1 .pl 10.0i
2 .po 0
3 .ll 7.2i
4 .lt 7.2i
5 .nr LL 7.2i
6 .nr LT 7.2i
7 .ds LF Riikonen
8 .ds RF FORMFEED[Page %]
9 .ds CF
10 .ds LH Internet Draft
11 .ds RH 15 May 2002
12 .ds CH
13 .na
14 .hy 0
15 .in 0
16 .nf
17 Network Working Group P. Riikonen
18 Internet-Draft
19 draft-riikonen-silc-pp-05.txt 15 May 2002
20 Expires: 15 November 2002
21
22 .in 3
23
24 .ce 2
25 SILC Packet Protocol
26 <draft-riikonen-silc-pp-05.txt>
27
28 .ti 0
29 Status of this Memo
30
31 This document is an Internet-Draft and is in full conformance with
32 all provisions of Section 10 of RFC 2026. Internet-Drafts are
33 working documents of the Internet Engineering Task Force (IETF), its
34 areas, and its working groups. Note that other groups may also
35 distribute working documents as Internet-Drafts.
36
37 Internet-Drafts are draft documents valid for a maximum of six months
38 and may be updated, replaced, or obsoleted by other documents at any
39 time. It is inappropriate to use Internet-Drafts as reference
40 material or to cite them other than as "work in progress."
41
42 The list of current Internet-Drafts can be accessed at
43 http://www.ietf.org/ietf/1id-abstracts.txt
44
45 The list of Internet-Draft Shadow Directories can be accessed at
46 http://www.ietf.org/shadow.html
47
48 The distribution of this memo is unlimited.
49
50
51 .ti 0
52 Abstract
53
54 This memo describes a Packet Protocol used in the Secure Internet Live
55 Conferencing (SILC) protocol, specified in the Secure Internet Live
56 Conferencing, Protocol Specification Internet Draft [SILC1]. This
57 protocol describes the packet types and packet payloads which defines
58 the contents of the packets. The protocol provides secure binary packet
59 protocol that assures that the contents of the packets are secured and
60 authenticated.
61
62
63
64
65
66
67
68
69 .ti 0
70 Table of Contents
71
72 .nf
73 1 Introduction .................................................. 3
74 1.1 Requirements Terminology .................................. 4
75 2 SILC Packet Protocol .......................................... 4
76 2.1 SILC Packet ............................................... 4
77 2.2 SILC Packet Header ........................................ 5
78 2.3 SILC Packet Types ......................................... 8
79 2.3.1 SILC Packet Payloads ................................ 17
80 2.3.2 Generic payloads .................................... 17
81 2.3.2.1 ID Payload .................................. 17
82 2.3.2.2 Argument Payload ............................ 18
83 2.3.2.3 Channel Payload ............................. 19
84 2.3.2.4 Public Key Payload .......................... 20
85 2.3.3 Disconnect Payload .................................. 20
86 2.3.4 Success Payload ..................................... 21
87 2.3.5 Failure Payload ..................................... 22
88 2.3.6 Reject Payload ...................................... 22
89 2.3.7 Notify Payload ...................................... 23
90 2.3.8 Error Payload ....................................... 31
91 2.3.9 Channel Message Payload ............................. 31
92 2.3.10 Channel Key Payload ................................ 35
93 2.3.11 Private Message Payload ............................ 36
94 2.3.12 Private Message Key Payload ........................ 38
95 2.3.13 Command Payload .................................... 39
96 2.3.14 Command Reply Payload .............................. 40
97 2.3.15 Connection Auth Request Payload .................... 40
98 2.3.16 New ID Payload ..................................... 42
99 2.3.17 New Client Payload ................................. 42
100 2.3.18 New Server Payload ................................. 43
101 2.3.19 New Channel Payload ................................ 44
102 2.3.20 Key Agreement Payload .............................. 45
103 2.3.21 Resume Router Payload .............................. 46
104 2.3.22 File Transfer Payload .............................. 46
105 2.3.23 Resume Client Payload .............................. 48
106 2.4 SILC ID Types ............................................. 49
107 2.5 Packet Encryption And Decryption .......................... 49
108 2.5.1 Normal Packet Encryption And Decryption ............. 50
109 2.5.2 Channel Message Encryption And Decryption ........... 50
110 2.5.3 Private Message Encryption And Decryption ........... 51
111 2.6 Packet MAC Generation ..................................... 52
112 2.7 Packet Padding Generation ................................. 52
113 2.8 Packet Compression ........................................ 53
114 2.9 Packet Sending ............................................ 53
115 2.10 Packet Reception ......................................... 54
