Dr Andrew Scott
G7VAV
Senior Lecturer
School of Computing
and Communications
D35 InfoLab21
Lancaster University
Lancaster, LA1 4WA
United Kingdom
School of Computing
and Communications
D35 InfoLab21
Lancaster University
Lancaster, LA1 4WA
United Kingdom
| June 2025 | ||||||
| Mo | Tu | We | Th | Fr | Sa | Su |
| 26 | 27 | 28 | 29 | 30 | 31 | 1 |
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | 1 | 2 | 3 | 4 | 5 | 6 |
key_prot.x
001: /* 002: * Key server protocol definition 003: * Copyright (c) 2010, Oracle America, Inc. 004: * 005: * Redistribution and use in source and binary forms, with or without 006: * modification, are permitted provided that the following conditions are 007: * met: 008: * 009: * * Redistributions of source code must retain the above copyright 010: * notice, this list of conditions and the following disclaimer. 011: * * Redistributions in binary form must reproduce the above 012: * copyright notice, this list of conditions and the following 013: * disclaimer in the documentation and/or other materials 014: * provided with the distribution. 015: * * Neither the name of the "Oracle America, Inc." nor the names of its 016: * contributors may be used to endorse or promote products derived 017: * from this software without specific prior written permission. 018: * 019: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 020: * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 021: * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 022: * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 023: * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 024: * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 025: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE 026: * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 027: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 028: * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 029: * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 030: * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 031: * 032: * The keyserver is a public key storage/encryption/decryption service 033: * The encryption method used is based on the Diffie-Hellman exponential 034: * key exchange technology. 035: * 036: * The key server is local to each machine, akin to the portmapper. 037: * Under TI-RPC, communication with the keyserver is through the 038: * loopback transport. 039: * 040: * NOTE: This .x file generates the USER level headers for the keyserver. 041: * the KERNEL level headers are created by hand as they kernel has special 042: * requirements. 043: */ 044: 045: %#if 0 046: %#pragma ident "@(#)key_prot.x 1.7 94/04/29 SMI" 047: %#endif 048: % 049: %/* Copyright (c) 1990, 1991 Sun Microsystems, Inc. */ 050: % 051: %/* 052: % * Compiled from key_prot.x using rpcgen. 053: % * DO NOT EDIT THIS FILE! 054: % * This is NOT source code! 055: % */ 056: 057: /* 058: * PROOT and MODULUS define the way the Diffie-Hellman key is generated. 059: * 060: * MODULUS should be chosen as a prime of the form: MODULUS == 2*p + 1, 061: * where p is also prime. 062: * 063: * PROOT satisfies the following two conditions: 064: * (1) (PROOT ** 2) % MODULUS != 1 065: * (2) (PROOT ** p) % MODULUS != 1 066: * 067: */ 068: 069: const PROOT = 3; 070: const HEXMODULUS = "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b"; 071: 072: const HEXKEYBYTES = 48; /* HEXKEYBYTES == strlen(HEXMODULUS) */ 073: const KEYSIZE = 192; /* KEYSIZE == bit length of key */ 074: const KEYBYTES = 24; /* byte length of key */ 075: 076: /* 077: * The first 16 hex digits of the encrypted secret key are used as 078: * a checksum in the database. 