xref: /titanic_41/usr/src/lib/gss_mechs/mech_dh/backend/mech/dhmech_prot.x (revision 7c478bd95313f5f23a4c958a745db2134aa03244)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * ident	"%Z%%M%	%I%	%E% SMI"
24  *
25  * Copyright (c) 1997, by Sun Microsystems, Inc.
26  * All rights reserved.
27  *
28  * Diffie-Hellman GSS protocol descriptions
29  */
30 
31 #ifdef RPC_HDR
32 %/*
33 % *  dhmech_prot.h
34 % *
35 % * Copyright (c) 1997, by Sun Microsystems, Inc.
36 % * All rights reserved.
37 % *
38 % * Diffie-Hellman GSS protocol descriptions
39 % */
40 %
41 %#pragma ident	"%Z%%M%	%I%	%E% SMI"
42 %#include <rpc/key_prot.h>
43 #endif
44 
45 /* Token types */
46 
47 enum dh_token_type {
48 	DH_INIT_CNTX = 1,
49 	DH_ACCEPT_CNTX = 2,
50 	DH_MIC = 3,
51 	DH_WRAP = 4,
52 	DH_DESTROY_CNTX = 5
53 };
54 
55 const DH_MAX_CHECKSUM_SIZE = 128;
56 const DH_PROTO_VERSION = 1;
57 const DH_MAX_SESSION_KEYS = 64;
58 
59 typedef opaque dh_buffer_desc<>;
60 typedef dh_buffer_desc *dh_buffer_t;
61 typedef opaque dh_signature<DH_MAX_CHECKSUM_SIZE>; /* Encrypted checksum */
62 typedef dh_signature *dh_signature_t;
63 typedef des_block dh_key_set<DH_MAX_SESSION_KEYS>;
64 typedef dh_key_set *dh_key_set_t;
65 typedef unsigned int dh_qop_t;
66 
67 struct dh_channel_binding_desc {
68 	unsigned initiator_addrtype;
69 	dh_buffer_desc initiator_address;
70 	unsigned acceptor_addrtype;
71 	dh_buffer_desc acceptor_address;
72 	dh_buffer_desc application_data;
73 };
74 typedef dh_channel_binding_desc *dh_channel_binding_t;
75 
76 struct dh_cntx_desc {
77 	netnamestr remote;
78 	netnamestr local;
79 	unsigned flags;		/* Supported flag values from
80 				 * gss_init_sec_context/gss_accept_sec_context
81 				 */
82 	unsigned expire;
83 	dh_channel_binding_t channel;
84 };
85 typedef dh_cntx_desc *dh_cntx_t;
86 
87 struct dh_init_context_desc {
88 	dh_cntx_desc	cntx;
89 	dh_key_set keys;	/* Session keys encrypted
90 				 * with the common key
91 				 */
92 };
93 typedef dh_init_context_desc *dh_init_context_t;
94 
95 struct dh_accept_context_desc {
96 	dh_cntx_desc cntx;
97 };
98 typedef dh_accept_context_desc *dh_accept_context_t;
99 
100 struct dh_mic_desc {
101 	dh_qop_t qop;
102 	unsigned seqnum;
103 	bool client_flag;	/* True if from  client (context initator). */
104 };
105 typedef dh_mic_desc *dh_mic_t;
106 
107 struct dh_wrap_desc {
108 	dh_mic_desc mic;
109 	bool conf_flag;
110 	opaque body<>;		/*
111 				 * If conf_flag, then body is an encrypted
112 				 * serialize opaque msg<>
113 				 */
114 };
115 typedef dh_wrap_desc *dh_wrap_t;
116 
117 union dh_token_body_desc switch (dh_token_type type) {
118 	case DH_INIT_CNTX:
119 		dh_init_context_desc init_context;
120 	case DH_ACCEPT_CNTX:
121 		dh_accept_context_desc accept_context;
122 	case DH_MIC:
123 		dh_mic_desc sign;
124 	case DH_WRAP:
125 		dh_wrap_desc seal;
126 	case DH_DESTROY_CNTX:
127 		void;
128 };
129 typedef dh_token_body_desc *dh_token_body_t;
130 
131 /*
132  * We define a discriminated union to handle different versions of the
133  * protocal. We will always have a verifier follow this versioned body
134  * as the last member of the token.
135  *
136  * Currently there is only one version, DH_PROTO_VERSION (1).
137  */
138 union dh_version switch (unsigned verno) {
139 	case DH_PROTO_VERSION:
140 		dh_token_body_desc body;
141 };
142 
143 /*
144  * Note: All versions of the Diffie-Hellman protocol will provide a
145  * verifier as the last part of a token. In this way we will always
146  * be able to calucate the signature over the entire versioned body of the
147  * the token.
148  */
149 
150 struct dh_token_desc {
151 	dh_version ver;
152 	dh_signature verifier;
153 };
154 typedef dh_token_desc *dh_token_t;
155 
156 /*
157  * The token return from gss_init_sec_context will be as follows:
158  *
159  *	0x60	tag for APPLICATION 0, SEQUENCE  (constructed, definite length)
160  * 	<length>  DER encoded
161  *	0x06	tag for OID, the mech type.
162  *	<mech type> DER encoded
163  *	token_desc   XDR encoded
164  */
165