184 lines
6.0 KiB
C
184 lines
6.0 KiB
C
/* $OpenBSD: keynote.h,v 1.16 2004/06/24 21:34:33 msf Exp $ */
|
|
/*
|
|
* The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu)
|
|
*
|
|
* This code was written by Angelos D. Keromytis in Philadelphia, PA, USA,
|
|
* in April-May 1998
|
|
*
|
|
* Copyright (C) 1998, 1999 by Angelos D. Keromytis.
|
|
*
|
|
* Permission to use, copy, and modify this software with or without fee
|
|
* is hereby granted, provided that this entire notice is included in
|
|
* all copies of any software which is or includes a copy or
|
|
* modification of this software.
|
|
*
|
|
* THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
|
|
* IMPLIED WARRANTY. IN PARTICULAR, THE AUTHORS MAKES NO
|
|
* REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
|
|
* MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
|
|
* PURPOSE.
|
|
*/
|
|
|
|
#ifndef __KEYNOTE_H__
|
|
#define __KEYNOTE_H__
|
|
|
|
struct environment
|
|
{
|
|
char *env_name;
|
|
char *env_value;
|
|
int env_flags;
|
|
regex_t env_regex;
|
|
struct environment *env_next;
|
|
};
|
|
|
|
struct keynote_deckey
|
|
{
|
|
int dec_algorithm;
|
|
void *dec_key;
|
|
};
|
|
|
|
struct keynote_binary
|
|
{
|
|
int bn_len;
|
|
char *bn_key;
|
|
};
|
|
|
|
struct keynote_keylist
|
|
{
|
|
int key_alg;
|
|
void *key_key;
|
|
char *key_stringkey;
|
|
struct keynote_keylist *key_next;
|
|
};
|
|
|
|
#define SIG_DSA_SHA1_HEX "sig-dsa-sha1-hex:"
|
|
#define SIG_DSA_SHA1_HEX_LEN strlen(SIG_DSA_SHA1_HEX)
|
|
#define SIG_DSA_SHA1_BASE64 "sig-dsa-sha1-base64:"
|
|
#define SIG_DSA_SHA1_BASE64_LEN strlen(SIG_DSA_SHA1_BASE64)
|
|
#define SIG_RSA_SHA1_PKCS1_HEX "sig-rsa-sha1-hex:"
|
|
#define SIG_RSA_SHA1_PKCS1_HEX_LEN strlen(SIG_RSA_SHA1_PKCS1_HEX)
|
|
#define SIG_RSA_SHA1_PKCS1_BASE64 "sig-rsa-sha1-base64:"
|
|
#define SIG_RSA_SHA1_PKCS1_BASE64_LEN strlen(SIG_RSA_SHA1_PKCS1_BASE64)
|
|
#define SIG_RSA_MD5_PKCS1_HEX "sig-rsa-md5-hex:"
|
|
#define SIG_RSA_MD5_PKCS1_HEX_LEN strlen(SIG_RSA_MD5_PKCS1_HEX)
|
|
#define SIG_RSA_MD5_PKCS1_BASE64 "sig-rsa-md5-base64:"
|
|
#define SIG_RSA_MD5_PKCS1_BASE64_LEN strlen(SIG_RSA_MD5_PKCS1_BASE64)
|
|
#define SIG_ELGAMAL_SHA1_HEX "sig-elgamal-sha1-hex:"
|
|
#define SIG_ELGAMAL_SHA1_HEX_LEN strlen(SIG_ELGAMAL_SHA1_HEX)
|
|
#define SIG_ELGAMAL_SHA1_BASE64 "sig-elgamal-sha1-base64:"
|
|
#define SIG_ELGAMAL_SHA1_BASE64_LEN strlen(SIG_ELGAMAL_SHA1_BASE64)
|
|
#define SIG_PGP_NATIVE "sig-pgp:"
|
|
#define SIG_PGP_NATIVE_LEN strlen(SIG_PGP_NATIVE)
|
|
#define SIG_X509_SHA1_BASE64 "sig-x509-sha1-base64:"
|
|
#define SIG_X509_SHA1_BASE64_LEN strlen(SIG_X509_SHA1_BASE64)
|
|
#define SIG_X509_SHA1_HEX "sig-x509-sha1-hex:"
|
|
#define SIG_X509_SHA1_HEX_LEN strlen(SIG_X509_SHA1_HEX)
|
|
|
|
#define SIGRESULT_UNTOUCHED 0
|
|
#define SIGRESULT_FALSE 1
|
|
#define SIGRESULT_TRUE 2
|
|
|
|
#define ENVIRONMENT_FLAG_FUNC 0x0001 /* This is a callback function */
|
|
#define ENVIRONMENT_FLAG_REGEX 0x0002 /* Regular expression for name */
|
|
|
|
#define ASSERT_FLAG_LOCAL 0x0001 /*
|
|
* Trusted assertion -- means
|
|
* signature is not verified, and
|
|
* authorizer field can
|
|
* include symbolic names.
