1*53ee8cc1Swenshuai.xi %/* 2*53ee8cc1Swenshuai.xi % * Sun RPC is a product of Sun Microsystems, Inc. and is provided for 3*53ee8cc1Swenshuai.xi % * unrestricted use provided that this legend is included on all tape 4*53ee8cc1Swenshuai.xi % * media and as a part of the software program in whole or part. Users 5*53ee8cc1Swenshuai.xi % * may copy or modify Sun RPC without charge, but are not authorized 6*53ee8cc1Swenshuai.xi % * to license or distribute it to anyone else except as part of a product or 7*53ee8cc1Swenshuai.xi % * program developed by the user. 8*53ee8cc1Swenshuai.xi % * 9*53ee8cc1Swenshuai.xi % * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE 10*53ee8cc1Swenshuai.xi % * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR 11*53ee8cc1Swenshuai.xi % * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. 12*53ee8cc1Swenshuai.xi % * 13*53ee8cc1Swenshuai.xi % * Sun RPC is provided with no support and without any obligation on the 14*53ee8cc1Swenshuai.xi % * part of Sun Microsystems, Inc. to assist in its use, correction, 15*53ee8cc1Swenshuai.xi % * modification or enhancement. 16*53ee8cc1Swenshuai.xi % * 17*53ee8cc1Swenshuai.xi % * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE 18*53ee8cc1Swenshuai.xi % * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC 19*53ee8cc1Swenshuai.xi % * OR ANY PART THEREOF. 20*53ee8cc1Swenshuai.xi % * 21*53ee8cc1Swenshuai.xi % * In no event will Sun Microsystems, Inc. be liable for any lost revenue 22*53ee8cc1Swenshuai.xi % * or profits or other special, indirect and consequential damages, even if 23*53ee8cc1Swenshuai.xi % * Sun has been advised of the possibility of such damages. 24*53ee8cc1Swenshuai.xi % * 25*53ee8cc1Swenshuai.xi % * Sun Microsystems, Inc. 26*53ee8cc1Swenshuai.xi % * 2550 Garcia Avenue 27*53ee8cc1Swenshuai.xi % * Mountain View, California 94043 28*53ee8cc1Swenshuai.xi % */ 29*53ee8cc1Swenshuai.xi /* 30*53ee8cc1Swenshuai.xi * Key server protocol definition 31*53ee8cc1Swenshuai.xi * Copyright (C) 1990, 1991 Sun Microsystems, Inc. 32*53ee8cc1Swenshuai.xi * 33*53ee8cc1Swenshuai.xi * The keyserver is a public key storage/encryption/decryption service 34*53ee8cc1Swenshuai.xi * The encryption method used is based on the Diffie-Hellman exponential 35*53ee8cc1Swenshuai.xi * key exchange technology. 36*53ee8cc1Swenshuai.xi * 37*53ee8cc1Swenshuai.xi * The key server is local to each machine, akin to the portmapper. 38*53ee8cc1Swenshuai.xi * Under TI-RPC, communication with the keyserver is through the 39*53ee8cc1Swenshuai.xi * loopback transport. 