/* Authentication Payload structure */
struct SilcAuthPayloadStruct {
- unsigned short len;
- unsigned short auth_method;
- unsigned short random_len;
+ uint16 len;
+ uint16 auth_method;
+ uint16 random_len;
unsigned char *random_data;
- unsigned short auth_len;
+ uint16 auth_len;
unsigned char *auth_data;
};
/* Parses and returns Authentication Payload */
-SilcAuthPayload silc_auth_payload_parse(SilcBuffer buffer)
+SilcAuthPayload silc_auth_payload_parse(const unsigned char *data,
+ uint32 data_len)
{
+ SilcBufferStruct buffer;
SilcAuthPayload new;
int ret;
SILC_LOG_DEBUG(("Parsing Authentication Payload"));
+ silc_buffer_set(&buffer, (unsigned char *)data, data_len);
new = silc_calloc(1, sizeof(*new));
/* Parse the payload */
- ret = silc_buffer_unformat(buffer,
+ ret = silc_buffer_unformat(&buffer,
SILC_STR_UI_SHORT(&new->len),
SILC_STR_UI_SHORT(&new->auth_method),
SILC_STR_UI16_NSTRING_ALLOC(&new->random_data,
return NULL;
}
- if (new->len != buffer->len) {
+ if (new->len != buffer.len) {
silc_auth_payload_free(new);
return NULL;
}
/* Encodes authentication payload into buffer and returns it */
SilcBuffer silc_auth_payload_encode(SilcAuthMethod method,
- unsigned char *random_data,
- unsigned short random_len,
- unsigned char *auth_data,
- unsigned short auth_len)
+ const unsigned char *random_data,
+ uint16 random_len,
+ const unsigned char *auth_data,
+ uint16 auth_len)
{
SilcBuffer buffer;
- unsigned int len;
+ uint32 len;
SILC_LOG_DEBUG(("Encoding Authentication Payload"));
- len = 4 + 4 + random_len + auth_len;
+ len = 2 + 2 + 2 + random_len + 2 + auth_len;
buffer = silc_buffer_alloc(len);
silc_buffer_pull_tail(buffer, SILC_BUFFER_END(buffer));
silc_buffer_format(buffer,
}
}
+/* Get authentication method */
+
+SilcAuthMethod silc_auth_get_method(SilcAuthPayload payload)
+{
+ return payload->auth_method;
+}
+
+/* Get the authentication data */
+
+unsigned char *silc_auth_get_data(SilcAuthPayload payload,
+ uint32 *auth_len)
+{
+ if (auth_len)
+ *auth_len = payload->auth_len;
+
+ return payload->auth_data;
+}
+
/******************************************************************************
Authentication Routines
static unsigned char *
silc_auth_public_key_encode_data(SilcPublicKey public_key,
- unsigned char *random,
- unsigned int random_len, void *id,
- SilcIdType type, unsigned int *ret_len)
+ const unsigned char *random,
+ uint32 random_len, const void *id,
+ SilcIdType type, uint32 *ret_len)
{
SilcBuffer buf;
unsigned char *pk, *id_data, *ret;
- unsigned int pk_len, id_len;
+ uint32 pk_len, id_len;
pk = silc_pkcs_public_key_encode(public_key, &pk_len);
if (!pk)
silc_free(pk);
return NULL;
}
- id_len = silc_id_get_len(type);
+ id_len = silc_id_get_len(id, type);
- buf = silc_buffer_alloc(random_len + pk_len);
+ buf = silc_buffer_alloc(random_len + id_len + pk_len);
silc_buffer_pull_tail(buf, SILC_BUFFER_END(buf));
silc_buffer_format(buf,
SILC_STR_UI_XNSTRING(random, random_len),
SILC_STR_UI_XNSTRING(pk, pk_len),
SILC_STR_END);
- ret = silc_calloc(buf->len, sizeof(*ret));
- memcpy(ret, buf->data, buf->len);
+ ret = silc_memdup(buf->data, buf->len);
if (ret_len)
*ret_len = buf->len;
and the actual authentication data. Returns NULL on error. */
SilcBuffer silc_auth_public_key_auth_generate(SilcPublicKey public_key,
+ SilcPrivateKey private_key,
SilcHash hash,
- void *id, SilcIdType type)
+ const void *id, SilcIdType type)
{
unsigned char *random;
- unsigned char auth_data[32];
- unsigned int auth_len;
+ unsigned char auth_data[1024];
+ uint32 auth_len;
unsigned char *tmp;
- unsigned int tmp_len;
+ uint32 tmp_len;
SilcBuffer buf;
SilcPKCS pkcs;
silc_free(tmp);
return NULL;
}
+ silc_pkcs_public_key_set(pkcs, public_key);
+ silc_pkcs_private_key_set(pkcs, private_key);
/* Compute the hash and the signature. */
if (!silc_pkcs_sign_with_hash(pkcs, hash, tmp, tmp_len, auth_data,
}
/* Verifies the authentication data. Returns TRUE if authentication was
- successfull. */
+ successful. */
-int silc_auth_public_key_auth_verify(SilcAuthPayload payload,
- SilcPublicKey public_key, SilcHash hash,
- void *id, SilcIdType type)
+bool silc_auth_public_key_auth_verify(SilcAuthPayload payload,
+ SilcPublicKey public_key, SilcHash hash,
+ const void *id, SilcIdType type)
{
unsigned char *tmp;
- unsigned int tmp_len;
+ uint32 tmp_len;
SilcPKCS pkcs;
SILC_LOG_DEBUG(("Verifying authentication data"));
silc_free(tmp);
