[become] / src / crypt.h

/* -*-c-*-
 *
 * $Id: crypt.h,v 1.1 1997/07/21 13:47:51 mdw Exp $
 *
 * Cryptographic transfer of `become' requests
 *
 * (c) 1997 EBI
 */

/*----- Licencing notice --------------------------------------------------*
 *
 * This file is part of `become'
 *
 * `Become' is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * `Become' is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with `become'; if not, write to the Free Software
 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */

/*----- Revision history --------------------------------------------------*
 *
 * $Log: crypt.h,v $
 * Revision 1.1  1997/07/21 13:47:51  mdw
 * Initial revision
 *
 */

#ifndef CRYPT_H
#define CRYPT_H

#ifdef __cplusplus
  extern "C" {
#endif

/*----- Required headers --------------------------------------------------*/

#include <string.h>

#ifndef BECOME_H
#  include "become.h"
#endif

#ifndef CONFIG_H
#  include "config.h"
#endif

/*----- Type definitions and data structures ------------------------------*/

/* --- Encryption formats --- */

enum {
  cryptType_idea,			/* Symmetric IDEA encryption */
  cryptType_rsa				/* Public key RSA (later project) */
};

/* --- Encrypted buffer format --- *
 *
 * C structures are no good here.  Time for some explicit offsets.
 */

enum {
  crq_cryptType = 0,			/* Encryption type (1 byte) */
  crq_iv = crq_cryptType + 1,		/* Plaintext IV (8 bytes) */
  crq_session = crq_iv + 8,		/* IDEA session key (16 bytes) */
  crq_cipher = crq_session + 16,	/* Where to start encrypting */
  crq_time = crq_cipher,		/* Time stamp (4 bytes) */
  crq_pid = crq_time + 4,		/* Process ID (4 bytes) */
  crq_from = crq_pid + 4,		/* From user id (4 bytes) */
  crq_to = crq_from + 4,		/* To user id (4 bytes) */
  crq_cmd = crq_to + 4,			/* Command string (lots of bytes) */
  crq_check = crq_cmd + CMDLEN_MAX,	/* Checksum for request (4 bytes) */
  crq_size = crq_check + 4		/* Size of encrypted request */
};

/* --- Encrypted result format --- */

enum {
  crp_iv = 0,				/* Plaintext IV (8 bytes) */
  crp_cipher = crp_iv + 8,		/* Where to start encrypting */
  crp_time = crp_cipher,		/* Time of request (4 bytes) */
  crp_pid = crp_time + 4,		/* Process ID of client (4 bytes) */
  crp_answer = crp_pid + 4,		/* Answer (1 or 0) (1 byte) */
  crp_check = crp_answer + 1,		/* Checksum for reply (4 bytes) */
  crp_size = crp_check + 4		/* Size of encrypted reply */
};

/*----- Macros ------------------------------------------------------------*/

/* --- @burn@ --- *
 *
 * Arguments:	@obj@ = some object
 *
 * Use:		Writes zero bytes over the object.
 */

#define burn(obj) ((void)memset(&obj, 0, sizeof(obj)))

/*----- Functions provided ------------------------------------------------*/

/* --- @crypt_packRequest@ --- *
 *
 * Arguments:	@request *rq@ = pointer to request block
 *		@unsigned char *buff@ = pointer to a buffer
 *		@time_t t@ = the current time
 *		@pid_t pid@ = my process ID
 *		@unsigned char *k@ = pointer to 128-bit key
 *		@unsigned char *sk@ = where to put the session key
 *
 * Returns:	The number of bytes written.
 *
 * Use:		Packs a request block into a buffer.  The buffer should have
 *		space for at least @crq_size@ bytes.  The buffer comes back
 *		encrypted and ready to send.
 */

extern void crypt_packRequest(request */*rq*/, unsigned char */*buff*/,
			      time_t /*t*/, pid_t /*pid*/,
			      unsigned char */*k*/, unsigned char */*sk*/);

