1: #ifndef DST_H
2: #define DST_H
3:
4: #ifndef HAS_DST_KEY
5: typedef struct dst_key {
6: char *dk_key_name; /* name of the key */
7: int dk_key_size; /* this is the size of the key in bits */
8: int dk_proto; /* what protocols this key can be used for */
9: int dk_alg; /* algorithm number from key record */
10: unsigned dk_flags; /* and the flags of the public key */
11: unsigned dk_id; /* identifier of the key */
12: } DST_KEY;
13: #endif /* HAS_DST_KEY */
14:
15: /*
16: * DST Crypto API defintions
17: */
18: void dst_init(void);
19: int dst_check_algorithm(const int);
20:
21: int dst_sign_data(const int mode, /* specifies INIT/UPDATE/FINAL/ALL */
22: DST_KEY *in_key, /* the key to use */
23: void **context, /* pointer to state structure */
24: const u_char *data, /* data to be signed */
25: const unsigned len, /* length of input data */
26: u_char *signature, /* buffer to write signature to */
27: const unsigned sig_len); /* size of output buffer */
28:
29: int dst_verify_data(const int mode, /* specifies INIT/UPDATE/FINAL/ALL */
30: DST_KEY *in_key, /* the key to use */
31: void **context, /* pointer to state structure */
32: const u_char *data, /* data to be verified */
33: const unsigned len, /* length of input data */
34: const u_char *signature,/* buffer containing signature */
35: const unsigned sig_len); /* length of signature */
36:
37:
38: DST_KEY *dst_read_key(const char *in_name, /* name of key */
39: const unsigned in_id, /* key tag identifier */
40: const int in_alg, /* key algorithm */
41: const int key_type); /* Private/PublicKey wanted*/
42:
43: int dst_write_key(const DST_KEY *key, /* key to write out */
44: const int key_type); /* Public/Private */
45:
46: DST_KEY *dst_dnskey_to_key(const char *in_name, /* KEY record name */
47: const u_char *key, /* KEY RDATA */
48: const unsigned len); /* size of input buffer*/
49:
50:
51: int dst_key_to_dnskey(const DST_KEY *key, /* key to translate */
52: u_char *out_storage, /* output buffer */
53: const unsigned out_len); /* size of out_storage*/
54:
55:
56: DST_KEY *dst_buffer_to_key(const char *key_name, /* name of the key */
57: const int alg, /* algorithm */
58: const unsigned flags, /* dns flags */
59: const int protocol, /* dns protocol */
60: const u_char *key_buf, /* key in dns wire fmt */
61: const unsigned key_len); /* size of key */
62:
63:
64: int dst_key_to_buffer(DST_KEY *key, u_char *out_buff, unsigned buf_len);
65:
66: DST_KEY *dst_generate_key(const char *name, /* name of new key */
67: const int bits, /* size of new key */
68: const int exp, /* alg dependent parameter*/
69: const unsigned flags, /* key DNS flags */
70: const int protocol, /* key DNS protocol */
71: const int alg); /* key algorithm to generate */
72:
73: DST_KEY *dst_free_key(DST_KEY *f_key);
74: int dst_compare_keys(const DST_KEY *key1, const DST_KEY *key2);
75:
76: int dst_sig_size(DST_KEY *key);
77:
78: int dst_random(const int mode, unsigned wanted, u_char *outran);
79:
80:
81: /* support for dns key tags/ids */
82: u_int16_t dst_s_dns_key_id(const u_char *dns_key_rdata,
83: const unsigned rdata_len);
84: u_int16_t dst_s_id_calc(const u_char *key_data, const unsigned key_len);
85:
86: /* Used by callers as well as by the library. */
87: #define RAW_KEY_SIZE 8192 /* large enough to store any key */
88:
89: /* DST_API control flags */
90: /* These are used used in functions dst_sign_data and dst_verify_data */
91: #define SIG_MODE_INIT 1 /* initalize digest */
92: #define SIG_MODE_UPDATE 2 /* add data to digest */
93: #define SIG_MODE_FINAL 4 /* generate/verify signature */
94: #define SIG_MODE_ALL (SIG_MODE_INIT|SIG_MODE_UPDATE|SIG_MODE_FINAL)
95:
96: /* Flags for dst_read_private_key() */
97: #define DST_FORCE_READ 0x1000000
98: #define DST_CAN_SIGN 0x010F
99: #define DST_NO_AUTHEN 0x8000
100: #define DST_EXTEND_FLAG 0x1000
101: #define DST_STANDARD 0
102: #define DST_PRIVATE 0x2000000
103: #define DST_PUBLIC 0x4000000
104: #define DST_RAND_SEMI 1
105: #define DST_RAND_STD 2
106: #define DST_RAND_KEY 3
107: #define DST_RAND_DSS 4
108:
109:
110: /* DST algorithm codes */
111: #define KEY_RSA 1
112: #define KEY_DH 2
113: #define KEY_DSA 3
114: #define KEY_PRIVATE 254
115: #define KEY_EXPAND 255
116: #define KEY_HMAC_MD5 157
117: #define KEY_HMAC_SHA1 158
118: #define UNKNOWN_KEYALG 0
119: #define DST_MAX_ALGS KEY_HMAC_SHA1
120:
121: /* DST constants to locations in KEY record changes in new KEY record */
122: #define DST_FLAGS_SIZE 2
123: #define DST_KEY_PROT 2
124: #define DST_KEY_ALG 3
125: #define DST_EXT_FLAG 4
126: #define DST_KEY_START 4
127:
128: #ifndef SIGN_F_NOKEY
129: #define SIGN_F_NOKEY 0xC000
130: #endif
131:
132: /* error codes from dst routines */
133: #define SIGN_INIT_FAILURE (-23)
134: #define SIGN_UPDATE_FAILURE (-24)
135: #define SIGN_FINAL_FAILURE (-25)
136: #define VERIFY_INIT_FAILURE (-26)
137: #define VERIFY_UPDATE_FAILURE (-27)
138: #define VERIFY_FINAL_FAILURE (-28)
139: #define MISSING_KEY_OR_SIGNATURE (-30)
140: #define UNSUPPORTED_KEYALG (-31)
141:
142: #endif /* DST_H */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to dst.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / dhcp / includes / isc-dhcp