X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=blobdiff_plain;f=lib%2Fsilccore%2Fsilcauth.c;h=7ac372d360238a57017c15427504d25b398f8126;hp=a7a43c4106da093537ad7e87c4dca6fd365b1a0d;hb=e5d8d3db6caa344b3d419b884556c21b15e7d123;hpb=f9b6b6d91114fc1249b53ad4a77b3f1e974d8eef

diff --git a/lib/silccore/silcauth.c b/lib/silccore/silcauth.c
index a7a43c41..7ac372d3 100644
--- a/lib/silccore/silcauth.c
+++ b/lib/silccore/silcauth.c
@@ -30,27 +30,31 @@
 
 /* Authentication Payload structure */
 struct SilcAuthPayloadStruct {
-  unsigned short len;
-  unsigned short auth_method;
-  unsigned short random_len;
+  uint16 len;
+  uint16 auth_method;
+  uint16 random_len;
   unsigned char *random_data;
-  unsigned short auth_len;
+  uint16 auth_len;
   unsigned char *auth_data;
 };
 
 /* Parses and returns Authentication Payload */
 
-SilcAuthPayload silc_auth_payload_parse(SilcBuffer buffer)
+SilcAuthPayload silc_auth_payload_parse(unsigned char *data,
+					uint32 data_len)
 {
+  SilcBufferStruct buffer;
   SilcAuthPayload new;
   int ret;
 
   SILC_LOG_DEBUG(("Parsing Authentication Payload"));
 
+  silc_buffer_set(&buffer, data, data_len);
+
   new = silc_calloc(1, sizeof(*new));
 
   /* Parse the payload */
-  ret = silc_buffer_unformat(buffer, 
+  ret = silc_buffer_unformat(&buffer, 
 			     SILC_STR_UI_SHORT(&new->len),
 			     SILC_STR_UI_SHORT(&new->auth_method),
 			     SILC_STR_UI16_NSTRING_ALLOC(&new->random_data,
@@ -63,7 +67,7 @@ SilcAuthPayload silc_auth_payload_parse(SilcBuffer buffer)
     return NULL;
   }
 
-  if (new->len != buffer->len) {
+  if (new->len != buffer.len) {
     silc_auth_payload_free(new);
     return NULL;
   }
@@ -81,16 +85,16 @@ SilcAuthPayload silc_auth_payload_parse(SilcBuffer buffer)
 
 SilcBuffer silc_auth_payload_encode(SilcAuthMethod method,
 				    unsigned char *random_data,
-				    unsigned short random_len,
+				    uint16 random_len,
 				    unsigned char *auth_data,
-				    unsigned short auth_len)
+				    uint16 auth_len)
 {
   SilcBuffer buffer;
-  unsigned int len;
+  uint32 len;
 
   SILC_LOG_DEBUG(("Encoding Authentication Payload"));
 
-  len = 4 + 4 + random_len + auth_len;
+  len = 2 + 2 + 2 + random_len + 2 + auth_len;
   buffer = silc_buffer_alloc(len);
   silc_buffer_pull_tail(buffer, SILC_BUFFER_END(buffer));
   silc_buffer_format(buffer,
@@ -122,6 +126,24 @@ void silc_auth_payload_free(SilcAuthPayload payload)
   }
 }
 
+/* Get authentication method */
+
+SilcAuthMethod silc_auth_get_method(SilcAuthPayload payload)
+{
+  return payload->auth_method;
+}
+
+/* Get the authentication data */
+
+unsigned char *silc_auth_get_data(SilcAuthPayload payload,
+				  uint32 *auth_len)
+{
+  if (auth_len)
+    *auth_len = payload->auth_len;
+
+  return payload->auth_data;
+}
+
 /******************************************************************************
 
