xref: /dragonfly/include/rpcsvc/key_prot.x (revision df052c2a9588fe12c7a2df4e61e2bfa3f3e16ce0)
1 %/*
2 % * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
3 % * unrestricted use provided that this legend is included on all tape
4 % * media and as a part of the software program in whole or part.  Users
5 % * may copy or modify Sun RPC without charge, but are not authorized
6 % * to license or distribute it to anyone else except as part of a product or
7 % * program developed by the user.
8 % *
9 % * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
10 % * WARRANTIES OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR
11 % * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
12 % *
13 % * Sun RPC is provided with no support and without any obligation on the
14 % * part of Sun Microsystems, Inc. to assist in its use, correction,
15 % * modification or enhancement.
16 % *
17 % * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
18 % * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
19 % * OR ANY PART THEREOF.
20 % *
21 % * In no event will Sun Microsystems, Inc. be liable for any lost revenue
22 % * or profits or other special, indirect and consequential damages, even if
23 % * Sun has been advised of the possibility of such damages.
24 % *
25 % * Sun Microsystems, Inc.
26 % * 2550 Garcia Avenue
27 % * Mountain View, California  94043
28 % *
29 % * @(#)key_prot.x  1.7       94/04/29 SMI
30 % */
31 /*
32  * Key server protocol definition
33  * Copyright (C) 1990, 1991 Sun Microsystems, Inc.
34  *
35  * The keyserver is a public key storage/encryption/decryption service
36  * The encryption method used is based on the Diffie-Hellman exponential
37  * key exchange technology.
38  *
39  * The key server is local to each machine, akin to the portmapper.
40  * Under TI-RPC, communication with the keyserver is through the
41  * loopback transport.
42  *
43  * NOTE: This .x file generates the USER level headers for the keyserver.
44  * the KERNEL level headers are created by hand as they kernel has special
45  * requirements.
46  */
47 
48 %
49 %/* Copyright (c)  1990, 1991 Sun Microsystems, Inc. */
50 %
51 %/*
52 % * Compiled from key_prot.x using rpcgen.
53 % * DO NOT EDIT THIS FILE!
54 % * This is NOT source code!
55 % */
56 
57 /*
58  * PROOT and MODULUS define the way the Diffie-Hellman key is generated.
59  *
60  * MODULUS should be chosen as a prime of the form: MODULUS == 2*p + 1,
61  * where p is also prime.
62  *
63  * PROOT satisfies the following two conditions:
64  * (1) (PROOT ** 2) % MODULUS != 1
65  * (2) (PROOT ** p) % MODULUS != 1
66  *
67  */
68 
69 const PROOT = 3;
70 const HEXMODULUS = "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b";
71 
72 const HEXKEYBYTES = 48;                 /* HEXKEYBYTES == strlen(HEXMODULUS) */
73 const KEYSIZE = 192;                    /* KEYSIZE == bit length of key */
74 const KEYBYTES = 24;                    /* byte length of key */
75 
76 /*
77  * The first 16 hex digits of the encrypted secret key are used as
78  * a checksum in the database.
79  */
80 const KEYCHECKSUMSIZE = 16;
81 
82 /*
83  * status of operation
84  */
85 enum keystatus {
86           KEY_SUCCESS,        /* no problems */
87           KEY_NOSECRET,       /* no secret key stored */
88           KEY_UNKNOWN,        /* unknown netname */
89           KEY_SYSTEMERR       /* system error (out of memory, encryption failure) */
90 };
91 
92 typedef opaque keybuf[HEXKEYBYTES];     /* store key in hex */
93 
94 typedef string netnamestr<MAXNETNAMELEN>;
95 
96 /*
97  * Argument to ENCRYPT or DECRYPT
98  */
99 struct cryptkeyarg {
100           netnamestr remotename;
101           des_block deskey;
102 };
103 
104 /*
105  * Argument to ENCRYPT_PK or DECRYPT_PK
106  */
107 struct cryptkeyarg2 {
108           netnamestr remotename;
109           netobj    remotekey;          /* Contains a length up to 1024 bytes */
110           des_block deskey;
111 };
112 
113 
114 /*
115  * Result of ENCRYPT, DECRYPT, ENCRYPT_PK, and DECRYPT_PK
116  */
117 union cryptkeyres switch (keystatus status) {
118 case KEY_SUCCESS:
119           des_block deskey;
120 default:
121           void;
122 };
123 
124 const MAXGIDS  = 16;          /* max number of gids in gid list */
125 
126 /*
127  * Unix credential
128  */
129 struct unixcred {
130           u_int uid;
131           u_int gid;
132           u_int gids<MAXGIDS>;
133 };
134 
135 /*
136  * Result returned from GETCRED
137  */
138 union getcredres switch (keystatus status) {
139 case KEY_SUCCESS:
140           unixcred cred;
141 default:
142           void;
143 };
144 /*
145  * key_netstarg;
146  */
147 
148 struct key_netstarg {
149           keybuf st_priv_key;
150           keybuf st_pub_key;
151           netnamestr st_netname;
152 };
153 
154 union key_netstres switch (keystatus status){
155 case KEY_SUCCESS:
156           key_netstarg knet;
157 default:
158           void;
159 };
160 
161 #ifdef RPC_HDR
162 %
163 %#ifndef opaque
164 %#define opaque char
165 %#endif
166 %
167 #endif
168 program KEY_PROG {
169           version KEY_VERS {
170 
171                     /*
172                      * This is my secret key.