|
|
*/
|
|
#define ASSERT_FLAG_SIGGEN 0x0002 /*
|
|
* Be a bit more lax with the
|
|
* contents of the Signature:
|
|
* field; to be used in
|
|
* assertion signing only.
|
|
*/
|
|
#define ASSERT_FLAG_SIGVER 0x0004 /*
|
|
* To be used in signature verification
|
|
* only.
|
|
*/
|
|
#define RESULT_FALSE 0
|
|
#define RESULT_TRUE 1
|
|
|
|
#define KEYNOTE_CALLBACK_INITIALIZE "_KEYNOTE_CALLBACK_INITIALIZE"
|
|
#define KEYNOTE_CALLBACK_CLEANUP "_KEYNOTE_CALLBACK_CLEANUP"
|
|
|
|
#define KEYNOTE_VERSION_STRING "2"
|
|
|
|
#define ERROR_MEMORY -1
|
|
#define ERROR_SYNTAX -2
|
|
#define ERROR_NOTFOUND -3
|
|
#define ERROR_SIGN_FAILURE -4
|
|
|
|
#define KEYNOTE_ALGORITHM_UNSPEC -1
|
|
#define KEYNOTE_ALGORITHM_NONE 0
|
|
#define KEYNOTE_ALGORITHM_DSA 1
|
|
#define KEYNOTE_ALGORITHM_ELGAMAL 2
|
|
#define KEYNOTE_ALGORITHM_PGP 3
|
|
#define KEYNOTE_ALGORITHM_BINARY 4
|
|
#define KEYNOTE_ALGORITHM_X509 5
|
|
#define KEYNOTE_ALGORITHM_RSA 6
|
|
|
|
#define KEYNOTE_ERROR_ANY 0
|
|
#define KEYNOTE_ERROR_SYNTAX 1
|
|
#define KEYNOTE_ERROR_MEMORY 2
|
|
#define KEYNOTE_ERROR_SIGNATURE 3
|
|
|
|
#define ENCODING_NONE 0
|
|
#define ENCODING_HEX 1
|
|
#define ENCODING_BASE64 2
|
|
#define ENCODING_NATIVE 3 /* For things like PGP */
|
|
|
|
#define INTERNAL_ENC_NONE 0
|
|
#define INTERNAL_ENC_PKCS1 1
|
|
#define INTERNAL_ENC_ASN1 2
|
|
#define INTERNAL_ENC_NATIVE 3 /* For things like PGP */
|
|
|
|
#define KEYNOTE_PUBLIC_KEY 0
|
|
#define KEYNOTE_PRIVATE_KEY 1
|
|
|
|
extern int keynote_errno;
|
|
|
|
__BEGIN_DECLS
|
|
/* Session API */
|
|
int kn_init(void);
|
|
int kn_add_assertion(int, char *, int, int);
|
|
int kn_remove_assertion(int, int);
|
|
int kn_add_action(int, char *, char *, int);
|
|
int kn_remove_action(int, char *);
|
|
int kn_add_authorizer(int, char *);
|
|
int kn_remove_authorizer(int, char *);
|
|
int kn_do_query(int, char **, int);
|
|
int kn_get_failed(int, int, int);
|
|
int kn_cleanup_action_environment(int);
|
|
int kn_close(int);
|
|
void kn_free_key(struct keynote_deckey *);
|
|
char *kn_get_string(char *);
|
|
|
|
/* Simple API */
|
|
int kn_query(struct environment *, char **, int, char **, int *, int,
|
|
char **, int *, int, char **, int);
|
|
|
|
/* Aux. routines */
|
|
char **kn_read_asserts(char *, int, int *);
|
|
int kn_keycompare(void *, void *, int);
|
|
void *kn_get_authorizer(int, int, int *);
|
|
struct keynote_keylist *kn_get_licensees(int, int);
|
|
|
|
/* ASCII-encoding API */
|
|
int kn_encode_base64(unsigned char const *, unsigned int, char *,
|
|
unsigned int);
|
|
int kn_decode_base64(char const *, unsigned char *, unsigned int);
|
|
int kn_encode_hex(unsigned char *, char **, int);
|
|
int kn_decode_hex(char *, char **);
|
|
|
|
/* Key-encoding API */
|
|
int kn_decode_key(struct keynote_deckey *, char *, int);
|
|
char *kn_encode_key(struct keynote_deckey *, int, int, int);
|
|
|
|
/* Crypto API */
|
|
char *kn_sign_assertion(char *, int, char *, char *, int);
|
|
int kn_verify_assertion(char *, int);
|
|
__END_DECLS
|
|
#endif /* __KEYNOTE_H__ */
|