10Sstevel@tonic-gate #ifndef DST_INTERNAL_H 20Sstevel@tonic-gate #define DST_INTERNAL_H 30Sstevel@tonic-gate 40Sstevel@tonic-gate /* 50Sstevel@tonic-gate * Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc. 60Sstevel@tonic-gate * 70Sstevel@tonic-gate * Permission to use, copy modify, and distribute this software for any 80Sstevel@tonic-gate * purpose with or without fee is hereby granted, provided that the above 90Sstevel@tonic-gate * copyright notice and this permission notice appear in all copies. 100Sstevel@tonic-gate * 110Sstevel@tonic-gate * THE SOFTWARE IS PROVIDED "AS IS" AND TRUSTED INFORMATION SYSTEMS 120Sstevel@tonic-gate * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL 130Sstevel@tonic-gate * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL 140Sstevel@tonic-gate * TRUSTED INFORMATION SYSTEMS BE LIABLE FOR ANY SPECIAL, DIRECT, 150Sstevel@tonic-gate * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING 160Sstevel@tonic-gate * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, 170Sstevel@tonic-gate * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION 180Sstevel@tonic-gate * WITH THE USE OR PERFORMANCE OF THE SOFTWARE. 190Sstevel@tonic-gate */ 200Sstevel@tonic-gate #include <limits.h> 210Sstevel@tonic-gate #include <sys/param.h> 220Sstevel@tonic-gate #if (!defined(BSD)) || (BSD < 199306) 230Sstevel@tonic-gate # include <sys/bitypes.h> 240Sstevel@tonic-gate #else 250Sstevel@tonic-gate # include <sys/types.h> 260Sstevel@tonic-gate #endif 270Sstevel@tonic-gate 280Sstevel@tonic-gate #ifndef PATH_MAX 290Sstevel@tonic-gate # ifdef POSIX_PATH_MAX 300Sstevel@tonic-gate # define PATH_MAX POSIX_PATH_MAX 310Sstevel@tonic-gate # else 32*11038SRao.Shoaib@Sun.COM # define PATH_MAX 255 /*%< this is the value of POSIX_PATH_MAX */ 330Sstevel@tonic-gate # endif 340Sstevel@tonic-gate #endif 350Sstevel@tonic-gate 360Sstevel@tonic-gate typedef struct dst_key { 37*11038SRao.Shoaib@Sun.COM char *dk_key_name; /*%< name of the key */ 38*11038SRao.Shoaib@Sun.COM int dk_key_size; /*%< this is the size of the key in bits */ 39*11038SRao.Shoaib@Sun.COM int dk_proto; /*%< what protocols this key can be used for */ 40*11038SRao.Shoaib@Sun.COM int dk_alg; /*%< algorithm number from key record */ 41*11038SRao.Shoaib@Sun.COM u_int32_t dk_flags; /*%< and the flags of the public key */ 42*11038SRao.Shoaib@Sun.COM u_int16_t dk_id; /*%< identifier of the key */ 43*11038SRao.Shoaib@Sun.COM void *dk_KEY_struct; /*%< pointer to key in crypto pkg fmt */ 44*11038SRao.Shoaib@Sun.COM struct dst_func *dk_func; /*%< point to cryptto pgk specific function table */ 450Sstevel@tonic-gate } DST_KEY; 460Sstevel@tonic-gate #define HAS_DST_KEY 470Sstevel@tonic-gate 480Sstevel@tonic-gate #include <isc/dst.h> 490Sstevel@tonic-gate /* 500Sstevel@tonic-gate * define what crypto systems are supported for RSA, 510Sstevel@tonic-gate * BSAFE is prefered over RSAREF; only one can be set at any time 520Sstevel@tonic-gate */ 530Sstevel@tonic-gate #if defined(BSAFE) && defined(RSAREF) 540Sstevel@tonic-gate # error "Cannot have both BSAFE and RSAREF defined" 550Sstevel@tonic-gate #endif 560Sstevel@tonic-gate 570Sstevel@tonic-gate /* Declare dst_lib specific constants */ 580Sstevel@tonic-gate #define KEY_FILE_FORMAT "1.2" 590Sstevel@tonic-gate 600Sstevel@tonic-gate /* suffixes for key file names */ 610Sstevel@tonic-gate #define PRIVATE_KEY "private" 620Sstevel@tonic-gate #define PUBLIC_KEY "key" 630Sstevel@tonic-gate 640Sstevel@tonic-gate /* error handling */ 650Sstevel@tonic-gate #ifdef REPORT_ERRORS 660Sstevel@tonic-gate #define EREPORT(str) printf str 670Sstevel@tonic-gate #else 680Sstevel@tonic-gate #define EREPORT(str) (void)0 690Sstevel@tonic-gate #endif 700Sstevel@tonic-gate 710Sstevel@tonic-gate /* use our own special macro to FRRE memory */ 720Sstevel@tonic-gate 730Sstevel@tonic-gate #ifndef SAFE_FREE 740Sstevel@tonic-gate #define SAFE_FREE(a) \ 750Sstevel@tonic-gate do{if(a != NULL){memset(a,0, sizeof(*a)); free(a); a=NULL;}} while (0) 76*11038SRao.Shoaib@Sun.COM #define