1*8785398fSHiroki Sato %/*- 2*8785398fSHiroki Sato % * Copyright (c) 2010, Oracle America, Inc. 33b0f7467SBill Paul % * 4*8785398fSHiroki Sato % * Redistribution and use in source and binary forms, with or without 5*8785398fSHiroki Sato % * modification, are permitted provided that the following conditions are 6*8785398fSHiroki Sato % * met: 73b0f7467SBill Paul % * 8*8785398fSHiroki Sato % * * Redistributions of source code must retain the above copyright 9*8785398fSHiroki Sato % * notice, this list of conditions and the following disclaimer. 10*8785398fSHiroki Sato % * * Redistributions in binary form must reproduce the above 11*8785398fSHiroki Sato % * copyright notice, this list of conditions and the following 12*8785398fSHiroki Sato % * disclaimer in the documentation and/or other materials 13*8785398fSHiroki Sato % * provided with the distribution. 14*8785398fSHiroki Sato % * * Neither the name of the "Oracle America, Inc." nor the names of its 15*8785398fSHiroki Sato % * contributors may be used to endorse or promote products derived 16*8785398fSHiroki Sato % * from this software without specific prior written permission. 173b0f7467SBill Paul % * 18*8785398fSHiroki Sato % * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19*8785398fSHiroki Sato % * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20*8785398fSHiroki Sato % * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 21*8785398fSHiroki Sato % * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 22*8785398fSHiroki Sato % * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 23*8785398fSHiroki Sato % * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24*8785398fSHiroki Sato % * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE 25*8785398fSHiroki Sato % * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26*8785398fSHiroki Sato % * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 27*8785398fSHiroki Sato % * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 28*8785398fSHiroki Sato % * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 29*8785398fSHiroki Sato % * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 303b0f7467SBill Paul % */ 313b0f7467SBill Paul /* 323b0f7467SBill Paul * Key server protocol definition 333b0f7467SBill Paul * Copyright (C) 1990, 1991 Sun Microsystems, Inc. 343b0f7467SBill Paul * 353b0f7467SBill Paul * The keyserver is a public key storage/encryption/decryption service 363b0f7467SBill Paul * The encryption method used is based on the Diffie-Hellman exponential 373b0f7467SBill Paul * key exchange technology. 383b0f7467SBill Paul * 393b0f7467SBill Paul * The key server is local to each machine, akin to the portmapper. 403b0f7467SBill Paul * Under TI-RPC, communication with the keyserver is through the 413b0f7467SBill Paul * loopback transport. 423b0f7467SBill Paul * 433b0f7467SBill Paul * NOTE: This .x file generates the USER level headers for the keyserver. 443b0f7467SBill Paul * the KERNEL level headers are created by hand as they kernel has special 453b0f7467SBill Paul * requirements. 