(***TESTING NEEDED) means that the item has been done but not yet properly
tested.
-NOTE: A TODO entry does not mean that it is ever going to be done. Some
-of the entries may be just ideas, good, bad or ugly. If you want to work
-on some of the TODO entries simply let us know about it by dropping a note
+NOTE: A TODO entry does not mean that it is ever going to be done. Some
+of the entries may be just ideas, good, bad or ugly. If you want to work
+on some of the TODO entries simply let us know about it by dropping a note
to silc-devel mailing list or appear on 'silc' channel on SILCNet.
-General
-=======
-
- o Create apps/tutorial containing various Toolkit API tutorials.
-
- o The Toolkit split. The Toolkit is to be splitted in parts. How many
- parts and what the parts are isn't decided yet. Each part is a separate
- software package. Current thinking is of the following:
-
- SILC Toolkit SILC protocol, client and server library
- SILC Runtime Toolkit runtime library
- SILC Crypto Toolkit crypto, asn1, math, skr, pgp, etc.
-
- The rationale for this is of course that other than SILC projects
- might like to use the various libraries SILC Toolkit provides, but
- naturally they don't want the bloat of SILC protocol related stuff.
-
- The Runtime library in SILC Toolkit is a general purpose runtime library,
- like Glib and APR are. The runtime library is to be developed further
- to provide alternative to Glib and APR.
-
- The Crypto library in SILC Toolkit is a general purpose crypto library
- providing pretty nice APIs compared to many other crypto libraries,
- especially OpenSSL. The Crypto library is to be developed further
- to include support for OpenPGP, X.509 and SSH2.
-
-
-lib/silccore
-============
-
- o SILC_PACKET_FLAG_ACK support. Implement ACK packet and packet payload
- to silcpacket.c.
-
- o All payload encoding routines should take SilcStack as argument.
-
- o All payload test routines into lib/silccore/tests/.
-
-
-lib/silcclient, The Client Library
-==================================
-
- o peer-to-peer private messages
-
- o Private message key request notification to application. See XXX in
- client_prvmsg.c.
-
- o in JOIN notify handle resolving that timedout. Currently the user is
- never joined the channel if this happens. What to do if message is
- received from user that hasn't been resolved/joined?
-
- o Message ACKing support.
-
- o in /cmode and /cumode with +r, maybe the public key and private key
- could be just some "string", which would then match to "string.pub" and
- "string.prv".
-
-
-Runtime library, lib/silcutil/
+Crypto Library, lib/silccrypt/
==============================
- o Fix universal time decoding (doesn't accept all formats) in silctime.c.
-
- o Add functions to manipulate environment variables.
-
- SilcBool silc_setenv(const char *variable, const char *value);
- const char *silc_getenv(const char *variable);
- SilcBool silc_clearenv(const char *variable);
-
- o Add functions to loading shared/dynamic object symbols (replaces the
- SIM library (lib/silcsim) and introduces generic library).
-
- SilcDll silc_dll_load(const char *object_path, SilcDllFlags flags);
- void silc_dll_close(SilcDll dll);
- void *silc_dll_getsym(SilcDll dll, const char *symbol);
- const char *silc_dll_error(SilcDll dll);
+ o Add fingerprint to SilcSILCPublicKey and retrieval to silcpk.h, and
+ possibly to silcpkcs.h.
- o Add directory opening/traversing functions
+ /* Return fingerprint of the `public_key'. Returns also the algorithm
+ that has been used to make the fingerprint. */
+ const unsigned char *
+ silc_pkcs_get_fingerprint(SilcPublicKey public_key,
+ const char **hash_algorithm,
+ SilcUInt32 *fingerprint_len);
- o silc_getopt routines
+ o Add CMAC and maybe others. Change needs rewrite of the internals of
+ the SILC Mac API, currently it's suitable only for HMACs.
