Warning, /include/rpcsvc/key_prot.x is written in an unsupported language. File is not indexed.
0001 /*
0002 * Key server protocol definition
0003 * Copyright (c) 2010, Oracle America, Inc.
0004 *
0005 * Redistribution and use in source and binary forms, with or without
0006 * modification, are permitted provided that the following conditions are
0007 * met:
0008 *
0009 * * Redistributions of source code must retain the above copyright
0010 * notice, this list of conditions and the following disclaimer.
0011 * * Redistributions in binary form must reproduce the above
0012 * copyright notice, this list of conditions and the following
0013 * disclaimer in the documentation and/or other materials
0014 * provided with the distribution.
0015 * * Neither the name of the "Oracle America, Inc." nor the names of its
0016 * contributors may be used to endorse or promote products derived
0017 * from this software without specific prior written permission.
0018 *
0019 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
0020 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
0021 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
0022 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
0023 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
0024 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
0025 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
0026 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
0027 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
0028 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
0029 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
0030 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
0031 *
0032 * The keyserver is a public key storage/encryption/decryption service
0033 * The encryption method used is based on the Diffie-Hellman exponential
0034 * key exchange technology.
0035 *
0036 * The key server is local to each machine, akin to the portmapper.
0037 * Under TI-RPC, communication with the keyserver is through the
0038 * loopback transport.
0039 *
0040 * NOTE: This .x file generates the USER level headers for the keyserver.
0041 * the KERNEL level headers are created by hand as they kernel has special
0042 * requirements.
0043 */
0044
0045 %#if 0
0046 %#pragma ident "@(#)key_prot.x 1.7 94/04/29 SMI"
0047 %#endif
0048 %
0049 %/* Copyright (c) 1990, 1991 Sun Microsystems, Inc. */
0050 %
0051 %/*
0052 % * Compiled from key_prot.x using rpcgen.
0053 % * DO NOT EDIT THIS FILE!
0054 % * This is NOT source code!
0055 % */
0056
0057 /*
0058 * PROOT and MODULUS define the way the Diffie-Hellman key is generated.
0059 *
0060 * MODULUS should be chosen as a prime of the form: MODULUS == 2*p + 1,
0061 * where p is also prime.
0062 *
0063 * PROOT satisfies the following two conditions:
0064 * (1) (PROOT ** 2) % MODULUS != 1
0065 * (2) (PROOT ** p) % MODULUS != 1
0066 *
0067 */
0068
0069 const PROOT = 3;
0070 const HEXMODULUS = "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b";
0071
0072 const HEXKEYBYTES = 48; /* HEXKEYBYTES == strlen(HEXMODULUS) */
0073 const KEYSIZE = 192; /* KEYSIZE == bit length of key */
0074 const KEYBYTES = 24; /* byte length of key */
0075
0076 /*
0077 * The first 16 hex digits of the encrypted secret key are used as
0078 * a checksum in the database.
0079 */
0080 const KEYCHECKSUMSIZE = 16;
0081
0082 /*
0083 * status of operation
0084 */
0085 enum keystatus {
0086 KEY_SUCCESS, /* no problems */
0087 KEY_NOSECRET, /* no secret key stored */
0088 KEY_UNKNOWN, /* unknown netname */
0089 KEY_SYSTEMERR /* system error (out of memory, encryption failure) */
0090 };
0091
0092 typedef opaque keybuf[HEXKEYBYTES]; /* store key in hex */
0093
0094 typedef string netnamestr<MAXNETNAMELEN>;
0095
0096 /*
0097 * Argument to ENCRYPT or DECRYPT
0098 */
0099 struct cryptkeyarg {
0100 netnamestr remotename;
0101 des_block deskey;
0102 };
0103
0104 /*
0105 * Argument to ENCRYPT_PK or DECRYPT_PK
0106 */
0107 struct cryptkeyarg2 {
0108 netnamestr remotename;
0109 netobj remotekey; /* Contains a length up to 1024 bytes */
0110 des_block deskey;
0111 };
0112
0113
0114 /*
0115 * Result of ENCRYPT, DECRYPT, ENCRYPT_PK, and DECRYPT_PK
0116 */
0117 union cryptkeyres switch (keystatus status) {
0118 case KEY_SUCCESS:
0119 des_block deskey;
0120 default:
0121 void;
0122 };
0123
0124 const MAXGIDS = 16; /* max number of gids in gid list */
0125
0126 /*
0127 * Unix credential
0128 */
0129 struct unixcred {
0130 u_int uid;
0131 u_int gid;
0132 u_int gids<MAXGIDS>;
0133 };
0134
0135 /*
0136 * Result returned from GETCRED
0137 */
0138 union getcredres switch (keystatus status) {
0139 case KEY_SUCCESS:
0140 unixcred cred;
0141 default:
0142 void;
0143 };
0144 /*
0145 * key_netstarg;
0146 */
0147
0148 struct key_netstarg {
0149 keybuf st_priv_key;
0150 keybuf st_pub_key;
0151 netnamestr st_netname;
0152 };
0153
0154 union key_netstres switch (keystatus status){
0155 case KEY_SUCCESS:
0156 key_netstarg knet;
0157 default:
0158 void;
0159 };
0160
0161 #ifdef RPC_HDR
0162 %
0163 %#ifndef opaque
0164 %#define opaque char
0165 %#endif
0166 %
0167 #endif
0168 program KEY_PROG {
0169 version KEY_VERS {
0170
0171 /*
0172 * This is my secret key.
