summaryrefslogtreecommitdiff
path: root/plugins/MirOTR/libotr/src/auth.h
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/MirOTR/libotr/src/auth.h')
-rw-r--r--plugins/MirOTR/libotr/src/auth.h157
1 files changed, 157 insertions, 0 deletions
diff --git a/plugins/MirOTR/libotr/src/auth.h b/plugins/MirOTR/libotr/src/auth.h
new file mode 100644
index 0000000000..ac9c668d94
--- /dev/null
+++ b/plugins/MirOTR/libotr/src/auth.h
@@ -0,0 +1,157 @@
+/*
+ * Off-the-Record Messaging library
+ * Copyright (C) 2004-2008 Ian Goldberg, Chris Alexander, Nikita Borisov
+ * <otr@cypherpunks.ca>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of version 2.1 of the GNU Lesser General
+ * Public License as published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#ifndef __AUTH_H__
+#define __AUTH_H__
+
+#include <gcrypt.h>
+#include "dh.h"
+
+typedef enum {
+ OTRL_AUTHSTATE_NONE,
+ OTRL_AUTHSTATE_AWAITING_DHKEY,
+ OTRL_AUTHSTATE_AWAITING_REVEALSIG,
+ OTRL_AUTHSTATE_AWAITING_SIG,
+ OTRL_AUTHSTATE_V1_SETUP
+} OtrlAuthState;
+
+typedef struct {
+ OtrlAuthState authstate; /* Our state */
+
+ DH_keypair our_dh; /* Our D-H key */
+ unsigned int our_keyid; /* ...and its keyid */
+
+ unsigned char *encgx; /* The encrypted value of g^x */
+ size_t encgx_len; /* ...and its length */
+ unsigned char r[16]; /* The encryption key */
+
+ unsigned char hashgx[32]; /* SHA256(g^x) */
+
+ gcry_mpi_t their_pub; /* Their D-H public key */
+ unsigned int their_keyid; /* ...and its keyid */
+
+ gcry_cipher_hd_t enc_c, enc_cp; /* c and c' encryption keys */
+ gcry_md_hd_t mac_m1, mac_m1p; /* m1 and m1' MAC keys */
+ gcry_md_hd_t mac_m2, mac_m2p; /* m2 and m2' MAC keys */
+
+ unsigned char their_fingerprint[20]; /* The fingerprint of their
+ long-term signing key */
+
+ int initiated; /* Did we initiate this
+ authentication? */
+
+ unsigned int protocol_version; /* The protocol version number
+ used to authenticate. */
+
+ unsigned char secure_session_id[20]; /* The secure session id */
+ size_t secure_session_id_len; /* And its actual length,
+ which may be either 20 (for
+ v1) or 8 (for v2) */
+ OtrlSessionIdHalf session_id_half; /* Which half of the session
+ id gets shown in bold */
+
+ char *lastauthmsg; /* The last auth message
+ (base-64 encoded) we sent,
+ in case we need to
+ retransmit it. */
+} OtrlAuthInfo;
+
+#include "privkey-t.h"
+
+/*
+ * Initialize the fields of an OtrlAuthInfo (already allocated).
+ */
+void otrl_auth_new(OtrlAuthInfo *auth);
+
+/*
+ * Clear the fields of an OtrlAuthInfo (but leave it allocated).
+ */
+void otrl_auth_clear(OtrlAuthInfo *auth);
+
+/*
+ * Start a fresh AKE (version 2) using the given OtrlAuthInfo. Generate
+ * a fresh DH keypair to use. If no error is returned, the message to
+ * transmit will be contained in auth->lastauthmsg.
+ */
+gcry_error_t otrl_auth_start_v2(OtrlAuthInfo *auth);
+
+/*
+ * Handle an incoming D-H Commit Message. If no error is returned, the
+ * message to send will be left in auth->lastauthmsg. Generate a fresh
+ * keypair to use.
+ */
+gcry_error_t otrl_auth_handle_commit(OtrlAuthInfo *auth,
+ const char *commitmsg);
+
+/*
+ * Handle an incoming D-H Key Message. If no error is returned, and
+ * *havemsgp is 1, the message to sent will be left in auth->lastauthmsg.
+ * Use the given private authentication key to sign messages.
+ */
+gcry_error_t otrl_auth_handle_key(OtrlAuthInfo *auth, const char *keymsg,
+ int *havemsgp, OtrlPrivKey *privkey);
+
+/*
+ * Handle an incoming Reveal Signature Message. If no error is
+ * returned, and *havemsgp is 1, the message to be sent will be left in
+ * auth->lastauthmsg. Use the given private authentication key to sign
+ * messages. Call the auth_succeeded callback if authentication is
+ * successful.
+ */
+gcry_error_t otrl_auth_handle_revealsig(OtrlAuthInfo *auth,
+ const char *revealmsg, int *havemsgp, OtrlPrivKey *privkey,
+ gcry_error_t (*auth_succeeded)(const OtrlAuthInfo *auth, void *asdata),
+ void *asdata);
+
+/*
+ * Handle an incoming Signature Message. If no error is returned, and
+ * *havemsgp is 1, the message to be sent will be left in
+ * auth->lastauthmsg. Call the auth_succeeded callback if
+ * authentication is successful.
+ */
+gcry_error_t otrl_auth_handle_signature(OtrlAuthInfo *auth,
+ const char *sigmsg, int *havemsgp,
+ gcry_error_t (*auth_succeeded)(const OtrlAuthInfo *auth, void *asdata),
+ void *asdata);
+
+/*
+ * Start a fresh AKE (version 1) using the given OtrlAuthInfo. If
+ * our_dh is NULL, generate a fresh DH keypair to use. Otherwise, use a
+ * copy of the one passed (with the given keyid). Use the given private
+ * key to sign the message. If no error is returned, the message to
+ * transmit will be contained in auth->lastauthmsg.
+ */
+gcry_error_t otrl_auth_start_v1(OtrlAuthInfo *auth, DH_keypair *our_dh,
+ unsigned int our_keyid, OtrlPrivKey *privkey);
+
+/*
+ * Handle an incoming v1 Key Exchange Message. If no error is returned,
+ * and *havemsgp is 1, the message to be sent will be left in
+ * auth->lastauthmsg. Use the given private authentication key to sign
+ * messages. Call the auth_secceeded callback if authentication is
+ * successful. If non-NULL, use a copy of the given D-H keypair, with
+ * the given keyid.
+ */
+gcry_error_t otrl_auth_handle_v1_key_exchange(OtrlAuthInfo *auth,
+ const char *keyexchmsg, int *havemsgp, OtrlPrivKey *privkey,
+ DH_keypair *our_dh, unsigned int our_keyid,
+ gcry_error_t (*auth_succeeded)(const OtrlAuthInfo *auth, void *asdata),
+ void *asdata);
+
+#endif