X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/61682d3405e6b7c72ec8295fec1467333e336b65..799e58b96ef4948629d5e1b5401f537d74082ab7:/server/tripe.h diff --git a/server/tripe.h b/server/tripe.h index 2ffe978f..217a88df 100644 --- a/server/tripe.h +++ b/server/tripe.h @@ -155,6 +155,26 @@ typedef struct algswitch { extern algswitch algs; +typedef struct kdata { + unsigned ref; /* Reference counter */ + struct knode *kn; /* Pointer to cache entry */ + char *tag; /* Full tag name of the key */ + group *g; /* The group we work in */ + size_t indexsz; /* Size of exponent for the group */ + mp *kpriv; /* The private key (or null) */ + ge *kpub; /* The public key */ + time_t t_exp; /* Expiry time of the key */ + algswitch algs; /* Collection of algorithms */ +} kdata; + +typedef struct knode { + sym_base _b; /* Symbol table intrusion */ + unsigned f; /* Various flags */ +#define KNF_BROKEN 1u /* Don't use this key any more */ + struct keyhalf *kh; /* Pointer to the home keyhalf */ + kdata *kd; /* Pointer to the key data */ +} knode; + #define MAXHASHSZ 64 /* Largest possible hash size */ #define HASH_STRING(h, s) GH_HASH((h), (s), sizeof(s)) @@ -506,6 +526,8 @@ extern ge *kpub; /* Our public key */ extern octet buf_i[PKBUFSZ], buf_o[PKBUFSZ], buf_t[PKBUFSZ], buf_u[PKBUFSZ]; extern const tunnel_ops *tunnels[]; /* Table of tunnels (0-term) */ extern const tunnel_ops *tun_default; /* Default tunnel to use */ +extern kdata *master; /* Default private key */ +extern const char *tag_priv; /* Default private key tag */ #ifndef NTRACE extern const trace_opt tr_opts[]; /* Trace options array */ @@ -518,6 +540,21 @@ extern unsigned tr_flags; /* Trace options flags */ /*----- Key management ----------------------------------------------------*/ +/* --- @km_init@ --- * + * + * Arguments: @const char *privkr@ = private keyring file + * @const char *pubkr@ = public keyring file + * @const char *ptag@ = default private-key tag + * + * Returns: --- + * + * Use: Initializes the key-management machinery, loading the + * keyrings and so on. + */ + +extern void km_init(const char */*privkr*/, const char */*pubkr*/, + const char */*ptag*/); + /* --- @km_reload@ --- * * * Arguments: --- @@ -529,19 +566,60 @@ extern unsigned tr_flags; /* Trace options flags */ extern int km_reload(void); -/* --- @km_init@ --- * +/* --- @km_findpub@, @km_findpriv@ --- * + * + * Arguments: @const char *tag@ = key tag to load + * + * Returns: Pointer to the kdata object if successful, or null on error. + * + * Use: Fetches a public or private key from the keyring. + */ + +extern kdata *km_findpub(const char */*tag*/); +extern kdata *km_findpriv(const char */*tag*/); + +/* --- @km_samealgsp@ --- * + * + * Arguments: @const kdata *kdx, *kdy@ = two key data objects * - * Arguments: @const char *kr_priv@ = private keyring file - * @const char *kr_pub@ = public keyring file - * @const char *tag@ = tag to load + * Returns: Nonzero if their two algorithm selections are the same. + * + * Use: Checks sameness of algorithm selections: used to ensure that + * peers are using sensible algorithms. + */ + +extern int km_samealgsp(const kdata */*kdx*/, const kdata */*kdy*/); + +/* --- @km_ref@ --- * + * + * Arguments: @kdata *kd@ = pointer to the kdata object * * Returns: --- * - * Use: Initializes, and loads the private key. + * Use: Claim a new reference to a kdata object. + */ + +extern void km_ref(kdata */*kd*/); + +/* --- @km_unref@ --- * + * + * Arguments: @kdata *kd@ = pointer to the kdata object + * + * Returns: --- + * + * Use: Releases a reference to a kdata object. + */ + +extern void km_unref(kdata */*kd*/); + +/* --- @km_tag@ --- * + * + * Arguments: @kdata *kd@ - pointer to the kdata object + * + * Returns: A pointer to the short tag by which the kdata was loaded. */ -extern void km_init(const char */*kr_priv*/, const char */*kr_pub*/, - const char */*tag*/); +extern const char *km_tag(kdata */*kd*/); /* --- @km_getpubkey@ --- * * @@ -551,7 +629,8 @@ extern void km_init(const char */*kr_priv*/, const char */*kr_pub*/, * * Returns: Zero if OK, nonzero if it failed. * - * Use: Fetches a public key from the keyring. + * Use: Fetches a public key from the keyring. (Temporary + * compatibility hack.) */ extern int km_getpubkey(const char */*tag*/, ge */*kpub*/,