- o silc_hash_table_replace -> silc_hash_table_set. Retain support for
- silc_hash_table_replace as macro.
+ o Global RNG must be changed to use SILC Global API.
- o The SILC Event signals. Asynchronous events that can be created,
- connected to and signalled. Either own event routines or glued into
- SilcSchedule:
+ o Global cipher, hash, mac, and pkcs tables must use SILC Global API.
- SilcTask silc_schedule_task_add_event(SilcSchedule schedule,
- const char *event, ...);
- SilcBool silc_schedule_event_connect(SilcSchedule schedule,
- const char *event,
- SilcTaskCallback event_callback,
- void *context);
- SilcBool silc_schedule_event_signal(SilcSchedule schedule,
- const char *event, ...);
+ o Add FIPS compliant RNG.
- Example:
- silc_schedule_task_add_event(schedule, "connected",
- SILC_PARAM_UI32_INT,
- SILC_PARAM_BUFFER,
- SILC_PARAM_END);
- silc_schedule_event_connect(schedule, "connected", connected_cb, ctx);
- silc_schedule_event_signal(schedule, "connected", integer, buf,
- SILC_PARAM_END);
- SILC_TASK_CALLBACK(connected_cb)
- {
- FooCtx ctx = context;
- va_list args;
- SilcUInt32 integer;
- SilcBuffer buf;
-
- va_start(args, context);
- integer = va_arg(args, SilcUInt32);
- buf = va_arg(args, SilcBuffer);
- va_end(args);
- ...
- }
+ o Implement the defined SilcDH API. The definition is in
+ lib/silccrypt/silcdh.h. Make sure it is asynchronous so that it can
+ be accelerated. Also take into account that it could use elliptic
+ curves.
- Problems: Events would be SilcSchedule specific, and would not work on
- multi-thread/multi-scheduler system. The events should be copyable
- between schedulers.
+ o Add Elgamal.
- o Structured log messages to Log API. Allows machine readable log
- messages. Would allow sending of any kind of data in a log message.
+ o Add ECDSA support.
- o Base64 to an own API
+ o Add ECDH support.
- o Timer API
+ o Add PKCS#1 RSAES-OAEP and RSASSA-PSS.
- o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least.
- SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled
- in separately.
+ o Add GCM mode.
- o silc_stringprep to non-allocating version.
+ o Do GCC vs ICC benchmarks of all key algorithms.
- o SilcStack aware SilcHashTable.
+ o Add DSA support to SILC public key.
- o SilcStack aware SilcDList.
+ o The asynchronous functions to perhaps to _async to preserve backwards
+ compatibility with synchronous versions, and make easier to migrate
+ from 1.1 to 1.2. (***DONE)
- o Compression routines are missing. The protocol supports packet
- compression thus it must be implemented. SILC Zip API must be
- defined.
+ o AES CBC is missing proper alignment code. (***DONE)
- (o Generic SilcStatus or SilcResult that includes all possible status and
- error conditions, including those of SILC protocol. Though, the SILC
- protocol related status (currently in silcstatus.h) cannot be in
- runtime library) maybe
+ o silc_pkcs_public_key_alloc should accept also SILC_PKCS_ANY as argument
+ and try all supported PKCS until one succeeds. (***DONE)
- (o Thread pool) maybe
+ o Associate a default hash function with all PKCS algorithms. User can
+ override it in silc_pkcs_sign. DSA with FIPS186-3 determines the
+ hash algorithm by the key length. (***DONE)
- (o SILC specific socket creation/closing routines to silcnet.h, wrappers
- to all send(), recv(), sendto() etc. Bad thing is that we'd have to
- define all socket options, sockaddrs, etc.) maybe
+ o Document all cipher names, hash names, mac names, pkcs names. (***DONE)
- (o mmap) maybe
+ o SilcHmac must be replaced with generic SilcMac so that we can add
+ others than just HMAC algorithms. Backwards support (via #define's)
+ must be preserved. (***DONE)
+ o Change the DSA implementation to support FIPS186-3. This means that
+ the q length is determined by the key length. (***DONE)
-lib/silcutil/symbian/
-=====================
+ o Add silc_crypto_init and silc_crypto_uninit. The _init should take
+ SilcStack that will act as global memory pool for all of crypto
+ library. It should not be necessary anymore to separately register
+ default ciphers, HMACs, etc, the _init would do that. However, if
+ user after _init calls silc_pkcs_register, for example, it would take
+ preference over the default once, ie. user can always dictate the
+ order of algorithms. (***DONE)
- o Something needs to be thought to the logging globals as well,
- like silc_debug etc. They won't work on EPOC. Perhaps logging
- and debugging is to be disabled on EPOC. The logging currently works
- by it cannot be controlled, same with debugging.
