1#ifndef DST_H
2#define DST_H
3
4#ifndef HAS_DST_KEY
5typedef struct dst_key {
6	char	*dk_key_name;   /* name of the key */
7	int	dk_key_size;    /* this is the size of the key in bits */
8	int	dk_proto;       /* what protocols this key can be used for */
9	int	dk_alg;         /* algorithm number from key record */
10	unsigned dk_flags;     /* and the flags of the public key */
11	unsigned dk_id;        /* identifier of the key */
12} DST_KEY;
13#endif /* HAS_DST_KEY */
14
15/*
16 * DST Crypto API defintions
17 */
18void     dst_init(void);
19int      dst_check_algorithm(const int);
20
21int dst_sign_data(const int mode,	 /* specifies INIT/UPDATE/FINAL/ALL */
22		  DST_KEY *in_key,	 /* the key to use */
23		  void **context,	 /* pointer to state structure */
24		  const u_char *data,	 /* data to be signed */
25		  const unsigned len,	 /* length of input data */
26		  u_char *signature,	 /* buffer to write signature to */
27		  const unsigned sig_len); /* size of output buffer */
28
29int dst_verify_data(const int mode,	 /* specifies INIT/UPDATE/FINAL/ALL */
30		    DST_KEY *in_key,	 /* the key to use */
31		    void **context,	 /* pointer to state structure */
32		    const u_char *data,  /* data to be verified */
33		    const unsigned len,	 /* length of input data */
34		    const u_char *signature,/* buffer containing signature */
35		    const unsigned sig_len);	 /* length of signature */
36
37
38DST_KEY *dst_read_key(const char *in_name,   /* name of key */
39		      const unsigned in_id, /* key tag identifier */
40		      const int in_alg,      /* key algorithm */
41		      const int key_type);   /* Private/PublicKey wanted*/
42
43int      dst_write_key(const DST_KEY *key,  /* key to write out */
44		       const int key_type); /* Public/Private */
45
46DST_KEY *dst_dnskey_to_key(const char *in_name,	/* KEY record name */
47			   const u_char *key,	/* KEY RDATA */
48			   const unsigned len);	/* size of input buffer*/
49
50
51int      dst_key_to_dnskey(const DST_KEY *key,	/* key to translate */
52			   u_char *out_storage,	/* output buffer */
53			   const unsigned out_len); /* size of out_storage*/
54
55
56DST_KEY *dst_buffer_to_key(const char *key_name,  /* name of the key */
57			   const int alg,	  /* algorithm */
58			   const unsigned flags,  /* dns flags */
59			   const int protocol,	  /* dns protocol */
60			   const u_char *key_buf, /* key in dns wire fmt */
61			   const unsigned key_len);	  /* size of key */
62
63
64int     dst_key_to_buffer(DST_KEY *key, u_char *out_buff, unsigned buf_len);
65
66DST_KEY *dst_generate_key(const char *name,    /* name of new key */
67			  const int bits,      /* size of new key */
68			  const int exp,       /* alg dependent parameter*/
69			  const unsigned flags,     /* key DNS flags */
70			  const int protocol, /* key DNS protocol */
71			  const int alg);       /* key algorithm to generate */
72
73DST_KEY *dst_free_key(DST_KEY *f_key);
74int      dst_compare_keys(const DST_KEY *key1, const DST_KEY *key2);
75
76int	dst_sig_size(DST_KEY *key);
77
78int     dst_random(const int mode, unsigned wanted, u_char *outran);
79
80
81/* support for dns key tags/ids */
82u_int16_t dst_s_dns_key_id(const u_char *dns_key_rdata,
83			   const unsigned rdata_len);
84u_int16_t dst_s_id_calc(const u_char *key_data, const unsigned key_len);
85
86/* Used by callers as well as by the library.  */
87#define RAW_KEY_SIZE    8192        /* large enough to store any key */
88
89/* DST_API control flags */
90/* These are used used in functions dst_sign_data and dst_verify_data */
91#define SIG_MODE_INIT		1  /* initalize digest */
92#define SIG_MODE_UPDATE		2  /* add data to digest */
93#define SIG_MODE_FINAL		4  /* generate/verify signature */
94#define SIG_MODE_ALL		(SIG_MODE_INIT|SIG_MODE_UPDATE|SIG_MODE_FINAL)
95
96/* Flags for dst_read_private_key()  */
97#define DST_FORCE_READ		0x1000000
98#define DST_CAN_SIGN		0x010F
99#define DST_NO_AUTHEN		0x8000
100#define DST_EXTEND_FLAG         0x1000
101#define DST_STANDARD		0
102#define DST_PRIVATE             0x2000000
103#define DST_PUBLIC              0x4000000
104#define DST_RAND_SEMI           1
105#define DST_RAND_STD            2
106#define DST_RAND_KEY            3
107#define DST_RAND_DSS            4
108
109
110/* DST algorithm codes */
111#define KEY_RSA			1
112#define KEY_DH			2
113#define KEY_DSA			3
114#define KEY_PRIVATE		254
115#define KEY_EXPAND		255
116#define KEY_HMAC_MD5		157
117#define KEY_HMAC_SHA1		158
118#define UNKNOWN_KEYALG		0
119#define DST_MAX_ALGS            KEY_HMAC_SHA1
120
121/* DST constants to locations in KEY record  changes in new KEY record */
122#define DST_FLAGS_SIZE		2
123#define DST_KEY_PROT		2
124#define DST_KEY_ALG		3
125#define DST_EXT_FLAG            4
126#define DST_KEY_START		4
127
128#ifndef SIGN_F_NOKEY
129#define SIGN_F_NOKEY		0xC000
130#endif
131
132/* error codes from dst routines */
133#define SIGN_INIT_FAILURE	(-23)
134#define SIGN_UPDATE_FAILURE	(-24)
135#define SIGN_FINAL_FAILURE	(-25)
136#define VERIFY_INIT_FAILURE	(-26)
137#define VERIFY_UPDATE_FAILURE	(-27)
138#define VERIFY_FINAL_FAILURE	(-28)
139#define MISSING_KEY_OR_SIGNATURE (-30)
140#define UNSUPPORTED_KEYALG	(-31)
141
142#endif /* DST_H */
143