key_prot.x revision 32554 
126206Swpaul%/*
226206Swpaul% * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
326206Swpaul% * unrestricted use provided that this legend is included on all tape
426206Swpaul% * media and as a part of the software program in whole or part.  Users
526206Swpaul% * may copy or modify Sun RPC without charge, but are not authorized
626206Swpaul% * to license or distribute it to anyone else except as part of a product or
726206Swpaul% * program developed by the user.
826206Swpaul% *
926206Swpaul% * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
1026206Swpaul% * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
1126206Swpaul% * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
1226206Swpaul% *
1326206Swpaul% * Sun RPC is provided with no support and without any obligation on the
1426206Swpaul% * part of Sun Microsystems, Inc. to assist in its use, correction,
1526206Swpaul% * modification or enhancement.
1626206Swpaul% *
1726206Swpaul% * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
1826206Swpaul% * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
1926206Swpaul% * OR ANY PART THEREOF.
2026206Swpaul% *
2126206Swpaul% * In no event will Sun Microsystems, Inc. be liable for any lost revenue
2226206Swpaul% * or profits or other special, indirect and consequential damages, even if
2326206Swpaul% * Sun has been advised of the possibility of such damages.
2426206Swpaul% *
2526206Swpaul% * Sun Microsystems, Inc.
2626206Swpaul% * 2550 Garcia Avenue
2726206Swpaul% * Mountain View, California  94043
2826206Swpaul% */
2926206Swpaul/*
3026206Swpaul * Key server protocol definition
3126206Swpaul * Copyright (C) 1990, 1991 Sun Microsystems, Inc.
3226206Swpaul *
3326206Swpaul * The keyserver is a public key storage/encryption/decryption service
3426206Swpaul * The encryption method used is based on the Diffie-Hellman exponential
3526206Swpaul * key exchange technology.
3626206Swpaul *
3726206Swpaul * The key server is local to each machine, akin to the portmapper.
3826206Swpaul * Under TI-RPC, communication with the keyserver is through the
3926206Swpaul * loopback transport.
4026206Swpaul *
4126206Swpaul * NOTE: This .x file generates the USER level headers for the keyserver.
4226206Swpaul * the KERNEL level headers are created by hand as they kernel has special
4326206Swpaul * requirements.
4426206Swpaul */
4526206Swpaul
4632554Sbde%/* From: #pragma ident	"@(#)key_prot.x	1.7	94/04/29 SMI" */
4726206Swpaul%
4826206Swpaul%/* Copyright (c)  1990, 1991 Sun Microsystems, Inc. */
4926206Swpaul%
5026206Swpaul%/*
5126206Swpaul% * Compiled from key_prot.x using rpcgen.
5226206Swpaul% * DO NOT EDIT THIS FILE!
5326206Swpaul% * This is NOT source code!
5426206Swpaul% */
5526206Swpaul
5626206Swpaul/*
5726206Swpaul * PROOT and MODULUS define the way the Diffie-Hellman key is generated.
5826206Swpaul *
5926206Swpaul * MODULUS should be chosen as a prime of the form: MODULUS == 2*p + 1,
6026206Swpaul * where p is also prime.
6126206Swpaul *
6226206Swpaul * PROOT satisfies the following two conditions:
6326206Swpaul * (1) (PROOT ** 2) % MODULUS != 1
6426206Swpaul * (2) (PROOT ** p) % MODULUS != 1
6526206Swpaul *
6626206Swpaul */
6726206Swpaul
6826206Swpaulconst PROOT = 3;
6926206Swpaulconst HEXMODULUS = "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b";
7026206Swpaul
7126206Swpaulconst HEXKEYBYTES = 48;		/* HEXKEYBYTES == strlen(HEXMODULUS) */
7226206Swpaulconst KEYSIZE = 192;		/* KEYSIZE == bit length of key */
7326206Swpaulconst KEYBYTES = 24;		/* byte length of key */
7426206Swpaul
7526206Swpaul/*
7626206Swpaul * The first 16 hex digits of the encrypted secret key are used as
7726206Swpaul * a checksum in the database.
