summaryrefslogtreecommitdiff
path: root/lib/libkeynote/keynote.h
blob: 4dc8edde33fc13f12d4b29286e3a44398c6ea843 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
/* $OpenBSD: keynote.h,v 1.10 1999/10/09 19:47:32 angelos Exp $ */
/*
 * The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu)
 *
 * This code was written by Angelos D. Keromytis in Philadelphia, PA, USA,
 * in April-May 1998
 *
 * Copyright (C) 1998, 1999 by Angelos D. Keromytis.
 *	
 * Permission to use, copy, and modify this software without fee
 * is hereby granted, provided that this entire notice is included in
 * all copies of any software which is or includes a copy or
 * modification of this software. 
 *
 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
 * IMPLIED WARRANTY. IN PARTICULAR, THE AUTHORS MAKES NO
 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
 * PURPOSE.
 */

#ifndef __KEYNOTE_H__
#define __KEYNOTE_H__

#include <sys/types.h>
#include <regex.h>

#include <ssl/crypto.h>
#include <ssl/dsa.h>
#include <ssl/rsa.h>
#include <ssl/sha.h>
#include <ssl/md5.h>
#include <ssl/err.h>
#include <ssl/rand.h>
#include <ssl/x509.h>
#include <ssl/pem.h>

#define KEYNOTERNDFILENAME "/dev/urandom"

struct environment
{
    char               *env_name;
    char               *env_value;
    int                 env_flags;
    regex_t             env_regex;
    struct environment *env_next;
};

struct keynote_deckey
{
    int   dec_algorithm;
    void *dec_key;
};

struct keynote_binary
{
    int   bn_len;
    char *bn_key;
};

struct keynote_keylist
{
    int                     key_alg;
    void                   *key_key;
    char                   *key_stringkey;
    struct keynote_keylist *key_next;
};

#define SIG_DSA_SHA1_HEX              "sig-dsa-sha1-hex:"
#define SIG_DSA_SHA1_HEX_LEN          strlen(SIG_DSA_SHA1_HEX)
#define SIG_DSA_SHA1_BASE64           "sig-dsa-sha1-base64:"
#define SIG_DSA_SHA1_BASE64_LEN       strlen(SIG_DSA_SHA1_BASE64)
#define SIG_RSA_SHA1_PKCS1_HEX        "sig-rsa-sha1-hex:"
#define SIG_RSA_SHA1_PKCS1_HEX_LEN    strlen(SIG_RSA_SHA1_PKCS1_HEX)
#define SIG_RSA_SHA1_PKCS1_BASE64     "sig-rsa-sha1-base64:"
#define SIG_RSA_SHA1_PKCS1_BASE64_LEN strlen(SIG_RSA_SHA1_PKCS1_BASE64)
#define SIG_RSA_MD5_PKCS1_HEX         "sig-rsa-md5-hex:"
#define SIG_RSA_MD5_PKCS1_HEX_LEN     strlen(SIG_RSA_MD5_PKCS1_HEX)
#define SIG_RSA_MD5_PKCS1_BASE64      "sig-rsa-md5-base64:"
#define SIG_RSA_MD5_PKCS1_BASE64_LEN  strlen(SIG_RSA_MD5_PKCS1_BASE64)
#define SIG_ELGAMAL_SHA1_HEX          "sig-elgamal-sha1-hex:"
#define SIG_ELGAMAL_SHA1_HEX_LEN      strlen(SIG_ELGAMAL_SHA1_HEX)
#define SIG_ELGAMAL_SHA1_BASE64       "sig-elgamal-sha1-base64:"
#define SIG_ELGAMAL_SHA1_BASE64_LEN   strlen(SIG_ELGAMAL_SHA1_BASE64)
#define SIG_PGP_NATIVE                "sig-pgp:"
#define SIG_PGP_NATIVE_LEN            strlen(SIG_PGP_NATIVE)
#define SIG_X509_SHA1_BASE64          "sig-x509-sha1-base64:"
#define SIG_X509_SHA1_BASE64_LEN      strlen(SIG_X509_SHA1_BASE64)
#define SIG_X509_SHA1_HEX             "sig-x509-sha1-hex:"
#define SIG_X509_SHA1_HEX_LEN         strlen(SIG_X509_SHA1_HEX)