079: */ 080: const KEYCHECKSUMSIZE = 16; 081: 082: /* 083: * status of operation 084: */ 085: enum keystatus { 086: KEY_SUCCESS, /* no problems */ 087: KEY_NOSECRET, /* no secret key stored */ 088: KEY_UNKNOWN, /* unknown netname */ 089: KEY_SYSTEMERR /* system error (out of memory, encryption failure) */ 090: }; 091: 092: typedef opaque keybuf[HEXKEYBYTES]; /* store key in hex */ 093: 094: typedef string netnamestr<MAXNETNAMELEN>; 095: 096: /* 097: * Argument to ENCRYPT or DECRYPT 098: */ 099: struct cryptkeyarg { 100: netnamestr remotename; 101: des_block deskey; 102: }; 103: 104: /* 105: * Argument to ENCRYPT_PK or DECRYPT_PK 106: */ 107: struct cryptkeyarg2 { 108: netnamestr remotename; 109: netobj remotekey; /* Contains a length up to 1024 bytes */ 110: des_block deskey; 111: }; 112: 113: 114: /* 115: * Result of ENCRYPT, DECRYPT, ENCRYPT_PK, and DECRYPT_PK 116: */ 117: union cryptkeyres switch (keystatus status) { 118: case KEY_SUCCESS: 119: des_block deskey; 120: default: 121: void; 122: }; 123: 124: const MAXGIDS = 16; /* max number of gids in gid list */ 125: 126: /* 127: * Unix credential 128: */ 129: struct unixcred { 130: u_int uid; 131: u_int gid; 132: u_int gids<MAXGIDS>; 133: }; 134: 135: /* 136: * Result returned from GETCRED 137: */ 138: union getcredres switch (keystatus status) { 139: case KEY_SUCCESS: 140: unixcred cred; 141: default: 142: void; 143: }; 144: /* 145: * key_netstarg; 146: */ 147: 148: struct key_netstarg { 149: keybuf st_priv_key; 150: keybuf st_pub_key; 151: netnamestr st_netname; 152: }; 153: 154: union key_netstres switch (keystatus status){ 155: case KEY_SUCCESS: 156: key_netstarg knet; 157: default: 158: void; 159: }; 160: 161: #ifdef RPC_HDR 162: % 163: %#ifndef opaque 164: %#define opaque char 165: %#endif 166: % 167: #endif 168: program KEY_PROG { 169: version KEY_VERS { 170: 171: /* 172: * This is my secret key. 173: * Store it for me. 174: */ 175: keystatus 176: KEY_SET(keybuf) = 1; 177: 178: /* 179: * I want to talk to X. 180: * Encrypt a conversation key for me. 181: */ 182: cryptkeyres 183: KEY_ENCRYPT(cryptkeyarg) = 2; 184: 185: /* 186: * X just sent me a message. 187: * Decrypt the conversation key for me. 188: */ 189: cryptkeyres 190: KEY_DECRYPT(cryptkeyarg) = 3; 191: 192: /* 193: * Generate a secure conversation key for me 194: */ 195: des_block 196: KEY_GEN(void) = 4; 197: 198: /* 199: * Get me the uid, gid and group-access-list associated 200: * with this netname (for kernel which cannot use NIS) 201: */ 202: getcredres 203: KEY_GETCRED(netnamestr) = 5; 204: } = 1; 205: version KEY_VERS2 { 206: 207: /* 208: * ####### 209: * Procedures 1-5 are identical to version 1 210: * ####### 211: */ 212: 213: /* 214: * This is my secret key. 215: * Store it for me. 216: */ 217: keystatus 218: KEY_SET(keybuf) = 1; 219: 220: /* 221: * I want to talk to X. 222: * Encrypt a conversation key for me. 223: */ 224: cryptkeyres 225: KEY_ENCRYPT(cryptkeyarg) = 2; 226: 227: /* 228: * X just sent me a message. 229: * Decrypt the conversation key for me. 230: */ 231: cryptkeyres 232: KEY_DECRYPT(cryptkeyarg) = 3; 233: 234: /* 235: * Generate a secure conversation key for me 236: */ 237: des_block 238: KEY_GEN(void) = 4; 239: 240: /* 241: * Get me the uid, gid and group-access-list associated 242: * with this netname (for kernel which cannot use NIS) 243: */ 244: getcredres 245: KEY_GETCRED(netnamestr) = 5; 246: 247: /* 248: * I want to talk to X. and I know X's public key 249: * Encrypt a conversation key for me. 250: */ 251: cryptkeyres 252: KEY_ENCRYPT_PK(cryptkeyarg2) = 6; 253: 254: /* 255: * X just sent me a message. and I know X's public key 256: * Decrypt the conversation key for me. 257: */ 258: cryptkeyres 259: KEY_DECRYPT_PK(cryptkeyarg2) = 7; 260: 261: /* 262: * Store my public key, netname and private key. 263: */ 264: keystatus 265: KEY_NET_PUT(key_netstarg) = 8; 266: 267: /* 268: * Retrieve my public key, netname and private key. 269: */ 270: key_netstres 271: KEY_NET_GET(void) = 9; 272: 273: /* 274: * Return me the conversation key that is constructed 275: * from my secret key and this publickey. 276: */ 277: 278: cryptkeyres 279: KEY_GET_CONV(keybuf) = 10; 280: 281: 282: } = 2; 283: } = 100029; 284:
for client
(none)
© Andrew Scott 2006 -
2025,
All Rights Reserved
All Rights Reserved
Andrew Scott