1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * ident "%Z%%M% %I% %E% SMI" 24 * 25 * Copyright (c) 1997, by Sun Microsystems, Inc. 26 * All rights reserved. 27 * 28 * Diffie-Hellman GSS protocol descriptions 29 */ 30 31 #ifdef RPC_HDR 32 %/* 33 % * dhmech_prot.h 34 % * 35 % * Copyright (c) 1997, by Sun Microsystems, Inc. 36 % * All rights reserved. 37 % * 38 % * Diffie-Hellman GSS protocol descriptions 39 % */ 40 % 41 %#pragma ident "%Z%%M% %I% %E% SMI" 42 %#include <rpc/key_prot.h> 43 #endif 44 45 /* Token types */ 46 47 enum dh_token_type { 48 DH_INIT_CNTX = 1, 49 DH_ACCEPT_CNTX = 2, 50 DH_MIC = 3, 51 DH_WRAP = 4, 52 DH_DESTROY_CNTX = 5 53 }; 54 55 const DH_MAX_CHECKSUM_SIZE = 128; 56 const DH_PROTO_VERSION = 1; 57 const DH_MAX_SESSION_KEYS = 64; 58 59 typedef opaque dh_buffer_desc<>; 60 typedef dh_buffer_desc *dh_buffer_t; 61 typedef opaque dh_signature<DH_MAX_CHECKSUM_SIZE>; /* Encrypted checksum */ 62 typedef dh_signature *dh_signature_t; 63 typedef des_block dh_key_set<DH_MAX_SESSION_KEYS>; 64 typedef dh_key_set *dh_key_set_t; 65 typedef unsigned int dh_qop_t; 66 67 struct dh_channel_binding_desc { 68 unsigned initiator_addrtype; 69 dh_buffer_desc initiator_address; 70 unsigned acceptor_addrtype; 71 dh_buffer_desc acceptor_address; 72 dh_buffer_desc application_data; 73 }; 74 typedef dh_channel_binding_desc *dh_channel_binding_t; 75 76 struct dh_cntx_desc { 77 netnamestr remote; 78 netnamestr local; 79 unsigned flags; /* Supported flag values from 80 * gss_init_sec_context/gss_accept_sec_context 81 */ 82 unsigned expire; 83 dh_channel_binding_t channel; 84 }; 85 typedef dh_cntx_desc *dh_cntx_t; 86 87 struct dh_init_context_desc { 88 dh_cntx_desc cntx; 89 dh_key_set keys; /* Session keys encrypted 90 * with the common key 91 */ 92 }; 93 typedef dh_init_context_desc *dh_init_context_t; 94 95 struct dh_accept_context_desc { 96 dh_cntx_desc cntx; 97 }; 98 typedef dh_accept_context_desc *dh_accept_context_t; 99 100 struct dh_mic_desc { 101 dh_qop_t qop; 102 unsigned seqnum; 103 bool client_flag; /* True if from client (context initator). */ 104 }; 105 typedef dh_mic_desc *dh_mic_t; 106 107 struct dh_wrap_desc { 108 dh_mic_desc mic; 109 bool conf_flag; 110 opaque body<>; /* 111 * If conf_flag, then body is an encrypted 112 * serialize opaque msg<> 113 */ 114 }; 115 typedef dh_wrap_desc *dh_wrap_t; 116 117 union dh_token_body_desc switch (dh_token_type type) { 118 case DH_INIT_CNTX: 119 dh_init_context_desc init_context; 120 case DH_ACCEPT_CNTX: 121 dh_accept_context_desc accept_context; 122 case DH_MIC: 123 dh_mic_desc sign; 124 case DH_WRAP: 125 dh_wrap_desc seal; 126 case DH_DESTROY_CNTX: 127 void; 128 }; 129 typedef dh_token_body_desc *dh_token_body_t; 130 131 /* 132 * We define a discriminated union to handle different versions of the 133 * protocal. We will always have a verifier follow this versioned body 134 * as the last member of the token. 135 * 136 * Currently there is only one version, DH_PROTO_VERSION (1). 137 */ 138 union dh_version switch (unsigned verno) { 139 case DH_PROTO_VERSION: 140 dh_token_body_desc body; 141 }; 142 143 /* 144 * Note: All versions of the Diffie-Hellman protocol will provide a 145 * verifier as the last part of a token. In this way we will always 146 * be able to calucate the signature over the entire versioned body of the 147 * the token. 148 */ 149 150 struct dh_token_desc { 151 dh_version ver; 152 dh_signature verifier; 153 }; 154 typedef dh_token_desc *dh_token_t; 155 156 /* 157 * The token return from gss_init_sec_context will be as follows: 158 * 159 * 0x60 tag for APPLICATION 0, SEQUENCE (constructed, definite length) 160 * <length> DER encoded 161 * 0x06 tag for OID, the mech type. 162 * <mech type> DER encoded 163 * token_desc XDR encoded 164 */ 165