1 %/* 2 % * Sun RPC is a product of Sun Microsystems, Inc. and is provided for 3 % * unrestricted use provided that this legend is included on all tape 4 % * media and as a part of the software program in whole or part. Users 5 % * may copy or modify Sun RPC without charge, but are not authorized 6 % * to license or distribute it to anyone else except as part of a product or 7 % * program developed by the user. 8 % * 9 % * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE 10 % * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR 11 % * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. 12 % * 13 % * Sun RPC is provided with no support and without any obligation on the 14 % * part of Sun Microsystems, Inc. to assist in its use, correction, 15 % * modification or enhancement. 16 % * 17 % * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE 18 % * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC 19 % * OR ANY PART THEREOF. 20 % * 21 % * In no event will Sun Microsystems, Inc. be liable for any lost revenue 22 % * or profits or other special, indirect and consequential damages, even if 23 % * Sun has been advised of the possibility of such damages. 24 % * 25 % * Sun Microsystems, Inc. 26 % * 2550 Garcia Avenue 27 % * Mountain View, California 94043 28 % */ 29 /* 30 * Key server protocol definition 31 * Copyright (C) 1990, 1991 Sun Microsystems, Inc. 32 * 33 * The keyserver is a public key storage/encryption/decryption service 34 * The encryption method used is based on the Diffie-Hellman exponential 35 * key exchange technology. 36 * 37 * The key server is local to each machine, akin to the portmapper. 38 * Under TI-RPC, communication with the keyserver is through the 39 * loopback transport. 40 * 41 * NOTE: This .x file generates the USER level headers for the keyserver. 42 * the KERNEL level headers are created by hand as they kernel has special 43 * requirements. 44 */ 45 46 %#if 0 47 %#pragma ident "@(#)key_prot.x 1.7 94/04/29 SMI" 48 %#endif 49 % 50 %/* Copyright (c) 1990, 1991 Sun Microsystems, Inc. */ 51 % 52 %/* 53 % * Compiled from key_prot.x using rpcgen. 54 % * DO NOT EDIT THIS FILE! 55 % * This is NOT source code! 56 % */ 57 58 /* 59 * PROOT and MODULUS define the way the Diffie-Hellman key is generated. 60 * 61 * MODULUS should be chosen as a prime of the form: MODULUS == 2*p + 1, 62 * where p is also prime. 63 * 64 * PROOT satisfies the following two conditions: 65 * (1) (PROOT ** 2) % MODULUS != 1 66 * (2) (PROOT ** p) % MODULUS != 1 67 * 68 */ 69 70 const PROOT = 3; 71 const HEXMODULUS = "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b"; 72 73 const HEXKEYBYTES = 48; /* HEXKEYBYTES == strlen(HEXMODULUS) */ 74 const KEYSIZE = 192; /* KEYSIZE == bit length of key */ 75 const KEYBYTES = 24; /* byte length of key */ 76 77 /* 78 * The first 16 hex digits of the encrypted secret key are used as 79 * a checksum in the database. 80 */ 81 const KEYCHECKSUMSIZE = 16; 82 83 /* 84 * status of operation 85 */ 86 enum keystatus { 87 KEY_SUCCESS, /* no problems */ 88 KEY_NOSECRET, /* no secret key stored */ 89 KEY_UNKNOWN, /* unknown netname */ 90 KEY_SYSTEMERR /* system error (out of memory, encryption failure) */ 91 }; 92 93 typedef opaque keybuf[HEXKEYBYTES]; /* store key in hex */ 94 95 typedef string netnamestr<MAXNETNAMELEN>; 96 97 /* 98 * Argument to ENCRYPT or DECRYPT 99 */ 100 struct cryptkeyarg { 101 netnamestr remotename; 102 des_block deskey; 103 }; 104 105 /* 