463b0f7467SBill Paul */ 473b0f7467SBill Paul 483b0f7467SBill Paul %/* 493b0f7467SBill Paul % * Compiled from key_prot.x using rpcgen. 503b0f7467SBill Paul % * DO NOT EDIT THIS FILE! 513b0f7467SBill Paul % * This is NOT source code! 523b0f7467SBill Paul % */ 533b0f7467SBill Paul 543b0f7467SBill Paul /* 553b0f7467SBill Paul * PROOT and MODULUS define the way the Diffie-Hellman key is generated. 563b0f7467SBill Paul * 573b0f7467SBill Paul * MODULUS should be chosen as a prime of the form: MODULUS == 2*p + 1, 583b0f7467SBill Paul * where p is also prime. 593b0f7467SBill Paul * 603b0f7467SBill Paul * PROOT satisfies the following two conditions: 613b0f7467SBill Paul * (1) (PROOT ** 2) % MODULUS != 1 623b0f7467SBill Paul * (2) (PROOT ** p) % MODULUS != 1 633b0f7467SBill Paul * 643b0f7467SBill Paul */ 653b0f7467SBill Paul 663b0f7467SBill Paul const PROOT = 3; 673b0f7467SBill Paul const HEXMODULUS = "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b"; 683b0f7467SBill Paul 693b0f7467SBill Paul const HEXKEYBYTES = 48; /* HEXKEYBYTES == strlen(HEXMODULUS) */ 703b0f7467SBill Paul const KEYSIZE = 192; /* KEYSIZE == bit length of key */ 713b0f7467SBill Paul const KEYBYTES = 24; /* byte length of key */ 723b0f7467SBill Paul 733b0f7467SBill Paul /* 743b0f7467SBill Paul * The first 16 hex digits of the encrypted secret key are used as 753b0f7467SBill Paul * a checksum in the database. 763b0f7467SBill Paul */ 773b0f7467SBill Paul const KEYCHECKSUMSIZE = 16; 783b0f7467SBill Paul 793b0f7467SBill Paul /* 803b0f7467SBill Paul * status of operation 813b0f7467SBill Paul */ 823b0f7467SBill Paul enum keystatus { 833b0f7467SBill Paul KEY_SUCCESS, /* no problems */ 843b0f7467SBill Paul KEY_NOSECRET, /* no secret key stored */ 853b0f7467SBill Paul KEY_UNKNOWN, /* unknown netname */ 863b0f7467SBill Paul KEY_SYSTEMERR /* system error (out of memory, encryption failure) */ 873b0f7467SBill Paul }; 883b0f7467SBill Paul 893b0f7467SBill Paul typedef opaque keybuf[HEXKEYBYTES]; /* store key in hex */ 903b0f7467SBill Paul 913b0f7467SBill Paul typedef string netnamestr<MAXNETNAMELEN>; 923b0f7467SBill Paul 933b0f7467SBill Paul /* 943b0f7467SBill Paul * Argument to ENCRYPT or DECRYPT 953b0f7467SBill Paul */ 963b0f7467SBill Paul struct cryptkeyarg { 973b0f7467SBill Paul netnamestr remotename; 983b0f7467SBill Paul des_block deskey; 993b0f7467SBill Paul }; 1003b0f7467SBill Paul 1013b0f7467SBill Paul /* 1023b0f7467SBill Paul * Argument to ENCRYPT_PK or DECRYPT_PK 1033b0f7467SBill Paul */ 1043b0f7467SBill Paul struct cryptkeyarg2 { 1053b0f7467SBill Paul netnamestr remotename; 1063b0f7467SBill Paul netobj remotekey; /* Contains a length up to 1024 bytes */ 1073b0f7467SBill Paul des_block deskey; 1083b0f7467SBill Paul }; 1093b0f7467SBill Paul 1103b0f7467SBill Paul 1113b0f7467SBill Paul /* 1123b0f7467SBill Paul * Result of ENCRYPT, DECRYPT, ENCRYPT_PK, and DECRYPT_PK 1133b0f7467SBill Paul */ 1143b0f7467SBill Paul union cryptkeyres switch (keystatus status) { 1153b0f7467SBill Paul case KEY_SUCCESS: 1163b0f7467SBill Paul