0173 * Store it for me.
0174 */
0175 keystatus
0176 KEY_SET(keybuf) = 1;
0177
0178 /*
0179 * I want to talk to X.
0180 * Encrypt a conversation key for me.
0181 */
0182 cryptkeyres
0183 KEY_ENCRYPT(cryptkeyarg) = 2;
0184
0185 /*
0186 * X just sent me a message.
0187 * Decrypt the conversation key for me.
0188 */
0189 cryptkeyres
0190 KEY_DECRYPT(cryptkeyarg) = 3;
0191
0192 /*
0193 * Generate a secure conversation key for me
0194 */
0195 des_block
0196 KEY_GEN(void) = 4;
0197
0198 /*
0199 * Get me the uid, gid and group-access-list associated
0200 * with this netname (for kernel which cannot use NIS)
0201 */
0202 getcredres
0203 KEY_GETCRED(netnamestr) = 5;
0204 } = 1;
0205 version KEY_VERS2 {
0206
0207 /*
0208 * #######
0209 * Procedures 1-5 are identical to version 1
0210 * #######
0211 */
0212
0213 /*
0214 * This is my secret key.
0215 * Store it for me.
0216 */
0217 keystatus
0218 KEY_SET(keybuf) = 1;
0219
0220 /*
0221 * I want to talk to X.
0222 * Encrypt a conversation key for me.
0223 */
0224 cryptkeyres
0225 KEY_ENCRYPT(cryptkeyarg) = 2;
0226
0227 /*
0228 * X just sent me a message.
0229 * Decrypt the conversation key for me.
0230 */
0231 cryptkeyres
0232 KEY_DECRYPT(cryptkeyarg) = 3;
0233
0234 /*
0235 * Generate a secure conversation key for me
0236 */
0237 des_block
0238 KEY_GEN(void) = 4;
0239
0240 /*
0241 * Get me the uid, gid and group-access-list associated
0242 * with this netname (for kernel which cannot use NIS)
0243 */
0244 getcredres
0245 KEY_GETCRED(netnamestr) = 5;
0246
0247 /*
0248 * I want to talk to X. and I know X's public key
0249 * Encrypt a conversation key for me.
0250 */
0251 cryptkeyres
0252 KEY_ENCRYPT_PK(cryptkeyarg2) = 6;
0253
0254 /*
0255 * X just sent me a message. and I know X's public key
0256 * Decrypt the conversation key for me.
0257 */
0258 cryptkeyres
0259 KEY_DECRYPT_PK(cryptkeyarg2) = 7;
0260
0261 /*
0262 * Store my public key, netname and private key.
0263 */
0264 keystatus
0265 KEY_NET_PUT(key_netstarg) = 8;
0266
0267 /*
0268 * Retrieve my public key, netname and private key.
0269 */
0270 key_netstres
0271 KEY_NET_GET(void) = 9;
0272
0273 /*
0274 * Return me the conversation key that is constructed
0275 * from my secret key and this publickey.
0276 */
0277
0278 cryptkeyres
0279 KEY_GET_CONV(keybuf) = 10;
0280
0281
0282 } = 2;
0283 } = 100029;