106 * Argument to ENCRYPT_PK or DECRYPT_PK 107 */ 108 struct cryptkeyarg2 { 109 netnamestr remotename; 110 netobj remotekey; /* Contains a length up to 1024 bytes */ 111 des_block deskey; 112 }; 113 114 115 /* 116 * Result of ENCRYPT, DECRYPT, ENCRYPT_PK, and DECRYPT_PK 117 */ 118 union cryptkeyres switch (keystatus status) { 119 case KEY_SUCCESS: 120 des_block deskey; 121 default: 122 void; 123 }; 124 125 const MAXGIDS = 16; /* max number of gids in gid list */ 126 127 /* 128 * Unix credential 129 */ 130 struct unixcred { 131 u_int uid; 132 u_int gid; 133 u_int gids<MAXGIDS>; 134 }; 135 136 /* 137 * Result returned from GETCRED 138 */ 139 union getcredres switch (keystatus status) { 140 case KEY_SUCCESS: 141 unixcred cred; 142 default: 143 void; 144 }; 145 /* 146 * key_netstarg; 147 */ 148 149 struct key_netstarg { 150 keybuf st_priv_key; 151 keybuf st_pub_key; 152 netnamestr st_netname; 153 }; 154 155 union key_netstres switch (keystatus status){ 156 case KEY_SUCCESS: 157 key_netstarg knet; 158 default: 159 void; 160 }; 161 162 #ifdef RPC_HDR 163 % 164 %#ifndef opaque 165 %#define opaque char 166 %#endif 167 % 168 #endif 169 program KEY_PROG { 170 version KEY_VERS { 171 172 /* 173 * This is my secret key. 174 * Store it for me. 175 */ 176 keystatus 177 KEY_SET(keybuf) = 1; 178 179 /* 180 * I want to talk to X. 181 * Encrypt a conversation key for me. 182 */ 183 cryptkeyres 184 KEY_ENCRYPT(cryptkeyarg) = 2; 185 186 /* 187 * X just sent me a message. 188 * Decrypt the conversation key for me. 189 */ 190 cryptkeyres 191 KEY_DECRYPT(cryptkeyarg) = 3; 192 193 /* 194 * Generate a secure conversation key for me 195 */ 196 des_block 197 KEY_GEN(void) = 4; 198 199 /* 200 * Get me the uid, gid and group-access-list associated 201 * with this netname (for kernel which cannot use NIS) 202 */ 203 getcredres 204 KEY_GETCRED(netnamestr) = 5; 205 } = 1; 206 version KEY_VERS2 { 207 208 /* 209 * ####### 210 * Procedures 1-5 are identical to version 1 211 * ####### 212 */ 213 214 /* 215 * This is my secret key. 216 * Store it for me. 217 */ 218 keystatus 219 KEY_SET(keybuf) = 1; 220 221 /* 222 * I want to talk to X. 223 * Encrypt a conversation key for me. 224 */ 225 cryptkeyres 226 KEY_ENCRYPT(cryptkeyarg) = 2; 227 228 /* 229 * X just sent me a message. 230 * Decrypt the conversation key for me. 231 */ 232 cryptkeyres 233 KEY_DECRYPT(cryptkeyarg) = 3; 234 235 /* 236 * Generate a secure conversation key for me 237 */ 238 des_block 239 KEY_GEN(void) = 4; 240 241 /* 242 * Get me the uid, gid and group-access-list associated 243 * with this netname (for kernel which cannot use NIS) 244 */ 245 getcredres 246 KEY_GETCRED(netnamestr) = 5; 247 248 /* 249 * I want to talk to X. and I know X's public key 250 * Encrypt a conversation key for me. 251 */ 252 cryptkeyres 253 KEY_ENCRYPT_PK(cryptkeyarg2) = 6; 254 255 /* 256 * X just sent me a message. and I know X's public key 257 * Decrypt the conversation key for me. 258 */ 259 cryptkeyres 260 KEY_DECRYPT_PK(cryptkeyarg2) = 7; 261 262 /* 263 * Store my public key, netname and private key. 264 */ 265 keystatus 266 KEY_NET_PUT(key_netstarg) = 8; 267 268 /* 269 * Retrieve my public key, netname and private key. 270 */ 271 key_netstres 272 KEY_NET_GET(void) = 9; 273 274 /* 275 * Return me the conversation key that is constructed 276 * from my secret key and this publickey. 277 */ 278 279 cryptkeyres 280 KEY_GET_CONV(keybuf) = 10; 281 282 283 } = 2; 284 } = 100029; 285 286 287