des_block deskey; 1173b0f7467SBill Paul default: 1183b0f7467SBill Paul void; 1193b0f7467SBill Paul }; 1203b0f7467SBill Paul 1213b0f7467SBill Paul const MAXGIDS = 16; /* max number of gids in gid list */ 1223b0f7467SBill Paul 1233b0f7467SBill Paul /* 1243b0f7467SBill Paul * Unix credential 1253b0f7467SBill Paul */ 1263b0f7467SBill Paul struct unixcred { 1273b0f7467SBill Paul u_int uid; 1283b0f7467SBill Paul u_int gid; 1293b0f7467SBill Paul u_int gids<MAXGIDS>; 1303b0f7467SBill Paul }; 1313b0f7467SBill Paul 1323b0f7467SBill Paul /* 1333b0f7467SBill Paul * Result returned from GETCRED 1343b0f7467SBill Paul */ 1353b0f7467SBill Paul union getcredres switch (keystatus status) { 1363b0f7467SBill Paul case KEY_SUCCESS: 1373b0f7467SBill Paul unixcred cred; 1383b0f7467SBill Paul default: 1393b0f7467SBill Paul void; 1403b0f7467SBill Paul }; 1413b0f7467SBill Paul /* 1423b0f7467SBill Paul * key_netstarg; 1433b0f7467SBill Paul */ 1443b0f7467SBill Paul 1453b0f7467SBill Paul struct key_netstarg { 1463b0f7467SBill Paul keybuf st_priv_key; 1473b0f7467SBill Paul keybuf st_pub_key; 1483b0f7467SBill Paul netnamestr st_netname; 1493b0f7467SBill Paul }; 1503b0f7467SBill Paul 1513b0f7467SBill Paul union key_netstres switch (keystatus status){ 1523b0f7467SBill Paul case KEY_SUCCESS: 1533b0f7467SBill Paul key_netstarg knet; 1543b0f7467SBill Paul default: 1553b0f7467SBill Paul void; 1563b0f7467SBill Paul }; 1573b0f7467SBill Paul 1583b0f7467SBill Paul #ifdef RPC_HDR 1593b0f7467SBill Paul % 1603b0f7467SBill Paul %#ifndef opaque 1613b0f7467SBill Paul %#define opaque char 1623b0f7467SBill Paul %#endif 1633b0f7467SBill Paul % 1643b0f7467SBill Paul #endif 1653b0f7467SBill Paul program KEY_PROG { 1663b0f7467SBill Paul version KEY_VERS { 1673b0f7467SBill Paul 1683b0f7467SBill Paul /* 1693b0f7467SBill Paul * This is my secret key. 1703b0f7467SBill Paul * Store it for me. 1713b0f7467SBill Paul */ 1723b0f7467SBill Paul keystatus 1733b0f7467SBill Paul KEY_SET(keybuf) = 1; 1743b0f7467SBill Paul 1753b0f7467SBill Paul /* 1763b0f7467SBill Paul * I want to talk to X. 1773b0f7467SBill Paul * Encrypt a conversation key for me. 1783b0f7467SBill Paul */ 1793b0f7467SBill Paul cryptkeyres 1803b0f7467SBill Paul KEY_ENCRYPT(cryptkeyarg) = 2; 1813b0f7467SBill Paul 1823b0f7467SBill Paul /* 1833b0f7467SBill Paul * X just sent me a message. 1843b0f7467SBill Paul * Decrypt the conversation key for me. 1853b0f7467SBill Paul */ 1863b0f7467SBill Paul cryptkeyres 1873b0f7467SBill Paul KEY_DECRYPT(cryptkeyarg) = 3; 1883b0f7467SBill Paul 1893b0f7467SBill Paul /* 1903b0f7467SBill Paul * Generate a secure conversation key for me 1913b0f7467SBill Paul */ 1923b0f7467SBill Paul des_block 1933b0f7467SBill Paul KEY_GEN(void) = 4; 1943b0f7467SBill Paul 1953b0f7467SBill Paul /* 1963b0f7467SBill Paul * Get me the uid, gid and group-access-list associated 1973b0f7467SBill Paul * with this netname (for kernel which cannot use NIS) 1983b0f7467SBill Paul */ 1993b0f7467SBill Paul getcredres 2003b0f7467SBill Paul KEY_GETCRED(netnamestr) = 5; 2013b0f7467SBill Paul } = 