+ o Change SILC PKCS API to asynchronous, so that accelerators can be used.
+ All PKCS routines should now take callbacks as argument and they should
+ be delivered to SilcPKCSObject and SilcPKCSAlgorithm too. (***DONE)
+ o Change PKCS Algorithm API to take SilcPKCSAlgorithm as argument to
+ encrypt, decrypt, sign and verify functions. We may need to for exmaple
+ check the alg->hash, supported hash functions. Maybe deliver it also
+ to all other functions in SilcPKCSAlgorithm to be consistent. (***DONE)
-SFTP Library, lib/silcsftp/
-===========================
+ o Add DSS support. (***DONE)
- o Read prefetch (read-ahead, reading ahead of time). Maybe if this can
- be done easily.
+ o All cipher, hash, hmac etc. allocation routines should take their name
+ in as const char * not const unsigned char *. (***DONE)
SKR Library, lib/silcskr/
o Add fingerprint as search constraint.
+ o Add SSH support. (***DONE, TESTING NEEDED)
+
o Add OpenPGP support. Adding, removing, fetching PGP keys. (Keyring
support?)
file. Add support for exporting the repository (different formats for
different key types?).
- o Change the entire silc_skr_find API. Remove SilcSKRFind and just simply
- add the find constraints as variable argument list to silc_skr_find, eg:
-
- silc_skr_find(skr, schedule, callback, context,
- SILC_SKR_FIND_PUBLIC_KEY, public_key,
- SILC_SKR_FIND_COUNTRY, "FI",
- SILC_SKR_FIND_USAGE, SILC_SKR_USAGE_AUTH,
- SILC_SKR_FIND_END);
-
- NULL argument would be ignored and skipped.
+ o Add find rule AND and OR. The default is always AND. Add
+ silc_skr_find_set_rule.
- o Add OR logical rule in addition of the current default AND, eg:
+ o Add silc_skr_find_add_search_file that can be used to add a file to
+ search for the public keys. More than one can be set. Add support
+ for searching keys from file.
- // Found key(s) MUST have this public key AND this country.
- silc_skr_find(skr, schedule, callback, context,
- SILC_SKR_FIND_RULE_AND,
- SILC_SKR_FIND_PUBLIC_KEY, public_key,
- SILC_SKR_FIND_COUNTRY, "FI",
- SILC_SKR_FIND_END);
+ o Add silc_skr_find_add_search_dir that can be used to add a directory to
+ search for the public keys. More than one can be set. Add support
+ for seraching keys from directory.
- // Found key(s) MUST have this public key OR this key context
- silc_skr_find(skr, schedule, callback, context,
- SILC_SKR_FIND_RULE_OR,
- SILC_SKR_FIND_PUBLIC_KEY, public_key,
- SILC_SKR_FIND_CONTEXT, key_context,
- SILC_SKR_FIND_END);
-
-
-Crypto Library, lib/silccrypt/
-==============================
-
- o Add fingerprint to SilcSILCPublicKey and retrieval to silcpk.h, and
- possibly to silcpkcs.h.
