diff options
Diffstat (limited to 'plugins/MirOTR/libotr/src/auth.h')
| -rw-r--r-- | plugins/MirOTR/libotr/src/auth.h | 98 |
1 files changed, 59 insertions, 39 deletions
diff --git a/plugins/MirOTR/libotr/src/auth.h b/plugins/MirOTR/libotr/src/auth.h index ac9c668d94..0b9db544aa 100644 --- a/plugins/MirOTR/libotr/src/auth.h +++ b/plugins/MirOTR/libotr/src/auth.h @@ -1,6 +1,7 @@ /* * Off-the-Record Messaging library - * Copyright (C) 2004-2008 Ian Goldberg, Chris Alexander, Nikita Borisov + * Copyright (C) 2004-2012 Ian Goldberg, Rob Smits, Chris Alexander, + * Willy Lew, Lisa Du, Nikita Borisov * <otr@cypherpunks.ca> * * This library is free software; you can redistribute it and/or @@ -14,62 +15,73 @@ * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ #ifndef __AUTH_H__ #define __AUTH_H__ #include <gcrypt.h> +#include <time.h> #include "dh.h" + typedef enum { - OTRL_AUTHSTATE_NONE, - OTRL_AUTHSTATE_AWAITING_DHKEY, - OTRL_AUTHSTATE_AWAITING_REVEALSIG, - OTRL_AUTHSTATE_AWAITING_SIG, - OTRL_AUTHSTATE_V1_SETUP + OTRL_AUTHSTATE_NONE, + OTRL_AUTHSTATE_AWAITING_DHKEY, + OTRL_AUTHSTATE_AWAITING_REVEALSIG, + OTRL_AUTHSTATE_AWAITING_SIG, + OTRL_AUTHSTATE_V1_SETUP } OtrlAuthState; typedef struct { - OtrlAuthState authstate; /* Our state */ + OtrlAuthState authstate; /* Our state */ + + struct context *context; /* The context which points to us */ + + DH_keypair our_dh; /* Our D-H key */ + unsigned int our_keyid; /* ...and its keyid */ + + unsigned char *encgx; /* The encrypted value of g^x */ + size_t encgx_len; /* ...and its length */ + unsigned char r[16]; /* The encryption key */ - DH_keypair our_dh; /* Our D-H key */ - unsigned int our_keyid; /* ...and its keyid */ + unsigned char hashgx[32]; /* SHA256(g^x) */ - unsigned char *encgx; /* The encrypted value of g^x */ - size_t encgx_len; /* ...and its length */ - unsigned char r[16]; /* The encryption key */ + gcry_mpi_t their_pub; /* Their D-H public key */ + unsigned int their_keyid; /* ...and its keyid */ - unsigned char hashgx[32]; /* SHA256(g^x) */ - gcry_mpi_t their_pub; /* Their D-H public key */ - unsigned int their_keyid; /* ...and its keyid */ + gcry_cipher_hd_t enc_c, enc_cp; /* c and c' encryption keys */ + gcry_md_hd_t mac_m1, mac_m1p; /* m1 and m1' MAC keys */ + gcry_md_hd_t mac_m2, mac_m2p; /* m2 and m2' MAC keys */ - gcry_cipher_hd_t enc_c, enc_cp; /* c and c' encryption keys */ - gcry_md_hd_t mac_m1, mac_m1p; /* m1 and m1' MAC keys */ - gcry_md_hd_t mac_m2, mac_m2p; /* m2 and m2' MAC keys */ + unsigned char their_fingerprint[20]; /* The fingerprint of their + long-term signing key */ - unsigned char their_fingerprint[20]; /* The fingerprint of their - long-term signing key */ + int initiated; /* Did we initiate this + authentication? */ - int initiated; /* Did we initiate this - authentication? */ + unsigned int protocol_version; /* The protocol version number + used to authenticate. */ - unsigned int protocol_version; /* The protocol version number - used to authenticate. */ + unsigned char secure_session_id[20]; /* The secure session id */ + size_t secure_session_id_len; /* And its actual length, + which may be either 20 (for + v1) or 8 (for v2) */ + OtrlSessionIdHalf session_id_half; /* Which half of the session + id gets shown in bold */ - unsigned char secure_session_id[20]; /* The secure session id */ - size_t secure_session_id_len; /* And its actual length, - which may be either 20 (for - v1) or 8 (for v2) */ - OtrlSessionIdHalf session_id_half; /* Which half of the session - id gets shown in bold */ + char *lastauthmsg; /* The last auth message + (base-64 encoded) we sent, + in case we need to + retransmit it. */ - char *lastauthmsg; /* The last auth message - (base-64 encoded) we sent, - in case we need to - retransmit it. */ + time_t commit_sent_time; /* The time we last sent the + lastauthmsg, if it was a + COMMIT message, and this is + a master context. 0 + otherwise. */ } OtrlAuthInfo; #include "privkey-t.h" @@ -77,7 +89,7 @@ typedef struct { /* * Initialize the fields of an OtrlAuthInfo (already allocated). */ -void otrl_auth_new(OtrlAuthInfo *auth); +void otrl_auth_new(struct context *context); /* * Clear the fields of an OtrlAuthInfo (but leave it allocated). @@ -85,11 +97,11 @@ void otrl_auth_new(OtrlAuthInfo *auth); void otrl_auth_clear(OtrlAuthInfo *auth); /* - * Start a fresh AKE (version 2) using the given OtrlAuthInfo. Generate + * Start a fresh AKE (version 2 or 3) using the given OtrlAuthInfo. Generate * a fresh DH keypair to use. If no error is returned, the message to * transmit will be contained in auth->lastauthmsg. */ -gcry_error_t otrl_auth_start_v2(OtrlAuthInfo *auth); +gcry_error_t otrl_auth_start_v23(OtrlAuthInfo *auth, int version); /* * Handle an incoming D-H Commit Message. If no error is returned, the @@ -97,7 +109,7 @@ gcry_error_t otrl_auth_start_v2(OtrlAuthInfo *auth); * keypair to use. */ gcry_error_t otrl_auth_handle_commit(OtrlAuthInfo *auth, - const char *commitmsg); + const char *commitmsg, int version); /* * Handle an incoming D-H Key Message. If no error is returned, and @@ -154,4 +166,12 @@ gcry_error_t otrl_auth_handle_v1_key_exchange(OtrlAuthInfo *auth, gcry_error_t (*auth_succeeded)(const OtrlAuthInfo *auth, void *asdata), void *asdata); +/* + * Copy relevant information from the master OtrlAuthInfo to an + * instance OtrlAuthInfo in response to a D-H Key with a new + * instance. The fields copied will depend on the state of the + * master auth. + */ +void otrl_auth_copy_on_key(OtrlAuthInfo *m_auth, OtrlAuthInfo *auth); + #endif |