The SKDP listener. More...

#include "common.h"
#include "skdp.h"
#include "../../QSC/QSC/rcs.h"
#include "../../QSC/QSC/socketserver.h"

Data Structures
struct	skdp_server_state
	The SKDP server state structure. More...

Typedefs
typedef SKDP_EXPORT_API struct skdp_server_state	skdp_server_state

Functions
SKDP_EXPORT_API void	skdp_server_connection_close (skdp_server_state ctx, qsc_socket sock, skdp_errors error)
	Close the remote session and dispose of server resources.

SKDP_EXPORT_API void	skdp_server_send_error (const qsc_socket *sock, skdp_errors error)
	Send an error code to the remote host.

SKDP_EXPORT_API skdp_errors	skdp_server_send_keep_alive (skdp_keep_alive_state kctx, const qsc_socket sock)
	Send a keep-alive message to the remote host.

SKDP_EXPORT_API void	skdp_server_initialize (skdp_server_state ctx, const skdp_server_key skey)
	Initialize the SKDP server state.

SKDP_EXPORT_API skdp_errors	skdp_server_listen_ipv4 (skdp_server_state ctx, qsc_socket sock, const qsc_ipinfo_ipv4_address *address, uint16_t port)
	Run the IPv4 networked key exchange function.

SKDP_EXPORT_API skdp_errors	skdp_server_listen_ipv6 (skdp_server_state ctx, qsc_socket sock, const qsc_ipinfo_ipv6_address *address, uint16_t port)
	Run the IPv6 networked key exchange function.

SKDP_EXPORT_API skdp_errors	skdp_server_decrypt_packet (skdp_server_state ctx, const skdp_network_packet packetin, uint8_t message, size_t msglen)
	Decrypt a received SKDP packet.

SKDP_EXPORT_API skdp_errors	skdp_server_encrypt_packet (skdp_server_state ctx, const uint8_t message, size_t msglen, skdp_network_packet *packetout)
	Encrypt a message into an SKDP packet.

SKDP_EXPORT_API skdp_errors	skdp_server_ratchet_response (skdp_server_state ctx, skdp_network_packet packetout)
	Send a ratchet response to the client.

Detailed Description

The SKDP listener.

This header defines the internal server functions for the Symmetric Key Distribution Protocol (SKDP). The SKDP listener is responsible for handling incoming connections from SKDP clients, managing the key exchange process, and maintaining secure communications. The functions in this header support both IPv4 and IPv6 connections, manage encryption and decryption of messages, and handle key ratcheting operations to periodically update session keys for forward secrecy.

The server operates by accepting incoming connection requests, performing the key exchange with each client, and then maintaining an encrypted tunnel. The server also manages keep-alive messages and error reporting to ensure robust communication.

Note: These functions and data structures are internal and non-exportable.

Function Documentation

◆ skdp_server_connection_close()

SKDP_EXPORT_API void skdp_server_connection_close	(	skdp_server_state *	ctx,
		qsc_socket *	sock,
		skdp_errors	error )

Close the remote session and dispose of server resources.

This function gracefully closes the SKDP server session by terminating the connection on the given socket and releasing any resources associated with the server state. It sends an error code to the remote host (if applicable) before closing the connection.

Parameters

ctx	A pointer to the SKDP server state structure.
sock	A pointer to the initialized socket structure.
error	The SKDP error code indicating the reason for closure.

◆ skdp_server_decrypt_packet()

SKDP_EXPORT_API skdp_errors skdp_server_decrypt_packet	(	skdp_server_state *	ctx,
		const skdp_network_packet *	packetin,
		uint8_t *	message,
		size_t *	msglen )

Decrypt a received SKDP packet.

This function decrypts the message contained in an incoming SKDP network packet using the server's current decryption state. The decrypted plaintext is copied into the provided output buffer, and its length is returned through the msglen parameter.

Parameters

ctx	A pointer to the SKDP server state structure.
packetin	[const] A pointer to the incoming SKDP network packet.
message	The output buffer where the decrypted message will be stored.
msglen	A pointer to a variable that will receive the length of the decrypted message.

Returns: Returns a value of type skdp_errors indicating the result of the decryption operation.

◆ skdp_server_encrypt_packet()

SKDP_EXPORT_API skdp_errors skdp_server_encrypt_packet	(	skdp_server_state *	ctx,
		const uint8_t *	message,
		size_t	msglen,
		skdp_network_packet *	packetout )

Encrypt a message into an SKDP packet.

This function encrypts a plaintext message using the server's current transmit cipher state. It then builds an SKDP network packet with the encrypted data, including appropriate header information (e.g., message length, sequence number, and UTC timestamp).

