/* silcmessage.h Author: Pekka Riikonen Copyright (C) 1997 -2002 Pekka Riikonen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. */ /****h* silccore/SILC Message Interface * * DESCRIPTION * * This interface includes the implementation of the Message Payload that * is used to send private messages and channel messages. * * This interface defines also the SILC_MESSAGE_FLAG_SIGNED Payload, * which defines how channel messages and private messages can be digitally * signed. This interface provides the payload parsing, encoding, * signature computing and signature verification routines. * ***/ #ifndef SILCMESSAGE_H #define SILCMESSAGE_H /****s* silccore/SilcMessageAPI/SilcMessagePayload * * NAME * * typedef struct SilcMessagePayloadStruct *SilcMessagePayload; * * * DESCRIPTION * * This context is the actual Message Payload and is allocated * by silc_message_payload_parse and given as argument usually * to all silc_message_* functions. It is freed by the * silc_message_payload_free function. * ***/ typedef struct SilcMessagePayloadStruct *SilcMessagePayload; /****d* silccore/SilcMessageAPI/SilcMessageFlags * * NAME * * typedef SilcUInt16 SilcMessageFlags; * * DESCRIPTION * * The message flags type definition and the message flags. The * message flags are used to indicate some status of the message. * * SOURCE */ typedef SilcUInt16 SilcMessageFlags; /* The message flags */ #define SILC_MESSAGE_FLAG_NONE 0x0000 /* No flags */ #define SILC_MESSAGE_FLAG_AUTOREPLY 0x0001 /* Automatically replied */ #define SILC_MESSAGE_FLAG_NOREPLY 0x0002 /* Send no reply to this */ #define SILC_MESSAGE_FLAG_ACTION 0x0004 /* Action message */ #define SILC_MESSAGE_FLAG_NOTICE 0x0008 /* Notice message */ #define SILC_MESSAGE_FLAG_REQUEST 0x0010 /* A request */ #define SILC_MESSAGE_FLAG_SIGNED 0x0020 /* Message is signed */ #define SILC_MESSAGE_FLAG_REPLY 0x0040 /* A reply */ #define SILC_MESSAGE_FLAG_DATA 0x0080 /* MIME object */ #define SILC_MESSAGE_FLAG_UTF8 0x0100 /* UTF-8 string */ #define SILC_MESSAGE_FLAG_RESERVED 0x0200 /* to 0x0800 */ #define SILC_MESSAGE_FLAG_PRIVATE 0x1000 /* to 0x8000 */ /***/ /****f* silccore/SilcMessageAPI/silc_message_payload_decrypt * * SYNOPSIS * * bool silc_message_payload_decrypt(unsigned char *data, * size_t data_len, * bool private_message, * bool static_key, * SilcCipher cipher, * SilcHmac hmac, * bool check_mac); * * DESCRIPTION * * Decrypt Message Payload indicated by `data'. If the payload is * channel message then `private_message' is FALSE, and if it is * private message it is TRUE. If the private message key is static * (pre-shared key) then protocol dictates that the IV is present * and `static_key' must be set to TRUE. If the key is not static * (Key Agreement was done for the key) then it MUST be FALSE. For * channel messages the `static_key' is ignored. * * This is usually used by the Message Payload interface itself but can * be called by the appliation if separate decryption process is required. * For example server might need to call this directly in some * circumstances. The `cipher' is used to decrypt the payload. If * `check_mac' is FALSE then MAC is not verified. * ***/ bool silc_message_payload_decrypt(unsigned char *data, size_t data_len, bool private_message, bool static_key, SilcCipher cipher, SilcHmac hmac, bool check_mac); /****f* silccore/SilcMessageAPI/silc_message_payload_parse * * SYNOPSIS * * SilcMessagePayload * silc_message_payload_parse(unsigned char *payload, * SilcUInt32 payload_len, * bool private_message, * bool static_key, * SilcCipher cipher, * SilcHmac hmac); * * DESCRIPTION * * Parses Message Payload returning new payload structure. This also * decrypts the payload and checks the MAC. If the payload is * channel message then `private_message' is FALSE, and if it is * private message it is TRUE. If the private message key is static * (pre-shared key) then protocol dictates that the IV is present * and `static_key' must be set to TRUE. If the key is not static * (Key Agreement was done for the key) then it MUST be FALSE. For * channel messages the `static_key' is ignored. * * If the `hmac' is no provided then