-
- /* Return fingerprint of the `public_key'. Returns also the algorithm
- that has been used to make the fingerprint. */
- const unsigned char *
- silc_pkcs_get_fingerprint(SilcPublicKey public_key,
- const char **hash_algorithm,
- SilcUInt32 *fingerprint_len);
+ o SilcStack to SKR API.
- o Change SILC PKCS API to asynchronous, so that accelerators can be used.
- All PKCS routines should now take callbacks as argument and they should
- be delivered to SilcPKCSObject and SilcPKCSAlgorithm too.
-
- /* Signature computation callback */
- typedef void (*SilcPKCSSignCb)(SilcBool success,
- const unsigned char *signature,
- SilcUInt32 signature_len,
- void *context);
-
- /* Signature verification callback */
- typedef void (*SilcPKCSVerifyCb)(SilcBool success, void *context);
-
- /* Encryption callback */
- typedef void (*SilcPKCSEncryptCb)(SilcBool success,
- const unsigned char *encrypted,
- SilcUInt32 encrypted_len,
- void *context);
-
- /* Decryption callback */
- typedef void (*SilcPKCSDecryptCb)(SilcBool success,
- const unsigned char *decrypted,
- SilcUInt32 decrypted_len,
- void *context);
-
- Either add new _async functions or add the callbacks to existing API
- and if the callback is NULL then the API is not async and if provided
- it may be async. For example;
-
- SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
- unsigned char *src, SilcUInt32 src_len,
- unsigned char *dst, SilcUInt32 dst_size,
- SilcUInt32 *dst_len,
- SilcBool compute_hash, SilcHash hash,
- SilcPKCSSignCb async_sign,
- void *async_sign_context);
-
- (if this is done then there's no reason why the buffers in the
- callbacks cannot be the ones user gives here) or allow only async:
-
- SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
- unsigned char *src, SilcUInt32 src_len,
- SilcBool compute_hash, SilcHash hash,
- SilcPKCSSignCb async_sign,
- void *async_sign_context);
-
- or add new:
-
- SilcBool silc_pkcs_sign_async(SilcPrivateKey private_key,
- unsigned char *src, SilcUInt32 src_len,
- SilcBool compute_hash, SilcHash hash,
- SilcPKCSSignCb async_sign,
- void *async_sign_context);
- o Change PKCS Algorithm API to take SilcPKCSAlgorithm as argument to
- encrypt, decrypt, sign and verify functions. We may need to for exmaple
- check the alg->hash, supported hash functions. Maybe deliver it also
- to all other functions in SilcPKCSAlgorithm to be consistent.
+SILC Accelerator Library
+========================
- o Add DSS support. Take implementation from Tom or make it yourself.
+ o Diffie-Hellman acceleration to SILC Accelerator API.
- o Implement the defined SilcDH API. The definition is in
- lib/silccrypt/silcdh.h.
+ o Diffie-Hellman software acceleration.
- o All cipher, hash, hmac etc. allocation routines should take their name
- in as const char * not const unsigned char *.
+ o Hardware acceleration through OCF (OCF-Linux,
+ http://ocf-linux.sourceforge.net).
- o ECDSA and ECDH
+ o VIA Padlock support. See http://www.logix.cz/michal/devel/padlock/ and
+ Gladman's code.
+ o Implement GCM software acceleration.
-SILC Accelerator Library
-========================
+ o Add hash function acceleration to SILC Accelerator API.
o SILC Accelerator API. Provides generic way to use different kind of
accelerators. Basically implements SILC PKCS API so that SilcPublicKey
and SilcPrivateKey can be used but they call the accelerators.
