|
| #define | mpdc_cipher_generate_keypair qsc_kyber_generate_keypair |
| | MPDC function mapping macros.
|
| |
|
#define | mpdc_cipher_decapsulate qsc_kyber_decapsulate |
| | Decapsulate a shared-secret with the asymmetric cipher.
|
| |
|
#define | mpdc_cipher_encapsulate qsc_kyber_encapsulate |
| | Encapsulate a shared-secret with the asymmetric cipher.
|
| |
|
#define | mpdc_signature_generate_keypair qsc_dilithium_generate_keypair |
| | Generate an asymmetric signature key-pair.
|
| |
|
#define | mpdc_signature_sign qsc_dilithium_sign |
| | Sign a message with the asymmetric signature scheme.
|
| |
|
#define | mpdc_signature_verify qsc_dilithium_verify |
| | Verify a message with the asymmetric signature scheme.
|
| |
|
#define | MPDC_ASYMMETRIC_CIPHERTEXT_SIZE (QSC_KYBER_CIPHERTEXT_SIZE) |
| | The byte size of the asymmetric cipher-text array.
|
| |
|
#define | MPDC_ASYMMETRIC_PRIVATE_KEY_SIZE (QSC_KYBER_PRIVATEKEY_SIZE) |
| | The byte size of the asymmetric cipher private-key array.
|
| |
|
#define | MPDC_ASYMMETRIC_PUBLIC_KEY_SIZE (QSC_KYBER_PUBLICKEY_SIZE) |
| | The byte size of the asymmetric cipher public-key array.
|
| |
|
#define | MPDC_ASYMMETRIC_SIGNATURE_SIZE (QSC_DILITHIUM_SIGNATURE_SIZE) |
| | The byte size of the asymmetric signature array.
|
| |
|
#define | MPDC_ASYMMETRIC_SIGNING_KEY_SIZE (QSC_DILITHIUM_PRIVATEKEY_SIZE) |
| | The byte size of the asymmetric signature signing-key array.
|
| |
|
#define | MPDC_ASYMMETRIC_VERIFICATION_KEY_SIZE (QSC_DILITHIUM_PUBLICKEY_SIZE) |
| | The byte size of the asymmetric signature verification-key array.
|
| |
|
#define | MPDC_CHILD_CERTIFICATE_STRING_SIZE 10311 |
| | The encoded certificate string length.
|
| |
|
#define | MPDC_PARAMATERS_DILITHIUM_KYBER_D5K5 |
| | The Dilithium D1K1 parameter set.
|
| |
|
#define | MPDC_ROOT_CERTIFICATE_STRING_SIZE 3919 |
| | The root certificate encoded string size.
|
| |
|
#define | MPDC_SIGNATURE_ENCODING_SIZE 6172 |
| | The encoded signature size.
|
| |
|
#define | MPDC_VERIFICATION_KEY_ENCODING_SIZE 3456 |
| | The verification key size.
|
| |
|
#define | MPDC_ACTIVE_VERSION 1 |
| | The MPDC active version.
|
| |
|
#define | MPDC_ACTIVE_VERSION_SIZE 2 |
| | The MPDC active version size.
|
| |
|
#define | MPDC_APPLICATION_AGENT_PORT 37766 |
| | The default Agent port number.
|
| |
|
#define | MPDC_AGENT_FULL_TRUST 1000001 |
| | The full trust designation number.
|
| |
|
#define | MPDC_AGENT_MINIMUM_TRUST 1 |
| | The minimum trust designation number.
|
| |
|
#define | MPDC_AGENT_NAME_MAX_SIZE 256 |
| | The maximum agent name string length in characters. The last character must be a string terminator.
|
| |
|
#define | MPDC_AGENT_TWOWAY_TRUST 1000002 |
| | The two-way trust designation number.
|
| |
|
#define | MPDC_APPLICATION_CLIENT_PORT 37761 |
| | The default MPDC Client port number.
|
| |
|
#define | MPDC_APPLICATION_DLA_PORT 37762 |
| | The default DLA port number.
|
| |
|
#define | MPDC_APPLICATION_IDG_PORT 37763 |
| | The default MPDC IDG port number.
|
| |
|
#define | MPDC_APPLICATION_RDS_PORT 37764 |
| | The default RDS port number.
|
| |
|
#define | MPDC_APPLICATION_MAS_PORT 37765 |
| | The default MPDC MAS port number.
|
| |
|
#define | MPDC_CANONICAL_NAME_MINIMUM_SIZE 3 |
| | The minimum canonical name size.
|
| |
|
#define | MPDC_CERTIFICATE_ADDRESS_SIZE 22 |
| | The maximum IP address length.
|
| |
|
#define | MPDC_CERTIFICATE_ALGORITHM_SIZE 1 |
| | The algorithm type.
|
| |
|
#define | MPDC_CERTIFICATE_DEFAULT_PERIOD ((uint64_t)365 * 24 * 60 * 60) |
| | The default certificate validity period in milliseconds.
|
| |
|
#define | MPDC_CERTIFICATE_DESIGNATION_SIZE 1 |
| | The size of the child certificate designation field.