116 2.11 Packet Routing ........................................... 54
117 2.12 Packet Broadcasting ...................................... 55
118 3 Security Considerations ....................................... 56
119 4 References .................................................... 56
120 5 Author's Address .............................................. 58
121
122 .ti 0
123 List of Figures
124
125 .nf
126 Figure 1: Typical SILC Packet
127 Figure 2: SILC Packet Header
128 Figure 3: ID Payload
129 Figure 4: Argument Payload
130 Figure 5: Channel Payload
131 Figure 6: Public Key Payload
132 Figure 7: Disconnect Payload
133 Figure 8: Success Payload
134 Figure 9: Failure Payload
135 Figure 10: Reject Payload
136 Figure 11: Notify Payload
137 Figure 12: Error Payload
138 Figure 13: Channel Message Payload
139 Figure 14: Channel Key Payload
140 Figure 15: Private Message Payload
141 Figure 16: Private Message Key Payload
142 Figure 17: Command Payload
143 Figure 18: Connection Auth Request Payload
144 Figure 19: New Client Payload
145 Figure 20: New Server Payload
146 Figure 21: Key Agreement Payload
147 Figure 22: Resume Router Payload
148 Figure 23: File Transfer Payload
149 Figure 24: Resume Client Payload
150
151
152 .ti 0
153 1. Introduction
154
155 This document describes a Packet Protocol used in the Secure Internet
156 Live Conferencing (SILC) protocol specified in the Secure Internet Live
157 Conferencing, Protocol Specification Internet Draft [SILC1]. This
158 protocol describes the packet types and packet payloads which defines
159 the contents of the packets. The protocol provides secure binary packet
160 protocol that assures that the contents of the packets are secured and
161 authenticated. The packet protocol is designed to be compact to avoid
162 unnecessary overhead as much as possible. This makes the SILC suitable
163 also in environment of low bandwidth requirements such as mobile networks.
164 All packet payloads can also be compressed to further reduce the size
165 of the packets.
166
167 The basis of SILC protocol relies in the SILC packets and it is with
168 out a doubt the most important part of the protocol. It is also probably
169 the most complicated part of the protocol. Packets are used all the
170 time in the SILC network to send messages, commands and other information.
171 All packets in SILC network are always encrypted and their integrity
172 is assured by computed MACs. The protocol defines several packet types
173 and packet payloads. Each packet type usually has a specific packet
174 payload that actually defines the contents of the packet. Each packet
175 also includes a default SILC Packet Header that provides sufficient
176 information about the origin of the packet and destination of the
177 packet.
178
179
180 .ti 0
181 1.1 Requirements Terminology
182
183 The keywords MUST, MUST NOT, REQUIRED, SHOULD, SHOULD NOT, RECOMMENDED,
184 MAY, and OPTIONAL, when they appear in this document, are to be
185 interpreted as described in [RFC2119].
186
187
188 .ti 0
189 2 SILC Packet Protocol
190
191 .ti 0
192 2.1 SILC Packet
193
194 SILC packets deliver messages from sender to receiver securely by
195 encrypting important fields of the packet. The packet consists of
196 default SILC Packet Header, Padding, Packet Payload data, and, packet
197 MAC.
198
199 The following diagram illustrates typical SILC packet.
200
201
202 .in 5
203 .nf
204 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
205 | n bytes | 1 - n bytes | n bytes | n bytes
206 | SILC Header | Padding | Data Payload | MAC
207 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
208 .in 3
209
210 .ce
211 Figure 1: Typical SILC Packet
212
213
214 SILC Header is always the first part of the packet and its purpose
215 is to provide information about the packet. It provides for example
216 the packet type, origin of the packet and the destination of the packet.
217 The header is variable in length. See the following section for
218 description of SILC Packet header. Packets without SILC header or
219 with malformed SILC header MUST be dropped.
220
221 Padding follows the packet header. The purpose of the padding is to
222 make the packet multiple by eight (8) or by the block size of the
223 cipher used in the encryption, which ever is larger. The maximum
224 length of padding is currently 128 bytes. The padding is always
225 encrypted. The padding is applied always, even if the packet is
226 not encrypted. See the section 2.7 Padding Generation for more
227 detailed information.
228
229 Data payload area follows padding and it is the actual data of the
230 packet. The packet data is the packet payloads defined in this
231 protocol. The data payload area is always encrypted.
