X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/1d27afe6fc7ec7ba96b1ea2b74e3500ea509fa76..7631176f5c140b9c77fa865ef3b2287fd574e4d7:/tripe.h

diff --git a/tripe.h b/tripe.h
index 2e1c630a..385c45a2 100644
--- a/tripe.h
+++ b/tripe.h
@@ -1,6 +1,6 @@
 /* -*-c-*-
  *
- * $Id: tripe.h,v 1.10 2002/01/13 14:54:58 mdw Exp $
+ * $Id: tripe.h,v 1.17 2003/10/15 09:30:18 mdw Exp $
  *
  * Main header file for TrIPE
  *
@@ -29,6 +29,29 @@
 /*----- Revision history --------------------------------------------------* 
  *
  * $Log: tripe.h,v $
+ * Revision 1.17  2003/10/15 09:30:18  mdw
+ * Add support for Ethereal protocol analysis.
+ *
+ * Revision 1.16  2003/07/13 11:19:49  mdw
+ * Incompatible protocol fix!  Include message type code under MAC tag to
+ * prevent cut-and-paste from key-exchange messages to general packet
+ * transport.
+ *
+ * Revision 1.15  2003/05/16 12:09:03  mdw
+ * Allow binding to a chosen address.
+ *
+ * Revision 1.14  2003/04/06 10:36:33  mdw
+ * Rearrange so as not to include Linux headers unless we need to.
+ *
+ * Revision 1.13  2003/04/06 10:26:35  mdw
+ * Report peer name on decrypt errors.
+ *
+ * Revision 1.12  2003/04/06 10:25:17  mdw
+ * Support Linux TUN/TAP device.  Fix some bugs.
+ *
+ * Revision 1.11  2002/01/13 14:57:42  mdw
+ * Fix crap typo.
+ *
  * Revision 1.10  2002/01/13 14:54:58  mdw
  * Provide MGF macros.
  *
@@ -118,6 +141,8 @@
 #include <mLib/sub.h>
 #include <mLib/trace.h>
 
+#include <catacomb/buf.h>
+
 #include <catacomb/gcipher.h>
 #include <catacomb/gmac.h>
 #include <catacomb/grand.h>
@@ -132,7 +157,7 @@
 #include <catacomb/mprand.h>
 #include <catacomb/dh.h>
 
-#include "buf.h"
+#include "tripe-protocol.h"
 #include "util.h"
 
 #undef sun
@@ -144,6 +169,7 @@
 #define TUN_NOTDEF 0
 #define TUN_UNET 1
 #define TUN_BSD 2
+#define TUN_LINUX 3
 
 /* --- Trace flags --- */
 
@@ -168,81 +194,6 @@
 
 #define PKBUFSZ 65536
 
-/*----- TrIPE protocol ----------------------------------------------------*/
-
-/* --- TrIPE message format --- *
- *
- * A packet begins with a single-byte message type.  The top four bits are a
- * category code used to send the message to the right general place in the
- * code; the bottom bits identify the actual message type.
- */
-
-#define MSG_CATMASK 0xf0
-#define MSG_TYPEMASK 0x0f
-
-/* --- Encrypted message packets --- *
- *
- * Messages of category @MSG_PACKET@ contain encrypted network packets.  The
- * message content is a symmetric-encrypted block (see below).  Reception of
- * a packet encrypted under a new key implicitly permits that key to be used
- * to send further packets.
- *
- * The only packet type accepted is zero.
- *
- * Packets may be encrypted under any live keyset, but should use the most
- * recent one.
- */
-
-#define MSG_PACKET 0x00
-
-/* --- Key exchange packets --- */
-
-#define MSG_KEYEXCH 0x10
-
-#define KX_PRECHAL 0u
-#define KX_COOKIE 1u
-#define KX_CHAL 2u
-#define KX_REPLY 3u
-#define KX_SWITCH 4u
-#define KX_SWITCHOK 5u
-#define KX_NMSG 6u
-
-/* --- Symmetric encryption and keysets --- *
- *
- * Packets consist of an 80-bit MAC, a 32-bit sequence number, and the
- * encrypted payload.
- *
- * The plaintext is encrypted using Blowfish in CBC mode with ciphertext
- * stealing (as described in [Schneier].  The initialization vector is
- * selected randomly, and prepended to the actual ciphertext.
- *
- * The MAC is computed using the HMAC construction with RIPEMD160 over the
- * sequence number and the ciphertext (with iV); the first 80 bits of the
- * output are used.  (This is the minimum allowed by the draft FIPS for HMAC,
- * and the recommended truncation.)
- *
- * A keyset consists of
- *
- *   * an integrity (MAC) key;
- *   * a confidentiality (encryption) key; and
- *   * a sequence numbering space
- *
- * in each direction.  The packets sent by a host encrypted under a
- * particular keyset are assigned consecutive sequence numbers starting from
- * zero.  The receiving host must ensure that it only accepts each packet at
- * most once.  It should maintain a window of sequence numbers: packets with
- * numbers beyond the end of the window are accepted and cause the window to
- * be advanced; packets with numbers before the start of the window are
- * rejected; packets with numbers which appear within the window are accepted
- * only if the number has not been seen before.
- *
- * When a host sends a @KX_SWITCH@ or @KX_SWITCHOK@ message, it installs the
- * newly-negotiated keyset in a `listen-only' state: it may not send a packet
- * encrypted under the keyset until either it has received a @KX_SWITCH@ or
- * @KX_SWITCHOK@ message, or a @MSG_PACKET@ encrypted under the keyset, from
- * its peer.
- */
-
 /*----- Cipher selections -------------------------------------------------*/
 
