#define KSF_LISTEN 1u /* Don't encrypt packets yet */
#define KSF_LINK 2u /* Key is in a linked list */
+#define KSERR_REGEN -1 /* Regenerate keys */
+#define KSERR_NOKEYS -2 /* No keys left */
+#define KSERR_DECRYPT -3 /* Unable to decrypt message */
+
/* --- Key exchange --- *
*
* TrIPE uses the Wrestlers Protocol for its key exchange. The Wrestlers
#ifndef NTRACE
#define AF_TRACE 16u /* Catch tracing */
#endif
+#define AF_FOREGROUND 32u /* Quit server when client closes */
#ifndef NTRACE
# define AF_ALLMSGS (AF_NOTE | AF_TRACE | AF_WARN)
extern size_t indexsz; /* Size of exponent for the group */
extern mp *kpriv; /* Our private key */
extern ge *kpub; /* Our public key */
-extern octet buf_i[PKBUFSZ], buf_o[PKBUFSZ], buf_t[PKBUFSZ];
+extern octet buf_i[PKBUFSZ], buf_o[PKBUFSZ], buf_t[PKBUFSZ], buf_u[PKBUFSZ];
extern const tunnel_ops *tunnels[]; /* Table of tunnels (0-term) */
extern const tunnel_ops *tun_default; /* Default tunnel to use */
* @buf *b@ = pointer to input buffer
* @buf *bb@ = pointer to output buffer
*
- * Returns: Zero if OK, nonzero if the key needs replacing. If the
- * encryption failed, the output buffer is broken and zero is
- * returned.
+ * Returns: Zero if successful; @KSERR_REGEN@ if we should negotiate a
+ * new key; @KSERR_NOKEYS@ if the key is not usable. Also
+ * returns zero if there was insufficient buffer (but the output
+ * buffer is broken in this case).
*
* Use: Encrypts a block of data using the key. Note that the `key
* ought to be replaced' notification is only ever given once
* @buf *b@ = pointer to an input buffer
* @buf *bb@ = pointer to an output buffer
*
- * Returns: Zero on success, or nonzero if there was some problem.
+ * Returns: Zero on success; @KSERR_DECRYPT@ on failure. Also returns
+ * zero if there was insufficient buffer (but the output buffer
+ * is broken in this case).
*
* Use: Attempts to decrypt a message using a given key. Note that
* requesting decryption with a key directly won't clear a
* @buf *b@ = pointer to input buffer
* @buf *bb@ = pointer to output buffer
*
- * Returns: Nonzero if a new key is needed.
+ * Returns: Zero if successful; @KSERR_REGEN@ if it's time to negotiate a
+ * new key; @KSERR_NOKEYS@ if there are no suitable keys
+ * available. Also returns zero if there was insufficient
+ * buffer space (but the output buffer is broken in this case).
*
* Use: Encrypts a packet.
*/
* @buf *b@ = pointer to input buffer
* @buf *bb@ = pointer to output buffer
*
- * Returns: Nonzero if the packet couldn't be decrypted.
+ * Returns: Zero on success; @KSERR_DECRYPT@ on failure. Also returns
+ * zero if there was insufficient buffer (but the output buffer
+ * is broken in this case).
*
* Use: Decrypts a packet.
*/
* Returns: A pointer to the integer's textual representation.
*
* Use: Converts a multiprecision integer to a string. Corrupts
- * @buf_t@.
+ * @buf_u@.
*/
extern const char *mpstr(mp */*m*/);
* Returns: A pointer to the element's textual representation.
*
* Use: Converts a group element to a string. Corrupts
- * @buf_t@.
+ * @buf_u@.
*/
extern const char *gestr(group */*g*/, ge */*x*/);
* Returns: A pointer to a textual representation of the time.
*
* Use: Converts a time to a textual representation. Corrupts
- * @buf_t@.
+ * @buf_u@.
*/
extern const char *timestr(time_t /*t*/);
~mdw / tripe / blobdiff