X-Git-Url: http://git.silc.fi/gitweb/?p=crypto.git;a=blobdiff_plain;f=TODO;h=65b6a4e92497711c93c08d8995a97419db3f204e;hp=0286afdc2eee38c60e5a20dd9c327db88845023c;hb=57af98efbd82c4c89c81850f42b02585fed1a16a;hpb=0026e15ac3e8f57f1816f72197e2b90e4cb9dd01 diff --git a/TODO b/TODO index 0286afdc..65b6a4e9 100644 --- a/TODO +++ b/TODO @@ -1,458 +1,221 @@ -TODO for 1.1 And Beyond +TODO for 1.2 And Beyond ======================= NOTE: Any item that doesn't have (***DONE) in it, isn't done yet. The (***TESTING NEEDED) means that the item has been done but not yet properly tested. +NOTE: A TODO entry does not mean that it is ever going to be done. Some +of the entries may be just ideas, good, bad or ugly. If you want to work +on some of the TODO entries simply let us know about it by dropping a note +to silc-devel mailing list or appear on 'silc' channel on SILCNet. -apps/silcd, The SILC Server ****PARTLY DONE**** -=========================== - o Port all code to use SILC Toolkit 1.1 APIs. +Crypto Library, lib/silccrypt/ +============================== - o Remove protocol.[ch]. + o SilcHmac must be replaced with generic SilcMac so that we can add + others than just HMAC algorithms. Backwards support (via #define's) + must be preserved. - o Rewrite connecting accepting. + o Change the DSA implementation to support FIPS186-3. This means that + the q length is determined by the key length. Also note that specific + hash functions must be used with different q lengths. - o Rewrite async connecting + o AES CBC is missing proper alignment code (see silc_1_1_branch). - o Connecting from SILC router to SILC server. + o The asynchronous functions to perhaps to _async to preserve backwards + compatibility with synchronous versions, and make easier to migrate + from 1.1 to 1.2. - o Rewrite rehash, HUP. + o Do GCC vs ICC benchmarks of all key algorithms. - o Add Web statistics module using lib/silchttp. Give out server - statistics. + o silc_pkcs_public_key_alloc should accept also SILC_PKCS_ANY as argument + and try all supported PKCS until one succeeds (ala load_public_key). + o Add fingerprint to SilcSILCPublicKey and retrieval to silcpk.h, and + possibly to silcpkcs.h. -SILC Client ****PARTLY DONE**** -=========== - - o Porting to new Toolkit API and new Client Library API (***TESTING NEEDED) - - o Improve help files, especially /cmode, /cumode and /key. - - -lib/silcclient, The Client Library ***PARTLY DONE**** -================================== - - o in JOIN notify handle resolving that timedout. Currently the user is - never joined the channel if this happens. What to do if message is - received from user that hasn't been resolved/joined? (maybe 1.1, latest - 1.2) - - o silcclient.h clean up and API rewrites. - - o silcclient_entry.h finishing, all entry relates APIs to this header. - - o SilcChannelEntry, SilcServerEntry, SilcChannelUser, allocating, - freeing, finding, etc. rewrite. Also making them reference counted for - multi threads use. (***DONE) - - o Rewrite silc_client_get_clients_by_channel. - - o Rewrite client side WHOIS command (for whois -details). (***DONE) - - o Finish all the missing SILC packet processings, rewrites. (***DONE) - - o The client_notify.c rewrite. (***DONE) - - o Resuming to client_register.c (remove client_resume.c) (***DONE) - - o Rekey rewrite. (***DONE) - - o Remove protocol.[ch]. (***DONE) - - o File transfer rewrite. (***DONE) - - o File transfer API documentation. - - o Connection auth request. (***DONE) - - o Password auth test, public key auth test. - - o Starting key exchange directly, rewrite. (***DONE) - - o Channel messages, channel private keys, channel entires, channel - search, etc. rewrite. (***TESTING NEEDED) - - o For many APIs leave the hash context allocations to the caller instead - of using client->sha1hash and client->md5hash, or some kind of thread - safe (no locking) concept. (***DONE) - - o Key agreement rewrite. (***TESTING NEEDED) - - o Connecting to remote client (***DONE) - - o peer-to-peer private messages - - o Private message waiting API (in threads) (***TESING NEEDED) - - o client_attrs.c, attributes rewrite. (***TESTING NEEDED) - - o No SilcBuffer lists back to application in command_reply operations. - Convert them all to real lists and/or structures for easier use. - (***DONE) - - o Nickname formatting rewrite. (***TESTING NEEDED) - - o UDP connections. (***TESTING NEEDED) - - o Message ACKing. - - o in /cmode and /cumode with +r, maybe the public key and private key - could be just some "string", which would then match to "string.pub" and - "string.prv". - - o All packet waiting timeout tests and error condition tests. - - -lib/silcsftp ****DONE**** -============ - - o Porting to use the new util library. (***DONE) - - o Read-ahead (1.2) - - -lib/silccore/silcpacket.