the MAC of the channel message is * not verified. If the message is private message and `cipher' is NULL * then this assumes that the packet was decrypted with session keys * (no private message key) and this merely decodes the payload. * ***/ SilcMessagePayload silc_message_payload_parse(unsigned char *payload, SilcUInt32 payload_len, bool private_message, bool static_key, SilcCipher cipher, SilcHmac hmac); /****f* silccore/SilcMessageAPI/silc_message_payload_encrypt * * SYNOPSIS * * bool silc_message_payload_encrypt(unsigned char *data, * SilcUInt32 data_len, * unsigned char *iv, * SilcUInt32 iv_len, * SilcCipher cipher, * SilcHmac hmac); * * DESCRIPTION * * This function is used to encrypt the Messsage Payload which is * the `data' and `data_len'. The `data_len' is the data length which * is used to create MAC out of. The `data' MUST have additional space * after `data_len' bytes for the MAC which is appended to the data. * * This is usually used by the Message Payload interface itself but can * be called by the appliation if separate encryption process is required. * For example server might need to call this directly in some * circumstances. The `cipher' is used to encrypt the payload and `hmac' * to compute the MAC for the payload. * ***/ bool silc_message_payload_encrypt(unsigned char *data, SilcUInt32 data_len, unsigned char *iv, SilcUInt32 iv_len, SilcCipher cipher, SilcHmac hmac); /****f* silccore/SilcMessageAPI/silc_message_payload_encode * * SYNOPSIS * * SilcBuffer silc_message_payload_encode(SilcMessageFlags flags, * const unsigned char *data, * SilcUInt32 data_len, * bool generate_iv, * bool private_message, * SilcCipher cipher, * SilcHmac hmac, * SilcRng rng); * * DESCRIPTION * * Encodes a Message Payload into a buffer and returns it. This is * used to encode channel messages and private messages into a packet. * If `private_message' is FALSE then this encodes channel message, if * it is TRUE this encodes private message. If `private_message' is * TRUE then `generate_iv' MUST be FALSE if the private message key * `cipher' is not static key (pre-shared key). If it is static key * then protocol dictates that IV must be present in the Message Payload * and `generate_iv' must be TRUE. The caller must know whether the key * is static or not for private messages. If the key was generated with * Key Agreement protocol then `generate_iv' is always FALSE. For * channel messages `generate_iv' is always set to TRUE value. * * The `cipher' is the cipher used to encrypt the message and `hmac' * is used to compute the MAC for the payload. If encoding private * message that will be encrypted with session keys (no private message * key) then `cipher' and `hmac' is NULL and this merely encodes the * payload buffer, and the caller must encrypt the packet later. * * If `rng' is NULL then global RNG is used, if non-NULL then the * `rng' is used (for IV and padding generation). * ***/ SilcBuffer silc_message_payload_encode(SilcMessageFlags flags, const unsigned char *data, SilcUInt32 data_len, bool generate_iv, bool private_message, SilcCipher cipher, SilcHmac hmac, SilcRng rng); /****f* silccore/SilcMessageAPI/silc_message_payload_free * * SYNOPSIS * * void silc_message_payload_free(SilcMessagePayload payload); * * DESCRIPTION * * Free's Message Payload and all data in it. * ***/ void silc_message_payload_free(SilcMessagePayload payload); /****f* silccore/SilcMessageAPI/silc_message_get_flags * * SYNOPSIS * * SilcMessageFlags silc_message_get_flags(SilcMessagePayload payload); * * DESCRIPTION * * Returns the message flags from the payload. * ***/ SilcMessageFlags silc_message_get_flags(SilcMessagePayload payload); /****f* silccore/SilcMessageAPI/silc_message_get_data * * SYNOPSIS * * unsigned char * * silc_message_get_data(SilcMessagePayload payload, * SilcUInt32 *data_len); * * DESCRIPTION * * Return the data in the payload, that is, the actual message data. * The caller must not free it. * ***/ unsigned char *silc_message_get_data(SilcMessagePayload payload, SilcUInt32 *data_len); /****f* silccore/SilcMessageAPI/silc_message_get_mac * * SYNOPSIS * * unsigned