X-Git-Url: http://git.meshlink.io/?a=blobdiff_plain;f=src%2Fsptps.h;h=c91d3882b428d09ea5c4d4f9154941a83a0727ed;hb=be83b0af60449c7b35d17d97f2e6dc12f611e831;hp=b1026d535e5fb97f4371865663c856e6f8016fe5;hpb=3d75dbc0880484ff6d2f689a9b981def3cd75b5e;p=meshlink

diff --git a/src/sptps.h b/src/sptps.h
index b1026d53..c91d3882 100644
--- a/src/sptps.h
+++ b/src/sptps.h
@@ -1,6 +1,9 @@
+#ifndef MESHLINK_SPTPS_H
+#define MESHLINK_SPTPS_H
+
 /*
     sptps.h -- Simple Peer-to-Peer Security
-    Copyright (C) 2011 Guus Sliepen <guus@tinc-vpn.org>,
+    Copyright (C) 2014, 2017 Guus Sliepen <guus@meshlink.io>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -19,49 +22,79 @@
 
 #include "system.h"
 
-#include "cipher.h"
-#include "digest.h"
+#include "chacha-poly1305/chacha-poly1305.h"
 #include "ecdh.h"
 #include "ecdsa.h"
 
-#define STATE_FIRST_KEX 0 // Waiting for peer's ECDHE pubkey
-#define STATE_NORMAL 1
-#define STATE_WAIT_KEX 2 // Waiting for peer's ECDHE pubkey
-#define STATE_WAIT_ACK 3 // Waiting for peer's acknowledgement of pubkey reception
+#define SPTPS_VERSION 0
+
+// Record types
+#define SPTPS_HANDSHAKE 128   // Key exchange and authentication
+#define SPTPS_ALERT 129       // Warning or error messages
+#define SPTPS_CLOSE 130       // Application closed the connection
 
-typedef bool (*send_data_t)(void *handle, const char *data, size_t len);
-typedef bool (*receive_record_t)(void *handle, uint8_t type, const char *data, uint16_t len);
+// Key exchange states
+#define SPTPS_KEX 1           // Waiting for the first Key EXchange record
+#define SPTPS_SECONDARY_KEX 2 // Ready to receive a secondary Key EXchange record
+#define SPTPS_SIG 3           // Waiting for a SIGnature record
+#define SPTPS_ACK 4           // Waiting for an ACKnowledgement record
+
+typedef bool (*send_data_t)(void *handle, uint8_t type, const void *data, size_t len);
+typedef bool (*receive_record_t)(void *handle, uint8_t type, const void *data, uint16_t len);
 
 typedef struct sptps {
+	// State
 	bool initiator;
+	bool datagram;
+	bool instate;
+	bool outstate;
+
 	int state;
 
+	// Main member variables
 	char *inbuf;
 	size_t buflen;
 
-	cipher_t incipher;
-	digest_t indigest;
+	chacha_poly1305_ctx_t *incipher;
+	uint32_t replaywin;
 	uint32_t inseqno;
+	uint32_t received;
+	uint16_t reclen;
 
-	cipher_t outcipher;
-	digest_t outdigest;
+	chacha_poly1305_ctx_t *outcipher;
 	uint32_t outseqno;
 
-	ecdsa_t mykey;
-	ecdsa_t hiskey;
-	ecdh_t ecdh;
+	char *late;
 
-	char *myrandom;
-	char *key;
-	char *label;
-	size_t labellen;
+	char *decrypted_buffer;
+	size_t decrypted_buffer_len;
 
+	// Callbacks
 	void *handle;
 	send_data_t send_data;
 	receive_record_t receive_record;
+
+	// Variables used for the authentication phase
+	ecdsa_t *mykey;
+	ecdsa_t *hiskey;
+	ecdh_t *ecdh;
+
+	char *mykex;
+	char *hiskex;
+	char *key;
+	char *label;
+	size_t labellen;
+
 } sptps_t;
 
-extern bool start_sptps(sptps_t *s, void *handle, bool initiator, ecdsa_t mykey, ecdsa_t hiskey, const char *label, size_t labellen, send_data_t send_data, receive_record_t receive_record);
-extern bool stop_sptps(sptps_t *s);
-extern bool send_record(sptps_t *s, uint8_t type, const char *data, uint16_t len);
-extern bool receive_data(sptps_t *s, const char *data, size_t len);
+extern void sptps_log_quiet(sptps_t *s, int s_errno, const char *format, va_list ap);
+extern void sptps_log_stderr(sptps_t *s, int s_errno, const char *format, va_list ap);
+extern void (*sptps_log)(sptps_t *s, int s_errno, const char *format, va_list ap);
+extern bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_t *mykey, ecdsa_t *hiskey, const char *label, size_t labellen, send_data_t send_data, receive_record_t receive_record) __attribute__((__warn_unused_result__));
+extern bool sptps_stop(sptps_t *s);
+extern bool sptps_send_record(sptps_t *s, uint8_t type, const void *data, uint16_t len);
+extern bool sptps_receive_data(sptps_t *s, const void *data, size_t len) __attribute__((__warn_unused_result__));
+extern bool sptps_force_kex(sptps_t *s) __attribute__((__warn_unused_result__));
+extern bool sptps_verify_datagram(sptps_t *s, const void *data, size_t len) __attribute__((__warn_unused_result__));
+
+#endif