#define SIGRESULT_UNTOUCHED     0
#define SIGRESULT_FALSE         1
#define SIGRESULT_TRUE          2

#define ENVIRONMENT_FLAG_FUNC   0x0001 /* This is a callback function */
#define ENVIRONMENT_FLAG_REGEX  0x0002 /* Regular expression for name */

#define ASSERT_FLAG_LOCAL       0x0001 /* 
					* Trusted assertion -- means
					* signature is not verified, and
					* authorizer field can 
					* include symbolic names.
				        */
#define ASSERT_FLAG_SIGGEN      0x0002 /*
					* Be a bit more lax with the
					* contents of the Signature:
					* field; to be used in
					* assertion signing only.
					*/
#define ASSERT_FLAG_SIGVER	0x0004 /*
					* To be used in signature verification
					* only.
					*/
#define RESULT_FALSE            0
#define RESULT_TRUE             1

#define KEYNOTE_CALLBACK_INITIALIZE		"_KEYNOTE_CALLBACK_INITIALIZE"
#define KEYNOTE_CALLBACK_CLEANUP		"_KEYNOTE_CALLBACK_CLEANUP"

#define KEYNOTE_VERSION_STRING			"2"

#define ERROR_MEMORY	       -1
#define ERROR_SYNTAX	       -2
#define ERROR_NOTFOUND         -3
#define ERROR_SIGN_FAILURE     -4

#define KEYNOTE_ALGORITHM_UNSPEC       -1
#define KEYNOTE_ALGORITHM_NONE		0
#define KEYNOTE_ALGORITHM_DSA		1
#define KEYNOTE_ALGORITHM_ELGAMAL	2
#define KEYNOTE_ALGORITHM_PGP		3
#define KEYNOTE_ALGORITHM_BINARY        4
#define KEYNOTE_ALGORITHM_X509          5
#define KEYNOTE_ALGORITHM_RSA		6

#define KEYNOTE_ERROR_ANY        0
#define KEYNOTE_ERROR_SYNTAX     1
#define KEYNOTE_ERROR_MEMORY     2
#define KEYNOTE_ERROR_SIGNATURE  3

#define ENCODING_NONE		   0
#define ENCODING_HEX		   1
#define ENCODING_BASE64		   2
#define ENCODING_NATIVE		   3	/* For things like PGP */

#define INTERNAL_ENC_NONE	   0
#define INTERNAL_ENC_PKCS1	   1
#define INTERNAL_ENC_ASN1          2
#define INTERNAL_ENC_NATIVE	   3	/* For things like PGP */

#define KEYNOTE_PUBLIC_KEY         0
#define KEYNOTE_PRIVATE_KEY        1

extern int keynote_errno;

/* Session API */
int    kn_init(void);
int    kn_add_assertion(int, char *, int, int);
int    kn_remove_assertion(int, int);
int    kn_add_action(int, char *, char *, int);
int    kn_remove_action(int, char *);
int    kn_add_authorizer(int, char *);
int    kn_remove_authorizer(int, char *);
int    kn_do_query(int, char **, int);
int    kn_get_failed(int, int, int);
int    kn_cleanup_action_environment(int);
int    kn_close(int);

/* Simple API */
int    kn_query(struct environment *, char **, int, char **, int *, int,
		char **, int *, int, char **, int);

/* Aux. routines */
char **kn_read_asserts(char *, int, int *);
int    kn_keycompare(void *, void *, int);
void  *kn_get_authorizer(int, int, int *);
struct keynote_keylist *kn_get_licensees(int, int);

/* ASCII-encoding API */
int    kn_encode_base64(unsigned char const *, unsigned int, char *,
			unsigned int);
int    kn_decode_base64(char const *, unsigned char *, unsigned int);
int    kn_encode_hex(unsigned char *, char **, int);
int    kn_decode_hex(char *, char **);

/* Key-encoding API */
int    kn_decode_key(struct keynote_deckey *, char *, int);
char  *kn_encode_key(struct keynote_deckey *, int, int, int);

/* Crypto API */
char  *kn_sign_assertion(char *, int, char *, char *, int);
int    kn_verify_assertion(char *, int);
#endif /* __KEYNOTE_H__ */