232
233 The last part of SILC packet is the packet MAC that assures the
234 integrity of the packet. The MAC is always computed from the packet
235 before the encryption is applied to the packet. If compression is used
236 in the packet the MAC is computed after the compression has been
237 applied. The compression, on the other hand, is always applied before
238 encryption. See more details in the section 2.6 Packet MAC Generation.
239
240 All fields in all packet payloads are always in MSB (most significant
241 byte first) order.
242
243
244 .ti 0
245 2.2 SILC Packet Header
246
247 The SILC packet header is applied to all SILC packets and it is
248 variable in length. The purpose of SILC Packet header is to provide
249 detailed information about the packet. The receiver of the packet
250 uses the packet header to parse the packet and gain other relevant
251 parameters of the packet.
252
253 The following diagram represents the SILC packet header.
254
255 .in 5
256 .nf
257 1 2 3
258 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
259 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
260 | Payload Length | Flags | Packet Type |
261 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
262 | Pad Length | RESERVED | Source ID Len | Dest ID Len |
263 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
264 | Src ID Type | |
265 +-+-+-+-+-+-+-+-+ +
266 | |
267 ~ Source ID ~
268 | |
269 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
270 | Dst ID Type | |
271 +-+-+-+-+-+-+-+-+ +
272 | |
273 ~ Destination ID ~
274 | |
275 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
276 .in 3
277
278 .ce
279 Figure 2: SILC Packet Header
280
281
282 .in 6
283 o Payload Length (2 bytes) - Is the length of the packet
284 not including the padding of the packet.
285
286 o Flags (1 byte) - Indicates flags to be used in packet
287 processing. Several flags may be set by ORing the flags
288 together.
289
290 The following flags are reserved for this field:
291
292
293 No flags 0x00
294
295 In this case the field is ignored.
296
297
298 Private Message Key 0x01
299
300 Indicates that the packet must include private
301 message that is encrypted using private key set by
302 client. Servers does not know anything about this
303 key and this causes that the private message is
304 not handled by the server at all, it is just
305 passed along. See section 2.5.3 Private Message
306 Encryption And Decryption for more information.
307
308
309 List 0x02
310
311 Indicates that the packet consists of list of
312 packet payloads indicated by the Packet Type field.
313 The payloads are added one after the other. Note that
314 there are packet types that must not be used as
315 list. Parsing of list packet is done by calculating
316 the length of each payload and parsing them one by
317 one.
318
319
320 Broadcast 0x04
321
322 Marks the packet to be broadcasted. Client cannot
323 send broadcast packet and normal server cannot send
324 broadcast packet. Only router server may send broadcast
325 packet. The router receiving of packet with this flag
326 set MUST send (broadcast) the packet to its primary
327 route. If router has several router connections the
328 packet may be sent only to the primary route. See
329 section 2.12 Packet Broadcasting for description of
330 packet broadcasting.
331
332
333 Compressed 0x08
334
335 Marks that the payload of the packet is compressed.
336 The sender of the packet marks this flag when it
337 compresses the payload, and any server or router
338 en route to the recipient MUST NOT unset this flag.
339 See section 2.8 Packet Compression for description of
340 packet compressing.
341
342 .in 3
343
344
345
346
347 o Packet Type (1 byte) - Is the type of the packet. Receiver
348 uses this field to parse the packet. See section 2.3
349 SILC Packets for list of defined packet types.
350
351 o Pad Length (1 byte) - Indicates the length of the padding
352 applied after the SILC Packet header. Maximum length for
353 padding is 128 bytes.
354
355 o RESERVED (1 byte) - Reserved field and must include a
356 zero (0) value.
357
358 o Source ID Length (1 byte) - Indicates the length of the
359 Source ID field in the header, not including this or any
360 other fields.
361
362 o Destination ID Length (1 byte) - Indicates the length of the
363 Destination ID field in the header, not including this or
364 any other fields.
365
366 o Src ID Type (1 byte) - Indicates the type of ID in the
367 Source ID field. See section 2.4 SILC ID Types for
368 defined ID types.
369
370 o Source ID (variable length) - The actual source ID that
371 indicates which is the original sender of the packet.
372
373 o Dst ID Type (1 byte) - Indicates the type of ID in the
374 Destination ID field. See section 2.4 SILC ID Types for
375 defined ID types.
376
377 o Destination ID (variable length) - The actual destination
378 ID that indicates which is the end receiver of the packet.
379
380
381
382 .ti 0
383 2.3 SILC Packet Types
384
385 SILC packet types defines the contents of the packet and it is used by
386 the receiver to parse the packet. The packet type is 8 bits, as a one
387 byte, in length. The range for the packet types are from 0 - 255,
388 where 0 is never sent and 255 is currently reserved for future
389 extensions and MUST NOT be defined to any other purpose. Every SILC
390 specification compliant implementation SHOULD support all of these packet
391 types.