173                      * Store it for me.
174                      */
175                     keystatus
176                     KEY_SET(keybuf) = 1;
177 
178                     /*
179                      * I want to talk to X.
180                      * Encrypt a conversation key for me.
181                      */
182                     cryptkeyres
183                     KEY_ENCRYPT(cryptkeyarg) = 2;
184 
185                     /*
186                      * X just sent me a message.
187                      * Decrypt the conversation key for me.
188                      */
189                     cryptkeyres
190                     KEY_DECRYPT(cryptkeyarg) = 3;
191 
192                     /*
193                      * Generate a secure conversation key for me
194                      */
195                     des_block
196                     KEY_GEN(void) = 4;
197 
198                     /*
199                      * Get me the uid, gid and group-access-list associated
200                      * with this netname (for kernel which cannot use NIS)
201                      */
202                     getcredres
203                     KEY_GETCRED(netnamestr) = 5;
204           } = 1;
205           version KEY_VERS2 {
206 
207                     /*
208                      * #######
209                      * Procedures 1-5 are identical to version 1
210                      * #######
211                      */
212 
213                     /*
214                      * This is my secret key.
215                      * Store it for me.
216                      */
217                     keystatus
218                     KEY_SET(keybuf) = 1;
219 
220                     /*
221                      * I want to talk to X.
222                      * Encrypt a conversation key for me.
223                      */
224                     cryptkeyres
225                     KEY_ENCRYPT(cryptkeyarg) = 2;
226 
227                     /*
228                      * X just sent me a message.
229                      * Decrypt the conversation key for me.
230                      */
231                     cryptkeyres
232                     KEY_DECRYPT(cryptkeyarg) = 3;
233 
234                     /*
235                      * Generate a secure conversation key for me
236                      */
237                     des_block
238                     KEY_GEN(void) = 4;
239 
240                     /*
241                      * Get me the uid, gid and group-access-list associated
242                      * with this netname (for kernel which cannot use NIS)
243                      */
244                     getcredres
245                     KEY_GETCRED(netnamestr) = 5;
246 
247                     /*
248                      * I want to talk to X. and I know X's public key
249                      * Encrypt a conversation key for me.
250                      */
251                     cryptkeyres
252                     KEY_ENCRYPT_PK(cryptkeyarg2) = 6;
253 
254                     /*
255                      * X just sent me a message. and I know X's public key
256                      * Decrypt the conversation key for me.
257                      */
258                     cryptkeyres
259                     KEY_DECRYPT_PK(cryptkeyarg2) = 7;
260 
261                     /*
262                      * Store my public key, netname and private key.
263                      */
264                     keystatus
265                     KEY_NET_PUT(key_netstarg) = 8;
266 
267                     /*
268                      * Retrieve my public key, netname and private key.
269                      */
270                     key_netstres
271                     KEY_NET_GET(void) = 9;
272 
273                     /*
274                      * Return me the conversation key that is constructed
275                      * from my secret key and this publickey.
276                      */
277 
278                     cryptkeyres
279                     KEY_GET_CONV(keybuf) = 10;
280 
281 
282           } = 2;
283 } = 100029;
284 
285 
286