[ch] ****PARTLY DONE**** -============================ - - o Implement silc_packet_engine_stop and silc_packet_stream_destroy. - - o Implement ACK packet and packet payload. - - o SilcPacketEngine. (***DONE) - - o New SILC Packet API. (***DONE) - - -lib/silccore/silcpacket.[ch] ****PARTLY DONE**** -============================ - - o IV Included flag support, UDP transport support (***TESTING NEEDED) - - o SILC_PACKET_FLAG_ACK support. - - -lib/silccore/silcid.[ch] ****DONE**** -======================== - - o Add silc_id_str2id to accept the destination buffer as argument - and thus not require any memory allocation. Same will happen - with silc_id_payload_* functions. (***DONE) - - o silc_id_str2id, silc_id2str to non-allocating routines. (***DONE) - - -lib/silcskr -=========== - - o Removing key from the repository is not possible currently. It should - be. - - o Add fingerprint as search constraint. - - -lib/silcske/silcske.[ch] ***PARTLY DONE**** -======================== - - o Ratelimit to UDP/IP transport for incoming packets. - - o IV Included flag support in SKE (***DONE) + /* Return fingerprint of the `public_key'. Returns also the algorithm + that has been used to make the fingerprint. */ + const unsigned char * + silc_pkcs_get_fingerprint(SilcPublicKey public_key, + const char **hash_algorithm, + SilcUInt32 *fingerprint_len); - o UDP transport changes; retransmission support by using exponential - backoff algorithm. (***DONE) + o Add DSA support to SILC public key. - o SilcConnAuth header file documentation. (***DONE) + o Global RNG must be changed to use SILC Global API. + o Add silc_crypto_init and silc_crypto_uninit. The _init should take + SilcStack that will act as global memory pool for all of crypto + library. It should not be necessary anymore to separately register + default ciphers, HMACs, etc, the _init would do that. However, if + user after _init calls silc_pkcs_register, for example, it would take + preference over the default once, ie. user can always dictate the + order of algorithms. (***DONE) -lib/silccrypt ****PARTLY DONE**** -============= + o Change SILC PKCS API to asynchronous, so that accelerators can be used. + All PKCS routines should now take callbacks as argument and they should + be delivered to SilcPKCSObject and SilcPKCSAlgorithm too. (***DONE) - o Implement SILC Public Key Version 2 handling in sign/verify. Implement - Version (V) identifier (***DONE) + o Change PKCS Algorithm API to take SilcPKCSAlgorithm as argument to + encrypt, decrypt, sign and verify functions. We may need to for exmaple + check the alg->hash, supported hash functions. Maybe deliver it also + to all other functions in SilcPKCSAlgorithm to be consistent. (***DONE) - o Add fingerprint to SilcSILCPublicKey and retrieval to silcpk.h. - - o Implement PKCS #1 sign/verify with hash OID. (***TESTING NEEDED) - - o SILC PKCS (silcpkcs.h) reorganizing when other PK supports added. - Move the SILC Public Key routines away from the crypto library into - the core library (silccore). silc_pkcs_public/private_key_* routines - to silc_public/private_key_* routines. The silc_public_key_* routines - should also automatically handle SILC Public Keys, and other keys - and certificates as well. Add fe. silcpk.h into silccore. It should - also include the Public Key Payload encoding and decoding routines. - (***DONE) - - o Assembler AES (***DONE) + o Add DSS support. (***DONE) o Implement the defined SilcDH API. The definition is in - lib/silccrypt/silcdh.h. (1.2) - - o SSH2 public keys support, allowing