key_prot.x revision 32554
126206Swpaul%/* 226206Swpaul% * Sun RPC is a product of Sun Microsystems, Inc. and is provided for 326206Swpaul% * unrestricted use provided that this legend is included on all tape 426206Swpaul% * media and as a part of the software program in whole or part. Users 526206Swpaul% * may copy or modify Sun RPC without charge, but are not authorized 626206Swpaul% * to license or distribute it to anyone else except as part of a product or 726206Swpaul% * program developed by the user. 826206Swpaul% * 926206Swpaul% * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE 1026206Swpaul% * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR 1126206Swpaul% * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. 1226206Swpaul% * 1326206Swpaul% * Sun RPC is provided with no support and without any obligation on the 1426206Swpaul% * part of Sun Microsystems, Inc. to assist in its use, correction, 1526206Swpaul% * modification or enhancement. 1626206Swpaul% * 1726206Swpaul% * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE 1826206Swpaul% * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC 1926206Swpaul% * OR ANY PART THEREOF. 2026206Swpaul% * 2126206Swpaul% * In no event will Sun Microsystems, Inc. be liable for any lost revenue 2226206Swpaul% * or profits or other special, indirect and consequential damages, even if 2326206Swpaul% * Sun has been advised of the possibility of such damages. 2426206Swpaul% * 2526206Swpaul% * Sun Microsystems, Inc. 2626206Swpaul% * 2550 Garcia Avenue 2726206Swpaul% * Mountain View, California 94043 2826206Swpaul% */ 2926206Swpaul/* 3026206Swpaul * Key server protocol definition 3126206Swpaul * Copyright (C) 1990, 1991 Sun Microsystems, Inc. 3226206Swpaul * 3326206Swpaul * The keyserver is a public key storage/encryption/decryption service 3426206Swpaul * The encryption method used is based on the Diffie-Hellman exponential 3526206Swpaul * key exchange technology. 3626206Swpaul * 3726206Swpaul * The key server is local to each machine, akin to the portmapper. 3826206Swpaul * Under TI-RPC, communication with the keyserver is through the 3926206Swpaul * loopback transport. 4026206Swpaul * 4126206Swpaul * NOTE: This .x file generates the USER level headers for the keyserver. 4226206Swpaul * the KERNEL level headers are created by hand as they kernel has special 4326206Swpaul * requirements. 4426206Swpaul */ 4526206Swpaul 4632554Sbde%/* From: #pragma ident "@(#)key_prot.x 1.7 94/04/29 SMI" */ 4726206Swpaul% 4826206Swpaul%/* Copyright (c) 1990, 1991 Sun Microsystems, Inc. */ 4926206Swpaul% 5026206Swpaul%/* 5126206Swpaul% * Compiled from key_prot.x using rpcgen. 5226206Swpaul% * DO NOT EDIT THIS FILE! 5326206Swpaul% * This is NOT source code! 5426206Swpaul% */ 5526206Swpaul 5626206Swpaul/* 5726206Swpaul * PROOT and MODULUS define the way the Diffie-Hellman key is generated. 5826206Swpaul * 5926206Swpaul * MODULUS should be chosen as a prime of the form: MODULUS == 2*p + 1, 6026206Swpaul * where p is also prime. 