392
393 The below list of the SILC Packet types includes reference to the packet
394 payload as well. Packet payloads are the actual packet, that is, the data
395 that the packet consists of. Each packet type defines packet payload
396 which usually may only be sent with the specific packet type.
397
398 Most of the packets are packets that must be destined directly to entity
399 that is connected to the sender. It is not allowed, for example, for
400 router to send disconnect packet to client that is not directly connected
401 to the router. However, there are some special packet types that may
402 be destined to some entity that the sender has not direct connection
403 with. These packets are for example private message packets, channel
404 message packets, command packets and some other packets that may be
405 broadcasted in the SILC network. If the packet is allowed to be sent to
406 indirectly connected entity it is mentioned separately in the packet
407 description (unless it is obvious as in private and channel message
408 packets). Other packets MUST NOT be sent or accepted, if sent, to
409 indirectly connected entities.
410
411 List of SILC Packet types are defined as follows.
412
413 .in 1
414 0 SILC_PACKET_NONE
415
416 This type is reserved and it is never sent.
417
418
419 1 SILC_PACKET_DISCONNECT
420
421 This packet is sent to disconnect the remote end. Reason of
422 the disconnection is sent inside the packet payload. Client
423 usually does not send this packet.
424
425 This packet MUST NOT be sent as list and the List flag MUST
426 NOT be set.
427
428 Payload of the packet: See section 2.3.3 Disconnect Payload
429
430
431 2 SILC_PACKET_SUCCESS
432
433 This packet is sent upon successful execution of some protocol.
434 The status of the success is sent in the packet.
435
436 This packet MUST NOT be sent as list and the List flag MUST
437 NOT be set.
438
439 Payload of the packet: See section 2.3.4 Success Payload
440
441
442 3 SILC_PACKET_FAILURE
443
444 This packet is sent upon failure of some protocol. The status
445 of the failure is sent in the packet.
446
447 This packet MUST NOT be sent as list and the List flag MUST
448 NOT be set.
449
450 Payload of the packet: See section 2.3.5 Failure Payload
451
452
453 4 SILC_PACKET_REJECT
454
455 This packet MAY be sent upon rejection of some protocol.
456 The status of the rejection is sent in the packet.
457
458 This packet MUST NOT be sent as list and the List flag MUST
459 NOT be set.
460
461 Payload of the packet: See section 2.3.6 Reject Payload
462
463
464 5 SILC_PACKET_NOTIFY
465
466 This packet is used to send notify message, usually from
467 server to client, although it MAY be sent from server to another
468 server as well. Client MUST NOT send this packet. Server MAY
469 send this packet to channel as well when the packet is
470 distributed to all clients on the channel.
471
472 Payload of the packet: See section 2.3.7 Notify Payload.
473
474
475
476 6 SILC_PACKET_ERROR
477
478 This packet is sent when an error occurs. Server MAY
479 send this packet. Client MUST NOT send this packet. The
480 client MAY entirely ignore the packet, however, server is
481 most likely to take action anyway. This packet MAY be sent
482 to entity that is indirectly connected to the sender.
483
484 This packet MUST NOT be sent as list and the List flag MUST
485 NOT be set.
486
487 Payload of the packet: See section 2.3.8 Error Payload.
488
489
490 7 SILC_PACKET_CHANNEL_MESSAGE
491
492 This packet is used to send messages to channels. The packet
493 includes Channel ID of the channel and the actual message to
494 the channel. Messages sent to the channel are always protected
495 by channel specific keys. Channel Keys are distributed by
496 SILC_PACKET_CHANNEL_KEY packet.
497
498 This packet MUST NOT be sent as list and the List flag MUST
499 NOT be set.
500
501 Payload of the packet: See section 2.3.9 Channel Message
502 Payload
503
504
505 8 SILC_PACKET_CHANNEL_KEY
506
507 This packet is used to distribute new key for particular
508 channel. Each channel has their own independent keys that
509 is used to protect the traffic on the channel. Only server
510 may send this packet. This packet MAY be sent to entity
511 that is indirectly connected to the sender.
512
513 This packet MUST NOT be sent as list and the List flag MUST
514 NOT be set.
515
516 Payload of the packet: See section 2.3.10 Channel Key Payload
517
518
519 9 SILC_PACKET_PRIVATE_MESSAGE
520
521 This packet is used to send private messages from client
522 to another client. By default, private messages are protected
523 by session keys established by normal key exchange protocol.