7826206Swpaul */
7926206Swpaulconst KEYCHECKSUMSIZE = 16;
8026206Swpaul
8126206Swpaul/*
8226206Swpaul * status of operation
8326206Swpaul */
8426206Swpaulenum keystatus {
8526206Swpaul	KEY_SUCCESS,	/* no problems */
8626206Swpaul	KEY_NOSECRET,	/* no secret key stored */
8726206Swpaul	KEY_UNKNOWN,	/* unknown netname */
8826206Swpaul	KEY_SYSTEMERR 	/* system error (out of memory, encryption failure) */
8926206Swpaul};
9026206Swpaul
9126206Swpaultypedef opaque keybuf[HEXKEYBYTES];	/* store key in hex */
9226206Swpaul
9326206Swpaultypedef string netnamestr<MAXNETNAMELEN>;
9426206Swpaul
9526206Swpaul/*
9626206Swpaul * Argument to ENCRYPT or DECRYPT
9726206Swpaul */
9826206Swpaulstruct cryptkeyarg {
9926206Swpaul	netnamestr remotename;
10026206Swpaul	des_block deskey;
10126206Swpaul};
10226206Swpaul
10326206Swpaul/*
10426206Swpaul * Argument to ENCRYPT_PK or DECRYPT_PK
10526206Swpaul */
10626206Swpaulstruct cryptkeyarg2 {
10726206Swpaul	netnamestr remotename;
10826206Swpaul	netobj	remotekey;	/* Contains a length up to 1024 bytes */
10926206Swpaul	des_block deskey;
11026206Swpaul};
11126206Swpaul
11226206Swpaul
11326206Swpaul/*
11426206Swpaul * Result of ENCRYPT, DECRYPT, ENCRYPT_PK, and DECRYPT_PK
11526206Swpaul */
11626206Swpaulunion cryptkeyres switch (keystatus status) {
11726206Swpaulcase KEY_SUCCESS:
11826206Swpaul	des_block deskey;
11926206Swpauldefault:
12026206Swpaul	void;
12126206Swpaul};
12226206Swpaul
12326206Swpaulconst MAXGIDS  = 16;	/* max number of gids in gid list */
12426206Swpaul
12526206Swpaul/*
12626206Swpaul * Unix credential
12726206Swpaul */
12826206Swpaulstruct unixcred {
12926206Swpaul	u_int uid;
13026206Swpaul	u_int gid;
13126206Swpaul	u_int gids<MAXGIDS>;
13226206Swpaul};
13326206Swpaul
13426206Swpaul/*
13526206Swpaul * Result returned from GETCRED
13626206Swpaul */
13726206Swpaulunion getcredres switch (keystatus status) {
13826206Swpaulcase KEY_SUCCESS:
13926206Swpaul	unixcred cred;
14026206Swpauldefault:
14126206Swpaul	void;
14226206Swpaul};
14326206Swpaul/*
14426206Swpaul * key_netstarg;
14526206Swpaul */
14626206Swpaul
14726206Swpaulstruct key_netstarg {
14826206Swpaul	keybuf st_priv_key;
14926206Swpaul	keybuf st_pub_key;
15026206Swpaul	netnamestr st_netname;
15126206Swpaul};
15226206Swpaul
15326206Swpaulunion key_netstres switch (keystatus status){
15426206Swpaulcase KEY_SUCCESS:
15526206Swpaul	key_netstarg knet;
15626206Swpauldefault:
15726206Swpaul	void;
15826206Swpaul};
15926206Swpaul
16026206Swpaul#ifdef RPC_HDR
16126206Swpaul%
16226206Swpaul%#ifndef opaque
16326206Swpaul%#define opaque char
16426206Swpaul%#endif
16526206Swpaul%
16626206Swpaul#endif
16726206Swpaulprogram KEY_PROG {
16826206Swpaul	version KEY_VERS {
16926206Swpaul
17026206Swpaul		/*
17126206Swpaul		 * This is my secret key.
17226206Swpaul	 	 * Store it for me.
17326206Swpaul		 */
17426206Swpaul		keystatus
17526206Swpaul		KEY_SET(keybuf) = 1;
17626206Swpaul
17726206Swpaul		/*
17826206Swpaul		 * I want to talk to X.
17926206Swpaul		 * Encrypt a conversation key for me.
18026206Swpaul	 	 */
18126206Swpaul		cryptkeyres
18226206Swpaul		KEY_ENCRYPT(cryptkeyarg) = 2;
18326206Swpaul
18426206Swpaul		/*
18526206Swpaul		 * X just sent me a message.
18626206Swpaul		 * Decrypt the conversation key for me.
