X-Git-Url: http://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fsptps.h;h=6d01891a257e70b736d944fa15b235c289d04c6b;hb=e994222a4370621a9ac69c13ed23531c1eaa6809;hp=95209e5d2702f21499d5c619e613781d0d67dda1;hpb=c44b08613508c993e7fd9f625e0b1b4775efffed;p=tinc diff --git a/src/sptps.h b/src/sptps.h index 95209e5d..6d01891a 100644 --- a/src/sptps.h +++ b/src/sptps.h @@ -3,7 +3,7 @@ /* sptps.h -- Simple Peer-to-Peer Security - Copyright (C) 2011-2014 Guus Sliepen + Copyright (C) 2011-2021 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -22,11 +22,11 @@ #include "system.h" -#include "chacha-poly1305/chacha-poly1305.h" +#include "chacha-poly1305/chachapoly.h" #include "ecdh.h" #include "ecdsa.h" -#define SPTPS_VERSION 0 +#define SPTPS_VERSION 1 // Record types #define SPTPS_HANDSHAKE 128 // Key exchange and authentication @@ -34,7 +34,10 @@ #define SPTPS_CLOSE 130 // Application closed the connection // Overhead for datagrams -#define SPTPS_DATAGRAM_OVERHEAD 21 +static const size_t SPTPS_OVERHEAD = 19; +static const size_t SPTPS_HEADER = 3; +static const size_t SPTPS_DATAGRAM_OVERHEAD = 21; +static const size_t SPTPS_DATAGRAM_HEADER = 5; typedef bool (*send_data_t)(void *handle, uint8_t type, const void *data, size_t len); typedef bool (*receive_record_t)(void *handle, uint8_t type, const void *data, uint16_t len); @@ -49,27 +52,63 @@ typedef enum sptps_state_t { PACKED(struct sptps_kex_t { uint8_t version; + uint8_t preferred_suite; + uint16_t cipher_suites; uint8_t nonce[ECDH_SIZE]; uint8_t pubkey[ECDH_SIZE]; }); typedef struct sptps_kex_t sptps_kex_t; -STATIC_ASSERT(sizeof(sptps_kex_t) == 65, "sptps_kex_t has invalid size"); +STATIC_ASSERT(sizeof(sptps_kex_t) == 68, "sptps_kex_t has invalid size"); + +// Big enough to handle a 256 bit key + IV +#define SPTPS_KEYLEN 64 typedef union sptps_key_t { struct { - uint8_t key0[CHACHA_POLY1305_KEYLEN]; - uint8_t key1[CHACHA_POLY1305_KEYLEN]; + uint8_t key0[SPTPS_KEYLEN]; + uint8_t key1[SPTPS_KEYLEN]; }; - uint8_t both[CHACHA_POLY1305_KEYLEN * 2]; + uint8_t both[SPTPS_KEYLEN * 2]; } sptps_key_t; STATIC_ASSERT(sizeof(sptps_key_t) == 128, "sptps_key_t has invalid size"); +// Public key suites +enum { + SPTPS_ED25519 = 0, +}; + +// Cipher suites +enum { + SPTPS_CHACHA_POLY1305 = 0, + SPTPS_AES256_GCM = 1, + SPTPS_ALL_CIPHER_SUITES = 0x3, +}; + +typedef struct sptps_params { + void *handle; + bool initiator; + bool datagram; + uint8_t preferred_suite; + uint16_t cipher_suites; + ecdsa_t *mykey; + ecdsa_t *hiskey; + const void *label; + size_t labellen; + send_data_t send_data; + receive_record_t receive_record; +} sptps_params_t; + typedef struct sptps { bool initiator; bool datagram; + uint8_t preferred_suite; + uint16_t cipher_suites; + + uint8_t pk_suite; + uint8_t cipher_suite; sptps_state_t state; uint8_t *inbuf; @@ -77,7 +116,7 @@ typedef struct sptps { uint16_t reclen; bool instate; - chacha_poly1305_ctx_t *incipher; + void *incipher; uint32_t inseqno; uint32_t received; unsigned int replaywin; @@ -85,7 +124,7 @@ typedef struct sptps { uint8_t *late; bool outstate; - chacha_poly1305_ctx_t *outcipher; + void *outcipher; uint32_t outseqno; ecdsa_t *mykey; @@ -104,10 +143,10 @@ typedef struct sptps { } sptps_t; extern unsigned int sptps_replaywin; -extern void sptps_log_quiet(sptps_t *s, int s_errno, const char *format, va_list ap); -extern void sptps_log_stderr(sptps_t *s, int s_errno, const char *format, va_list ap); -extern void (*sptps_log)(sptps_t *s, int s_errno, const char *format, va_list ap); -extern bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_t *mykey, ecdsa_t *hiskey, const void *label, size_t labellen, send_data_t send_data, receive_record_t receive_record); +extern void sptps_log_quiet(sptps_t *s, int s_errno, const char *format, va_list ap) ATTR_FORMAT(printf, 3, 0); +extern void sptps_log_stderr(sptps_t *s, int s_errno, const char *format, va_list ap) ATTR_FORMAT(printf, 3, 0); +extern void (*sptps_log)(sptps_t *s, int s_errno, const char *format, va_list ap) ATTR_FORMAT(printf, 3, 0); +extern bool sptps_start(sptps_t *s, const struct sptps_params *params); extern bool sptps_stop(sptps_t *s); extern bool sptps_send_record(sptps_t *s, uint8_t type, const void *data, uint16_t len); extern size_t sptps_receive_data(sptps_t *s, const void *data, size_t len);