source: rtems/cpukit/librpc/include/rpcsvc/key_prot.x @ df49c60

4.104.114.84.95
Last change on this file since df49c60 was df49c60, checked in by Joel Sherrill <joel.sherrill@…>, on 06/12/00 at 15:00:15

Merged from 4.5.0-beta3a

  • Property mode set to 100644
File size: 6.2 KB
Line 
1%/*
2% * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
3% * unrestricted use provided that this legend is included on all tape
4% * media and as a part of the software program in whole or part.  Users
5% * may copy or modify Sun RPC without charge, but are not authorized
6% * to license or distribute it to anyone else except as part of a product or
7% * program developed by the user.
8% *
9% * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
10% * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
11% * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
12% *
13% * Sun RPC is provided with no support and without any obligation on the
14% * part of Sun Microsystems, Inc. to assist in its use, correction,
15% * modification or enhancement.
16% *
17% * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
18% * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
19% * OR ANY PART THEREOF.
20% *
21% * In no event will Sun Microsystems, Inc. be liable for any lost revenue
22% * or profits or other special, indirect and consequential damages, even if
23% * Sun has been advised of the possibility of such damages.
24% *
25% * Sun Microsystems, Inc.
26% * 2550 Garcia Avenue
27% * Mountain View, California  94043
28% */
29/*
30 * Key server protocol definition
31 * Copyright (C) 1990, 1991 Sun Microsystems, Inc.
32 *
33 * The keyserver is a public key storage/encryption/decryption service
34 * The encryption method used is based on the Diffie-Hellman exponential
35 * key exchange technology.
36 *
37 * The key server is local to each machine, akin to the portmapper.
38 * Under TI-RPC, communication with the keyserver is through the
39 * loopback transport.
40 *
41 * NOTE: This .x file generates the USER level headers for the keyserver.
42 * the KERNEL level headers are created by hand as they kernel has special
43 * requirements.
44 */
45
46%/* From: #pragma ident "@(#)key_prot.x 1.7     94/04/29 SMI" */
47%
48%/* Copyright (c)  1990, 1991 Sun Microsystems, Inc. */
49%
50%/*
51% * Compiled from key_prot.x using rpcgen.
52% * DO NOT EDIT THIS FILE!
53% * This is NOT source code!
54% */
55
56/*
57 * PROOT and MODULUS define the way the Diffie-Hellman key is generated.
58 *
59 * MODULUS should be chosen as a prime of the form: MODULUS == 2*p + 1,
60 * where p is also prime.
61 *
62 * PROOT satisfies the following two conditions:
63 * (1) (PROOT ** 2) % MODULUS != 1
64 * (2) (PROOT ** p) % MODULUS != 1
65 *
66 */
67
68const PROOT = 3;
69const HEXMODULUS = "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b";
70
71const HEXKEYBYTES = 48;         /* HEXKEYBYTES == strlen(HEXMODULUS) */
72const KEYSIZE = 192;            /* KEYSIZE == bit length of key */
73const KEYBYTES = 24;            /* byte length of key */
74
75/*
76 * The first 16 hex digits of the encrypted secret key are used as
77 * a checksum in the database.
78 */
79const KEYCHECKSUMSIZE = 16;
80
81/*
82 * status of operation
83 */
84enum keystatus {
85        KEY_SUCCESS,    /* no problems */
86        KEY_NOSECRET,   /* no secret key stored */
87        KEY_UNKNOWN,    /* unknown netname */
88        KEY_SYSTEMERR   /* system error (out of memory, encryption failure) */
89};
90
91typedef opaque keybuf[HEXKEYBYTES];     /* store key in hex */
92
93typedef string netnamestr<MAXNETNAMELEN>;
94
95/*
96 * Argument to ENCRYPT or DECRYPT
97 */
98struct cryptkeyarg {
99        netnamestr remotename;
100        des_block deskey;
101};
102
103/*
104 * Argument to ENCRYPT_PK or DECRYPT_PK
105 */
106struct cryptkeyarg2 {
107        netnamestr remotename;
108        netobj  remotekey;      /* Contains a length up to 1024 bytes */
109        des_block deskey;
110};
111
112
113/*
114 * Result of ENCRYPT, DECRYPT, ENCRYPT_PK, and DECRYPT_PK
115 */
116union cryptkeyres switch (keystatus status) {
117case KEY_SUCCESS:
118        des_block deskey;
119default:
120        void;
121};
122
123const MAXGIDS  = 16;    /* max number of gids in gid list */
124
125/*
126 * Unix credential
127 */     
128struct unixcred {
129        u_int uid;
130        u_int gid;
131        u_int gids<MAXGIDS>;   
132};
133
134/*
135 * Result returned from GETCRED
136 */
