sec/dst/dst_internal.h

	dst_internal.h revision 68e4926b2262571e004b4be00b905ec776c01d9c
cffe50abf66495ee08084f8e1081278a9b589985Brian Wellington#ifndef DST_INTERNAL_H
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews#define DST_INTERNAL_H
cffe50abf66495ee08084f8e1081278a9b589985Brian Wellington
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews/*
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews *
cffe50abf66495ee08084f8e1081278a9b589985Brian Wellington * Permission to use, copy modify, and distribute this software for any
cffe50abf66495ee08084f8e1081278a9b589985Brian Wellington * purpose with or without fee is hereby granted, provided that the above
70e5a7403f0e0a3bd292b8287c5fed5772c15270Automatic Updater * copyright notice and this permission notice appear in all copies.
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein *
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * THE SOFTWARE IS PROVIDED "AS IS" AND TRUSTED INFORMATION SYSTEMS
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * TRUSTED INFORMATION SYSTEMS BE LIABLE FOR ANY SPECIAL, DIRECT,
15c7a1bf207173deb2bff1d610d5f784b6629875Tinderbox User * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * WITH THE USE OR PERFORMANCE OF THE SOFTWARE.
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein */
15c7a1bf207173deb2bff1d610d5f784b6629875Tinderbox User#include <isc/lang.h>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein#include <isc/buffer.h>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein#include <isc/int.h>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein#include <isc/region.h>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein#include "../rename.h"
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein#include "../rename-dnssafe.h"
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein#include <dst/dst.h>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein#include <dst/result.h>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein
15c7a1bf207173deb2bff1d610d5f784b6629875Tinderbox UserISC_LANG_BEGINDECLS
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein/*
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * define what crypto systems are supported.
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * BSAFE, DNSSAFE for RSA
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * OPENSSL for DSA
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * Only one package per algorithm can be defined.
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein */
15c7a1bf207173deb2bff1d610d5f784b6629875Tinderbox User#if defined(BSAFE) && defined(DNSSAFE)
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein# error "Cannot have both BSAFE and DNSSAFE defined"
15c7a1bf207173deb2bff1d610d5f784b6629875Tinderbox User#endif
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein/***
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein *** Types
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein ***/
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein
15c7a1bf207173deb2bff1d610d5f784b6629875Tinderbox Usertypedef struct dst_func dst_func;
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austeinstruct dst_key {
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	unsigned int	magic;
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	char *		key_name;	/* name of the key */
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	int		key_size;	/* size of the key in bits */
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	int		key_proto;	/* protocols this key is used for */
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	int		key_alg;	/* algorithm of the key */
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	isc_uint32_t	key_flags;	/* flags of the public key */
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	isc_uint16_t	key_id;		/* identifier of the key */
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	isc_mem_t	*mctx;		/* memory context */
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	void *		opaque;		/* pointer to key in crypto pkg fmt */
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	dst_func *	func;		/* crypto package specific functions */
15c7a1bf207173deb2bff1d610d5f784b6629875Tinderbox User};
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein
15c7a1bf207173deb2bff1d610d5f784b6629875Tinderbox Userstruct dst_func {
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	isc_result_t (*sign)(const unsigned int mode, dst_key_t *key,
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein			     void **context, isc_region_t *data,
15c7a1bf207173deb2bff1d610d5f784b6629875Tinderbox User			     isc_buffer_t *sig, isc_mem_t *mctx);
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	isc_result_t (*verify)(const unsigned int mode, dst_key_t *key,
15c7a1bf207173deb2bff1d610d5f784b6629875Tinderbox User			       void **context, isc_region_t *data,
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein			       isc_region_t *sig, isc_mem_t *mctx);
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	isc_result_t (*computesecret)(const dst_key_t *pub,
15c7a1bf207173deb2bff1d610d5f784b6629875Tinderbox User				      const dst_key_t *priv,
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein				      isc_buffer_t *secret);
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	isc_boolean_t (*compare)(const dst_key_t *key1, const dst_key_t *key2);
15c7a1bf207173deb2bff1d610d5f784b6629875Tinderbox User	isc_boolean_t (*paramcompare)(const dst_key_t *key1,
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein				      const dst_key_t *key2);
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	isc_result_t (*generate)(dst_key_t *key, int parms, isc_mem_t *mctx);
15c7a1bf207173deb2bff1d610d5f784b6629875Tinderbox User	isc_boolean_t (*isprivate)(const dst_key_t *key);
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	void (*destroy)(void *key, isc_mem_t *mctx);
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	/* conversion functions */
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein	isc_result_t (*to_dns)(const dst_key_t *key, isc_buffer_t *data);
cffe50abf66495ee08084f8e1081278a9b589985Brian Wellington	isc_result_t (*from_dns)(dst_key_t *key, isc_buffer_t *data,
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellington				 isc_mem_t *mctx);
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellington	isc_result_t (*to_file)(const dst_key_t *key);
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellington	isc_result_t (*from_file)(dst_key_t *key, const isc_uint16_t id,
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellington				  isc_mem_t *mctx);
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellington};
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellington
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellingtonextern dst_func *dst_t_func[DST_MAX_ALGS];
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellington
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellington/* suffixes for key file names */
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellington#define PRIVATE_KEY		"private"
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellington#define PUBLIC_KEY		"key"
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellington
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein#ifndef DST_HASH_SIZE
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein#define DST_HASH_SIZE 20	/* RIPEMD160 & SHA-1 are 20 bytes, MD5 is 16 */
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein#endif
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellington
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellingtonvoid		dst_s_hmacmd5_init(void);
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellingtonvoid		dst_s_bsafersa_init(void);
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellingtonvoid		dst_s_openssldsa_init(void);
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellingtonvoid		dst_s_openssldh_init(void);
47ad4fad771b9c570bcf57793d6a931e0ca9856cAndreas Gustafsson
47ad4fad771b9c570bcf57793d6a931e0ca9856cAndreas Gustafsson/* support functions */
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellington
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellingtonint		dst_s_calculate_bits(const unsigned char *str, const int max_bits);
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellingtonisc_uint16_t	dst_s_id_calc(const unsigned char *key, const int keysize);
668728fed845b9db9c1423946df03d5fc69f4eeeBrian Wellingtonint		dst_s_build_filename(char *filename, const char *name,
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein				     isc_uint16_t id, int alg,
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein				     const char *suffix,
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafsson				     size_t filename_length);
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafsson
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafsson
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafsson/* digest functions */
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafssonisc_result_t	dst_s_md5(const unsigned int mode, void **context,
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafsson			  isc_region_t *data, isc_buffer_t *digest,
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafsson			  isc_mem_t *mctx);
5eb91bd90e3ad3426e5e3213031556a737cf3809Mark Andrews
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafsson
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafsson/* memory allocators using the DST memory pool */
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafssonvoid *		dst_mem_alloc(size_t size);
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafssonvoid		dst_mem_free(void *ptr);
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafssonvoid *		dst_mem_realloc(void *ptr, size_t size);
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafsson
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafsson
f00075e753b20ece0b4daf68b29044e44c898d89Andreas GustafssonISC_LANG_ENDDECLS
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafsson
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafsson#endif /* DST_INTERNAL_H */
f00075e753b20ece0b4daf68b29044e44c898d89Andreas Gustafsson