                            Authentication Routines
@@ -134,12 +156,12 @@ void silc_auth_payload_free(SilcAuthPayload payload)
 static unsigned char *
 silc_auth_public_key_encode_data(SilcPublicKey public_key, 
 				 unsigned char *random,
-				 unsigned int random_len, void *id,
-				 SilcIdType type, unsigned int *ret_len)
+				 uint32 random_len, void *id,
+				 SilcIdType type, uint32 *ret_len)
 {
   SilcBuffer buf;
   unsigned char *pk, *id_data, *ret;
-  unsigned int pk_len, id_len;
+  uint32 pk_len, id_len;
 
   pk = silc_pkcs_public_key_encode(public_key, &pk_len);
   if (!pk)
@@ -150,9 +172,9 @@ silc_auth_public_key_encode_data(SilcPublicKey public_key,
     silc_free(pk);
     return NULL;
   }
-  id_len = silc_id_get_len(type);
+  id_len = silc_id_get_len(id, type);
 
-  buf = silc_buffer_alloc(random_len + pk_len);
+  buf = silc_buffer_alloc(random_len + id_len + pk_len);
   silc_buffer_pull_tail(buf, SILC_BUFFER_END(buf));
   silc_buffer_format(buf,
 		     SILC_STR_UI_XNSTRING(random, random_len),
@@ -160,7 +182,7 @@ silc_auth_public_key_encode_data(SilcPublicKey public_key,
 		     SILC_STR_UI_XNSTRING(pk, pk_len),
 		     SILC_STR_END);
   
-  ret = silc_calloc(buf->len, sizeof(*ret));
+  ret = silc_calloc(buf->len + 1, sizeof(*ret));
   memcpy(ret, buf->data, buf->len);
 
   if (ret_len)
@@ -178,14 +200,15 @@ silc_auth_public_key_encode_data(SilcPublicKey public_key,
    and the actual authentication data. Returns NULL on error. */
 
 SilcBuffer silc_auth_public_key_auth_generate(SilcPublicKey public_key,
+					      SilcPrivateKey private_key,
 					      SilcHash hash,
 					      void *id, SilcIdType type)
 {
   unsigned char *random;
-  unsigned char auth_data[32];
-  unsigned int auth_len;
+  unsigned char auth_data[1024];
+  uint32 auth_len;
   unsigned char *tmp;
-  unsigned int tmp_len;
+  uint32 tmp_len;
   SilcBuffer buf;
   SilcPKCS pkcs;
 
@@ -208,6 +231,8 @@ SilcBuffer silc_auth_public_key_auth_generate(SilcPublicKey public_key,
     silc_free(tmp);
     return NULL;
   }
+  silc_pkcs_public_key_set(pkcs, public_key);
+  silc_pkcs_private_key_set(pkcs, private_key);
 
   /* Compute the hash and the signature. */
   if (!silc_pkcs_sign_with_hash(pkcs, hash, tmp, tmp_len, auth_data,
@@ -235,14 +260,14 @@ SilcBuffer silc_auth_public_key_auth_generate(SilcPublicKey public_key,
 }
 
 /* Verifies the authentication data. Returns TRUE if authentication was
-   successfull. */
+   successful. */
 
 int silc_auth_public_key_auth_verify(SilcAuthPayload payload,
 				     SilcPublicKey public_key, SilcHash hash,
 				     void *id, SilcIdType type)
 {
   unsigned char *tmp;
-  unsigned int tmp_len;
+  uint32 tmp_len;
   SilcPKCS pkcs;
 
   SILC_LOG_DEBUG(("Verifying authentication data"));
@@ -262,6 +287,7 @@ int silc_auth_public_key_auth_verify(SilcAuthPayload payload,
     silc_free(tmp);
     return FALSE;
   }
+  silc_pkcs_public_key_set(pkcs, public_key);
 
   /* Verify the authentication data */
   if (!silc_pkcs_verify_with_hash(pkcs, hash, payload->auth_data,
@@ -278,7 +304,7 @@ int silc_auth_public_key_auth_verify(SilcAuthPayload payload,
   silc_free(tmp);
   silc_pkcs_free(pkcs);
 
-  SILC_LOG_DEBUG(("Authentication successfull"));
+  SILC_LOG_DEBUG(("Authentication successful"));
 
   return TRUE;
 }
@@ -293,7 +319,7 @@ int silc_auth_public_key_auth_verify_data(SilcBuffer payload,
   SilcAuthPayload auth_payload;
   int ret;
 