40*53ee8cc1Swenshuai.xi * 41*53ee8cc1Swenshuai.xi * NOTE: This .x file generates the USER level headers for the keyserver. 42*53ee8cc1Swenshuai.xi * the KERNEL level headers are created by hand as they kernel has special 43*53ee8cc1Swenshuai.xi * requirements. 44*53ee8cc1Swenshuai.xi */ 45*53ee8cc1Swenshuai.xi 46*53ee8cc1Swenshuai.xi %#if 0 47*53ee8cc1Swenshuai.xi %#pragma ident "@(#)key_prot.x 1.7 94/04/29 SMI" 48*53ee8cc1Swenshuai.xi %#endif 49*53ee8cc1Swenshuai.xi % 50*53ee8cc1Swenshuai.xi %/* Copyright (c) 1990, 1991 Sun Microsystems, Inc. */ 51*53ee8cc1Swenshuai.xi % 52*53ee8cc1Swenshuai.xi %/* 53*53ee8cc1Swenshuai.xi % * Compiled from key_prot.x using rpcgen. 54*53ee8cc1Swenshuai.xi % * DO NOT EDIT THIS FILE! 55*53ee8cc1Swenshuai.xi % * This is NOT source code! 56*53ee8cc1Swenshuai.xi % */ 57*53ee8cc1Swenshuai.xi 58*53ee8cc1Swenshuai.xi /* 59*53ee8cc1Swenshuai.xi * PROOT and MODULUS define the way the Diffie-Hellman key is generated. 60*53ee8cc1Swenshuai.xi * 61*53ee8cc1Swenshuai.xi * MODULUS should be chosen as a prime of the form: MODULUS == 2*p + 1, 62*53ee8cc1Swenshuai.xi * where p is also prime. 63*53ee8cc1Swenshuai.xi * 64*53ee8cc1Swenshuai.xi * PROOT satisfies the following two conditions: 65*53ee8cc1Swenshuai.xi * (1) (PROOT ** 2) % MODULUS != 1 66*53ee8cc1Swenshuai.xi * (2) (PROOT ** p) % MODULUS != 1 67*53ee8cc1Swenshuai.xi * 68*53ee8cc1Swenshuai.xi */ 69*53ee8cc1Swenshuai.xi 70*53ee8cc1Swenshuai.xi const PROOT = 3; 71*53ee8cc1Swenshuai.xi const HEXMODULUS = "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b"; 72*53ee8cc1Swenshuai.xi 73*53ee8cc1Swenshuai.xi const HEXKEYBYTES = 48; /* HEXKEYBYTES == strlen(HEXMODULUS) */ 74*53ee8cc1Swenshuai.xi const KEYSIZE = 192; /* KEYSIZE == bit length of key */ 75*53ee8cc1Swenshuai.xi const KEYBYTES = 24; /* byte length of key */ 76*53ee8cc1Swenshuai.xi 77*53ee8cc1Swenshuai.xi /* 78*53ee8cc1Swenshuai.xi * The first 16 hex digits of the encrypted secret key are used as 79*53ee8cc1Swenshuai.xi * a checksum in the database. 80*53ee8cc1Swenshuai.xi */ 81*53ee8cc1Swenshuai.xi const KEYCHECKSUMSIZE = 16; 82*53ee8cc1Swenshuai.xi 83*53ee8cc1Swenshuai.xi /* 84*53ee8cc1Swenshuai.xi * status of operation 85*53ee8cc1Swenshuai.xi */ 86*53ee8cc1Swenshuai.xi enum keystatus { 87*53ee8cc1Swenshuai.xi KEY_SUCCESS, /* no problems */ 88*53ee8cc1Swenshuai.xi KEY_NOSECRET, /* no secret key stored */ 89*53ee8cc1Swenshuai.xi KEY_UNKNOWN, /* unknown netname */ 90*53ee8cc1Swenshuai.xi KEY_SYSTEMERR /* system error (out of memory, encryption failure) */ 91*53ee8cc1Swenshuai.xi }; 92*53ee8cc1Swenshuai.xi 93*53ee8cc1Swenshuai.xi typedef