1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
/*
* Ouroboros - Copyright (C) 2016 - 2024
*
* OAP internal definitions
*
* Dimitri Staessens <dimitri@ouroboros.rocks>
* Sander Vrijders <sander@ouroboros.rocks>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., http://www.fsf.org/about/contact/.
*/
#ifndef OUROBOROS_IRMD_OAP_INTERNAL_H
#define OUROBOROS_IRMD_OAP_INTERNAL_H
#include <ouroboros/crypt.h>
#include <ouroboros/list.h>
#include <ouroboros/name.h>
#include <ouroboros/pthread.h>
#include <ouroboros/utils.h>
#include "hdr.h"
#include <stdbool.h>
#include <stdint.h>
/*
* Authentication functions (auth.c)
*/
int oap_check_hdr(const struct oap_hdr * hdr);
int oap_auth_peer(char * name,
const struct oap_hdr * local_hdr,
const struct oap_hdr * peer_hdr);
/*
* Key exchange functions (kex.c)
*/
int oap_negotiate_cipher(const struct oap_hdr * peer_hdr,
struct sec_config * kcfg);
/*
* Credential loading (oap.c) - shared between client and server
*/
#ifndef OAP_TEST_MODE
int load_credentials(const char * name,
const struct name_sec_paths * paths,
void ** pkp,
void ** crt);
int load_kex_config(const char * name,
const char * path,
struct sec_config * cfg);
#endif
/*
* Server functions (srv.c)
*/
#ifndef OAP_TEST_MODE
int load_srv_credentials(const struct name_info * info,
void ** pkp,
void ** crt);
int load_srv_kex_config(const struct name_info * info,
struct sec_config * cfg);
int load_server_kem_keypair(const char * name,
struct sec_config * cfg,
void ** pkp);
#else
extern int load_srv_credentials(const struct name_info * info,
void ** pkp,
void ** crt);
extern int load_srv_kex_config(const struct name_info * info,
struct sec_config * cfg);
extern int load_server_kem_keypair(const char * name,
struct sec_config * cfg,
void ** pkp);
#endif
int do_server_kex(const struct name_info * info,
struct oap_hdr * peer_hdr,
struct sec_config * kcfg,
buffer_t * kex,
struct crypt_sk * sk);
/*
* Client functions (cli.c)
*/
#ifndef OAP_TEST_MODE
int load_cli_credentials(const struct name_info * info,
void ** pkp,
void ** crt);
int load_cli_kex_config(const struct name_info * info,
struct sec_config * cfg);
int load_server_kem_pk(const char * name,
struct sec_config * cfg,
buffer_t * pk);
#else
extern int load_cli_credentials(const struct name_info * info,
void ** pkp,
void ** crt);
extern int load_cli_kex_config(const struct name_info * info,
struct sec_config * cfg);
extern int load_server_kem_pk(const char * name,
struct sec_config * cfg,
buffer_t * pk);
#endif
int oap_client_kex_prepare(struct sec_config * kcfg,
buffer_t server_pk,
buffer_t * kex,
uint8_t * key,
void ** ephemeral_pkp);
int oap_client_kex_complete(const struct oap_hdr * peer_hdr,
struct sec_config * kcfg,
void * pkp,
uint8_t * key);
#endif /* OUROBOROS_IRMD_OAP_INTERNAL_H */
|