-  auth_payload = silc_auth_payload_parse(payload);
+  auth_payload = silc_auth_payload_parse(payload->data, payload->len);
   if (!auth_payload) {
     SILC_LOG_DEBUG(("Authentication failed"));
     return FALSE;
@@ -315,7 +341,7 @@ int silc_auth_public_key_auth_verify_data(SilcBuffer payload,
    `auth_data_len' is ignored. */
 
 int silc_auth_verify(SilcAuthPayload payload, SilcAuthMethod auth_method,
-		     void *auth_data, unsigned int auth_data_len, 
+		     void *auth_data, uint32 auth_data_len, 
 		     SilcHash hash, void *id, SilcIdType type)
 {
   SILC_LOG_DEBUG(("Verifying authentication"));
@@ -333,7 +359,7 @@ int silc_auth_verify(SilcAuthPayload payload, SilcAuthMethod auth_method,
     /* Passphrase based authentication. The `pkcs', `hash', `id' and `type'
        arguments are not needed. */
     if (!memcmp(payload->auth_data, auth_data, payload->auth_len)) {
-      SILC_LOG_DEBUG(("Authentication successfull"));
+      SILC_LOG_DEBUG(("Authentication successful"));
       return TRUE;
     }
     break;
@@ -355,29 +381,22 @@ int silc_auth_verify(SilcAuthPayload payload, SilcAuthMethod auth_method,
 
 /* Same as above but parses the authentication payload before verify. */
 
-int silc_auth_verify_data(unsigned char *payload, unsigned int payload_len,
+int silc_auth_verify_data(unsigned char *payload, uint32 payload_len,
 			  SilcAuthMethod auth_method, void *auth_data,
-			  unsigned int auth_data_len, SilcHash hash, 
+			  uint32 auth_data_len, SilcHash hash, 
 			  void *id, SilcIdType type)
 {
   SilcAuthPayload auth_payload;
-  SilcBuffer buffer;
   int ret;
 
-  buffer = silc_buffer_alloc(payload_len);
-  silc_buffer_pull_tail(buffer, SILC_BUFFER_END(buffer));
-  silc_buffer_put(buffer, payload, payload_len);
-  auth_payload = silc_auth_payload_parse(buffer);
-  if (!auth_payload) {
-    silc_buffer_free(buffer);
+  auth_payload = silc_auth_payload_parse(payload, payload_len);
+  if (!auth_payload)
     return FALSE;
-  }
 
   ret = silc_auth_verify(auth_payload, auth_method, auth_data, auth_data_len, 
 			 hash, id, type);
 
   silc_auth_payload_free(auth_payload);
-  silc_buffer_free(buffer);
 
   return ret;
 }
@@ -390,9 +409,9 @@ int silc_auth_verify_data(unsigned char *payload, unsigned int payload_len,
 
 /* The Key Agreement protocol structure */
 struct SilcKeyAgreementPayloadStruct {
-  unsigned short hostname_len;
+  uint16 hostname_len;
   unsigned char *hostname;
-  unsigned int port;
+  uint32 port;
 };
 
 /* Parses and returns an allocated Key Agreement payload. */
@@ -423,10 +442,10 @@ SilcKeyAgreementPayload silc_key_agreement_payload_parse(SilcBuffer buffer)
 /* Encodes the Key Agreement protocol and returns the encoded buffer */
 
 SilcBuffer silc_key_agreement_payload_encode(char *hostname,
-					     unsigned int port)
+					     uint32 port)
 {
   SilcBuffer buffer;
-  unsigned int len = hostname ? strlen(hostname) : 0;
+  uint32 len = hostname ? strlen(hostname) : 0;
 
   SILC_LOG_DEBUG(("Encoding Key Agreement Payload"));
 
@@ -460,7 +479,7 @@ char *silc_key_agreement_get_hostname(SilcKeyAgreementPayload payload)
 
 /* Returns the port in the payload */
 
-unsigned int silc_key_agreement_get_port(SilcKeyAgreementPayload payload)
+uint32 silc_key_agreement_get_port(SilcKeyAgreementPayload payload)
 {
   return payload->port;
 }