 #include <catacomb/blowfish.h>
@@ -297,6 +248,7 @@ typedef union addr {
 typedef struct keyset {
   struct keyset *next;			/* Next active keyset in the list */
   unsigned ref;				/* Reference count for keyset */
+  struct peer *p;			/* Pointer to peer structure */
   time_t t_exp;				/* Expiry time for this keyset */
   unsigned long sz_exp;			/* Data limit for the keyset */
   T( unsigned seq; )			/* Sequence number for tracing */
@@ -372,10 +324,19 @@ enum {
  * Used to maintain system-specific information about the tunnel interface.
  */
 
+#if TUN_TYPE == TUN_LINUX
+#  include <linux/if.h>
+#  include <linux/if_tun.h>
+#endif
+
 typedef struct tunnel {
-#if TUN_TYPE == TUN_UNET
+#if TUN_TYPE == TUN_UNET 
   sel_file f;				/* Selector for Usernet device */
   struct peer *p;			/* Pointer to my peer */
+#elif TUN_TYPE == TUN_LINUX
+  sel_file f;				/* Selector for TUN/TAP device */
+  struct peer *p;			/* Pointer to my peer */
+  char ifn[IFNAMSIZ];			/* Interface name buffer */
 #elif TUN_TYPE == TUN_BSD
   sel_file f;				/* Selector for tunnel device */
   struct peer *p;			/* Pointer to my peer */
@@ -595,6 +556,7 @@ extern void ks_drop(keyset */*ks*/);
  *
  * Arguments:	@const void *k@ = pointer to key material
  *		@size_t x, y, z@ = offsets into key material (see below)
+ *		@peer *p@ = pointer to peer information
  *
  * Returns:	A pointer to the new keyset.
  *
@@ -614,7 +576,8 @@ extern void ks_drop(keyset */*ks*/);
  */
 
 extern keyset *ks_gen(const void */*k*/,
-		      size_t /*x*/, size_t /*y*/, size_t /*z*/);
+		      size_t /*x*/, size_t /*y*/, size_t /*z*/,
+		      peer */*p*/);
 
 /* --- @ks_tregen@ --- *
  *
@@ -640,6 +603,7 @@ extern void ks_activate(keyset */*ks*/);
 /* --- @ks_encrypt@ --- *
  *
  * Arguments:	@keyset *ks@ = pointer to a keyset
+ *		@unsigned ty@ = message type
  *		@buf *b@ = pointer to input buffer
  *		@buf *bb@ = pointer to output buffer
  *
@@ -653,11 +617,13 @@ extern void ks_activate(keyset */*ks*/);
  *		used even if it's marked as not for data output.
  */
 
-extern int ks_encrypt(keyset */*ks*/, buf */*b*/, buf */*bb*/);
+extern int ks_encrypt(keyset */*ks*/, unsigned /*ty*/,
+		      buf */*b*/, buf */*bb*/);
 
 /* --- @ks_decrypt@ --- *
  *
  * Arguments:	@keyset *ks@ = pointer to a keyset
+ *		@unsigned ty@ = expected type code
  *		@buf *b@ = pointer to an input buffer
  *		@buf *bb@ = pointer to an output buffer
  *
@@ -668,7 +634,8 @@ extern int ks_encrypt(keyset */*ks*/, buf */*b*/, buf */*bb*/);
  *		marking that it's not for encryption.
  */
 
-extern int ks_decrypt(keyset */*ks*/, buf */*b*/, buf */*bb*/);
+extern int ks_decrypt(keyset */*ks*/, unsigned /*ty*/,
+		      buf */*b*/, buf */*bb*/);
 
 /* --- @ksl_free@ --- *
  *
@@ -709,6 +676,7 @@ extern void ksl_prune(keyset **/*ksroot*/);
 /* --- @ksl_encrypt@ --- *
  *
  * Arguments:	@keyset **ksroot@ = pointer to keyset list head
+ *		@unsigned ty@ = message type
  *		@buf *b@ = pointer to input buffer
  *		@buf *bb@ = pointer to output buffer
  *
@@ -717,11 +685,13 @@ extern void ksl_prune(keyset **/*ksroot*/);
  * Use:		Encrypts a packet.
  */
 
-extern int ksl_encrypt(keyset **/*ksroot*/, buf */*b*/, buf */*bb*/);
+extern int ksl_encrypt(keyset **/*ksroot*/, unsigned /*ty*/,
+		       buf */*b*/, buf */*bb*/);
 
 /* --- @ksl_decrypt@ --- *
  *
  * Arguments:	@keyset **ksroot@ = pointer to keyset list head
+ *		@unsigned ty@ = expected type code
  *		@buf *b@ = pointer to input buffer
  *		@buf *bb@ = pointer to output buffer
  *
@@ -730,7 +700,8 @@ extern int ksl_encrypt(keyset **/*ksroot*/, buf */*b*/, buf */*bb*/);
  * Use:		Decrypts a packet.
  */
 
-extern int ksl_decrypt(keyset **/*ksroot*/, buf */*b*/, buf */*bb*/);
+extern int ksl_decrypt(keyset **/*ksroot*/, unsigned /*ty*/,
+		       buf */*b*/, buf */*bb*/);
 
 /*----- Administration interface ------------------------------------------*/
 
@@ -868,14 +839,15 @@ extern const addr *p_addr(peer */*p*/);
 
 /* --- @p_init@ --- *
  *
- * Arguments:	@unsigned port@ = port number to listen to
+ * Arguments:	@struct in_addr addr@ = address to bind to
+ *		@unsigned port@ = port number to listen to
  *
  * Returns:	---
  *
  * Use:		Initializes the peer system; creates the socket.
  */
 
-extern void p_init(unsigned /*port*/);
+extern void p_init(struct in_addr /*addr*/, unsigned /*port*/);
 
 /* --- @p_port@ --- *
  *