1*83ee113eSDavid van Moolenbroek /* $NetBSD: dst_internal.h,v 1.1.1.2 2014/07/12 11:57:50 spz Exp $ */ 2*83ee113eSDavid van Moolenbroek #ifndef DST_INTERNAL_H 3*83ee113eSDavid van Moolenbroek #define DST_INTERNAL_H 4*83ee113eSDavid van Moolenbroek 5*83ee113eSDavid van Moolenbroek /* 6*83ee113eSDavid van Moolenbroek * Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc. 7*83ee113eSDavid van Moolenbroek * Portions Copyright (c) 2007,2009 by Internet Systems Consortium, Inc. ("ISC") 8*83ee113eSDavid van Moolenbroek * 9*83ee113eSDavid van Moolenbroek * Permission to use, copy modify, and distribute this software for any 10*83ee113eSDavid van Moolenbroek * purpose with or without fee is hereby granted, provided that the above 11*83ee113eSDavid van Moolenbroek * copyright notice and this permission notice appear in all copies. 12*83ee113eSDavid van Moolenbroek * 13*83ee113eSDavid van Moolenbroek * THE SOFTWARE IS PROVIDED "AS IS" AND TRUSTED INFORMATION SYSTEMS 14*83ee113eSDavid van Moolenbroek * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL 15*83ee113eSDavid van Moolenbroek * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL 16*83ee113eSDavid van Moolenbroek * TRUSTED INFORMATION SYSTEMS BE LIABLE FOR ANY SPECIAL, DIRECT, 17*83ee113eSDavid van Moolenbroek * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING 18*83ee113eSDavid van Moolenbroek * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, 19*83ee113eSDavid van Moolenbroek * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION 20*83ee113eSDavid van Moolenbroek * WITH THE USE OR PERFORMANCE OF THE SOFTWARE. 21*83ee113eSDavid van Moolenbroek */ 22*83ee113eSDavid van Moolenbroek #include <limits.h> 23*83ee113eSDavid van Moolenbroek #include <sys/param.h> 24*83ee113eSDavid van Moolenbroek 25*83ee113eSDavid van Moolenbroek #ifndef PATH_MAX 26*83ee113eSDavid van Moolenbroek # ifdef POSIX_PATH_MAX 27*83ee113eSDavid van Moolenbroek # define PATH_MAX POSIX_PATH_MAX 28*83ee113eSDavid van Moolenbroek # else 29*83ee113eSDavid van Moolenbroek # define PATH_MAX 255 /* this is the value of POSIX_PATH_MAX */ 30*83ee113eSDavid van Moolenbroek # endif 31*83ee113eSDavid van Moolenbroek #endif 32*83ee113eSDavid van Moolenbroek 33*83ee113eSDavid van Moolenbroek typedef struct dst_key { 34*83ee113eSDavid van Moolenbroek char *dk_key_name; /* name of the key */ 35*83ee113eSDavid van Moolenbroek int dk_key_size; /* this is the size of the key in bits */ 36*83ee113eSDavid van Moolenbroek int dk_proto; /* what protocols this key can be used for */ 37*83ee113eSDavid van Moolenbroek int dk_alg; /* algorithm number from key record */ 38*83ee113eSDavid van Moolenbroek unsigned dk_flags; /* and the flags of the public key */ 39*83ee113eSDavid van Moolenbroek unsigned dk_id; /* identifier of the key */ 40*83ee113eSDavid van Moolenbroek void *dk_KEY_struct; /* pointer to key in crypto pkg fmt */ 41*83ee113eSDavid van Moolenbroek struct dst_func *dk_func; /* point to crypto pgk specific function table */ 42*83ee113eSDavid van Moolenbroek } DST_KEY; 43*83ee113eSDavid van Moolenbroek #define HAS_DST_KEY 44*83ee113eSDavid van Moolenbroek 45*83ee113eSDavid van Moolenbroek #include <isc-dhcp/dst.h> 46*83ee113eSDavid van Moolenbroek /* 47*83ee113eSDavid van Moolenbroek * define what crypto systems are supported for RSA, 48*83ee113eSDavid van Moolenbroek * BSAFE is preferred over RSAREF; only one can be set at any time 49*83ee113eSDavid van Moolenbroek */ 50*83ee113eSDavid van Moolenbroek #if defined(BSAFE) && defined(RSAREF) 51*83ee113eSDavid van Moolenbroek # error "Cannot have both BSAFE and RSAREF defined" 52*83ee113eSDavid van Moolenbroek #endif 53*83ee113eSDavid van Moolenbroek 54*83ee113eSDavid van Moolenbroek /* Declare dst_lib specific constants */ 55*83ee113eSDavid van Moolenbroek #define KEY_FILE_FORMAT "1.2" 56*83ee113eSDavid van Moolenbroek 57*83ee113eSDavid van Moolenbroek /* suffixes for key file names */ 58*83ee113eSDavid van Moolenbroek #define PRIVATE_KEY "private" 59*83ee113eSDavid van Moolenbroek #define PUBLIC_KEY "key" 60*83ee113eSDavid van Moolenbroek 61*83ee113eSDavid van Moolenbroek /* error handling */ 62*83ee113eSDavid van Moolenbroek #ifdef REPORT_ERRORS 63*83ee113eSDavid van Moolenbroek #define EREPORT(str) printf str 64*83ee113eSDavid van Moolenbroek #else 65*83ee113eSDavid van Moolenbroek #define EREPORT(str) 66*83ee113eSDavid van Moolenbroek #endif 67*83ee113eSDavid van Moolenbroek 68*83ee113eSDavid van Moolenbroek /* use our own special macro to FRRE memory */ 69*83ee113eSDavid van Moolenbroek 70*83ee113eSDavid van Moolenbroek #ifndef SAFE_FREE 71*83ee113eSDavid van Moolenbroek #define SAFE_FREE(a) if(a != NULL){memset(a,0, sizeof(*a)); free(a); a=NULL;} 72*83ee113eSDavid van Moolenbroek #define SAFE_FREE2(a,s) if (a != NULL && s > 0){memset(a,0, s);free(a); a=NULL;} 73*83ee113eSDavid van Moolenbroek #endif 74*83ee113eSDavid van Moolenbroek 75*83ee113eSDavid van Moolenbroek typedef struct dst_func { 76*83ee113eSDavid van Moolenbroek int (*sign)(const int mode, DST_KEY *key, void **context, 77*83ee113eSDavid van Moolenbroek const u_int8_t *data, const unsigned len, 78*83ee113eSDavid van Moolenbroek u_int8_t *signature, const unsigned sig_len); 79*83ee113eSDavid van Moolenbroek int (*verify)(const int mode, DST_KEY *key, void **context, 80*83ee113eSDavid van Moolenbroek const u_int8_t *data, const unsigned len, 81*83ee113eSDavid van Moolenbroek const u_int8_t *signature, const unsigned sig_len); 82*83ee113eSDavid van Moolenbroek int (*compare)(const DST_KEY *key1, const DST_KEY *key2); 83*83ee113eSDavid van Moolenbroek int (*generate)(DST_KEY *key, int parms); 84*83ee113eSDavid van Moolenbroek void *(*destroy)(void *key); 85*83ee113eSDavid van Moolenbroek /* conversion functions */ 86*83ee113eSDavid van Moolenbroek int (*to_dns_key)(const DST_KEY *key, u_int8_t *out, 87*83ee113eSDavid van Moolenbroek const unsigned out_len); 88*83ee113eSDavid van Moolenbroek int (*from_dns_key)(DST_KEY *key, const u_int8_t *str, 89*83ee113eSDavid van Moolenbroek const unsigned str_len); 90*83ee113eSDavid van Moolenbroek int (*to_file_fmt)(const DST_KEY *key, char *out, 91*83ee113eSDavid van Moolenbroek const unsigned out_len); 92*83ee113eSDavid van Moolenbroek int (*from_file_fmt)(DST_KEY *key, const char *out, 93*83ee113eSDavid van Moolenbroek const unsigned out_len); 94*83ee113eSDavid van Moolenbroek 95*83ee113eSDavid van Moolenbroek } dst_func; 96*83ee113eSDavid van Moolenbroek 97*83ee113eSDavid van Moolenbroek extern dst_func *dst_t_func[DST_MAX_ALGS]; 98*83ee113eSDavid van Moolenbroek extern const char *key_file_fmt_str; 99*83ee113eSDavid van Moolenbroek extern const char *dst_path; 100*83ee113eSDavid van Moolenbroek 101*83ee113eSDavid van Moolenbroek #ifndef DST_HASH_SIZE 102*83ee113eSDavid van Moolenbroek #define DST_HASH_SIZE 20 /* RIPEMD160 and SHA-1 are 20 bytes MD5 is 16 */ 103*83ee113eSDavid van Moolenbroek #endif 104*83ee113eSDavid van Moolenbroek 105*83ee113eSDavid van Moolenbroek #if 0 106*83ee113eSDavid van Moolenbroek int dst_bsafe_init(void); 107*83ee113eSDavid van Moolenbroek int dst_rsaref_init(void); 108*83ee113eSDavid van Moolenbroek #endif 109*83ee113eSDavid van Moolenbroek 110*83ee113eSDavid van Moolenbroek int dst_hmac_md5_init(void); 111*83ee113eSDavid van Moolenbroek 112*83ee113eSDavid van Moolenbroek #if 0 113*83ee113eSDavid van Moolenbroek int dst_cylink_init(void); 114*83ee113eSDavid van Moolenbroek int dst_eay_dss_init(void); 