6126206Swpaul * 6226206Swpaul * PROOT satisfies the following two conditions: 6326206Swpaul * (1) (PROOT ** 2) % MODULUS != 1 6426206Swpaul * (2) (PROOT ** p) % MODULUS != 1 6526206Swpaul * 6626206Swpaul */ 6726206Swpaul 6826206Swpaulconst PROOT = 3; 6926206Swpaulconst HEXMODULUS = "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b"; 7026206Swpaul 7126206Swpaulconst HEXKEYBYTES = 48; /* HEXKEYBYTES == strlen(HEXMODULUS) */ 7226206Swpaulconst KEYSIZE = 192; /* KEYSIZE == bit length of key */ 7326206Swpaulconst KEYBYTES = 24; /* byte length of key */ 7426206Swpaul 7526206Swpaul/* 7626206Swpaul * The first 16 hex digits of the encrypted secret key are used as 7726206Swpaul * a checksum in the database. 7826206Swpaul */ 7926206Swpaulconst KEYCHECKSUMSIZE = 16; 8026206Swpaul 8126206Swpaul/* 8226206Swpaul * status of operation 8326206Swpaul */ 8426206Swpaulenum keystatus { 8526206Swpaul KEY_SUCCESS, /* no problems */ 8626206Swpaul KEY_NOSECRET, /* no secret key stored */ 8726206Swpaul KEY_UNKNOWN, /* unknown netname */ 8826206Swpaul KEY_SYSTEMERR /* system error (out of memory, encryption failure) */ 8926206Swpaul}; 9026206Swpaul 9126206Swpaultypedef opaque keybuf[HEXKEYBYTES]; /* store key in hex */ 9226206Swpaul 9326206Swpaultypedef string netnamestr<MAXNETNAMELEN>; 9426206Swpaul 9526206Swpaul/* 9626206Swpaul * Argument to ENCRYPT or DECRYPT 9726206Swpaul */ 9826206Swpaulstruct cryptkeyarg { 9926206Swpaul netnamestr remotename; 10026206Swpaul des_block deskey; 10126206Swpaul}; 10226206Swpaul 10326206Swpaul/* 10426206Swpaul * Argument to ENCRYPT_PK or DECRYPT_PK 10526206Swpaul */ 10626206Swpaulstruct cryptkeyarg2 { 10726206Swpaul netnamestr remotename; 10826206Swpaul netobj remotekey; /* Contains a length up to 1024 bytes */ 10926206Swpaul des_block deskey; 11026206Swpaul}; 11126206Swpaul 11226206Swpaul 11326206Swpaul/* 11426206Swpaul * Result of ENCRYPT, DECRYPT, ENCRYPT_PK, and DECRYPT_PK 11526206Swpaul */ 11626206Swpaulunion cryptkeyres switch (keystatus status) { 11726206Swpaulcase KEY_SUCCESS: 11826206Swpaul des_block deskey; 11926206Swpauldefault: 12026206Swpaul void; 12126206Swpaul}; 12226206Swpaul 12326206Swpaulconst MAXGIDS = 16; /* max number of gids in gid list */ 12426206Swpaul 12526206Swpaul/* 12626206Swpaul * Unix credential 12726206Swpaul */ 12826206Swpaulstruct unixcred { 12926206Swpaul u_int uid; 13026206Swpaul u_int gid; 13126206Swpaul u_int gids<MAXGIDS>; 13226206Swpaul}; 13326206Swpaul 13426206Swpaul/* 13526206Swpaul * Result returned from GETCRED 13626206Swpaul */ 13726206Swpaulunion getcredres switch (keystatus status) { 13826206Swpaulcase KEY_SUCCESS: 13926206Swpaul unixcred cred; 14026206Swpauldefault: 14126206Swpaul void; 14226206Swpaul}; 14326206Swpaul/* 14426206Swpaul * key_netstarg; 14526206Swpaul */ 14626206Swpaul 14726206Swpaulstruct key_netstarg { 14826206Swpaul keybuf st_priv_key; 14926206Swpaul keybuf st_pub_key; 15026206Swpaul netnamestr st_netname; 15126206Swpaul}; 15226206Swpaul 15326206Swpaulunion key_netstres switch (keystatus status){ 15426206Swpaulcase KEY_SUCCESS: 15526206Swpaul key_netstarg knet; 15626206Swpauldefault: 15726206Swpaul void; 15826206Swpaul}; 15926206Swpaul 16026206Swpaul#ifdef RPC_HDR 16126206Swpaul% 16226206Swpaul%#ifndef opaque 16326206Swpaul%#define opaque char 16426206Swpaul%#endif 16526206Swpaul% 16626206Swpaul#endif 16726206Swpaulprogram KEY_PROG { 16826206Swpaul version KEY_VERS { 16926206Swpaul 17026206Swpaul /* 17126206Swpaul * This is my secret key. 17226206Swpaul * Store it for me. 17326206Swpaul */ 17426206Swpaul keystatus 17526206Swpaul KEY_SET(keybuf) = 1; 17626206Swpaul 17726206Swpaul /* 17826206Swpaul * I want to talk to X. 17926206Swpaul * Encrypt a conversation key for me. 18026206Swpaul */ 18126206Swpaul cryptkeyres 18226206Swpaul KEY_ENCRYPT(cryptkeyarg) = 2; 18326206Swpaul 18426206Swpaul /* 18526206Swpaul * X just sent me a message. 