2 % * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
3 % * unrestricted use provided that this legend is included on all tape
4 % * media and as a part of the software program in whole or part. Users
5 % * may copy or modify Sun RPC without charge, but are not authorized
6 % * to license or distribute it to anyone else except as part of a product or
7 % * program developed by the user.
9 % * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
10 % * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
11 % * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
13 % * Sun RPC is provided with no support and without any obligation on the
14 % * part of Sun Microsystems, Inc. to assist in its use, correction,
15 % * modification or enhancement.
17 % * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
18 % * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
19 % * OR ANY PART THEREOF.
21 % * In no event will Sun Microsystems, Inc. be liable for any lost revenue
22 % * or profits or other special, indirect and consequential damages, even if
23 % * Sun has been advised of the possibility of such damages.
25 % * Sun Microsystems, Inc.
26 % * 2550 Garcia Avenue
27 % * Mountain View, California 94043
30 * Key server protocol definition
31 * Copyright (C) 1990, 1991 Sun Microsystems, Inc.
33 * The keyserver is a public key storage/encryption/decryption service
34 * The encryption method used is based on the Diffie-Hellman exponential
35 * key exchange technology.
37 * The key server is local to each machine, akin to the portmapper.
38 * Under TI-RPC, communication with the keyserver is through the
41 * NOTE: This .x file generates the USER level headers for the keyserver.
42 * the KERNEL level headers are created by hand as they kernel has special
46 %/* From: #pragma ident "@(#)key_prot.x 1.7 94/04/29 SMI" */
48 %/* Copyright (c) 1990, 1991 Sun Microsystems, Inc. */
51 % * Compiled from key_prot.x using rpcgen.
52 % * DO NOT EDIT THIS FILE!
53 % * This is NOT source code!
57 * PROOT and MODULUS define the way the Diffie-Hellman key is generated.
59 * MODULUS should be chosen as a prime of the form: MODULUS == 2*p + 1,
60 * where p is also prime.
62 * PROOT satisfies the following two conditions:
63 * (1) (PROOT ** 2) % MODULUS != 1
64 * (2) (PROOT ** p) % MODULUS != 1
69 const HEXMODULUS = "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b";
71 const HEXKEYBYTES = 48; /* HEXKEYBYTES == strlen(HEXMODULUS) */
72 const KEYSIZE = 192; /* KEYSIZE == bit length of key */
73 const KEYBYTES = 24; /* byte length of key */
76 * The first 16 hex digits of the encrypted secret key are used as
77 * a checksum in the database.
79 const KEYCHECKSUMSIZE = 16;
85 KEY_SUCCESS, /* no problems */
86 KEY_NOSECRET, /* no secret key stored */
87 KEY_UNKNOWN, /* unknown netname */
88 KEY_SYSTEMERR /* system error (out of memory, encryption failure) */
91 typedef opaque keybuf[HEXKEYBYTES]; /* store key in hex */
93 typedef string netnamestr<MAXNETNAMELEN>;
96 * Argument to ENCRYPT or DECRYPT
99 netnamestr remotename;
104 * Argument to ENCRYPT_PK or DECRYPT_PK
106 struct cryptkeyarg2 {
107 netnamestr remotename;
108 netobj remotekey; /* Contains a length up to 1024 bytes */
114 * Result of ENCRYPT, DECRYPT, ENCRYPT_PK, and DECRYPT_PK
116 union cryptkeyres switch (keystatus status) {
123 const MAXGIDS = 16; /* max number of gids in gid list */
135 * Result returned from GETCRED
137 union getcredres switch (keystatus status) {
147 struct key_netstarg {
150 netnamestr st_netname;
153 union key_netstres switch (keystatus status){
171 * This is my secret key.
178 * I want to talk to X.
179 * Encrypt a conversation key for me.
182 KEY_ENCRYPT(cryptkeyarg) = 2;
185 * X just sent me a message.
186 * Decrypt the conversation key for me.
189 KEY_DECRYPT(cryptkeyarg) = 3;
192 * Generate a secure conversation key for me
198 * Get me the uid, gid and group-access-list associated
199 * with this netname (for kernel which cannot use NIS)
202 KEY_GETCRED(netnamestr) = 5;
208 * Procedures 1-5 are identical to version 1
213 * This is my secret key.
220 * I want to talk to X.
221 * Encrypt a conversation key for me.
224 KEY_ENCRYPT(cryptkeyarg) = 2;
227 * X just sent me a message.
228 * Decrypt the conversation key for me.
231 KEY_DECRYPT(cryptkeyarg) = 3;
234 * Generate a secure conversation key for me
240 * Get me the uid, gid and group-access-list associated
241 * with this netname (for kernel which cannot use NIS)
244 KEY_GETCRED(netnamestr) = 5;
247 * I want to talk to X. and I know X's public key
248 * Encrypt a conversation key for me.
251 KEY_ENCRYPT_PK(cryptkeyarg2) = 6;
254 * X just sent me a message. and I know X's public key
255 * Decrypt the conversation key for me.
258 KEY_DECRYPT_PK(cryptkeyarg2) = 7;
261 * Store my public key, netname and private key.
264 KEY_NET_PUT(key_netstarg) = 8;
267 * Retrieve my public key, netname and private key.
270 KEY_NET_GET(void) = 9;
273 * Return me the conversation key that is constructed
274 * from my secret key and this publickey.
278 KEY_GET_CONV(keybuf) = 10;