opaque keybuf[HEXKEYBYTES]; /* store key in hex */ 94*53ee8cc1Swenshuai.xi 95*53ee8cc1Swenshuai.xi typedef string netnamestr<MAXNETNAMELEN>; 96*53ee8cc1Swenshuai.xi 97*53ee8cc1Swenshuai.xi /* 98*53ee8cc1Swenshuai.xi * Argument to ENCRYPT or DECRYPT 99*53ee8cc1Swenshuai.xi */ 100*53ee8cc1Swenshuai.xi struct cryptkeyarg { 101*53ee8cc1Swenshuai.xi netnamestr remotename; 102*53ee8cc1Swenshuai.xi des_block deskey; 103*53ee8cc1Swenshuai.xi }; 104*53ee8cc1Swenshuai.xi 105*53ee8cc1Swenshuai.xi /* 106*53ee8cc1Swenshuai.xi * Argument to ENCRYPT_PK or DECRYPT_PK 107*53ee8cc1Swenshuai.xi */ 108*53ee8cc1Swenshuai.xi struct cryptkeyarg2 { 109*53ee8cc1Swenshuai.xi netnamestr remotename; 110*53ee8cc1Swenshuai.xi netobj remotekey; /* Contains a length up to 1024 bytes */ 111*53ee8cc1Swenshuai.xi des_block deskey; 112*53ee8cc1Swenshuai.xi }; 113*53ee8cc1Swenshuai.xi 114*53ee8cc1Swenshuai.xi 115*53ee8cc1Swenshuai.xi /* 116*53ee8cc1Swenshuai.xi * Result of ENCRYPT, DECRYPT, ENCRYPT_PK, and DECRYPT_PK 117*53ee8cc1Swenshuai.xi */ 118*53ee8cc1Swenshuai.xi union cryptkeyres switch (keystatus status) { 119*53ee8cc1Swenshuai.xi case KEY_SUCCESS: 120*53ee8cc1Swenshuai.xi des_block deskey; 121*53ee8cc1Swenshuai.xi default: 122*53ee8cc1Swenshuai.xi void; 123*53ee8cc1Swenshuai.xi }; 124*53ee8cc1Swenshuai.xi 125*53ee8cc1Swenshuai.xi const MAXGIDS = 16; /* max number of gids in gid list */ 126*53ee8cc1Swenshuai.xi 127*53ee8cc1Swenshuai.xi /* 128*53ee8cc1Swenshuai.xi * Unix credential 129*53ee8cc1Swenshuai.xi */ 130*53ee8cc1Swenshuai.xi struct unixcred { 131*53ee8cc1Swenshuai.xi u_int uid; 132*53ee8cc1Swenshuai.xi u_int gid; 133*53ee8cc1Swenshuai.xi u_int gids<MAXGIDS>; 134*53ee8cc1Swenshuai.xi }; 135*53ee8cc1Swenshuai.xi 136*53ee8cc1Swenshuai.xi /* 137*53ee8cc1Swenshuai.xi * Result returned from GETCRED 138*53ee8cc1Swenshuai.xi */ 139*53ee8cc1Swenshuai.xi union getcredres switch (keystatus status) { 140*53ee8cc1Swenshuai.xi case KEY_SUCCESS: 141*53ee8cc1Swenshuai.xi unixcred cred; 142*53ee8cc1Swenshuai.xi default: 143*53ee8cc1Swenshuai.xi void; 144*53ee8cc1Swenshuai.xi }; 145*53ee8cc1Swenshuai.xi /* 146*53ee8cc1Swenshuai.xi * key_netstarg; 147*53ee8cc1Swenshuai.xi */ 148*53ee8cc1Swenshuai.xi 149*53ee8cc1Swenshuai.xi struct key_netstarg { 150*53ee8cc1Swenshuai.xi keybuf st_priv_key; 151*53ee8cc1Swenshuai.xi keybuf st_pub_key; 152*53ee8cc1Swenshuai.xi netnamestr st_netname; 153*53ee8cc1Swenshuai.xi }; 154*53ee8cc1Swenshuai.xi 155*53ee8cc1Swenshuai.xi union key_netstres switch (keystatus status){ 156*53ee8cc1Swenshuai.xi case KEY_SUCCESS: 157*53ee8cc1Swenshuai.xi key_netstarg