-
- Something in the lines of (preliminary):
-
- /* Register accelerator to system */
- SilcBool silc_acc_register(const SilcAccelerator acc);
-
- /* Unregister accelerator */
- SilcBool silc_acc_unregister(const SilcAccelerator acc);
-
- /* Find existing accelerator. `name' is accelerators name and
- `params' is optional accelerator specific parameters. */
- SilcAccelerator silc_acc_find(const char *name, const char *params);
-
- /* Return accelerator's displayable name */
- const char *silc_ac_get_display_name(SilcAccelerator acc);
-
- /* Accelerate `public_key'. Return accelerated public key. */
- SilcPublicKey silc_acc_public_key(SilcAccelerator acc,
- SilcPublicKey public_key);
-
- /* Accelerate `private_key'. Returns accelerated private key. */
- SilcPrivateKey silc_acc_private_key(SilcAccelerator acc,
- SilcPrivateKey private_key);
-
- /* Return the underlaying public key */
- SilcPublicKey silc_acc_get_public_key(SilcAccelerator acc,
- SilcPublicKey public_key);
-
- /* Return the underlaying private key */
- SilcPrivateKey silc_acc_get_private_key(SilcAccelerator acc,
- SilcPrivateKey private_key);
-
- typedef struct SilcAcceleratorObject {
- const char *name; /* Accelerator's name */
- const char *display_name; /* Displayable name */
- SilcAcceleratorType type; /* Accelerator type */
- union {
- struct {
- SilcPKCSObject *pkcs; /* PKCS, may be NULL */
- SilcPKCSAlgorithm *algorithm; /* Accelerator */
- } pkcs;
-
- struct {
-
- } cipher;
- } u;
- } *SilcAccelerator, SilcAcceleratorStruct;
-
- SilcPublicKey->SilcSILCPublicKey->RsaPublicKey accelerated as:
- SilcPublicKey->SilcSILCPublicKey->SilcAcceleratorSoftware->RsaPublicKey or
- SilcPublicKey->SilcSILCPublicKey->SilcAcceleratorPublicKey->
- SilcAcceleratorSoftware->RsaPublicKey
-
- The former one if u.pkcs.pkcs == NULL.
+ (***DONE)
o Implement software accelerator. It is a thread pool system where the
public key and private key operations are executed in threads.
+ (***DONE)
- This implements SilcPKCSAlgorithm (and SilcPKCSObject if needed) that
- implements the thread acclerated system.
-
- (o Symmetric key cryptosystem acceleration? They are always sycnhronouos
- even with hardware acceleration so the crypto API shouldn't require
- changes.) maybe
+ o Add SilcCipher support to SilcAccelerator and software accelerator.
+ Accelerate at least ciphers using CTR mode which can be done in
+ parallel. Do it in producer/consumer fashion where threads generate
+ key stream and other thread(s) encrypt using the key stream. (***DONE)
lib/silcmath
============
- o Import TFM. Talk to Tom to add the missing functions. Use TFM in
- client and client library, but TMA in server, due to the significantly
- increased memory consumption with TFM, and the rare need for public
- key operations in server.
-
- We want TFM's speed but not TFM's memory requirements. Talk to Tom
- about making the TFM mp dynamic just as it is in LTM.
-
- o The SILC MP API function must start returning indication of success
- and failure of the operation.
-
- o Do SilcStack support for silc_mp_init, silc_mp_init_size and other
- any other MP function (including utility ones) that may allocate
- memory.
+ o Prime generation progress using callback instead of printing to
+ stdout.
o All utility functions should be made non-allocating ones.
+ o Import TFM. We want TFM's speed but its memory requirements are
+ just too much. By default it uses large pre-allocated tables which
+ will eat memory when there are thousands of public keys in system.
+ We probably want to change TFM. (***DONE)
-SILC XML Library, lib/silcxml/
-==============================
-
- o SILC XML API (wrapper to expat). The SILC XML API should follow and
- resemble Simple API for XML (SAX).
-
+ o Add AND, OR and XOR support to TFM. (***DONE)
-lib/silcske/silcske.[ch]
-========================
+ o The SILC MP API function must start returning indication of success
+ and failure of the operation. (***DONE)
- o Ratelimit to UDP/IP transport for incoming packets.