|
| |
|
#define | MPDC_CERTIFICATE_EXPIRATION_SIZE 16 |
| | The certificate expiration date length.
|
| |
|
#define | MPDC_CERTIFICATE_HASH_SIZE 32 |
| | The size of the certificate hash in bytes.
|
| |
|
#define | MPDC_CERTIFICATE_ISSUER_SIZE 256 |
| | The maximum certificate issuer string length. The last character must be a string terminator.
|
| |
|
#define | MPDC_CERTIFICATE_LINE_LENGTH 64 |
| | The line length of the printed MPDC certificate.
|
| |
|
#define | MPDC_CERTIFICATE_MAXIMUM_PERIOD (MPDC_CERTIFICATE_DEFAULT_PERIOD * 2) |
| | The maximum certificate validity period in milliseconds.
|
| |
|
#define | MPDC_CERTIFICATE_MINIMUM_PERIOD ((uint64_t)1 * 24 * 60 * 60) |
| | The minimum certificate validity period in milliseconds.
|
| |
|
#define | MPDC_CERTIFICATE_SERIAL_SIZE 16 |
| | The certificate serial number field length.
|
| |
|
#define | MPDC_CERTIFICATE_HINT_SIZE (MPDC_CERTIFICATE_HASH_SIZE + MPDC_CERTIFICATE_SERIAL_SIZE) |
| | The topological hint.
|
| |
|
#define | MPDC_CERTIFICATE_SIGNED_HASH_SIZE (MPDC_ASYMMETRIC_SIGNATURE_SIZE + MPDC_CERTIFICATE_HASH_SIZE) |
| | The size of the signature and hash field in a certificate.
|
| |
|
#define | MPDC_CERTIFICATE_VERSION_SIZE 1 |
| | The version id.
|
| |
| #define | MPDC_CERTIFICATE_CHILD_SIZE |
| | The length of a child certificate.
|
| |
| #define | MPDC_CERTIFICATE_IDG_SIZE |
| | The length of an IDG certificate.
|
| |
| #define | MPDC_CERTIFICATE_ROOT_SIZE |
| | The length of the root certificate.
|
| |
|
#define | MPDC_CRYPTO_SYMMETRIC_KEY_SIZE 32 |
| | The byte length of the symmetric cipher key.
|
| |
|
#define | MPDC_CRYPTO_SYMMETRIC_NONCE_SIZE 32 |
| | The byte length of the symmetric cipher nonce.
|
| |
|
#define | MPDC_CRYPTO_SEED_SIZE 64 |
| | The seed array byte size.
|
| |
|
#define | MPDC_CRYPTO_SYMMETRIC_TOKEN_SIZE 32 |
| | The byte length of the symmetric token.
|
| |
|
#define | MPDC_CRYPTO_SYMMETRIC_HASH_SIZE 32 |
| | The hash function output byte size.
|
| |
|
#define | MPDC_CRYPTO_SYMMETRIC_MAC_SIZE 32 |
| | The MAC function output byte size.
|
| |
|
#define | MPDC_CRYPTO_SYMMETRIC_SECRET_SIZE 32 |
| | The shared secret byte size.
|
| |
|
#define | MPDC_CRYPTO_SYMMETRIC_SESSION_KEY_SIZE 32 |
| | The session key security size.
|
| |
|
#define | MPDC_DLA_CONVERGENCE_INTERVAL (60 * 60 * 24) |
| | The interval between agent convergence checks (default is 24 hours).
|
| |
|
#define | MPDC_DLA_IP_MAX 0x41 |
| | The maximum ip address length.
|
| |
|
#define | MPDC_DLA_PENALTY_MAX 0x100 |
| | The maximum unreachable penalty before the DLA is deemed unreliable.
|
| |
|
#define | MPDC_DLA_REDUCTION_INTERVAL 1000000 |
| | The time before a penalty is reduced for a flapping DLA in milliseconds.
|
| |
| #define | MPDC_DLA_UPDATE_WAIT_TIME (7 * 24 * 60 * 60) |
| | The interval in milliseconds between topology full updates.
|
| |
|
#define | MPDC_ERROR_STRING_DEPTH 26 |
| | The number of error strings.
|
| |
|
#define | MPDC_ERROR_STRING_WIDTH 128 |
| | The maximum size in characters of an error string.
|
| |
|
#define | MPDC_MESSAGE_MAX_SIZE 1400000 |
| | The maximum message size (max signature + max certificate sizes).
|
| |
|
#define | MPDC_MFK_EXPIRATION_PERIOD ((uint64_t)60 * 24 * 60 * 60) |
| | The MFK validity period in milliseconds.
|
| |
|
#define | MPDC_MINIMUM_PATH_LENGTH 9 |
| | The minimum file path length.
|
| |
|
#define | MPDC_NETWORK_CONNECTION_MTU 1500 |
| | The MPDC packet buffer size.
|
| |
|
#define | MPDC_NETWORK_DOMAIN_NAME_MAX_SIZE 256 |
| | The maximum domain name length in characters. The last character must be a string terminator.
