xref: /netbsd-src/lib/libc/include/isc/dst.h (revision 87561671c12f3a0660282b438c3d1134645c4dde) 
1*87561671Swiz /*	$NetBSD: dst.h,v 1.2 2014/08/03 19:14:24 wiz Exp $	*/
289abd492Schristos 
389abd492Schristos #ifndef DST_H
489abd492Schristos #define DST_H
589abd492Schristos 
689abd492Schristos #ifndef HAS_DST_KEY
789abd492Schristos typedef struct dst_key {
88e42b6c9Schristos 	char	*dk_key_name;   /*%< name of the key */
98e42b6c9Schristos 	int	dk_key_size;    /*%< this is the size of the key in bits */
108e42b6c9Schristos 	int	dk_proto;       /*%< what protocols this key can be used for */
118e42b6c9Schristos 	int	dk_alg;         /*%< algorithm number from key record */
128e42b6c9Schristos 	u_int32_t dk_flags;     /*%< and the flags of the public key */
138e42b6c9Schristos 	u_int16_t dk_id;        /*%< identifier of the key */
1489abd492Schristos } DST_KEY;
1589abd492Schristos #endif /* HAS_DST_KEY */
1689abd492Schristos /*
1789abd492Schristos  * do not taint namespace
1889abd492Schristos  */
1989abd492Schristos #define	dst_bsafe_init		__dst_bsafe_init
2089abd492Schristos #define	dst_buffer_to_key	__dst_buffer_to_key
2189abd492Schristos #define	dst_check_algorithm	__dst_check_algorithm
2289abd492Schristos #define	dst_compare_keys	__dst_compare_keys
2389abd492Schristos #define	dst_cylink_init		__dst_cylink_init
2489abd492Schristos #define	dst_dnskey_to_key	__dst_dnskey_to_key
2589abd492Schristos #define	dst_eay_dss_init	__dst_eay_dss_init
2689abd492Schristos #define	dst_free_key		__dst_free_key
2789abd492Schristos #define	dst_generate_key	__dst_generate_key
2889abd492Schristos #define	dst_hmac_md5_init	__dst_hmac_md5_init
2989abd492Schristos #define	dst_init		__dst_init
3089abd492Schristos #define	dst_key_to_buffer	__dst_key_to_buffer
3189abd492Schristos #define	dst_key_to_dnskey	__dst_key_to_dnskey
3289abd492Schristos #define	dst_read_key		__dst_read_key
3389abd492Schristos #define	dst_rsaref_init		__dst_rsaref_init
3489abd492Schristos #define	dst_s_build_filename	__dst_s_build_filename
3589abd492Schristos #define	dst_s_calculate_bits	__dst_s_calculate_bits
3689abd492Schristos #define	dst_s_conv_bignum_b64_to_u8	__dst_s_conv_bignum_b64_to_u8
3789abd492Schristos #define	dst_s_conv_bignum_u8_to_b64	__dst_s_conv_bignum_u8_to_b64
3889abd492Schristos #define	dst_s_dns_key_id	__dst_s_dns_key_id
3989abd492Schristos #define	dst_s_dump		__dst_s_dump
4089abd492Schristos #define	dst_s_filename_length	__dst_s_filename_length
4189abd492Schristos #define	dst_s_fopen		__dst_s_fopen
4289abd492Schristos #define	dst_s_get_int16		__dst_s_get_int16
4389abd492Schristos #define	dst_s_get_int32		__dst_s_get_int32
4489abd492Schristos #define	dst_s_id_calc		__dst_s_id_calc
4589abd492Schristos #define	dst_s_put_int16		__dst_s_put_int16
4689abd492Schristos #define	dst_s_put_int32		__dst_s_put_int32
4789abd492Schristos #define	dst_s_quick_random	__dst_s_quick_random
4889abd492Schristos #define	dst_s_quick_random_set	__dst_s_quick_random_set
4989abd492Schristos #define	dst_s_random		__dst_s_random
5089abd492Schristos #define	dst_s_semi_random	__dst_s_semi_random
5189abd492Schristos #define	dst_s_verify_str	__dst_s_verify_str
5289abd492Schristos #define	dst_sig_size		__dst_sig_size
5389abd492Schristos #define	dst_sign_data		__dst_sign_data
5489abd492Schristos #define	dst_verify_data		__dst_verify_data
