X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/5b9f3d3788bafcba79c893b1afc6a1c77bc77d20..b8f727eb436070ed90eb90c725e30c5e913b8ab9:/server/tripe.h

diff --git a/server/tripe.h b/server/tripe.h
index d8b35de7..75ad2f1f 100644
--- a/server/tripe.h
+++ b/server/tripe.h
@@ -9,19 +9,18 @@
  *
  * This file is part of Trivial IP Encryption (TrIPE).
  *
- * TrIPE is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
+ * TrIPE is free software: you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 3 of the License, or (at your
+ * option) any later version.
  *
- * TrIPE is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
+ * TrIPE is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
  *
  * You should have received a copy of the GNU General Public License
- * along with TrIPE; if not, write to the Free Software Foundation,
- * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ * along with TrIPE.  If not, see <https://www.gnu.org/licenses/>.
  */
 
 #ifndef TRIPE_H
@@ -67,6 +66,7 @@
 #include <mLib/arena.h>
 #include <mLib/base64.h>
 #include <mLib/bres.h>
+#include <mLib/codec.h>
 #include <mLib/daemonize.h>
 #include <mLib/dstr.h>
 #include <mLib/env.h>
@@ -91,11 +91,14 @@
 #include <catacomb/buf.h>
 #include <catacomb/ct.h>
 
+#include <catacomb/chacha.h>
 #include <catacomb/gcipher.h>
 #include <catacomb/gmac.h>
 #include <catacomb/grand.h>
 #include <catacomb/key.h>
 #include <catacomb/paranoia.h>
+#include <catacomb/poly1305.h>
+#include <catacomb/salsa20.h>
 
 #include <catacomb/noise.h>
 #include <catacomb/rand.h>
@@ -107,6 +110,8 @@
 #include <catacomb/ec.h>
 #include <catacomb/ec-raw.h>
 #include <catacomb/ec-keys.h>
+#include <catacomb/x25519.h>
+#include <catacomb/x448.h>
 
 #include "priv.h"
 #include "protocol.h"
@@ -176,6 +181,16 @@ enum {
   DHFMT_VAR		       /* Variable-width-format, mostly a bad idea */
 };
 
+typedef struct deriveargs {
+  const char *what;			/* Operation name (hashed) */
+  unsigned f;				/* Flags */
+#define DF_IN 1u			/*   Make incoming key */
+#define DF_OUT 2u			/*   Make outgoing key */
+  const gchash *hc;			/* Hash class */
+  const octet *k;			/* Pointer to contributions */
+  size_t x, y, z;			/* Markers in contributions */
+} deriveargs;
+
 typedef struct bulkalgs {
   const struct bulkops *ops;
 } bulkalgs;
@@ -189,15 +204,13 @@ typedef struct bulkchal {
   size_t tagsz;
 } bulkchal;
 
-struct rawkey;
-
 typedef struct dhops {
   const char *name;
 
   int (*ldpriv)(key_file */*kf*/, key */*k*/, key_data */*d*/,
 		kdata */*kd*/, dstr */*t*/, dstr */*e*/);
 	/* Load a private key from @d@, storing the data in @kd@.  The key's
-	 * file and key object are in @kf@ and @k, mostly in case its
+	 * file and key object are in @kf@ and @k@, mostly in case its
 	 * attributes are interesting; the key tag is in @t@; errors are
 	 * reported by writing tokens to @e@ and returning nonzero.
 	 */
@@ -205,7 +218,7 @@ typedef struct dhops {
   int (*ldpub)(key_file */*kf*/, key */*k*/, key_data */*d*/,
 	       kdata */*kd*/, dstr */*t*/, dstr */*e*/);
 	/* Load a public key from @d@, storing the data in @kd@.  The key's
-	 * file and key object are in @kf@ and @k, mostly in case its
+	 * file and key object are in @kf@ and @k@, mostly in case its
 	 * attributes are interesting; the key tag is in @t@; errors are
 	 * reported by writing tokens to @e@ and returning nonzero.
 	 */
@@ -320,9 +333,17 @@ typedef struct bulkops {
 	 * after which the keys must no longer be used.
 	 */
 
-  bulkctx *(*genkeys)(const bulkalgs */*a*/, const struct rawkey */*rk*/);
+  bulkctx *(*genkeys)(const bulkalgs */*a*/, const deriveargs */*a*/);
 	/* Generate session keys and construct and return an appropriate
-	 * context for using them, by calling @ks_derive@.
+	 * context for using them.  The offsets @a->x@, @a->y@ and @a->z@
+	 * separate the key material into three parts.  Between @a->k@ and
+	 * @a->k + a->x@ is `my' contribution to the key material; between
+	 * @a->k + a->x@ and @a->k + a->y@ is `your' contribution; and
+	 * between @a->k + a->y@ and @a->k + a->z@ is a shared value we made
+	 * together.  These are used to construct (up to) two collections of
+	 * symmetric keys: one for outgoing messages, the other for incoming
+	 * messages.  If @a->x == 0@ (or @a->y == a->x@) then my (or your)
+	 * contribution is omitted.
 	 */
 
