failsafe/FailSafe/cluster_services/include/ci_securecomm.h - view

Return to ci_securecomm.h CVS log

Up to [Development] / failsafe / FailSafe / cluster_services / include

File: [Development] / failsafe / FailSafe / cluster_services / include / ci_securecomm.h (download)

Revision 1.1, Thu Aug 31 19:16:32 2000 UTC (17 years, 1 month ago) by vasa
Branch: MAIN
CVS Tags: HEAD

Initial checkin

/*
 * Copyright (c) 2000 Silicon Graphics, Inc.  All Rights Reserved.
 * 
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of version 2.1 of the GNU Lesser General Public
 * License as published by the Free Software Foundation.
 * 
 * This program is distributed in the hope that it would be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * 
 * Further, this software is distributed without any warranty that it is
 * free of the rightful claim of any third person regarding infringement
 * or the like.  Any license provided herein, whether implied or
 * otherwise, applies only to this software file.  Patent licenses, if
 * any, provided herein do not apply to combinations of this program with
 * other software, or any other product whatsoever.
 * 
 * You should have received a copy of the GNU Lesser General Public
 * License along with this program; if not, write the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston MA 02111-1307,
 * USA.
 * 
 * Contact information: Silicon Graphics, Inc., 1600 Amphitheatre Pkwy,
 * Mountain View, CA 94043, or:
 * 
 * http://www.sgi.com 
 * 
 * For further information regarding this notice, see: 
 * 
 * http://oss.sgi.com/projects/GenInfo/NoticeExplan
 */
/*
 * ci_securecomm.h
 *
 * This file contains data structure definitions and function 
 * prototypes associated with secure communication among the
 * CHAOS daemons. CHOAS daemons can choose to use either
 * authentication or encryption or both. Currently, encryption
 * routines are just stubs. 
 *
 * The daemons can enable/disable authentication/encryption and
 * set the authentication/encryption keys through the routine
 * ci_securecomm_set. The first parameter is a bitmask 
 * (SC_AUTHENTICATE | SC_ENCRYPT) and determines whether 
 * authentication/encryption should be enabled/disabled. The 
 * other two parameters are pointers to the authentication and
 * encryption keys. NULL pointers can be passed in which case the
 * existing keys will continue to be used. Default keys are 8 bytes 
 * long. Both authentication and encryption are disable by default.
 *
 * Ci_securecomm_get can be used to check the current values of
 * the keys and to check whether authentication/encryption is
 * currently enabled/disabled.
 *
 * Ci_securecomm_reset sets the above parameters to their default
 * values.
 *
 * The routine ci_securecomm_key_create can be used to create the 
 * key structure given the key value and its size.
 *
 * Once secure communication has been enabled and the keys 
 * properly set, a call to ci_securecomm_makesecure adds a signature
 * to a message and encrypts it. A pointer to the "secure" message
 * is returned. This is the message that should be communicated to
 * daemons on other nodes. The secure message is returned in a buffer
 * that will be overwritten/freed in the next call to this routine.
 * The original message buffer stays untouched. If the library could
 * not allocate space for the "secure" message, NULL will be returned.
 *
 * When a message arrives, a call to ci_securecomm_verify should be
 * made to decrypt the message and to verify its authenticity. CI_SUCCESS
 * is returned on success, CI_FAILURE otherwise. The message is decrypted
 * in place and the encrypted message is lost.
 *
 * The secure communication library adds a header to each message sent
 * (in the call to ci_securecomm_makesecure). Once an arriving message has 
 * been "verified" a call to ci_securecomm_get_data will return a pointer
 * to the real message (i.e., beyond the header). This pointer points to a 
 * location in the original message buffer.
 *
 * Needless to say a pair of communicating daemons should have the same
 * kind of secure communication enabled and they must use the same keys.
 *
 * The library imposes a restriction on key length which is different
 * based on whether it was compiled with the -DDOMESTIC flag. See the
 * macros below for details.
 */

#ifndef CI_SECURECOMM_H
#define CI_SECURECOMM_H
#ident "$Id: ci_securecomm.h,v 1.1 2000/08/31 19:16:32 vasa Exp $"

#define SC_AUTHENTICATE	0x1
#define SC_ENCRYPT	0x2

#define SC_MAX_DOMESTIC_KEY_SIZE	4096
#define SC_MAX_OVERSEAS_KEY_SIZE	 512
#ifdef DOMESTIC
#define SC_MAX_KEY_SIZE	SC_MAX_DOMESTIC_KEY_SIZE
#else
#define SC_MAX_KEY_SIZE	SC_MAX_OVERSEAS_KEY_SIZE
#endif

#define SC_KEY_DEFAULT {{0xa, 0xb, 0xc, 0xd, 0xe, 0xf, 0xe, 0xd}, 8}

typedef struct ci_securecomm_key_s {
    char	key[SC_MAX_KEY_SIZE];
    uint32_t	size;
} ci_securecomm_key_t;

typedef struct ci_securecomm_hdr_s {
    uint32_t	len;
    __uint64_t	signature;
} ci_securecomm_hdr_t;

typedef struct ci_securecomm_msg_s {
    ci_securecomm_hdr_t	hdr;
    int			data[1]; /* Declared as int to ensure alignment */
} ci_securecomm_msg_t;

/* Prototypes from lib/libci/src/misc/ci_md5.c */
__uint64_t	MD5Digest(void *, int, void *, int);

/* Prototypes from lib/libci/src/misc/ci_securecomm.c */
void			ci_securecomm_set(int, ci_securecomm_key_t *,
					   ci_securecomm_key_t *);
int			ci_securecomm_get(int *, ci_securecomm_key_t *,
					   ci_securecomm_key_t *);
void			ci_securecomm_reset(void);
ci_securecomm_key_t *	ci_securecomm_key_create(ci_securecomm_key_t *,
						 void *, uint32_t);
void *			ci_securecomm_get_data(void *);
uint32_t		ci_securecomm_hdr_size(void);
uint32_t		ci_securecomm_msg_size(void *);
void *			ci_securecomm_makesecure(void *, uint32_t *);
ci_err_t		ci_securecomm_verify(void *);

#endif /* CI_SECURECOMM_H */