X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/ef09dae1af4f84ae093aa071f475d9dd1fc6b1bc..fb6a9f13a40d1b9e797b4fe858a06cfdbcc1109b:/server/tripe.h diff --git a/server/tripe.h b/server/tripe.h index 75ad2f1f..d3dce08b 100644 --- a/server/tripe.h +++ b/server/tripe.h @@ -376,15 +376,16 @@ typedef struct bulkops { /* Release a bulk encryption context and the resources it holds. */ int (*chaltag)(bulkchal */*bc*/, const void */*m*/, size_t /*msz*/, - void */*t*/); - /* Calculate a tag for the challenge in @m@, @msz@, and write it to - * @t@. Return @-1@ on error, zero on success. + uint32 /*seq*/, void */*t*/); + /* Calculate a tag for the challenge in @m@, @msz@, with the sequence + * number @seq@, and write it to @t@. Return @-1@ on error, zero on + * success. */ int (*chalvrf)(bulkchal */*bc*/, const void */*m*/, size_t /*msz*/, - const void */*t*/); - /* Check the tag @t@ on @m@, @msz@: return zero if the tag is OK, - * nonzero if it's bad. + uint32 /*seq*/, const void */*t*/); + /* Check the tag @t@ on @m@, @msz@ and @seq@: return zero if the tag + * is OK, nonzero if it's bad. */ void (*freechal)(bulkchal */*bc*/); @@ -401,6 +402,7 @@ struct algswitch { struct kdata { unsigned ref; /* Reference counter */ struct knode *kn; /* Pointer to cache entry */ + uint32 id; /* The underlying key's id */ char *tag; /* Full tag name of the key */ dhgrp *grp; /* The group we work in */ dhsc *k; /* The private key (or null) */ @@ -826,6 +828,19 @@ extern int km_reload(void); extern kdata *km_findpub(const char */*tag*/); extern kdata *km_findpriv(const char */*tag*/); +/* --- @km_findpubbyid@, @km_findprivbyid@ --- * + * + * Arguments: @uint32 id@ = key id to load + * + * Returns: Pointer to the kdata object if successful, or null on error. + * + * Use: Fetches a public or private key from the keyring given its + * numeric id. + */ + +extern kdata *km_findpubbyid(uint32 /*id*/); +extern kdata *km_findprivbyid(uint32 /*id*/); + /* --- @km_samealgsp@ --- * * * Arguments: @const kdata *kdx, *kdy@ = two key data objects @@ -924,7 +939,7 @@ extern void kx_free(keyexch */*kx*/); extern void kx_newkeys(keyexch */*kx*/); -/* --- @kx_init@ --- * +/* --- @kx_setup@ --- * * * Arguments: @keyexch *kx@ = pointer to key exchange context * @peer *p@ = pointer to peer context @@ -938,8 +953,8 @@ extern void kx_newkeys(keyexch */*kx*/); * exchange. */ -extern int kx_init(keyexch */*kx*/, peer */*p*/, - keyset **/*ks*/, unsigned /*f*/); +extern int kx_setup(keyexch */*kx*/, peer */*p*/, + keyset **/*ks*/, unsigned /*f*/); /*----- Keysets and symmetric cryptography --------------------------------*/ @@ -1110,25 +1125,29 @@ extern int ksl_decrypt(keyset **/*ksroot*/, unsigned /*ty*/, /* --- @c_new@ --- * * - * Arguments: @buf *b@ = where to put the challenge + * Arguments: @const void *m@ = pointer to associated message, or null + * @size_t msz@ = length of associated message + * @buf *b@ = where to put the challenge * * Returns: Zero if OK, nonzero on error. * * Use: Issues a new challenge. */ -extern int c_new(buf */*b*/); +extern int c_new(const void */*m*/, size_t /*msz*/, buf */*b*/); /* --- @c_check@ --- * * - * Arguments: @buf *b@ = where to find the challenge + * Arguments: @const void *m@ = pointer to associated message, or null + * @size_t msz@ = length of associated message + * @buf *b@ = where to find the challenge * * Returns: Zero if OK, nonzero if it didn't work. * * Use: Checks a challenge. On failure, the buffer is broken. */ -extern int c_check(buf */*b*/); +extern int c_check(const void */*m*/, size_t /*msz*/, buf */*b*/); /*----- Administration interface ------------------------------------------*/ @@ -1763,6 +1782,75 @@ extern void seq_reset(seqwin */*s*/); extern int seq_check(seqwin */*s*/, uint32 /*q*/, const char */*service*/); +typedef struct ratelim { + unsigned n, max, persec; + struct timeval when; +} ratelim; + +/* --- @ratelim_init@ --- * + * + * Arguments: @ratelim *r@ = rate-limiting state to fill in + * @unsigned persec@ = credit to accumulate per second + * @unsigned max@ = maximum credit to retain + * + * Returns: --- + * + * Use: Initialize a rate-limiting state. + */ + +extern void ratelim_init(ratelim */*r*/, + unsigned /*persec*/, unsigned /*max*/); + +/* --- @ratelim_withdraw@ --- * + * + * Arguments: @ratelim *r@ = rate-limiting state + * @unsigned n@ = credit to withdraw + * + * Returns: Zero if successful; @-1@ if there is unsufficient credit + * + * Use: Updates the state with any accumulated credit. Then, if + * there there are more than @n@ credits available, withdraw @n@ + * and return successfully; otherwise, report failure. + */ + +extern int ratelim_withdraw(ratelim */*r*/, unsigned /*n*/); + +/* --- @ies_encrypt@ --- * + * + * Arguments: @kdata *kpub@ = recipient's public key + * @unsigned ty@ = message type octet + * @buf *b@ = input message buffer + * @buf *bb@ = output buffer for the ciphertext + * + * Returns: On error, returns a @KSERR_...@ code or breaks the buffer; + * on success, returns zero and the buffer is good. + * + * Use: Encrypts a message for a recipient, given their public key. + * This does not (by itself) provide forward secrecy or sender + * authenticity. The ciphertext is self-delimiting (unlike + * @ks_encrypt@). + */ + +extern int ies_encrypt(kdata */*kpub*/, unsigned /*ty*/, + buf */*b*/, buf */*bb*/); + +/* --- @ies_decrypt@ --- * + * + * Arguments: @kdata *kpub@ = private key key + * @unsigned ty@ = message type octet + * @buf *b@ = input ciphertext buffer + * @buf *bb@ = output buffer for the message + * + * Returns: On error, returns a @KSERR_...@ code; on success, returns + * zero and the buffer is good. + * + * Use: Decrypts a message encrypted using @ies_encrypt@, given our + * private key. + */ + +extern int ies_decrypt(kdata */*kpriv*/, unsigned /*ty*/, + buf */*b*/, buf */*bb*/); + /*----- That's all, folks -------------------------------------------------*/ #ifdef __cplusplus