1; 2023b0f7467SBill Paul version KEY_VERS2 { 2033b0f7467SBill Paul 2043b0f7467SBill Paul /* 2053b0f7467SBill Paul * ####### 2063b0f7467SBill Paul * Procedures 1-5 are identical to version 1 2073b0f7467SBill Paul * ####### 2083b0f7467SBill Paul */ 2093b0f7467SBill Paul 2103b0f7467SBill Paul /* 2113b0f7467SBill Paul * This is my secret key. 2123b0f7467SBill Paul * Store it for me. 2133b0f7467SBill Paul */ 2143b0f7467SBill Paul keystatus 2153b0f7467SBill Paul KEY_SET(keybuf) = 1; 2163b0f7467SBill Paul 2173b0f7467SBill Paul /* 2183b0f7467SBill Paul * I want to talk to X. 2193b0f7467SBill Paul * Encrypt a conversation key for me. 2203b0f7467SBill Paul */ 2213b0f7467SBill Paul cryptkeyres 2223b0f7467SBill Paul KEY_ENCRYPT(cryptkeyarg) = 2; 2233b0f7467SBill Paul 2243b0f7467SBill Paul /* 2253b0f7467SBill Paul * X just sent me a message. 2263b0f7467SBill Paul * Decrypt the conversation key for me. 2273b0f7467SBill Paul */ 2283b0f7467SBill Paul cryptkeyres 2293b0f7467SBill Paul KEY_DECRYPT(cryptkeyarg) = 3; 2303b0f7467SBill Paul 2313b0f7467SBill Paul /* 2323b0f7467SBill Paul * Generate a secure conversation key for me 2333b0f7467SBill Paul */ 2343b0f7467SBill Paul des_block 2353b0f7467SBill Paul KEY_GEN(void) = 4; 2363b0f7467SBill Paul 2373b0f7467SBill Paul /* 2383b0f7467SBill Paul * Get me the uid, gid and group-access-list associated 2393b0f7467SBill Paul * with this netname (for kernel which cannot use NIS) 2403b0f7467SBill Paul */ 2413b0f7467SBill Paul getcredres 2423b0f7467SBill Paul KEY_GETCRED(netnamestr) = 5; 2433b0f7467SBill Paul 2443b0f7467SBill Paul /* 2453b0f7467SBill Paul * I want to talk to X. and I know X's public key 2463b0f7467SBill Paul * Encrypt a conversation key for me. 2473b0f7467SBill Paul */ 2483b0f7467SBill Paul cryptkeyres 2493b0f7467SBill Paul KEY_ENCRYPT_PK(cryptkeyarg2) = 6; 2503b0f7467SBill Paul 2513b0f7467SBill Paul /* 2523b0f7467SBill Paul * X just sent me a message. and I know X's public key 2533b0f7467SBill Paul * Decrypt the conversation key for me. 2543b0f7467SBill Paul */ 2553b0f7467SBill Paul cryptkeyres 2563b0f7467SBill Paul KEY_DECRYPT_PK(cryptkeyarg2) = 7; 2573b0f7467SBill Paul 2583b0f7467SBill Paul /* 2593b0f7467SBill Paul * Store my public key, netname and private key. 2603b0f7467SBill Paul */ 2613b0f7467SBill Paul keystatus 2623b0f7467SBill Paul KEY_NET_PUT(key_netstarg) = 8; 2633b0f7467SBill Paul 2643b0f7467SBill Paul /* 2653b0f7467SBill Paul * Retrieve my public key, netname and private key. 2663b0f7467SBill Paul */ 2673b0f7467SBill Paul key_netstres 2683b0f7467SBill Paul KEY_NET_GET(void) = 9; 2693b0f7467SBill Paul 2703b0f7467SBill Paul /* 2713b0f7467SBill Paul * Return me the conversation key that is constructed 2723b0f7467SBill Paul * from my secret key and this publickey. 2733b0f7467SBill Paul */ 2743b0f7467SBill Paul 2753b0f7467SBill Paul cryptkeyres 2763b0f7467SBill Paul KEY_GET_CONV(keybuf) = 10; 2773b0f7467SBill Paul 2783b0f7467SBill Paul 2793b0f7467SBill Paul } = 2; 2803b0f7467SBill Paul } = 100029; 2813b0f7467SBill Paul 2823b0f7467SBill Paul 283