Parameters

ctx	A pointer to the SKDP server state structure.
message	[const] The plaintext message to be encrypted.
msglen	The length of the plaintext message in bytes.
packetout	A pointer to the output SKDP network packet structure.

Returns: Returns a value of type skdp_errors indicating the success or failure of the encryption process.

◆ skdp_server_initialize()

SKDP_EXPORT_API void skdp_server_initialize	(	skdp_server_state *	ctx,
		const skdp_server_key *	skey )

Initialize the SKDP server state.

This function initializes the SKDP server state structure using the provided server key. It configures the necessary cipher states and copies key information into the server state, preparing it for the key exchange process and subsequent secure communications.

Parameters

ctx	A pointer to the SKDP server state structure to be initialized.
skey	[const] A pointer to the SKDP server key structure.

◆ skdp_server_listen_ipv4()

SKDP_EXPORT_API skdp_errors skdp_server_listen_ipv4	(	skdp_server_state *	ctx,
		qsc_socket *	sock,
		const qsc_ipinfo_ipv4_address *	address,
		uint16_t	port )

Run the IPv4 networked key exchange function.

This function starts the SKDP server listener on an IPv4 interface. It waits for a client connection, performs the key exchange, and, upon successful completion, returns a connected socket along with an updated SKDP server state.

Parameters

ctx	A pointer to the SKDP server state structure.
sock	A pointer to the socket structure that will hold the connected socket.
address	A pointer to the server's IPv4 network address.
port	The server's port number.

Returns: Returns a value of type skdp_errors indicating the success or failure of the IPv4 key exchange.

◆ skdp_server_listen_ipv6()

SKDP_EXPORT_API skdp_errors skdp_server_listen_ipv6	(	skdp_server_state *	ctx,
		qsc_socket *	sock,
		const qsc_ipinfo_ipv6_address *	address,
		uint16_t	port )

Run the IPv6 networked key exchange function.

This function starts the SKDP server listener on an IPv6 interface. It accepts a client connection, performs the key exchange protocol, and returns a connected socket along with an updated SKDP server state.

Parameters

ctx	A pointer to the SKDP server state structure.
sock	A pointer to the socket structure that will hold the connected socket.
address	A pointer to the server's IPv6 network address.
port	The server's port number.

Returns: Returns a value of type skdp_errors indicating the outcome of the IPv6 key exchange.

◆ skdp_server_ratchet_response()

SKDP_EXPORT_API skdp_errors skdp_server_ratchet_response	(	skdp_server_state *	ctx,
		skdp_network_packet *	packetout )

Send a ratchet response to the client.

In SKDP, a ratchet response is used to send an encrypted token to the client and re-key the communication channel. This mechanism is useful in static tunnel configurations where additional entropy is periodically injected based on uptime or data transfer. The function constructs a ratchet response packet using the current server state and sends it to the client.

Parameters

ctx	A pointer to the SKDP server state structure.
packetout	A pointer to the output SKDP network packet structure that will contain the ratchet response.

Returns: Returns a value of type skdp_errors indicating the outcome of the ratchet response operation.

◆ skdp_server_send_error()

SKDP_EXPORT_API void skdp_server_send_error	(	const qsc_socket *	sock,
		skdp_errors	error )

Send an error code to the remote host.

This function sends a specified SKDP error code over the given socket to notify the remote host of an error condition.

Parameters

sock	A pointer to the initialized socket structure.
error	The SKDP error code to be transmitted.

◆ skdp_server_send_keep_alive()

SKDP_EXPORT_API skdp_errors skdp_server_send_keep_alive	(	skdp_keep_alive_state *	kctx,
		const qsc_socket *	sock )

Send a keep-alive message to the remote host.

This function sends a keep-alive message using the current SKDP keep-alive state over the provided socket. This mechanism is used to verify that the connection is still active and to maintain the session.

Parameters

kctx	A pointer to the SKDP keep-alive state structure.
sock	A pointer to the initialized socket structure.

Returns: Returns a value of type skdp_errors indicating the result of the keep-alive send operation.

Data Structures

Typedefs

Functions

Detailed Description

Function Documentation

◆ skdp_server_connection_close()

◆ skdp_server_decrypt_packet()

◆ skdp_server_encrypt_packet()

◆ skdp_server_initialize()

◆ skdp_server_listen_ipv4()

◆ skdp_server_listen_ipv6()

◆ skdp_server_ratchet_response()

◆ skdp_server_send_error()

◆ skdp_server_send_keep_alive()