|
| |
|
#define | MPDC_NETWORK_MAX_AGENTS 1000000 |
| | The maximum number of agent connections in a network.
|
| |
|
#define | MPDC_NETWORK_NODE_ID_SIZE 16 |
| | The node identification string length.
|
| |
|
#define | MPDC_PERIOD_DAY_TO_SECONDS (24 * 60 * 60) |
| | A period of one day in seconds.
|
| |
|
#define | MPDC_SOCKET_TERMINATOR_SIZE 1 |
| | The packet delimiter byte size.
|
| |
|
#define | MPDC_PACKET_ERROR_SIZE 1 |
| | The packet error message byte size.
|
| |
|
#define | MPDC_PACKET_HEADER_SIZE 22 |
| | The MPDC packet header size.
|
| |
|
#define | MPDC_PACKET_SUBHEADER_SIZE 16 |
| | The MPDC packet sub-header size.
|
| |
|
#define | MPDC_PACKET_SEQUENCE_TERMINATOR 0xFFFFFFFFUL |
| | The sequence number of a packet that closes a connection.
|
| |
|
#define | MPDC_PACKET_TIME_SIZE 8 |
| | The byte size of the serialized packet time parameter.
|
| |
|
#define | MPDC_PACKET_TIME_THRESHOLD 60 |
| | The maximum number of seconds a packet is valid.
|
| |
|
#define | MPDC_NETWORK_TERMINATION_MESSAGE_SIZE 1 |
| | The network termination message size.
|
| |
|
#define | MPDC_NETWORK_TERMINATION_PACKET_SIZE (MPDC_PACKET_HEADER_SIZE + MPDC_NETWORK_TERMINATION_MESSAGE_SIZE) |
| | The network termination packet size.
|
| |
|
#define | MPDC_X509_CERTIFICATE_SIZE 4096 |
| | x509 implementation where algorithm/signature output size is stored.
|
| |
|
#define | MPDC_IDG_HINT_SIZE (MPDC_CERTIFICATE_HASH_SIZE + MPDC_CERTIFICATE_SERIAL_SIZE) |
| | Hint query; certificate hash, root serial number hi=(H(cert) | rsn) idg query asks if a peer knows of the root security server for a domain; if the peer does know the root of the other domain, it sends back information about that rds (address, certificate hash, root serial number, and trust metric).
|
| |
|
#define | MPDC_PROTOCOL_SET_SIZE 41 |
| | The size of the protocol configuration string.
|
| |
|
#define | MPDC_NETWORK_ERROR_STRING_DEPTH 28 |
| |
|
#define | MPDC_NETWORK_ERROR_STRING_SIZE 128 |
| |
MPDC Common Definitions and Protocol Configuration.
This header defines the common constants, macros, enumerations, structures, and function prototypes for the Multi-Party Domain Cryptosystem (MPDC). It provides configuration for the cryptographic parameter sets, certificate handling, network protocol operations, and socket communication required to implement the MPDC protocol.
The MPDC protocol leverages a combination of asymmetric cipher and signature schemes from the QSC library. The parameter sets can be configured in the QSC library's common.h file. For maximum security, the McEliece/SPHINCS+ parameter set is recommended; for a balance of performance and security, the Dilithium/Kyber parameter set is advised.
Key components defined in this header include:
- Function Mapping Macros: Aliases that map MPDC high-level cryptographic operations (key generation, encapsulation/decapsulation, signing, and verification) to the corresponding functions in the QSC library, based on the selected configuration.
- Modifiable Constants: Preprocessor definitions that enable or disable protocol features (e.g., client-to-client encrypted tunneling, master fragment key cycling, IPv6 networking, and extended session security).
- Parameter Macros: Definitions for key sizes, certificate field sizes, network settings, and timing values that ensure consistency across the MPDC protocol implementation.
- Enumerations: Enumerated types for MPDC configuration sets, network designations, network and protocol error codes, and version sets.
- Structures: Data structures representing various certificates (child, IDG, root), connection and keep alive states, network packets, and cryptographic key pairs. These structures are central to protocol operations such as certificate management and secure message exchange.
- Static Constants: Predefined strings for certificate header/footer information and network designation labels.
- Public API Functions: Prototypes for functions handling connection management, packet encryption/decryption, packet serialization/deserialization, and error string conversion.
- Note
- When using the McEliece/SPHINCS+ configuration in Visual Studio, it is recommended to increase the maximum stack size (for example, to 200KB) to accommodate the larger key sizes.
- Test
- Although this header does not directly implement test routines, it underpins multiple test modules that validate:
- The correct mapping of MPDC high-level function calls to the underlying QSC library routines.
- The consistency and accuracy of defined constants (e.g., key sizes, certificate sizes, network parameters).
- The proper serialization/deserialization of packet headers and full packets (via mpdc_packet_header_serialize and mpdc_stream_to_packet).
- The correct conversion of error codes to descriptive strings (using mpdc_network_error_to_string and mpdc_protocol_error_to_string).
These tests collectively ensure the robustness, consistency, and security of the MPDC protocol configuration.
1.13.2