the use of SSH2 public keys in - SILC. (1.2) + lib/silccrypt/silcdh.h. Make sure it is asynchronous so that it can + be accelerated. Also take into account that it could use elliptic + curves. - o Add DSS support (1.2) - - o ECDSA and ECDH (1.2) - - -lib/silcutil ****PARTLY DONE**** -============ + o All cipher, hash, hmac etc. allocation routines should take their name + in as const char * not const unsigned char *. (***DONE) - o The regex code from lib/contrib might compile fine on all platforms. - No need to make it silcutil/unix/ specific. Add them to generic - silcutil.c. + o Add ECDSA support. - o silc_stringprep to non-allocating version. + o Add ECDH support. - o Compression routines are missing. The protocol supports packet - compression thus it must be implemented. SILC Zip API must be - defined. - o bool -> SilcBool (***DONE) - - o Silc FD Stream to WIN32 (lib/silcutil/silcfdstream.h) - - o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least. - SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled - in separately. (1.2) - - -lib/silcutil/silcbuffer.h ****DONE**** +SKR Library, lib/silcskr/ ========================= - o Remove the `truelen' field from SilcBuffer as it is entirely - redundant since we can get the true length of the buffer by - doing buffer->end - buffer->header. Add silc_buffer_truelen - macro instead. Consider also removing `len' field too since - it effectively is buffer->tail - buffer->data, and adding - silc_buffer_len macro can do the same. These would save - totally 8 bytes of memory per buffer. (***DONE) - - -lib/silcutil/silcbuffmt.[ch] ****DONE**** -============================ - - o SilcStack aware silc_buffer_unformat (***DONE) - - o SilcStack aware silc_buffer_format (***DONE) - - o silc_buffer_format reallocates automatically (***DONE) - - o SILC_STR_OFFSET (***DONE) - - -lib/silcutil/silcstack.[ch] ****DONE**** -=========================== - - o Data stack implementation (***DONE) - + o Add fingerprint as search constraint. -lib/silcutil/silcstream.[ch] ****DONE**** -============================ + o Add SSH support. (***DONE, TESTING NEEDED) - o Add abstract SilcStream. (***DONE) + o Add OpenPGP support. Adding, removing, fetching PGP keys. (Keyring + support?) + o Add support for importing public keys from a directory and/or from a + file. Add support for exporting the repository (different formats for + different key types?). -lib/silcutil/silcsocketstream.[ch] ****PARTY DONE**** -================================== + o Change the entire silc_skr_find API. Remove SilcSKRFind and just simply + add the find constraints as variable argument list to silc_skr_find, eg: - o Add SilcSocketStream (***DONE) + silc_skr_find(skr, schedule, callback, context, + SILC_SKR_FIND_PUBLIC_KEY, public_key, + SILC_SKR_FIND_COUNTRY, "FI", + SILC_SKR_FIND_USAGE, SILC_SKR_USAGE_AUTH, + SILC_SKR_FIND_END); - o Add SilcSocketStream for WIN32 + NULL argument would be ignored and skipped. - o Handle EOS sending to upper layer properly + o Add OR logical rule in addition of the current default AND, eg: - o Test QoS after the changes made to socket stream + // Found key(s) MUST have this public key AND this country. + silc_skr_find(skr, schedule, callback, context, + SILC_SKR_FIND_RULE_AND, + SILC_SKR_FIND_PUBLIC_KEY, public_key, + SILC_SKR_FIND_COUNTRY, "FI", + SILC_SKR_FIND_END); + // Found key(s) MUST have this public key OR this key context + silc_skr_find(skr, schedule, callback, context, + SILC_SKR_FIND_RULE_OR, + SILC_SKR_FIND_PUBLIC_KEY, public_key, + SILC_SKR_FIND_CONTEXT, key_context, + SILC_SKR_FIND_END); -lib/silcutil/silcschedule*.