithms MAY be defined to be used in SILC. +When signatures are computed in SILC the computing of the signature is +represented as sign(). The signature computing procedure is dependent +of the public key algorithm, and the public key or certificate encoding. +When using SILC public key the signature is computed as described in +previous section for RSA and DSS keys. When using SSH2 public keys +the signature is computed as described in [SSH-TRANS]. When using +X.509 version 3 certificates the signature is computed as described +in [PKCS7]. When using OpenPGP certificates the signature is computed +as described in [PGP]. + .ti 0 3.10.3 Hash Functions @@ -2344,6 +2367,8 @@ should have a forum to discuss the cell management issues. [RFC2279] Yergeau, F., "UTF-8, a transformation format of ISO 10646", RFC 2279, January 1998. +[PKCS7] Kalinski, B., "PKCS #7: Cryptographic Message Syntax, + Version 1.5", RFC 2315, March 1998. .ti 0 diff --git a/lib/silccore/silcpacket.h b/lib/silccore/silcpacket.h index a1e64a88..561b8fe1 100644 --- a/lib/silccore/silcpacket.h +++ b/lib/silccore/silcpacket.h @@ -138,10 +138,10 @@ typedef unsigned char SilcPacketFlags; #define SILC_PACKET_FLAG_PRIVMSG_KEY 0x01 /* Private message key */ #define SILC_PACKET_FLAG_LIST 0x02 /* Packet is a list */ #define SILC_PACKET_FLAG_BROADCAST 0x04 /* Packet is a broadcast */ +#define SILC_PACKET_FLAG_COMPRESSED 0x08 /* Payload is compressed */ /***/ /* Rest of flags still available -#define SILC_PACKET_FLAG_XXX 0x08 #define SILC_PACKET_FLAG_XXX 0x10 #define SILC_PACKET_FLAG_XXX 0x20 #define SILC_PACKET_FLAG_XXX 0x40