5589abd492Schristos #define	dst_write_key		__dst_write_key
5689abd492Schristos 
5789abd492Schristos /*
58*87561671Swiz  * DST Crypto API definitions
5989abd492Schristos  */
6089abd492Schristos void     dst_init(void);
6189abd492Schristos int      dst_check_algorithm(const int);
6289abd492Schristos 
6389abd492Schristos 
648e42b6c9Schristos int dst_sign_data(const int,	 	/*!<   specifies INIT/UPDATE/FINAL/ALL  */
658e42b6c9Schristos 		  DST_KEY *,	 	/*!<   the key to use  */
668e42b6c9Schristos 		  void **,	 	/*!<   pointer to state structure  */
678e42b6c9Schristos 		  const u_char *,	/*!<   data to be signed  */
688e42b6c9Schristos 		  const int,	 	/*!<   length of input data  */
698e42b6c9Schristos 		  u_char *,	 	/*!<   buffer to write signature to  */
708e42b6c9Schristos 		  const int);	 	/*!<   size of output buffer  */
718e42b6c9Schristos int dst_verify_data(const int,	 	/*!<   specifies INIT/UPDATE/FINAL/ALL  */
728e42b6c9Schristos 		    DST_KEY *,	 	/*!<   the key to use  */
738e42b6c9Schristos 		    void **,	 	/*!<   pointer to state structure  */
748e42b6c9Schristos 		    const u_char *,	/*!<   data to be verified  */
758e42b6c9Schristos 		    const int,	 	/*!<   length of input data  */
768e42b6c9Schristos 		    const u_char *,	/*!<   buffer containing signature  */
778e42b6c9Schristos 		    const int);	 	/*!<   length of signature  */
788e42b6c9Schristos DST_KEY *dst_read_key(const char *,	/*!<   name of key  */
798e42b6c9Schristos 		      const u_int16_t,	/*!<   key tag identifier  */
808e42b6c9Schristos 		      const int,	/*!<   key algorithm  */
818e42b6c9Schristos 		      const int);	/*!<   Private/PublicKey wanted */
828e42b6c9Schristos int      dst_write_key(const DST_KEY *,	/*!<   key to write out  */
838e42b6c9Schristos 		       const int); 	/*!<   Public/Private  */
848e42b6c9Schristos DST_KEY *dst_dnskey_to_key(const char *,	/*!<   KEY record name  */
858e42b6c9Schristos 			   const u_char *,	/*!<   KEY RDATA  */
868e42b6c9Schristos 			   const int);		/*!<   size of input buffer */
878e42b6c9Schristos int      dst_key_to_dnskey(const DST_KEY *,	/*!<   key to translate  */
888e42b6c9Schristos 			   u_char *,		/*!<   output buffer  */
898e42b6c9Schristos 			   const int);		/*!<   size of out_storage */
908e42b6c9Schristos DST_KEY *dst_buffer_to_key(const char *,  	/*!<   name of the key  */
918e42b6c9Schristos 			   const int,	  	/*!<   algorithm  */
928e42b6c9Schristos 			   const int,	  	/*!<   dns flags  */
938e42b6c9Schristos 			   const int,	  	/*!<   dns protocol  */
948e42b6c9Schristos 			   const u_char *, 	/*!<   key in dns wire fmt  */
958e42b6c9Schristos 			   const int);	  	/*!<   size of key  */
9689abd492Schristos int     dst_key_to_buffer(DST_KEY *, u_char *, int);
9789abd492Schristos 
988e42b6c9Schristos DST_KEY *dst_generate_key(const char *,    	/*!<   name of new key  */
998e42b6c9Schristos 			  const int,       	/*!<   key algorithm to generate  */
1008e42b6c9Schristos 			  const int,      	/*!<   size of new key  */
1018e42b6c9Schristos 			  const int,       	/*!<   alg dependent parameter */
1028e42b6c9Schristos 			  const int,     	/*!<   key DNS flags  */
1038e42b6c9Schristos 			  const int);		/*!<   key DNS protocol  */
10489abd492Schristos DST_KEY *dst_free_key(DST_KEY *);
10589abd492Schristos int      dst_compare_keys(const DST_KEY *, const DST_KEY *);
