X-Git-Url: https://git.distorted.org.uk/~mdw/secnet/blobdiff_plain/34afe8d7b8a75eddd44cccb8e6d8d35fa17a47d9..refs/heads/mdw/xdh:/secnet.h

diff --git a/secnet.h b/secnet.h
index e253a14..e54dbbe 100644
--- a/secnet.h
+++ b/secnet.h
@@ -350,10 +350,12 @@ extern init_module transform_cbcmac_module;
 extern init_module netlink_module;
 extern init_module rsa_module;
 extern init_module dh_module;
+extern init_module xdh_module;
 extern init_module md5_module;
 extern init_module slip_module;
 extern init_module tun_module;
 extern init_module sha1_module;
+extern init_module sha512_module;
 extern init_module log_module;
 
 /***** END of module support *****/
@@ -402,8 +404,8 @@ struct resolver_if {
 
 /* RANDOMSRC interface */
 
-/* Return some random data. Returns TRUE for success. */
-typedef bool_t random_fn(void *st, int32_t bytes, uint8_t *buff);
+/* Return some random data. Cannot fail. */
+typedef void random_fn(void *st, int32_t bytes, uint8_t *buff);
 
 struct random_if {
     void *st;
@@ -574,8 +576,7 @@ struct transform_inst_if {
 
 struct transform_if {
     void *st;
-    int capab_transformnum;
-    int32_t keylen; /* <<< INT_MAX */
+    int capab_bit;
     transform_createinstance_fn *create;
 };
 
@@ -611,17 +612,32 @@ struct netlink_if {
 
 /* DH interface */
 
-/* Returns public key as a malloced hex string */
-typedef string_t dh_makepublic_fn(void *st, uint8_t *secret,
-				  int32_t secretlen);
-/* Fills buffer (up to buflen) with shared secret */
-typedef void dh_makeshared_fn(void *st, uint8_t *secret,
-			      int32_t secretlen, cstring_t rempublic,
-			      uint8_t *sharedsecret, int32_t buflen);
+/* Write public value corresponding to the secret to the public buffer, and
+ * return its actual length.  The size of the buffer is given in publiclen,
+ * which will be at least the public_len reported by the closure.  The
+ * secretlen will be the secret_len reported by the closure.  This operation
+ * is not expected to fail.
+ */
+typedef int32_t dh_makepublic_fn(void *st, void *public, int32_t publiclen,
+				 uint8_t *secret, int32_t secretlen);
+
+/* Fills buffer (up to buflen) with shared secret.  The publiclen comes from
+ * the remote site, and may not be acceptable, though it has been checked for
+ * memory-safety.  The secretlen and buflen are the secret_len and shared_len
+ * reported by the closure, respectively.  Return false on faliure (e.g., if
+ * the publiclen is unacceptable).
+ */
+typedef bool_t dh_makeshared_fn(void *st,
+				uint8_t *secret, int32_t secretlen,
+				const void *public, int32_t publiclen,
+				uint8_t *sharedsecret, int32_t buflen);
+
 struct dh_if {
     void *st;
-    int32_t len; /* Approximate size of modulus in bytes */
-    int32_t ceil_len; /* Number of bytes just sufficient to contain modulus */
+    int32_t secret_len; /* Size of random secret to generate */
+    int32_t public_len; /* Maximum number of bytes needed for public value */
+    int32_t shared_len; /* Size of generated shared secret */
+    int capab_bit;
     dh_makepublic_fn *makepublic;
     dh_makeshared_fn *makeshared;
 };