key_prot.x revision 32554
1%/* 2% * Sun RPC is a product of Sun Microsystems, Inc. and is provided for 3% * unrestricted use provided that this legend is included on all tape 4% * media and as a part of the software program in whole or part. Users 5% * may copy or modify Sun RPC without charge, but are not authorized 6% * to license or distribute it to anyone else except as part of a product or 7% * program developed by the user. 8% * 9% * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE 10% * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR 11% * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. 12% * 13% * Sun RPC is provided with no support and without any obligation on the 14% * part of Sun Microsystems, Inc. to assist in its use, correction, 15% * modification or enhancement. 16% * 17% * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE 18% * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC 19% * OR ANY PART THEREOF. 20% * 21% * In no event will Sun Microsystems, Inc. be liable for any lost revenue 22% * or profits or other special, indirect and consequential damages, even if 23% * Sun has been advised of the possibility of such damages. 24% * 25% * Sun Microsystems, Inc. 26% * 2550 Garcia Avenue 27% * Mountain View, California 94043 28% */ 29/* 30 * Key server protocol definition 31 * Copyright (C) 1990, 1991 Sun Microsystems, Inc. 32 * 33 * The keyserver is a public key storage/encryption/decryption service 34 * The encryption method used is based on the Diffie-Hellman exponential 35 * key exchange technology. 36 * 37 * The key server is local to each machine, akin to the portmapper. 38 * Under TI-RPC, communication with the keyserver is through the 39 * loopback transport. 40 * 41 * NOTE: This .x file generates the USER level headers for the keyserver. 42 * the KERNEL level headers are created by hand as they kernel has special 43 * requirements. 44 */ 45 46%/* From: #pragma ident "@(#)key_prot.x 1.7 94/04/29 SMI" */ 47% 48%/* Copyright (c) 1990, 1991 Sun Microsystems, Inc. */ 49% 50%/* 51% * Compiled from key_prot.x using rpcgen. 52% * DO NOT EDIT THIS FILE! 53% * This is NOT source code! 54% */ 55 56/* 57 * PROOT and MODULUS define the way the Diffie-Hellman key is generated. 58 * 59 * MODULUS should be chosen as a prime of the form: MODULUS == 2*p + 1, 60 * where p is also prime. 61 * 62 * PROOT satisfies the following two conditions: 63 * (1) (PROOT ** 2) % MODULUS != 1 64 * (2) (PROOT ** p) % MODULUS != 1 65 * 66 */ 67 68const PROOT = 3; 69const HEXMODULUS = "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b"; 70 71const HEXKEYBYTES = 48; /* HEXKEYBYTES == strlen(HEXMODULUS) */ 72const KEYSIZE = 192; /* KEYSIZE == bit length of key */ 73const KEYBYTES = 24; /* byte length of key */ 74 75/* 76 * The first 16 hex digits of the encrypted secret key are used as 77 * a checksum in the database. 78 */ 79const KEYCHECKSUMSIZE = 16; 80 81/* 82 * status of operation 83 */ 84enum keystatus { 85 KEY_SUCCESS, /* no problems */ 86 KEY_NOSECRET, /* no secret key stored */ 87 KEY_UNKNOWN, /* unknown netname */ 88 KEY_SYSTEMERR /* system error (out of memory, encryption failure) */ 89}; 90 91typedef opaque keybuf[HEXKEYBYTES]; /* store key in hex */ 92 93typedef string netnamestr<MAXNETNAMELEN>; 94 95/* 96 * Argument to ENCRYPT or DECRYPT 97 */ 98struct cryptkeyarg { 99 netnamestr remotename; 100 des_block deskey; 101}; 102 103/* 104 * Argument to ENCRYPT_PK or DECRYPT_PK 105 */ 106struct cryptkeyarg2 { 107 netnamestr remotename; 108 netobj remotekey; /* Contains a length up to 1024 bytes */ 109 des_block deskey; 110}; 111 112 113/* 114 * Result of ENCRYPT, DECRYPT, ENCRYPT_PK, and DECRYPT_PK 115 */ 116union cryptkeyres switch (keystatus status) { 117case KEY_SUCCESS: 118 des_block deskey; 119default: 120 void; 121}; 122 123const MAXGIDS = 16; /* max number of gids in gid list */ 124 125/* 126 * Unix credential 127 */ 128struct unixcred { 129 u_int uid; 130 u_int gid; 131 u_int gids<MAXGIDS>; 132}; 133 134/* 135 * Result returned from GETCRED 136 */ 137union getcredres switch (keystatus status) { 138case KEY_SUCCESS: 139 unixcred cred; 140default: 141 void; 142}; 143/* 144 * key_netstarg; 145 */ 146 147struct key_netstarg { 148 keybuf st_priv_key; 149 keybuf st_pub_key; 150 netnamestr st_netname; 151}; 152 153union key_netstres switch (keystatus status){ 154case KEY_SUCCESS: 155 key_netstarg knet; 156default: 157 void; 158}; 159 160#ifdef RPC_HDR 161% 162%#ifndef opaque 163%#define opaque char 164%#endif 165% 166#endif 167program KEY_PROG { 168 version KEY_VERS { 169 170 /* 171 * This is my secret key. 172 * Store it for me. 173 */ 174 keystatus 175 KEY_SET(keybuf) = 1; 176 177 /* 178 * I want to talk to X. 179 * Encrypt a conversation key for me. 180 */ 181 cryptkeyres 182 KEY_ENCRYPT(cryptkeyarg) = 2; 183 184 /* 185 * X just sent me a message. 186 * Decrypt the conversation key for me. 187 */ 188 cryptkeyres 189 KEY_DECRYPT(cryptkeyarg) = 3; 190 191 /* 192 * Generate a secure conversation key for me 193 */ 194 des_block 195 KEY_GEN(void) = 4; 196 197 /* 198 * Get me the uid, gid and group-access-list associated 199 * with this netname (for kernel which cannot use NIS) 200 */ 201 getcredres 202 KEY_GETCRED(netnamestr) = 5; 203 } = 1; 204 version KEY_VERS2 { 205 206 /* 207 * ####### 208 * Procedures 1-5 are identical to version 1 209 * ####### 210 */ 211 212 /* 213 * This is my secret key. 214 * Store it for me. 215 */ 216 keystatus 217 KEY_SET(keybuf) = 1; 218 219 /* 220 * I want to talk to X. 221 * Encrypt a conversation key for me. 222 */ 223 cryptkeyres 224 KEY_ENCRYPT(cryptkeyarg) = 2; 225 226 /* 227 * X just sent me a message. 228 * Decrypt the conversation key for me. 229 */ 230 cryptkeyres 231 KEY_DECRYPT(cryptkeyarg) = 3; 232 233 /* 234 * Generate a secure conversation key for me 235 */ 236 des_block 237 KEY_GEN(void) = 4; 238 239 /* 240 * Get me the uid, gid and group-access-list associated 241 * with this netname (for kernel which cannot use NIS) 242 */ 243 getcredres 244 KEY_GETCRED(netnamestr) = 5; 245 246 /* 247 * I want to talk to X. and I know X's public key 248 * Encrypt a conversation key for me. 249 */ 250 cryptkeyres 251 KEY_ENCRYPT_PK(cryptkeyarg2) = 6; 252 253 /* 254 * X just sent me a message. and I know X's public key 255 * Decrypt the conversation key for me. 256 */ 257 cryptkeyres 258 KEY_DECRYPT_PK(cryptkeyarg2) = 7; 259 260 /* 261 * Store my public key, netname and private key. 262 */ 263 keystatus 264 KEY_NET_PUT(key_netstarg) = 8; 265 266 /* 267 * Retrieve my public key, netname and private key. 268 */ 269 key_netstres 270 KEY_NET_GET(void) = 9; 271 272 /* 273 * Return me the conversation key that is constructed 274 * from my secret key and this publickey. 275 */ 276 277 cryptkeyres 278 KEY_GET_CONV(keybuf) = 10; 279 280 281 } = 2; 282} = 100029; 283 284 285