524 However, it is possible to use specific key to protect private
525 messages. SILC_PACKET_PRIVATE_MESSAGE_KEY packet is used to
526 agree the key with the remote client. Pre-shared key MAY be
527 used as well if both of the client knows it, however, it needs
528 to be agreed outside SILC. See more of this in [SILC1].
529
530 This packet MUST NOT be sent as list and the List flag MUST
531 NOT be set.
532
533 Payload of the packet: See section 2.3.11 Private Message
534 Payload
535
536
537 10 SILC_PACKET_PRIVATE_MESSAGE_KEY
538
539 This packet is used to agree about a key to be used to protect
540 the private messages between two clients. If this is not sent
541 the normal session key is used to protect the private messages
542 inside SILC network. Agreeing to use specific key to protect
543 private messages adds security, as no server between the two
544 clients will be able to decrypt the private message. However,
545 servers inside SILC network are considered to be trusted, thus
546 using normal session key to protect private messages does not
547 degrade security. Whether to agree to use specific keys by
548 default or to use normal session keys by default, is
549 implementation specific issue. See more of this in [SILC1].
550
551 This packet MUST NOT be sent as list and the List flag MUST
552 NOT be set.
553
554 Payload of the packet: See section 2.3.12 Private Message
555 Key Payload
556
557
558 11 SILC_PACKET_COMMAND
559
560 This packet is used to send commands from client to server.
561 Server MAY send this packet to other servers as well. All
562 commands are listed in their own section SILC Command Types
563 in [SILC4]. The contents of this packet is command specific.
564 This packet MAY be sent to entity that is indirectly connected
565 to the sender.
566
567 This packet MUST NOT be sent as list and the List flag MUST
568 NOT be set.
569
570 Payload of the packet: See section 2.3.13 Command Payload
571
572
573 12 SILC_PACKET_COMMAND_REPLY
574
575 This packet is sent as reply to the SILC_PACKET_COMMAND packet.
576 The contents of this packet is command specific. This packet
577 MAY be sent to entity that is indirectly connected to the
578 sender.
579
580 This packet MUST NOT be sent as list and the List flag MUST
581 NOT be set.
582
583 Payload of the packet: See section 2.3.14 Command Reply
584 Payload and section 2.3.13 Command
585 Payload
586
587
588
589
590 13 SILC_PACKET_KEY_EXCHANGE
591
592 This packet is used to start SILC Key Exchange Protocol,
593 described in detail in [SILC3].
594
595 This packet MUST NOT be sent as list and the List flag MUST
596 NOT be set.
597
598 Payload of the packet: Payload of this packet is described
599 in the section SILC Key Exchange
600 Protocol and its sub sections in
601 [SILC3].
602
603
604 14 SILC_PACKET_KEY_EXCHANGE_1
605
606 This packet is used as part of the SILC Key Exchange Protocol.
607
608 This packet MUST NOT be sent as list and the List flag MUST
609 NOT be set.
610
611 Payload of the packet: Payload of this packet is described
612 in the section SILC Key Exchange
613 Protocol and its sub sections in
614 [SILC3].
615
616
617 15 SILC_PACKET_KEY_EXCHANGE_2
618
619 This packet is used as part of the SILC Key Exchange Protocol.
620
621 This packet MUST NOT be sent as list and the List flag MUST
622 NOT be set.
623
624 Payload of the packet: Payload of this packet is described
625 in the section SILC Key Exchange
626 Protocol and its sub sections in
627 [SILC3].
628
629
630 16 SILC_PACKET_CONNECTION_AUTH_REQUEST
631
632 This packet is used to request the authentication method to
633 be used in the SILC Connection Authentication Protocol. If
634 initiator of the protocol does not know the mandatory
635 authentication method this packet MAY be used to determine it.
636
637 The party receiving this payload MUST respond with the same
638 packet including the mandatory authentication method.
639
640 This packet MUST NOT be sent as list and the List flag MUST
641 NOT be set.
642
643 Payload of the packet: See section 2.3.15 Connection Auth
644 Request Payload
645
646
647
648
649 17 SILC_PACKET_CONNECTION_AUTH
650
651 This packet is used to start and perform the SILC Connection
652 Authentication Protocol. This protocol is used to authenticate
653 the connecting party. The protocol is described in detail in
654 [SILC3].