   bulkchal *(*genchal)(const bulkalgs */*a*/);
@@ -590,7 +611,6 @@ typedef struct peerspec {
   const tunnel_ops *tops;		/* Tunnel operations */
   unsigned long t_ka;			/* Keep alive interval */
   addr sa;				/* Socket address to speak to */
-  size_t sasz;				/* Socket address size */
   unsigned f;				/* Flags for the peer */
 #define PSF_KXMASK 255u			/*   Key-exchange flags to set */
 #define PSF_MOBILE 256u			/*   Address may change rapidly */
@@ -737,7 +757,7 @@ struct admin {
 #define AF_NOTE 4u			/* Catch notifications */
 #define AF_WARN 8u			/* Catch warning messages */
 #ifndef NTRACE
-  #define AF_TRACE 16u			/* Catch tracing */
+#  define AF_TRACE 16u			/* Catch tracing */
 #endif
 #define AF_FOREGROUND 32u		/* Quit server when client closes */
 
@@ -935,53 +955,23 @@ extern int kx_init(keyexch */*kx*/, peer */*p*/,
 
 extern void ks_drop(keyset */*ks*/);
 
-/* --- @ks_derivekey@ --- *
- *
- * Arguments:	@octet *k@ = pointer to an output buffer of at least
- *			@MAXHASHSZ@ bytes
- *		@size_t ksz@ = actual size wanted (for tracing)
- *		@const struct rawkey *rk@ = a raw key, as passed into
- *			@genkeys@
- *		@int dir@ = direction for the key (@DIR_IN@ or @DIR_OUT@)
- *		@const char *what@ = label for the key (input to derivation)
- *
- * Returns:	---
- *
- * Use:		Derives a session key, for use on incoming or outgoing data.
- *		This function is part of a private protocol between @ks_gen@
- *		and the bulk crypto transform @genkeys@ operation.
- */
-
-extern void ks_derivekey(octet */*k*/, size_t /*ksz*/,
-			 const struct rawkey */*rk*/,
-			 int /*dir*/, const char */*what*/);
-
 /* --- @ks_gen@ --- *
  *
- * Arguments:	@const void *k@ = pointer to key material
- *		@size_t x, y, z@ = offsets into key material (see below)
+ * Arguments:	@deriveargs *a@ = key derivation parameters (modified)
  *		@peer *p@ = pointer to peer information
  *
  * Returns:	A pointer to the new keyset.
  *
- * Use:		Derives a new keyset from the given key material.  The
- *		offsets @x@, @y@ and @z@ separate the key material into three
- *		parts.  Between the @k@ and @k + x@ is `my' contribution to
- *		the key material; between @k + x@ and @k + y@ is `your'
- *		contribution; and between @k + y@ and @k + z@ is a shared
- *		value we made together.  These are used to construct two
- *		pairs of symmetric keys.  Each pair consists of an encryption
- *		key and a message authentication key.  One pair is used for
- *		outgoing messages, the other for incoming messages.
+ * Use:		Derives a new keyset from the given key material.  This will
+ *		set the @what@, @f@, and @hc@ members in @*a@; other members
+ *		must be filled in by the caller.
  *
  *		The new key is marked so that it won't be selected for output
  *		by @ksl_encrypt@.  You can still encrypt data with it by
  *		calling @ks_encrypt@ directly.
  */
 
-extern keyset *ks_gen(const void */*k*/,
-		      size_t /*x*/, size_t /*y*/, size_t /*z*/,
-		      peer */*p*/);
+extern keyset *ks_gen(deriveargs */*a*/, peer */*p*/);
 
 /* --- @ks_activate@ --- *
  *
@@ -1406,6 +1396,19 @@ extern void ps_quit(void);
 
 /*----- Peer management ---------------------------------------------------*/
 
+/* --- @p_updateaddr@ --- *
+ *
+ * Arguments:	@peer *p@ = pointer to peer block
+ *		@const addr *a@ = address to associate with this peer
+ *
+ * Returns:	Zero if the address was changed; @+1@ if it was already
+ *		right.
+ *
+ * Use:		Updates our idea of @p@'s address.
+ */
+
+extern int p_updateaddr(peer */*p*/, const addr */*a*/);
+
 /* --- @p_txstart@ --- *
  *
  * Arguments:	@peer *p@ = pointer to peer block
@@ -1726,6 +1729,15 @@ extern const char *timestr(time_t /*t*/);
 
 extern int mystrieq(const char */*x*/, const char */*y*/);
 
+/* --- @addrsz@ --- *
+ *
+ * Arguments:	@const addr *a@ = a network address
+ *
+ * Returns:	The size of the address, for passing into the sockets API.
+ */
+
+extern socklen_t addrsz(const addr */*a*/);
+
 /* --- @seq_reset@ --- *
  *
  * Arguments:	@seqwin *s@ = sequence-checking window