10689abd492Schristos 
10789abd492Schristos int	dst_sig_size(DST_KEY *);
10889abd492Schristos 
10989abd492Schristos 
11089abd492Schristos /* support for dns key tags/ids */
11189abd492Schristos u_int16_t dst_s_dns_key_id(const u_char *, const int);
11289abd492Schristos u_int16_t dst_s_id_calc(const u_char *, const int);
11389abd492Schristos 
11489abd492Schristos /* Used by callers as well as by the library.  */
1158e42b6c9Schristos #define RAW_KEY_SIZE    8192        /*%< large enough to store any key */
11689abd492Schristos /* DST_API control flags */
11789abd492Schristos /* These are used used in functions dst_sign_data and dst_verify_data */
1188e42b6c9Schristos #define SIG_MODE_INIT		1  /*%< initialize digest */
1198e42b6c9Schristos #define SIG_MODE_UPDATE		2  /*%< add data to digest */
1208e42b6c9Schristos #define SIG_MODE_FINAL		4  /*%< generate/verify signature */
12189abd492Schristos #define SIG_MODE_ALL		(SIG_MODE_INIT|SIG_MODE_UPDATE|SIG_MODE_FINAL)
12289abd492Schristos 
12389abd492Schristos /* Flags for dst_read_private_key()  */
12489abd492Schristos #define DST_FORCE_READ		0x1000000
12589abd492Schristos #define DST_CAN_SIGN		0x010F
12689abd492Schristos #define DST_NO_AUTHEN		0x8000
12789abd492Schristos #define DST_EXTEND_FLAG         0x1000
12889abd492Schristos #define DST_STANDARD		0
12989abd492Schristos #define DST_PRIVATE             0x2000000
13089abd492Schristos #define DST_PUBLIC              0x4000000
13189abd492Schristos #define DST_RAND_SEMI           1
13289abd492Schristos #define DST_RAND_STD            2
13389abd492Schristos #define DST_RAND_KEY            3
13489abd492Schristos #define DST_RAND_DSS            4
13589abd492Schristos 
13689abd492Schristos 
13789abd492Schristos /* DST algorithm codes */
13889abd492Schristos #define KEY_RSA			1
13989abd492Schristos #define KEY_DH			2
14089abd492Schristos #define KEY_DSA			3
14189abd492Schristos #define KEY_PRIVATE		254
14289abd492Schristos #define KEY_EXPAND		255
14389abd492Schristos #define KEY_HMAC_MD5		157
14489abd492Schristos #define KEY_HMAC_SHA1		158
14589abd492Schristos #define UNKNOWN_KEYALG		0
14689abd492Schristos #define DST_MAX_ALGS            KEY_HMAC_SHA1
14789abd492Schristos 
14889abd492Schristos /* DST constants to locations in KEY record  changes in new KEY record */
14989abd492Schristos #define DST_FLAGS_SIZE		2
15089abd492Schristos #define DST_KEY_PROT		2
15189abd492Schristos #define DST_KEY_ALG		3
15289abd492Schristos #define DST_EXT_FLAG            4
15389abd492Schristos #define DST_KEY_START		4
15489abd492Schristos 
15589abd492Schristos #ifndef SIGN_F_NOKEY
15689abd492Schristos #define SIGN_F_NOKEY		0xC000
15789abd492Schristos #endif
15889abd492Schristos 
15989abd492Schristos /* error codes from dst routines */
16089abd492Schristos #define SIGN_INIT_FAILURE	(-23)
16189abd492Schristos #define SIGN_UPDATE_FAILURE	(-24)
16289abd492Schristos #define SIGN_FINAL_FAILURE	(-25)
16389abd492Schristos #define VERIFY_INIT_FAILURE	(-26)
16489abd492Schristos #define VERIFY_UPDATE_FAILURE	(-27)
16589abd492Schristos #define VERIFY_FINAL_FAILURE	(-28)
16689abd492Schristos #define MISSING_KEY_OR_SIGNATURE (-30)
16789abd492Schristos #define UNSUPPORTED_KEYALG	(-31)
16889abd492Schristos 
16989abd492Schristos #endif /* DST_H */
1708e42b6c9Schristos /*! \file */
171