655
656 This packet MUST NOT be sent as list and the List flag MUST
657 NOT be set.
658
659 Payload of the packet: Payload of this packet is described
660 in the section SILC Authentication
661 Protocol and it sub sections in [SILC].
662
663
664 18 SILC_PACKET_NEW_ID
665
666 This packet is used to distribute new ID's from server to
667 router and from router to all routers in the SILC network.
668 This is used when for example new client is registered to
669 SILC network. The newly created ID's of these operations are
670 distributed by this packet. Only server may send this packet,
671 however, client MUST be able to receive this packet. This
672 packet MAY be sent to entity that is indirectly connected
673 to the sender.
674
675 Payload of the packet: See section 2.3.16 New ID Payload
676
677
678 19 SILC_PACKET_NEW_CLIENT
679
680 This packet is used by client to register itself to the
681 SILC network. This is sent after key exchange and
682 authentication protocols has been completed. Client sends
683 various information about itself in this packet.
684
685 This packet MUST NOT be sent as list and the List flag MUST
686 NOT be set.
687
688 Payload of the packet: See section 2.3.17 New Client Payload
689
690
691 20 SILC_PACKET_NEW_SERVER
692
693 This packet is used by server to register itself to the
694 SILC network. This is sent after key exchange and
695 authentication protocols has been completed. Server sends
696 this to the router it connected to, or, if router was
697 connecting, to the connected router. Server sends its
698 Server ID and other information in this packet. The client
699 MUST NOT send or receive this packet.
700
701 This packet MUST NOT be sent as list and the List flag MUST
702 NOT be set.
703
704 Payload of the packet: See section 2.3.18 New Server Payload
705
706
707 21 SILC_PACKET_NEW_CHANNEL
708
709 This packet is used to notify routers about newly created
710 channel. Channels are always created by the router and it MUST
711 notify other routers about the created channel. Router sends
712 this packet to its primary route. Client MUST NOT send this
713 packet. This packet MAY be sent to entity that is indirectly
714 connected to the sender.
715
716 Payload of the packet: See section 2.3.19 New Channel Payload
717
718
719 22 SILC_PACKET_REKEY
720
721 This packet is used to indicate that re-key must be performed
722 for session keys. See section Session Key Regeneration in
723 [SILC1] for more information. This packet does not have
724 a payload.
725
726 This packet MUST NOT be sent as list and the List flag MUST
727 NOT be set.
728
729
730 23 SILC_PACKET_REKEY_DONE
731
732 This packet is used to indicate that re-key is performed and
733 new keys must be used hereafter.
734
735 This packet MUST NOT be sent as list and the List flag MUST
736 NOT be set.
737
738
739 24 SILC_PACKET_HEARTBEAT
740
741 This packet is used by clients, servers and routers to keep the
742 connection alive. It is recommended that all servers implement
743 keepalive actions and perform it to both direction in a link.
744 This packet does not have a payload.
745
746 This packet MUST NOT be sent as list and the List flag MUST
747 NOT be set.
748
749
750 25 SILC_PACKET_KEY_AGREEMENT
751
752 This packet is used by clients to request key negotiation
753 between another client in the SILC network. If the negotiation
754 is started it is performed using the SKE protocol. The result of
755 the negotiation, the secret key material, can be used for
756 example as private message key. The server and router MUST NOT
757 send this packet.
758
759 This packet MUST NOT be sent as list and the List flag MUST
760 NOT be set.
761
762 Payload of the packet: See section 2.3.20 Key Agreement Payload
763
764
765
766
767 26 SILC_PACKET_RESUME_ROUTER
768
769 This packet is used during backup router protocol when the
770 original primary router of the cell comes back online and wishes
771 to resume the position as being the primary router of the cell.
772
773 Payload of the packet: See section 2.3.21 Resume Router Payload
774
775
776 27 SILC_PACKET_FTP
777
778 This packet is used to perform an file transfer protocol in the
779 SILC session with some entity in the network. The packet is
780 multi purpose. The packet is used to tell other entity in the
781 network that the sender wishes to perform an file transfer
782 protocol. The packet is also used to actually tunnel the
783 file transfer protocol stream. The file transfer protocol
784 stream is always protected with the SILC packet.
785
786 This packet MUST NOT be sent as list and the List flag MUST
787 NOT be set.
788
789 Payload of the packet: See section 2.3.22 File Transfer Payload
790
791
792 28 SILC_PACKET_RESUME_CLIENT
793
794 This packet is used to resume a client back to the network
795 after it has been detached. A client is able to detach from
796 the network but the client is still valid client in the network.
