/* -*-c-*-
*
- * $Id: tripe.h,v 1.14 2003/04/06 10:36:33 mdw Exp $
+ * $Id: tripe.h,v 1.17 2003/10/15 09:30:18 mdw Exp $
*
* Main header file for TrIPE
*
/*----- Revision history --------------------------------------------------*
*
* $Log: tripe.h,v $
+ * Revision 1.17 2003/10/15 09:30:18 mdw
+ * Add support for Ethereal protocol analysis.
+ *
+ * Revision 1.16 2003/07/13 11:19:49 mdw
+ * Incompatible protocol fix! Include message type code under MAC tag to
+ * prevent cut-and-paste from key-exchange messages to general packet
+ * transport.
+ *
+ * Revision 1.15 2003/05/16 12:09:03 mdw
+ * Allow binding to a chosen address.
+ *
* Revision 1.14 2003/04/06 10:36:33 mdw
* Rearrange so as not to include Linux headers unless we need to.
*
#include <mLib/sub.h>
#include <mLib/trace.h>
+#include <catacomb/buf.h>
+
#include <catacomb/gcipher.h>
#include <catacomb/gmac.h>
#include <catacomb/grand.h>
#include <catacomb/mprand.h>
#include <catacomb/dh.h>
-#include "buf.h"
+#include "tripe-protocol.h"
#include "util.h"
#undef sun
#define PKBUFSZ 65536
-/*----- TrIPE protocol ----------------------------------------------------*/
-
-/* --- TrIPE message format --- *
- *
- * A packet begins with a single-byte message type. The top four bits are a
- * category code used to send the message to the right general place in the
- * code; the bottom bits identify the actual message type.
- */
-
-#define MSG_CATMASK 0xf0
-#define MSG_TYPEMASK 0x0f
-
-/* --- Encrypted message packets --- *
- *
- * Messages of category @MSG_PACKET@ contain encrypted network packets. The
- * message content is a symmetric-encrypted block (see below). Reception of
- * a packet encrypted under a new key implicitly permits that key to be used
- * to send further packets.
- *
- * The only packet type accepted is zero.
- *
- * Packets may be encrypted under any live keyset, but should use the most
- * recent one.
- */
-
-#define MSG_PACKET 0x00
-
-/* --- Key exchange packets --- */
-
-#define MSG_KEYEXCH 0x10
-
-#define KX_PRECHAL 0u
-#define KX_COOKIE 1u
-#define KX_CHAL 2u
-#define KX_REPLY 3u
-#define KX_SWITCH 4u
-#define KX_SWITCHOK 5u
-#define KX_NMSG 6u
-
-/* --- Symmetric encryption and keysets --- *
- *
- * Packets consist of an 80-bit MAC, a 32-bit sequence number, and the
- * encrypted payload.
- *
- * The plaintext is encrypted using Blowfish in CBC mode with ciphertext
- * stealing (as described in [Schneier]. The initialization vector is
- * selected randomly, and prepended to the actual ciphertext.
- *
- * The MAC is computed using the HMAC construction with RIPEMD160 over the
- * sequence number and the ciphertext (with IV); the first 80 bits of the
- * output are used. (This is the minimum allowed by the draft FIPS for HMAC,
- * and the recommended truncation.)
- *
- * A keyset consists of
- *
- * * an integrity (MAC) key;
- * * a confidentiality (encryption) key; and
- * * a sequence numbering space
- *
- * in each direction. The packets sent by a host encrypted under a
- * particular keyset are assigned consecutive sequence numbers starting from
- * zero. The receiving host must ensure that it only accepts each packet at
- * most once. It should maintain a window of sequence numbers: packets with
- * numbers beyond the end of the window are accepted and cause the window to
- * be advanced; packets with numbers before the start of the window are
- * rejected; packets with numbers which appear within the window are accepted
- * only if the number has not been seen before.
- *
- * When a host sends a @KX_SWITCH@ or @KX_SWITCHOK@ message, it installs the
- * newly-negotiated keyset in a `listen-only' state: it may not send a packet
- * encrypted under the keyset until either it has received a @KX_SWITCH@ or
- * @KX_SWITCHOK@ message, or a @MSG_PACKET@ encrypted under the keyset, from
- * its peer.
- */
-
/*----- Cipher selections -------------------------------------------------*/
#include <catacomb/blowfish.h>
/* --- @ks_encrypt@ --- *
*
* Arguments: @keyset *ks@ = pointer to a keyset
+ * @unsigned ty@ = message type
* @buf *b@ = pointer to input buffer
* @buf *bb@ = pointer to output buffer
*
* used even if it's marked as not for data output.
*/
-extern int ks_encrypt(keyset */*ks*/, buf */*b*/, buf */*bb*/);
+extern int ks_encrypt(keyset */*ks*/, unsigned /*ty*/,
+ buf */*b*/, buf */*bb*/);
/* --- @ks_decrypt@ --- *
*
* Arguments: @keyset *ks@ = pointer to a keyset
+ * @unsigned ty@ = expected type code
* @buf *b@ = pointer to an input buffer
* @buf *bb@ = pointer to an output buffer
*
* marking that it's not for encryption.
*/
-extern int ks_decrypt(keyset */*ks*/, buf */*b*/, buf */*bb*/);
+extern int ks_decrypt(keyset */*ks*/, unsigned /*ty*/,
+ buf */*b*/, buf */*bb*/);
/* --- @ksl_free@ --- *
*
/* --- @ksl_encrypt@ --- *
*
* Arguments: @keyset **ksroot@ = pointer to keyset list head
+ * @unsigned ty@ = message type
* @buf *b@ = pointer to input buffer
* @buf *bb@ = pointer to output buffer
*
* Use: Encrypts a packet.
*/
-extern int ksl_encrypt(keyset **/*ksroot*/, buf */*b*/, buf */*bb*/);
+extern int ksl_encrypt(keyset **/*ksroot*/, unsigned /*ty*/,
+ buf */*b*/, buf */*bb*/);
/* --- @ksl_decrypt@ --- *
*
* Arguments: @keyset **ksroot@ = pointer to keyset list head
+ * @unsigned ty@ = expected type code
* @buf *b@ = pointer to input buffer
* @buf *bb@ = pointer to output buffer
*
* Use: Decrypts a packet.
*/
-extern int ksl_decrypt(keyset **/*ksroot*/, buf */*b*/, buf */*bb*/);
+extern int ksl_decrypt(keyset **/*ksroot*/, unsigned /*ty*/,
+ buf */*b*/, buf */*bb*/);
/*----- Administration interface ------------------------------------------*/
/* --- @p_init@ --- *
*
- * Arguments: @unsigned port@ = port number to listen to
+ * Arguments: @struct in_addr addr@ = address to bind to
+ * @unsigned port@ = port number to listen to
*
* Returns: ---
*
* Use: Initializes the peer system; creates the socket.
*/
-extern void p_init(unsigned /*port*/);
+extern void p_init(struct in_addr /*addr*/, unsigned /*port*/);
/* --- @p_port@ --- *
*