137union getcredres switch (keystatus status) {
138case KEY_SUCCESS:
139        unixcred cred;
140default:
141        void;
142};
143/*
144 * key_netstarg;
145 */
146
147struct key_netstarg {
148        keybuf st_priv_key;
149        keybuf st_pub_key;
150        netnamestr st_netname;
151};
152
153union key_netstres switch (keystatus status){
154case KEY_SUCCESS:
155        key_netstarg knet;
156default:
157        void;
158};     
159
160#ifdef RPC_HDR
161%
162%#ifndef opaque
163%#define opaque char
164%#endif
165%
166#endif
167program KEY_PROG {
168        version KEY_VERS {
169
170                /*
171                 * This is my secret key.
172                 * Store it for me.
173                 */
174                keystatus
175                KEY_SET(keybuf) = 1;   
176       
177                /*
178                 * I want to talk to X.
179                 * Encrypt a conversation key for me.
180                 */
181                cryptkeyres
182                KEY_ENCRYPT(cryptkeyarg) = 2;   
183
184                /*
185                 * X just sent me a message.
186                 * Decrypt the conversation key for me.
187                 */
188                cryptkeyres
189                KEY_DECRYPT(cryptkeyarg) = 3;
190
191                /*
192                 * Generate a secure conversation key for me
193                 */
194                des_block
195                KEY_GEN(void) = 4;
196
197                /*
198                 * Get me the uid, gid and group-access-list associated
199                 * with this netname (for kernel which cannot use NIS)
200                 */
201                getcredres
202                KEY_GETCRED(netnamestr) = 5;
203        } = 1;
204        version KEY_VERS2 {
205
206                /*
207                 * #######
208                 * Procedures 1-5 are identical to version 1
209                 * #######
210                 */
211
212                /*
213                 * This is my secret key.
214                 * Store it for me.
215                 */
216                keystatus
217                KEY_SET(keybuf) = 1;   
218       
219                /*
220                 * I want to talk to X.
221                 * Encrypt a conversation key for me.
222                 */
223                cryptkeyres
224                KEY_ENCRYPT(cryptkeyarg) = 2;   
225
226                /*
227                 * X just sent me a message.
228                 * Decrypt the conversation key for me.
229                 */
230                cryptkeyres
231                KEY_DECRYPT(cryptkeyarg) = 3;
232
233                /*
234                 * Generate a secure conversation key for me
235                 */
236                des_block
237                KEY_GEN(void) = 4;
238
239                /*
240                 * Get me the uid, gid and group-access-list associated
241                 * with this netname (for kernel which cannot use NIS)
242                 */
243                getcredres
244                KEY_GETCRED(netnamestr) = 5;
245               
246                /*
247                 * I want to talk to X. and I know X's public key
248                 * Encrypt a conversation key for me.
249                 */
250                cryptkeyres
251                KEY_ENCRYPT_PK(cryptkeyarg2) = 6;       
252
253                /*
254                 * X just sent me a message. and I know X's public key
255                 * Decrypt the conversation key for me.
256                 */
257                cryptkeyres
258                KEY_DECRYPT_PK(cryptkeyarg2) = 7;
259               
260                /*
261                 * Store my public key, netname and private key.
262                 */
263                keystatus
264                KEY_NET_PUT(key_netstarg) = 8;
265               
266                /*
267                 * Retrieve my public key, netname and private key.
268                 */
269                key_netstres
270                KEY_NET_GET(void) = 9;
271               
272                /*
273                 * Return me the conversation key that is constructed
274                 * from my secret key and this publickey.
275                 */
276
277                cryptkeyres
278                KEY_GET_CONV(keybuf) = 10;
279
280               
281        } = 2;
282} = 100029;
283
284
Note: See TracBrowser for help on using the repository browser.