797 The client may then later resume its session back by sending
798 this packet to a server. Routers also use this packet to notify
799 other routers in the network that the detached client has resumed.
800
801 This packet MUST NOT be sent as list and the List flag MUST
802 NOT be set.
803
804 Payload of the packet: See section 2.3.23 Resume Client Payload
805
806
807 29 - 199
808
809 Currently undefined commands.
810
811
812 200 - 254
813
814 These packet types are reserved for private use and they will
815 not be defined by this document.
816
817
818 255 SILC_PACKET_MAX
819
820 This type is reserved for future extensions and currently it
821 MUST NOT be sent.
822 .in 3
823
824
825 .ti 0
826 2.3.1 SILC Packet Payloads
827
828 All payloads resides in the main data area of the SILC packet. However
829 all payloads MUST be at the start of the data area after the SILC
830 packet header and padding. All fields in the packet payload are always
831 encrypted, as they reside in the data area of the packet which is
832 always encrypted.
833
834 Payloads described in this section are common payloads that MUST be
835 accepted anytime during SILC session. Most of the payloads may only
836 be sent with specific packet type which is defined in the description
837 of the payload.
838
839 There are a lot of other payloads in the SILC as well. However, they
840 are not common in the sense that they could be sent at any time.
841 These payloads are not described in this section. These are payloads
842 such as SILC Key Exchange payloads and so on. These are described
843 in [SILC1], [SILC3] and [SILC4].
844
845
846 .ti 0
847 2.3.2 Generic payloads
848
849 This section describes generic payloads that are not associated to any
850 specific packet type. They can be used for example inside some other
851 packet payloads.
852
853
854 .ti 0
855 2.3.2.1 ID Payload
856
857 This payload can be used to send an ID. ID's are variable in length
858 thus this payload provides a way to send variable length ID's.
859
860 The following diagram represents the ID Payload.
861
862
863
864
865
866
867 .in 5
868 .nf
869 1 2 3
870 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
871 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
872 | ID Type | ID Length |
873 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
874 | |
875 ~ ID Data ~
876 | |
877 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
878 .in 3
879
880 .ce
881 Figure 3: ID Payload
882
883
884 .in 6
885 o ID Type (2 bytes) - Indicates the type of the ID. See
886 section 2.4 SILC ID Types for list of defined ID types.
887
888 o ID Length (2 bytes) - Length of the ID Data area not
889 including the length of any other fields in the payload.
890
891 o ID Data (variable length) - The actual ID data.
892 .in 3
893
894
895 .ti 0
896 2.3.2.2 Argument Payload
897
898 Argument Payload is used to set arguments for any packet payload that
899 needs and supports arguments, such as commands. Number of arguments
900 associated with a packet MUST be indicated by the packet payload which
901 needs the arguments. Argument Payloads MUST always reside right after
902 the packet payload needing the arguments. Incorrect amount of argument
903 payloads MUST cause rejection of the packet.
904
905 The following diagram represents the Argument Payload.
906
907 .in 5
908 .nf
909 1 2 3
910 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
911 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
912 | Payload Length | Argument Type | |
913 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
914 | |
915 ~ Argument Data ~
916 | |
917 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
918 .in 3
919
920 .ce
921 Figure 4: Argument Payload
922
923
924 .in 6
925 o Payload Length (2 bytes) - Length of the argument payload data
926 area not including the length of any other fields in the
927 payload.
928
929 o Argument Type (1 byte) - Indicates the type of the argument.
930 Every argument may have a specific type that MUST be defined
931 by the packet payload needing the argument. For example
932 every command specify a number for each argument that maybe
933 associated with the command. By using this number the receiver
934 of the packet knows what type of argument this is. If there is
935 no specific argument type this field is set to zero (0).
936
937 o Argument Data (variable length) - Argument data.
938 .in 3
939
940
941 .ti 0
942 2.3.2.3 Channel Payload
943
944 Generic Channel Payload may be used to send information about channel,
945 its name, the Channel ID and a mode.
946
947 The following diagram represents the Channel Payload.
948
949 .in 5
950 .nf
951 1 2 3
952 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
953 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
954 | Channel Name Length | |
955 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
956 | |
957 ~ Channel Name ~
958 | |
959 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
960 | Channel ID Length | |
961 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
962 | |
963 ~ Channel ID ~
964 | |
965 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
966 | Mode Mask |
967 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
968 .in 3
969
970 .ce
971 Figure 5: New Channel Payload
972
973
974 .in 6
975 o Channel Name Length (2 bytes) - Length of the channel name
976 field.