+ o Do SilcStack support for silc_mp_init and other MP function
+ (including utility ones) that may allocate memory. (***DONE)
lib/silcasn1
o SILC_ASN1_CHOICE should perhaps return an index what choice in the
choice list was found. Currently it is left for caller to figure out
- which choice was found.
+ which choice was found. (***DONE)
o SILC_ASN1_NULL in decoding should return SilcBool whether or not
the NULL was present. It's important when it's SILC_ASN1_OPTIONAL
- and we need to know whether it was present or not.
+ and we need to know whether it was present or not. (***DONE)
lib/silcpgp
===========
- o OpenPGP certificate support, allowing the use of PGP public keys
- in SILC.
+ o OpenPGP certificate support, allowing the use of PGP public keys and
+ private keys.
+ o Signatures for data, public keys and private keys (Signature packet).
-lib/silcssh
-===========
+ o Signature verification from public keys, private keys and other signed
+ data (Signature packet).
- o SSH2 public key/private key support, allowing the use of SSH2 keys
- in SILC. RFC 4716.
+ o Encryption and decryption support (Packet tags 8 and 18 most likely).
+ o Retrieval of User ID from public key and private key (Used ID packet
+ and User Attribute packet).
-lib/silcpkix
-============
+ o Creation of OpenPGP key pairs.
- o PKIX implementation
+ o Trust packet handling (GNU PG compatible) from public and private keys.
+ o Add option that the signature format doesn't use the OpenPGP format
+ but whatever is the default in SILC crypto library.
-lib/silcserver
-==============
- o (Re)write commands/command replys.
+lib/silcssh
+===========
- o (Re)write notify handling.
+ o Add option that the signature format doesn't use the SSH2 protocol
+ but whatever is the default in SILC crypto library;
+ silc_ssh_private_key_set_signature_type, or something.
- o The SERVER_SIGNOFF notify handing is not optimal, because it'll
- cause sending of multiple SIGNOFF notify's instead of the one
- SERVER_SIGNOFF notify that the server received. This should be
- optimized so that the only SERVER_SIGNOFF is sent and not
- SIGNOFF of notify at all (using SIGNOFF takes the idea about
- SERVER_SIGNOFF away entirely).
+ o SSH2 public key/private key support, allowing the use of SSH2 keys.
+ RFC 4716. (***DONE)
- o Another SERVER_SIGNOFF opt/bugfix: Currently the signoff is
- sent to a client if it is on same channel as the client that
- signoffed. However, the entire SERVER_SIGNOFF list is sent to
- the client, ie. it may receive clients that was not on the
- same channel. This is actually against the specs. It must be
- done per channel. It shouldn't receive the whole list just
- because one client happened to be on same channel.
- o Add reference counters to all Silc*Entry structures
+lib/silcpkix
+============
+
+ o PKIX implementation
+
- o SERVICEs support (plugin, SIM)
+lib/silccms
+===========
- o If client's public key is saved in the server (and doing public key
- authentication) then the hostname and the username information could
- be taken from the public key. Should be a configuration option!
+ o Cryptographic Message Syntax (RFC 3852), the former PKCS #7
- o Add a timeout to handling incoming JOIN commands. It should be
- enforced that JOIN command is executed only once in a second or two
- seconds. Now it is possible to accept n incoming JOIN commands
- and process them without any timeouts. THis must be employed because
- each JOIN command will create and distribute the new channel key
- to everybody on the channel.
- o Related to above. If multiple JOINs are received in sequence perhaps
- new key should be created only once, if the JOINs are handeled at the same
- time. Now we create multiple keys and never end up using them because
- many JOINs are processed at the same time in sequence. Only the last
- key ends up being used.
+lib/silcsmime
+=============
- o The CMODE cipher & hmac change problem (#101).
+ o S/MIME (RFC 3851)