2 * Copyright (c) 1995, 1996, 1997, 2003 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 #ifndef __RXKAD_LOCL_H
37 #define __RXKAD_LOCL_H
51 #include <sys/types.h>
52 #include <netinet/in.h>
54 #include <roken.h> /* sometimes needed for strlcpy */
58 #define assert(e) ((void)0)
62 #define assert(e) ((e) ? (void)0 : (void)osi_Panic("assert(%s) failed: file %s, line %d\n", #e, __FILE__, __LINE__, #e))
67 * disable server side for now to get rid of des.h dependency
68 * -- milko's not in working condition anyway
72 #include <openssl/des.h>
82 static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
84 extern int rx_epoch
, rx_nextCid
;
88 #define rxkad_disipline 3
90 #define rxkad_unallocated 1
91 #define rxkad_authenticated 2
92 #define rxkad_expired 4
93 #define rxkad_checksummed 8
100 int fc_keysched(const void *key_
, int32_t sched
[ROUNDS
]);
102 /* In_ and out_ MUST be uint32_t aligned */
103 int fc_ecb_encrypt(const void *in_
, void *out_
,
104 const int32_t sched
[ROUNDS
], int encrypt
);
106 /* In_ and out_ MUST be uint32_t aligned */
107 int fc_cbc_encrypt(const void *in_
, void *out_
, int32_t length
,
108 const int32_t sched
[ROUNDS
], uint32_t iv
[2],
111 int rxkad_EncryptPacket(const void *rx_connection_not_used
,
112 const int32_t sched
[ROUNDS
], const uint32_t iv
[2],
113 int len
, struct rx_packet
*packet
);
115 int rxkad_DecryptPacket(const void *rx_connection_not_used
,
116 const int32_t sched
[ROUNDS
], const uint32_t iv
[2],
117 int len
, struct rx_packet
*packet
);
122 fc_cbc_enc2(const void *in
, void *out
, int32_t length
, const int32_t sched
[ROUNDS
],
123 const uint32_t iv_
[2], int encrypt
)
128 fc_cbc_encrypt(in
, out
, length
, sched
, iv
, encrypt
);
131 #define fc_cbc_enc2(in, out, length, sched, iv_, encrypt) \
132 { uint32_t _iv_[2]; uint32_t *_tmp_ = (iv_); \
133 memcpy(_iv_, _tmp_, 8); \
134 fc_cbc_encrypt((in), (out), (length), (sched), (_iv_), (encrypt)); }
137 #define RXKAD_VERSION 2
139 /* Version 2 challenge format */
140 typedef struct rxkad_challenge
{
147 /* To protect the client from being used as an oracle the response
148 * contains connection specific information. */
149 typedef struct rxkad_response
{
155 uint32_t cksum
; /* Cksum of this response */
156 int32_t security_index
;
157 int32_t call_numbers
[RX_MAXCALLS
];
163 /* u_char the_ticket[ticket_len]; */
166 typedef struct key_stuff
{
167 int32_t keysched
[ROUNDS
];
168 struct ktc_encryptionKey key
;
171 typedef struct end_stuff
{
172 uint32_t header_iv
[2];
173 uint32_t bytesReceived
, packetsReceived
, bytesSent
, packetsSent
;
177 rxkad_cksum_response(rxkad_response
*r
);
180 rxkad_calc_header_iv(const struct rx_connection
*conn
,
181 const int32_t sched
[ROUNDS
],
186 rxkad_prepare_packet(struct rx_packet
*pkt
, struct rx_connection
*con
,
187 int level
, key_stuff
*k
, end_stuff
*e
);
190 rxkad_check_packet(struct rx_packet
*pkt
, struct rx_connection
*con
,
191 int level
, key_stuff
*k
, end_stuff
*e
);
193 /* Per connection specific server data */
194 typedef struct serv_con_data
{
200 rxkad_level cur_level
; /* Starts at min_level and can only increase */
204 #endif /* __RXKAD_LOCL_H */