/* --- @crypt_unpackRequest@ --- *
 *
 * Arguments:	@reqest *rq@ = pointer to destination request block
 *		@unsigned char *buff@ = pointer to source buffer
 *		@unsigned char *k@ = pointer to encryption key
 *		@unsigned char *sk@ = pointer to where to store session key
 *		@unsigned char *rpl@ = where to start building reply
 *
 * Returns:	---
 *
 * Use:		Decrypts and unpacks a request buffer.
 */

extern int crypt_unpackRequest(request */*rq*/, unsigned char */*buff*/,
			       unsigned char */*k*/, unsigned char */*sk*/,
			       unsigned char */*rpl*/);

/* --- @crypt_packReply@ --- *
 *
 * Arguments:	@unsigned char *buff@ = pointer to reply block
 *		@unsigned char *sk@ = pointer to session key
 *		@int answer@ = yes or no
 *
 * Returns:	---
 *
 * Use:		Packs and encrypts a reply block.
 */

extern void crypt_packReply(unsigned char */*buff*/, unsigned char */*sk*/,
			    int /*answer*/);

/* --- @crypt_unpackReply@ --- *
 *
 * Arguments:	@unsigned char *buff@ = pointer to reply buffer
 *		@unsigned char *sk@ = pointer to session key
 *		@time_t t@ = time at which request was sent
 *		@pid_t pid@ = my process ID
 *
 * Returns:	>0 if request granted, zero if denied, <0 if reply rejected
 *
 * Use:		Unpacks a reply block, and informs the caller of the outcome.
 */

extern int crypt_unpackReply(unsigned char */*buff*/, unsigned char */*sk*/,
			     time_t /*t*/, pid_t /*pid*/);

