1#ifndef DST_H 2#define DST_H 3 4#ifndef HAS_DST_KEY 5typedef struct dst_key { 6 char *dk_key_name; /* name of the key */ 7 int dk_key_size; /* this is the size of the key in bits */ 8 int dk_proto; /* what protocols this key can be used for */ 9 int dk_alg; /* algorithm number from key record */ 10 unsigned dk_flags; /* and the flags of the public key */ 11 unsigned dk_id; /* identifier of the key */ 12} DST_KEY; 13#endif /* HAS_DST_KEY */ 14 15/* 16 * DST Crypto API defintions 17 */ 18void dst_init(void); 19int dst_check_algorithm(const int); 20 21int dst_sign_data(const int mode, /* specifies INIT/UPDATE/FINAL/ALL */ 22 DST_KEY *in_key, /* the key to use */ 23 void **context, /* pointer to state structure */ 24 const u_char *data, /* data to be signed */ 25 const unsigned len, /* length of input data */ 26 u_char *signature, /* buffer to write signature to */ 27 const unsigned sig_len); /* size of output buffer */ 28 29int dst_verify_data(const int mode, /* specifies INIT/UPDATE/FINAL/ALL */ 30 DST_KEY *in_key, /* the key to use */ 31 void **context, /* pointer to state structure */ 32 const u_char *data, /* data to be verified */ 33 const unsigned len, /* length of input data */ 34 const u_char *signature,/* buffer containing signature */ 35 const unsigned sig_len); /* length of signature */ 36 37 38DST_KEY *dst_read_key(const char *in_name, /* name of key */ 39 const unsigned in_id, /* key tag identifier */ 40 const int in_alg, /* key algorithm */ 41 const int key_type); /* Private/PublicKey wanted*/ 42 43int dst_write_key(const DST_KEY *key, /* key to write out */ 44 const int key_type); /* Public/Private */ 45 46DST_KEY *dst_dnskey_to_key(const char *in_name, /* KEY record name */ 47 const u_char *key, /* KEY RDATA */ 48 const unsigned len); /* size of input buffer*/ 49 50 51int dst_key_to_dnskey(const DST_KEY *key, /* key to translate */ 52 u_char *out_storage, /* output buffer */ 53 const unsigned out_len); /* size of out_storage*/ 54 55 56DST_KEY *dst_buffer_to_key(const char *key_name, /* name of the key */ 57 const int alg, /* algorithm */ 58 const unsigned flags, /* dns flags */ 59 const int protocol, /* dns protocol */ 60 const u_char *key_buf, /* key in dns wire fmt */ 61 const unsigned key_len); /* size of key */ 62 63 64int dst_key_to_buffer(DST_KEY *key, u_char *out_buff, unsigned buf_len); 65 66DST_KEY *dst_generate_key(const char *name, /* name of new key */ 67 const int bits, /* size of new key */ 68 const int exp, /* alg dependent parameter*/ 69 const unsigned flags, /* key DNS flags */ 70 const int protocol, /* key DNS protocol */ 71 const int alg); /* key algorithm to generate */ 72 73DST_KEY *dst_free_key(DST_KEY *f_key); 74int dst_compare_keys(const DST_KEY *key1, const DST_KEY *key2); 75 76int dst_sig_size(DST_KEY *key); 77 78int dst_random(const int mode, unsigned wanted, u_char *outran); 79 80 81/* support for dns key tags/ids */ 82u_int16_t dst_s_dns_key_id(const u_char *dns_key_rdata, 83 const unsigned rdata_len); 84u_int16_t dst_s_id_calc(const u_char *key_data, const unsigned key_len); 85 86/* Used by callers as well as by the library. */ 87#define RAW_KEY_SIZE 8192 /* large enough to store any key */ 88 89/* DST_API control flags */ 90/* These are used used in functions dst_sign_data and dst_verify_data */ 91#define SIG_MODE_INIT 1 /* initalize digest */ 92#define SIG_MODE_UPDATE 2 /* add data to digest */ 93#define SIG_MODE_FINAL 4 /* generate/verify signature */ 94#define SIG_MODE_ALL (SIG_MODE_INIT|SIG_MODE_UPDATE|SIG_MODE_FINAL) 95 96/* Flags for dst_read_private_key() */ 97#define DST_FORCE_READ 0x1000000 98#define DST_CAN_SIGN 0x010F 99#define DST_NO_AUTHEN 0x8000 100#define DST_EXTEND_FLAG 0x1000 101#define DST_STANDARD 0 102#define DST_PRIVATE 0x2000000 103#define DST_PUBLIC 0x4000000 104#define DST_RAND_SEMI 1 105#define DST_RAND_STD 2 106#define DST_RAND_KEY 3 107#define DST_RAND_DSS 4 108 109 110/* DST algorithm codes */ 111#define KEY_RSA 1 112#define KEY_DH 2 113#define KEY_DSA 3 114#define KEY_PRIVATE 254 115#define KEY_EXPAND 255 116#define KEY_HMAC_MD5 157 117#define KEY_HMAC_SHA1 158 118#define UNKNOWN_KEYALG 0 119#define DST_MAX_ALGS KEY_HMAC_SHA1 120 121/* DST constants to locations in KEY record changes in new KEY record */ 122#define DST_FLAGS_SIZE 2 123#define DST_KEY_PROT 2 124#define DST_KEY_ALG 3 125#define DST_EXT_FLAG 4 126#define DST_KEY_START 4 127 128#ifndef SIGN_F_NOKEY 129#define SIGN_F_NOKEY 0xC000 130#endif 131 132/* error codes from dst routines */ 133#define SIGN_INIT_FAILURE (-23) 134#define SIGN_UPDATE_FAILURE (-24) 135#define SIGN_FINAL_FAILURE (-25) 136#define VERIFY_INIT_FAILURE (-26) 137#define VERIFY_UPDATE_FAILURE (-27) 138#define VERIFY_FINAL_FAILURE (-28) 139#define MISSING_KEY_OR_SIGNATURE (-30) 140#define UNSUPPORTED_KEYALG (-31) 141 142#endif /* DST_H */ 143