knet; 158*53ee8cc1Swenshuai.xi default: 159*53ee8cc1Swenshuai.xi void; 160*53ee8cc1Swenshuai.xi }; 161*53ee8cc1Swenshuai.xi 162*53ee8cc1Swenshuai.xi #ifdef RPC_HDR 163*53ee8cc1Swenshuai.xi % 164*53ee8cc1Swenshuai.xi %#ifndef opaque 165*53ee8cc1Swenshuai.xi %#define opaque char 166*53ee8cc1Swenshuai.xi %#endif 167*53ee8cc1Swenshuai.xi % 168*53ee8cc1Swenshuai.xi #endif 169*53ee8cc1Swenshuai.xi program KEY_PROG { 170*53ee8cc1Swenshuai.xi version KEY_VERS { 171*53ee8cc1Swenshuai.xi 172*53ee8cc1Swenshuai.xi /* 173*53ee8cc1Swenshuai.xi * This is my secret key. 174*53ee8cc1Swenshuai.xi * Store it for me. 175*53ee8cc1Swenshuai.xi */ 176*53ee8cc1Swenshuai.xi keystatus 177*53ee8cc1Swenshuai.xi KEY_SET(keybuf) = 1; 178*53ee8cc1Swenshuai.xi 179*53ee8cc1Swenshuai.xi /* 180*53ee8cc1Swenshuai.xi * I want to talk to X. 181*53ee8cc1Swenshuai.xi * Encrypt a conversation key for me. 182*53ee8cc1Swenshuai.xi */ 183*53ee8cc1Swenshuai.xi cryptkeyres 184*53ee8cc1Swenshuai.xi KEY_ENCRYPT(cryptkeyarg) = 2; 185*53ee8cc1Swenshuai.xi 186*53ee8cc1Swenshuai.xi /* 187*53ee8cc1Swenshuai.xi * X just sent me a message. 188*53ee8cc1Swenshuai.xi * Decrypt the conversation key for me. 189*53ee8cc1Swenshuai.xi */ 190*53ee8cc1Swenshuai.xi cryptkeyres 191*53ee8cc1Swenshuai.xi KEY_DECRYPT(cryptkeyarg) = 3; 192*53ee8cc1Swenshuai.xi 193*53ee8cc1Swenshuai.xi /* 194*53ee8cc1Swenshuai.xi * Generate a secure conversation key for me 195*53ee8cc1Swenshuai.xi */ 196*53ee8cc1Swenshuai.xi des_block 197*53ee8cc1Swenshuai.xi KEY_GEN(void) = 4; 198*53ee8cc1Swenshuai.xi 199*53ee8cc1Swenshuai.xi /* 200*53ee8cc1Swenshuai.xi * Get me the uid, gid and group-access-list associated 201*53ee8cc1Swenshuai.xi * with this netname (for kernel which cannot use NIS) 202*53ee8cc1Swenshuai.xi */ 203*53ee8cc1Swenshuai.xi getcredres 204*53ee8cc1Swenshuai.xi KEY_GETCRED(netnamestr) = 5; 205*53ee8cc1Swenshuai.xi } = 1; 206*53ee8cc1Swenshuai.xi version KEY_VERS2 { 207*53ee8cc1Swenshuai.xi 208*53ee8cc1Swenshuai.xi /* 209*53ee8cc1Swenshuai.xi * ####### 210*53ee8cc1Swenshuai.xi * Procedures 1-5 are identical to version 1 211*53ee8cc1Swenshuai.xi * ####### 212*53ee8cc1Swenshuai.xi */ 213*53ee8cc1Swenshuai.xi 214*53ee8cc1Swenshuai.xi /* 215*53ee8cc1Swenshuai.xi * This is my secret key. 216*53ee8cc1Swenshuai.xi * Store it for me. 217*53ee8cc1Swenshuai.xi */ 218*53ee8cc1Swenshuai.xi keystatus 219*53ee8cc1Swenshuai.xi KEY_SET(keybuf) = 1; 220*53ee8cc1Swenshuai.xi 221*53ee8cc1Swenshuai.xi /* 222*53ee8cc1Swenshuai.xi * I want to talk to X. 223*53ee8cc1Swenshuai.xi * Encrypt a conversation key for me. 224*53ee8cc1Swenshuai.xi */ 225*53ee8cc1Swenshuai.xi cryptkeyres 226*53ee8cc1Swenshuai.xi KEY_ENCRYPT(cryptkeyarg) = 2; 227*53ee8cc1Swenshuai.xi 228*53ee8cc1Swenshuai.xi /* 229*53ee8cc1Swenshuai.xi * X just sent me a message. 