X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/ddb384f1ac7fbaed5a4dbb02ddc37d0713727be4..cc3e30a46963d98f41567893de22916c1a587ff7:/server/tripe.h

diff --git a/server/tripe.h b/server/tripe.h
index 60256f74..a967ae6d 100644
--- a/server/tripe.h
+++ b/server/tripe.h
@@ -156,16 +156,35 @@
 
 /*----- Cipher selections -------------------------------------------------*/
 
-typedef struct algswitch {
-  const gccipher *c;			/* Symmetric encryption scheme */
-  const gccipher *mgf;			/* Mask-generation function */
+typedef struct keyset keyset;
+typedef struct algswitch algswitch;
+
+typedef struct bulkcrypto {
+  const char *name;
+  unsigned prim;
+  int (*check)(const algswitch */*a*/, dstr */*e*/);
+  size_t (*overhead)(const algswitch */*a*/);
+  int (*encrypt)(keyset */*ks*/, unsigned /*ty*/, buf */*b*/, buf */*bb*/);
+  int (*decrypt)(keyset */*ks*/, unsigned /*ty*/,
+		 buf */*b*/, buf */*bb*/, uint32 */*seq*/);
+} bulkcrypto;
+
+#define BCP_CIPHER 1
+#define BCP_MAC 2
+#define BCP_BLKC 4
+
+struct algswitch {
   const gchash *h;			/* Hash function */
+  const gccipher *mgf;			/* Mask-generation function */
+  const struct bulkcrypto *bulk;	/* Bulk crypto transformation */
+  const gccipher *c;			/* Symmetric encryption scheme */
   const gcmac *m;			/* Message authentication code */
+  const gccipher *b;			/* Block cipher */
   size_t hashsz;			/* Hash output size */
   size_t tagsz;				/* Length to truncate MAC tags */
   size_t expsz;				/* Size of data to process */
-  size_t cksz, mksz;			/* Key lengths for @c@ and @m@ */
-} algswitch;
+  size_t cksz, mksz, bksz;		/* Key lengths for things */
+};
 
 typedef struct kdata {
   unsigned ref;				/* Reference counter */
@@ -191,6 +210,8 @@ typedef struct knode {
 
 #define HASH_STRING(h, s) GH_HASH((h), (s), sizeof(s))
 
+extern const struct bulkcrypto bulktab[];
+
 /*----- Data structures ---------------------------------------------------*/
 
 /* --- Socket addresses --- *
@@ -237,7 +258,7 @@ typedef struct seqwin {
  * expiry.
  */
 
-typedef struct keyset {
+struct keyset {
   struct keyset *next;			/* Next active keyset in the list */
   unsigned ref;				/* Reference count for keyset */
   struct peer *p;			/* Pointer to peer structure */
@@ -245,12 +266,16 @@ typedef struct keyset {
   unsigned long sz_exp, sz_regen;	/* Data limits for the keyset */
   T( unsigned seq; )			/* Sequence number for tracing */
   unsigned f;				/* Various useful flags */
-  gcipher *cin, *cout;			/* Keyset ciphers for encryption */
+  const bulkcrypto *bulk;		/* Bulk crypto transform */
   size_t tagsz;				/* Length to truncate MAC tags */
-  gmac *min, *mout;			/* Keyset MACs for integrity */
+  struct ksdir {
+    gcipher *c;				/* Keyset cipher for encryption */
+    gmac *m;				/* Keyset MAC for integrity */
+    gcipher *b;				/* Block cipher, just in case */
+  } in, out;
   uint32 oseq;				/* Outbound sequence number */
   seqwin iseq;				/* Inbound sequence number */
-} keyset;
+};
 
 #define KSF_LISTEN 1u			/* Don't encrypt packets yet */
 #define KSF_LINK 2u			/* Key is in a linked list */
@@ -551,7 +576,8 @@ extern unsigned tr_flags;		/* Trace options flags */
 
 /*----- Other macros ------------------------------------------------------*/
 
-#define TIMER noise_timer(RAND_GLOBAL)
+#define QUICKRAND							\
+  do { rand_quick(RAND_GLOBAL); noise_timer(RAND_GLOBAL); } while (0)
 
 /*----- Key management ----------------------------------------------------*/
 
@@ -777,6 +803,11 @@ extern void ks_activate(keyset */*ks*/);
  *		ought to be replaced' notification is only ever given once
  *		for each key.  Also note that this call forces a keyset to be
  *		used even if it's marked as not for data output.
+ *
+ *		The encryption transform is permitted to corrupt @buf_u@ for
+ *		its own purposes.  Neither the source nor destination should
+ *		be within @buf_u@; and callers mustn't expect anything stored
+ *		in @buf_u@ to still
  */
 
 extern int ks_encrypt(keyset */*ks*/, unsigned /*ty*/,
@@ -796,6 +827,11 @@ extern int ks_encrypt(keyset */*ks*/, unsigned /*ty*/,
  * Use:		Attempts to decrypt a message using a given key.  Note that
  *		requesting decryption with a key directly won't clear a
  *		marking that it's not for encryption.
+ *
+ *		The decryption transform is permitted to corrupt @buf_u@ for
+ *		its own purposes.  Neither the source nor destination should
+ *		be within @buf_u@; and callers mustn't expect anything stored
+ *		in @buf_u@ to still
  */
 
 extern int ks_decrypt(keyset */*ks*/, unsigned /*ty*/,
@@ -904,7 +940,7 @@ extern int c_check(buf */*b*/);
  *
  * Arguments:	@dstr *d@ = where to leave the formatted message
  *		@const char *fmt@ = pointer to format string
- *		@va_list ap@ = arguments in list
+ *		@va_list *ap@ = arguments in list
  *
  * Returns:	---
  *
@@ -929,7 +965,7 @@ extern int c_check(buf */*b*/);
  *		  * "[!]..." ... -- @dstr_putf@-like string as single token
  */
 
-extern void a_vformat(dstr */*d*/, const char */*fmt*/, va_list /*ap*/);
+extern void a_vformat(dstr */*d*/, const char */*fmt*/, va_list */*ap*/);
 
 /* --- @a_format@ --- *
  *