crypto/external/bsd/netpgp/dist/src/libpaa/libpaa.h

   1 /*-
   2  * Copyright (c) 2010 Alistair Crooks <agc@NetBSD.org>
   3  * All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  * 1. Redistributions of source code must retain the above copyright
   9  *    notice, this list of conditions and the following disclaimer.
  10  * 2. Redistributions in binary form must reproduce the above copyright
  11  *    notice, this list of conditions and the following disclaimer in the
  12  *    documentation and/or other materials provided with the distribution.
  13  *
  14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  15  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  16  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  17  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  18  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  19  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  20  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  21  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  23  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  24  */
  25 #ifndef LIBPAA_H_
  26 #define LIBPAA_H_       20100908
  27
  28 #include <sys/types.h>
  29
  30 #include <inttypes.h>
  31 #include <stdio.h>
  32
  33 #define DEFAULT_HASH_ALG "SHA256"
  34
  35 enum {
  36         PAA_CHALLENGE_SIZE      = 128
  37 };
  38
  39 /* constant and secret info for server side */
  40 typedef struct paa_server_info_t {
  41         char             hostaddress[128];              /* host ip address */
  42         char            *secret;                        /* raw secret of server */
  43         unsigned         secretc;                       /* # of characters used */
  44         char             server_signature[512];         /* this is the encoded signature */
  45         int              server_signaturec;             /* # of chars in encoded sig */
  46 } paa_server_info_t;
  47
  48 /* used in server to formulate challenge */
  49 typedef struct paa_challenge_t {
  50         const char      *realm;                         /* this is realm of challenge */
  51         const char      *domain;                        /* domain of challenge */
  52         char             challenge[512];                /* the output challenge */
  53         int              challengec;                    /* # of chars in challenge */
  54         /* sub-parts of challenge */
  55         char             encoded_challenge[512];        /* encoded challenge part */
  56         int              encc;                          /* # of chars in encoded challenge */
  57 } paa_challenge_t;
  58
  59 /* used in client to formulate response */
  60 typedef struct paa_response_t {
  61         const char      *userid;                        /* identity to be used for signature */
  62         const char      *realm;                         /* realm that client wants */
  63         char             challenge[PAA_CHALLENGE_SIZE]; /* input challenge */
  64         int              challengec;                    /* # if chars in input */
  65         char             response[PAA_CHALLENGE_SIZE * 2];      /* output response */
  66         int              respc;                         /* # of chars in output */
  67 } paa_response_t;
  68
  69 /* this struct holds the identity information in the paa response */
  70 typedef struct paa_identity_t {
  71         char             userid[32];            /* verified identity */
  72         char             client[128];           /* client address */
  73         char             realm[128];            /* client realm */
  74         char             domain[128];           /* client domain */
  75         int64_t          timestamp;             /* time of response */
  76 } paa_identity_t;
  77
  78 /* support functions */
  79 int paa_write_file(const char *, char *, unsigned);
  80 int paa_read_file(const char *, char *, size_t);
  81
  82 /* server initialisations - one time */
  83 int paa_server_init(paa_server_info_t *, unsigned);
  84
  85 /* body of pubkey access authentication challenge/response/check functionality */
  86 int paa_format_challenge(paa_challenge_t *, paa_server_info_t *, char *, size_t);
  87 int paa_format_response(paa_response_t *, netpgp_t *, char *, char *, size_t);
  88 int paa_check_response(paa_challenge_t *, paa_identity_t *, netpgp_t *, char *);
  89
  90 /* who are ya? */
  91 int paa_print_identity(FILE *, paa_identity_t *);
  92
  93 #endif