c4f2d992 |
1 | /* -*-c-*- |
2 | * |
3 | * $Id: crypt.h,v 1.1 1997/07/21 13:47:51 mdw Exp $ |
4 | * |
5 | * Cryptographic transfer of `become' requests |
6 | * |
7 | * (c) 1997 EBI |
8 | */ |
9 | |
10 | /*----- Licencing notice --------------------------------------------------* |
11 | * |
12 | * This file is part of `become' |
13 | * |
14 | * `Become' is free software; you can redistribute it and/or modify |
15 | * it under the terms of the GNU General Public License as published by |
16 | * the Free Software Foundation; either version 2 of the License, or |
17 | * (at your option) any later version. |
18 | * |
19 | * `Become' is distributed in the hope that it will be useful, |
20 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
21 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
22 | * GNU General Public License for more details. |
23 | * |
24 | * You should have received a copy of the GNU General Public License |
25 | * along with `become'; if not, write to the Free Software |
26 | * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
27 | */ |
28 | |
29 | /*----- Revision history --------------------------------------------------* |
30 | * |
31 | * $Log: crypt.h,v $ |
32 | * Revision 1.1 1997/07/21 13:47:51 mdw |
33 | * Initial revision |
34 | * |
35 | */ |
36 | |
37 | #ifndef CRYPT_H |
38 | #define CRYPT_H |
39 | |
40 | #ifdef __cplusplus |
41 | extern "C" { |
42 | #endif |
43 | |
44 | /*----- Required headers --------------------------------------------------*/ |
45 | |
46 | #include <string.h> |
47 | |
48 | #ifndef BECOME_H |
49 | # include "become.h" |
50 | #endif |
51 | |
52 | #ifndef CONFIG_H |
53 | # include "config.h" |
54 | #endif |
55 | |
56 | /*----- Type definitions and data structures ------------------------------*/ |
57 | |
58 | /* --- Encryption formats --- */ |
59 | |
60 | enum { |
61 | cryptType_idea, /* Symmetric IDEA encryption */ |
62 | cryptType_rsa /* Public key RSA (later project) */ |
63 | }; |
64 | |
65 | /* --- Encrypted buffer format --- * |
66 | * |
67 | * C structures are no good here. Time for some explicit offsets. |
68 | */ |
69 | |
70 | enum { |
71 | crq_cryptType = 0, /* Encryption type (1 byte) */ |
72 | crq_iv = crq_cryptType + 1, /* Plaintext IV (8 bytes) */ |
73 | crq_session = crq_iv + 8, /* IDEA session key (16 bytes) */ |
74 | crq_cipher = crq_session + 16, /* Where to start encrypting */ |
75 | crq_time = crq_cipher, /* Time stamp (4 bytes) */ |
76 | crq_pid = crq_time + 4, /* Process ID (4 bytes) */ |
77 | crq_from = crq_pid + 4, /* From user id (4 bytes) */ |
78 | crq_to = crq_from + 4, /* To user id (4 bytes) */ |
79 | crq_cmd = crq_to + 4, /* Command string (lots of bytes) */ |
80 | crq_check = crq_cmd + CMDLEN_MAX, /* Checksum for request (4 bytes) */ |
81 | crq_size = crq_check + 4 /* Size of encrypted request */ |
82 | }; |
83 | |
84 | /* --- Encrypted result format --- */ |
85 | |
86 | enum { |
87 | crp_iv = 0, /* Plaintext IV (8 bytes) */ |
88 | crp_cipher = crp_iv + 8, /* Where to start encrypting */ |
89 | crp_time = crp_cipher, /* Time of request (4 bytes) */ |
90 | crp_pid = crp_time + 4, /* Process ID of client (4 bytes) */ |
91 | crp_answer = crp_pid + 4, /* Answer (1 or 0) (1 byte) */ |
92 | crp_check = crp_answer + 1, /* Checksum for reply (4 bytes) */ |
93 | crp_size = crp_check + 4 /* Size of encrypted reply */ |
94 | }; |
95 | |
96 | /*----- Macros ------------------------------------------------------------*/ |
97 | |
98 | /* --- @burn@ --- * |
99 | * |
100 | * Arguments: @obj@ = some object |
101 | * |
102 | * Use: Writes zero bytes over the object. |
103 | */ |
104 | |
105 | #define burn(obj) ((void)memset(&obj, 0, sizeof(obj))) |
106 | |
107 | /*----- Functions provided ------------------------------------------------*/ |
108 | |
109 | /* --- @crypt_packRequest@ --- * |
110 | * |
111 | * Arguments: @request *rq@ = pointer to request block |
112 | * @unsigned char *buff@ = pointer to a buffer |
113 | * @time_t t@ = the current time |
114 | * @pid_t pid@ = my process ID |
115 | * @unsigned char *k@ = pointer to 128-bit key |
116 | * @unsigned char *sk@ = where to put the session key |
117 | * |
118 | * Returns: The number of bytes written. |
119 | * |
120 | * Use: Packs a request block into a buffer. The buffer should have |
121 | * space for at least @crq_size@ bytes. The buffer comes back |
122 | * encrypted and ready to send. |
123 | */ |
124 | |
125 | extern void crypt_packRequest(request */*rq*/, unsigned char */*buff*/, |
126 | time_t /*t*/, pid_t /*pid*/, |
127 | unsigned char */*k*/, unsigned char */*sk*/); |
128 | |
129 | /* --- @crypt_unpackRequest@ --- * |
130 | * |
131 | * Arguments: @reqest *rq@ = pointer to destination request block |
132 | * @unsigned char *buff@ = pointer to source buffer |
133 | * @unsigned char *k@ = pointer to encryption key |
134 | * @unsigned char *sk@ = pointer to where to store session key |
135 | * @unsigned char *rpl@ = where to start building reply |
136 | * |
137 | * Returns: --- |
138 | * |
139 | * Use: Decrypts and unpacks a request buffer. |
140 | */ |
141 | |
142 | extern int crypt_unpackRequest(request */*rq*/, unsigned char */*buff*/, |
143 | unsigned char */*k*/, unsigned char */*sk*/, |
144 | unsigned char */*rpl*/); |
145 | |
146 | /* --- @crypt_packReply@ --- * |
147 | * |
148 | * Arguments: @unsigned char *buff@ = pointer to reply block |
149 | * @unsigned char *sk@ = pointer to session key |
150 | * @int answer@ = yes or no |
151 | * |
152 | * Returns: --- |
153 | * |
154 | * Use: Packs and encrypts a reply block. |
155 | */ |
156 | |
157 | extern void crypt_packReply(unsigned char */*buff*/, unsigned char */*sk*/, |
158 | int /*answer*/); |
159 | |
160 | /* --- @crypt_unpackReply@ --- * |
161 | * |
162 | * Arguments: @unsigned char *buff@ = pointer to reply buffer |
163 | * @unsigned char *sk@ = pointer to session key |
164 | * @time_t t@ = time at which request was sent |
165 | * @pid_t pid@ = my process ID |
166 | * |
167 | * Returns: >0 if request granted, zero if denied, <0 if reply rejected |
168 | * |
169 | * Use: Unpacks a reply block, and informs the caller of the outcome. |
170 | */ |
171 | |
172 | extern int crypt_unpackReply(unsigned char */*buff*/, unsigned char */*sk*/, |
173 | time_t /*t*/, pid_t /*pid*/); |
174 | |
175 | /*----- That's all, folks -------------------------------------------------*/ |
176 | |
177 | #ifdef __cplusplus |
178 | } |
179 | #endif |
180 | |
181 | #endif |