18626206Swpaul * Decrypt the conversation key for me. 18726206Swpaul */ 18826206Swpaul cryptkeyres 18926206Swpaul KEY_DECRYPT(cryptkeyarg) = 3; 19026206Swpaul 19126206Swpaul /* 19226206Swpaul * Generate a secure conversation key for me 19326206Swpaul */ 19426206Swpaul des_block 19526206Swpaul KEY_GEN(void) = 4; 19626206Swpaul 19726206Swpaul /* 19826206Swpaul * Get me the uid, gid and group-access-list associated 19926206Swpaul * with this netname (for kernel which cannot use NIS) 20026206Swpaul */ 20126206Swpaul getcredres 20226206Swpaul KEY_GETCRED(netnamestr) = 5; 20326206Swpaul } = 1; 20426206Swpaul version KEY_VERS2 { 20526206Swpaul 20626206Swpaul /* 20726206Swpaul * ####### 20826206Swpaul * Procedures 1-5 are identical to version 1 20926206Swpaul * ####### 21026206Swpaul */ 21126206Swpaul 21226206Swpaul /* 21326206Swpaul * This is my secret key. 21426206Swpaul * Store it for me. 21526206Swpaul */ 21626206Swpaul keystatus 21726206Swpaul KEY_SET(keybuf) = 1; 21826206Swpaul 21926206Swpaul /* 22026206Swpaul * I want to talk to X. 22126206Swpaul * Encrypt a conversation key for me. 22226206Swpaul */ 22326206Swpaul cryptkeyres 22426206Swpaul KEY_ENCRYPT(cryptkeyarg) = 2; 22526206Swpaul 22626206Swpaul /* 22726206Swpaul * X just sent me a message. 22826206Swpaul * Decrypt the conversation key for me. 22926206Swpaul */ 23026206Swpaul cryptkeyres 23126206Swpaul KEY_DECRYPT(cryptkeyarg) = 3; 23226206Swpaul 23326206Swpaul /* 23426206Swpaul * Generate a secure conversation key for me 23526206Swpaul */ 23626206Swpaul des_block 23726206Swpaul KEY_GEN(void) = 4; 23826206Swpaul 23926206Swpaul /* 24026206Swpaul * Get me the uid, gid and group-access-list associated 24126206Swpaul * with this netname (for kernel which cannot use NIS) 24226206Swpaul */ 24326206Swpaul getcredres 24426206Swpaul KEY_GETCRED(netnamestr) = 5; 24526206Swpaul 24626206Swpaul /* 24726206Swpaul * I want to talk to X. and I know X's public key 24826206Swpaul * Encrypt a conversation key for me. 24926206Swpaul */ 25026206Swpaul cryptkeyres 25126206Swpaul KEY_ENCRYPT_PK(cryptkeyarg2) = 6; 25226206Swpaul 25326206Swpaul /* 25426206Swpaul * X just sent me a message. and I know X's public key 25526206Swpaul * Decrypt the conversation key for me. 25626206Swpaul */ 25726206Swpaul cryptkeyres 25826206Swpaul KEY_DECRYPT_PK(cryptkeyarg2) = 7; 25926206Swpaul 26026206Swpaul /* 26126206Swpaul * Store my public key, netname and private key. 26226206Swpaul */ 26326206Swpaul keystatus 26426206Swpaul KEY_NET_PUT(key_netstarg) = 8; 26526206Swpaul 26626206Swpaul /* 26726206Swpaul * Retrieve my public key, netname and private key. 26826206Swpaul */ 26926206Swpaul key_netstres 27026206Swpaul KEY_NET_GET(void) = 9; 27126206Swpaul 27226206Swpaul /* 27326206Swpaul * Return me the conversation key that is constructed 27426206Swpaul * from my secret key and this publickey. 27526206Swpaul */ 27626206Swpaul 27726206Swpaul cryptkeyres 27826206Swpaul KEY_GET_CONV(keybuf) = 10; 27926206Swpaul 28026206Swpaul 28126206Swpaul } = 2; 28226206Swpaul} = 100029; 28326206Swpaul 28426206Swpaul 285