char * * silc_message_get_mac(SilcMessagePayload payload); * * DESCRIPTION * * Return the MAC of the payload. The caller must already know the * length of the MAC. The caller must not free the MAC. * ***/ unsigned char *silc_message_get_mac(SilcMessagePayload payload); /****f* silccore/SilcMessageAPI/silc_message_get_iv * * SYNOPSIS * * unsigned char * * silc_message_get_iv(SilcMessagePayload payload); * * DESCRIPTION * * Return the IV of the payload. The caller must already know the * length of the IV. The caller must not free the IV. * ***/ unsigned char *silc_message_get_iv(SilcMessagePayload payload); /****s* silccore/SilcMessageAPI/SilcMessageSignedPayload * * NAME * * typedef struct SilcMessageSignedPayloadStruct *SilcMessageSignedPayload; * * * DESCRIPTION * * This context represents the SILC_MESSAGE_FLAG_SIGNED Payload which * is used with channel messages and private messages to indicate that * the message is digitally signed. This payload may include the * message sender's public key and it includes the digital signature. * This payload MUST NOT be used in any other context except with * channel and private message sending and reception. * ***/ typedef struct SilcMessageSignedPayloadStruct *SilcMessageSignedPayload; /****f* silccore/SilcMessageAPI/silc_message_signed_payload_parse * * SYNOPSIS * * SilcMessageSignedPayload * silc_message_signed_payload_parse(const unsigned char *data, * SilcUInt32 data_len); * * DESCRIPTION * * Parses the SILC_MESSAGE_FLAG_SIGNED Payload from the `data' of * length of `data_len' bytes. The `data' must be payload without * the actual message payload. Returns the parsed payload or NULL * on error. Caller must free the returned payload. * ***/ SilcMessageSignedPayload silc_message_signed_payload_parse(const unsigned char *data, SilcUInt32 data_len); /****f* silccore/SilcMessageAPI/silc_message_signed_payload_encode * * SYNOPSIS * * SilcBuffer * silc_message_signed_payload_encode(const unsigned char *message_payload, * SilcUInt32 message_payload_len, * SilcPublicKey public_key, * SilcPrivateKey private_key, * bool include_public_key); * * DESCRIPTION * * Encodes the SILC_MESSAGE_FLAG_SIGNED Payload and computes the * digital signature. The `message_payload' is the message data that * is used in the signature computation. The encoding of the buffer * is specified in the SILC protocol. If `include_public_key' is * TRUE then the public key included in the payload. The `private_key' * is used to produce the signature. This function returns the encoded * payload with the signature or NULL on error. Caller must free the * returned buffer. * ***/ SilcBuffer silc_message_signed_payload_encode(const unsigned char *message_payload, SilcUInt32 message_payload_len, SilcPublicKey public_key, SilcPrivateKey private_key, SilcHash hash, bool include_public_key); /****f* silccore/SilcMessageAPI/silc_message_signed_payload_free * * SYNOPSIS * * void silc_message_signed_payload_free(SilcMessageSignedPayload sig); * * DESCRIPTION * * Frees the SILC_MESSAGE_FLAG_SIGNED Payload. * ***/ void silc_message_signed_payload_free(SilcMessageSignedPayload sig); /****f* silccore/SilcMessageAPI/silc_message_signed_verify * * SYNOPSIS * * int silc_message_signed_verify(SilcMessageSignedPayload sig, * SilcMessagePayload message, * SilcPublicKey remote_public_key, * SilcHash hash); * * DESCRIPTION * * This routine can be used to verify the signature found in * SILC_MESSAGE_FLAG_SIGNED Payload. This returns SILC_AUTH_OK if the * signature verification was successful. * ***/ int silc_message_signed_verify(SilcMessageSignedPayload sig, SilcMessagePayload message, SilcPublicKey remote_public_key, SilcHash hash); /****f* silccore/SilcMessageAPI/silc_message_signed_get_public_key * * SYNOPSIS * * SilcPublicKey * silc_message_signed_get_public_key(SilcMessageSignedPayload sig); * * DESCRIPTION * * Returns the public key from the SILC_MESSAGE_FLAG_SIGNED Payload * or NULL if it does not include public key. The caller must free * the returned public key. * ***/ SilcPublicKey silc_message_signed_get_public_key(SilcMessageSignedPayload sig); #endif /* SILCMESSAGE_H */