chrony/nts_ke_session.h - chrony - Git at Google

 /*
   chronyd/chronyc - Programs for keeping computer clocks accurate.

  **********************************************************************
  * Copyright (C) Miroslav Lichvar  2020
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
  * published by the Free Software Foundation.
  *
  * This program is distributed in the hope that it will be useful, but
  * WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License along
  * with this program; if not, write to the Free Software Foundation, Inc.,
  * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  *
  **********************************************************************

   =======================================================================

   Header file for the NTS-KE session
   */

 #ifndef GOT_NTS_KE_SESSION_H
 #define GOT_NTS_KE_SESSION_H

 #include "nts_ke.h"
 #include "siv.h"

 typedef struct NKSN_Credentials_Record *NKSN_Credentials;

 typedef struct NKSN_Instance_Record *NKSN_Instance;

 /* Handler for received NTS-KE messages.  A zero return code stops
    the session. */
 typedef int (*NKSN_MessageHandler)(void *arg);

 /* Get server or client credentials using a server certificate and key,
    or certificates of trusted CAs.  The credentials may be shared between
    different clients or servers. */
 extern NKSN_Credentials NKSN_CreateServerCertCredentials(const char **certs, const char **keys,
                                                          int n_certs_keys);
 extern NKSN_Credentials NKSN_CreateClientCertCredentials(const char **certs, uint32_t *ids,
                                                          int n_certs_ids,
                                                          uint32_t trusted_cert_set);

 /* Destroy the credentials */
 extern void NKSN_DestroyCertCredentials(NKSN_Credentials credentials);

 /* Create an instance */
 extern NKSN_Instance NKSN_CreateInstance(int server_mode, const char *server_name,
                                          NKSN_MessageHandler handler, void *handler_arg);

 /* Destroy an instance */
 extern void NKSN_DestroyInstance(NKSN_Instance inst);

 /* Start a new NTS-KE session */
 extern int NKSN_StartSession(NKSN_Instance inst, int sock_fd, const char *label,
                              NKSN_Credentials credentials, double timeout);

 /* Begin an NTS-KE message.  A request should be made right after starting
    the session and response should be made in the message handler. */
 extern void NKSN_BeginMessage(NKSN_Instance inst);

 /* Add a record to the message */
 extern int NKSN_AddRecord(NKSN_Instance inst, int critical, int type,
                           const void *body, int body_length);

 /* Terminate the message */
 extern int NKSN_EndMessage(NKSN_Instance inst);

 /* Get the next record from the received message.  This function should be
    called from the message handler. */
 extern int NKSN_GetRecord(NKSN_Instance inst, int *critical, int *type, int *body_length,
                           void *body, int buffer_length);

 /* Export NTS keys for a specified algorithm */
 extern int NKSN_GetKeys(NKSN_Instance inst, SIV_Algorithm siv, NKE_Key *c2s, NKE_Key *s2c);

 /* Check if the session has stopped */
 extern int NKSN_IsStopped(NKSN_Instance inst);

 /* Stop the session */
 extern void NKSN_StopSession(NKSN_Instance inst);

 /* Get a factor to calculate retry interval (in log2 seconds)
    based on the session state or how it was terminated */
 extern int NKSN_GetRetryFactor(NKSN_Instance inst);

 #endif
	/*
	chronyd/chronyc - Programs for keeping computer clocks accurate.

	**********************************************************************
	* Copyright (C) Miroslav Lichvar 2020
	*
	* This program is free software; you can redistribute it and/or modify
	* it under the terms of version 2 of the GNU General Public License as
	* published by the Free Software Foundation.
	*
	* This program is distributed in the hope that it will be useful, but
	* WITHOUT ANY WARRANTY; without even the implied warranty of
	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	* General Public License for more details.
	*
	* You should have received a copy of the GNU General Public License along
	* with this program; if not, write to the Free Software Foundation, Inc.,
	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
	*
	**********************************************************************

	=======================================================================

	Header file for the NTS-KE session
	*/

	#ifndef GOT_NTS_KE_SESSION_H
	#define GOT_NTS_KE_SESSION_H

	#include "nts_ke.h"
	#include "siv.h"

	typedef struct NKSN_Credentials_Record *NKSN_Credentials;

	typedef struct NKSN_Instance_Record *NKSN_Instance;

	/* Handler for received NTS-KE messages. A zero return code stops
	the session. */
	typedef int (NKSN_MessageHandler)(void arg);

	/* Get server or client credentials using a server certificate and key,
	or certificates of trusted CAs. The credentials may be shared between
	different clients or servers. */
	extern NKSN_Credentials NKSN_CreateServerCertCredentials(const char certs, const char keys,
	int n_certs_keys);
	extern NKSN_Credentials NKSN_CreateClientCertCredentials(const char *certs, uint32_t ids,
	int n_certs_ids,
	uint32_t trusted_cert_set);

	/* Destroy the credentials */
	extern void NKSN_DestroyCertCredentials(NKSN_Credentials credentials);

	/* Create an instance */
	extern NKSN_Instance NKSN_CreateInstance(int server_mode, const char *server_name,
	NKSN_MessageHandler handler, void *handler_arg);

	/* Destroy an instance */
	extern void NKSN_DestroyInstance(NKSN_Instance inst);

	/* Start a new NTS-KE session */
	extern int NKSN_StartSession(NKSN_Instance inst, int sock_fd, const char *label,
	NKSN_Credentials credentials, double timeout);

	/* Begin an NTS-KE message. A request should be made right after starting
	the session and response should be made in the message handler. */
	extern void NKSN_BeginMessage(NKSN_Instance inst);

	/* Add a record to the message */
	extern int NKSN_AddRecord(NKSN_Instance inst, int critical, int type,
	const void *body, int body_length);

	/* Terminate the message */
	extern int NKSN_EndMessage(NKSN_Instance inst);

	/* Get the next record from the received message. This function should be
	called from the message handler. */
	extern int NKSN_GetRecord(NKSN_Instance inst, int critical, int type, int *body_length,
	void *body, int buffer_length);

	/* Export NTS keys for a specified algorithm */
	extern int NKSN_GetKeys(NKSN_Instance inst, SIV_Algorithm siv, NKE_Key c2s, NKE_Key s2c);

	/* Check if the session has stopped */
	extern int NKSN_IsStopped(NKSN_Instance inst);

	/* Stop the session */
	extern void NKSN_StopSession(NKSN_Instance inst);

	/* Get a factor to calculate retry interval (in log2 seconds)
	based on the session state or how it was terminated */
	extern int NKSN_GetRetryFactor(NKSN_Instance inst);

	#endif