[ch] ****PARTLY DONE**** -=============================== + o SilcStack to SKR API. - o Scheduler can be optimized for FD tasks by changing the fd_queue - to SilcHashTable instead of using linked list. We need to do - one-to-one mapping of FD to task and hash table is more efficient - for this usage. - Also redefine the silc_select to perhaps return a separate - structure of the events that actually occurred, instead of - returning the events in the fd_list which is then traversed - in the generic code to find the changed events. This can be - made faster by having own struct which includes only the - changed events, thus the tarversing is faster since the whole - fd_list is not traversed anymore (it is still traversed in the - silc_select but at least it removes one extra tarversing later - for the same list). +SILC Accelerator Library +======================== - Other task queues should be changed to use SilcList. (***DONE) + o Diffie-Hellman acceleration - o Add SILC scheduler's internal routines into a table of implementation - function pointers, that the generic code then takes as extern from - implementation. These are the silc_schedule_internal_* routines. + o SILC Accelerator API. Provides generic way to use different kind of + accelerators. Basically implements SILC PKCS API so that SilcPublicKey + and SilcPrivateKey can be used but they call the accelerators. (***DONE) - o Change SILC_TASK_CALLBACK to non-static, and remove the macro - SILC_TASK_CALLBACK_GLOBAL. (***DONE) - - o SILC Schedule API changes to WIN32. - - -lib/silcutil/silcasync.[ch] ****DONE**** -=========================== - - o Add SilcAsyncOperation to utility library. Any function that takes - callback as an argument must/should return SilcAsyncOperation. + o Implement software accelerator. It is a thread pool system where the + public key and private key operations are executed in threads. (***DONE) - -lib/silcutil/silctime.[ch] ****PARTLY DONE**** -=========================== - - o SilcTime. (***DONE) - - o system time, universal, generalized. (***DONE) - - o Fix universal time decoding (doesn't accept all forms) in silctime.c. - - -lib/silcutil/silcfsm.[ch] ****DONE**** -========================= - - o SILC Finite State Machine API. Replaces SILC Protocol API (***DONE) - - -lib/silcutil/silcnet*, lib/silcutil/*/silc*net* ****PARTLY DONE**** -=============================================== - - o Add UDP interface (***DONE) - - o Add UDP interface for WIN32 - - o New network interfaces (***DONE) + o Add SilcCipher support to SilcAccelerator and software accelerator. + Accelerate at least ciphers using CTR mode which can be done in + parallel. Do it in producer/consumer fashion where threads generate + key stream and other thread(s) encrypt using the key stream. (***DONE) lib/silcmath ============ - o Import TFM. Talk to Tom to add the missing functions. Use TFM in - client and client library, but TMA in server, due to the significantly - increased memory consumption with TFM, and the rare need for public - key operations in server. - - o Change LTM and TFM function names when importing to SILC tree to avoid - rare linking problems on system that has same named symbols already in - the system. - - o The SILC MP API function must start returning indication of success - and failure of the operation. - - o Do SilcStack support for silc_mp_init, silc_mp_init_size and other - any other MP function (including utility ones) that may allocate - memory. - - o Test on x86_64. + o Prime generation progress using callback instead of printing to + stdout. o All utility functions should be made non-allocating ones. + o Import TFM. We want TFM's speed but its memory requirements are + just too much. By default it uses large pre-allocated tables which + will eat memory when there are thousands of public keys in system. + We probably want to change TFM. (***DONE) -lib/silcutil/symbian/ ****PARTLY DONE**** -===================== - - o lib/silcutil/symbian routines missing or not completed. - (****TESTING NEEDED) + o Add AND, OR and XOR support to TFM. (***DONE) - o Something needs to be thought to the logging globals as well, - like silc_debug etc. They won't work on EPOC. Perhaps logging - and debugging is to be disabled on EPOC. - - -lib/silcasn1 ****PARTLY DONE**** -============ - - o ASN.1 library (***DONE) - - o Header documentation missing. (***DONE) - - o Some string encodings missing (copy/paste matter). (***DONE) + o The SILC MP API function must start returning indication of success + and failure of the operation. (***DONE) - o Negative integer encoding + o Do SilcStack support for silc_mp_init, silc_mp_init_size and other + any other MP function (including utility ones) that may allocate + memory. (***DONE) -lib/silccore +lib/silcasn1 ============ - o All payload encoding routines should take SilcStack as argument. (1.2) - - o All payload test routines into lib/silccore/tests/. + o Negative integer encoding is missing, add it. + o SILC_ASN1_CHOICE should perhaps return an index what choice in the + choice list was found. Currently it is left for caller to figure out + which choice was found. (***DONE) -lib/silcpkix (1.2) -============ - - o PKIX implementation + o SILC_ASN1_NULL in decoding should return SilcBool whether or not + the NULL was present. It's important when it's SILC_ASN1_OPTIONAL + and we need to know whether it was present or not. (***DONE) -lib/silcpgp (1.2) +lib/silcpgp =========== - o OpenPGP certificate support, allowing the use of PGP public keys - in SILC. + o OpenPGP certificate support, allowing the use of PGP public keys and + private keys. + o Signatures for data, public keys and private keys (Signature packet). -lib/silcserver (1.2) -============== + o Signature verification from public keys, private keys and other signed + data (Signature packet). - o (Re)write commands/command replys. + o Encryption and decryption support (Packet tags 8 and 18 most likely). - o (Re)write notify handling. + o Retrieval of User ID from public key and private key (Used ID packet + and User Attribute packet). - o The SERVER_SIGNOFF notify handing is not optimal, because it'll - cause sending of multiple SIGNOFF notify's instead of the one - SERVER_SIGNOFF notify that the server received. This should be - optimized so that the only SERVER_SIGNOFF is sent and not - SIGNOFF of notify at all (using SIGNOFF takes the idea about - SERVER_SIGNOFF away entirely). + o Creation of OpenPGP key pairs. - o Another SERVER_SIGNOFF opt/bugfix: Currently the signoff is - sent to a client if it is on same channel as the client that - signoffed. However, the entire SERVER_SIGNOFF list is sent to - the client, ie. it may receive clients that was not on the - same channel. This is actually against the specs. It must be - done per channel. It shouldn't receive the whole list just - because one client happened to be on same channel. + o Trust packet handling (GNU PG compatible) from public and private keys. - o MAYBE: The SilcChannelClientEntry can be: - SilcUInt32 address; - SilcUInt32 mode; + o Add option that the signature format doesn't use the OpenPGP format + but whatever is the default in SILC crypto library. - where address is SilcClientEntry address XOR SilcChannelEntry. - You can get SilcClientEntry by doing client = chl->address XOR channel, - and SilcChannelEntry by doing channel = chl->address XOR client. - As long as the other pointer is always available when accessing the - structure this can be done. - o Add reference counters to all Silc*Entry structures +lib/silcssh +=========== - o SERVICEs support (plugin, SIM) + o Add option that the signature format doesn't use the SSH2 protocol + but whatever is the default in SILC crypto library; + silc_ssh_private_key_set_signature_type, or something. - o If client's public key is saved in the server (and doing public key - authentication) then the hostname and the username information could - be taken from the public key. Should be a configuration option! + o SSH2 public key/private key support, allowing the use of SSH2 keys. + RFC 4716. (***DONE) - o Add a timeout to handling incoming JOIN commands. It should be - enforced that JOIN command is executed only once in a second or two - seconds. Now it is possible to accept n incoming JOIN commands - and process them without any timeouts. THis must be employed because - each JOIN command will create and distribute the new channel key - to everybody on the channel (Fix this to 0.9.x). - o Related to above. If multiple JOINs are received in sequence perhaps - new key should be created only once, if the JOINs are handeled at the same - time. Now we create multiple keys and never end up using them because - many JOINs are processed at the same time in sequence. Only the last - key ends up being used. +lib/silcpkix +============ - o The CMODE cipher & hmac change problem (#101). + o PKIX implementation