/*----- That's all, folks -------------------------------------------------*/

#ifdef __cplusplus
  }
#endif

#endif
Commit	Line	Data
c4f2d992	1	/* --c--
	2	*
	3	* $Id: crypt.h,v 1.1 1997/07/21 13:47:51 mdw Exp $
	4	*
	5	* Cryptographic transfer of `become' requests
	6	*
	7	* (c) 1997 EBI
	8	*/
	9
	10	/----- Licencing notice --------------------------------------------------
	11	*
	12	* This file is part of `become'
	13	*
	14	* `Become' is free software; you can redistribute it and/or modify
	15	* it under the terms of the GNU General Public License as published by
	16	* the Free Software Foundation; either version 2 of the License, or
	17	* (at your option) any later version.
	18	*
	19	* `Become' is distributed in the hope that it will be useful,
	20	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	21	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	22	* GNU General Public License for more details.
	23	*
	24	* You should have received a copy of the GNU General Public License
	25	* along with `become'; if not, write to the Free Software
	26	* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
	27	*/
	28
	29	/----- Revision history --------------------------------------------------
	30	*
	31	* $Log: crypt.h,v $
	32	* Revision 1.1 1997/07/21 13:47:51 mdw
	33	* Initial revision
	34	*
	35	*/
	36
	37	#ifndef CRYPT_H
	38	#define CRYPT_H
	39
	40	#ifdef __cplusplus
	41	extern "C" {
	42	#endif
	43
	44	/----- Required headers --------------------------------------------------/
	45
	46	#include <string.h>
	47
	48	#ifndef BECOME_H
	49	# include "become.h"
	50	#endif
	51
	52	#ifndef CONFIG_H
	53	# include "config.h"
	54	#endif
	55
	56	/----- Type definitions and data structures ------------------------------/
	57
	58	/* --- Encryption formats --- */
	59
	60	enum {
	61	cryptType_idea, /* Symmetric IDEA encryption */
	62	cryptType_rsa /* Public key RSA (later project) */
	63	};
	64
65	/* --- Encrypted buffer format --- *
66	*
67	* C structures are no good here. Time for some explicit offsets.
68	*/
69
70	enum {
71	crq_cryptType = 0, /* Encryption type (1 byte) */
72	crq_iv = crq_cryptType + 1, /* Plaintext IV (8 bytes) */
73	crq_session = crq_iv + 8, /* IDEA session key (16 bytes) */
74	crq_cipher = crq_session + 16, /* Where to start encrypting */
75	crq_time = crq_cipher, /* Time stamp (4 bytes) */
76	crq_pid = crq_time + 4, /* Process ID (4 bytes) */
77	crq_from = crq_pid + 4, /* From user id (4 bytes) */
78	crq_to = crq_from + 4, /* To user id (4 bytes) */
79	crq_cmd = crq_to + 4, /* Command string (lots of bytes) */
80	crq_check = crq_cmd + CMDLEN_MAX, /* Checksum for request (4 bytes) */
81	crq_size = crq_check + 4 /* Size of encrypted request */
82	};
83
84	/* --- Encrypted result format --- */
85
86	enum {
87	crp_iv = 0, /* Plaintext IV (8 bytes) */
88	crp_cipher = crp_iv + 8, /* Where to start encrypting */
89	crp_time = crp_cipher, /* Time of request (4 bytes) */
90	crp_pid = crp_time + 4, /* Process ID of client (4 bytes) */
91	crp_answer = crp_pid + 4, /* Answer (1 or 0) (1 byte) */
92	crp_check = crp_answer + 1, /* Checksum for reply (4 bytes) */
93	crp_size = crp_check + 4 /* Size of encrypted reply */
94	};
95
96	/----- Macros ------------------------------------------------------------/
97
98	/* --- @burn@ --- *
99	*
100	* Arguments: @obj@ = some object
101	*
102	* Use: Writes zero bytes over the object.
103	*/
104
105	#define burn(obj) ((void)memset(&obj, 0, sizeof(obj)))
106
107	/----- Functions provided ------------------------------------------------/
108
109	/* --- @crypt_packRequest@ --- *
110	*
111	* Arguments: @request *rq@ = pointer to request block
112	* @unsigned char *buff@ = pointer to a buffer
113	* @time_t t@ = the current time
114	* @pid_t pid@ = my process ID
115	* @unsigned char *k@ = pointer to 128-bit key
116	* @unsigned char *sk@ = where to put the session key
117	*
118	* Returns: The number of bytes written.
119	*
120	* Use: Packs a request block into a buffer. The buffer should have
121	* space for at least @crq_size@ bytes. The buffer comes back
122	* encrypted and ready to send.
123	*/
124
125	extern void crypt_packRequest(request /rq/, unsigned char /buff/,
126	time_t /t/, pid_t /pid/,
127	unsigned char /k/, unsigned char /sk/);
128
129	/* --- @crypt_unpackRequest@ --- *
130	*
131	* Arguments: @reqest *rq@ = pointer to destination request block
132	* @unsigned char *buff@ = pointer to source buffer
133	* @unsigned char *k@ = pointer to encryption key
134	* @unsigned char *sk@ = pointer to where to store session key
135	* @unsigned char *rpl@ = where to start building reply
136	*
137	* Returns: ---
138	*
139	* Use: Decrypts and unpacks a request buffer.
140	*/
141
142	extern int crypt_unpackRequest(request /rq/, unsigned char /buff/,
143	unsigned char /k/, unsigned char /sk/,
144	unsigned char /rpl*/);
145
146	/* --- @crypt_packReply@ --- *
147	*
148	* Arguments: @unsigned char *buff@ = pointer to reply block
149	* @unsigned char *sk@ = pointer to session key
150	* @int answer@ = yes or no
151	*
152	* Returns: ---
153	*
154	* Use: Packs and encrypts a reply block.
155	*/
156
157	extern void crypt_packReply(unsigned char /buff/, unsigned char /sk/,
158	int /answer/);
159
160	/* --- @crypt_unpackReply@ --- *
161	*
162	* Arguments: @unsigned char *buff@ = pointer to reply buffer
163	* @unsigned char *sk@ = pointer to session key
164	* @time_t t@ = time at which request was sent
165	* @pid_t pid@ = my process ID
166	*
167	* Returns: >0 if request granted, zero if denied, <0 if reply rejected
168	*
169	* Use: Unpacks a reply block, and informs the caller of the outcome.
170	*/
171
172	extern int crypt_unpackReply(unsigned char /buff/, unsigned char /sk/,
173	time_t /t/, pid_t /pid/);
174
175	/----- That's all, folks -------------------------------------------------/
176
177	#ifdef __cplusplus
178	}
179	#endif
180
181	#endif