115*83ee113eSDavid van Moolenbroek #endif 116*83ee113eSDavid van Moolenbroek 117*83ee113eSDavid van Moolenbroek /* support functions */ 118*83ee113eSDavid van Moolenbroek /* base64 to bignum conversion routines */ 119*83ee113eSDavid van Moolenbroek int dst_s_conv_bignum_u8_to_b64( char *out_buf, const unsigned out_len, 120*83ee113eSDavid van Moolenbroek const char *header, 121*83ee113eSDavid van Moolenbroek const u_int8_t *bin_data, 122*83ee113eSDavid van Moolenbroek const unsigned bin_len); 123*83ee113eSDavid van Moolenbroek int dst_s_conv_bignum_b64_to_u8( const char **buf, u_int8_t *loc, 124*83ee113eSDavid van Moolenbroek const unsigned loclen) ; 125*83ee113eSDavid van Moolenbroek /* from higher level support routines */ 126*83ee113eSDavid van Moolenbroek int dst_s_calculate_bits( const u_int8_t *str, const int max_bits); 127*83ee113eSDavid van Moolenbroek int dst_s_verify_str( const char **buf, const char *str); 128*83ee113eSDavid van Moolenbroek 129*83ee113eSDavid van Moolenbroek 130*83ee113eSDavid van Moolenbroek /* conversion between dns names and key file names */ 131*83ee113eSDavid van Moolenbroek size_t dst_s_filename_length( const char *name, const char *suffix); 132*83ee113eSDavid van Moolenbroek int dst_s_build_filename( char *filename, const char *name, 133*83ee113eSDavid van Moolenbroek unsigned id, int alg, const char *suffix, 134*83ee113eSDavid van Moolenbroek size_t filename_length); 135*83ee113eSDavid van Moolenbroek 136*83ee113eSDavid van Moolenbroek FILE *dst_s_fopen (const char *filename, const char *mode, unsigned perm); 137*83ee113eSDavid van Moolenbroek 138*83ee113eSDavid van Moolenbroek /* from file prandom.c */ 139*83ee113eSDavid van Moolenbroek int dst_s_random( u_int8_t *output, unsigned size); 140*83ee113eSDavid van Moolenbroek int dst_s_semi_random( u_int8_t *output, unsigned size); 141*83ee113eSDavid van Moolenbroek u_int32_t dst_s_quick_random( int inc); 142*83ee113eSDavid van Moolenbroek void dst_s_quick_random_set( u_int32_t val, u_int32_t cnt); 143*83ee113eSDavid van Moolenbroek 144*83ee113eSDavid van Moolenbroek /* 145*83ee113eSDavid van Moolenbroek * read and write network byte order into u_int?_t 146*83ee113eSDavid van Moolenbroek * all of these should be retired 147*83ee113eSDavid van Moolenbroek */ 148*83ee113eSDavid van Moolenbroek u_int16_t dst_s_get_int16( const u_int8_t *buf); 149*83ee113eSDavid van Moolenbroek void dst_s_put_int16( u_int8_t *buf, const u_int16_t val); 150*83ee113eSDavid van Moolenbroek 151*83ee113eSDavid van Moolenbroek u_int32_t dst_s_get_int32( const u_int8_t *buf); 152*83ee113eSDavid van Moolenbroek void dst_s_put_int32( u_int8_t *buf, const u_int32_t val); 153*83ee113eSDavid van Moolenbroek 154*83ee113eSDavid van Moolenbroek #ifdef DUMP 155*83ee113eSDavid van Moolenbroek # undef DUMP 156*83ee113eSDavid van Moolenbroek # define DUMP(a,b,c,d) dst_s_dump(a,b,c,d) 157*83ee113eSDavid van Moolenbroek #else 158*83ee113eSDavid van Moolenbroek # define DUMP(a,b,c,d) 159*83ee113eSDavid van Moolenbroek #endif 160*83ee113eSDavid van Moolenbroek 161*83ee113eSDavid van Moolenbroek #if defined (MINIRES_LIB) 162*83ee113eSDavid van Moolenbroek #define b64_pton MRb64_pton 163*83ee113eSDavid van Moolenbroek #define b64_ntop MRb64_ntop 164*83ee113eSDavid van Moolenbroek 165*83ee113eSDavid van Moolenbroek int b64_pton (char const *, unsigned char *, size_t); 166*83ee113eSDavid van Moolenbroek int b64_ntop (unsigned char const *, size_t, char *, size_t); 167*83ee113eSDavid van Moolenbroek 168*83ee113eSDavid van Moolenbroek #define USE_MD5 169*83ee113eSDavid van Moolenbroek #endif 170*83ee113eSDavid van Moolenbroek 171*83ee113eSDavid van Moolenbroek 172*83ee113eSDavid van Moolenbroek #endif /* DST_INTERNAL_H */ 173