977
978 o Channel Name (variable length) - The name of the channel.
979
980 o Channel ID Length (2 bytes) - Length of the Channel ID field.
981
982 o Channel ID (variable length) - The Channel ID.
983
984 o Mode Mask (4 bytes) - A mode. This can be the mode of the
985 channel but it can also be the mode of the client on the
986 channel. The contents of this field is dependent of the
987 usage of this payload. The usage is defined separately
988 when this payload is used. This is a 32 bit MSB first value.
989 .in 3
990
991
992 .ti 0
993 2.3.2.4 Public Key Payload
994
995 Generic Public Key Payload may be used to send different types of
996 public keys and certificates.
997
998 The following diagram represents the Public Key Payload.
999
1000
1001
1002
1003
1004 .in 5
1005 .nf
1006 1 2 3
1007 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1008 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
1009 | Public Key Length | Public Key Type |
1010 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
1011 | |
1012 ~ Public Key of the party (or certificate) ~
1013 | |
1014 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
1015 .in 3
1016
1017 .ce
1018 Figure 6: Public Key Payload
1019
1020
1021 .in 6
1022 o Public Key Length (2 bytes) - The length of the Public Key
1023 (or certificate) field, not including any other field.
1024
1025 o Public Key Type (2 bytes) - The public key (or certificate)
1026 type. This field indicates the type of the public key in
1027 the packet. See the [SILC3] for defined public key types.
1028
1029 o Public Key (or certificate) (variable length) - The
1030 public key or certificate.
1031 .in 3
1032
1033
1034 .ti 0
1035 2.3.3 Disconnect Payload
1036
1037 Disconnect payload is sent upon disconnection. The payload is simple;
1038 reason of disconnection is sent to the disconnected party.
1039
1040 The payload may only be sent with SILC_PACKET_DISCONNECT packet. It
1041 MUST NOT be sent in any other packet type. The following diagram
1042 represents the Disconnect Payload.
1043
1044
1045 .in 5
1046 .nf
1047 1 2 3
1048 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1049 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
1050 | Status | |
1051 +-+-+-+-+-+-+-+-+ +
1052 | |
1053 ~ Disconnect Message ~
1054 | |
1055 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
1056 .in 3
1057
1058 .ce
1059 Figure 7: Disconnect Payload
1060
1061 .in 6
1062 o Status (1 byte) - Indicates the Status Type, defined in [SILC3]
1063 for the reason of disconnection.
1064
1065 o Disconnect Message (variable length) - Human readable UTF-8
1066 encoded string indicating reason of the disconnection. This
1067 MAY be omitted.
1068 .in 3
1069
1070
1071 .ti 0
1072 2.3.4 Success Payload
1073
1074 Success payload is sent when some protocol execution is successfully
1075 completed. The payload is simple; indication of the success is sent.
1076 This may be any data, including binary or human readable data.
1077
1078 .in 5
1079 .nf
1080 1 2 3
1081 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1082 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
1083 | |
1084 ~ Success Indication ~
1085 | |
1086 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
1087 .in 3
1088
1089 .ce
1090 Figure 8: Success Payload
1091
1092
1093 .in 6
1094 o Success Indication (variable length) - Indication of
1095 the success. This may be for example some flag that
1096 indicates the protocol and the success status or human
1097 readable success message. The true length of this
1098 payload is available by calculating it from the SILC
1099 Packet Header.
1100 .in 3
1101
1102
1103
1104 .ti 0
1105 2.3.5 Failure Payload
1106
1107 This is opposite of Success Payload. Indication of failure of
1108 some protocol is sent in the payload.
1109
1110
1111 .in 5
1112 .nf
1113 1 2 3
1114 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1115 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
1116 | |
1117 ~ Failure Indication ~
1118 | |
1119 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
1120 .in 3
1121
1122 .ce
1123 Figure 9: Failure Payload
1124
1125
1126 .in 6
1127 o Failure Indication (variable length) - Indication of
1128 the failure. This may be for example some flag that
1129 indicates the protocol and the failure status or human
1130 readable failure message. The true length of this
1131 payload is available by calculating it from the SILC
1132 Packet Header.
1133 .in 3
1134
1135
1136 .ti 0
1137 2.3.6 Reject Payload
1138
1139 This payload is sent when some protocol is rejected to be executed.
1140 Other operations MAY send this as well that was rejected. The
1141 indication of the rejection is sent in the payload. The indication
1142 may be binary or human readable data.
1143
1144
1145 .in 5
1146 .nf
1147 1 2 3
1148 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2