return FALSE;
}
+ silc_pkcs_public_key_set(pkcs, public_key);
/* Verify the authentication data */
if (!silc_pkcs_verify_with_hash(pkcs, hash, payload->auth_data,
silc_free(tmp);
silc_pkcs_free(pkcs);
- SILC_LOG_DEBUG(("Authentication successfull"));
+ SILC_LOG_DEBUG(("Authentication successful"));
return TRUE;
}
/* Same as above but the payload is not parsed yet. This will parse it. */
-int silc_auth_public_key_auth_verify_data(SilcBuffer payload,
- SilcPublicKey public_key,
- SilcHash hash,
- void *id, SilcIdType type)
+bool silc_auth_public_key_auth_verify_data(const unsigned char *payload,
+ uint32 payload_len,
+ SilcPublicKey public_key,
+ SilcHash hash,
+ const void *id, SilcIdType type)
{
SilcAuthPayload auth_payload;
int ret;
- auth_payload = silc_auth_payload_parse(payload);
+ auth_payload = silc_auth_payload_parse(payload, payload_len);
if (!auth_payload) {
SILC_LOG_DEBUG(("Authentication failed"));
return FALSE;
authentication then the `auth_data' is the SilcPublicKey and the
`auth_data_len' is ignored. */
-int silc_auth_verify(SilcAuthPayload payload, SilcAuthMethod auth_method,
- void *auth_data, unsigned int auth_data_len,
- SilcHash hash, void *id, SilcIdType type)
+bool silc_auth_verify(SilcAuthPayload payload, SilcAuthMethod auth_method,
+ const void *auth_data, uint32 auth_data_len,
+ SilcHash hash, const void *id, SilcIdType type)
{
SILC_LOG_DEBUG(("Verifying authentication"));
case SILC_AUTH_PASSWORD:
/* Passphrase based authentication. The `pkcs', `hash', `id' and `type'
arguments are not needed. */
- if (!memcmp(payload->auth_data, auth_data, payload->auth_len)) {
- SILC_LOG_DEBUG(("Authentication successfull"));
+ if (!memcmp(payload->auth_data, auth_data, auth_data_len)) {
+ SILC_LOG_DEBUG(("Authentication successful"));
return TRUE;
}
break;
/* Same as above but parses the authentication payload before verify. */
-int silc_auth_verify_data(unsigned char *payload, unsigned int payload_len,
- SilcAuthMethod auth_method, void *auth_data,
- unsigned int auth_data_len, SilcHash hash,
- void *id, SilcIdType type)
+bool silc_auth_verify_data(const unsigned char *payload, uint32 payload_len,
+ SilcAuthMethod auth_method, const void *auth_data,
+ uint32 auth_data_len, SilcHash hash,
+ const void *id, SilcIdType type)
{
SilcAuthPayload auth_payload;
- SilcBuffer buffer;
int ret;
- buffer = silc_buffer_alloc(payload_len);
- silc_buffer_pull_tail(buffer, SILC_BUFFER_END(buffer));
- silc_buffer_put(buffer, payload, payload_len);
- auth_payload = silc_auth_payload_parse(buffer);
- if (!auth_payload) {
- silc_buffer_free(buffer);
+ auth_payload = silc_auth_payload_parse(payload, payload_len);
+ if (!auth_payload)
return FALSE;
- }
ret = silc_auth_verify(auth_payload, auth_method, auth_data, auth_data_len,
hash, id, type);
silc_auth_payload_free(auth_payload);
- silc_buffer_free(buffer);
return ret;
}
/* The Key Agreement protocol structure */
struct SilcKeyAgreementPayloadStruct {
- unsigned short hostname_len;
+ uint16 hostname_len;
unsigned char *hostname;
- unsigned int port;
+ uint32 port;
};
/* Parses and returns an allocated Key Agreement payload. */
-SilcKeyAgreementPayload silc_key_agreement_payload_parse(SilcBuffer buffer)
+SilcKeyAgreementPayload
+silc_key_agreement_payload_parse(const unsigned char *payload,
+ uint32 payload_len)
{
+ SilcBufferStruct buffer;
SilcKeyAgreementPayload new;
int ret;
SILC_LOG_DEBUG(("Parsing Key Agreement Payload"));
+ silc_buffer_set(&buffer, (unsigned char *)payload, payload_len);
new = silc_calloc(1, sizeof(*new));
/* Parse the payload */
- ret = silc_buffer_unformat(buffer,
+ ret = silc_buffer_unformat(&buffer,
SILC_STR_UI16_NSTRING_ALLOC(&new->hostname,
&new->hostname_len),
SILC_STR_UI_INT(&new->port),
/* Encodes the Key Agreement protocol and returns the encoded buffer */
-SilcBuffer silc_key_agreement_payload_encode(char *hostname,
- unsigned int port)
+SilcBuffer silc_key_agreement_payload_encode(const char *hostname,
+ uint32 port)
{
SilcBuffer buffer;
- unsigned int len = hostname ? strlen(hostname) : 0;
+ uint32 len = hostname ? strlen(hostname) : 0;
SILC_LOG_DEBUG(("Encoding Key Agreement Payload"));
/* Returns the port in the payload */
-unsigned int silc_key_agreement_get_port(SilcKeyAgreementPayload payload)
+uint32 silc_key_agreement_get_port(SilcKeyAgreementPayload payload)
{
return payload->port;
}
projects / silc.git / blobdiff