xref: /freebsd/include/rpcsvc/crypt.x (revision bcf5c7a8b1dcdcd5f27c1aa694f66208dc07a0dd)
1 /*
2  * Copyright (c) 1996
3  *	Bill Paul <wpaul@ctr.columbia.edu>.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  * 3. All advertising materials mentioning features or use of this software
14  *    must display the following acknowledgement:
15  *	This product includes software developed by Bill Paul.
16  * 4. Neither the name of the author nor the names of any co-contributors
17  *    may be used to endorse or promote products derived from this software
18  *    without specific prior written permission.
19  *
20  * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
21  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23  * ARE DISCLAIMED.  IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE
24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30  * SUCH DAMAGE.
31  */
32 
33 #ifndef RPC_HDR
34 %#include <sys/cdefs.h>
35 %__FBSDID("$FreeBSD$");
36 #endif
37 
38 /*
39  * This protocol definition exists because of the U.S. government and
40  * its stupid export laws. We can't export DES code from the United
41  * States to other countries (even though the code already exists
42  * outside the U.S. -- go figure that one out) but we need to make
43  * Secure RPC work. The normal way around this is to break the DES
44  * code out into a shared library; we can then provide a dummy lib
45  * in the base OS and provide the real lib in the secure dist, which
46  * the user can install later. But we need Secure RPC for NIS+, and
47  * there are several system programs that use NIS+ which are statically
48  * linked. We would have to provide replacements for these programs
49  * in the secure dist, but there are a lot, and this is a pain. The
50  * shared lib trick won't work for these programs, and we can't change
51  * them once they're compiled.
52  *
53  * One solution for this problem is to do the DES encryption as a system
54  * call; no programs need to be changed and we can even supply the DES
55  * support as an LKM. But this bloats the kernel. Maybe if we have
56  * Secure NFS one day this will be worth it, but for now we should keep
57  * this mess in user space.
58  *
59  * So we have this second solution: we provide a server that does the
60  * DES encryption for us. In this case, the server is keyserv (we need
61  * it to make Secure RPC work anyway) and we use this protocol to ship
62  * the data back and forth between keyserv and the application.
63  */
64 
65 enum des_dir { ENCRYPT_DES, DECRYPT_DES };
66 enum des_mode { CBC_DES, ECB_DES };
67 
68 struct desargs {
69 	u_char des_key[8];	/* key (with low bit parity) */
70 	des_dir des_dir;	/* direction */
71 	des_mode des_mode;	/* mode */
72 	u_char des_ivec[8];	/* input vector */
73 	opaque desbuf<>;
74 };
75 
76 struct desresp {
77 	opaque desbuf<>;
78 	u_char des_ivec[8];
79 	int stat;
80 };
81 
82 program CRYPT_PROG {
83 	version CRYPT_VERS {
84 		desresp
85 		DES_CRYPT(desargs) = 1;
86 	} = 1;
87 } = 600100029;
88