18726206Swpaul		 */
18826206Swpaul		cryptkeyres
18926206Swpaul		KEY_DECRYPT(cryptkeyarg) = 3;
19026206Swpaul
19126206Swpaul		/*
19226206Swpaul		 * Generate a secure conversation key for me
19326206Swpaul		 */
19426206Swpaul		des_block
19526206Swpaul		KEY_GEN(void) = 4;
19626206Swpaul
19726206Swpaul		/*
19826206Swpaul		 * Get me the uid, gid and group-access-list associated
19926206Swpaul		 * with this netname (for kernel which cannot use NIS)
20026206Swpaul		 */
20126206Swpaul		getcredres
20226206Swpaul		KEY_GETCRED(netnamestr) = 5;
20326206Swpaul	} = 1;
20426206Swpaul	version KEY_VERS2 {
20526206Swpaul
20626206Swpaul		/*
20726206Swpaul		 * #######
20826206Swpaul		 * Procedures 1-5 are identical to version 1
20926206Swpaul		 * #######
21026206Swpaul		 */
21126206Swpaul
21226206Swpaul		/*
21326206Swpaul		 * This is my secret key.
21426206Swpaul	 	 * Store it for me.
21526206Swpaul		 */
21626206Swpaul		keystatus
21726206Swpaul		KEY_SET(keybuf) = 1;
21826206Swpaul
21926206Swpaul		/*
22026206Swpaul		 * I want to talk to X.
22126206Swpaul		 * Encrypt a conversation key for me.
22226206Swpaul	 	 */
22326206Swpaul		cryptkeyres
22426206Swpaul		KEY_ENCRYPT(cryptkeyarg) = 2;
22526206Swpaul
22626206Swpaul		/*
22726206Swpaul		 * X just sent me a message.
22826206Swpaul		 * Decrypt the conversation key for me.
22926206Swpaul		 */
23026206Swpaul		cryptkeyres
23126206Swpaul		KEY_DECRYPT(cryptkeyarg) = 3;
23226206Swpaul
23326206Swpaul		/*
23426206Swpaul		 * Generate a secure conversation key for me
23526206Swpaul		 */
23626206Swpaul		des_block
23726206Swpaul		KEY_GEN(void) = 4;
23826206Swpaul
23926206Swpaul		/*
24026206Swpaul		 * Get me the uid, gid and group-access-list associated
24126206Swpaul		 * with this netname (for kernel which cannot use NIS)
24226206Swpaul		 */
24326206Swpaul		getcredres
24426206Swpaul		KEY_GETCRED(netnamestr) = 5;
24526206Swpaul
24626206Swpaul		/*
24726206Swpaul		 * I want to talk to X. and I know X's public key
24826206Swpaul		 * Encrypt a conversation key for me.
24926206Swpaul	 	 */
25026206Swpaul		cryptkeyres
25126206Swpaul		KEY_ENCRYPT_PK(cryptkeyarg2) = 6;
25226206Swpaul
25326206Swpaul		/*
25426206Swpaul		 * X just sent me a message. and I know X's public key
25526206Swpaul		 * Decrypt the conversation key for me.
25626206Swpaul		 */
25726206Swpaul		cryptkeyres
25826206Swpaul		KEY_DECRYPT_PK(cryptkeyarg2) = 7;
25926206Swpaul
26026206Swpaul		/*
26126206Swpaul		 * Store my public key, netname and private key.
26226206Swpaul		 */
26326206Swpaul		keystatus
26426206Swpaul		KEY_NET_PUT(key_netstarg) = 8;
26526206Swpaul
26626206Swpaul		/*
26726206Swpaul		 * Retrieve my public key, netname and private key.
26826206Swpaul		 */
26926206Swpaul 		key_netstres
27026206Swpaul		KEY_NET_GET(void) = 9;
27126206Swpaul
27226206Swpaul		/*
27326206Swpaul		 * Return me the conversation key that is constructed
27426206Swpaul		 * from my secret key and this publickey.
27526206Swpaul		 */
27626206Swpaul
27726206Swpaul		cryptkeyres
27826206Swpaul		KEY_GET_CONV(keybuf) = 10;
27926206Swpaul
28026206Swpaul
28126206Swpaul	} = 2;
28226206Swpaul} = 100029;
28326206Swpaul
28426206Swpaul
285