230*53ee8cc1Swenshuai.xi * Decrypt the conversation key for me. 231*53ee8cc1Swenshuai.xi */ 232*53ee8cc1Swenshuai.xi cryptkeyres 233*53ee8cc1Swenshuai.xi KEY_DECRYPT(cryptkeyarg) = 3; 234*53ee8cc1Swenshuai.xi 235*53ee8cc1Swenshuai.xi /* 236*53ee8cc1Swenshuai.xi * Generate a secure conversation key for me 237*53ee8cc1Swenshuai.xi */ 238*53ee8cc1Swenshuai.xi des_block 239*53ee8cc1Swenshuai.xi KEY_GEN(void) = 4; 240*53ee8cc1Swenshuai.xi 241*53ee8cc1Swenshuai.xi /* 242*53ee8cc1Swenshuai.xi * Get me the uid, gid and group-access-list associated 243*53ee8cc1Swenshuai.xi * with this netname (for kernel which cannot use NIS) 244*53ee8cc1Swenshuai.xi */ 245*53ee8cc1Swenshuai.xi getcredres 246*53ee8cc1Swenshuai.xi KEY_GETCRED(netnamestr) = 5; 247*53ee8cc1Swenshuai.xi 248*53ee8cc1Swenshuai.xi /* 249*53ee8cc1Swenshuai.xi * I want to talk to X. and I know X's public key 250*53ee8cc1Swenshuai.xi * Encrypt a conversation key for me. 251*53ee8cc1Swenshuai.xi */ 252*53ee8cc1Swenshuai.xi cryptkeyres 253*53ee8cc1Swenshuai.xi KEY_ENCRYPT_PK(cryptkeyarg2) = 6; 254*53ee8cc1Swenshuai.xi 255*53ee8cc1Swenshuai.xi /* 256*53ee8cc1Swenshuai.xi * X just sent me a message. and I know X's public key 257*53ee8cc1Swenshuai.xi * Decrypt the conversation key for me. 258*53ee8cc1Swenshuai.xi */ 259*53ee8cc1Swenshuai.xi cryptkeyres 260*53ee8cc1Swenshuai.xi KEY_DECRYPT_PK(cryptkeyarg2) = 7; 261*53ee8cc1Swenshuai.xi 262*53ee8cc1Swenshuai.xi /* 263*53ee8cc1Swenshuai.xi * Store my public key, netname and private key. 264*53ee8cc1Swenshuai.xi */ 265*53ee8cc1Swenshuai.xi keystatus 266*53ee8cc1Swenshuai.xi KEY_NET_PUT(key_netstarg) = 8; 267*53ee8cc1Swenshuai.xi 268*53ee8cc1Swenshuai.xi /* 269*53ee8cc1Swenshuai.xi * Retrieve my public key, netname and private key. 270*53ee8cc1Swenshuai.xi */ 271*53ee8cc1Swenshuai.xi key_netstres 272*53ee8cc1Swenshuai.xi KEY_NET_GET(void) = 9; 273*53ee8cc1Swenshuai.xi 274*53ee8cc1Swenshuai.xi /* 275*53ee8cc1Swenshuai.xi * Return me the conversation key that is constructed 276*53ee8cc1Swenshuai.xi * from my secret key and this publickey. 277*53ee8cc1Swenshuai.xi */ 278*53ee8cc1Swenshuai.xi 279*53ee8cc1Swenshuai.xi cryptkeyres 280*53ee8cc1Swenshuai.xi KEY_GET_CONV(keybuf) = 10; 281*53ee8cc1Swenshuai.xi 282*53ee8cc1Swenshuai.xi 283*53ee8cc1Swenshuai.xi } = 2; 284*53ee8cc1Swenshuai.xi } = 100029; 285*53ee8cc1Swenshuai.xi 286*53ee8cc1Swenshuai.xi 287