SAFE_FREE2(a,s) if (a != NULL && (long)s > 0){memset(a,0, s);free(a); a=NULL;} 770Sstevel@tonic-gate #endif 780Sstevel@tonic-gate 790Sstevel@tonic-gate typedef struct dst_func { 800Sstevel@tonic-gate int (*sign)(const int mode, DST_KEY *key, void **context, 810Sstevel@tonic-gate const u_int8_t *data, const int len, 820Sstevel@tonic-gate u_int8_t *signature, const int sig_len); 830Sstevel@tonic-gate int (*verify)(const int mode, DST_KEY *key, void **context, 840Sstevel@tonic-gate const u_int8_t *data, const int len, 850Sstevel@tonic-gate const u_int8_t *signature, const int sig_len); 860Sstevel@tonic-gate int (*compare)(const DST_KEY *key1, const DST_KEY *key2); 870Sstevel@tonic-gate int (*generate)(DST_KEY *key, int parms); 880Sstevel@tonic-gate void *(*destroy)(void *key); 890Sstevel@tonic-gate /* conversion functions */ 900Sstevel@tonic-gate int (*to_dns_key)(const DST_KEY *key, u_int8_t *out, 910Sstevel@tonic-gate const int out_len); 920Sstevel@tonic-gate int (*from_dns_key)(DST_KEY *key, const u_int8_t *str, 930Sstevel@tonic-gate const int str_len); 940Sstevel@tonic-gate int (*to_file_fmt)(const DST_KEY *key, char *out, 950Sstevel@tonic-gate const int out_len); 960Sstevel@tonic-gate int (*from_file_fmt)(DST_KEY *key, const char *out, 970Sstevel@tonic-gate const int out_len); 980Sstevel@tonic-gate 990Sstevel@tonic-gate } dst_func; 1000Sstevel@tonic-gate 1010Sstevel@tonic-gate extern dst_func *dst_t_func[DST_MAX_ALGS]; 1020Sstevel@tonic-gate extern const char *key_file_fmt_str; 1030Sstevel@tonic-gate extern const char *dst_path; 1040Sstevel@tonic-gate 1050Sstevel@tonic-gate #ifndef DST_HASH_SIZE 106*11038SRao.Shoaib@Sun.COM #define DST_HASH_SIZE 20 /*%< RIPEMD160 and SHA-1 are 20 bytes MD5 is 16 */ 1070Sstevel@tonic-gate #endif 1080Sstevel@tonic-gate 1090Sstevel@tonic-gate int dst_bsafe_init(void); 1100Sstevel@tonic-gate 1110Sstevel@tonic-gate int dst_rsaref_init(void); 1120Sstevel@tonic-gate 1130Sstevel@tonic-gate int dst_hmac_md5_init(void); 1140Sstevel@tonic-gate 1150Sstevel@tonic-gate int dst_cylink_init(void); 1160Sstevel@tonic-gate 1170Sstevel@tonic-gate int dst_eay_dss_init(void); 1180Sstevel@tonic-gate 1190Sstevel@tonic-gate /* from higher level support routines */ 1200Sstevel@tonic-gate int dst_s_calculate_bits( const u_int8_t *str, const int max_bits); 1210Sstevel@tonic-gate int dst_s_verify_str( const char **buf, const char *str); 1220Sstevel@tonic-gate 1230Sstevel@tonic-gate 1240Sstevel@tonic-gate /* conversion between dns names and key file names */ 1250Sstevel@tonic-gate size_t dst_s_filename_length( const char *name, const char *suffix); 1260Sstevel@tonic-gate int dst_s_build_filename( char *filename, const char *name, 1270Sstevel@tonic-gate u_int16_t id, int alg, const char *suffix, 1280Sstevel@tonic-gate size_t filename_length); 1290Sstevel@tonic-gate 1300Sstevel@tonic-gate FILE *dst_s_fopen (const char *filename, const char *mode, int perm); 1310Sstevel@tonic-gate 132*11038SRao.Shoaib@Sun.COM /*% 1330Sstevel@tonic-gate * read and write network byte order into u_int?_t 1340Sstevel@tonic-gate * all of these should be retired 1350Sstevel@tonic-gate */ 1360Sstevel@tonic-gate u_int16_t dst_s_get_int16( const u_int8_t *buf); 1370Sstevel@tonic-gate void dst_s_put_int16( u_int8_t *buf, const u_int16_t val); 1380Sstevel@tonic-gate 1390Sstevel@tonic-gate u_int32_t dst_s_get_int32( const u_int8_t *buf); 1400Sstevel@tonic-gate void dst_s_put_int32( u_int8_t *buf, const u_int32_t val); 1410Sstevel@tonic-gate 1420Sstevel@tonic-gate #ifdef DUMP 1430Sstevel@tonic-gate # undef DUMP 1440Sstevel@tonic-gate # define DUMP(a,b,c,d) dst_s_dump(a,b,c,d) 1450Sstevel@tonic-gate #else 1460Sstevel@tonic-gate # define DUMP(a,b,c,d) 1470Sstevel@tonic-gate #endif 1480Sstevel@tonic-gate void 1490Sstevel@tonic-gate dst_s_dump(const int mode, const u_char *data, const int size, 1500Sstevel@tonic-gate const char *msg); 1510Sstevel@tonic-gate 1520Sstevel@tonic-gate 1530Sstevel@tonic-gate 1540Sstevel@tonic-gate #endif /* DST_INTERNAL_H */ 155*11038SRao.Shoaib@Sun.COM /*! \file */ 156